Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management (Oracle Fusion Applications Edition) 11g Release 7 (11.1.7) Part Number E21032-21 |
|
|
PDF · Mobi · ePub |
This chapter describes how to prepare storage for an Oracle Identity Management enterprise deployment.
The storage model described in this guide was chosen for maximum availability, best isolation of components, symmetry in the configuration, and facilitation of backup and disaster recovery. The rest of the guide uses this directory structure and directory terminology. Other directory layouts are possible and supported.
This chapter contains the following topics:
Section 4.1, "Overview of Preparing the File System for Enterprise Deployment"
Section 4.2, "Terminology for Directories and Directory Variables"
Section 4.3, "About Recommended Locations for the Different Directories"
It is important to set up your file system in a way that makes the enterprise deployment easier to understand, configure, and manage. Oracle recommends setting up your file system according to information in this chapter. The terminology defined in this chapter is used in diagrams and procedures throughout the guide.
Use this chapter as a reference to help understand the directory variables used in the installation and configuration procedures. Other directory layouts are possible and supported, but the model adopted in this guide is chosen for maximum availability, providing both the best isolation of components and symmetry in the configuration and facilitating backup and disaster recovery. The rest of the document uses this directory structure and directory terminology.
This section describes the directory variables used throughout this guide for configuring the Oracle Identity Management enterprise deployment. You are not required to set these as environment variables. The following directory variables are used to describe the directories installed and configured in the guide:
ORACLE_BASE: This environment variable and related directory path refers to the base directory under which Oracle products are installed. For example: /u01/oracle
SHARED_ROOT: This environment variable and related directory path refer to the root directory on shared storage where the binaries and configuration information ARE stored.
LOCAL_ROOT: This environment variable and related directory path refer to the root directory on local storage where the binaries and configuration information are stored.
MW_HOME: This variable and related directory path refers to the location where Oracle Fusion Middleware resides. A MW_HOME
has a WL_HOME
, an ORACLE_COMMON_HOME
and one or more ORACLE_HOME
s. An example of a typical MW_HOME
is:
ORACLE_BASE
/product/fmw
There is a different MW_HOME
for each domain.
In this guide, this value might be preceded by a product suite abbreviation, for example: IAM_MW_HOME
, DIR_MW_HOME
, WEB_MW_HOME
. For more information about homes, see Table 4-3, "Summary of Homes".
WL_HOME: This variable and related directory path contains installed files necessary to host a WebLogic Server, for example MW_HOME
/wlserver_10.3
.
ORACLE_HOME: This variable points to the location where an Oracle Fusion Middleware product, such as Oracle HTTP Server, Oracle SOA Suite, or Oracle Internet Directory is installed and the binaries of that product are being used in a current procedure. For example: IAM_ORACLE_HOME
, OIM_ORACLE_HOME
, WEB_ORACLE_HOME
ORACLE_COMMON_HOME: This variable and related directory path refer to the location where the Oracle Fusion Middleware Common Java Required Files (JRF) Libraries and Oracle Fusion Middleware Enterprise Manager Libraries are installed. An example is: MW_HOME
/oracle_common
Domain directory: This path refers to the file system location where the Oracle WebLogic domain information (configuration artifacts) is stored. Different WebLogic Servers can use different domain directories even when in the same node as described Section 4.3, "About Recommended Locations for the Different Directories."
ORACLE_INSTANCE: An Oracle instance contains one or more system components, such as Oracle Web Cache, Oracle HTTP Server, or Oracle Internet Directory. An Oracle instance directory contains updatable files, such as configuration files, log files, and temporary files. An example is: /u02/local/config/instances/ohs1
JAVA_HOME: This is the location where JRockit is installed.
ASERVER_HOME: This is the primary location of the domain configuration. A typical example is: /u01/oracle/config/domains/
IDMDomain
MSERVER_HOME: This is a copy of the domain configuration used to start and stop managed servers. A typical example is: /u02/local/oracle/config/domains/
IDMDomain
WEBGATE_ORACLE_HOME: This is the location of the WebGate installation.
DB_ORACLE_HOME: This is the location of the Oracle Database installation.
