This is the second and last part of the posts regarding the installation of a EDG-based SOA HA installation. The first part handled the configuration of the environment, this post will explain how to correctly configure the WebLogic domain, and the SOA applications for a highly available setup.
SOA Domain Configuration
1. Create Domain
2. Define domain name, domain location and application location
3. Select optional configuration steps:
4. Configure the Administration Server
5. Configure Managed Servers.
On this step, is necessary to change the names of the managed servers already defined by the installer, and then create new ones for the second node of the cluster.
Change bam_server1 name to WLS_BAM1, and soa_server1 to WLS_SOA1.
Then, create 4 extra managed servers, the final list should look like this:
Please note that servers BAM1/SOA1/SOA2 listen on specially created VIPs, while WSM1/WSM2/BAM2 listen on hosts addresses.
6. Configure Clusters.
7. Assign Servers to Clusters:
8. Configure Machines.
Create 2 unix machines, listening on the default address and port
9. Assign Servers to Machines:
10. Target Deployments to Cluster or Servers:
11. Target Services to Clusters or Servers:
12. Configure JMS File Store.
Complete the Directory field according to the following table:
Name |
Directory |
PS6SOAJMSFileStore_Auto_1 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/SOA_CLUSTER/jms |
PS6SOAJMSFileStore_Auto_1 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/SOA_CLUSTER/jms |
UMSJMSFileStore_auto_1 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/SOA_CLUSTER/jms |
UMSJMSFileStore_auto_2 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/SOA_CLUSTER/jms |
UMSJMSFileStore_auto_3 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/BAM_CLUSTER/jms |
UMSJMSFileStore_auto_4 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/BAM_CLUSTER/jms |
BPMJMSFileStore_auto_1 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/SOA_CLUSTER/jms |
BPMJMSFileStore_auto_2 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/SOA_CLUSTER/jms |
SOAJMSFileStore_auto_1 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/SOA_CLUSTER/jms |
SOAJMSFileStore_auto_2 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/SOA_CLUSTER/jms |
AGJMSFileStore_auto_1 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/SOA_CLUSTER/jms |
AGJMSFileStore_auto_2 |
/opt/11.1.1.7/admin/domains/soa_domain/aserver/SOA_CLUSTER/jms |
13. Create domain summary
14. Create boot.properties File
mkdir -p servers/AdminServer/security
vi servers/AdminServer/security/boot.properties
username=weblogic
password=xxxxxx
There should be no spaces after username or password and no new lines after or before those two.
15. Start AdminServer VIP
16. Start AdminServer
17. Configure NodeManager Credentials
18. Apply JRF Template to WSM_CLUSTER
19. Stop AdminServer
Cancel the process running on the console using ctrl+c or stop the server from the AdminServer Console.
20. Edit setDomainEnv.sh
EXTRA_JAVA_PROPERTIES="${EXTRA_JAVA_PROPERTIES} -Dsoa.archives.dir=${SOA_ORACLE_HOME}/soa -Dsoa.oracle.home=${SOA_ORACLE_HOME} -Dsoa.instance.home=${DOMAIN_HOME} -Dtangosol.coherence.clusteraddress=227.7.7.9 -Dtangosol.coherence.clusterport=9778 -Dtangosol.coherence.log=jdk -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Dweblogic.transaction.blocking.commit=true -Dweblogic.transaction.blocking.rollback=true -Djavax.net.ssl.trustStore=${WL_HOME}/server/lib/DemoTrust.jks"
Replace the highlighted text with:
EXTRA_JAVA_PROPERTIES="${EXTRA_JAVA_PROPERTIES} -Dsoa.archives.dir=${SOA_ORACLE_HOME}/soa -Dsoa.oracle.home=${SOA_ORACLE_HOME} -Dsoa.instance.home=${DOMAIN_HOME} -Dtangosol.coherence.clusteraddress=227.7.7.9 -Dtangosol.coherence.clusterport=9778 -Dtangosol.coherence.log=jdk -Djavax.xml.soap.MessageFactory=oracle.j2ee.ws.saaj.soap.MessageFactoryImpl -Dweblogic.transaction.blocking.commit=true -Dweblogic.transaction.blocking.rollback=true -Djavax.net.ssl.trustStore=/opt/11.1.1.7/admin/domains/soa_domain/aserver/certs/appTrustKeyStore.jks"
21. Import Front End Certificate Authority SSL Certificate to the Java Trust Keystore
keytool -import -trustcacerts -keystore /opt/11.1.1.7/admin/domains/soa_domain/aserver/certs/appTrustKeyStore.jks -storepass ******* -file /home/oracle/verisign.cer -alias soa.mydom.com
Certificate was added to keystore
Note: If the signing CA is an intermediate authority, you will need to make one file containing both base64 certificates concatenated.
22. Start NodeManager
23. Start AdminServer
24. Create and Execute soaScript.py
This script automates several tasks described in the SOA Enteprise Deployment Guide needed to prepare the environment for the SOA installation. Before executing the script, you should read it carefully and update the required variables according to the environment.
