This chapter describes how to configure an Oracle Communications Services Gatekeeper domain.
Before you configure your domain, you must have set the WebLogic Server home path. See "Services Gatekeeper Post-Installation Tasks".
You must configure the domains of all of your servers before you start them. You can use the WebLogic Server Configuration Wizard to manually configure each server in your installation, or you can configure the domain on your Administration Server and then use the pack and unpack commands provided by Oracle WebLogic Server to package the configuration data for copying to all the other servers. For more information about packing and unpacking configurations, see Oracle Fusion Middleware Creating Templates and Domains Using the Pack and Unpack Commands.
After configuring your Services Gatekeeper domains, return to the "Services Gatekeeper Post-Installation Tasks" for instructions on how to start the Services Gatekeeper servers.
The Services Gatekeeper installer copies the pack and unpack commands to the Middleware_home/wlserver/common/bin directory.
You configure your Services Gatekeeper domain with the following tools:
The WebLogic Server Configuration Wizard, which can be run in GUI mode or console mode.
If you want to run the Configuration Wizard in GUI mode on Solaris or Linux, the console attached to the machine on which you are configuring the domain must support a Java-based GUI.
WebLogic Scripting Tool (WLST), which is a command-line tool that provides configuration scripts.
System administrators and operators use WLST to monitor and manage WebLogic Server instances and domains. The WLST scripting environment is based on the Java scripting interpreter, Jython. For more information about WLST, see Oracle Fusion Middleware Understanding the WebLogic Scripting Tool.
The Configuration Wizard prompts you for the following information about your database:
The database hostname
The database instance name
The database listener port number
The names of your managed servers
The database administrative user name and password
The procedure for configuring the domain with the Configuration Wizard follows these steps:
Start the Configuration Wizard in GUI mode.
Answer the questions in each screen of the Configuration Wizard.
For more information about creating a WebLogic domain by using the Configuration Wizard, see ”Creating a WebLogic Domain” in Oracle Fusion Middleware Creating WebLogic Domains Using the Configuration Wizard.
To start the Configuration Wizard in GUI mode:
Log in to the target system.
Go to the Middleware_home/wlserver/common/bin directory.
At a command prompt, enter one of the following:
Windows:
config
Linux or Solaris:
sh config.sh
The Configuration Wizard starts and the Configuration Type screen appears. Go to "Configuring the Domain in GUI Mode" and follow the steps for configuring the domain.
The procedure in this section reflects using the Configuration Wizard in GUI mode, but the screen names are the same in GUI mode and console mode.
Important:
Configure only one domain at a time.
Each domain must be created in its own, empty directory.
If you use IPv6 addresses put the addresses inside square brackets "[]".
If you will be using CORBA-based functionality that connects to multiple hosts, do not use the value localhost in any configurations. Use an actual IP address or fully qualified host name instead.
The Configuration Wizard displays a sequence of screens, in the order listed below. The screens that you will see depend on the type of product configuration template that you select in the Templates screen. To configure your domain, answer the questions in the following screens:
In the Configuration Type screen:
Select Create a new domain.
In the Domain Location field, enter the target domain directory or use the Browse button to locate the directory.
The directory you enter must be empty.
Click Next.
In the Template screen:
Select Create Domain Using Product Templates.
In the Available Templates area, select only one of the following Services Gatekeeper configuration templates.
Basic Oracle Communications Services Gatekeeper Domain
OCSG Basic HA Configuration
OCSG Domain with Access and Network Clusters
OCSG Domain with Access and Network Clusters with Oracle RAC Configuration
OCSG Portal Domain
Note:
You can configure only one Services Gatekeeper template at a time.Click Next.
In the Administrator Account screen:
Enter the main administrator user name.
This name is used to start the Administration Server and connect to it. The default user name is weblogic, which you can use for domain setup and testing. User names are case sensitive. Do not use commas or any characters in the following comma-separated list:
\t, < >, #, |, &, ?, ( ), { }
Enter the main administrator password.
The password is case sensitive and must contain a minimum of eight characters, at least one of which is not alphabetic.
Click Next.
In the Domain Mode and JDK screen:
In the Domain Mode area, select the appropriate startup mode for your installation:
Development Mode
Production Mode (This is the only supported mode for 64-bit Solaris environments.)
If you select Production Mode, do not enable SSL unless you have a trusted key. For more information about startup modes, see "Tuning WebLogic Server" in Fusion Middleware Performance and Tuning for Oracle WebLogic Server.
In the JDK area, select the JDK to use for the domain.
By default, the installer selects the JDK that was used when you installed Services Gatekeeper. Alternatively, you can specify a different JDK.
Click Next.
Specify the connection information between Services Gatekeeper and the JDBC data sources (databases).
