Bolthouse Farms: JD Edwards Analytics Deployment on Oracle Cloud

Surging demand for its brand of sustainably farmed carrots and superfood beverages prompted Bolthouse Farms to migrate its on-premises ERP applications to Oracle Cloud Infrastructure (OCI).

The company's deployment on OCI gives line-of-business staff the ability to instantly analyze sales, finance, accounting, manufacturing, procurement, and inventory data. The data is fed from JD Edwards EnterpriseOne (JDE) and Oracle Essbase into an Oracle Autonomous Data Warehouse (ADW). Bolthouse Farms staff uses Oracle Analytics Cloud's (OAC) built-in dashboards and visualization tools to run ad-hoc reports.

Founded in 1915 as a carrot farm in Grant, Michigan, Bolthouse Farms has grown into a vertically-integrated commercial agriculture company, specializing in packaged carrots, and superfood salad dressings, smoothies, and juices. While the superfood market is fast approaching $250 billion globally, fickle consumers may clamor for certain superfoods in one moment, and then reject them in the next. To protect itself from sudden shifts in consumer preferences, Bolthouse Farms needed an applications infrastructure that could respond in an instant to market changes. By upgrading its JDE suite and migrating it from an on-premises AS/400 to OCI, Bolthouse's IT teams were able to eliminate their manual maintenance processes, replicate their environment in a geo-disaster recovery site, and reduce the time it took to complete a full restoration of the system to less than 30 minutes, down from 2 hours.

Highlights of Bolthouse Farms JDE on OCI:

• JDE application update, re-platform, and migrate to Oracle Database Cloud Service
• Oracle ADW and OAC enabled line-of-business quick response to market shift
• High-availability, multi-fault-domain architecture
• Redundant network connections to OCI
• SSO with on-premises LDAP
• Cost effective Geo DR, RTO/RPO
• Improved security posture:
  • Control connections into ERP
  • Security patching frequency (applying on quarterly basis)

Customer Story

Learn more about Bolthouse Farm's journey to Oracle Cloud:

Architecture

Before upgrading its JD Edwards applications and moving those ERP apps onto Oracle Cloud Infrastructure, Bolthouse Farms IT teams weren't able to easily apply security patches or to upgrade the company's operating systems.

In the on-premises environment, IT teams were unable to easily automate demand planning, supply planning, order management, and production scheduling capabilities for the company's business users. The on-premises infrastructure also lacked a fully redundant disaster recovery plan.

Today, Bolthouse Farms users access the company's virtual cloud network (VCN) using a dedicated high-bandwidth connection through Oracle FastConnect, which can be scaled up or down, depending on ever-changing traffic and data transfer requirements. Users can also access the company's VCN through a virtual private network (VPN) as a lower cost backup option and to achieve network high availability.

Users connect using FastConnect or site-to-site VPN. They are then routed by using a dynamic routing gateway (DRG) and are then authenticated to the system through a third-party JD Edwards (JDE) single sign-on (SSO) server, which is integrated with on-premises active directory using LDAP. In a private subnet, Bolthouse runs two JDE application server pools to handle user requests coming into the Oracle Load Balancer. In a second private subnet, the company runs a JDE mid-tier server pool for batch and logic instances. In a third private subnet, Bolthouse runs single instance Oracle Database Cloud Service that is sized to 8 OCPUs to optimize performance based on automatic workload repository (AWR) report requirements. To ensure its ERP data is always accessible, Bolthouse uses high availability Java application server (JAS) instances in each JDE server. In case one physical event were to take out a server, each fault domain provides redundancy. To provide additional protection for its data, Bolthouse uses rman for online database backups, which are sent to Object Storage buckets.

In a separate VCN, Bolthouse Farms runs Oracle Autonomous Data Warehouse (ADW), which replicates financial, sales, foundation master data from the JDE servers, and management KPIs from Oracle Essbase using Oracle GoldenGate Cloud Service. Oracle Analytics Cloud (OAC) also runs in this VCN, accessing data in ADW and enabling users to build executive dashboards, run visualizations, and generate reports.

Administrators authenticate to the system through a third-party identity provider, which is integrated with Oracle Cloud Infrastructure Identity and Access Management (IAM) to provide single sign-on (SSO). To monitor its application and database environment, Bolthouse Farms uses JDE Server Manager for its ERP applications, Oracle Enterprise Manager Cloud Control for OCI, and a third-party tool for database monitoring.

For geographic separation, Bolthouse Farms set up a disaster recovery (DR) site as a warm standby in the Ashburn region, which is a scaled-down version of the full production environment in the Phoenix region. One JDE application server and one JDE mid-tier server are deployed in the DR site and synchronized with the primary site by using rsync. For real-time replication of the database tier within its disaster recovery site, Bolthouse Farms uses Oracle Data Guard.

