| Oracle® Fusion Applications Installation Guide 11g Release 6 (11.1.6) Part Number E16600-22 |
|
|
PDF · Mobi · ePub |
| Oracle® Fusion Applications Installation Guide 11g Release 6 (11.1.6) Part Number E16600-22 |
|
|
PDF · Mobi · ePub |
This chapter describes the prerequisites for provisioning a new applications environment.
This chapter includes the following sections:
In order to provision a new Oracle Fusion Applications environment, you must ensure that your system meets certain requirements and that you perform the necessary prerequisite tasks in preparation for an installation of Oracle Fusion Applications product offerings.
Review the following prerequisites:
This release of Oracle Fusion Applications relies on supported platforms documentation for Oracle Fusion Applications to supply certified versions of Oracle components. This documentation provides details about hardware and software, minimum disk space and memory requirements, required system libraries, packages, or patches, and minimum database requirements. Consult an Oracle Fusion Applications sizing-certified representative to obtain specific, customized system hardware requirements.
Note:
The self-signed certificate is set to three years when provisioning is complete.
If you are downloading Oracle Fusion Applications 11g Media Pack for the following platforms, then use version 5.52 or later of the 64-bit UnZip utility to extract the Oracle software. UnZip is freeware that is available at: http://www.info-zip.org.
IBM AIX on POWER Systems (64-bit)
Oracle Solaris on SPARC (64-bit)
Oracle Solaris on x86-64 (64-bit)
If you are downloading Oracle Fusion Applications 11g Media Pack for the Microsoft Windows x64 (64-Bit) platform, then use 7zip v9.20 to extract the Oracle software.
Oracle Fusion Applications is supported on the following platforms:
Linux x86-64
Oracle Solaris
IBM AIX on POWER Systems (64-Bit)
Microsoft Windows x64 (64-Bit)
As the Oracle Fusion Applications 11g Media Pack is specific for a platform, you must install Oracle Fusion Applications on the same platform. This includes the Oracle Database, Oracle Identity Management, and Oracle Fusion Applications.
Oracle Fusion Applications supports only Oracle Database 11.2.0.3 for storing transactional data. You can install either a single-instance Oracle Enterprise Edition Database or Oracle Real Application Clusters. See Chapter 3 for more information about database installations.
Review this section to learn about Oracle Identity Management components required for Oracle Fusion Applications, review references to documentation about installing those components, and read about how to create an IDM properties file that can supply default configuration parameters in your response file.
Note that during the Oracle Identity Management component installation, you must set up a super user in the identity store. This user has the administrative and functional setup privileges necessary for installation and provisioning. The user name you provide must correspond to the uid attribute in the identity store.
Note:
You must install Oracle Identity Management and Oracle Fusion Applications on different hosts. Installing Oracle Identity Management and Oracle Fusion Applications on the same host is not a supported topology.
Oracle Identity Management for Oracle Fusion Applications 11g Release 6 (11.1.6) includes patches for the following products that are installed in the Oracle Identity Management domain:
Oracle Internet Directory
Oracle Virtual Directory
Oracle Directory Services Manager
Oracle Platform Security Services
Oracle Web Services Manager
Oracle Identity Manager
Oracle Access Manager
Oracle Identity Federation
Oracle IDM Tools
Oracle WebGate
The following sections provide an overview of the Identity Management Domain, Nodes, and Oracle Homes for Oracle Fusion Applications 11g Release 6 (11.1.6).
WEBLOGIC_ORACLE_HOME - The following Oracle products are installed in this Oracle Home:
Oracle WebLogic Server
IDM_ORACLE_COMMON_HOME - This is also known as the ORACLE_COMMON_HOME. The following Oracle Identity Management products are installed in this Oracle Home:
Oracle Platform Security Services
Oracle Web Services Manager
IDM_ORACLE_HOME - This is also known as the OID_ORACLE_HOME. The following Oracle Identity Management products are installed in this Oracle Home:
Oracle Internet Directory
Oracle Virtual Directory
Oracle Directory Services Manager
Oracle Identity Federation
WEBLOGIC_ORACLE_HOME - The following Oracle products are installed in this Oracle Home:
Oracle WebLogic Server
IAM_ORACLE_COMMON_HOME - This is also known as the ORACLE_COMMON_HOME. The following Oracle Identity Management products are installed in this Oracle Home:
Oracle Platform Security ServicesOracle Web Services Manager
AM_ORACLE_HOME - This is also known as the OIM_ORACLE_HOME. The following Oracle Identity Management products are installed in this Oracle Home:
Oracle Identity Manager
Oracle Access Manager
Oracle IDM Tools
OIF_ORACLE_HOME
Oracle Identity Federation
SOA_ORACLE_HOME - This is typically installed under the IAM_ORACLE_HOME. The following products are installed in this Oracle Home:
Oracle SOA Suite
OHS_ORACLE_HOME - This is also known as the WEBTIER_ORACLE_HOME. The following Oracle products are installed in this Oracle Home:
Oracle HTTP Server
OHS_ORACLE_COMMON_HOME - This is also known as the ORACLE_COMMON_HOME. The following Oracle Identity Management products are installed in this Oracle Home:
Oracle Platform Security ServicesOracle Web Services Manager
WEBGATE_ORACLE_HOME - The following Oracle Identity Management products are installed in this Oracle Home:
Oracle WebGate
RDBMS_ORACLE_HOME - This is your ORACLE_HOME of the Database. You must apply the mandatory database patches to this Oracle Home.
