Assuming we are creating a two node cluster and our hosts are host1.us.oracle.com and host2.us.oracle.com
On Each Host install the software bits
Install WebLogic
Install SOA Suite
Patch SOA Suite
Install IAM Suite
Note: Assumption is you have created the necessary schemas for products using RCU
Note: Assumption is you are only installing OIM with or without LDAP Sync. If using LDAP Sync OID/OVD is already installed separately.
Note: Make sure that you install the software in same MIDDLEWARE_HOME, IDM_HOME and SOA_HOME on both the machines. It’s important that the software is installed in identical homes in both machines.
Configuration Steps on Host1
· Create a web logic domain supporting OIM and SOA.
o Run the config.sh located at ORACLE_HOME/oracle common/common/bin
o Generate a domain to support Identity Manager, SOA OWSM etc are automatically selected
o On the next screen specify the name for the domain
o Specify the weblogic user password
o Select the Mode and JDK ( For production deployments you need to select production mode)
o Specify the schemas you have created earlier using RCU. Note: If you do have a RAC database. You can click on the check box ‘Configure Selected Schemas as RAC datasource’. Select all the schemas and configure RAC support in next page where you can enter the RAC nodes for each schema.
o The installer will perform a check. If the schema information is incorrect please correct and make sure the schema connectivity is good.
o On the Optional Configuration Screen Select JMS Distributed Destination and Managed Servers, Clusters and Machines
Note: This is assuming you would like to keep the admin sever port as 7001. If you would like different port for Admin Server, Select Admin Server as well from the list.
o On the JMS Distributed Destination screen, make sure that all the JMS system resources listed on the screen are uniform distributed destinations. If they are not, select UDD form the drop down box. Make sure that the entries look like this:
JMS System Resource | Uniform/Weighted Distributed Destination |
UMSJMSSystemResource | UDD |
SOAJMSModule | UDD |
OIMJMSModule | UDD |
Click Next.
An Override Warning box with the following message is displayed:
CFGFWK-40915: At least one JMS system resource has been selected for conversion to a Uniform Distributed Destination (UDD). This conversion will take place only if the JMS System resource is assigned to a cluster
Click OK on the Override Warning box.
o On the configure Managed servers screen, Change the names of original managed servers and in our example considering we have two hosts, host1 and host2, we would have to add two additional managed servers in addition to changing the names of existing managed server. It will look like below.
Managed Server Name | Listen Address | Port |
soa_server_host1 | DNS Name of Host1 (host1.us.oracle.com) | 8001 |
oim_server_host1 | DNS Name of Host1 (host1.us.oracle.com) | 14000 |
soa_server_host2 | DNS Name of Host2 (host2.us.oracle.com) | 8001 |
oim_server_host2 | DNS Name of Host2 (host2.us.oracle.com) | 14000 |
o On the next configure cluster screen, we would create two clusters each for SOA and OIM
Name | Cluster Managing Mode |
oim_cluster | unicast |
soa_cluster | unicast |
Leave all the other fields as default.
o On the next Assign Servers to Cluster Screen , Assign managed servers as below
oim_cluster -> oim_server_host1, oim_server_host2
soa_cluster -> soa_server_host1, soa_server_host2
o On the configure Machines Screen, you need to create machines
§ If you are on windows use the Machines Tab. (Modify the existing machine on the tab)
§ If you are on Unix use the Unix Machine Tab (Delete the existing machine on the machine tab)
Create two machines as below for our example
Machine Name | Node Manager Listen Address | Port |
host1.us.oracle.com | DNS Name of Host1 (host1.us.oracle.com) | 5556 |
host2.us.oracle.com | DNS Name of Host2 (host2.us.oracle.com) | 5556 |
o On the Assign Servers to Machines Screen, indicate which managed servers will run on which machine. In our example it looks like below
host1.us.oracle.com -> oim_server_host1,soa_server_host1
host2.us.oracle.com -> oim_server_host2,soa_server_host2
Note: Do Not assign Admin Server to any machine.
o On the next screen finish domain creation by clicking ‘Create’ button.
Configuring OIM on Host1
Note: Start the Admin Server on host1, make sure it’s running
· Start configuration on OIM by executing the config.sh located at IDM_HOME/bin
· Select ‘OIM Server’ as the component to configure
· On the Next screen provide Database details, OIM and MDS schema you have created before.
· On the next screen provide Web Logic Server Admin URL, user and password. In our example its t3://host1.us.oracle.com:7001
· On the next screen provide OIM, Key Store passwords and Proxy URL for OIM. This is the Load Balancer URL you are planning to install front ending OIM.
· On the Next screen, if you do want to configure LDAP Sync for OIM, Click the LDAP Sync Checkbox. On the subsequent screen you would have to provide LDAP URL, Search Base, User and Group and Reservation containers you have created in LDAP.
