6 Procuring Resources for an On-Premises Enterprise Deployment
It is essential to procure the required hardware resources before you configure the on-premises Oracle Identity and Access Management reference topology. These resources include load balancer, host computers, and operating systems.
This chapter includes the following topics:
- Load Balancer Requirements
The enterprise topology uses an external load balancer. - Host Computer Requirements
Ensure that the host computers you procure are configured to support the enterprise deployment topologies. - Operating System Requirements
The Oracle Fusion Middleware software products and components that are described in this guide are certified on various operating systems and platforms. - About Private Networks
A private network enables you to keep inter-application communications within the private network, providing communication that is both faster and more secure. By keeping inter-application traffic inside the private network, you do not expose traffic to the internet. To use a private network, you have to create a private VLAN.
Parent topic: Preparing for an Enterprise Deployment
Load Balancer Requirements
The enterprise topology uses an external load balancer.
The features of the external load balancer are:
-
Ability to load-balance traffic to a pool of real servers through a virtual host name: Clients access services by using the virtual host name (instead of using actual host names). The load balancer can then load balance requests to the servers in the pool.
-
Port translation configuration should be possible so that incoming requests on the virtual host name and port are directed to a different port on the backend servers.
-
Monitoring of ports on the servers in the pool to determine availability of a service.
-
Ability to configure names and ports on your external load balancer. The virtual server names and ports must meet the following requirements:
-
The load balancer should allow configuration of multiple virtual servers. For each virtual server, the load balancer should allow configuration of traffic management on more than one port. For example, for Oracle HTTP Server in the web tier, the load balancer needs to be configured with a virtual server and ports for HTTP and HTTPS traffic.
-
The virtual server names must be associated with IP addresses and be part of your DNS. Clients must be able to access the external load balancer through the virtual server names.
-
-
Ability to detect node failures and immediately stop routing traffic to the failed node.
-
It is highly recommended that you configure the load balancer to be in fault-tolerant mode.
-
It is highly recommended that you configure the load balancer virtual server to return immediately to the calling client when the backend services to which it forwards traffic are unavailable. This is preferred over the client disconnecting on its own after a timeout based on the TCP/IP settings on the client machine.
-
Ability to maintain sticky connections to components. Examples of this include cookie-based persistence, IP-based persistence, and so on.
-
The load balancer should be able to terminate SSL requests at the load balancer and forward traffic to the backend real servers by using the equivalent non-SSL protocol (for example, HTTPS to HTTP).
-
SSL acceleration (this feature is recommended, but not required for the enterprise topology).
Host Computer Requirements
Ensure that the host computers you procure are configured to support the enterprise deployment topologies.
- General Considerations for Enterprise Deployment Host Computers
This section specifies the general considerations that are required for the enterprise deployment host computers. - Reviewing the Oracle Fusion Middleware System Requirements
The system requirements information help you ensure that the environment meets the necessary minimum requirements. - Typical Memory, File Descriptors, and Processes Required for an Enterprise Deployment
This section specifies the typical memory, number of file descriptors, and operating system processes and tasks details that are required for an enterprise deployment. - Typical Disk Space Requirements for an Enterprise Deployment
This section specifies the disk space that is typically required for this enterprise deployment.
General Considerations for Enterprise Deployment Host Computers
This section specifies the general considerations that are required for the enterprise deployment host computers.
Before you start the process of configuring an Oracle Fusion Middleware enterprise deployment, you must perform the appropriate capacity planning to determine the number of nodes, CPUs, and memory requirements for each node depending on the specific system's load as well as the throughput and response requirements. These requirements vary for each application or custom Oracle Identity and Access Management system being used.
In a Kubernetes deployment, the container that runs the Oracle FMW product is placed onto a Kubernetes worker node which must have sufficient capacity to run the service.
It is easy to assume that you will have the same number of worker nodes as you would have in a traditional enterprise deployment. However, to make the best use of Kubernetes, you should have a cluster of nodes which have enough redundant capacity for scaling the topology and managing unplanned outages.
This chapter provides general guidelines and information that help you determine the host computer requirements. It does not replace the need to perform capacity planning for your specific production environment.
Parent topic: Host Computer Requirements
Reviewing the Oracle Fusion Middleware System Requirements
The system requirements information help you ensure that the environment meets the necessary minimum requirements.
Note:
These requirements are based on the Bare Metal Fusion Middleware deployments. Additional capacity, including memory and CPU capacity, should be added to manage Kubernetes overheads.Review the Oracle Fusion Middleware System Requirements and Specifications to ensure that your environment meets the minimum installation requirements for the products that you are installing.
