12 Configuring Oracle Traffic Director for an Enterprise Deployment

When you configure the web tier, you have the option of using Oracle Traffic Director to route requests to the application tier, rather than Oracle HTTP Server. The procedure to configure Oracle Traffic Director is different from the procedure to configure Oracle HTTP Server. If you decide to use Oracle Traffic Director, then you must install Oracle Traffic Director on both the web tier hosts and the application Tier hosts. Then, you extend the enterprise deployment domain to include Oracle Traffic Director.

Before you configure Oracle Traffic Director, be sure to review Understanding the Web Tier.

Note:

If you plan to configure Oracle Managed File Transfer, then you must configure Oracle Traffic Director to route FTP and SFTP requests over TCP. For more information, see Configuring Oracle Managed File Transfer in an Enterprise Deployment.

• About Oracle Traffic Director
  Oracle Traffic Director (OTD) is a software load balancer for load balancing HTTP/S and TCP traffic to application tier. The application-tier servers that receive the requests from Oracle Traffic Director are referred to as Oracle Traffic Director origin servers. Origin servers can be application servers, web servers, Oracle Managed File Transfer, LDAP directory servers, MLLP servers, or any type of TCP server.
• About Oracle Traffic Director in an Enterprise Deployment
  Oracle Traffic Director can be used as an alternative to Oracle HTTP Server on the web tier. Similar to Oracle HTTP Server, it can route HTTP requests from the front-end load balancer to the application-tier WebLogic Managed Servers. However, only Oracle Traffic Director provides TCP load balancing and failover.
• Variables Used When Configuring Oracle Traffic Director
  The procedures for installing and configuring Oracle Traffic Director reference use a series of variables that you can replace with the actual values used in your environment.
• Installing Oracle Traffic Director in Collocated Mode on the Application Tier Hosts
  You can install Oracle Traffic Director by using an interactive graphical wizard provided by the Oracle Universal Installer. To configure Oracle Traffic Director for high availability, perform the steps on two mount points.
• Installing Oracle Traffic Director in Standalone Mode on the Web Tier Hosts
  You can install Oracle Traffic Director by using an interactive graphical wizard provided by the Oracle Universal Installer. This standalone installation is performed on the two WEBHOST systems that is used in enterprise deployment.
• Extending the Domain with Oracle Traffic Director System Components
  You need to perform certain tasks in order to extend the enterprise deployment domain with the Oracle Traffic Director software.
• Propagating the Domain and Starting the Node Manager on the Web Tier Hosts
  After you have installed Oracle Traffic Director on the application tier hosts and you have extended the domain with Oracle Traffic Director system components, you can then copy the domain configuration to the hosts on the web tier and configure the Node Manager.
• Creating an Oracle Traffic Director Configuration
  An Oracle Traffic Director configuration is a collection of metadata that you can use to instantiate Oracle Traffic Director. Oracle Traffic Director reads the configuration when a server instance starts on the web tier hosts and while processing client requests.
• Starting the Oracle Traffic Director Default Instance
  You can use the Oracle Traffic Director configuration to create instances of Oracle Traffic Director servers on one or more administration nodes.
• Defining Oracle Traffic Director Virtual Servers for an Enterprise Deployment
  By default, when you created the configuration, a default virtual server for HTTP access was created, named edg_config. However, each enterprise deployment uses additional Oracle Traffic Director virtual servers and origin-server pools for specific purposes. For example, each time you extend the domain with a new Fusion Middleware product, there are additional virtual servers that must to be defined.
• Creating a TCP Proxy for an Enterprise Deployment
  Oracle MFT uses a TCP proxy to route SFTP requests to the backend MFT WLS servers.
• Creating a Failover Group for Virtual Hosts
  A failover group ensures high availability of Oracle Traffic Director instances by combining two Oracle Traffic Director instances.

About Oracle Traffic Director

Oracle Traffic Director (OTD) is a software load balancer for load balancing HTTP/S and TCP traffic to application tier. The application-tier servers that receive the requests from Oracle Traffic Director are referred to as Oracle Traffic Director origin servers. Origin servers can be application servers, web servers, Oracle Managed File Transfer, LDAP directory servers, MLLP servers, or any type of TCP server.

Starting with Oracle Fusion Middleware 12c (12.2.1), in addition to being available for use with the engineered systems (Oracle Exalogic running either Oracle Linux or Oracle Solaris or Oracle SuperCluster running Oracle Solaris), Oracle Traffic Director is available for customers with the Oracle WebLogic Server Multi-tenancy or Oracle WebLogic Server Continuous Availability add-on options.

For more information about OTD, see Overview of Oracle Traffic Director in Administering Oracle Traffic Director.

About Oracle Traffic Director in an Enterprise Deployment

Oracle Traffic Director can be used as an alternative to Oracle HTTP Server on the web tier. Similar to Oracle HTTP Server, it can route HTTP requests from the front-end load balancer to the application-tier WebLogic Managed Servers. However, only Oracle Traffic Director provides TCP load balancing and failover.

If you configure Managed File Transfer, which requires the routing and load balancing of the SFTP requests), then you must use Oracle Traffic Director.

In a enterprise deployment, you install Oracle Traffic Director on both the web tier hosts and the application Tier hosts, because Oracle Traffic Director is added to the domain in the application-tier hosts, for system management purposes.

On each application tier host, you install Oracle Traffic Director in collocated mode, in the same Oracle home where you installed the application tier software.

On each web tier host, you install Oracle Traffic Director in standalone mode.

You then use the Fusion Middleware Configuration Wizard to extend the application-tier domain to include the Oracle Traffic Director system components. This allows the Oracle Traffic Director components to be managed by the same Administration Server that is used to control the Managed Servers in the domain.

The following topics provide specific instructions for using the Oracle Traffic Director configuration required for Managed File Transfer. However, the procedures in these topics can be used to configure Oracle Traffic Director as the web tier for other components in the enterprise deployment topology.

Variables Used When Configuring Oracle Traffic Director

The procedures for installing and configuring Oracle Traffic Director reference use a series of variables that you can replace with the actual values used in your environment.

