In my previous post I had configure Oracle HTTP server and an Apache LoadBalancer to handle all HTTP(s) traphic for IDM. In this post I will create the Oracle WebLogic Server Administration Console and Oracle Enterprise Manager Fusion Middleware Control. Later on we will extend this domain by adding Oracle Fusion Middleware components such as Oracle Identity Manager and Oracle Access Manager. Furthermore in this post we will configure Oracle HTTP server to handle HTTP(s) traphic for the Administration Server and Enterprise Manager through the loadbalancer.
We first start by associate the Administration Server with a virtual IP address, ADMINVHN.mycompany.com. To enable the virtual IP address log in as root and open file /etc/rc.d/rc.local and add the following lines:
======================================================= #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. touch /var/lock/subsys/local /sbin/ifconfig eth0:1 22.214.171.124 netmask 255.255.255.0 /sbin/arping -q -U -c 3 -I eth0 126.96.36.199
Now open file /etc/hosts and add the following line to associate the virtual IP address to ADMINVDH.mycompany.com
Now restart the server and you will end up with your regular IP address and the virtual IP address.
Running the Configuration Wizard to Create a Domain
Start the Configuration Wizard by going to directory /u01/app/oracle/product/fmw/oracle_common/common/bin and issuing
On the Welcome screen choose to create a new Weblogic domain and click on Next.
- Basic WebLogic Server Domain (This is selected automatically and disabled.)
- Oracle Enterprise Manager [oracle_common]
- Oracle JRF [oracle_common]
On the next screen specify the administrator user and password.
Leave the next screen, Configure Managed Servers as is and click on Next. Leave the next screen, Configure Clusters as is and click on Next. On the next screen choose Unix Machine and click on the Add icon. Now a line appears in the grid. Set Name field to ADMINHOST and leave all other fields default.
To be able to start the AdminServer without it prompting us for the administrator password, first create a directory called security in directory /u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/servers/AdminServer
Then create a file called boot.properties in this security directory and add the following lines:
username=weblogic password=[password you specified during install for administrator]
Starting Node Manager
Now start the node manager by going to directory /u01/app/oracle/product/fmw/wlserver_10.3/server/bin and start the following script.
After node manager is started you will see that it is listing on port 5556
Open a new terminal window and go to directory /u01/app/oracle/product/fmw/oracle_common/common/bin and start following script.
This will set the StartScriptEnabled property to true.
Close this terminal window and go to the terminal window where the node manager was started. Kill this process by hitting CTLR+Z. Now start the node manager again so that the property change will be effectuated.
Updating the Node Manager Credentials
The Administration server is started by using wlst (WebLogic Scripting Tool ) and connecting to the Node Manager. The configuration wizard of the AdminServer created a default username and password for the Node Manager. We will change this. Start AdminServer by going to directory /u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/bin and issuing
You will see the following:
Now start a browser session and type the following url http://ADMINVHN.mycompany.com:7001/console.
Log in with the administrator user (weblogic) and the password you provided during installation. Once logged in clock on the button Lock and Edit, to enable changes to be made. Click on IDMDomain and select tab security and then tab General.
Stop AdminServer by opening a new terminal window and go to directory /u01/app/oracle/admin/IDMDomain/aserver/IDMDomain/bin and issue
Now we will start the AdminServer via wlst.
Go to directory /u01/app/oracle/product/fmw/oracle_common/common/bin and issue:
After wlst has started connect to the NodeManager by issuing:
nmConnect('oracle','fusionapps', 'FusionIDM','5556', 'IDMDomain','/u01/app/oracle/admin/IDMDomain/aserver/IDMDomain')
Once conneted issue the following to start the AdminServer
The Weblogic Server Administration Console is now accessible again from the browser. Start a browser session and log in with the administrator user weblogic. Click on Lock and Edit. From the left pane select Environment-Servers and click on AdminServer
Set Hostname Verification to None and click on Save at the bottom of the screen and click on Activate Changes in the left pane.
For the changes to take effect we need to restart the AdminServer. Go to the terminal window with wlst running (if closed, restart wlst) and issue the commands
wls:/nm/IDMDomain> nmKill('AdminServer') wls:/nm/IDMDomain> nmStart('AdminServer')
Configuring Oracle HTTP Server for the Administration Server
To enable Oracle HTTP Server to route to the Administration Server, we have to set the corresponding mount points in our HTTP Server configuration.
Create a file called admin.conf in directory /u01/app/oracle/admin/ohs_inst1/config/OHS/ohs1/moduleconf and add the following:
<VirtualHost *:7777> ServerName admin.mycompany.com:80 ServerAdmin email@example.com RewriteEngine On RewriteOptions inherit RewriteRule ^/console/jsp/common/logout.jsp /oamsso/logout.html [PT] RewriteRule ^/em/targetauth/emaslogout.jsp /oamsso/logout.html [PT] # Admin Server and EM <Location /console> SetHandler weblogic-handler WebLogicHost ADMINVHN.mycompany.com WeblogicPort 7001 </Location> <Location /consolehelp> SetHandler weblogic-handler WebLogicHost ADMINVHN.mycompany.com WeblogicPort 7001 </Location> <Location /em> SetHandler weblogic-handler WebLogicHost ADMINVHN.mycompany.com WeblogicPort 7001 </Location> </VirtualHost>
In above file ServerName is defined as admin.mycompany.com. This is in fact the loadbalancer we should be pointing at. For the server to connect to the loadbalancer on address admin.mycompany.com, add this address to the existing line in the /etc/hosts that point to the loadbalancer we setup in the previous post.
192.168.0.111 oiminternal.mycompany.com sso.mycompany.com admin.mycompany.com
Restart Oracle HTTP server for the changes to take place.
Registering Oracle HTTP Server With WebLogic Server
For the Enterprise Manager to be able to manage and monitor the Oracle HTTP server, we must register the Oracle HTTP server with the domain. To do this, issue the following command:
Setting the Front End URL for the Administration Console
When the Administration Console is accessed using an load balancer, you must change the Administration Server’s front end URL so that the user’s browser is redirected to the appropriate load balancer address. To make this change, perform the following steps:
Log in to Weblogic Server Administration Console and click on Lock and Edit. Expend Environment – Servers and click on AdminServer. Select tab Protocols and tab HTTP.
Restart the AdminServer at this time!
Enabling WebLogic Plug-in
In Enterprise deployments, Oracle WebLogic Server is fronted by Oracle HTTP servers. The HTTP servers are, in turn, fronted by a load balancer, which performs SSL translation. In order for internal loopback URLs to be generated with the https prefix, Oracle WebLogic Server must be informed that it receives requests via the Oracle HTTP Server WebLogic plug-in. Log in the Oracle Weblogic Server Administration Console by starting url http://admin.mycompany.com/console and click on Lock and Edit. Click on IDMDomain and select tab Configuration and tab Web Applications .
We are now able to acces Weblogic Administration Server and Enterprise Manager via the Loadbalancer, via HTTP Server by urls
This concludes the configuration of Weblogic Domain. In my next post I will describe the steps to Extend the Weblogic Domain with Oracle Identity Directory.
Viewed 42864 times by 8706 visitors