You can contact me here complexsystemsblog@gmail.com
This document explains how to use Weblogic Deploy Tooling and a set of Ansible playbooks provided in this repository to install, patch and configure an Oracle SOA domain 12.2.1.4.
The architecture tested with these playbooks is composed by the following elements.
-
Three CentOS Linux 7 machines for application servers.
-
A Red Hat Enterprise Linux Server 7.7 for the database.
-
Oracle database version 12.2.0.1.0.
The Oracle Weblogic domain configured within these playbooks is described by the following picture.
As you can see on the previous picture, we have these components.
-
An AdminServer running on its own machine, which a good practice for performance.
-
Two managed servers each one running on its own machine.
-
A cluster composed by two managed servers.
-
An Oracle database 12c used to install RCU schemas required by SOA.
-
User: oracle
-
Group: oinstall
-
This is the list of machines
Machine | Usage |
---|---|
machine01.pegasus.net | AdminServer |
machine02.pegasus.net | Managed Server soa_server01 |
machine03.pegasus.net | Managed Server soa_server02 |
A laptop with Ubuntu WSL | Ansible controller |
As I am using Windows 10, I have configured WSL Ubuntu to access the target machines that by the way are running on Oracle Virtual Box; which means I have configured the user oracle and the group oinstall on my WSL Ubuntu, which I do not think it is a good idea. However, this is just a demo.
After years Oracle has provided a tool that helps to automate the provisioning of Weblogic domains. Thus, I wanted to test it.
This means, this time I do not need to write any Weblogic Scripting Tool scripts. I am just using Weblogic Deploy Tooling to create the SOA domain.
I have used:
-
Documentation about Weblogic and SOA 12.2.1.4. which is available here.
-
Ansible.
-
Python and Weblogic Scripting Tool (WLST). You should try this book to get deeper into WLST.
-
Jinja2 templating. The template designer documentation is useful.
-
JSON Query Filters and JMESPath.
-
Some theory about PKI/SSL.
-
Weblogic Deploy Tooling Weblogic Deploy Tooling.
-
An Ansible controller, as I said before, I am using Ansible on WLS Ubuntu, which is out of the box with Windows 10.
-
Target machines where SOA domain will be installed. In this case I am using 3 Linux Centos 7 machines.
-
Create the oracle user on target machines and on Ansible controller machine with the same user id.
-
Create the oninstall group on target machines and on Ansible controller machine with the same group id.
-
Configure SSH for oracle user between Ansible controller and target machines.
-
Configure SSH for oracle user between target machines. This is because I am using the Ansible module called synchronize.
-
You also need a directory called /u01/software/ with the following files
-
jdk-8u251-linux-x64.tar.gz -> JDK installer.
-
p28186730_139422_Generic.zip -> Patch for OPatch
-
p30729380_122140_Generic.zip -> Patch
-
p30970477_122140_Generic.zip -> Patch
-
p30995852_122140_Generic.zip -> Patch
-
SOA_12.2.1.4_V983383-01.zip -> SOA 12.2.1.4 installer
-
V983368-01.zip -> FMW 12.2.1.4 infrastructure
-
weblogic-deploy.zip -> Weblogic Deploy Tooling release
-
-
I am using this home for oracle user /u01/oracle/
-
An Oracle 12c database and the password for sys as these playbooks include a role to run RCU. You can install an Oracle database and configure it with this.
This is a hot topic and I am using vault to encrypt passwords. You can configure your own passwords here. The password used to edit, encrypt and decrypt the vault file is oracle.
You should execute this
ansible-playbook --ask-vault-pass -i inventories/dev/hosts site.yml --extra-vars "environment_chosen=dev" -vvv
The previous command will ask for the vault password, which is oracle
This is the entry point, which will execute a set of roles that are described shortly below.
This role will modify kernel limits for processes and files. Furthermore, this also installs pip, Pexpect, cryptography and pyOpenSSL.
This role creates part of the directories that are needed to install Weblogic and SOA.
This role installs Java Development Kit, Oracle Weblogic 12.2.1.4 and Oracle SOA 12.2.1.4.
This role patches OPatch, Oracle SOA, Oracle Weblogic and Oracle Coherence.
This role creates self-signed certificates and configure key stores, trust stores and SSL for the SOA domain.
By using Weblogic Deploy Tooling, this role creates a SOA domain with the architecture explained at the beginning of this document. Importantly, Weblogic Deploy Tooling is also used to create RCU schemas.
This role packs the domain to distribute it from the AdminServer machine into managed server machines.
This role unpacks the domain to distribute it from the AdminServer machine into managed server machines.
This role configures three node managers for AdminServer, soa_server01 and soa_server02 as Linux services.
This role configures the file wlst_internal.sh to allow using nmConnect over SSL.
As I have not had time to create a playbook to start services, you should do this part manually.
sudo systemctl start nmadminserver.service
/u01/oracle/product/fmw12214/oracle_common/common/bin/wlst.sh
nmConnect('nmUser', 'weblogic123456', 'machine01.pegasus.net', '5759', 'soa_atenea', '/u01/oracle/domains/soa_atenea', 'ssl')
nmStart('AdminServer')
sudo systemctl start nmmanagedserver.service
Finally use the Weblogic console to start managed servers; if everything goes well you will see this.