Oracle Database
The software and patches for Oracle Identity Management for Oracle Fusion Applications 11g Release 6 (11.1.6) are available in the FA Repository under REPOSITORY_LOCATION/installers. Please review the individual patch Readme before applying them.
Note:
Upgrading from a prior release:
If you are upgrading your Oracle Identity Management for Oracle Fusion Applications 11g Release 1, Update 3 (11.1.4) to Release 5 (11.1.5), then refer to the Oracle Fusion Applications Patching Guide.
If you are upgrading your Oracle Identity Management for Oracle Fusion Applications 11g Release 1, Update 2 (11.1.2) to Update 3 (11.1.4), then refer to Support Note: 1435333.1.
If you are upgrading your Oracle Identity Management for Oracle Fusion Applications 11g Release 1, Update 1 (11.1.3) to Update 2 (11.1.4), then refer to Support Note: 1441704.1.
Upgrade customers can ignore the Superset patch warning:
Starting with Oracle Fusion Applications 11g Release 6 (11.1.6), Oracle recommends that you apply all FMW patches on the IDM domain using OPatch with the napply option. This option facilitates applying all the patches in a directory in one go. You don't need to download the individual patches, extract them, and install them one after another. The FA Repository contains all the required patches for Oracle Fusion Middleware Patch Set 5 (11.1.1.5.0). Because your environment may already have some patches, you may see the Superset warning when you apply some patches. You can ignore this.
The following section details the Oracle Identity Management Patches for the IDM Domain:
Ensure that you meet the following requirements before you install or deinstall the patch:
Review and download the latest version of OPatch 11.1.x via Bug 6880880 (OPatch version 11.1.0.8.2 or later).
Oracle recommends that you be on the latest version of OPatch. Review the My Oracle Support note 224346.1-Opatch-Where Can I Find the Latest Version of Opatch?For FMW Opatch usage, see the OPatch document available at: http://download.oracle.com/docs/cd/E21764_01/doc.1111/e16793/opatch.htm.
Verify the OUI Inventory
OPatch needs access to a valid OUI inventory to apply patches. Validate the OUI inventory with the following command: $ opatch lsinventory.
If the command causes an error, contact Oracle Support and work to validate and verify the inventory setup before proceeding.
Confirm that the executables appear in your system PATH.
The patching process uses the unzip and OPatch executables. After setting the ORACLE_HOME environment, confirm whether the following executables exist before proceeding to the next step:
which opatch
which unzip
If either of these executables do not show in the PATH, correct the problem before proceeding.
The patches for Oracle Database 11.2.0.3.0 are available under the FA Repository/installers/database directory.
Set your Oracle Home to your RDBMS_ORACLE_HOME.
Apply PSU.
Review the patch Readme and apply the PSU located in the
FA Repository/installers/database/psu directory. If the opatch results in any conflicts, roll back the conflicting patches before installing the PSU.
Apply database patches
Review the patch Readme and apply all patches in the
FA Repository/installers/database/patch directory. Use opatch with the napply option to apply all patches.
Note:
The minimum supported RDBMS version for Oracle IDM database is 11.2.0.3.0.
The WebLogic server patches are available under the FA Repository/installers/smart_update/weblogic directory. Follow the patch Readme and apply all the patches in the directory. Use the following command to apply all the patches:
java -jar FA Repository/installers/smart_update/suwrapper/bsu-wrapper.jar
-bsu_home=/bea/mw_home/utils/bsu
\ -meta=./suw_metadata.txt -install
\ -patchlist=<WLS Patch List>
\ -patch_download_dir=FA Repository/installers/smart_update/weblogic\ -prod_dir=/u01/oim/wlserver_10.3
For the WLS Patch List, provide a comma-separated list of WLS patches from the following directory in the FA Repository: FA Repository/installers/smart_update/weblogic
The patches for this Oracle home are available under the
FA Repository/installers/pltsec/patch directory that is appropriate for your platform. Follow the patch Readme and apply all the patches in the directory.
Set your Oracle Home to IDM_ORACLE_HOME.
Use opatch with the napply option to apply all patches.
Post-Patch Instructions. The Oracle Internet Directory Patch has post-patching instructions that are described in the Readme. Ensure that you complete them.
Patch the Common Oracle Homes on All Nodes
Your deployment should have at least these (if not more) Common Oracle homes.
IDM_ORACLE_COMMON_HOME
IAM_ORACLE_COMMON_HOME
OHS_ORACLE_COMMON_HOME
The patches for these Oracle homes are available under the
FA Repository/installers/oracle_common/patch directory that is appropriate for your platform. Follow the patch Readme and apply all the patches in the directory.
Set your Oracle Home to the appropriate Common Oracle home.
Use opatch with the napply option to apply all patches.
Note:
You must apply all the patches to all the Common Oracle homes.
Patch IAM_ORACLE_HOME
The patches for this Oracle home are available under the
FA Repository/installers/idm/patch directory that is appropriate for your platform. Follow the patch Readme and apply the patches in the directory.
Set your Oracle Home to IAM_ORACLE_HOME.
Use opatch with the napply option to apply all patches.
Post-Patch Instructions
The Oracle Identity Manager Patch has post-patching instructions that are described in the Readme. Ensure that you complete them.
The Oracle Access Manager Patch has post-patching instructions that are described in the Readme. Ensure that you complete them.
