Oracle by Example brandingCreate a JRF-Enabled Domain Using Oracle WebLogic Server for OCI and a DB System Database

section 0Before You Begin

This 45-minute tutorial shows you how to use Oracle Cloud Infrastructure Marketplace and a DB System database to provision an Oracle WebLogic Server domain and cluster that includes Java Required Files (JRF) components. The tutorial also shows you how to create a Java Database Connectivity (JDBC) custom data source for the DB System database.


You can use Oracle WebLogic Server for Oracle Cloud Infrastructure (Oracle WebLogic Server for OCI) applications in the Oracle Cloud Infrastructure Marketplace to provision a cluster of WebLogic Server nodes. The first node hosts the administration server for the domain along with the first managed server. This service can also provision a load balancer to distribute application traffic across the servers in your cluster. Marketplace uses Oracle Resource Manager to provision the network, compute instances, and load balancer as a single unit called a stack.

Oracle Cloud Infrastructure Marketplace offers separate services for:

  • Oracle WebLogic Server Standard Edition
  • Oracle WebLogic Server Enterprise Edition - includes clustering
  • Oracle WebLogic Suite - includes Oracle Coherence for increased performance and scalability, and Active Gridlink for RAC for advanced database connectivity

This tutorial uses Oracle WebLogic Server for OCI to create subnets in an existing virtual cloud network (VCN) to support WebLogic Server 12c with a load balancer. You can also use existing subnets if desired. By default the WebLogic Server subnet is public and accessible from external clients, but Oracle WebLogic Server for OCI can provision WebLogic Server in a private subnet. Oracle WebLogic Server for OCI also supports provisioning WebLogic Server in a different VCN than the one used by the database.

This tutorial creates a WebLogic Server JRF-enabled domain that includes the Java Required Files components for building applications with Oracle Application Development Framework (ADF). An existing Oracle Cloud Infrastructure DB System or Oracle Autonomous Database is required in order to provision a JRF-enabled domain. This tutorial uses a DB System 12.x database to contain the JRF components.

Provisioning a domain in Oracle WebLogic Server for OCI requires one or more secrets in Oracle Cloud Infrastructure Vault. Secrets store one or more passwords you would require when creating a WebLogic Server cluster. This tutorial uses a standard vault, which is hosted on a hardware security module (HSM) partition with multiple tenants, and uses a more cost-efficient, key-based metric for billing purposes. A virtual private vault provides greater isolation and performance by allocating a dedicated partition on an HSM. Each type of vault has a separate service limit in your Oracle Cloud Infrastructure tenancy. The limit for secrets spans all vaults. See Service Limits and Oracle Cloud Infrastructure Vault FAQ.

You can estimate the cost of the resources and services that you want to use to provision your instance. See Oracle Cloud Cost Estimator.

What Do You Need?

  • Your Oracle Cloud Infrastructure user name and password. You must belong to at least one group.

    You must be an Oracle Cloud Infrastructure administrator. If you are not an administrator, you must be able to create dynamic groups and policies, use secrets, and view tenancies in your tenancy.

    Controlled access to these tenancy resources are defined in a root-level policy that is typically created by the Oracle Cloud Infrastructure administrator. For a sample root-level policy, download the text file.

  • An Oracle Cloud Infrastructure compartment.

    This tutorial uses a single compartment, which contains the DB System database you intend to use for the JRF-enabled domain, and the compute instances, load balancer, and network resources that will be created for the domain.

    See Managing Compartments.

  • A dynamic group that lists the OCID of the compartment in which users who are not administrators can create domains. The Oracle Cloud Infrastructure administrator creates this dynamic group. For a sample dynamic group, download the text file and replace the value with your compartment OCID. For dynamic group policies, see this text file.

    See Managing Dynamic Groups.

  • A compartment-level Oracle Cloud Infrastructure policy that enables you to work with resources and create resources in the compartment you intend to use.

    If you are not an administrator:

    • You must be able to access Marketplace applications and Resource Manager to create stacks and jobs, compute instances, networks (optional), and load balancers (optional) in the compartment.
    • You must also be able to create vaults, keys, and secrets in the compartment.
    • You must be able to list databases in the compartment that contains your database, and to create network resources in the same compartment.

    See Common Policies. For a sample compartment-level policy, download the text file.

  • An SSH public key and corresponding private key.
  • A bare metal or virtual machine DB System 12.x or higher database. See Creating Bare Metal and Virtual Machine DB Systems.

    This tutorial uses a virtual machine DB System database for a JRF-enabled domain based on Oracle WebLogic Server 12c. See the text file. You'll need the database name and host name for your DB System database. You'll also need the PDB name, the compartment and VCN where the database is located, and the private key of the SSH key pair that was used to create the database.

    By default Oracle WebLogic Server for OCI creates a security list in the VCN on which the database to contain the JRF components is created. This security list allows the WebLogic Server subnet to access the database port.

