About Creating a Domain

Learn about the options you have when creating a domain with Oracle WebLogic Server for OCI.

You have several options to choose from when you create a domain:

  • Billing Type

    With Universal Credits (also called UCM), you are billed for the cost of the Oracle WebLogic Server license (based on OCPUs per hour) in addition to the cost of the compute resources. This option is not available for Oracle WebLogic Server Standard Edition.

    With Bring Your Own License (BYOL), you reuse your existing on-premises Oracle WebLogic Server licenses in Oracle Cloud. You are billed only for the cost of the compute resources.

  • Domain Type and Database

    A basic domain does not require an existing database. See Create a Basic Domain.

    A JRF-enabled domain requires access to an existing Oracle Autonomous Database or Oracle Cloud Infrastructure Database (DB System). A JRF-enabled domain includes the Java Required Files (JRF) components, and the database is used to contain the JRF schema.

    All Oracle WebLogic Server 11g domains include JRF and require an Oracle Cloud Infrastructure Database (DB System).

    See Create a JRF-Enabled Domain and Create a Database.

  • Virtual Cloud Network (VCN)

    Oracle WebLogic Server for OCI can create a VCN for you when you create a domain, or you can create a VCN before you create the domain. If you create a new VCN, you must specify a contiguous CIDR block of your choice.

    If you create a JRF-enabled domain and select an Oracle Cloud Infrastructure Database (DB System) in a different VCN, then Oracle WebLogic Server for OCI configures local peering between the two VCNs.

  • Subnet

    Oracle WebLogic Server for OCI can create a new subnet for the WebLogic Server compute instances, or you can specify a subnet that you have already created. You must specify a CIDR if you create a new subnet.

    If you create a new VCN, you can only create a new regional subnet that spans the entire region.

  • Network Access

    The subnet for the WebLogic domain can be public or private. If the subnet is private, the nodes cannot be accessed directly from outside of Oracle Cloud. When you create a domain on a private subnet, you can specify a public subnet for the bastion host. Oracle WebLogic Server for OCI creates this compute instance to enable you to administer the WebLogic nodes.

    If you already have an existing bastion to provide public access to the compute instances, or if you already have a VPN connection to your on-premise network, then you can delete the bastion created by Oracle WebLogic Server for OCI.

    See Create a Basic Domain in a Private Subnet.

    Note:

    • Configuring a bastion is optional.

      If you do not configure a bastion, no status is returned for provisioning. See Configure a Bastion.

    • It is recommended to not configure a bastion, that is deselect the Provision Bastion Node on Public Subnet option, only in network with fast connect setup
  • Load Balancer

    When you create a domain, Oracle WebLogic Server for OCI can also create a load balancer to distribute application traffic to the WebLogic cluster. A load balancer consists of primary and standby nodes but it is accessible from a single IP address. If the primary node fails, traffic is automatically routed to the standby node.

    If you use a regional subnet for the WebLogic Server compute instances, use a regional subnet for the load balancer. The regional subnet is shared between both load balancer nodes.

    By default, the load balancer is public. You can also provision a public load balancer with a reserved public IP. If you create a domain in a private subnet, then you can provision a public or private load balancer. A private load balancer does not have a public IP address and cannot be accessed from outside of Oracle Cloud.

    Oracle WebLogic Server for OCI configures the load balancer to use Secure Socket Layer (SSL). A demonstration self-signed certificate is attached to the HTTPS listener. Oracle recommends you add your own SSL certificate to the load balancer after creating the domain. All traffic between the load balancer and compute instances uses HTTP.

  • Oracle Cloud Infrastructure Root Policies and Dynamic Group

    When you create a domain, by default Oracle WebLogic Server for OCI creates a dynamic group and one or more root-level (tenancy) policies that allow the compute instances in the domain to access:

    • Keys and secrets in Oracle Cloud Infrastructure Vault
    • Load balancer resources
    • The database wallet if you're using Oracle Autonomous Database to contain the required infrastructure schemas for a JRF-enabled domain
    • The database network resources if you're using Oracle Cloud Infrastructure Database (DB System) to contain the required infrastructure schemas for a JRF-enabled domain
  • Authentication

    By default, the domain is configured to use the local WebLogic Server identity store to maintain users, groups, and roles. Alternatively, a domain running WebLogic Server 12c can use Oracle Identity Cloud Service to authenticate users.

    In order to use Oracle Identity Cloud Service, you must create a domain that includes a load balancer.

  • Security List for DB System

    When you create a JRF-enabled domain and use Oracle Cloud Infrastructure Database (DB System) to contain the JRF components, by default Oracle WebLogic Server for OCI creates a security list on the database's VCN that allows the WebLogic Server subnet to access the database.