Description of the psft_single_ad_withCallouts-security.png

This image is an annotated architecture diagram of the deployment of a PeopleSoft application in a single availability domain while ensuring high availability.

This image shows the architecture for PeopleSoft running on a single Availability Domain implementation within Oracle Cloud Infrastructure.

The architecture consists of a virtual cloud network (VCN) within an Oracle Cloud Infrastructure region. Region communicates with the Internet, the customer's existing network, and a web client. The VCN is linked to the region via a NAT gateway, an Internet gateway, and a dynamic routing gateway. The VCN contains a bastion and load balancer, along with an application tier that contains servers for the Web and for ElasticSeach. The tier also contains a subnets comprising process scheduler servers and application servers. PeopleTools client, application, and database hosts are placed in separate subnets of VCN in a single availability domain. The bastion host is deployed in a public subnet, and all the other instances are deployed in private subnets.

There are six numbered callouts on the illustration:
  1. VCN
  2. Internal Firewalls
  3. Load Balancing Traffic Securely
  4. Secure Connectivity to Public Internet
  5. Secure Connectivity between your VCN and Data Center
  6. Protect Internet-facing Applications
Each callout is described in the surrounding text.

The

The availability domain also contains a PeopleTools server and a database tier, which communicates with Oracle Cloud Infrastructure object storage through a service gateway.

The bastion host receives requests through the dynamic routing gateway (DRG) and internet gateway. The DRG is the gateway that connects your on-premises network to your cloud network. To enable communication between the DRG and the customer-premises equipment, use IPSec VPN or Oracle Cloud Infrastructure FastConnect. To access your bastion host from the internet, set up an internet gateway (IGW). An IGW is a software-defined router that provides a path for network traffic from your VCN to the internet. You can access the instances in private subnets over port 22 through the bastion host or the DRG if you have set up an IPSec VPN tunnel between your data center and Oracle Cloud Infrastructure DRG.

The load balancer instances receive requests over port 8000 or 8443, and then send it to the web servers in the application tier. The application tier consists of two web server instances in subnet, ElasticSearch servers in another subnet, two application servers and two process scheduler servers in a third subnet. To ensure high availability, redundant instances are deployed in the application tier and all instances are active. The web servers receive application requests from the web environment, the internet and the intranet, through the load balancer. It forwards the requests to the application server. The application servers submit the SQL to database servers over port 1521. The ElasticSearch servers interacts with PeopleSoft web servers and process scheduler servers. PeopleTools client is placed in a separate subnet and it interacts with the PeopleSoft database over port 1521.