Also if you would like to configure BI publisher you can provide the BI publisher URL
· On the next screen, Start Configuring the OIM by clicking on ‘Configure’ button.
· Now Stop the Admin Server
· Start the Admin Server
· Set the Node Manager Property
StartScriptEnabled
by executing the script belowNavigate to Middleware_Home/oracle_common/common/bin
./setNMProps.sh
· Start Node Manager
· Using the Admin Console start SOA (soa_server_host1) and OIM Managed Server (oim_server_host1)
Note: If you get error “OIMAuthenticationProvider is not specified" Error while Starting Managed Servers using Node manager in OIM 11g. Please follow the Metalink Note 1271932.1 to resolve the issue.
· Access OIM console (http://host1.us.oracle.com:14000/oim), Login and verify that OIM is running fine.
Note: If you running WLS in Development mode, you might not be able to start the Managed servers using nodemanager for the first time. You might need to create boot.properties for each managed servers first. First start the managed server using startManagedWeblogic.sh , and then create the boot.properties. Subsequently you can start managed servers using Node Manager through admin console.
Pack the Domain from Host1
· In order to pack the domain navigate to MIDDLEWARE_HOME/oracle_common/common/bin and run the pack.sh command in single line
./pack.sh -domain=/home/akini/Oracle/CLUMiddleware/user_projects/domains/CLUDomain -template=/home/akini/software/oim-template.jar
-template_name="CLUDomain" -managed=true
Here –domain parameter takes the domain you are trying to Pack
-Template – The template jar you would like to create which will contain the packed domain
The output result of pack looks like this
<<>
>> succeed: read domain from "/home/akini/Oracle/CLUMiddleware/user_projects/domains/CLUDomain"
<<>
>> succeed: set config option Managed to "true"
<<>
....................................................................................................
>> succeed: write template to "/home/akini/software/oim-template.jar"
<<>
>> succeed: close template
Unpack the Domain on Host2
· Copy the oim-template.jar you created using Pack command to host2
· Navigate to MIDDLEWARE_HOME/oracle_common/common/bin and issue unpack command in a single line
./unpack.sh -domain=/home/akini/Oracle/CLUMiddleware/user_projects/domains/CLUDomain
-template=/home/akini/software/oim-template.jar -overwrite_domain=true
-app_dir=/home/akini/Oracle/CLUMiddleware/user_projects/applications
Here –domain is the domain you would like to created
-template is the template we have created on host1 and copied over
-app_dir is the applications directory .
· The execution result should look like this
<<>
>> succeed: read template from "/home/akini/software/oim-template.jar"
<<>
>> succeed: set config option OverwriteDomain to "true"
<<>
>> succeed: set config option AppDir to "/home/akini/Oracle/CLUMiddleware/user_projects/applications"
<<>
>> succeed: set config option DomainName to "CLUDomain"
<<>
...............................................................................................
>> succeed: write Domain to "/home/akini/Oracle/CLUMiddleware/user_projects/domains/CLUDomain"
<<>
>> succeed: close template
· Copy the soa directory located in Domain directory on host1 to host2
Navigate to MiddleWare_HOME/user_projects/domains/CLUDomain on host1
scp -rp soa akini@host1:/home/akini/Oracle/CLUMiddleware/user_projects/domains/CLUDomain/
· Set the Node Manager Property
StartScriptEnabled
by executing the script belowNavigate to Middleware_Home/oracle_common/common/bin
./setNMProps.sh
· Start the node manager (./startNodeManager.sh)
· Start the OIM (oim_server_host2) and SOA Managed servers (soa_server_host2) using the WebLogic Console. ( Admin server is already started on host1)
Note: If you running WLS in Development mode, you might not be able to start the Managed servers using nodemanager for the first time. You might need to create boot.properties for each managed servers first. First start the managed server using startManagedWeblogic.sh, and then create the boot.properties. Subsequently you can start managed servers using Node Manager through admin console.
Note: For other Post Install configuration steps like Updating the coherence cache , Starting Admin Server using Node Manager etc.. Please refer to Enterprise Deployment Guide Chapter 13
1 comment:
We are in the process of installing and configuring OIM Cluster. During the OIM configuration we have to provide "OIM HTTP URL".
Documentation says:
OIM HTTP URL
■ The OIM HTTP URL is of the format: http(s)://host:port. For example,
https://localhost:7002.
■ For cluster deployments, provide the load balancer URL that front-ends the Oracle Identity Manager cluster.
The question is that if load balancer URL is "dev-oim.example.com" which resolves to "oimhost1 & oimhost2", then what port number we should provide here... should it be 443(i think it is default https port ) or 14000 (oim port)?
Just want to mention specifically. We do not want to use SSL for internal OIM to SOA communication. So if we put this load balancer "dev-oim.example.com:443" entry for OIM HTTP URL, not sure how it will behave for internal OIM and SOA communication because 443 port is ssl.
Post a Comment