The Oracle IDM Tools Patch has post-patching instructions that are described in the Readme. Ensure that you complete them.
Patch SOA_ORACLE_HOME
The patches for this Oracle home are available under the
FA Repository/installers/soa/patch directory that is appropriate for your platform. Follow the patch Readme and apply the patches in the directory.
Set your Oracle Home to SOA_ORACLE_HOME.
Use opatch with the napply option to apply all patches.
Patch OIF_ORACLE_HOME
The patches for this Oracle home are available under the
FA Repository/installers/oif/patch directory that is appropriate for your platform. Follow the patch Readme and apply the patches in the directory.
Set your Oracle Home to OIF_ORACLE_HOME.
Use opatch with the napply option to apply all patches.
Patch OHS_ORACLE_HOME
The patches for this Oracle home are available under the FA Repository/installers/webtier/patch directory that is appropriate for your platform. Follow the patch Readme and apply the patches in the directory.
Set your Oracle Home to OHS_ORACLE_HOME.
Use opatch with the napply option to apply all patches.
Patch WEBGATE_ORACLE_HOME
The patches for this Oracle home are available under the
FA Repository/installers/webgate/patch directory that is appropriate for your platform. Follow the patch Readme and apply the patches in the directory.
Set your Oracle Home to WEBGATE_ORACLE_HOME.
Use opatch with the napply option to apply all patches.
These components must be installed and configured specifically for use with Oracle Fusion Applications.
Two instances of Oracle Database 11.2.0.3. One for the Identity Store and the other for the Policy Store.
Oracle Internet Directory 11g (OID)
Oracle Virtual Directory 11g (OVD)
Oracle Identity Manager 11g (OIM)
Oracle Access Manager 11g (OAM)
Note:
The installers for OAM and OIM are included among the installers in the provisioning repository.
Follow the instructions in Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management (Oracle Fusion Applications Edition) to install and configure these components. Keep a record of the configuration details. You must supply them to the Provisioning Wizard when you create your response file.
Apply all mandatory Oracle Identity Management patches, as listed in the "Oracle Identity Management Patches for the FA Domain" section of Oracle Fusion Applications release notes.
See Section 4.1 for information about the configuration details required by provisioning. For specific information about how provisioning links the Oracle Identity Management components and your new applications environment, see Section 4.1.3 and Section 5.1.3.
A properties file, idmDomainConfig.param, is generated the first time you run the idmConfigTool during the installation and configuration of an Oracle Identity Management environment. Each time you make changes to that environment, the new information is appended to the properties file. This file includes the configuration values that you must supply to the Provisioning Wizard when you create a response file. These values must be included in your response file in order to integrate Oracle Identity Management components with an Oracle Fusion Applications environment. The idmConfigTool is located in IDM_ORACLE_HOME/idmtools/bin. The properties file is created in:
IDM_ORACLE_HOME/idmtools/bin/idmDomainConfig.param.
See "About Input to the Fusion Applications Provisioning Tool" in Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management (Oracle Fusion Applications Edition). Note that you must run idmConfigTool from the same location each time to prevent the creation of duplicate idmDomainConfig.param files that contain only partial information.
If IDM_ORACLE_HOME/idmtools/bin/idmDomainConfig.param is in a shared location, you can point the Provisioning Wizard to that location so that it can read the values directly from the file. If you do not have direct access, you can copy the file to an accessible location and point the Provisioning Wizard to that location. You specify the path to the properties file on the IDM Properties File screen when you create the response file.
Consider installing Oracle Enterprise Governance, Risk and Compliance (GRC) with Oracle Fusion Applications. Although not required, GRC can serve as part of the user provisioning flow to ensure that proper controls for security exist. For more information, see "Security Components: How They Fit Together" in the Oracle Fusion Applications Security Guide and the Oracle Application Access Controls Governer Implementation Guide.
This section describes the platform specific known issues and their resolution.
The Microsoft Windows utility Xcopy does not copy long path names. Therefore, do not use Xcopy to copy Fusion Applications repositories and APPLTOP.
Resolution: Use Robocopy instead of Xcopy.
On Microsoft Windows, if Oracle WebCenter Content Management is not installed properly, ODI Offline Preverification fails in Oracle Fusion Applications Release Update Patches (RUP) Installer.Oracle WebCenter Content Management install fails with the following error:
[C\AT\fusionapps\ecm\ucm\Distribution\Kofax\Autorun.inf (Access is denied)]
Resolution:
Disable Prevent remote creation of autorun files from McAfee ePolicy Orchestrator (ePO) in the FusionApp Windows boxes before starting the RUP Installer.
When the install is done, enable it again.
Before creating your new environment, review the following actions in this section to help ensure a smooth installation.
For IBM AIX on POWER Systems (64-Bit) platforms, run the following commands as the root user:
no -o rfc1323=1
no -o sb_max = 4194304
For IBM AIX on POWER Systems (64-Bit) platforms, the provisioning install phase installs the Oracle Database client and a database patch update. To prepare your environment for this action, set the SKIP_SLIBCLEAN environment variable as follows:
SKIP_SLIBCLEAN = TRUE;export SKIP_SLIBCLEAN;
Run /usr/sbin/slibclean as root and ensure that the value TRUE is in uppercase as this value is case sensitive.
