This chapter covers the following topics:
This chapter describes system administration features for Oracle E-Business Suite environments deployed on Oracle Cloud Infrastructure. For more information on general Oracle E-Business Suite system administration, see Oracle E-Business Suite Setup Guide, Oracle E-Business Suite Security Guide, and Oracle E-Business Suite Maintenance Guide.
After you deploy an Oracle E-Business Suite environment through Oracle E-Business Suite Cloud Manager, users can access the login page for the environment, and administrators can access the application tier and database tier nodes that make up the environment.
User Access
Before you can log in to Oracle E-Business Suite from a client computer, your network administrator must configure a DNS entry for the Oracle E-Business Suite host name. This entry lets the DNS server resolve the host name for the web entry point to the IP address.
The administrator should use the host name of the web entry point for the environment, including the domain name, to configure the DNS entry. For example, if the host for the web entry point is myhost and the domain is example.com, then the host name in the DNS entry should be: myhost.example.com
The IP address for the web entry point is available in the Oracle E-Business Suite Cloud Manager environment details page for the environment.
In situations such as demos where a DNS server is not readily available, you can modify the local hosts file on your client computer to enable host name resolution. To accomplish this, perform the following steps:
Update the /etc/hosts file on your client computer by adding a DNS entry in the following format:
<external_IP_address> <host_name>
You can now navigate to the Oracle E-Business Suite login page at the following URL:
[http|https]://<host_name>:<port>/OA_HTML/AppsLogin
For example:
http://myhost.example.com:8000/OA_HTML/AppsLogin
Note: For environments created through One-Click Provisioning, the protocol is https and the port is 4443. For environments created through Advanced Provisioning, the protocol and the port depend on the options selected in the Topology page.
Conditional Action: Additionally, if your environment was created through Advanced Provisioning or One-Click Provisioning or by promoting a standby environment, and the environment is at one of the following code levels, then Oracle E-Business Suite Cloud Manager initially places your Oracle E-Business Suite system in lockdown mode to prompt you to review and respond to the secure configuration recommendations.
Release 12.2.6 or the R12.ATG_PF.C.Delta.6 Release Update Pack or later
Release 12.1.3
In this case, a system administrator must resolve or acknowledge the recommended security configurations in the Secure Configuration Console to unlock the system for normal usage. See Review Secure Configuration Recommendations for Oracle E-Business Suite (Conditionally Required).
Administrator Access
After you create an Oracle E-Business Suite environment, as a database administrator (DBA) for the environment you will need to perform tasks such as starting and stopping services, applying patches, modifying files, and so on. One method to access the nodes that make up the environment is to connect through the Oracle E-Business Suite Cloud Manager Compute instance, as follows:
First, connect to your Oracle E-Business Suite Cloud Manager Compute instance that was created according to the instructions in Create Oracle E-Business Suite Cloud Manager Compute Instance. To connect, follow the instructions in Connecting to an Instance.
After you have logged on to the Cloud Manager Compute instance, change to the oracle user.
$ sudo su - oracle
You can now connect directly from the Cloud Manager Compute instance to the node you want in your Oracle E-Business Suite environment using the node's private IP address. Check the Oracle E-Business Suite Cloud Manager environment details page for your environment to find the private IP address for each application tier node and database tier node in the environment.
$ ssh <private_IP>
If you deployed a separate bastion server and you plan to manage access to the Oracle E-Business Suite environments from that bastion server, then you can copy the private key in /u01/install/APPS/.ssh/id_rsa from the Oracle E-Business Suite Cloud Manager VM to the appropriate home directories on the bastion server. Alternatively, you can create accounts for each individual user on the bastion host and a corresponding user on the Oracle E-Business Suite VMs that the user needs to manage. On each VM host, grant the user "sudo to oracle" access.
Note: If you uploaded SSH keys for the environment during provisioning, then you can use those keys to access the environment's nodes.
Database Administration Access
When you provision an environment through Advanced Provisioning, you must specify a database admin password as part of the database tier details. You can use this password to log in to the database as the SYS user and perform database administration tasks.
Additionally, if Transparent Data Encryption (TDE) is enabled for an environment created through Advanced Provisioning, then you can also use the same database admin password to access the TDE wallet for the new environment. TDE is enabled for the following types of environments provisioned using Advanced Provisioning:
All environments with a database tier on Base Database Service 1-Node or 2-Node DB System or Exadata Database Service Dedicated, including both new environments and environments created from a backup. Note that even if the source environment for a backup was not TDE-enabled, TDE is still enabled for environments that are created from that backup on Base Database Service 1-Node or 2-Node DB System or Exadata Database Service Dedicated.
