1. Using Oracle WebLogic Server for OCI
  2. Create a Stack
  3. Create a Basic Domain in a Private Subnet

Create a Basic Domain in a Private Subnet

When you use Oracle WebLogic Server for OCI to create a stack and assign the Oracle WebLogic Server compute instances to a private subnet, the instances are not accessible from the public Internet.

To access the virtual machines (VMs) created in the private subnet, a bastion host is required. You must create a bastion host with a FastConnect or a VPN connection before you create a domain or you must choose to have a bastion host created for you.

To create a domain that uses a database for JRF components, see Create a JRF-Enabled Domain.

Before you create a domain, you must first perform the following tasks:

Oracle WebLogic Server for OCI can create the virtual cloud network (VCN) and subnets for your new domain. If you want to use an existing VCN or existing subnets for the domain, then they must meet certain requirements. See:

Topics:

Launch a Stack

Sign in to Marketplace and specify initial stack information.

  1. Sign in to the Oracle Cloud Infrastructure Console.
  2. Click the navigation menu Navigation Menu icon, select Marketplace, and then click All Applications.
  3. Set the filter type to Stack.
  4. Select an application that matches the edition of Oracle WebLogic Server that you want to provision, and also uses the type of billing you want (Universal Credits or Bring Your Own License).
    • Oracle WebLogic Server Standard Edition BYOL
    • Oracle WebLogic Server Enterprise Edition BYOL
    • Oracle WebLogic Server Enterprise Edition UCM
    • Oracle WebLogic Suite BYOL
    • Oracle WebLogic Suite UCM

    Note:

    If you set the filter type to Image, follow the steps in Create an Instance Using the Marketplace in Images for Oracle WebLogic Server for OCI.
  5. Select a version of Oracle WebLogic Server.
    The latest 14.1.1.0.0 patch level is the default.

    If multiple builds are available for the same patch level (.01, .02, .03, and so on), choose the latest build.

  6. Select the compartment in which to create the stack.
    By default the stack compartment is used to contain the domain compute instances and network resources. If later on you specify a network compartment on the Configure Variables page of the Create Stack wizard, then only the compute instances are created in the stack compartment that you select here.
  7. Select the Oracle Standard Terms and Restrictions check box, and then click Launch Stack.
    The Create Stack wizard is displayed.

Specify Stack Information

Specify the name, description, and tags for the stack.

  1. On the Stack Information page of the Create Stack wizard, enter a name for your stack.
  2. Enter a description for the stack (optional).
  3. Specify one or more tags for your stack (optional).
  4. Click Next.
    The Configure Variables page opens.

Configure WebLogic Instance Parameters

Specify the parameters needed to configure the WebLogic instance domain.

  1. In the WebLogic Server Instance section, enter the resource name prefix.
    The maximum character length is 16.
    This prefix is used by all the created resources.
  2. Select the WebLogic Server shape for the compute instances.
    The following shapes are supported:
    • Standard: VM.Standard2.x, VM.Standard.E2.x, BM.Standard2.x, BM.Standard.E2.x, BM.Standard3.64
    • Flexible: VM.Standard.E3.Flex, VM.Standard.E4.Flex, VM.Standard3.Flex
    • Optimized: BM.Optimized3, VM.Optimized3.Flex

    Note:

    In regional subnets, select the WebLogic Server shape that has sufficient service limits for an availability domain, else the provisioning fails.

  3. For the flexible shapes (VM.Standard.E3.Flex, VM.Standard.E4.Flex, VM.Standard3.Flex, VM.Optimized3.Flex), select the OCPU count for compute instances.

    Note:

    You can specify the OCPU count only for the flexible shapes; the maximum number of OCPUs that you can specify for VM.Standard.E3.Flex and VM.Standard.E4.Flex is 64 OCPUs, for VM.Standard3.Flex is 32 OCPUs, and for VM.Optimized3.Flex is 18 OCPUs. The memory, network bandwidth, and number of Virtual Network Interface Cards (VNICs) scale proportionately with the number of OCPUs.

  4. Enter the SSH public key, by either uploading the SSH key file or pasting the contents of your SSH public key file.
  5. Select the number of managed servers you want to create. For 12c and 14c versions and all the editions, you can specify up to 8 nodes, which can be scaled out to 30 when you edit the domain.
    The managed servers will be members of a cluster, unless you selected WebLogic Server Standard Edition.
  6. Enter a user name for the WebLogic Server administrator.
  7. Select the compartment where you have the WebLogic Server administration secret and then select the secret that contains the administration password. To create secrets, see Create Secrets for Passwords.
  8. Select the JDK version for Oracle WebLogic Server. The default JDK version is 8.