When installing a transaction database with the Provisioning Wizard on IBM AIX on POWER Systems (64-bit), you must add the following variable to the command line syntax used to start the wizard:
export SKIP_ROOTPRE=TRUE
On IBM AIX on POWER Systems (64-Bit) systems, the provisioning performance slows down or times out when the Oracle Fusion Applications Provisioning host, the Oracle Database host, and the Oracle Identity Management host are located in different subnets or when these hosts are situated at a distance of more than four network hops.
For provisioning, use the hosts that are located in the same subnet or the hosts that are within a distance of four network hops.
For Oracle Solaris platforms, ensure that the Solaris Operating System patch 144540-01 is installed on the servers. Do this for both Oracle Solaris on SPARC (64-Bit) and Oracle Solaris on x86-64 (64-Bit) platforms. The Solaris OS patch 144540-01 can be obtained from My Oracle Support.
Increase the limit of open files to 16384 or higher for the operating system.
For Linux x86-64:
Modify /etc/security/limits.conf to read as follows:
FUSION_USER_ACCOUNT soft nofile 327679
FUSION_USER_ACCOUNT hard nofile 327679
Edit /etc/ssh/sshd_config as follows:
Set UsePAM to Yes.
Restart sshd.
Logout (or reboot) and log in again.
Increase the maximum open files limit.
Edit /proc/sys/fs/file-max and set it to 6553600. The change becomes effective immediately but does not persist after a reboot. To make the change permanent edit /etc/sysctl.conf and set fs.file-max = 6553600. This change will not be effective until the sysctl command is run or the server is rebooted.
For Oracle Solaris on SPARC (64-Bit):
Edit /etc/system and set as follows:
set rlim_fd_cur=327679
set rlim_fd_max=327679
For IBM AIX on POWER Systems (64-Bit):
Modify /etc/security/limits defaults to read as follows:
fsize = -1
core = 2097151
cpu = -1
data = 1024000
rss = 512000
stack = -1
stack_hard = -1
nofiles = 327679
nofiles_hard = 327679
For All Platforms:
Typically, you would have max user processes set to 16384:
$ulimit -u
16384
For Unix platforms, confirm that the host names are correctly formatted in /etc/hosts, for each host that is participating in provisioning. Review /etc/hosts for each participating host and edit any host entries that do not meet the following recommendations:
The format for each host entry should follow this format:
IP_address canonical_hostname [aliases]
The canonical_hostname should be the same as the fully qualified host name. Errors can occur if a short version, or alias, of the host name is specified first in /etc/hosts. The usage of aliases is optional and can be left empty. Examples of correct and incorrect entries follow:
(Correct) 141.80.151.100 myMachine.company.com myMachine (Incorrect) 141.80.151.100 myMachine myMachine.company.com
If the machine name is a logical host name and is different from the physical host name specified in /etc/sysconfig/network, then the entry for the logical machine should be listed before the entry of the physical host name in /etc/hosts. If the machine is always accessed using its logical host name, there is no need to have an entry for the physical host name in /etc/hosts. Examples of entries in the correct order follow:
141.80.151.100 myLogicalMachine.company.com myLogicalMachine 141.80.151.100 myPhysicalMachine.company.com myPhysicalMachine
If the order of host names is reversed from what is shown in the example, then there may be errors in retrieving the logical host name.
Note:
Do not enter multiple host aliases into a single line in the /etc/hosts file. There are some software components which do not process a line with more than 700 characters. You may encounter error messages during provisioning phases, such as "UNABLE TO OPEN CREDENTIAL STOREFAILED TO ADUTPSINITIALIZE" caused by incorrect resolution of the host names. If you have a host that has many aliases, then limit the line to 700 characters and break it down into separate lines. Ensure that each line begins with the IP_address and canonical_hostname, then the aliases.
Make sure the hosts have enough entropy values in the provisioning hosts. If this value is less than 1000, increase it to a value to a greater value using the rngd command. Run these commands as the root user for the current session:
To check the entropy value:
cat /proc/sys/kernel/random/entropy_avail
To increase the entropy value:
rngd -r /dev/urandom -o /dev/random
To set the rngd service to start automatically after rebooting the host, enter the following text into a script, such as, start.rngd, and run the script as root user:
#! /usr/bin/perl -w
.
# minimum required bytes to be happy with the device
my $want_bytes = 8192;
.
# list of commands to check
my clist = qw(/sbin/rngd /usr/sbin/rngd); S
.
# list of device names to check
my slist = qw(
/dev/hwrandom /dev/hw_random /dev/hwrng /dev/intel_rng /dev/i810_rng
/dev/urandom
);
.
.
use Fcntl qw(O_RDONLY);
.
# find the rngd binary
my $command;
.
foreach (clist) {
-x && ($command = $_) && last;
}
.
# stop if rngd isn't installed
defined $command || die "$0 error: rngd is not installed\n";
.
.
# look for a hw random device
my $source;
my $continue = 1;
$SIG{'ALRM'} = sub { $continue = 0 };
.
foreach my $test (slist) {
-e $test || next;
.
alarm 2;
$continue = 1;
.
my $bytes = 0;
.
sysopen FILE, $test, O_RDONLY or next;
while ($continue) {
sysread FILE, $_, 4096 or last;
$bytes += length $_;
}
close FILE;
.
if ($bytes > $want_bytes) {
$source = $test;
last;
}
}
.
.
# use the select command and source
print "starting $command with $source... ";
system "$command -r $source";
print "done.\n";
.
exit 0;
For Microsoft Windows x64 (64-Bit) platforms, complete these steps on each provisioning host:
Create a domain\user that is part of the Administrators group.