For future deployments, Bolthouse Farms is looking to:

1. Expand OAC for operational reporting by extracting publicly available data for supply chain analysis, and making these reports available from OAC Mobile
2. Move advanced warehousing and transportation management to OCI
3. Implement Oracle Essbase budgeting and forecasting in OCI
4. Expand ERP to sales and operations planning (S&OP) services for demand and production scheduling in OCI

The following diagram illustrates this reference architecture.

Description of the illustration bolthouse-farms-oci-arch.png

bolthouse-farms-oci-arch-oracle.zip

The following diagram illustrates a simplified data flow through the reference architecture.

Description of the illustration bolthouse-farms-data-flow.png

bolthouse-farms-data-flow-oracle.zip

The architecture has the following components:

• Tenancy

  A tenancy is a secure and isolated partition that Oracle sets up within Oracle Cloud when you sign up for Oracle Cloud Infrastructure. You can create, organize, and administer your resources in Oracle Cloud within your tenancy. A tenancy is synonymous with a company or organization. Usually, a company will have a single tenancy and reflect its organizational structure within that tenancy. A single tenancy is usually associated with a single subscription, and a single subscription usually only has one tenancy.

• Region

  An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

• Oracle services network

  The Oracle services network (OSN) is a conceptual network in Oracle Cloud Infrastructure that is reserved for Oracle services. These services have public IP addresses that you can reach over the internet. Hosts outside Oracle Cloud can access the OSN privately by using Oracle Cloud Infrastructure FastConnect or VPN Connect. Hosts in your VCNs can access the OSN privately through a service gateway.

• Monitoring

  Oracle Cloud Infrastructure Monitoring service actively and passively monitors your cloud resources using metrics to monitor resources and alarms to notify you when these metrics meet alarm-specified triggers.

• Logging
  Logging is a highly scalable and fully managed service that provides access to the following types of logs from your resources in the cloud:

  • Audit logs: Logs related to events emitted by the Audit service.
  • Service logs: Logs emitted by individual services such as API Gateway, Events, Functions, Load Balancing, Object Storage, and VCN flow logs.
  • Custom logs: Logs that contain diagnostic information from custom applications, other cloud providers, or an on-premises environment.
• Availability domain

  Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.

• Fault domain

  A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.

• Compartment

  Compartments are cross-region logical partitions within an Oracle Cloud Infrastructure tenancy. Use compartments to organize your resources in Oracle Cloud, control access to the resources, and set usage quotas. To control access to the resources in a given compartment, you define policies that specify who can access the resources and what actions they can perform.

• Identity and access management (IAM)

  Oracle Cloud Infrastructure Identity and Access Management (IAM) is the access control plane for Oracle Cloud Infrastructure (OCI) and Oracle Cloud Applications. The IAM API and the user interface enable you to manage identity domains and the resources within the identity domain. Each OCI IAM identity domain represents a standalone identity and access management solution or a different user population.

• Security zone

  Security zones ensure Oracle's security best practices from the start by enforcing policies such as encrypting data and preventing public access to networks for an entire compartment. A security zone is associated with a compartment of the same name and includes security zone policies or a "recipe" that applies to the compartment and its sub-compartments. You can't add or move a standard compartment to a security zone compartment.

• Policy

  An Oracle Cloud Infrastructure Identity and Access Management policy specifies who can access which resources, and how. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy.

• Virtual cloud network (VCN) and subnets

  A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.

• Security list

  For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.

• Route table

  Virtual route tables contain rules to route traffic from subnets to destinations outside a VCN, typically through gateways.

• Site-to-Site VPN

  Site-to-Site VPN provides IPSec VPN connectivity between your on-premises network and VCNs in Oracle Cloud Infrastructure. The IPSec protocol suite encrypts IP traffic before the packets are transferred from the source to the destination and decrypts the traffic when it arrives.

• FastConnect

  Oracle Cloud Infrastructure FastConnect provides an easy way to create a dedicated, private connection between your data center and Oracle Cloud Infrastructure. FastConnect provides higher-bandwidth options and a more reliable networking experience when compared with internet-based connections.

• Service gateway

  The service gateway provides access from a VCN to other services, such as Oracle Cloud Infrastructure Object Storage. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.

• Dynamic routing gateway (DRG)

  The DRG is a virtual router that provides a path for private network traffic between a VCN and a network outside the region, such as a VCN in another Oracle Cloud Infrastructure region, an on-premises network, or a network in another cloud provider.

• Remote peering

  Remote peering allows the VCNs' resources to communicate using private IP addresses without routing the traffic over the internet or through your on-premises network. Remote peering eliminates the need for an internet gateway and public IP addresses for the instances that need to communicate with another VCN in a different region.

• Local peering gateway (LPG)

  An LPG enables you to peer one VCN with another VCN in the same region. Peering means the VCNs communicate using private IP addresses, without the traffic traversing the internet or routing through your on-premises network.

• Compute

  The Oracle Cloud Infrastructure Compute service enables you to provision and manage compute hosts in the cloud. You can launch compute instances with shapes that meet your resource requirements for CPU, memory, network bandwidth, and storage. After creating a compute instance, you can access it securely, restart it, attach and detach volumes, and terminate it when you no longer need it.

• Load balancer

  The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to multiple servers in the back end.

• Object storage

  Object storage provides quick access to large amounts of structured and unstructured data of any content type, including database backups, analytic data, and rich content such as images and videos. You can safely and securely store and then retrieve data directly from the internet or from within the cloud platform. You can seamlessly scale storage without experiencing any degradation in performance or service reliability. Use standard storage for "hot" storage that you need to access quickly, immediately, and frequently. Use archive storage for "cold" storage that you retain for long periods of time and seldom or rarely access.

• Application Server

  Application servers use a secondary peer that, like the database, will take over processing in the event of a disaster. Application servers use configuration and metadata that is stored both in the database and the file system. Application server clustering provides protection in the scope of a single region but ongoing modifications and new deployments need to be replicated to the secondary location on an ongoing basis for a consistent disaster recovery.

• Autonomous Data Warehouse

  Oracle Autonomous Data Warehouse is a self-driving, self-securing, self-repairing database service that is optimized for data warehousing workloads. You do not need to configure or manage any hardware, or install any software. Oracle Cloud Infrastructure handles creating the database, as well as backing up, patching, upgrading, and tuning the database.

• Database Cloud Service

  Oracle Database Cloud Service is a fully managed database service that lets developers quickly develop and deploy secure, cloud native applications. Oracle automates all tasks, such as backup and recovery, database and operating system patching, updates, and data encryption.

• Data Guard

  Oracle Data Guard provides a comprehensive set of services that create, maintain, manage, and monitor one or more standby databases to enable production Oracle databases to remain available without interruption. Oracle Data Guard maintains these standby databases as copies of the production database. Then, if the production database becomes unavailable because of a planned or an unplanned outage, Oracle Data Guard can switch any standby database to the production role, minimizing the downtime associated with the outage.

• Instance configuration

  An instance configuration is a template that defines the settings to use when creating compute instances, including details such as the base image, shape, and metadata. You can also specify the associated resources for the instance, such as block volume attachments and the network configuration.

• Instance pool

  An instance pool is a group of instances within a region that are created from the same instance configuration and managed as a group.

• Data integration

  Oracle Cloud Infrastructure Data Integration is a fully managed, serverless, cloud-native service that extracts, loads, transforms, cleanses, and reshapes data from a variety of data sources into target Oracle Cloud Infrastructure services, such as Autonomous Data Warehouse and Oracle Cloud Infrastructure Object Storage. ETL (extract transform load) leverages fully-managed scale-out processing on Spark, and ELT (extract load transform) leverages full SQL push-down capabilities of the Autonomous Data Warehouse in order to minimize data movement and to improve the time to value for newly ingested data. Users design data integration processes using an intuitive, codeless user interface that optimizes integration flows to generate the most efficient engine and orchestration, automatically allocating and scaling the execution environment. Oracle Cloud Infrastructure Data Integration provides interactive exploration and data preparation and helps data engineers protect against schema drift by defining rules to handle schema changes.

  Oracle Cloud Infrastructure GoldenGate is a fully managed service that allows data ingestion from sources residing on premises or in any cloud, leveraging the GoldenGate CDC technology for a non intrusive and efficient capture of data and delivery to Oracle Autonomous Data Warehouse in real time and at scale in order to make relevant information available to consumers as quickly as possible.

Get Featured in Built and Deployed

Want to show off what you built on Oracle Cloud Infrastructure? Care to share your lessons learned, best practices, and reference architectures with our global community of cloud architects? Let us help you get started.

1. Download the template (PPTX)

   Illustrate your own reference architecture by dragging and dropping the icons into the sample wireframe.

2. Watch the architecture tutorial

   Get step by step instructions on how to create a reference architecture.

3. Submit your diagram

   Send us an email with your diagram. Our cloud architects will review your diagram and contact you to discuss your architecture.

Explore More

Learn more about the features of this architecture.

• Bolthouse Farms cuts prep time for management reporting from 4 hours to 22 minutes (blog)
• Learn about migrating JD Edwards EnterpriseOne to Oracle Cloud
• Learn about deploying JD Edwards EnterpriseOne on Oracle Cloud Infrastructure
• Deploy JD Edwards EnterpriseOne on Oracle Cloud Infrastructure
• Best practices framework for Oracle Cloud Infrastructure
• Oracle Cloud Infrastructure documentation
• Oracle Cloud Cost Estimator

Acknowledgments

• Authors: Sasha Banks-Louie, Jay Lakumb, David Russel, Wei Han
• Contributor: Robert Lies