In the JDBC Data Sources screen:
In the table, select the wlng.datasource and wlng.localTX.datasources checkboxes to configure these data sources simultaneously. To configure these data sources separately, make adjustments in the data source for the transactional data source.
Typically, fields you may need to edit include:
Vendor: The database vendor. The default is Oracle. Select MySQL if you are using a MySQL database or cluster.
Driver: The driver for your database type. The available drivers are specific to the vendor value you specified.
For Oracle databases, the default is Oracle's Driver (Thin) for Instance connections. For non-Oracle RAC domains, use the non-XA thin driver for wlng.localTX.datasource, and the XA driver for wlng.datasource.
For MySQL databases and clusters, select the com.mysql.jdbc.Driver for all data sources.
DBMS/Service: The name of the database you created in "Installing the Database". The default is SLEE_DB.
Host Name: The location of the database, and IP address or localhost. The default is localhost. To use an IPv6 IP address enter it inside "[]" (square brackets). For example: [2001:DB8:c8:216:3eff:fe49:c84].
Port: The port number for contacting the database. For Oracle, the default is 1521. For MySQL, the default is 3306.
Username: The Services Gatekeeper user name you created when you installed the database. The default is SETME_DBUSER.
Password: The Services Gatekeeper password you created when you installed the database.
Oracle RAC configuration for data sources: If you are using Real Application Cluster features, do one of the following:
To convert one or more data sources to GridLink Oracle RAC data sources, select Convert to GridLink.
To convert one or more data sources to Oracle RAC multi-data sources, select Convert to Oracle RAC multi data source.
To not convert the data sources, select Don't Convert.
Click Next.
The JDBC Data Sources Test screen automatically tests your data source configurations:
A green check mark displayed in the Status column indicates that the configuration is valid.
A red circle indicates a problem.
The bottom of the screen shows a short error message to help you troubleshoot the problem. Fix the error and click Test Selected Connections to test your data source configurations again.
Click Next when you are ready to proceed to the next screen.
The Advanced Configuration screen allows you to perform advanced configuration on the listed items. If you are happy with the current settings, keep all of the checkboxes deselected and click Next.
In the Advanced Configuration screen, select one or more of the following checkboxes and then click Next.
Administration Server
Node Manager
Managed Servers, Clusters and Coherence
Deployments and Services
The next screen that appears depends on the checkboxes that you selected.
If you selected Administration Server, the Administration Server screen appears.
Add or change the Administration Server name, listen address, and listen port. Do not enable SSL unless you have a trusted key. Click Next.
Note:
If your Services Gatekeeper implementation will communicate using SSL, do not select the All Local Addresses listen address menu item and Port 7001. The Configuration Wizard accepts this option, but attempting to enable SSL later fails. Instead enter a specific local IP address to listen on.If you selected Node Manager, the Node Manager screen appears.
Select the node manager type, enter the node manager credentials, and then click Next.
If you selected Manager Servers, Clusters and Coherence, do the following:
In the Managed Servers screen, add or change the connection information for the managed servers. Each managed server is an instance of Oracle WebLogic Server.
Click Add for each manager server that you want to create. Enter the server name, listen address, and listen port. Do not enable SSL unless you have a trusted key. Click Next.
In the Clusters screen, click Add for each cluster that you want to create. For example 203.0.113.164:8001, 203.0.113.165:8001.
Enter the information about your cluster and frontend. Click Next.
In the Coherence Clusters screen, accept or change the default cluster name, but be sure to change the default port number by typing in a new one. Click Next.
Note:
Always change default ports for security reasons. In this case it can also help prevent problems when testing multiple Services Gatekeeper implementations.In the Machines screen, add or change information about each machine.
In the context of WebLogic Server, a machine is the logical representation of the system that hosts one or more WebLogic Server instances, for the purposes of starting and stopping remote servers using the node manager. In a domain, machine definitions identify a particular, physical piece of hardware and are used to associate a computer with the managed servers it hosts.
If you selected Deployments and Services, do the following:
In the Deployments Targeting screen, target one or more applications to a server or cluster. Select one or more applications in the Deployments pane, select one server or cluster in the Targets pane, and then click the right arrow button.
In the Services Targeting screen, target services to servers or clusters. Select one or more services in the Services page, select a server or cluster in the Targets pane, and then click the right arrow button.
Click Next.
The Configuration Summary screen displays the previously configured domain settings. Use the View drop-down list to choose a category view.
Click Create to accept the domain details and start creating the domain.
The Configuration Progress screen displays a progress bar that indicates the status of the configuration process. When the configuration progress is complete, click Next.
The Configuration Success screen displays the domain's location and Administration Server URL for accessing the domain.