This section contains the following topics:
Section 4.3.1, "Shared Storage Recommendations for Binary (Oracle Home) Directories"
Section 4.3.2, "Shared Storage Recommendations for Provisioning Repository"
Section 4.3.3, "Recommendations for Domain Configuration Files"
Section 4.3.4, "Shared Storage Recommendations for JMS File Stores and Transaction Logs"
The following sections describe guidelines for using shared storage for your Oracle Fusion Middleware Oracle home directories:
Section 4.3.1.1, "About the Binary (Middleware Home) Directories"
Section 4.3.1.2, "About Sharing a Single Middleware Home Across Multiple Hosts"
Section 4.3.1.3, "About Using Redundant Binary (Middleware Home) Directories"
When you install any Oracle Fusion Middleware product, you install the product binaries into a Middleware home. The binary files installed in the Middleware home are read-only and remain unchanged unless the Middleware home is patched or upgraded to a newer version.
In a typical production environment, the Middleware home files are saved in a separate location from the domain configuration files, which you create using the Oracle Fusion Middleware Configuration Wizard.
The Middleware home for an Oracle Fusion Middleware installation contains the binaries for Oracle WebLogic Server, the Oracle Fusion Middleware infrastructure files, and any Oracle Fusion Middleware product-specific directories.
For more information about the structure and content of an Oracle Fusion Middleware home, see Oracle Fusion Middleware Concepts.
Sharing a Middleware home across different hosts enables you to install the Middleware home in a single location on a shared volume and use the Middleware home for multiple host installations.
When a Middleware home is shared by multiple servers on different hosts, there are some best practices to keep in mind. In particular, be sure that the Oracle Inventory on each host is updated for consistency and for the application of patches.
To update the oraInventory for a host and attach a Middleware home on shared storage, use the following command:
ORACLE_HOME/oui/bin/attachHome.sh
For more information about the Oracle inventory, see "Oracle Universal Installer Inventory" in the Oracle Universal Installer Concepts Guide.
Note:
This is a manual process which you would perform after provisioning. You would do this by backing up the directories that provisioning creates and then restoring them to a new volume on the storage. You could then mount the new volume onto servers with the same mount point. For example:
Volume 1 mounted to hosts 1, 3 and 5
Volume 2 mounted to hosts 2, 4, and 6
Both would have the same mount point: /u01
For maximum availability, Oracle recommends using redundant binary installations on shared storage.
In this model, you install two identical Middleware homes for your Oracle Fusion Middleware software on two different shared volumes. You then mount one of the Middleware homes to one set of servers, and the other Middleware home to the remaining servers. Each Middleware home has the same mount point, so the Middleware home always has the same path, regardless of which Middleware home the server is using.
Should one Middleware home become corrupted or unavailable, only half your servers are affected. For additional protection, Oracle recommends that you disk mirror these volumes.
If separate volumes are not available on shared storage, Oracle recommends simulating separate volumes using different directories within the same volume and mounting these to the same mount location on the host side. Although this does not guarantee the protection that multiple volumes provide, it does allow protection from user deletions and individual file corruption.
The Identity Management Provisioning Wizard requires that each host in the topology have access to the Fusion Applications Provisioning Repository in the same location.
It is recommended that, for the duration of the provisioning, the provisioning repository be located on shared storage that is made available to each host.
After provisioning is complete the Provisioning Repository can be dismounted from each host.
The following sections describe guidelines for using shared storage for the Oracle WebLogic Server domain configuration files you create when you configure your Oracle Fusion Middleware products in an enterprise deployment:
Section 4.3.3.2, "Shared Storage Requirements for Administration Server Domain Configuration Files"
Section 4.3.3.3, "Local Storage Requirements for Managed Server Domain Configuration Files"
When you configure an Oracle Fusion Middleware product, you create or extend an Oracle WebLogic Server domain. Each Oracle WebLogic Server domain consists of a single Administration Server and one or more managed servers.
For more information about Oracle WebLogic Server domains, see Oracle Fusion Middleware Understanding Domain Configuration for Oracle WebLogic Server.
In an enterprise deployment, it is important to understand that the managed servers in a domain can be configured for active-active high availability. However, the Administration server cannot. The Administration Server is a singleton service. That is, it can be active on only one host at any given time.
ASERVER_HOME
is the primary location of the domain configuration. MSERVER_HOME
is a copy of the domain configuration that is used to start and stop managed servers. The WebLogic Administration Server automatically copies configuration changes applied to the ASERVER_HOME
domain configuration to all those MSERVER_HOME
configuration directories that have been registered to be part of the domain. However, the MSERVER_HOME
directories also contain deployments and data specific to the managed servers. For that reason, when performing backups, you must include both ASERVER_HOME
and MSERVER_HOME
.