    Note:

    You can select the JDK version only for Oracle WebLogic Server 14.1.1.0.

Configure Advanced Parameters for a Domain

You can optionally specify additional parameters by selecting WLS Instance Advanced Configuration on the Configure Variables page of the Create Stack wizard.

Select WLS Instance Advanced Configuration if you want to change the default port numbers or remove the sample application, and specify the WebLogic startup arguments. You can use the server startup arguments to provide arguments to the Java Virtual Machine for WebLogic Server instances.
  • Cluster-related parameters are not applicable if you selected WebLogic Server Standard Edition.
  • The port numbers 9071-9074 are reserved for internal domain communication.
  • Optional: Specify the WebLogic Server Startup Arguments to scale out managed servers. When the servers are scaled out, any changes to the server startup arguments applies to the added nodes only. For example, -Xms1024m -Xmx1024m.

Configure Network Parameters

Define the Virtual Cloud Network (VCN) and subnet configuration for a private domain.

  1. Select a Virtual Cloud Network (VCN) strategy:
    • Select Use Existing VCN, and then select the name of the existing VCN.
    • Select Create New VCN, and then enter a name and CIDR for the new VCN.
  2. In the WebLogic Server Network section of the Configure Variables page, select the Network Compartment in which to create the network resources for this domain.
    If you don't specify a network compartment, then all the network resources and the domain compute instances are created in the stack compartment that you selected earlier upon launching the stack. Select a network compartment if you want the network resources to be in a different compartment than the compute instances.
  3. Select one of the following subnet strategies:
    • Select Use Existing Subnet.
    • Select Create New Subnet.

      Note:

      If you're creating a new VCN, you can only create a new regional subnet.
  4. If you use an existing VCN and subnet, validate the network and then enter YES in the Validated Existing Network field. To validate a network, see Validate Existing Network Setup.
  5. Select the Subnet Compartment to use for the existing subnet.

    The subnet compartment is different than the VCN compartment. The subnets for the WebLogic Server nodes, load balancer and the bastion node use this same subnet compartment.

    Note:

    You can specify the subnet compartment only if you're using an existing subnet.

  6. Keep the default Use Public Subnet selection.
  7. For the WebLogic Server subnet, specify one of the following:
    • If you want to use an existing regional subnet, then choose the name of an existing regional subnet from the list of regional and availability domain-specific subnets.
    • If you are creating a new regional subnet, specify a CIDR for the new subnet.
  8. Optional: If you are using a regional subnet, then from the WebLogic Admin Sever Availability Domain, select the availability domain in which you want to create the WebLogic administration server compute instance. If you do not select an availability domain, then by default, the compute instance is created in availability domain 1.

Configure a Bastion

You can configure a bastion compute instance on a public subnet to provide access to the WebLogic Server compute instances on a private subnet. However, creating the bastion node on public subnet is optional.

Note:

  • By default, Provision Bastion Node on Public Subnet is selected when an existing private subnet is selected. If you do not select this option, no status is returned for provisioning, then you must check the status of provisioning by connecting to each compute instance and confirm that the /u01/provStartMarker file exists with details found in the file /u01/logs/provisioning.log file.
  • It is recommended to deselect the Provision Bastion Node on Public Subnet option only in network with fast connect setup.
  • The Provision Bastion Node on Public Subnet option is not available when you are creating a new subnet for a new VCN or existing VCN.

To configure a bastion:

  1. If your want to use a bastion compute instance with a reserved public IP, then select Assign Reserved Public IP to Bastion Instance.
  2. For the bastion host subnet, specify one of the following:
    • If you want to use an existing regional subnet, then choose the name of an existing regional subnet from the list of regional and availability domain-specific subnets.
    • If you are creating a new regional subnet, specify a CIDR for the new subnet.
  3. Select a shape for the bastion compute instance.

Note:

You must provision a bastion to use VCN peering, as there are SSH requirements which require a bastion.

Configure a Load Balancer

You have the option to create a load balancer to distribute application traffic to the WebLogic Managed Servers. You can also use an existing load balancer for an existing VCN and an existing subnet, to distribute application traffic to the WebLogic Managed Servers.