The following directory location variables are used in these procedures:

• WEB_ORACLE_HOME

• ASERVER_HOME

• MSERVER_HOME

• WEB_DOMAIN_HOME

• JAVA_HOME

• NM_HOME

• WEB_APPLICATION_HOME

For more information about file system directories and the directory variables, see File System and Directory Variables Used in This Guide.

In addition, you reference the virtual IP (VIP) address — ADMINVHN that is defined in Reserving the Required IP Addresses for an Enterprise Deployment.

• ADMINVHN

Actions in this chapter are performed on the following host computers:

• APPHOST1

• APPHOST2

• WEBHOST1

• WEBHOST2

Note:

Note that for this chapter, APPHOST1 and APPHOST2 provide a more generic variable for the application tier hosts. This is because, depending upon the domain that you create, the host name variable varies.

For example, if you configure Oracle Traffic Director for an Oracle SOA Suite domain, APPHOST1 is the same as SOAHOST1. However, if you configure Oracle Traffic Director for an Oracle Managed File Transfer domain, which is typically configured in its own domain, then APPHOST1 is the same as MFTHOST1.

Installing Oracle Traffic Director in Collocated Mode on the Application Tier Hosts

You can install Oracle Traffic Director by using an interactive graphical wizard provided by the Oracle Universal Installer. To configure Oracle Traffic Director for high availability, perform the steps on two mount points.

• Starting the Oracle Traffic Director Installer
  
• Navigating the Oracle Traffic Director Installation Screens (Collocated)
  
• Verifying the Installation on the Application Tier Hosts
  

Starting the Oracle Traffic Director Installer

To start the installation program:

1. Log in to the application host and go to the directory in which you downloaded the installer.
2. Run the following command to launch the installation wizard:

   On Linux

   fmw_12.2.1.3.0_otd_linux64.bin

When the installation program appears, you are ready to begin the installation.

Navigating the Oracle Traffic Director Installation Screens (Collocated)

The following table describes how to use the installer screens to install Oracle Traffic Director in a colocated mode on the first application tier host.

Note:

Installing Oracle Traffic Director in the rest of the application tier is also required in these cases:

• If you have planned any domain extensions, you might encounter errors when you unpack the domain in the rest of application hosts, due to missing required components.

• In the application hosts where AdminServer can fail over because OTD components are required by the AdminServer.

If you need additional help with any of the installation screens, click the screen name.

Screen	Description
Installation Inventory Setup	On UNIX operating systems, if this is the first time that you are installing any Oracle product on this host, this screen appears. Specify the location where you want to create your central inventory. Make sure that the operating system group name selected on this screen has write permissions to the central inventory location. For more information about the central inventory, see Oracle Fusion Middleware Installing Software with the Oracle Universal Installer in Installing Software with the Oracle Universal Installer. Note: Oracle recommends that you configure the central inventory directory on the products shared volume. Example: /u01/oracle/products/oraInventory You may also need to execute the createCentralinventory.sh script as root from the oraInventory folder after the installer completes.
Welcome	This screen introduces you to the product installer. Click Next.
Auto Updates	Select whether you want to receive automatic updates for this product.
Installation Location	Enter the path to the existing application tier Oracle home. Runtime processes cannot write to this directory. For the purposes of this enterprise deployment, enter the value of the ORACLE_HOME variable that is listed in Table 7-2.
Installation Type	Use this screen to select the type of installation and consequently, the products and feature sets you want to install. Select Collocated OTD (Managed through WebLogic server).
JDK Selection	For the value of JDK Home, enter the value of JAVA_HOME that you set when you install the JDK software.
Prerequisite Checks	The installer analyzes the host computer to ensure that the prerequisites are fulfilled. The results of the prerequisite checks are displayed on this screen. If a prerequisite check fails, an error or warning message is displayed. You can do the following: Fix the error and click Rerun. For example, if any of the required packages that are listed in Prerequisites for Installing Oracle Traffic Director are not available in the system, install them. To ignore the error or warning and continue with the installation, click Skip. To stop the prerequisite checking process, click Stop. Click Next to continue.
Installation Summary	This screen displays the Oracle home directory that you specified earlier. It also indicates the amount of disk space that is used for the installation and the free space available. Review the information on this screen. To save the settings specified so far in the installation wizard in a text file (called a response file), click Save. If necessary, you can use the response file to perform the same installation from the command line. Click Install to begin the installation. For more information about silent or command line installation, see "Using the Oracle Universal Installer in Silent Mode" in Installing Software with the Oracle Universal Installer.
Installation Progress	This screen shows the progress and status of the installation process. If you want to cancel the installation, click Cancel. The files that were copied to your system before you canceled the installation remains on the system; you should remove them manually. Click Next to continue.
Installation Complete	Click Finish.

Verifying the Installation on the Application Tier Hosts

After you complete the installation and the post-installation steps, verify that the Oracle home directory (ORACLE_HOME/otd) contains the following directories:

common
lib
plugins

Installing Oracle Traffic Director in Standalone Mode on the Web Tier Hosts

You can install Oracle Traffic Director by using an interactive graphical wizard provided by the Oracle Universal Installer. This standalone installation is performed on the two WEBHOST systems that is used in enterprise deployment.

• Installing a Supported JDK
  
• Starting the Oracle Traffic Director Installer
  
• Navigating the Oracle Traffic Director Installation Screens (Standalone)
  
• Verifying the installation on the Web Tier Hosts
  

Installing a Supported JDK

Oracle Fusion Middleware requires that a certified Java Development Kit (JDK) is installed on your system.

• Locating and Downloading the JDK Software
  
• Installing the JDK Software
  

Locating and Downloading the JDK Software

To find a certified JDK, see the certification document for your release on the Oracle Fusion Middleware Supported System Configurations page.

After you identify the Oracle JDK for the current Oracle Fusion Middleware release, you can download an Oracle JDK from the following location on Oracle Technology Network:

http://www.oracle.com/technetwork/java/index.html

Be sure to navigate to the download for the Java SE JDK.

Installing the JDK Software

Oracle Fusion Middleware requires that you install a certified Java Development Kit (JDK) on your system.

You must install the JDK in the local storage device for each of the web tier host computers. The web tier host computers, which reside in the DMZ, do not necessarily have access to the shared storage on the application tier.

For more information about the recommended location for the JDK software, see the Understanding the Recommended Directory Structure for an Enterprise Deployment.