Administration Server configuration files must reside on Shared Storage. This allows the administration server to be started on a different host should the primary host become unavailable. The directory where the administration server files is located is known as the ASERVER_HOME
directory. This directory is located on shared storage and mounted to the Administration Server host and to each host running Oracle Identity Manager.
Managed Server configuration Files should reside on local storage to prevent performance issues associated with contention. The directory where the managed server configuration files are located is known as the MSERVER_HOME
directory. It is highly recommended that managed server domain configuration files be placed onto local storage.
If you must use shared storage, it is recommended that you create a storage partition for each node and mount that storage exclusively to that node
The configuration steps provided for this enterprise deployment topology assume that a local domain directory for each node is used for each managed server.
JMS file stores and JTA transaction logs must be placed on shared storage in order to ensure that they are available from multiple hosts for recovery in the case of a server failure or migration.
For more information about saving JMS and JTA information in a file store, see "Using the WebLogic Persistent Store" in Oracle Fusion Middleware Configuring Server Environments for Oracle WebLogic Server.
This section describes the recommended use of shared and local storage.
This section includes the following topics:
The provisioning repository is located on shared storage and is required only for the provisioning process. It is recommended that this share be made available to all hosts in the topology during provisioning. Once provisioning is complete, this share is no longer required.
If you cannot share this directory with your Web Tier, you must create a local copy of it in the DMZ.
In an Enterprise Deployment, it is recommended that the volumes shown in Table 4-1 be created on shared Storage. You can mount shared storage either exclusively or shared.
When scaling out or scaling up, you can use the shared MW_HOME for additional servers of the same type without performing more software installations.
In an Enterprise Deployment it is recommended that the following directories be created on local storage:
Table 4-2 Local Storage Directories
Tier | Environment Variable | Directory | Hosts |
---|---|---|---|
Web Tier |
WEB_MW_HOME |
|
WEBHOST1 WEBHOST2 |
Web Tier |
WEB_ORACLE_INSTANCE |
|
WEBHOST1 WEBHOST2 |
Directory Tier |
OID_ORACLE_INSTANCE |
|
LDAPHOST1 LDAPHOST2 |
Directory Tier |
OVD_ORACLE_INSTANCE |
|
LDAPHOST1 LDAPHOST2 |
Application Tier |
MSERVER_HOME |
|
IDMHOST1 IDMHOST2 |
While it is recommended that you put WEB_ORACLE_INSTANCE
directories onto local storage, you can use shared storage. If you use shared storage, you must ensure that the HTTP lock file is placed on discrete locations.
During the provisioning process, the following Middleware homes and Oracle homes are created.
Table 4-3 Summary of Homes
Home Name | Home Description | Products Installed |
---|---|---|
|
Consists of the Oracle WebLogic Server home and, optionally, one or more Oracle homes. |
|
|
This is the root directory in which Oracle WebLogic Server is installed. The |
Oracle WebLogic Server |
|
Contains the binary files for Oracle Internet Directory and Oracle Virtual Directory. |
Oracle Internet Directory Oracle Virtual Directory |
|
Contains the binary and library files for Oracle Identity Management and is located in: |
Oracle Directory Services Manager Oracle Identity Federation |
|
Contains the binary and library files required for Oracle Identity and Access Management and is located in |
Oracle Access Manager Oracle Identity Management |
|
Contains the binary and library files required for OHS and is located in |
|
|
Contains the binary and library files required for the Oracle SOA Suite.Required only when creating topologies with OIM and is located in |
Oracle SOA Suite |
|
Contains the generic Oracle home files. This Oracle home is created automatically by any product installation and is located in |
Generic commands |
|
This is the location where JRockit is installed |
|
|
This is the primary location of the domain configuration. |
|
|
This is a copy of the domain configuration used to start and stop managed servers. |
|
|
This is the location of the WebGate installation. |
|
|
Fusion applications Software Repository. |
Location of the Software Repository |
|
Contains the provisioning software. |
Location of the Provisioning Tool |
For a list of directory variables used in this guide, see Section 4.2, "Terminology for Directories and Directory Variables."