Click Finish to end your configuration session.
This section describes how to configure the domain by using the Configuration Wizard in console mode.
To start the Configuration Wizard in console mode:
Log in to the target system.
Open a command window.
Go to Middleware_home/wlserver/common/bin.
At the prompt, enter one of the following commands and press Enter:
Windows:
config -mode=console
Linux and Solaris:
sh config.sh -mode=console
The Configuration Wizard starts in console mode and the Welcome screen appears.
To configure your domain, respond to the prompts in each section by entering the number associated with your choice and pressing Enter, or by typing Next or n to accept the current selection.
The right arrow (->) indicates the value currently selected. To quit the Configuration Wizard, type Exit or x in response to any prompt. To review or change your selection, type Previous or p at the prompt.
The screen names and parameters in the Configuration Wizard are the same for both GUI and console modes. See "Configuring the Domain in GUI Mode" for instructions on setting the configuration parameters.
Note:
After creating a new domain in console mode, you must copy the domain_home/security/SerializedSystemIni.dat file from the administration server to the same location on the new domain.This section explains how to configure a Services Gatekeeper domain by using a WebLogic Scripting Tool (WLST) script.
The WLST scripting environment is based on the Java scripting interpreter, Jython. For more information about WLST, see "Using the WebLogic Scripting Tool" in Oracle Fusion Middleware Understanding the WebLogic Scripting Tool.
Caution:
WLST has a significant learning curve. If you do not know how to use WLST and do not wish to spend the time to become familiar with it, use the Configuration Wizard to set up your domains instead.You must set environment variables for WLST to run properly.
Log in to the target system.
Open a command window.
Go to Middleware_home/wlserver/server/bin.
At the prompt, enter one of the following commands:
Windows:
setWLSEnv.cmd
Linux and Solaris:
sh setWLSEnv.sh
Services Gatekeeper provides five WLST domain setup scripts and five corresponding domain configuration templates. The scripts are located in Middleware_home/wlserver/common/templates/scripts/wlst, and the templates are located in Middleware_home/wlserver/common/templates/wls.
Table 7-1 describes the scripts and their respective domain templates used to configure each type of domain:
Table 7-1 Scripts and Domain Templates
| Script | Template | Description |
|---|---|---|
|
basic-ocsg-ha.py |
basic-ocsg-ha-domain.jar |
Creates a basic domain with two servers, each with an Access Tier, a Network Tier instance, and a database. Database replication must be set up separately. |
|
ocsg-database-setup.py |
ocsg-domain.jar |
Creates a basic all-in-one domain typical of development environments. |
|
access-network-cluster.py |
ocsg-access-network-domain.jar |
Creates a domain with separate access and network clusters. |
|
ocsg-osb-integ.py |
ocsg-osb-integ-domain.jar |
Creates a domain with separate access and network clusters with the additional data sources that an Oracle RAC installation requires. |
You must configure the WLST domain setup script to work with your environment. This section describes the configurations you may need to perform.
Perform this task if you are using a domain setup script other than wlng-cluster.py.
If you are setting up the standard version of one of the multi-cluster domains, only a few variables need to be set at the beginning of the script. This procedure describes how to modify the WLST script to set the multicluster settings in the section called Configuration (INPUT) Parameters. Example 7-1 shows the necessary configuration parameters that need to be edited for your environment.
Example 7-1 Configuration (INPUT) Parameters Section from Access-Network-rac.py
#========================================================================= # Configuration (INPUT) Parameters #========================================================================= # listen address input parameters # example: hostname can be DNSName or IPAddress AdminServerListenAddress = "host-admin.bea.com" AdminServerListenPort = 7001 NT1ServerListenAddress = "host-nt1.bea.com" NT1ListenPort = 8001 NT2ServerListenAddress = "host-nt2.bea.com" NT2ListenPort = 8001 AT1ServerListenAddress = "host-at1.bea.com" AT1ListenPort = 8001 AT2ServerListenAddress = "host-at2.bea.com" AT2ListenPort = 8001 NTClusterAddress = "host-nt1.bea.com:8001,host-nt2.bea.com:8001" ATClusterAddress = "host-at1.bea.com:8001,host-at2.bea.com:8001" NTClusterMultiCastAddress = '237.0.0.101' NTClusterMultiCastPort = 8050 ATClusterMultiCastAddress = '237.0.0.102' ATClusterMultiCastPort = 8050 # DataSource Settings # Oracle RAC Node-1 Settings RACNode1URL = "SETME_URL" # Oracle RAC Node-2 Settings RACNode2URL = "SETME_URL" # Database settings OracleXADriver = "SETME_XADRIVER" OracleNonXADriver = "SETME_nonXADRIVER" DBUser = "SETME_USER" DBPassword = "SETME_PASSWORD"
To configure the multicluster settings:
Set the listen address and listen port for the Administration Server, the two Access Tier servers, and the two Network Tier servers.