All environments with a database tier on Compute that are created from a backup of a TDE-enabled source environment.
Environments with a database tier on Compute that are created from a backup of a non-TDE source environment, if you select the Enable TDE option during provisioning.
New environments created with Advanced Provisioning with a database tier on Compute, if you select the Enable TDE option during provisioning.
Note: TDE is not enabled for environments created with One-Click Provisioning. Also, TDE is not enabled if you do not select the Enable TDE option when it appears during Advanced Provisioning for environments on Compute.
System administrators can securely access the Fusion Middleware Control and WebLogic Server Administration Console in order to perform administration of an Oracle E-Business Suite Release 12.2 environment that was provisioned or cloned using Oracle E-Business Suite Cloud Manager on Oracle Cloud Infrastructure.
Administration of the Oracle Fusion Middleware 11g components delivered with Oracle E-Business Suite Release 12.2, including Oracle HTTP Server and Oracle WebLogic Server, requires secure access to the WebLogic Server administration ports running on the Oracle E-Business Suite primary application tier node. This section describes the steps a system administrator must follow each time they need to access the Fusion Middleware Control or WebLogic Server Administration Console in order to create a secure connection using SSH port forwarding.
You must have the following prerequisites to perform these steps:
An environment provisioned in Oracle E-Business Suite Cloud Manager on Oracle Cloud Infrastructure.
A security rule and firewall rules that allow inbound communication on the WebLogic Server administration ports on the primary application tier node from the Oracle E-Business Suite Cloud Manager VM. See Perform Post-Provisioning and Post-Cloning Tasks.
Access the Fusion Middleware Control and WebLogic Server Administration Console with SSH Port Forwarding
If you are a system administrator who needs access to the Fusion Middleware Control and WebLogic Server Administration Console to perform administrative tasks, follow these steps to create a secure connection from either a Windows or Linux client to the WebLogic Server administration port currently running on the Oracle E-Business Suite primary application tier node. You use SSH port forwarding to enable the connection.
Note: The SSH port forwarding steps must be performed and running in the background each time you connect to the URLs for the Fusion Middleware Control and WebLogic Server Administration Console from your browser.
These steps are required only for Oracle E-Business Suite Release 12.2. The required security rule and firewall rules must already be set up for the primary application tier node to allow inbound communication on the WebLogic Server administration ports.
Determine which WebLogic Server administration port is currently running on the primary application tier node. First set the environment to the run file system using the following command:
$ . <EBS_ROOT>/EBSapps.env run
Then obtain the current WebLogic Server administration port on the run file system, using the following command:
$ grep s_wls_adminport $CONTEXT_FILE
Make a note of the port for use in the next steps.
If you are using a UNIX client, perform this step to set up SSH port forwarding. If you are using a Windows client, skip this step and continue with step 3.
From a UNIX client, set up SSH port forwarding using the following command:
$ ssh -L localhost:<WLS_admin_port>:<primary_application_tier_node_private_IP_address>:<WLS_admin_port> opc@<EBS_Cloud_Admin_Tool_VM_IP_address>
If you are using a Windows client, perform this step to set up SSH port forwarding. If you are using a UNIX client, skip this step and continue with step 4.
From a Windows client, use PuTTY to set up SSH port forwarding. First, use the PuTTYgen tool to convert the private key for the Oracle E-Business Suite Cloud Manager VM into the appropriate format for PuTTY. In PuTTYgen, load the private key for the Oracle E-Business Suite Cloud Manager VM and click Save private key to save the key in the PuTTY format. Note that you should only load and save the existing key. Do not click the Generate button to generate a private key and public key again.
Then start a PuTTY session and enter the following settings to configure the session:
In the Category pane of the PuTTY Configuration window, choose Connection > SSH > Auth to display the Options controlling SSH authentication panel. In the Private key file for authentication field, select Browse and select the private key file for connecting to the Oracle E-Business Suite Cloud Manager VM.
In the Category pane of the PuTTY Configuration window, choose Connection > SSH > Tunnels to display the Options controlling SSH port forwarding panel. In the Source port field, enter the WebLogic Server administration port. In the Destination field, enter the private IP address of the application tier node followed by a colon and the WebLogic Server administration port (<primary_application_tier_node_private_IP_address>:<WLS_admin_port>). Then choose Add.
In the Category pane of the PuTTY Configuration window, choose Connection > Data to display the Data to Send to the Server panel. In the Auto-login username field, enter the following user name: oracle
In the Category pane of the PuTTY Configuration window, choose Session to display the Basic options for your PuTTY session panel. In the Host Name field, enter the public IP address of the Oracle E-Business Suite Cloud Manager VM. Then enter a name for this session in the Saved Sessions field and click Save to save the session with this connection configuration.
