Configure an Existing Load Balancer for a Provisioned Instance

You can configure an existing Oracle Cloud Infrastructure load balancer for a provisioned Oracle SOA Suite on Marketplace instance.

Usage Notes:

• You can configure only one Oracle Cloud Infrastructure load balancer for one Oracle SOA Suite on Marketplace instance.
• The Oracle Cloud Infrastructure load balancer has high availability (HA) features, spanned across different Availability Domains.
• If you have manually imported any certificates into SOA Servers, you must reimport these certificates into the load balancer.
• After completing the steps to configure the Oracle Cloud Infrastructure load balancer:
  • If you are not using a DNS name and using an IP address (see Register a Custom Domain Name with a Third-Party Registration Vendor), make sure your runtime URLs use the Oracle Cloud Infrastructure load balancer IP address instead of the SOA Server IP address.
  • URLs for all Managed Servers such as b2bconsole, mftconsole, and composer are accessible using the Oracle Cloud Infrastructure load balancer URL using https.
  • You must manually add or delete backends in the Oracle Cloud Infrastructure load balancer after scale out and scale in operations.

  • Deprovisioning of the Oracle SOA Suite on Marketplace instance will not delete the Oracle Cloud Infrastructure load balancer backend set and backend servers. You must manually delete the load balancer backend set and backend servers from the Oracle Cloud Infrastructure Console.

Note:

This procedure uses the following example IP addresses:

• WebLogic Server Public IP: 129.146.200.44
• Oracle Cloud Infrastructure load balancer Public IP: 129.146.91.95

To configure an existing Oracle Cloud Infrastructure load balancer for a provisioned Oracle SOA Suite on Marketplace instance:

1. As a prerequisite, it is assumed that the Oracle SOA Suite on Marketplace instance is already provisioned without a load balancer.
2. Create the MyCert certificate. This is a self-signed certificate and uses a private key that you generate. It is used for external clients to connect to the Oracle Cloud Infrastructure load balancer using port 443.

   1. As the oracle user, run the following command to generate the self-signed certificate:

      openssl req -newkey rsa:2048 -nodes -keyout mycert.key -x509 -days 365 -out mycert.crt

   2. Provide requested input as shown in the following screenshot:

      
      
      
   3. Save the output to your local drive as mycert.key.
      
      
3. In the Oracle Cloud Infrastructure Console, edit the existing load balancer.
   1. Open the navigation menu, click Networking, and then click Virtual Cloud Networks.
   2. In the left pane, click Load Balancers.
   3. Scroll down in the left pane and select the compartment where the load balancer exists.
   4. Click the name of the existing load balancer you want to configure.
   5. In the left pane of the Load Balancer Details screen, click Backend Sets, then click Create Backend Set.
   6. In the Create Backend Set dialog, enter the following information:
      • Name: httpBackend
      • Port: 9073
      • Status Code: 404
   7. Click Create Backend Set.
4. On the Load Balancer Details screen, note that the Overall Health and Backend Sets Health shows a status of Unknown. To resolve this, continue with the steps below.
   
   
   
5. Add backends.
   1. In the left pane of the Load Balancer Details screen, click Backend Sets, then click the link to the httpBackend backend set.
   2. In the left pane of the Backend Set Details screen, click Backends, then click Add Backends.
   3. In the Add Backends dialog, click Change Compartment to select the compartment for your Oracle SOA Suite on Marketplace instance if not already displayed, then select the check box next to the instance name, and enter a Port value of 9073.
      
      
      

      Note:

      If you have a multinode cluster, then choose all the instances in the cluster and enter the same Port value of 9073.

      Scroll down to view the security list rules that will be created.

      
      
      
   4. Click Add.
6. Add a rule set.
   1. In the left pane of the Load Balancer Details screen, click Rule Sets, then click Create Rule Set.
   2. In the Create Rule Set dialog, enter a name for the rule set, then select Specify Request Header Rules and enter the following information:
      • Name: SSLHeader.
      • Action: Select Add Request Header.
      • Header: Enter WL-Proxy-SSL.
      • Value: Enter true.

      
      
      
   3. Click Create.
7. Add a listener.
   1. In the left pane of the Load Balancer Details screen, click Listeners, then click Create Listener.
   2. In the Create Listener dialog, enter the following information:
      • Name: httpsListener.
      • Protocol: HTTP.
      • Port: 443.
      • Status Code: 404.
      • Select Use SSL.
      • Certificate Name: mycert.crt.
      • Backend Set: Enter the name of the backend set (httpBackend) you created in Step 3.
   3. Click Create Listener.
8. Edit the listener.
   1. In the left pane of the Load Balancer Details screen, click Listeners, then click the icon at the far right of the row for the listener you created, and select Edit.
   2. In the Edit Listener dialog, select the rule set you created.
      