The Requirements and Specifications document contains information about general Oracle Fusion Middleware hardware and software requirements, minimum disk space and memory requirements, database schema requirements, and the required operating system libraries and packages.
It also provides some general guidelines for estimating the memory requirements for your Oracle Fusion Middleware deployment.
Parent topic: Host Computer Requirements
Typical Memory, File Descriptors, and Processes Required for an Enterprise Deployment
This section specifies the typical memory, number of file descriptors, and operating system processes and tasks details that are required for an enterprise deployment.
The following table summarizes the memory, file descriptors, and processes required for the Administration Server and each of the Managed Servers computers in a typical Oracle Identity and Access Management enterprise deployment. These values are provided as an example only, but they can be used to estimate the minimum amount of memory required for an initial enterprise deployment.
The example in this topic reflects the minimum requirements for configuring the Managed Servers and other services required on OAMHOST1, as depicted in the reference topologies.
When you procure systems, use the information in the Approximate Top Memory column as a guide when determining the minimum physical memory that each host computer should have available.
After you procure the host computer hardware and verify the operating system requirements, review the software configuration to be sure that the operating system settings are configured to accommodate the number of open files listed in the File Descriptors column and the number processes listed in the Operating System Processes and Tasks column.
See Setting the Open File Limit and Number of Processes Settings on UNIX Systems.
| Managed Server, Utility, or Service | Approximate Top Memory | Number of File Descriptors | Operating System Processes and Tasks |
|---|---|---|---|
|
Access Administration Server |
3.5 GB |
2300 |
180 |
|
Governance Administration Server |
3.5 GB |
2100 |
100 |
|
soa_server |
2.0 GB |
1400 |
210 |
|
oim_server |
8.0 GB |
1400 |
190 |
|
oam_server |
4.0 GB |
2000 |
170 |
|
oam_policy_mgr |
2.0 GB |
1700 |
160 |
|
WLST (connection to the Node Manager) |
1.5 GB |
910 |
20 |
|
Node Manager (per domain) |
1.0 GB |
720 |
15 |
|
TOTAL |
22.0 GB* |
14430 |
805 |
* Approximate total.
Note:
The above figures are per service, which translates to a pod. The figures are for each occurrence of a service. So, if you had a highly available OAM cluster, then you would need 4GB of memory per instance. That is 2 x 4G for a minimum OAM HA configuration. If you were to have two worker nodes running OAM with one node running the Administration Server, two nodes each running one OAM server and policy server. Then, as a starting point, each worker node would require 9.5GB of memory.
The above worker nodes do not include the 20pct overhead required by Kubernetes. So, using the above example, each worker node should be configured with 12GB of memory (figures rounded up).
Parent topic: Host Computer Requirements
Typical Disk Space Requirements for an Enterprise Deployment
This section specifies the disk space that is typically required for this enterprise deployment.
For the latest disk space requirements for the Oracle Fusion Middleware 12c (12.2.1.4.0) products, including the Oracle Identity and Access Management products, review the Oracle Fusion Middleware System Requirements and Specifications.
In addition, the following table summarizes the disk space that is typically required for an Oracle Identity and Access Management enterprise deployment.
Use the this information and the information in Preparing the File System for an Enterprise Deployment to determine the disk space requirements required for your deployment.
| Server | Disk |
|---|---|
|
Database |
nXm n = number of disks, at least 4 (striped as one disk) m = size of the disk (minimum of 30 GB) |
|
WEBHOSTn |
10 GB |
|
OAMHOSTn |
10 GB* |
|
OIMHOSTn |
10 GB* |
|
LDAPHOSTn |
10 GB* |
Parent topic: Host Computer Requirements
Operating System Requirements
The Oracle Fusion Middleware software products and components that are described in this guide are certified on various operating systems and platforms.
For more information about the operating system requirements, see Oracle Fusion Middleware System Requirements and Specifications.
Note:
This guide focuses on the implementation of the enterprise deployment reference topology on Oracle Linux systems.
The topology can be implemented on any certified, supported operating system, but the examples in this guide typically show the commands and configuration steps as they should be performed by using the bash shell on Oracle Linux.
About Private Networks
A private network enables you to keep inter-application communications within the private network, providing communication that is both faster and more secure. By keeping inter-application traffic inside the private network, you do not expose traffic to the internet. To use a private network, you have to create a private VLAN.