Log in as the user that you created.
Run secpol.msc (security policy) and add the domain\user that you created to "Log on as service" under the Local Policies, User Rights Assignment option.
Create a folder on a shared disk which will be the Oracle Fusion Applications Home (denote this location as APPLICATIONS_BASE). The folder must be accessible to all hosts in the provisioned environment. The name of the folder must not exceed eight characters. For example, create a folder called appbase at \ComputerName and refer to the folder as \ComputerName\appbase
Create a symbolic link to the folder that you created in Step 4. Perform this step on all hosts to be provisioned. For example, at the MS-DOS prompt, type the following:
C:\>mklink /d C:\falink \ComputerName\appbase
Make note of the location and the name of the symbolic link. Later when you create the provisioning response file, enter C:\falink in the Oracle Fusion Applications Home field.
Note:
For non-Windows platforms, you must enter the full file path in the Provisioning Wizard UI when prompted (for example, Oracle Fusion Applications Home, Applications Configuration Directory, and so on). Using symbolic link paths will cause provisioning failure in the later phases.
Confirm that a file or folder can be created through the symbolic link from all hosts in the provisioned environment.
If you choose not to use the default location, APPLICATIONS_BASE\instance, as the Applications Configuration Directory, then repeat Steps 5 and 6 to create another symbolic link to the location of your choice. Later when you create the provisioning response file, enter the newly created symbolic link in the Applications Configuration Directory field. If you choose to use the default location, for example, then enter C:\falink\instance in the Applications Configuration Directory field.
Before provisioning, change the Virtual Memory setting to Custom Size in the Advanced System Settings of the Microsoft Windows operation system. The recommended Initial Size is one and one-half times the physical RAM and Maximum Size is three times the physical RAM.
Ensure that no other windows or sessions are open while running provisioning. Do not access any of the files or directories under APPLICATIONS_BASE/instance/, which can create locking of the resources and cause failure.
You must define your local port range to ensure that it does not overlap with the ports used by the Java Virtual Machines (JVMs) and other servers. This action avoids port conflicts during server startup. To view and modify localRange:
For Linux x86-64:
To view:
$cat /proc/sys/net/ipv4/ip_local_port_range
To modify:
$echo "32768 61000" > /proc/sys/net/ipv4/ip_local_port_range
To make the local port range permanent after server restart, add (or update) the following line in /etc/sysctl.conf:
net.ipv4.ip_local_port_range = 32768 61000
For Oracle Solaris
To view:
#/usr/sbin/ndd /dev/tcp tcp_smallest_anon_port tcp_largest_anon_port
To modify:
#/usr/sbin/ndd -set /dev/tcp tcp_smallest_anon_port 32768
#/usr/sbin/ndd -set /dev/tcp tcp_largest_anon_port 61000
For IBM AIX on POWER Systems (64-Bit):
To view:
#/usr/sbin/no -a | fgrep ephemeral
To modify:
#/usr/sbin/no -o tcp_ephemeral_low=32768 -o tcp_ephemeral_high=61000
Typically, the port range settings would be as follows:
$ /usr/sbin/no -a | fgrep ephemeral
tcp_ephemeral_high = 61000
tcp_ephemeral_low = 32768
udp_ephemeral_high = 61000
udp_ephemeral_low = 32768
For more information about setting port values, see "Viewing and Changing Ports for Components" in Oracle Fusion Applications Administrator's Guide.
All engine and data tier servers (including SIP) must accurately synchronize their system clocks to a common time source, to within one or two milliseconds. Large differences in system clocks can cause severe problems.
The shared drive such as, Network File System (NFS) or Common Internet File System (CIFS) must support file locking. For NFS Version 3 and NFS Version 4 , the advisory locking must be configured for the NFS mount. This applies to all UNIX platforms.
Before provisioning, ensure that the provisioning server and the computer hosting Oracle Access Server have the same date and time stamp settings. The WebGate installation fails with an Oracle Access Manager certificate error if the date and time settings on the provisioning server are different from the Oracle Access Server.
Before you install the Oracle Database using the Provisioning Wizard, ensure that the value of the kernel parameter shmmax on the database host is greater than the value of the System Global Area (SGA) Memory.
The value of SGA Memory (sga_target) is 9 GB in the default Database Configuration Assistant (DBCA) template for the Starter database. If you are running DBCA using the production DBCA template packaged with Oracle Fusion Applications Provisioning, the value of the SGA Memory is 18 GB. Ensure that shmmax > (shmall * shmmni) > SGA Memory, where shmmax, shmall, shmmni are kernel parameters.
For example, to retrieve the values of these kernel parameters on Linux, use the following command:
user@host> /sbin/sysctl -a | grep shm kernel.shmmni = 4096 kernel.shmall = 3145728 kernel.shmmax = 12884901888
To set the value of a kernel parameter:
user@host> /sbin/sysctl -w sys.kernel.shmmax=value
Before provisioning an Oracle Fusion Applications environment make sure the LIBPATH variable is not set. See Section 5.4.1 for details.
For Unix:
Use env or echo $LIBPATH to check if the variable is set.
Use unsetenv LIBPATH to unset the variable.
For each provisioning host, ensure that there is atleast 4 GB free space available for /tmp before installing Oracle Fusion Applications on the provisioning hosts. If the disk space for /tmp is low, you will encounter performance issues. In this case, you should make disk space available or restart the hosts to clean up /tmp.
