Before You Begin with Oracle Essbase

Before you begin to set up Oracle Essbase deployment, here are pre-requisite lists of metadata you must gather and tasks that you must complete.

The quick-start process, which deploys Essbase on Oracle Cloud Infrastructure using Marketplace, uses default settings on Marketplace. The process assumes, and at times provides, less prohibitive access to infrastructure components. You're recommended to use the information here, as well as the default settings, only as a guide, and to determine the appropriate security and access requirements for your organization. You can also use Oracle Cloud Infrastructure documentation as a reference.

When Essbase is deployed on Oracle Cloud Infrastructure, you receive access to the required services based on your defined role and policies, including Oracle Cloud Infrastructure Compute Service and Oracle Identity Cloud Service.

A text worklist is provided at the end of this page, which you can copy to a text file and use for storing names, IDs, and other values needed during setup.

Table 2-1 Pre-deployment metadata

Prerequisite Metadata Links to overviews and tasks / examples Record values needed for deployment Verify completion
Account and environment for Oracle Cloud Infrastructure (OCI) - Account
Command Line Interface (CLI) tool installed from OCI CLI Quickstart -
User name for OCI administrator Administrator Access Requirements Admin user name and password
Identity Cloud Service (IDCS) system administrator user ID (or create it later with REST API for IDCS) Administrator Access Requirements IDCS system admin user ID
IDCS Essbase administrator user name, as defined during stack creation Administrator Access Requirements Initial Essbase administrator name
Sufficient quota in target region and target availability domain Regions and Availability Domains

Region

Availability domain

Encryption key to encrypt your Essbase administrator password, DB system administrator password and IDCS application client secret, using Oracle Cloud Infrastructure Vault provisioning encryption (prior to version 19.3.0.3.4 this was known as Key Management and KMS) Create Vault and Encrypt Values (Note: Prior to version 19.3.0.3.4, these values were: KMS key OCID and KMS service endpoint)

Vault encryption key OCID

Vault cypto endpoint

See Overview of Vault and Using Keys in Oracle Cloud Infrastructure documentation.

[Optional] Load balancer to specify shape and subnets Overview of Load Balancing Load balancer shape and subnets
Compute shape for Essbase compute instance Supported Compute Shapes Compute shape
[Optional] Use existing network setup option - if used, you must configure network infrastructure with security lists, or ask Oracle Support to create an instance Creating a Virtual Cloud Network Existing virtual cloud network Name
Essbase administrator user name, as defined during stack creation. User can be same as IDCS admin name. Administrator Access Requirements Also known asEssbase 911 user name (administrator who manages the WebLogic server on which Essbase runs)
Essbase Node Public IP - If creating a private Essbase subnet, and deploying a Bastion host, record Bastion node public IP, and Essbase node private IP. Otherwise record Essbase node public IP.
Essbase URL for Essbase web interface and confidential application use - Essbase URL
[Optional] Enable Monitoring service (Added for version 19.3.0.3.4) Monitor Operations and Resources Using Oracle Cloud Infrastructure Monitoring Service    
[Optional] Enable and set up Notifications service (Added for version 19.3.0.3.4) Get Event Notifications Using Oracle Cloud Infrastructure Notifications Service Notifications topic OCID  

Table 2-2 Pre-deployment tasks to be completed

Prerequisite Tasks Links to overviews and tasks / examples Record values needed for deployment Verify completion
1. Select one of these database options:
  • Oracle Autonomous Database deployed by Oracle
  • Existing Oracle Autonomous Database (shared (ADB-S) or dedicated (ADB-D)) that you deployed from Oracle Cloud Infrastructure Console
  • Existing Database System that you deployed from Oracle Cloud Infrastructure
  • For Oracle-created database: admin name and password
  • For existing Autonomous database: admin name and password, and compartment
  • For existing Database System: admin name and password, database name and home, and compartment
2. As shown in the table above, if you haven't already done so, use Oracle Cloud Infrastructure Vault provisioning encryption for:
  • Essbase administrator password
  • Database system administrator password
  • Identity Cloud Service application client secret
Create Vault and Encrypt Values (Note: Prior to version 19.3.0.3.4, these values were: KMS key OCID and KMS service endpoint)

Vault encryption key OCID

Vault crypto endpoint

4. Log in to OCI tenancy as Administrator - In OCI console, log in to your tenancy as the admin subscribed to that tenancy. [Optional]: Create OCI admin user - Add user to admin group (Identity>Groups>Administrator>Create User), close browser, change password using email you receive, and log in as new admin. Administrator Access Requirements -
3. Create an SSH key pair - In Oracle Cloud Infrastructure (OCI) console, create SSH public key and corresponding private key to access Essbase compute instances. Creating a Key Pair

SSH public key

Path to private key

5. Create compartment(s) - In OCI console, choose or create a compartment (Identity>Compartments>Create Compartment) where you want to deploy Essbase. Choosing a Compartment Compartment ID (OCID) and name
6. Create dynamic group - In OCI console, create a dynamic group to allow resources to allow OCI resources to be created and networked together dynamically without explicit approvals. You can associate groups with policies. Create Dynamic Groups Dynamic group name
7. Set up policies - In OCI console, set up policies to enable you to manage or create resources in OCI. Set Up Policies

See also Common Policies and How Policies Work.

Policy statements (enter in text worklist doc for entry convenience)
8. Set up Essbase access - In Oracle Identity Cloud Service (IDCS), set up Essbase access. Set Up Essbase Access in Identity Cloud Service -
9. Set up confidential application to register Essbase - In Oracle Identity Cloud Service, for each compartment in which you plan to deploy Essbase, create a confidential Oracle Identity Cloud Service application, and activate the confidential application. Create a Confidential Identity Cloud Service Application

Confidential application name

IDCS Instance GUID

IDCS Application Client ID

IDCS Application Client Secret

Storing Recorded Metadata for Deployment

Copy and paste the following to a text file, for your convenience, and enter the relevant values, to be used during deployment. If you fail to record any needed deployment metadata, an Oracle Cloud Infrastructure administrator can collect them from the Variables page or Application Information page of the Oracle Resource Manager. Make sure to protect and dispose of the metadata text file appropriately. (Note changes listed above for Vault metadata names before version 19.3.0.3.4.)


Region:
Target availability domain:
Oracle Cloud Infrastructure administrator user:
OCI administrator group name:
IDCS system administrator:
DB system admin password:
Vault encryption key OCID:
Vault crypto endpoint:
Existing virtual cloud network name (optional):
Compute node shape:
Essbase node OCID (OCI ID of the compute node):
Bastion host instance OCID (OCID ID of bastion compute node if created):
Load balancer shape and subnets (optional):
SSH-2 RMA key pair, stored locally:
Path to private key:
Compartment ID:
Compartment name:
Dynamic group name:
Policy statements:
Confidential application details
 Name:
 IDCS instance GUID (IDCS host):
 IDCS application client ID:
 IDCS application client secret:
IDCS Essbase admin user and password (Initial Essbase admin):
Essbase admin user (also known as WebLogic user--defined during stack creation):
SSH access details:
  Bastion node public IP (optional):
  Essbase node private IP (when creating private subnet):
  Essbase node public IP (when not creating private subnet): 
  Essbase URL (for web interface):
  Essbase IP (for confidential application):
Notification topic OCID (optional):