Then use the saved session to open a connection to the Oracle E-Business Suite Cloud Manager VM.
After you set up SSH port forwarding from your UNIX or Windows client, you can securely access the Fusion Middleware Control and WebLogic Server Administration Console. Launch a browser from your client and connect to the following administrative URLs as required.
Fusion Middleware Control - http://localhost:<WLS_admin_port>/em
WebLogic Server Administration Console - http://localhost:<WLS_admin_port>/console
You can review details of an Oracle E-Business Suite environment using Oracle E-Business Suite Cloud. Oracle E-Business Suite Cloud Manager provides many details on an environment, including:
General information, such as the Oracle E-Business Suite version, the Oracle E-Business Suite compartment and the network profile.
Its assigned backup policy, if any. You can also assign a backup policy to the environment using this page.
Topology information for the application tier and database tier.
Any backups created for the environment.
Any snapshots created from the environment.
Jobs related to the environment.
You can rediscover an environment to refresh its metadata in Oracle E-Business Suite Cloud Manager after an upgrade, including database upgrades from Oracle Database 12.1.0.2 or 11.2.0.4 to Oracle Database 19c, or Oracle E-Business Suite upgrades from Release 12.1 to Release 12.2. After the environment has been rediscovered, you can resume managing the environment through the Oracle E-Business Suite Cloud Manager UI. See Rediscover an Updated Environment.
For reviewing standby environments, refer to the section Review Standby Environment.
Prerequisites
Access Environment Details Page
For an environment that has been successfully provisioned, click the environment name in the Environments page to review more details for the environment.
You can use buttons provided in the Environment details page to clone (if applicable), create a snapshot (if applicable), back up, refresh, unregister, or delete an environment.
For more information on these capabilities, see:
Review General Information
The General Information region on the Overview page displays the following details:
Oracle E-Business Suite version
Number of application tier nodes
Number or database tier nodes
Oracle E-Business Suite Compartment, with the associated network profile name.
Version of the Oracle E-Business Suite Cloud automation tools with which the environment was provisioned
Last job, with a Status link for details
For more information, see: Monitor Job Status
Creation date and time
If applicable, the backup from which this environment was refreshed, with the backup type
If applicable, the refresh date and time
You can click the network profile name information link to review the details about the network resources defined in the network profile. See Set Up Network Profiles for more information.
The network profile window displays the following details:
Network Profile Description
Oracle E-Business Suite compartment
Network compartment
Region
VCN
Subnet type
Availability domain
Subnet access, either Private or Public
Database subnet
For the application tier nodes, the following are provided:
Application tier nodes subnet access, either Private or Public
Application tier nodes subnet name
The following load balancer information is shown:
Load balancer visibility type, either Private or Public
Load balancer subnet name
High availability subnet, if applicable. This field appears only if the subnet type is Availability Domain-Specific. The default subnet type is Regional.
Any Backup Policy defined for the environment is shown. If you want to specify a backup policy for this environment, click Assign under Backup Policy. For more information, see Schedule Backups.
See Set Up Scheduling Policies for more information on scheduling policies for backups.
Review Topology Information
The Topology tab includes information for the Application Tier, Database Tier, and their nodes.
Review Application Tier Information
The Application Tier region includes the following:
EBS Base
Middleware Licensing model
Storage Type
File System Type
Operating System
For a shared file system type, the following details are shown:
File System Name
File System OCID
File Storage Mount Target
Storage Type
For each zone defined for the application tier, the following details are shown:
Zone type
Web entry IP
Web entry type
If New Load Balancer (LBaaS), Use OCI Load Balancer, or Reuse InternalZone1 Load Balancer (for a secondary zone) was chosen when the Oracle E-Business Suite instance was provisioned, then the corresponding web entry type is shown as Load Balancer as a service.
A link to the Oracle E-Business Suite login page
LBaaS name, if any
For each node in each zone, the following details are provided:
Node ID
Fault domain
Shape
OCI Compute Instance OCID
Public IP
Private IP
Storage
Logical FQDN
DNS FQDN
Note that the primary node is designated with a "P" on its icon.
If the environment utilizes load balancing, you can add a node using the Add Node button. For more information on adding and deleting nodes, see: Add and Delete Nodes.
Review Database Tier Information
The Database Tier region displays the following:
Cloud Service Type
Creation Date and Time
Database Name
SQL*Net Port
Database Version
Pluggable database (PDB) Name
Oracle Home
Operating System
Shape
VM Cluster Name (for Exadata Database Service Dedicated only)
Database patch level
Update date for the database patch level
Database edition
Cluster name
For each database tier node, the following is included:
Node ID
Fault domain
Public IP
Private IP
Logical FQDN
DNS FQDN
Review Backups
If any backups have been created for the environment, you can select the Backups tab to view the list of backups. See Review Backups.