Oracle Fusion Applications provisioning uses "Bash" as the default shell on Unix platforms. Make sure /bin/bash shell is installed on the hosts before provisioning an Oracle Fusion Applications environment.
If you are provisioning on Unix platforms, ensure that the en_US.UTF-8 locale is installed on the operating system of the provisioning hosts. Oracle Business Intelligence expects the en_US.UTF-8 locale in the operating system before provisioning the Oracle Fusion Applications environment. If the en-US.UTF-8 locale is not installed, you will encounter an error during the provisioning configure phase. The runProvisioning-bi-configure.log displays the following error message:
FAILED:Distributing Repository
Error:
<APPLICATIONS_BASE>/fusionapps/bi/bifoundation/provision/scripts/bidomain/bi-install.xml:274: exec returned: 1.
Inspecting the oraInventory logs, it indicates that the EN_US.UTF-8 locale needs to be installed on the provisioning host for Oracle Business Intelligence. The error message is:
Executing Task: Distributing Repository
[CONFIG]:Distributing Repository
ReEncrypting RPD: [nQSError: 46116] The locale EN_US.UTF-8 needs to be installed on the machine for the Oracle BI locale setting english-usa specified in NQSConfig.INI.javax.management.RuntimeMBeanException:javax.management.RuntimeMBeanException: Repository File '<APPLICATIONS_CONFIG>/BIInstance/tmp/OracleBIApps.rpd' does not exist or is not accessible.
If you encounter this error during the configure phase, install the missing locale and then retry the configure phase to complete the task.
This step is applicable ONLY on Oracle Linux and Red Hat Enterprise Linux when Smart Common Input Method (SCIM) is used along with Virtual Network Computing (VNC) to perform tasks on a remote system.
If you are using Oracle Linux or Red Hat Enterprise Linux, you may have Smart Common Input Method (SCIM) installed and running. SCIM may prevent you from entering a password in the Provisioning Wizard when you use Virtual Network Computing (VNC).
You can resolve this issue by implementing either one of the following steps:
Edit the ~/.scim/config file:
Either add entry "/FrontEnd/X11/Dynamic = true" to ~/.scim/config or if entry "/FrontEnd/X11/Dynamic" exists in ~/.scim/config edit its value to "true".
Kill any already running vncserver processes
$ ps -ef | grep -i vncserver
$ kill -9 <all vncserver processes>
Restart vncserver
$ vncserver
OR
Remove the SCIM packages completely from the computer.
The provisioning repository contains all the installers required to provision a new Oracle Fusion Applications environment. You download the repository from the Oracle Fusion Applications Product Media Package to a location of your choice (repository_location).
Note:
If you want to set up a demilitarized zone (DMZ) for the web tier in your new environment, see Section 2.5 before you create the repository.
Oracle groups its software releases by product area. A Product Media Pack refers to those groupings. Each media pack may also include a zipped file containing electronic documentation files or "Quick Install" files, which facilitate the initial installation of the software.
Note:
For installations of Oracle Fusion Applications, you must have available the complete set of software contained in the product media pack. You cannot install from individual pieces. Therefore, if you need to install from media that is no longer available on Oracle Software Delivery Cloud, contact My Oracle Support to obtain the complete media pack.
Once you have completed the software licensing agreements, you can obtain the Oracle Fusion Applications software using one of these two methods:
Oracle Software Delivery Cloud Portal: Provides you with a readme document that helps you to determine which media you need to fulfill the license you have purchased. You download only the media you need. This is the default delivery method.
Oracle Store: Provides a complete set of the software in DVD format. You use only the DVDs covered by your software licensing agreement.
Using either method, you can obtain the Oracle Fusion Applications Provisioning repository and gain access to the Oracle Fusion Applications documentation library.
If you are downloading Oracle Fusion Applications 11g Media Pack for the following platforms, then use the following versions of the 64-bit Unzip utility to extract the Oracle software.
SPARC INFOZIP Unzip 6.0 or higher
SOLX64 INFOZIP Unzip 6.0 or higher
AIX INFOZIP Unzip 6.10 or higher
WIN64 INFOZIP Unzip 6.0 or higher
UnZip is freeware and available at http://www.info-zip.org.
Go to http://edelivery.oracle.com/ and follow these instructions:
Complete the Export Validation process by entering basic identification information using the online form.
On the Media Pack Search page, specify the product pack and platform to identify the media pack you want to download. If you do not know the name of the product pack, you can search for it using the license list.
Choose the appropriate media pack from the search results and download the provisioning repository (in zipped format). You can download the repository to a location of your choice.
Extract the contents of all the zipped files to the same target directory. The directory must be on a networked drive or shared disk so that it will be accessible to all the hosts in your new environment. By default, the unzip process places the installers in repository_location/installers.
Note:
Create the repository location name so that unzipping the files does not run into the Windows MAX_PATH limitation.
Note:
Do not unzip different versions of Oracle Fusion Applications Media Packs into the same location. This will cause errors when you try to provision Oracle Fusion Applications files.
To order the Oracle Fusion Applications DVDs from the Oracle Store, go to http://oracle.com. Navigate to the Products and Services page. Click Oracle Applications and then Oracle Fusion Applications.
Log in as the operating system user with sufficient privileges to mount, unmount, and eject a DVD.