The following example describes how to install a recent version of JDK 1.8.0_131.

1. Change directory to the location where you downloaded the JDK archive file.

   cd download_dir

2. Unpack the archive into the JDK home directory, and then run the following commands:

   tar -xzvf jdk-8u131-linux-x64.tar.gz

   Note that the JDK version listed here was accurate at the time this document was published. For the latest supported JDK, see the Oracle Fusion Middleware System Requirements and Specifications for the current Oracle Fusion Middleware release.
3. Move the JDK directory to the recommended location in the directory structure.
   For example:

   mv ./jdk1.8.0_131 /u02/oracle/products/jdk

   See File System and Directory Variables Used in This Guide.
4. Define the JAVA_HOME and PATH environment variables for running Java on the host computer.
   For example:

   export JAVA_HOME=/u02/oracle/products/jdk
   export PATH=$JAVA_HOME/bin:$PATH

5. Run the following command to verify that the appropriate java executable is in the path and your environment variables are set correctly:
   java -version
   The Java version in the output should be displayed as 1.8.0_131.
6. Repeat steps 1 through 5 for each web tier host. For example, WEBHOST1 and WEBHOST2.

Starting the Oracle Traffic Director Installer

To start the installation program:

1. Log in to the application host and go to the directory in which you downloaded the installer.
2. Run the following command to launch the installation wizard:

   On Linux

   fmw_12.2.1.3.0_otd_linux64.bin

When the installation program appears, you are ready to begin the installation.

Navigating the Oracle Traffic Director Installation Screens (Standalone)

The installation program displays a series of screens, in the order that is listed in the following table.

If you need additional help with any of the installation screens, click the screen name.

Screen	Description
Installation Inventory Setup	On UNIX operating systems, if this is the first time that you are installing any Oracle product on this host, this screen appears. Specify the location where you want to create your central inventory. Make sure that the operating system group name selected on this screen has write permissions to the central inventory location. For more information about the central inventory, see Using the Oracle Universal Installer in Installing Software with the Oracle Universal Installer Note: Oracle recommends that you configure the central inventory directory within the products directory. Example: /u02/oracle/products/oraInventory You may also need to execute the createCentralinventory.sh script as root from the oraInventory folder after the installer completes.
Welcome	Click Next.
Auto Updates	Select whether you want to receive automatic updates for this product.
Installation Location	Use this screen to specify the location of your Oracle home directory. Oracle home is the directory in which software binaries for Oracle products are stored. Note: Runtime processes cannot write to this directory. . For the purposes of an enterprise deployment, enter the value of the WEB_ORACLE_HOME variable that is listed in Table 7-3.
Installation Type	Use this screen to select the type of installation and consequently, the products and feature sets that you want to install. Select Standalone OTD (Managed independently of WebLogic server).
JDK Selection	For the value of JDK Home, enter the value of JAVA_HOME that you set when you install the JDK software.
Prerequisite Checks	The installer analyzes the host computer to ensure that the prerequisites are fulfilled. The results of the prerequisite checks are displayed on this screen. If a prerequisite check fails, an error or warning message is displayed. You can do the following: Fix the error and click Rerun. For example, if any of the required packages listed in Prerequisites for Installing Oracle Traffic Director are not available in the system, install them. To ignore the error or warning and continue with the installation, click Skip. To stop the prerequisite checking process, click Stop. Click Next.
Installation Summary	This screen displays the Oracle home directory that you specified earlier. It also indicates the amount of disk space that is used for the installation and the free space available. Review the information on this screen. To save the settings specified so far in the installation wizard in a text file (called a response file), click Save. If necessary, you can use the response file to perform the same installation from the command line. Click Install to begin the installation. For more information about silent or command line installation, see "Using the Oracle Universal Installer in Silent Mode" in Installing Software with the Oracle Universal Installer.
Installation Progress	This screen shows the progress and status of the installation process. If you want to cancel the installation, click Cancel. The files that were copied to your system before you canceled the installation remains on the system; you should remove them manually. Click Next.
Installation Complete	Click Finish.

Verifying the installation on the Web Tier Hosts

After you complete the installation and the post-installation steps, use the ls --format=single-column command to verify that the Oracle home directory contains the following directories:

bin
cdata
cfgtoollogs
crs
css
cv
has
install
inventory
jlib
ldap
lib
network
nls
OPatch
oracle_common
oracore
oraInst.loc
otd
oui
perl
plsql
plugins
precomp
QOpatch
racg
rdbms
slax
sqlplus
srvm
webgate
wlserver
xdk

Extending the Domain with Oracle Traffic Director System Components

You need to perform certain tasks in order to extend the enterprise deployment domain with the Oracle Traffic Director software.

• Starting the Configuration Wizard
  
• Navigating the Configuration Wizard Screens to Extend the Domain
  

Starting the Configuration Wizard

Note:

If you have added any customizations directly to the start scripts in the domain, those customizations are overwritten by the configuration wizard. To customize server startup parameters that apply to all servers in a domain, create a file called setUserOverridesLate.sh and configure it. For example, add custom libraries to the WebLogic Server classpath, specify additional JAVA command-line options for running the servers, or specify additional environment variables. Any customizations you add to this file are preserved during domain upgrade operations, and are carried over to the remote servers when you use the Pack and Unpack commands.

Navigate to the following directory and start the WebLogic Server Configuration Wizard in the Admin Server node (SOAHOST1).

cd ORACLE_HOME/oracle_common/common/bin
./config.sh

Navigating the Configuration Wizard Screens to Extend the Domain

After you start the Configuration Wizard, follow these instructions to extend the existing domain.

• Task 1, "Selecting the Domain Type and Domain Home Location"

• Task 2, "Selecting the Configuration Templates for Oracle Traffic Director"

• Task 3, "Providing the GridLink Oracle RAC Database Connection Details"

• Task 4, "Testing the JDBC Connections"

• Task 5, "Selecting Advanced Configuration Options"

• Task 6, "Adding System Components for Oracle Traffic Director"

• Task 7, "Creating WebLogic Server Machines for Oracle Traffic Director"

• Task 8, "Reviewing Your Configuration Specifications and Configuring the Domain"

• Task 9, "Writing Down Your Domain Home and Administration Server URL"

• Task 10, "Start the Administration Server"

Task 1   Selecting the Domain Type and Domain Home Location

On the Configuration Type screen, select Update an existing domain.

In the Domain Location field, enter the value assigned to the ASERVER_HOME variable.

Note:

• For more information about the domain home directory, see Choosing a Domain Home in Planning an Installation of Oracle Fusion Middleware.

• For more information about the other options on this screen, see Configuration Type in Creating WebLogic Domains Using the Configuration Wizard.

• For more information about the web tier and the DMZ, see Understanding the Firewalls and Zones of a Typical Enterprise Deployment.

• For more information about the ASERVER_HOME directory variable, see File System and Directory Variables Used in This Guide.

Click Next.

Task 2   Selecting the Configuration Templates for Oracle Traffic Director

On the Templates screen, select Oracle Traffic Director -12.2.1.3.0 [otd]

Tip:

More information about the options on this screen can be found in Templates in Creating WebLogic Domains Using the Configuration Wizard.

Click Next.

Task 3   Providing the GridLink Oracle RAC Database Connection Details

No new datasources must be created in the GridLink Oracle RAC Component Schema screen.

Click Next.

Task 4   Testing the JDBC Connections

In the JDBC Component Schema Test screen, test the data source connections that you have configured.

Review that all the tests are successful and click Next.

Task 5   Selecting Advanced Configuration Options

To complete the domain configuration for the topology, select the following option on the Advanced Configuration screen:

System Components

Click Next.

Task 6   Adding System Components for Oracle Traffic Director

On the System Components screen, click Next.

It is not necessary to configure the system components in the configuration wizard. For instructions to create the Oracle Traffic Director instances required for the enterprise deployment, see Starting the Oracle Traffic Director Instances.

Task 7   Creating WebLogic Server Machines for Oracle Traffic Director

Use the Machines screen to create two new machines in the domain. A machine is required in order for the Node Manager to be able to start and stop the servers.

1. Select the Unix Machine tab.

2. Click the Add button to create two new Unix machines, one for each OTD instances.

3. Specify WEBHOSTn in the Node Manger Listen Address field and 5556 in the Node Manager Listen Port field, for each machine.

4. Click Next.

Task 8   Reviewing Your Configuration Specifications and Configuring the Domain

The Configuration Summary screen contains the detailed configuration information for the domain that you are about to extend. Review the details of each item on the screen and verify that the information is correct.

If you need to make any changes, you can go back to any previous screen either by using the Back button or by selecting the screen in the navigation pane.

Click Update to execute the domain extension.

In the Configuration Progress screen, click Next when it finishes.

Tip:

More information about the options on this screen can be found in Configuration Summary in Creating WebLogic Domains Using the Configuration Wizard.

Task 9   Writing Down Your Domain Home and Administration Server URL

The Configuration Success screen shows the following items about the domain that you configured:

• Domain Location

• Administration Server URL

You must make a note of both items as you need them later; the domain location is needed to access the scripts used to start the Administration Server.

Click Finish to dismiss the configuration wizard.

Task 10   Start the Administration Server

If the Admin Server was running during the domain extension process, restart the server to ensure the changes that you have made to the domain have been applied.

Note:

After the domain is extended to include OTD, all applications tier nodes include the OTD installation even if they do not use OTD. This addition is required for home consistency and to maintain the required script references across all nodes.

Propagating the Domain and Starting the Node Manager on the Web Tier Hosts

After you have installed Oracle Traffic Director on the application tier hosts and you have extended the domain with Oracle Traffic Director system components, you can then copy the domain configuration to the hosts on the web tier and configure the Node Manager.

• Packing Up the Domain on the Application Tier
  
• Unpacking the Domain Configuration on the Web Tier Hosts
  
• Configuring and Starting Node Manager on the Web Tier Hosts
  Oracle Traffic Director runs alone on the web tier hosts, and therefore, it is not necessary to create a per node Node Manager for each web tier host. Instead, Oracle Traffic Director nodes use the default per domain Node Manager.

Packing Up the Domain on the Application Tier

Use the following steps to create a template JAR file that contains the domain configuration information:

1. Log in to APPHOST1, and run the pack command to create a template JAR file as follows:

   cd ORACLE_COMMON_HOME/common/bin
    
   ./pack.sh -managed=true \ 
             -domain=ASERVER_HOME \
             -template=full_path/extend_otd_template.jar\
             -template_name=extend_otd_template
   

   In this example:

   • Replace ASERVER_HOME with the actual path to the domain directory you created on the shared storage device.

   • Replace full_path with the complete path to the directory where you want the template jar file saved.

   • extend_otd_template.jar is a sample name for the JAR file that you are creating, which contains the domain configuration files, including the configuration files for the Oracle HTTP Server instances.

   • extend_otd_template is the name assigned to the domain template file.

2. Make a note of the location of the template JAR file that you just created with the pack command.

   Tip:

   For more information about the pack and unpack commands, see Overview of the Pack and Unpack Commands in Creating Templates and Domains Using the Pack and Unpack Commands.

3. Copy the template JAR file to a location available to the web tier hosts.

Unpacking the Domain Configuration on the Web Tier Hosts

Use the following procedure to copy the Oracle Traffic Directory domain configuration information to the web Tier hosts.

1. Log in to WEBHOST1.
2. If you haven't already, create the recommended directory structure for the Managed Server domain on the WEBHOST1 storage device.

   Use the examples in File System and Directory Variables Used in This Guide as a guide.

3. Make sure that the template JAR file that you created with the pack command is accessible to WEBHOST1.
4. Run the unpack command to unpack the template in the domain directory onto the local storage, as follows:

   cd ORACLE_COMMON_HOME/common/bin
   
   ./unpack.sh -domain=WEB_DOMAIN_HOME \
   	    -overwrite_domain=true \
               -template=complete_path/extend_otd_template.jar \ 
               -log_priority=DEBUG \
               -log=/tmp/unpack.log \
               -app_dir=WEB_APPLICATION_HOME
   

   In this example:

   • Replace WEB_DOMAIN_HOME with the complete path to the domain home to be created on the local storage disk. This is the location where the copy of the domain is unpacked.

   • Replace complete_path with the complete path to the domain template jar file that you created when you ran the pack command to pack up the domain on the shared storage device.

   • Replace WEB_APPLICATION_HOME with the complete path to the Application directory for the domain on local storage. See File System and Directory Variables Used in This Guide.

   Tip:

   For more information about the pack and unpack commands, see Overview of the Pack and Unpack Commands in Creating Templates and Domains Using the Pack and Unpack Commands.

5. Change directory to the newly created WEB_DOMAIN_HOME directory and verify that the domain configuration files were copied to the correct location on the WEBHOST1 local storage device.
6. Repeat the unpack steps on WEBHOST2.

Configuring and Starting Node Manager on the Web Tier Hosts

Oracle Traffic Director runs alone on the web tier hosts, and therefore, it is not necessary to create a per node Node Manager for each web tier host. Instead, Oracle Traffic Director nodes use the default per domain Node Manager.

Oracle also recommends that you use the SSL Node Manager in the DMZ for security reasons.

To create the required Node Manager configuration and start Node Manager on each web tier host, follow these steps. Repeat for each web tier host.

1. Navigate to WEB_DOMAIN_HOME/nodemanager.
2. Edit the nodemanager.properties file and check the following properties:

   • ListenAddress = WEBHOSTn

   • SecureListener = true

3. Change the directory to WEB_DOMAIN_HOME/bin.
4. Run the following command to start Node Manager:

   nohup ./startNodeManager.sh > $WEB_DOMAIN_HOME/nodemanager/nodemanager.out 2>&1 &

Creating an Oracle Traffic Director Configuration

An Oracle Traffic Director configuration is a collection of metadata that you can use to instantiate Oracle Traffic Director. Oracle Traffic Director reads the configuration when a server instance starts on the web tier hosts and while processing client requests.

To create a configuration:

1. Log in to Fusion Middleware Control for the application tier domain.
2. From the WebLogic Domain menu, select Administration > OTD Configurations.
3. From the Change Center menu (the lock icon), select Lock & Edit.
4. Click Create.
   The New Configuration Wizard screen is displayed.
5. Specify a name for the configuration, and an origin server type.
   For example, specify edgconfig as the configuration name, select HTTP as the Origin Server Type, and then click Next.
6. In the Create Configuration: Listener screen, accept the default values and click Next.
7. In the Create Configuration: Origin Server Pool screen, click Next.
   You can later add additional origin servers and origin-server pools for the products that you are configuring in the enterprise deployment.
8. In the Create Configuration: Deployment screen, select WEBHOST1 and WEBHOST2 as WebLogic Server machines for deployment. Click Next.
9. Review the screen with the configuration definitions and click Create Configuration to create the configuration.
10. From the Change Center menu (the lock icon), select Activate Changes to make the changes effective.

Note:

The following are automatically created after you create the configuration:

• One virtual servers named edgconfig.

• One instance on each of the hosts that are defined for the configuration.

Starting the Oracle Traffic Director Default Instance

You can use the Oracle Traffic Director configuration to create instances of Oracle Traffic Director servers on one or more administration nodes.

To start the Oracle Traffic Director default instance:

1. Log in to Fusion Middleware Control for Traffic Director.
2. From the WebLogic Domain, select Administration > OTD Configurations.
   A list of the available configurations is displayed.
3. Select the configuration that you created earlier. For more information, see Creating an Oracle Traffic Director Configuration.
4. From the Traffic Director Configuration menu, select Administration > Instances.
   The Instances page is displayed.
5. Select the instance from the list of instances, click Start, and then verify that the operation completes successfully.

Defining Oracle Traffic Director Virtual Servers for an Enterprise Deployment

By default, when you created the configuration, a default virtual server for HTTP access was created, named edg_config. However, each enterprise deployment uses additional Oracle Traffic Director virtual servers and origin-server pools for specific purposes. For example, each time you extend the domain with a new Fusion Middleware product, there are additional virtual servers that must to be defined.

For a complete list of the virtual servers required for the enterprise deployment, see Summary of the Virtual Servers Required for an Enterprise Deployment

For general information about creating Oracle Traffic Director virtual servers, see Creating a Virtual Server in the Fusion Middleware Administering Oracle Traffic Director.

To create and configure virtual servers, you must create the origin server pools and then define the virtual servers.

• Creating the Required Origin Server Pools
  
• Creating the Required Virtual Servers
  
• Creating the Required Virtual Server Routes
  
• Enabling SSL Passthrough
  

Creating the Required Origin Server Pools

Table 12-1 lists the origin server pools required for an enterprise deployment. To create the required origin server pools by using Fusion Middleware Control:

1. Log in to Fusion Middleware Control.
2. From the WebLogic Domain menu, select Administration > OTD Configurations.
   A list of the available configurations is displayed.
3. Select the configuration for which you want to add the Origin-Server Pool.
4. From the Traffic Director Configuration menu, select Administration > Origin Server Pools.
   The Server Pools page is displayed. It displays a list of the server pools (HTTP/Sand TCP server pools) defined for the configuration.
5. From the Change Center menu (the lock icon), select Lock and Edit.
6. Under HTTP/S Origin Server Pools, click Create to create any required HTTP origin-server pools.
7. Under Origin Server Information, specify the address of the servers that are associated with the origin server pool.
8. Click OK on the right-top of the screen.

   You are returned to the Origin Pools page.

9. Under TCP Origin Server Pools, click Create to create any TCP origin-server pools.
10. Under Origin Server Information, specify the address of the servers that are associated with origin server pool.
11. Click OK on the right-top of the screen.

    You are returned to the Origin Pools page.

12. Select Activate Changes in the submenu that shows up when you click the lock icon on the upper-right corner of the screen.
    The details of the origin-server pool that you just created are displayed on the Origin-Server Pools page.
13. Repeat the steps for any additional origin server pools required for the enterprise deployment.

    After the origin-server pool is created, the Results screen of the New Origin-Server Pool wizard displays a message confirming successful creation of the origin-server pool.

14. Select Activate Changes in the submenu that shows up when you click the lock icon on the upper-right corner of the screen.

Table 12-1 lists the origin server pools required by the Fusion Middleware products. You can use this information as you create the origin server pools by using the Oracle Traffic Director management pages in Fusion Middleware Control.

Table 12-1 Origin Server Pools Required for Each Product

Product	Origin-Server Pool	Type	Origin Servers
All products; one for each domain	admin-pool	HTTP	ADMINVHN.example.com:7001
Oracle Web Services Manager	wsm-pool	HTTP	soahost1.example.com:7010 soahost2.example.com:7010
Oracle SOA Suite Business Process Management Oracle SOA Suite for Healthcare	soa-pool	HTTP	soahost1.example.com:8001 soahost2.example.com:8001
Oracle Enterprise Scheduler	ess-pool	HTTP	soahost1.example.com:8021 soahost2.example.com:8021
Business Activity Monitoring	bam-pool	HTTP	soahost1.example.com:9001 soahost2.example.com:9001
Oracle Service Bus	osb-pool	HTTP	soahost1.example.com:8011 soahost2.example.com:8011
Oracle Managed File Transfer	mft-pool	HTTP	mfthost1.example.com:7500 mfthost2.example.com:7500
Oracle Managed File Transfer	mft-sftp-pool	TCP	mfthost1.example.com:7022* mfthost2.example.com:7022*
Oracle SOA Suite for Healthcare	healthcare-tcp-pool	TCP	soahost1.example.com:95nn soahost2.example.com:95nn

Note:

• *7022 is the default port that is used for the SFTP listeners on the Managed File Transfer servers.

• Configure the port numbers appropriately, as assigned for your static or dynamic cluster. Dynamic clusters with the Calculate Listen Port option selected will have incremental port numbers for each dynamic managed server that you create.

Creating the Required Virtual Servers

Table 12-2 lists the virtual servers that are required for an enterprise deployment. To create a virtual server do the following:

1. Log in to Fusion Middleware Control.
2. From the WebLogic Domain menu, select Administration > OTD Configurations.
   A list of the available configurations is displayed.
3. Select the configuration for which you want to create a virtual server.
4. From the Traffic Director Configuration menu, select Administration > virtual server.
5. From the Change Center menu (the lock icon), select Lock and Edit.
6. Under Virtual Servers, click Create.
   The New Virtual Server wizard starts.
7. Enter the name of the virtual server.
8. Select Select listeners for this virtual server and click Next.
9. Select the listener that was created with the configuration and accept other defaults. Click Next.
10. In the Create Virtual Server: Origin Server Pool screen, select Select a pool of origin servers.
11. For each of the Virtual Servers, select the pool as indicated in Table 12-2.

    When you have finished providing the required information, click Next.

12. Review the data in the Create Virtual Server: Review screen, and click Create Virtual Server.
    After the virtual server is created, the Results screen of the New Virtual Server wizard displays a message confirming a successful creation of the virtual server.
13. Select Activate Changes in the submenu that shows up when you click the lock icon on the upper-right corner of the screen.

Table 12-2 lists the virtual servers that are required by the Fusion Middleware products. You can use this information as you create the required virtual servers by using the Oracle Traffic Director management pages in Fusion Middleware Control.

Table 12-2 Virtual Servers Required for Each Product

Product	Virtual Server Name	Host Served	Pool	Listener
All products; one for each domain	admin.example.com	admin.example.com	admin-pool	*
Oracle SOA Suite Business Process Management Oracle B2B Oracle SOA Suite for Healthcare	soa.example.com	soa.example.com	soa-pool	*
Oracle Enterprise Scheduler	soa.example.com	soa.example.com	ess-pool	*
Business Activity Monitoring	soa.example.com	soa.example.com	bam-pool	*
Oracle SOA Suite Business Process Management	soainternal.example.com	WEBHOST1-V1*	soa-pool	*
Oracle Web Services Manager	soainternal.example.com	WEBHOST1-V1*	wsm-pool	*
Oracle Enterprise Scheduler	soainternal.example.com	WEBHOST1-V1*	ess-pool	*
Business Activity Monitoring	soainternal.example.com	WEBHOST1-V1*	bam-pool	*
Oracle Service Bus	osb.example.com	osb.example.com	osb-pool	*
Oracle Service Bus	osbinternal.example.com	WEBHOST2-V1*	osb-pool	*
Oracle Managed File Transfer	mft-http.example.com	mft.example.com	mft-pool	*

Note:

*WEBHOST1-V1 and WEBHOST2-V1 are the VIPS that are used for the corresponding Oracle Traffic Director failover groups.

Creating the Required Virtual Server Routes

Some of the Oracle Fusion Middleware products require specific URIs defined, so specific requests can be routed to the correct Managed Servers and with the correct protocol. In Oracle Traffic Director, you can define these URIs by creating specific routes for the selected virtual servers that you have created.

1. Review the information available in Table 12-3.

   This topic lists all the routes required for each of the specific Oracle Fusion Middleware products. For the products that you are deploying, note the virtual server, then name of the route, the list of URIs, and the origin server pool. You can use that information to create each required route.

2. Log in to Fusion Middleware Control.
3. From the WebLogic Domain menu, select Administration > OTD Configurations.
   A list of the available configurations is displayed.
4. Click the configuration for which you want to create a virtual server.
   The Traffic Director Configuration page appears.
5. From the Traffic Director Configuration menu, select Administration > virtual server.
6. Click the name of the virtual server that you want to edit.
7. Select the Routes tab.
8. From the Change Center menu (the lock icon), select Lock and Edit.
9. Click Create.
   The Create Route page appears.
10. In the Name field, enter a name for the Route.

    Refer to for the list of routes you need to create for each Fusion Middleware product.

11. In the Condition field, click Edit Expression. The Edit Expression dialogue box is displayed.
12. Click Edit Manually.
13. Enter the following syntax to identify a specific URL to which the routing information will be assigned:

    $uri =~ '/context_string'

    For example:

    $uri =~ '/soa-infra'

    If you have to enter multiple URLs, then separate them with or. For example:

    $uri =~ '/soa-infra' or $uri=~'/inspection.wsil'

    Alternatively, you can click Create, and build the expression up via the wizard. For example:

    1. Select $uri in the Variables/Functions list.

    2. Select =~ in the Operator.

    3. Enter /context_string in the Value field.

    4. Click OK. Repeat for each of the conditions to be added. For subsequent conditions, you should also change the expression type to or.

14. Click Validate to check the syntax of the expression. If it is correct, click OK to save the route conditions.
15. From the Origin Server Pool drop-down menu, select the pool that is associated with this route.

    Requests that meet the conditions of this route are directed to the selected pool.

Table 12-3 lists the virtual server routes (or URIs) that are required by the Fusion Middleware products. You can use this information as you create the required routes by using the Oracle Traffic Director management pages in Fusion Middleware Control.

Table 12-3 Virtual Server Routes Required for Each Product

Product	Virtual Server Name	Route	Origin-server pool	URIs
All products; one for each domain	admin.example.com	admin-route	admin-pool	/console /em /consolehelp
Oracle Service Bus	admin.example.com	osbadmin-route	admin-pool	/sbconsole /servicebus
Oracle Web Services Manager	soainternal.example.com	wsm-route	wsm-pool	/wsm-pm
Oracle SOA Suite	soa.example.com	soa-route	soa-pool	/soa-infra /inspection.wsil /integration /sdpmessaging/userprefs-ui /DefaultToDoTaskFlow /workflow /ADFAttachmentHelper /soa/composer /frevvo /insight-soa/
Oracle Service Bus	osb.example.com	osb-route	osb-pool	/sbinspection.wsil /sbresource /osb /alsb /insight-osb/resources/
Business Process Management	soa.example.com	soa-route	soa-pool	/bpm/composer /bpm/workspace
Oracle Enterprise Scheduler	soa.example.com	ess-route	ess-pool	/ess /EssHealthCheck /ess-async /ess-wsjob
Business Activity Monitoring	soa.example.com	bam-route	bam-pool	/bam/composer /OracleBAMWS /oracle/bam/ /insight
Oracle B2B	soa.example.com	soa-route	soa-pool	/b2bconsole /b2b/services /b2b/httpreceiver
Oracle SOA Suite for Healthcare	soainternal.example.com	soa-route	healthcare-pool	/healthcare
Oracle Managed File Transfer	mft-http-example.com	mft-route	mft-pool	/mftconsole

Enabling SSL Passthrough

In the enterprise deployment, Topology SSL is terminated at the hardware load balancer and passed through to Oracle Traffic Director by using the HTTP protocol.

Oracle Traffic Director requires extra configuration steps to ensure that any application redirects occur correctly.

To ensure that application redirects occur correctly, perform the following steps for each route that is associated with a virtual server where SSL is used and terminated at LBR, which are the following virtual servers:

• soa.example.com

• osb.example.com

• mft-http.example.com

1. Log in to Fusion Middleware Control.
2. From the WebLogic Domain menu, select Administration > OTD Configurations.
   A list of the available configurations is displayed.
3. Click the configuration you want to change.
   The Traffic Director Configuration page appears.
4. From the Traffic Director Configuration menu, select Administration > virtual server.
5. Click the name of the virtual server that you want to edit.
6. Select the Routes tab. From the list of the defined routes, click a route, for example, default-route.
7. In the Route Properties screen, expand Advanced Settings.
8. Remove any content in the box labeled Rewrite Headers.
9. In the Parameters Forwarded to Origin Servers section, deselect the following:

   • Cipher

   • Key Size

   • SSL/TLS Session ID

   • Issuer DN

   • User DN

   • Certificate

   • Secret Key Size

   • SSL

10. Repeat steps 8 and 9 for each route in the virtual server.
11. After modifying all the routes in the virtual server, click Activate Changes.

Also, you must configure OTD to insert a header that notifies the origin servers that the client is using SSL. Follow these steps for each virtual server that is using LBR as SSL terminator:

1. Log in to SOAHOST1.

2. Go to ASERVER_HOME/config/fmwconfig/components/OTD/edgconfig/config.

3. Edit the <virtual_server_name>-obj.conf file. For soa.example.com virtual server, edit soa.example.com-obj.conf.

4. Add the following after <Object name=”default”>:

   NameTrans fn="set-variable" insert-headers="wl-proxy-ssl: true"

   With this directive, you configure OTD to insert the header wl-proxy-ssl : true to the origin servers for this virtual server.

5. Repeat the steps with osb.example.com virtual server configuration file and mft-http.example.com virtual server configuration file.

6. Restart the AdminServer.

7. Restart the OTD instances.

Creating a TCP Proxy for an Enterprise Deployment

Oracle MFT uses a TCP proxy to route SFTP requests to the backend MFT WLS servers.

To create a TCP Proxy, do the following:

1. Log in to Fusion Middleware Control. Click the WebLogic Domain button at the upper-left corner of the page.
2. Select Administration > OTD Configurations.
   A list of the available configurations is displayed.
3. Select the configuration for which you want to create a TCP Proxy.
4. In the Common Tasks pane, click Traffic Director Configuration.
5. Select Administration > TCP proxies.
6. In the TCP Proxies table, click Lock & Edit, and then Create.
   The New TCP Proxy wizard starts. Table 12-4 lists the TCP proxies that are required for an enterprise deployment.
7. Enter a name for the proxy without selecting FTP, and click Next.
8. In the Create TCP Proxy: Listener screen, specify the name of the listener, the corresponding port, and * as address. Click Next.
9. In the Create TCP Proxy: Origin Server Pool screen, select the corresponding pool that you created in the previous steps. Click Next.
10. Review the next screen and click Create TCP Proxy.
11. Select Activate Changes in the submenu that shows up when you click the lock icon on the upper-right corner of the screen.

Table 12-4 Summary of the TCP Proxies

Product	TCP Proxy Name	Origin Server Pool	TCP Listener Name	TCP Listener Port
Oracle Managed File Transfer	mft-sftp.example.com	mft-sftp-pool	mft-ftp-listener	*:7022
Oracle SOA Suite for Healthcare	soahealthcare.example.com	healtchare-tcp-pool	healthcare-tcp-listener	*:9500

Creating a Failover Group for Virtual Hosts

A failover group ensures high availability of Oracle Traffic Director instances by combining two Oracle Traffic Director instances.

When a request is sent to one of the virtual hosts in the EDG, the front end load balancer redirects the request to the IP address that has been configured to load balance requests. This IP address is enabled on one of the OTD instances but it can be migrated to another OTD instance should a failure occur. You can combine two Oracle Traffic Director instances in a failover group represented by one or two virtual IP (VIP) addresses. You can do this by creating an active-passive failover group for the IP address. This failover group lists a primary and a number of secondary instances.