Note:

If you enable autoscaling for WebLogic instances, you must configure a load balancer in Oracle Cloud Infrastructure when you create a stack, else the stack provisioning fails with a validation error.

To create a load balancer:

  1. Select Add Load Balancer, if not already selected.
    This option is selected by default.
  2. Configure the load balancer network.
    • If you chose to use an existing regional subnet for WebLogic Server, then select an existing regional subnet from the list of regional and availability domain-specific subnets. A load balancer can have only one regional subnet, which is shared between both nodes.

      Note:

      This option is not applicable if you use an existing load balancer.
    • If you chose to create a regional subnet for WebLogic Server, then specify a CIDR for the new load balancer subnet.
  3. Configure load balancer:
    • If you chose to create a new Virtual Cloud Network (VCN), or use an existing VCN and a new subnet:
      1. Select Create New Load Balancer.
    • If you chose to use an existing VCN and an existing subnet, you can do one of the following:
      1. Select Create Load Balancer.
      2. Select Use Existing Load Balancer.

        Note:

        The existing load balancer should be in the same compartment as the stack compartment, and should be in the same VCN as the existing VCN chosen for the stack.
        1. Specify the OCID for the existing load balancer.
        2. Enter the name of the backend set for the existing load balancer that has a routing policy associated with the backend set. The backend set should not have backends.

          See Configure the Load Balancer.

    • If you create a new load balancer, select Private Load Balancer, if you do not want to assign a public IP address to the load balancer.

      This option is available only if you use a private subnet for WebLogic Server. You cannot create a load balancer in a private subnet.

    • If you create a new load balancer, select Load Balancer with Reserved Public IP, if you want to use a public load balancer with a reserved public IP. Then, specify the OCID of the public IP for the load balancer.
    • If you create a new load balancer, select a minimum and maximum flexible load balancer shape.
      By default, the minimum bandwidth size is set to 10Mbps and maximum to 400Mbps.

      Note:

      You can update the shape to a maximum of 8000Mbps. Before you select the maximum bandwidth, ensure to check the available service limit for the flexible load balancer bandwidth.

Configure File Storage

When you create an Oracle WebLogic Server for OCI domain, you can add a file storage.

If you are not an administrator, the necessary groups and policies must be in place before you can create a domain.

To create a file storage:

  1. Select Add File System Storage.
  2. Configure the file storage:
    • If you chose to create a Virtual Cloud Network (VCN):
      1. Optional: Select the availability domain in which you want to create the file system and mount target.
      2. Specify the CIDR of the new subnet.
    • If you chose to use an existing VCN and a new subnet:
      1. Optional: Select the availability domain where you want to create the file system and mount target.
      2. Specify the CIDR of the new subnet.
    • If you chose to use an existing VCN and an existing subnet:
      • If you do not want to use an existing mount target or an existing file system:
        1. Optional: Select the availability domain where you want to create the file system and mount target.
        2. Select an existing subnet to use for the mount target. This subnet must be available in the selected VCN.
      • If you select Existing Mount Target:
        1. Select the compartment where you have the existing mount target. The mount target must reside within the subnet in the selected VCN.
        2. Specify the OCID of the existing mount target ID.
      • If you select Existing File System:
        1. Select an existing subnet to use for the mount target. This subnet must be available in the selected VCN.
        2. Select the compartment where you have the existing file system.
        3. Specify the OCID of the existing file system.
      • If you select both Existing Mount Target and Existing File System:
        1. Select the compartment where you have the existing mount target.
        2. Specify the OCID of the existing mount target ID.
        3. Select the compartment where you have the existing file system.
        4. Specify the OCID of the existing file system. The existing file system must be in the same availability domain as the existing mount target.

Create OCI Policies

When you create a basic domain in a private subnet, by default the OCI Policies check box is selected and Oracle WebLogic Server for OCI creates a dynamic group and relevant root-level (tenancy) policies for you.

If you are not an administrator, the necessary groups and policies must be in place before you can create a domain.

Before you deselect the check box, ask your administrator to create the required dynamic group and relevant policies, as described in Create a Dynamic Group and Create Policies for the Dynamic Group.

Configure WebLogic Authentication

You have the option to use Oracle Identity Cloud Service to authenticate application users for your domain.