Each DVD in the media pack is assigned a unique name and typically contains only one zipped file. Insert the first DVD in the Oracle Fusion Applications Media Pack.
Extract the contents of the first DVD, and each of the remaining DVDs one by one to the same target directory. The directory must be on a networked drive or shared disk so that it is accessible and writable to all hosts in your environment. By default, the unzip process places the installers in repository_location/installers.
Note:
Be sure to create the repository location name so that unzipping the files does not run into the Windows MAX_PATH limitation.
Note:
Do not mix or unzip different versions of Oracle Fusion Applications Media Packs into the same location. This will cause errors when you try to provision Oracle Fusion Applications files.
The Oracle Fusion Applications Provisioning installer (faprov) is delivered with the other installers in the provisioning repository. The purpose of faprov is to create the Oracle Fusion Applications Provisioning framework, which contains the following components:
Provisioning Wizard: A question-and-answer interview that guides you through the process of installing a database, creating or updating a response file, and provisioning or deinstalling an Oracle Fusion Applications environment.
Note:
Run the Provisioning Wizard on the primordial host to create a provisioning response file. If you run the Provisioning Wizard on a non-primordial host to create a provisioning response file, the validation assumes that the host is the primordial host. Ensure that you interpret the validation errors correctly as they may not be applicable to the non-primordial host.
When provisioning a new environment, you should only run the Provisioning Wizard on the primordial host and the Provisioning Command-line Interface on non-primordial hosts.
Provisioning Command-line Interface (CLI): Used for starting the wizard and running installation phases on the Primary host, Secondary host, and DMZ host (when present).
Provisioning-related files and utilities: The ANT utilities, binary files, library files, templates, locations of saved response files and provisioning build scripts, and other provisioning utilities required for performing provisioning tasks.
Because the provisioning installer is a customized version of the Oracle Universal Installer (OUI), its behavior closely resembles that of the OUI.
To install the provisioning framework, locate the directory repository_location/installers/faprov/Disk1 and run the script, runInstaller or setup.exe, depending on your hardware platform. Note that repository_location is the directory where you created the provisioning repository.
Note:
You should not run the scripts, runInstaller or setup.exe, located in repository_location/installers/fusionapps/Disk1. These scripts are used and run by the Provisioning Wizard and Provisioning Command-line Interface when needed. They are not meant for installing the provisioning framework.
Set the JAVA_HOME environment variable to point to the JDK location in the provisioning repository. For example:
(UNIX)
export JAVA_HOME=repository_location/jdk6
export PATH=$JAVA_HOME/bin:$PATH
(Windows)
set JAVA_HOME=repository_location\jdk6
set PATH=%JAVA_HOME%\bin;%PATH%
Use this command:
(UNIX) runInstaller
(Windows) setup.exe
The installer creates a directory (.../provisioning) for the framework components in any location that you specify, for example, framework_location/provisioning.
Table 2-1 lists the steps for running the provisioning framework installer. For examples of the interview screens, see Appendix A.
Table 2-1 Provisioning Framework Installation Screen Flow
| Screen | Description and Action Required |
|---|---|
|
Specify Inventory Directory (UNIX) |
If this is your first Oracle installation on this host, you must specify the location of the Central Inventory Directory. It is used by the installer to keep track of all Oracle products installed on this host. The default location for this file varies by platform. In the Operating System Group Name field, select the group whose members will be granted access to the inventory directory. All members of this group can install products on this host. Click OK to continue. The Inventory Location Confirmation dialog prompts you to run the
The standard location for this file is If you do not have Click OK to continue. |
|
Welcome |
No action is necessary on this read-only screen. Click Next to continue. |
|
Prerequisite Checks |
Analyzes the host computer to ensure that specific operating system prerequisites have been met. If any prerequisite check fails, the screen displays a short error message at the bottom. Fix the issue that caused the error and click Retry. To ignore the error or warning message, click Continue. Click Abort to stop the prerequisite check process for all components. Click Next to continue. |
|
Specify Installation Location |
In the Location field, specify where you want to install the provisioning framework. This is the location where the Provisioning Wizard and the start command for provisioning are installed. You can choose any location as long as it is on a shared disk in a location that is accessible to all hosts in your new environment. The installation process creates a logical directory called the Oracle home. This location is where software binaries will be stored. No runtime process can write to this directory. The directory must initially be empty. If you are performing the installation on a Windows operating system, ensure that the directory paths are valid and do not contain a double backslash (\\). Click Next to continue. |
|
Installation Summary |
Summarizes the selections that you have made during this installation session. To change this configuration before installing, select one of the screens from the left navigation pane or click Back to return to a previous screen. When you are satisfied with the details, click Save to create a text file (response file) to use if you choose to perform the same installation later. Click Install to begin installing this configuration. |
|
Installation Progress |
The progress indicator shows the percentage of the installation that is complete, and indicates the location of the installation log file. Click Next when the progress indicator shows 100 percent. |
|
Installation Complete |
Summarizes the installation just completed. To save the details to a text file, click Save and indicate a directory where you want to save the file. Click Finish to dismiss the screen and exit the installer. |
Table 2-2 shows the components in the framework_location/provisioning directory.