Replace the host*.bea.com values with either the DNS name or the IP Address of the appropriate servers.
Replace the listen port values as necessary. The listen address and port combinations must be unique.
Fill in the appropriate listen address and port combinations to assign the servers to the appropriate clusters. The entry should be comma delimited, with no spaces.
Fill in the appropriate multicast addresses values for each cluster.
If using a configuration script for Oracle RAC deployments:
Set the appropriate URLs for each of the Oracle RAC instances.
Set the appropriate values for the transactional (XA) and localTX(nonXA) datasources.
For non-Oracle RAC deployments:
Set the appropriate values for the wlng.datasource.
Set the appropriate values for the wlng.localTX.datasource. The values should be non-XA.
(Optional) To use the Administration Console and node manager to start remote servers, change the NodeManager ListenAddress values in the Configure Managed Servers section by editing the following line for each managed server:
set('ListenAddress','localhost')
(Optional) Change the localhost value to the correct listen address for your environment.
The default domain user (weblogic) and password.
Perform this task if you are using either the access-network-cluster.py or the access-network-rac-cluster.py domain setup script for cluster configuration and you also want to create additional machines, servers, or both.
Note:
You can also add servers and machines using the Administrative Console after you set up your primary Services Gatekeeper domain, which is a simpler way of adding machines and servers.Using WLST in offline mode, which is the mode that Services Gatekeeper scripts use, allows accessing and updating only those configuration objects that have been previously persisted to a configuration file. All the provided WLST scripts create this configuration file automatically as they run, but each script adds only those objects that are specified in the domain templates they support. If you must add more configuration objects, such as additional managed servers or machines, you must add additional parameters to the script to create them before you can configure them. The specific parameters you add depend on how your installation is set up.
Use the sample code in Table 7-2 to add machines in the script before you assign managed servers to them.
Table 7-2 Code to Add Machines
| Comment Section | Code to add | Value |
|---|---|---|
|
Configure managed servers |
|
Add as many of these statements as you need, replacing |
After you add machines, you can assign managed servers to them. You can also add new managed servers. In the sample code in Table 7-3, a new managed server is created and then assigned to new_Machine_5, created in the previous section.
Table 7-3 Code to Create Additional Managed Servers
| Comment Section | Statement to edit | Value |
|---|---|---|
|
Configure managed servers |
|
Create new servers as needed, and set the ListenAddress. The new_Server_1 is the name of the new server being created, port is the listen port for the server, address is the IP address or DNS name of the new server and new_Machine_5 is the machine to which you are adding the new server. |
Setting the NodeManager Listen Address
You must also add a section to configure the Listen Address of any new machine (and its node manager) you are adding. The sample code in Table 7-4 shows the WLST statement used to complete this configuration.
Table 7-4 Setting Listen Address for Node Manager
| Comment Section | Statement to add | Value |
|---|---|---|
|
Configure managed servers |
|
One section per added machine is required. The new_Server_1 is the name of the new server being created, port is the listen port for the server, address is the IP address or DNS name of the new server and new_Machine_5 is the machine to which you are adding the new server. |
Assigning New Managed Servers to a Cluster
You must assign any newly-created managed servers to their appropriate cluster by adding an assign command. The sample code in Table 7-5 shows a WLST statement that assigns new managed servers to a cluster.
Table 7-5 Assigning New Managed Servers
| Comment Section | Statement to add | Value |
|---|---|---|
|
Configure a cluster and assign the Managed Servers to that cluster. |
|
One line per added Managed Server is required. The new_Server_1 is the name of the new server you created and cluster1 is the cluster you are adding the server to. |
Perform this task if you know that you will not use one or more communication services and you prefer to prevent them from being deployed.
Note:
You can also undeploy communication services at a later time. See Services Gatekeeper System Administrator's Guide for information about undeploying communication services.All communication services consist of two EAR files: an Access Tier file and a Network Tier file. To prevent a communication service from being deployed, add an unassign command to your script for both EAR files.
For example, to prevent the PX 3.0 Third Party Call communication service from being deployed, add the following example section to your script:
#===================================================================
# Unassign applications to target
#===================================================================
cd(’/')
unassign('Application', ’wlng_at_third_party_call_px30#4.0 ', 'Target', 'WLNG_AT_Cluster')
unassign('Application', ’wlng_nt_third_party_call_px30#4.0 ', 'Target', 'WLNG_NT_Cluster')
Complete the rest of the Services Gatekeeper post installation tasks, picking up at "Creating JMS Servers for Additional Network Tier Servers".