Use the Search box to search for a specific backup.
To begin provisioning an environment from a backup, click Action for that backup and select Provision Environment.
See Advanced Provisioning for more information.
To refresh this environment from one of its backups, click Action for that backup and select Refresh. See Refresh an Oracle E-Business Suite Environment.
You can also select Delete from the Action menu for a backup to delete it.
See Delete a Backup for more information.
Review Snapshots
If applicable, the Snapshots tab lists snapshots created from this environment.
For each snapshot, the following is shown:
Name
Last Job
Creation date and time
You can click on a snapshot name to navigate to the Snapshot Details page. From the Snapshot Details page, you can create a clone of that snapshot. See Review Snapshot Details for more information.
Review Jobs
The Jobs tab lists jobs associated with the environment.
You can use the Search box to search for a specific job.
For each job, the following fields are shown:
Job
Status
Action
Submitted by
Started
Finished
Click on a job name to navigate to the Job Details page.
See: Monitor Job Status for more information.
You can review details of a standby environment you created in Oracle Applications Manager.
After a standby environment is created, the Last Job field has the value "setup-standby (Successful)" with a link to the job details. See Review Job Status for more information.
Details on standby environments include:
General information, such as the Oracle E-Business Suite version, the Oracle E-Business Suite compartment and the network profile.
Its standby status.
Topology information for the application tier and database tier.
Jobs related to the environment.
Synchronization details.
For information on creating a standby environment, see: Create a Standby Environment for Oracle Cloud Infrastructure from an On-Premises Environment.
Access Environment Details Page
For a standby environment that has been successfully provisioned, click the environment name in the Environments page to review more details for the environment.
Review General Information
The overview section displays the following details:
Oracle E-Business Suite version
Release with which the environment was provisioned
Oracle E-Business Suite Compartment, with the associated network profile name.
Standby status
Environment role
Number of application tier nodes and database tier nodes
Last job, with a Status link for details
For more information, see: Monitor Job Status
Creation date and time
You can click the network profile name information link to review the details about the network resources defined in the network profile. See Set Up Network Profiles for more information.
The network profile window displays the following details:
Network Profile Description
Oracle E-Business Suite compartment
Network compartment
Region
VCN
Subnet type
Availability domain
Subnet access, either Private or Public
Database subnet
Review Topology Information
The Topology tab includes information for the Application Tier, Database Tier, and their nodes.
For more information on adding and deleting nodes, see: Add and Delete Nodes.
The Application Tier region lists the Oracle E-Business Suite base directory with the following details:
File System OCID
Middleware Licensing Model
Operating System
If the File System Type is Shared, the following information is given:
File Storage Mount Target
File System Name
Storage Type
For each zone, the following is shown for each node:
Node ID
Fault Domain
Shape
Public IP
Private IP
Logical FQDN
DNS FQDN
OCI Compute Instance OCID: You can click the Show link to see the entire OCID or Copy to copy it.
Note that the primary node is designated with a "P" on its icon.
The Database Tier region list the following:
For the Database Tier region, the following information is shown:
Cloud Service Type
Database Name
Database System Name
Database Patch Level
Database Patch Level Updated Date
Database Version
Pluggable Database Name
Database Edition
SQL*Net Port
Creation date and time
Shape
Cluster Name
Oracle Home
For each database node, the following information is listed:
Node ID
Fault Domain
Public IP
Private IP
Logical FQDN
DNS FQDN
Review Jobs
The Jobs tab lists jobs associated with the standby environment.
If a job has been restarted from a parent job, a link is provided for details for the parent.
You can use the Search box to search for a specific job.
For each job, the following fields are shown:
Job
Status
Action
Submitted by
Started
Finished
Click on a job name to navigate to the Job Details page.
See: Monitor Job Status for more information.
Review Synchronization Details
Details for a synchronization process are shown on the Synchronization Details tab. Use the Refresh button to refresh the data.
For the Application Tier, the following fields are shown:
Rsync Status
Last Rsync Timestamp
Total Number of Files
Synchronized Number of Created Files
Number of Deleted Files
For the Database Tier, the following fields are shown:
Database Role
Database Open Mode
Database Unique Name
Data Guard Status
Last Sequence in Primary
Last Sequence in Standby
Last Redo Log Applied Timestamp
Last Transport Lag
Last Apply Lag
Standby Apply Status
Protection Mode
Use the Promote button to promote the standby environment. See: Promote a Standby Environment for more information.
You can also delete a standby environment using the Delete button. See: Delete a Standby Environment for more information.