The following instructions explain how to create failover groups for the IP addresses associated with the different virtual servers in the configuration. The failover groups for the MFT OTD IP addresses are optional since the load balancer fails over requests between the two Oracle Traffic Director instances, but they provide faster failure detection and failover than the typical load balancer monitors.

For more information about creating failover groups or other high availability configurations for Oracle traffic Director, see Configuring Oracle Traffic Director for High Availability in the Administrator's Guide.

• Creating Failover Groups
  You can implement a highly available pair of Oracle Traffic Director instances by creating failover groups.

Creating Failover Groups

You can implement a highly available pair of Oracle Traffic Director instances by creating failover groups.

Before you begin:

• Decide the unique VIP address that you want to assign to the failover group.

  • The VIP addresses should belong to the same subnet as that of the nodes in the failover group.

  • The VIP addresses must be accessible to clients.

  Note:

  To configure an active-active pair of Oracle Traffic Director instances, you must create two failover groups with the same instances, but with a distinct VIP address for each failover group, and with the primary and backup node roles reversed.

• Identify the Oracle Traffic Director nodes that you want to configure as primary and backup nodes in the failover group. The nodes should be in the same subnet.

  Note that the nodes that you select have Oracle Traffic Director instances present on them for the specified configuration.

• Identify the network interface for each node.

  For each network interface that is currently up on the host, the administration server compares the network part of the interface's IP address with the network part of the specified VIP. The first network interface that results in a match is used as the network interface for the VIP.

  For this comparison, depending on whether the VIP specified for the failover group is an IPv4 or IPv6 address, the administration server considers only those network interfaces on the host that are configured with an IPv4 or IPv6 address, respectively.

• You can bind to a VIP IP address within the HTTP listener by performing a system configuration that allows you to bind to a non-existing address, as a sort of forward binding. Perform one of the following system configurations:

  echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind
  

  or

  sysctl net.ipv4.ip_nonlocal_bind=1 
  

  (change in /etc/sysctl.conf to keep after a reboot)

  Make sure that the IP addresses of the listeners in the configuration for which you want to create a failover group are either an asterisk (*) or the same address as the VIP. Otherwise, requests sent to the VIP are not routed to the virtual servers.

• Make sure that the router ID for each failover group is unique. For every subsequent failover group that you create, the default router ID is decremented by one: 254, 253, and so on.

To create a failover group by using the Fusion Middleware Control, do the following:

1. Log in to Fusion Middleware Control.
2. Click the WebLogic Domain button at the upper left corner of the page.
3. Select Administration > OTD Configurations.
   A list of the available configurations is displayed.
4. Select the configuration for which you want to create a failover group.
5. Click the Traffic Director Configuration in the Common Tasks pane.
6. Select Administration > Failover Groups.
   The Failover Groups page is displayed. It shows a list of the Failover Groups defined for the configuration.
7. Click Lock & Edit, and then click Create in the Active Passive Failover Groups tab.
8. In the Failover Group Creation screen, enter the following

   • Virtual IP: Enter the floating hostname that is moved across nodes. This needs to map top a valid Virtual IP that can be enabled both in WEBHOST1 and WEBHOST2. Make sure this VIP is not yet enabled in the nodes.

   • Router ID: Enter a number from 1 to 255. The value must be unique across failover groups because this value is the identifier for the VRRP process that performs the IP failover.

   • Select the Primary and Backup Instance to host the VIP and enter the required network interfaces where the VIPs will be enabled.

   Note:

   Generally it is sufficient to leave Network Interface (NIC) at the default value of Auto Detect. If you leave the default, Oracle Traffic Director (OTD) determines which network interface card to use based on the IP address of the failover group. If, however, this is not easily derivable, for example, if you have not used a standard CIDR associated with the IP address, you may have to manually tell OTD the network interface to which the failover group should be attached.

   For example, if your internal IP address is 192.168.1.1, and it is associated with bond0, and uses a valid net mask (CIDR), and your IP address of the failover group is 192.168.50.1, OTD knows to use network interface bond0. If, however, OTD cannot determine the appropriate interface, you are required to specify it in this field.

   Oracle Traffic Director validates the information before creating the failover group.

   If you receive a validation error similar to the following, the IP Address you are trying to assign is incompatible with the current configuration of the network card. If you see this error you will have to choose a different IP Address/netmask:

   OTD-67322 The specified virtual IP 'x.x.x.x' cannot be bound to any of the network interfaces on the node 'hostname'. 
   The IP addresses bound to the node are [......] check if the specified virtual IP is in the proper subnet. 
   This error could also be caused if either the network interfaces on the node are not configured correctly or if the network prefix
   length is incorrect.
   

9. Click Close on the Results screen.
   The details of the failover group that you just created are displayed on the Failover Groups page.

   Note:

   • At this point, the two nodes form an active-passive pair. To convert them into an active-active pair, create another failover group with the same two nodes, but with a different VIP and with the primary and backup roles reversed.

   • When you create a failover group you must run otd_startFailover on those machines as a root user. This is to manually start the failover. If this command is not executed, failover does not start and there is no high availability. For more information about otd_startFailover, see WebLogic Scripting Tool Command Reference for Oracle Traffic Director.

     To run the otd_startFailover command, follow these steps:

     Start WLST as root or as a user with sudo rights.

     			[root@webhost1]# ./wlst.sh 
     			Initializing WebLogic Scripting Tool (WLST) ... 
     			Jython scans all the jar files it can find at first startup. Depending on the 
     			system, this process may take a few minutes to complete, and WLST may not 
     			return a prompt right away. 
     
     			wls:/offline> wls:/offline> props = {} 
     
     			wls:/offline> props['domain-home'] = 
     			'/u02/oracle/config/domains/mftedg_domain/' 
     
     			wls:/offline> props['instance'] ='otd_edgconfig_WEBHOST1' 
     
     			wls:/offline> otd_startFailover(props)

     Run the failover command in WEBHOST2 also. Use the WEBHOST2 instance name in this case. For example: props['instance'] ='otd_edgconfig_WEBHOST2’.

   • The operating system keepalived package is needed for otd_startFailover. This package is not bundled with all Linux distribution and it needs to manually installed on the operating system. Refer to your operating system for details and installation.