This configuration is only available if the domain meets these requirements:

  • Running WebLogic Server 12c
  • Includes a load balancer

To use Oracle Identity Cloud Service for authentication:

  1. Select Enable Authentication Using Identity Cloud Service.
  2. Enter your Oracle Identity Cloud Service (IDCS) tenant name, which is also referred to as the instance ID.
    This ID is typically found in the URL that you use to access Oracle Identity Cloud Service, and has the format idcs-<GUID>.
  3. Enter the client ID of an existing confidential application in this Oracle Identity Cloud Service instance.
  4. Select the compartment where you have the IDCS secret and then select the secret that contains the confidential application password in IDCS. To create secrets, see Create Secrets for Passwords.
  5. If necessary, you can override the default domain name and port that you use to access Oracle Identity Cloud Service, or the default port that is used for the App Gateway software appliance.

Configure Database Parameters

A basic WebLogic Server 12c domain does not require a database.

A database is required only if you want to create a domain that includes the Java Required Files (JRF) components. Do not select the Provision with JRF checkbox if you're not creating a JRF-enabled domain.

To create a domain that uses a database for JRF components, see Create a JRF-Enabled Domain.

Configure a Data Source for an Application Database

When you create an Oracle WebLogic Server for OCI domain, you can configure the application database to create a data source configuration that enables you to connect to Oracle Autonomous Database or Oracle Cloud Infrastructure Database (DB System).

The database that you connect to is used to contain the schemas for the application database.

You can configure the application database only for Oracle WebLogic Server Enterprise Edition and Oracle WebLogic Suite.

Note:

You cannot configure the data source for an application database using database connect string.
If you selected the option to create a new VCN or selected the option to use an existing VCN with a new subnet, on the Configure Variables page, select the Configure Application Datasource checkbox to display the Database options. Then in the Application Database section, select the Application Database Strategy for your application database and configure the database parameters.

Note:

This is not applicable if you use an existing VCN and existing subnet, as the WebLogic server and database must be in the same VCN.
  • If using Oracle Autonomous Database, select or enter the following:
    • The compartment in which you've created the application database.
    • The autonomous database where you want to create the schemas for the application database.
    • The name of an autonomous database user to configure the application database.
    • Select the compartment where you have the application autonomous database secret and then select the secret that contains the application autonomous database user password in the autonomous database. To create secrets, see Create Secrets for Passwords.
    • The service level that the domain should use to connect to the application database for the selected autonomous database.
  • If using Database System, select or enter the following:
    • The compartment in which you've created the application database.
    • The DB system to use for this application database.
    • The compartment in which the application database's VCN is found.
    • The VCN on which you've created the application database. If this VCN is different than the WebLogic Server VCN, they cannot have overlapping CIDRs. For example, you cannot create a domain on VCN 10.0.0.0/16 that uses a database on VCN 10.0.0.1/24.
    • The database home within the selected application database system.
    • The version of the selected database home.
    • The database within the selected DB system where you want to create the schemas for the application database.
    • The Pluggable database (PDB) name, only if the selected application database is running Oracle Database 12c or later.
    • The name of a database user to configure the application database.
    • Select the compartment where you have the database secret and then select the secret that contains the application database user password. To create secrets, see Create Secrets for Passwords.
    • The application database listen port (1521 by default)
  • If using Database System, then Oracle WebLogic Server for OCI creates a security list in the VCN on which you've created the application database. This security list allows the WebLogic Server subnet to access the application database port. If this step isn't required or you don't have the correct permissions to modify the database network, clear the Create Application Database Security List check box.

Set Local VCN Peering for an Application Database

If you selected the option to create a new VCN or selected the option to use an existing VCN with a new subnet for the WebLogic Server compute instances and the Oracle Cloud Infrastructure Application Database, you can either disable the local VCN peering or configure the local VCN peering for the Application Database.

Ensure that the VCNs for WebLogic Server compute instances and the Oracle Cloud Infrastructure Application Database are peered before creating the stack for the Oracle WebLogic Server for OCI domain. See Local VCN Peering to peer the VCNs manually. In this case, the stack is provisioned based on the database private IP address.

Note:

This is not applicable if you use an existing VCN and existing subnet, as the WebLogic server and database must be in the same VCN.

If you choose to create a virtual cloud network for an Oracle WebLogic Server domain, use Oracle WebLogic Server for OCI to create a Local Peering Gateway, else create a network with VCN peering and then use this existing network to provision the domain.