Table 2-2 Contents of the Provisioning Framework
| Component Type | Component Name | General Use |
|---|---|---|
|
ANT |
ant |
Java processes for installing binaries, configuring domains and subsystems (JDBD and SOA composites), deploying applications, and domain startup |
|
Binary files |
bin |
Executable files, compiled programs, system files, spreadsheets, compressed files, and graphic (image) files |
|
Library files |
lib |
Previously defined functions that have related functionality or are commonly used, stored in object code format |
|
Location of saved response files |
provisioning-response file |
Location for completed or partially completed response files |
|
Location of provisioning build scripts |
provisioning-build |
Location for build scripts that are available when called for during the provisioning of an environment |
|
Location of templates |
template |
Start parameters, single sign-on configuration, and database templates |
|
Location of utility files |
util |
Other provisioning utilities |
The web tier contains Oracle HTTP Server, which can be installed on the same shared file system (inside the firewall) as the other components, or exist on a host in a DMZ. If you install the web tier in a DMZ, the web tier host cannot be the same as any other host deployed, regardless of domain.
Installing the web tier in a DMZ enables you to impose more restrictions on communication within the portion of the system that is within the firewall, including the following:
The DMZ host cannot access the shared storage that is accessible by the hosts within the firewall (in the APPLICATIONS_BASE area where the middleware homes are installed or the shared area).
The DMZ host may not be able to communicate with the CommonDomain AdminServer through the firewall. If this is the case, web tier running on the DMZ is non-managed; that is, it is not associated with the CommonDomain running inside the firewall.
However, the APPLICATIONS_BASE file path and the directory structure under it remain the same on the DMZ host as for the other hosts that exist inside the firewall.
During the provisioning process, phase guard files are generated automatically to determine when a specific phase has been completed on a specific host. For systems that do not use a DMZ, these phase guard files are generated automatically under the shared APPLICATIONS_CONFIG area on the hosts inside the firewall.
To set up and configure your web tier on a DMZ host, go to http://edelivery.oracle.com/ and follow these directions:
Note:
On a DMZ host, you should not have any symlink or mount points that point to a repository or APPLICATIONS_BASE residing inside the firewall, that is, the repository and APPLICATIONS_BASE should be accessible from the DMZ host.
Copy the provisioning repository zipped files to a location on the web tier host to be designated as a demilitarized zone. Follow the instructions in Section 2.3.
Run the provisioning framework installer (faprov), as described in Section 2.4. You can create the framework in any location, or you can create it on the DMZ host.
Copy the provisioning framework (framework_location/provisioning) from the location where you installed it to the DMZ host. If you installed it initially on the DMZ host, no action is required.
When you create the response file for this environment, indicate this web tier configuration when prompted. See Section 4.3 for details.
When the preverify phase is successful on the primordial host, place a copy of the response file and the generated provisioning plan (<APPLICATIONS_BASE>/provisioning/plan/provisioning.plan) on the DMZ host.
Deinstalling Oracle Fusion Applications involves removing the Oracle Fusion Applications Provisioning Oracle home. The deinstaller attempts to remove the Oracle home from which it was started, and removes only the software in the Oracle home.
Before you remove the Oracle Fusion Applications Provisioning Oracle home, ensure that it is not in use. After you remove the software, you will no longer be able to provision a new Oracle Fusion Applications environment.
To start the deinstaller, navigate to (UNIX) framework_location/oui/bin or (Windows) framework_location\oui\bin and use this command:
(Unix)./runInstaller -deinstall
(Windows) setup.exe -deinstall
On Windows operating systems, you can also start the deinstaller from the Start menu by selecting Programs, then Oracle Fusion Applications Provisioning 11g-Home1, and finally Uninstall.
The Uninstall menu is a Windows shortcut to the setup.exe -deinstall command. Note that you should not use the Start -> All Programs -> Oracle - OHnnnn -> Oracle Installation Products -> Uninstall menu option on Windows operating systems, where nnnn is a number. This Uninstall menu is also a shortcut to the setup.exe program but does not have the -deinstall command line option. Therefore, it will not deinstall the provisioning framework.
The deinstaller described in this section removes the provisioning framework that you can use to provision the Oracle Fusion Applications environment. It does not deinstall the Oracle Fusion Applications environment. If you want to deinstall an Oracle Fusion Applications environment, refer to Chapter 6 before removing the provisioning wizard from your system.
For Windows operating systems, after removing provisioning wizard, you can delete the Oracle - OHnnnn folder located in the ProgramData -> Microsoft -> Windows -> Start Menu -> Programs folder.
Table 2-3 contains instructions for deinstalling the provisioning framework. For help with any of the interview screens, see Appendix A or click Help on any interview screen.
Table 2-3 Provisioning Deinstaller Screen Flow
| Screen | Description and Action Required |
|---|---|
|
Welcome |
No action is required on this read-only screen. Click Next to continue. |
|
Deinstall Oracle Home |
Verify that the directory path is correct. Click Save to create a text file with the details of the configuration you are deinstalling. Click Deinstall to continue. On the Warning screen, select whether you want the deinstaller to remove the Oracle home directory in addition to removing the software. Click Yes to remove the software files and the provisioning Oracle home directory. Click No to remove only the software files, or click Cancel to return to the previous screen. If you clicked No, remove the framework software files manually. For example, you would use this syntax if the directory is
If the Oracle home directory is |
|
Deinstallation Progress |
Monitor the progress of the deinstallation. Click Cancel to stop the process. Click Next to continue. |
|
Deinstallation Complete |
Click Finish to dismiss the screen. |
You must install a transaction database before you create a response file. See Chapter 3 for complete information.
|
 Copyright © 2011, 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|