  • (Optional) A database user other than SYS for the custom data source.

section 1Create a Vault and a Key

  1. Sign in to the Oracle Cloud Infrastructure console.
  2. Click the navigation menu Menu icon. select Identity & Security, and then click Vault.
  3. Select your Compartment, if not already selected.
  4. Click Create Vault.
  5. For Name, enter WebLogicOCIVault.
  6. Click Create.
  7. Click the new vault.
  8. Click Master Encryption Keys, and then click Create Key.
  9. For Name, enter WebLogicOCIKey.
  10. Click Create Key.

    Wait for the key to be created and enabled.

section 2Create Secrets for Your WebLogic and Database Passwords

  1. In the vault, click Secrets, and then click Create Secret.
  2. For Name, enter WebLogicAdminSecret.
  3. Select the key WebLogicOCIKey that you created.
  4. For Secret Contents, enter the password you want to use for the WebLogic Server administrator.
  5. Click Create Secret.

    Wait for the secret to be created.

  6. Click the secret name.
  7. Copy the OCID for the WebLogic administrator secret.
  8. Repeat steps 1 through 7 to create a secret for the password of the SYS user to access the DB System database you intend to use.

section 3Obtain Database Information

  1. In the Oracle Cloud Infrastructure console, click the navigation menu Menu icon. Select Oracle Database, and then click Bare Metal, VM, and Exadata.
  2. Select the Compartment where the DB System database is created.
  3. Click the name of your DB System.

    The DB System Details page displays.

  4. Under Network, locate and copy the values for VCN, Port, Hostname Prefix, and Host Domain Name.
  5. Click Copy at the end of the Scan DNS Name value. Save the value.

    This step is not applicable if you're using a bare metal database.

  6. In the Databases table, click your database name, then take note of the values for Database Home and Database Version.
  7. Return to the DB System Details page. Under Resources, click Nodes. Then copy the Public IP Address of the node.
  8. Open an SSH connection to the database node as the opc user.

    Tip: You can create an SSH connection from Cloud Shell if you download your database's private key.

    ssh -i <path_to_db_private_key> opc@<db_node_public_ip>

  9. Switch to the oracle user.

    sudo su oracle

  10. Use SQL*Plus to connect to the database as the sys user using the sysdba privilege.

    sqlplus / as sysdba

  11. To verify the PDB name of your database, execute the following command.

    show pdbs

section 4Create a Stack that Uses the DB System Database

  1. Click the navigation menu Menu icon, select Marketplace, and then click All Applications.
  2. Click one of the following Oracle WebLogic applications:
    • Oracle WebLogic Server Standard Edition BYOL
    • Oracle WebLogic Server Enterprise Edition BYOL
    • Oracle WebLogic Server Enterprise Edition UCM
    • Oracle WebLogic Suite BYOL
    • Oracle WebLogic Suite UCM

    Note: If you choose Standard Edition, the target of the custom data source cannot be a cluster.

  3. Select a WLS 12c version.
  4. Select the Compartment where you created the DB System database.

    In this tutorial, WebLogic Server and the database are located in the same compartment and VCN.

  5. Select the Oracle Standard Terms and Restrictions check box, and then click Launch Stack.

    The Create Stack page displays.

  6. For Name, enter MyDBSWLStack.
  7. Click Next.

    The Configure Variables page displays.

  8. For Resource Name Prefix, enter MyDBSWLS.
  9. For WebLogic Server Shape, select the shape of the compute instances.

    See Compute Shapes.

    If you select a flexible shape, for OCPU Count, select the OCPU count for the compute instances.
  10. For SSH Public Key, upload the SSH public key file or paste the contents of your SSH public key file.

    After creating the stack, you can connect to the WebLogic Server compute instances by using an SSH client and the corresponding private key.

  11. For WebLogic Server Node Count, select 2.
  12. For WebLogic Server Admin User Name, enter the administrator user name for the new WebLogic Server domain.
  13. For Secrets OCID for WebLogic Server Admin Password, enter the OCID of the secret you created to contain the password for the WebLogic Server administrator.
  14. For Network Compartment, select the same compartment that you selected earlier upon launching the stack.
  15. For Virtual Cloud Network Strategy, select Use Existing VCN and then select the VCN where the database was created.
  16. For Subnet Strategy, select Create New Subnet.
  17. For Subnet Type, select Use Private Subnet.

  18. For WebLogic Server Subnet CIDR, enter a CIDR for the new subnet.
  19. For Bastion Host Subnet CIDR, enter a CIDR for the new subnet.
  20. For Bastion Host Shape, select VM.Standard2.1.
  21. Click Add Load Balancer.
  22. For Create or Use Existing Load Balancer, select Create New Load Balancer.
  23. For Load Balancer Subnet CIDR, enter a CIDR for the new load balancer subnet.
  24. For Minimum Bandwidth For Load Balancer Flexible Shape and for Maximum Bandwidth For Load Balancer Flexible Shape, retain the default values.

    This creates a flexible load balancer with the specified minimum and maximum bandwidth.

