1. Essbase Stack Deployment on Oracle Cloud Infrastructure
  2. Set Up Oracle Essbase
  3. Deploy Essbase
  4. Create Stack

Create Stack

Create the Oracle Essbase stack, from Oracle Cloud Marketplace.

As the Oracle Cloud Infrastructure administrator, you use Oracle Cloud Infrastructure to set up Essbase. Oracle Cloud Marketplace uses Oracle Resource Manager to provision the network, compute instances, Autonomous Database for storing Essbase metadata, and Load Balancer.

During this process, you'll need to provide other administrator user IDs. Review Administrator Access Requirements to understand what these administrator accounts can do.

  1. Read prerequisites and requirements that you need to know or do before deployment. See Before You Begin with Oracle Essbase.
  2. Sign into Oracle Cloud Infrastructure console as the Oracle Cloud Infrastructure administrator.
  3. From the navigation menu, select Marketplace.
  4. On Oracle Marketplace page,
    1. In the title bar, select or accept the region from which to run the deployment.
    2. In the Category dropdown menu, select Database Management.
    3. Under All Applications, select Oracle Essbase.
    4. Select the stack version, or accept the default.
    5. From the dropdown menu, select the target Compartment that you created for Essbase, in which to create the stack instance.
    6. Select the check box to indicate you accept the Oracle Standard Terms and Restrictions.
    7. Click Launch Stack.
  5. In Stack Information, on the Create Stack page.
    1. For My Configuration, the terraform configuration source files to be uploaded, select Zip File (instead of the default Folder option). If necessary, drop or browse to the stack zip file. The stack name is displayed.

      Note:

      During deploy Essbase stack processes, the following options appear in OCI Console but should not be used as they are not supported in Essbase on OCI deployments.

      • Edit the Terraform configuration zip file in a code-based editor drop-down option from the Edit Stack button
      • Use Custom Terraform Providers check box option
    2. Enter the stack description and other stack information, as necessary.
    3. Click Next.
  6. In General Settings, on the Configure Variables page, you configure variables for the infrastructure resources that the stack creates.
    • [Optional] Enter Unique Stack ID to identify your resources generated during stack deployment. For example, essbase_<userid>. Provide a meaningful Unique Stack ID. This name is used as a dimension for filtering Essbase metrics that correspond to components in this stack. If not entered, the display name is automatically generated.
    • The Target Compartment that you created for Essbase, in which to create the stack instance, is displayed here.
    • If you want to create a new node (VM), based on an existing deployment using the new image, select Upgrade Stack. This selection updates the stack configuration page to display only those fields that are required for image update. If selected, skip the following step.
  7. In Essbase Instance - when Upgrade Stack was NOT selected in General Settings, the following options are displayed and available for your selection:
    1. Select an Essbase Availability Domain in which to create the Essbase compute instance.
    2. Select the Essbase Instance Shape for the Essbase compute instance.
      If VM.Standard.En.Flex, VM.Optimized3.Flex, or VN.Standard3.Flex (new Intel flex shapes) compute shape is selected, additional entry fields are displayed:
    3. Enter the Data Volume Size or accept the default. The minimum value is 256GB. You can also select [Optional] Config Volume Size, [Optional] Temp Volume Size; minimum value is 64 GB.
    4. Paste the value of the SSH Public Key that you created, to access the Essbase compute instance.
    5. In the Essbase System Admin User Name field, enter an Essbase administrator user name - you can optionally use the Identity Cloud Service user name. It provides an additional way to log in to Essbase, and is also the administrator used to Access the WebLogic Console on which Essbase runs. If you don't enter an Identity Cloud Service user in this field, you must provide one in the IDCS Essbase Admin User field later in the stack definition, in the Identity Configuration section. If you have already used Identity Cloud Service user name in Essbase System Admin User Name field, you must provide a different Identity Cloud Service user name in the IDCS Essbase Admin User field, under the Identity Configuration section.
    6. In the Essbase System Admin User Password field, enter an OCID for the Vault secret that contains the password for the Essbase system admin user. See Create Vault, Secrets, and Encrypt Values. (For 19c through 19.3.0.4.5, this field contained the encrypted admin password you created using the CLI tool).
    7. [Optional] Enter Essbase Instance Timezone.
    8. [Optional, but required for Federated Partitions].

      You can change Catalog Storage Type from the default (Local Filesystem) to Object Storage. However, once you change to Object Storage, you cannot change back to Local Filesystem after deployment. Default Local Filesystem path is /u01/data/essbase/catalog, for /users, /shared, and /system directory, which has Datasource, wallet, and connection details.

      If you choose Object Storage as catalog storage type, Essbase catalog storage is integrated with Oracle cloud storage and a new Object Storage bucket is created. This bucket can be used for storing objects, which include Essbase artifact files (such as data or rules) to be used in Essbase jobs (such as data load and dimension build). Essbase buckets are visible on Resource Manager > Stacks > Stack Details>Application Information page under Storage Details.

      Under the Storage Details header, Catalog Bucket Name is found. Essbase artifacts integrate with Object Storage or external object stores, for various import/export use cases. Note that Application folder is on disk, so related artifacts (data, rules, jobs) are stored on /u01/data/essbase/app. Currently, only /users and /shared folders are integrated with Object Storage, so only those folder files are stored on Object Storage inside the newly created buckets, if Object Storage is opted as catalog storage during stack creation.

      Note: Do not create or delete folders in user directories using Bucket object or by using ssh. Perform all file catalog operations using Essbase web interface or REST API.
    9. [Optional] Starting from release 21.5.x and onwards, select the checkbox Deploy Smart View Server if you want to configure Oracle Smart View for Office (Mac and Browser). Selecting this option deploys Oracle Smart View for Office (Mac and Browser) for Essbase and starts the Smart View server along with the Essbase server. See Deploying and Administering Oracle Smart View for Office (Mac and Browser) and Working with Oracle Smart View for Office (Mac and Browser)

      Note: Smart View for Office (Mac and Browser) can only be deployed on a fresh Essbase deployment. If you are upgrading from a previous release, you are not given the option to deploy Smart View for Office (Mac and Browser).

  8. In Essbase Instance - if Upgrade Stack was selected above in General Settings, then follow the process in Upgrade Stack. When done, skip to the Review Page Step below.
  9. In Monitoring Configuration
    • [Optional] Enter Notification Topic OCID, to which messages are published. For information on how to enable notifications, see Notifications Overview.
    • [Optional] Select Enable Monitoring to support publishing of metrics to the Monitoring Service.
  10. In Identity Configuration:
    1. For Identity Provider, select IDCS. To set up security and access, you integrate Essbase with Identity Cloud Service as part of the stack deployment. The Embedded LDAP option isn't recommended or supported for production workloads.
    2. Enter the IDCS Instance GUID, IDCS Application Client ID, and IDCS Application Client Secret values, which you recorded as pre-deployment requirements, after you created a confidential Identity Cloud Service Application.
    3. Enter IDCS Essbase Admin User value. This ID must already exist in the Identity Cloud Service tenancy. If you don't provide this user ID during stack creation, or if it's mapping to the initial Essbase administrator wasn’t done correctly, you can later use the Identity Cloud Service REST API to create this user and link it to Essbase. See REST API for Oracle Identity Cloud Service.
  11. In Database Configuration, after you have reviewed database connectivity recommendations and rules (in Set Relational Database Connectivity), select from the following options.
    Database options and considerations:
    • Starting with 21.4, you have the option of creating a secure database. You can have restricted access through the VCN you configure or through a private endpoint. These options are only available when you create a new database on a new network (when you did not select Use Existing Network or Use existing database).
      1. Select Show Advanced Database Options.
      2. [Optional] If you want to restrict database access to a private endpoint in an OCI VCN, select Private endpoint access only for database.
      3. Accept the default new database type Autonomous Transaction Processing (ATP) or select Autonomous Data Warehouse (ADW). The database will have a private endpoint, a private IP, and the database only communicates through the created OCI VPN.
    • If you want hardened network and security rules, see the section: Harden Network and Autonomous Database Security Rules in Complete System and Security Hardening and Cleanup Tasks.
    • If you plan to use the Oracle Autonomous Database deployed automatically by the stack, you must provide the OCID for the Vault secret that contains the DB password. (For 19c through 19.3.0.4.5, this field contained the encrypted DB password you created using the CLI tool). Select the database license or accept the default.
    • If you plan to use an existing Oracle Autonomous database, and select Use Existing Database, provide the OCID for the Vault secret that contains the DB password. This is the same password that you have provided during the DB service creation. Specify the compartment in which Autonomous Transaction Processing was created. (For 19c through 19.3.0.4.5, this field contained the encrypted DB password you created using the CLI tool).
    • If you plan to use Federated Partitions, you must provide an Autonomous Data Warehouse Serverless instance to host the Essbase RCU schemas as well as the schema that holds the fact table. Select Use Existing Database option to deploy to your instance of Autonomous Data Warehouse Serverless.
    • To use an existing Oracle Cloud Infrastructure Database System for the internal Essbase repository, select the option Database System for Database Type, and specify the compartment and database details. The database must be accessible to the created compute node. If the database has a private IP, use the existing network option where the network is set up, to allow for traffic between the subnet that hosts the compute node and the subnet that hosts the database. See Bare Metal and Virtual Machine Database Systems.
  12. In Network Configuration:
    1. If you chose Use Existing Network, select the name of the existing virtual cloud network. You can still create a new instance of the Autonomous Transaction Processing database.
    2. If you want to create a new virtual cloud network, enter a Virtual Network CIDR value to assign the VCN. See Overview of Networking.
    3. Select the target network compartment, virtual network, and application subnet.
    4. If you want to create a private Essbase subnet, enter an Application Network CIDR to assign to the subnet for the target Essbase compute node.
    5. Select a subnet strategy: use an existing public subnet or select Create a Private Essbase Subnet for the Essbase node.
    6. [Optional] Select Public Essbase Node Visibility to enable a public IP address for the Essbase instance. If selected, the subnet provided must allow for public IP address.
  13. In Load Balancer Configuration:
    1. Select Provision Load Balancer to provision it in Oracle Cloud Infrastructure with a demo certificate. This is not recommended for production workloads.
    2. Select Public Load Balancer Visibility to enable a public IP address for the Load Balancer, and to add an extra layer of security. Select a load balancer shape.
  14. In Bastion Configuration:
    Under Bastion Configuration (Option available only until 19.3.0.4.5), if Public Essbase Node Visibility is not set:
    1. Select Provision Bastion to enable the creation of a bastion.
    2. Select a Bastion Availability Domain to provide the target availability domain of the bastion.
    3. Select a Bastion Instance Shape. You must have the capacity of the target shape in the given availability domain for the bastion compute instance to be created successfully. Your bastion shape value doesn't need to match the compute node shape.
    For 19.3.0.5.6 and later:

    When you deploy a stack with private IP, a Bastion is used to access it and you're required to enable Oracle Cloud Agent (OCA) Bastion plugin on the compute node. In order to do that, open compute instance in OCI, go to Oracle Cloud Agent tab, and enable the Bastion toggle switch. For more information on OCA plugin, see Manage Plugins with Oracle Cloud Agent. Bastion creation and configuration doesn't need to be done during deployment. It can be done later, when access is needed. See Access Oracle Essbase Using SSH.

  15. Click Next.
  16. REVIEW PAGE STEP - on the Review page, you review the information that you provided. If you want to immediately provision the resources defined in the configuration, run the apply job on the new stack, by selecting Run Apply. Click Create (or Upgrade) to create the stack. The Job Information tab in Oracle Resource Manager shows the status until the job finishes and the stack is created. This can be modified, as job status only shows us the status of OCI resources created and allotted. To check stack configuration, use Monitoring by providing notification of OCID or SSH into the image.
  17. Check for any log errors. If necessary, see Troubleshoot Deployment Errors.
  18. If Upgrade Stack was selected, and the job is completed, add the private IP of the Target node to the Source node load balancer (if it is there). For detailed steps for this, see the load balancer details in Upgrade Stack and After Upgrade of Stack. Otherwise, you can access Essbase using the URL:
    https://essbase_node_public_ip/essbase
  19. After you complete deployment, then complete the post-deployment tasks, including: modifying your created Identity Cloud Service application, testing connectivity to Essbase, and the other listed tasks.

You can modify the created resources and configure variables later. Logs are created that can be forwarded to Oracle Support, if necessary for troubleshooting. After deployment, you're ready to assign users to roles and permissions in the Essbase web interface. You can also perform additional network and security configuration.

Reviewing or Collecting Output After Deployment

If you didn't keep a record of all of the deployment output, an Oracle Cloud Infrastructure administrator can collect them from the Variables page or Application Information of the Oracle Resource Manager, as well as in the client configuration details of the Identity Cloud Service confidential application.

  • Viewing the Deployment

    Log into Oracle Cloud Infrastructure console, go to Resource Manager for your compartment, and view the details for the Essbase stack you created. From there, if you click on the apply job, you can see the deployment log and output details. If you selected to use a load balancer, its public IP is in the essbase_url. For 19c through 19.3.0.4.5, if you have deployed a bastion host, the outputs include a bastion_host_public_ip and there isn't an essbase_node_public_ip.

  • Viewing the Variables

    In addition to using the log to find and record deployment details, you can also view most of them in the Variables page or the Application Information page of the Resource Manager. If you selected to use a load balancer, create_load_balancer is true.

  • Viewing the Confidential Application Configuration

    To locate the client secret, which is masked in Resource Manager, an Identity Cloud Service Administrator can go to the Identity Cloud Service Console, select the confidential application, and view its configuration.