Note:

You must provision a bastion to use VCN peering, as there are SSH requirements which require a bastion.

If the VCNs for WebLogic Server compute instances and the Oracle Cloud Infrastructure Application Database system have not been peered, you can use Oracle WebLogic Server for OCI to update the two VCNs so that they can communicate.

Oracle WebLogic Server for OCI creates a public subnet in each VCN, and then creates a compute instance in each subnet. These compute instances run software to forward DNS requests across the VCNs.

You cannot use existing subnets for the DNS Forwarder compute instances.

  1. Specify a CIDR for the new subnet in the WebLogic Server VCN.
  2. Specify a CIDR for the new subnet in the application database VCN.
  3. Select a shape for the new DNS Forwarder compute instance in each VCN.

Configure Observability

Oracle WebLogic Server for OCI can optionally export logs to OCI Logging Service, and provide visibility into the performance of applications using the Oracle Cloud Infrastructure Application Performance Monitoring (APM) service.

Select Configure Observability to enable logging and monitoring service integration for your WebLogic instances.

  • Select Enable exporting logs to OCI Logging Service to enable logging for the WebLogic instances.
  • Select Enable Application Performance Monitoring to export WebLogic metrics using Application Performance Monitoring (APM) Java Agent and create dashboards with WebLogic specific metrics. This is required for metric-based autoscaling of instances.

    Specify the OCID of the Application Performance Monitoring domain and the private data key for your existing Application Performance Monitoring domain.

When you enable Application Performance Monitoring, you can use autoscaling to scale out or scale in instances. See Configure Autoscaling.

Note:

If you enable autoscaling, you cannot use the always free Application Performance Monitoring domain.

Configure Autoscaling

When you create an Oracle WebLogic Server for OCI domain, you can enable autoscaling for WebLogic instances.

This configuration is only available if Application Performance Monitoring is enabled for the WebLogic instance. See Configure Observability. Application Performance Monitoring always free domain is not supported for autoscaling.

Note:

You cannot enable autoscaling after you have created the Oracle WebLogic Server for OCI domain.

For autoscaling, ensure that you configure either public load balancer, private load balancer, or load balancer with reserved IP.

To enable autoscaling:

  1. Select Enable Autoscaling.
  2. Select a performance metric for the WebLogic Monitoring Metrics.
  3. Specify the threshold values as follows:
    • For CPU Load and Used Heap Percent, select the minimum and maximum threshold percentage.
    • For Queue Length and Stuck threads, select the minimum and maximum threshold counter values.
  4. Enter a user name to access the image in the registry to deploy autoscaling OCI functions.
  5. Select the compartment where you have the registry authentication token and then select the secret that contains the registry authentication token that you generated for the user to access the image registry.
  6. Optional: Enter the email ID to receive scaling notifications.
    It is recommended to subscribe to email notifications.

Configure Tags

Oracle WebLogic Server for OCI can optionally assign tags to the resources (compute, network, and so on) that it creates for your domain.

Tagging allows you to define keys and values and associate them with resources. You can then use the tags to help you organize and find resources based on your business needs. There are separate fields to tag the stack and to tag the resources created within the stack.

  1. Select Create Tags.
  2. To assign a free-form tag, enter the Tag Key and Value.
    Free-form tag keys and values are case sensitive. For example, costcenter and CostCenter are treated as different tags.
  3. To assign an existing tag, for Tag Namespace, select a defined tag, and then select the Tag Key and Value. If no value is displayed for the Tag Key, enter the Value.
  4. Click Additional Tag to assign additional free-form or defined tags.

Create the Domain Stack

After you have specified the WebLogic instance variables, finish creating the domain stack.

On the Review page of the Create Stack wizard, review the information you have provided, and then click Create.

The Job Details page of the stack in Resource Manager is displayed. A stack creation job name has the format ormjobyyyymmddnnnnnn. (for example, ormjob20190919165004). Periodically monitor the progress of the job until it is finished. If an email address is associated with your user profile, you will receive an email notification. In the Application Information tab, you can directly access the OCI resources using the WebLogic instance IP and the bastion instance IP.

Note:

If there is an error during the creation of the stack, the compute, network, and other resources in the stack are not automatically deleted. If you want to delete the failed stack, see Delete a Stack.

Use Your New Domain

Access and manage your new domain after creating a stack with Oracle WebLogic Server for OCI.

Typical tasks that you might perform after creating a domain: