Deploy Siebel CRM on Oracle Kubernetes Engine by Using Siebel Cloud Manager

This reference architecture showcases the topology of a simple, highly-available Siebel CRM environment deployed by Siebel Cloud Manager on Oracle Container Engine for Kubernetes (OKE) where the Siebel components run as containers.

Siebel Cloud Manager is a new REST-based continuous deployment tool with which you can:

• Automate the deployment of Siebel CRM on Oracle Cloud Infrastructure (OCI), whether you start from an existing on-premises deployment of Siebel CRM or create a new greenfield deployment of Siebel CRM on OCI.
• Perform ongoing maintenance of the Siebel Enterprise on OCI.
• Use the Siebel Lift utility, which performs these functions:
  • Creates deployment kits consisting of artifacts derived from an existing on-premise deployment of Siebel CRM. The deployment kits are created in a staging location.
  • Reads the stored artifacts you created and uploads them to OCI Object Storage to populate the migration pipeline for your Siebel CRM deployment on OCI.

Architecture

The following diagram illustrates this reference architecture.

Description of the illustration siebelcm-ref-arch.png

siebelcm-ref-arch-oracle.zip

This architecture has the following components:

• Region

  An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

• Availability domains

  Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.

• Fault domains

  A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.

• Load balancer

  The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to multiple servers in the back end.

• Virtual cloud network (VCN) and subnets

  A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.

• Siebel Kubernetes Cluster

  Siebel Kubernetes Cluster is powered by the Oracle Kubernetes Engine (OKE) which is a fully-managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. Use Container Engine for Kubernetes (sometimes abbreviated to just OKE) when your development team wants to reliably build, deploy, and manage cloud-native applications.

• Siebel Gateway

  The Siebel Gateway provides the dynamic address registry for Siebel Servers and server components, and also for Siebel Application Interface and other modules, like Siebel Enterprise Cache and Siebel Constraint Engine.

• Siebel Application Interface Siebel

  Application Interface (SAI) is a program that communicates with the Siebel Web Engine (which is part of an Application Object Manager component, such as Call Center Object Manager) on the Siebel Server and with browsers run by users of Siebel CRM.

• Siebel Cloud Manager Instance

  Siebel Cloud Manager application is pre-installed in a virtual machine which is provisioned using an image available in the OCI Marketplace.

• GitLab Instance

  Siebel Cloud Manager uses GitLab to store the configuration of each deployment that it performs. Then, it will access the configuration files (Helm Charts, YAML definition files etc) from GitLab to do the actual deployment.

• Helm

  Helm is a Kubernetes deployment tool for automating creation, packaging, configuration, and deployment of applications and services to Kubernetes clusters.

• Flux

  Flux is a set of continuous and progressive delivery solutions for Kubernetes that are open and extensible. It is the GitOps operator that detects changes in GitLab or in the Image Registry and then initiates the necessary change to the deployment.

• NGINX Ingress Controller

  NGINX Ingress Controller is production-grade Ingress controller (daemon) that runs alongside NGINX Open Source or NGINX Plus instances in a Kubernetes environment. The daemon monitors NGINX Ingress resources and Kubernetes Ingress resources to discover requests for services that require ingress load balancing.

• Primary and Standby Databases

  A primary database is the main database used by the Siebel application. A standby database is a database replica created from a backup of a primary database.

• Data Guard

  A comprehensive set of services that create, maintain, manage, and monitor one or more standby databases to enable production Oracle databases to survive disasters and data corruptions.

• Object storage

  Object storage provides quick access to large amounts of structured and unstructured data of any content type, including database backups, analytic data, and rich content such as images and videos. You can safely and securely store and then retrieve data directly from the internet or from within the cloud platform. You can seamlessly scale storage without experiencing any degradation in performance or service reliability. Use standard storage for "hot" storage that you need to access quickly, immediately, and frequently. Use archive storage for "cold" storage that you retain for long periods of time and seldom or rarely access.

Recommendations

Use the following recommendations as a starting point to when deploy Siebel CRM on Oracle Kubernetes Engine by using Siebel Cloud Manager. Your requirements might differ from the architecture described here.

• VCN

  When you create a VCN, determine the number of CIDR blocks required and the size of each block based on the number of resources that you plan to attach to subnets in the VCN. Use CIDR blocks that are within the standard private IP address space.

  Select CIDR blocks that don't overlap with any other network (in Oracle Cloud Infrastructure, your on-premises data center, or another cloud provider) to which you intend to set up private connections.

  After you create a VCN, you can change, add, and remove its CIDR blocks.

  When you design the subnets, consider your traffic flow and security requirements. Attach all the resources within a specific tier or role to the same subnet, which can serve as a security boundary.

  Use regional subnets.

• Security

  Use Oracle Cloud Guard to monitor and maintain the security of your resources in Oracle Cloud Infrastructure proactively. Cloud Guard uses detector recipes that you can define to examine your resources for security weaknesses and to monitor operators and users for risky activities. When any misconfiguration or insecure activity is detected, Cloud Guard recommends corrective actions and assists with taking those actions, based on responder recipes that you can define.

  For resources that require maximum security, Oracle recommends that you use security zones. A security zone is a compartment associated with an Oracle-defined recipe of security policies that are based on best practices. For example, the resources in a security zone must not be accessible from the public internet and they must be encrypted using customer-managed keys. When you create and update resources in a security zone, Oracle Cloud Infrastructure validates the operations against the policies in the security-zone recipe, and denies operations that violate any of the policies.

• Cloud Guard

  You can use Oracle Cloud Guard to monitor and maintain the security of your resources in Oracle Cloud Infrastructure. Cloud Guard uses detector recipes that you can define to examine your resources for security weaknesses and to monitor operators and users for risky activities. When any misconfiguration or insecure activity is detected, Cloud Guard recommends corrective actions and assists with taking those actions, based on responder recipes that you can define.

Considerations

Consider the following points when deploying this reference architecture.

• Performance and Cost

  OCI offers Compute shapes that cater to a wide range of applications and use cases. Choose the shapes for your compute instances carefully. Select shapes that provide optimal performance for your load at the lowest cost. If you need more performance, memory, or network bandwidth, you can change to a larger shape.

  If a GitLab instance already exists in your tenancy, please reuse it for the Siebel Cloud Manager too. For a new GitLab instance, you only need one OCPU and about 10GB of RAM to start with, as there are not many resource-intensive tasks involved.

• Security

  Use Oracle Cloud Infrastructure Identity and Access Management (IAM) policies to control who can access your cloud resources and what operations can be performed. To protect the database passwords or any other secrets, consider using the OCI Vault service.

  Optionally, you can reduce the ingress range to tighten network security for Siebel Cloud Manager. You can find details in the official Siebel Cloud Manager documentation.

• Availability

  Consider using a high-availability option based on your deployment requirements and your region. The options include distributing resources across multiple availability domains in a region and distributing resources across the fault domains within an availability domain.

  Fault domains provide the best resilience for workloads deployed within a single availability domain. For high availability in the application tier, deploy the application servers in different fault domains, and use a load balancer to distribute client traffic across the application servers.

  Based on the number of worker nodes that you specify in the JSON payload to deploy Siebel CRM, OCI itself maintains high-availability by distributing the nodes to different availability domains.

• Monitoring and alerts

  Use the Metrics and Alarms features of the Oracle Cloud Infrastructure Monitoring service to actively and passively monitor your cloud resources.

Explore More

To learn more about deploying Siebel CRM on Oracle Kubernetes Engine by using Siebel Cloud Manager.

Review these additional resources:

• Best practices framework for Oracle Cloud Infrastructure
• Container Engine for Kubernetes Product Page
• Overview of Container Engine for Kubernetes
• Using Siebel Cloud Manager to Deploy Siebel CRM on OCI (Oracle Support Note: Doc ID 2828904.1)
• Oracle LiveLabs: Use Siebel Cloud Manager to deploy Siebel CRM on OCI

Acknowledgments

• Author: Shyam Mohandas
• Contributors: Prabhu Dhanabalan, Duncan Ford, Lingaraj Nayak, Jasmine Sultan Salahudeen, Nandha kumar Thirupathi