  25. Select Add File System Storage.
  26. For File Storage Availability Domain, select the availability domain in which you want to create the file system and mount target.
  27. For Existing Mount Target Compartment, select the compartment where you have subnet for existing mount target.
  28. For Existing Subnet for mount Target, select the existing subnet to use for mount target.

    Note: This subnet must be available in the selected VCN.

  29. Ensure the OCI Policies check box is selected.
  30. Click Provision with JRF. Then for Database Strategy, select Database System.
  31. For DB System Compartment, select the same compartment that you selected earlier.
  32. Select your DB System.
  33. For DB System Network Compartment and DB System Network, select the same compartment and VCN that you selected earlier.
  34. Ensure the Create DB Security List check box is selected.
  35. Select the Database Home, Version of Database Home, and Database in the selected DB System.
  36. Enter the PDB when the selected database is running Oracle Database 12c or later.
  37. For Secrets OCID for Database Administrator Password, enter the OCID of the secret you created to contain the password for the SYS user in the database you selected.
  38. Enter the Database Listener Port.
  39. Click Next to verify your configuration variables.
  40. Click Create.

    The Job Details page of your stack is displayed in Resource Manager.

    An Apply job is started to provision your stack. To return to this page at a later time, click the navigation menu Menu icon, select Resource Manager, and then click Jobs.

  41. Periodically monitor the progress of the Apply job until it is finished.

    If an email address is associated with your user profile, you will receive an email notification.

  42. If the job is in the Failed state, click the job name to view the logs.

section 5Access the WebLogic and Fusion Middleware Consoles

  1. From the Job Details page, click Application Information.
  2. For Web Logic Instances, click Show, and note the Private IP Address for the compute instance of the first node, MyDBSWLS-wls-0.
  3. For Bastion Instance, click Show, and note the Public IP Address for the compute instance, MyDBSWLS-bastion-instance.
  4. From your computer, open an SSH tunnel to use dynamic port forwarding to an unused port on the bastion compute instance. Connect as the opc user and provide the path to the private key that corresponds to the public key that you specified when you created the stack.

    The SSH command format is:

    ssh -C -D port_for_socks_proxy -i path_to_private_key opc@bastion_public_ip

    The following example uses port 1088 for SOCKS proxy:

    ssh -C -D 1088 -i ~/.ssh/mykey.openssh opc@

  5. In your browser settings, set up the SOCKS (version 5) proxy configuration. Specify your local computer and the same SOCKS port that you used in your SSH command.
  6. Under Application Information, click the Web Logic Server Administration Console URL.


    The WebLogic Server Administration Console is displayed.

  7. Enter the administrator credentials for the domain.
  8. In the Domain Structure panel on the left, note the domain name, MyDBSWLS_domain.
  9. Click Deployments, then click Next to browse the table.

    Various libraries, modules, and components are installed for a JRF-enabled domain.

    The application sample-app is also deployed.

  10. Log out from the WebLogic Console.
  11. Browse to the following URL, then enter the administrator credentials for the domain:


    The Fusion Middleware Control Console is displayed.

  12. Click Deployments. Verify the sample-app application is deployed.
  13. Log out from the Fusion Middleware Control Console.
  14. Return to the Oracle Cloud Infrastructure console.
  15. Click the navigation menu Menu icon, select Networking, and then click Load Balancers.
  16. Click MyDBSWLS-lb. This is the load balancer instance.
  17. Identify the IP Address for this load balancer.
  18. Browse to the following URL:


    The sample application is displayed.

  19. Return to the load balancer in the Oracle Cloud Infrastructure console.
  20. Click the Virtual Cloud Network link.
  21. Identify the subnets that were created for your stack.

section 6Create a JDBC Custom Data Source for the DB System Database

  1. Access the WebLogic Server Administration Console. In the Change Center box, click Lock & Edit.
  2. Expand Services and click Data Sources.
  3. Click New, and then select Generic Data Source.
  4. For Name, enter MyDBSDS.
  5. For JNDI Name, enter jdbc/MyDBSDS.
  6. For Database Type, accept the value Oracle. Click Next.
  7. For Database Driver, select Oracle's Driver (Thin) for Service connections; Versions:Any.
  8. Click Next twice to advance to the Connection Properties page.
  9. For Database Name and Host Name, enter the values based on your DB System database.

    To construct the database name and host name, see the text file.

  10. For Port, enter the database listen port (1521 by default).
  11. For Database User Name, enter sys as sysdba or any user who has been granted database access.
  12. Enter the Password for the database user, and re-enter the password to confirm.
  13. Click Next, then verify the URL has the appropriate format based on your selected database.

    Example of the URL for a virtual machine 12.x database connection:


  14. Click Test Configuration. When successful, the following message displays: Connection test succeeded.
  15. Click Next to select the target for your custom data source.
  16. If you created a domain using WLS Standard Edition, select the first managed server, MyDBSWLS_server_1. Otherwise, select all servers in the cluster.
  17. Click Finish.

    Your custom data source is listed in the Data Sources table.

  18. In the Change Center, click Activate Changes.

more informationWant to Learn More?