It performs the following actions:
Enables Weblogic Plugin option on the domain
Creates leasing datasource
Sets root , stage and upload directory for AdminServer and all managed servers
Sets SSL Identity and trust for AdminServer an all managed servers
Sets replication groups for managed servers
Enables auto migration for SOA and BAM servers
Sets Transanction logs directory for all managed servers
Sets Front end host for SOA
25. Next step:
$SOA_HOME/common/bin/wlst.sh soaScript.py
26. Configure OHS Instance on Host testserver1
Login to a GUI console on testserver1
Execute $WTIER_HOME/bin/config.sh
cp /home/oracle/soa_vh* /opt/11.1.1.7/admin/instances/instance1/config/OHS/ohs1/moduleconf
/opt/11.1.1.7/admin/instances/instance1 opmnctl restartproc process-type=OHS
27. Configure OHS Instance on Host testserver2
Repeat the steps of the previous section on the server testserver2. Change "Instance Home" and "Instance Name" for "instance2", and "OHS Component Name" to "ohs2.
28. Configure Load Balancer
At this point, the Load Balancer should be configured to balance requests between servers. All request should be received in the url http://soa.mydom.com, and should be balanced to http://testserver1.mydom.com:7777/ and http://testserver2.mydom.com:7777/, the OHS servers will take care of the doing the proxy work to the correct managed servers.
Create Managed Server Template
/opt/11.1.1.7/middleware/wlserver_10.3/common/bin/pack.sh -managed=true -domain=/opt/11.1.1.7/admin/domains/soa_domain/aserver/soa_domain -template=/opt/11.1.1.7/admin/domains/soa_domain/aserver/soaDomainTemplateI.jar -template_name=DomainTemplate_Managed
29. Unpack Managed Server Template on Host testserver1
/opt/11.1.1.7/middleware/wlserver_10.3/common/bin/unpack.sh -overwrite_domain=true -domain=/opt/11.1.1.7/admin/domains/soa_domain/mserver/soa_domain -template=/opt/11.1.1.7/admin/domains/soa_domain/aserver/soaDomainTemplateI.jar -app_dir=/opt/11.1.1.7/admin/domains/soa_domain/mserver/applications
30. Unpack Managed Server Template on Host testserver2
/opt/11.1.1.7/middleware/wlserver_10.3/common/bin/unpack.sh -overwrite_domain=true -domain=/opt/11.1.1.7/admin/domains/soa_domain/mserver/soa_domain -template=/opt/11.1.1.7/admin/domains/soa_domain/aserver/soaDomainTemplateI.jar -app_dir=/opt/11.1.1.7/admin/domains/soa_domain/mserver/applications
31. Configure Java Object Cache for WSM_CLUSTER
./wlst.sh
wls:/offline> connect('weblogic','xxxxxx','t3://adminsoa-prod.mydom.com:7001')
Connecting to t3://adminsoa-prod.mydom.com:7001 with userid weblogic ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'soa_domain'.
wls:/soa_domain/serverConfig>execfile('/opt/11.1.1.7/middleware /oracle_common/bin/configure-joc.py')
Enter Hostnames (eg host1,host2) : testserver1.com,testserver2.com
.
Do you want to specify a cluster name (y/n) y
.
Enter Cluster Name : WSM_CLUSTER
.
Enter Discover Port : 9991
.
Enter Distribute Mode (true|false) : true
.
Do you want to exclude any server(s) from JOC configuration (y/n) n
32. Change BAM Application Targets
33. Start All Managed Servers
33. Copy system-jazn-data.xml File to aserver Directory
After starting all managed servers for the first time, the system-jazn-data.xml file in the managed server domain home is updated to include grants for all SOA Applications. This file should be copied to the AdminServer domain home before restarting any server again, because the Managed Servers obtain their copies of configuration files from the AdminServer, and the updated file could be lost.
cp /opt/11.1.1.7/admin/domains/soa_domain/mserver/soa_domain/config/fmwconfig/system-jazn-data.xml /opt/11.1.1.7/admin/domains/soa_domain/aserver/soa_domain/config/fmwconfig/system-jazn-data.xml
34. Change OPSS Store to Database
This procedure migrates the Oracle Platform Services Store from file (system-jazn-data.xml and cwallet.sso) to inside the Oracle metadata repository created for the installation. It is needed to make sure the problems described in the previous section do no reoccur. You can check the entire explanation here: http://fusionsecurity.blogspot.com.ar/2011/10/reassociation-business.html#more
35. Configure SOA Front End Server Name
36. Configure BAM Server Front End Server Name
37. Configure BAM Web Front End Server Name
38. Configure Resource Adapters for HA
In order to use the resource adapters in the SOA infrastructure, most of them have to be modified after installation using deployment plans, and then redeployed. This is usually done from the Administration Console. In an HA environment, the deployment plan must be accesible from all nodes during redeployment, so it's necessary to place them on the shared disk.
It's a good practice to modify the adapters for the first time in order to create the deployment plan in the shared directory before the developers start working on it, cause they might not be aware of the architecture and could face problems when placing it in a local directory. In the following example, the file adapter is modified to have the control directory in the shared disk (this is also mandatory):
39. Configure Security Providers Virtualization
40. Restart All Managed Servers
Using the Administration Console, restart all managed servers.
Disclaimer - Views expressed in this blog are author's own and do not necessarily represents the policies of aclnz.com