      
      
   3. Click Save Changes.
9. Update session persistence for the backend set.
   1. In the left pane of the Load Balancer Details screen, click Backend Sets, then click the icon at the far right of the row for the httpBackend backend set you created, and select Edit.
   2. In the Edit Backend Set dialog, select Enable application cookie persistence.
   3. In the Cookie Name field, enter *.
      
      
      
   4. Click Update Backend Set.
10. Import required certificates into the Oracle Cloud Infrastructure load balancer. If there are any inbound requests to Oracle SOA Suite on Marketplace that require you to import SSL certificates into the Oracle Cloud Infrastructure load balancer, import them now.
11. Update front end hosts.
    You can update front end hosts using an automation script or perform the steps manually:

    To update front end hosts using an automation script:

    1. Use the ssh command to connect to the Administration Server VM (as the opc user):

       ssh -i private_key opc@VM_IP_address

    2. Change to the oracle user:

       sudo su - oracle

    3. Navigate to the directory containing automation scripts:

       cd /opt/scripts/runbooks

    4. Run the script to update front end hosts and respond to the prompts for WebLogic Server administration password, load balancer IP address, and load balancer port:

       ./updateFrontEndHostPort.sh

    To update front end hosts manually:

    1. Log in to the WebLogic Server Administration Console.
    2. Set the Frontend Host to the DNS server name. If the DNS server is not configured, then enter the IP address of the Oracle Cloud Infrastructure load balancer.

       DNS (domain name system) translates host and domain names into the corresponding numeric Internet Protocol (IP) addresses, and also identifies and locates resources on the Internet.

    3. Set Frontend HTTP Port to 0.
       
       
       
12. Enable the WebLogic Plug-In at the cluster level.
    You can enable the WebLogic Plug-In in a cluster using an automation script or perform the steps manually:

    To enable the WebLogic Plug-In using an automation script:

    1. Use the ssh command to connect to the Administration Server VM (as the opc user):

       ssh -i private_key opc@VM_IP_address

    2. Change to the oracle user:

       sudo su - oracle

    3. Navigate to the directory containing automation scripts:

       cd /opt/scripts/runbooks

    4. Run the script to enable the WebLogic Plug-In:

       ./enableWeblogicPlugin.sh

    To enable the WebLogic Plug-In manually:

    1. Log in to the WebLogic Server Administration Console.
    2. In the Domain Structure pane, expand the Environment node, then Clusters, and click the cluster name.
    3. On the Configuration: General tab, scroll down to the Advanced section and expand it.
    4. Click Lock & Edit, then set WebLogic Plug-In Enabled to Yes.
       
       
       
    5. Click Save, then click Activate Changes.
13. Restart the servers.

    Restart the Administration Server and Managed Servers. See Stop or Start WebLogic Servers.

14. Verify your configuration.
    • Verify the health of the Oracle Cloud Infrastructure load balancer: the Overall Health and Backend Sets Health should show a status of OK.
      
      

    • Verify the URLS: you should be able to access the following Managed Server URLs using the Oracle Cloud Infrastructure load balancer IP address (for example, 129.146.91.95).

      • https://129.146.91.95/soa/composer
      • https://129.146.91.95/mftconsole
      • https://129.146.91.95/b2bconsole

Troubleshooting Tips

If any steps in the configuration are missed or incorrectly implemented, the Oracle Cloud Infrastructure load balancer will not generate any error messages to alert you to issues. You can navigate to Oracle Cloud Infrastructure load balancer work requests and make sure the work requests have succeeded to confirm that the load balancer is working.

Use the following checklist to troubleshoot an Oracle Cloud Infrastructure load balancer that is not in Ready state:

• In the Oracle Cloud Infrastructure Console, verify:

  • Healthcheck: port number is 9073 and status code is 404.
  • Https Listener: listen port is 443.
  • Security lists has rule defined with 0.0.0.0/0 for 443. See Configure Security Lists.
  • Backends are configured to use port 9073.
  • The WL-Proxy-SSL header is added to httpslistener.
• In the WebLogic Server Administration Console, verify:
  • Frontendhost and port are configured for the cluster.
  • The WebLogic Plug-In is enabled.