dinsdag 9 april 2013

Installing HTTP_Server with WebGate

Challenge

Installing an HTTP Server and configure it to be used as entry point for OAM.

Context

OAM 11.1.2 running on WLS 10.3.6.0

Solution

Installing the HTTP_Server
  • Unzipping the HTTP_Server software
    • cd /opt/install/oam
    • mkdir patch6
    • unzip WebTier_11Patch6.zip -d patch6
    • cp patch6/Disk1/stage/Response/WebTierInstallAndConfigure.rsp ./WebTierInstallAndConfigurePatch6.rsp
    • cp patch6/Disk1/stage/Response/staticports.ini .
    • mv staticports.ini webtier_staticport.ini
    • Adapt the WebTierInstallAndConfigurePatch6.rsp
      [ENGINE]
      
      #DO NOT CHANGE THIS.
      Response File Version=1.0.0.0.0
      
      [GENERIC]
      
      #Set this to true if you wish to specify a directory where latest updates are downloaded. This option would use the software updates from the specified directory
      SPECIFY_DOWNLOAD_LOCATION=false
      
      #
      SKIP_SOFTWARE_UPDATES=true
      
      #If the Software updates are already downloaded and available on your local system, then specify the path to the directory where these patches are available and set SPECIFY_DOWNLOAD_LOCATION to true
      SOFTWARE_UPDATES_DOWNLOAD_LOCATION=
      
      #Set this to true if installation and configuration need to be done, all other required variables need to be provided. Variable "INSTALL AND CONFIGURE LATER TYPE" must be set to false if this is set to true as the variables are mutually exclusive
      INSTALL AND CONFIGURE TYPE=true
      
      #Set this to true if only Software only installation need to be done. If this is set to true then variable "INSTALL AND CONFIGURE TYPE" must be set to false, since the variables are mutually exclusive.
      INSTALL AND CONFIGURE LATER TYPE=false
      
      #Provide the Oracle Home location. The Oracle Home directory name may only contain alphanumeric , hyphen (-) , dot (.) and underscore (_) characters, and it must begin with an alphanumeric character. The total length has to be less than or equal to 128 characters. The location has to be an empty directory or a valid WebTier Oracle Home.
      ORACLE_HOME=/u01/app/oam/product/webtier/OHS
      
      #Provide existing Middleware Home location.
      MIDDLEWARE_HOME=/u01/app/oam/product/webtier
      
      #The name of the Oracle Instance. Instance name must begin with an alphabetic character, may only contain alphanumeric characters, or the underscore (_) or hyphen (-) characters and are 4 to 30 characters long.
      INSTANCE_HOME=/u01/app/oam/product/webtier/instances/instance1
      
      #Provide the Oracle Instance location. The Oracle Instance directory name may only contain alphanumeric , hyphen (-) , dot (.) and underscore (_) characters, and it must begin with an alphanumeric character. The total length has to be less than or equal to 128 characters. The location has to be an empty or non existing directory.
      INSTANCE_NAME=instance1
      
      #If set to true, installer will auto assign ports
      AUTOMATIC_PORT_DETECT=false
      
      #This is required if "AUTOMATIC_PORT_DETECT" variable is set to false, absolute path of a staticports file location need to be provided with values for ports.\nThe template for staticports.ini can be found from Disk1/staget/Response directory of the shiphome.
      STATICPORT INI FILE LOCATION=/opt/install/oam/webtier_staticport.ini
      
      #Provide the My Oracle Support Username. If you wish to ignore Oracle Configuration Manager configuration provide empty string for user name.
      MYORACLESUPPORT_USERNAME=
      
      #Provide the My Oracle Support Password
      MYORACLESUPPORT_PASSWORD=
      
      #Set this to true if you wish to decline the security updates. Setting this to true and providing empty string for My Oracle Support username will ignore the Oracle Configuration Manager configuration
      DECLINE_SECURITY_UPDATES=true
      
      #Set this to true if My Oracle Support Password is specified
      SECURITY_UPDATES_VIA_MYORACLESUPPORT=false
      
      #Provide the Proxy Host
      PROXY_HOST=
      
      #Provide the Proxy Port
      PROXY_PORT=
      
      #Provide the Proxy Username
      PROXY_USER=
      
      #Provide the Proxy Password
      PROXY_PWD=
      
      
      [SYSTEM]
      
      #Set true to configure Oracle HTTP Server, else skip Oracle HTTP Server configuration
      CONFIGURE_OHS=true
      
      #Set true to configure Oracle Web Cache, else skip Oracle Web Cache configuration
      CONFIGURE_WEBCACHE=false
      
      #The Oracle HTTP Server (OHS) component name (required only if CONFIGURE_OHS is set to true). OHS component name must begin with an alphabetic character, may only contain alphanumeric characters, or the underscore (_) or hyphen (-) characters and are 4 to 30 characters long.
      OHS_COMPONENT_NAME=ohs1
      
      #The Web Cache component name (required only if CONFIGURE_WEBCACHE is set to true). Web Cache component name must begin with an alphabetic character, may only contain alphanumeric characters, or the underscore (_) or hyphen (-) characters and are 4 to 30 characters long.
      WEBCACHE_COMPONENT_NAME=
      
      #Valid passwords are 5 to 30 characters long, must begin with an alphabetic character, use only alphanumeric, underscore (_), dollar ($) or pound (#) characters and include at least one number.
      WEBCACHE_ADMINISTRATOR_PASSWORD=
      
      #The confirmation password for Web Cache administrator.
      WEBCACHE_ADMINISTRATOR_PASSWORD_CONFIRM=
      
      
      [APPLICATIONS]
      
      
      [RELATIONSHIPS]
      
      #If set to true, the instance and components will be registered with an existing weblogic server
      ASSOCIATE_WEBTIER_WITH_DOMAIN=false
      
      #Provide an existing domain host name. Required only if ASSOCIATE_WEBTIER_WITH_DOMAIN is set to true
      DOMAIN_HOST_NAME=
      
      #Provide the existing domain port number. Required only if ASSOCIATE_WEBTIER_WITH_DOMAIN is set to true
      DOMAIN_PORT_NO=
      
      #Provide the domain user name. Required only if ASSOCIATE_WEBTIER_WITH_DOMAIN is set to true
      DOMAIN_USER_NAME=
      
      #The domain user password. Required only if ASSOCIATE_WEBTIER_WITH_DOMAIN is set to true
      DOMAIN_USER_PASSWORD=
      
    • Adapt the webtier_staticport.ini file
      #######################################################################################
      #This file is a template file for staticports.ini
      #This file must be edited to provide the ports which required to be set
      #Those ports which are not provided explicitly in this file will be assigned automatically
      #The ports should be specified as a single port
      #Keep in mind to uncomment the port no
      #######################################################################################
      
      ########################Begin section for OPMN Port No################################
      ######################################################################################
      
      [OPMN]
      
      #This port indicates the OPMN Local Port
      OPMN Local Port = 6700
      
      #This port indicates the OPMN Local Port
      OPMN Remote Port = 6701
      
      ########################Begin section for ohs component################################
      #This port nos will be considered only if OHS is selected for configuration
      #######################################################################################
      
      [OHS]
      
      #The http_main port for ohs component
      OHS Port = 8888
      
      #This port indicates the OHS Proxy Port
      OHS Proxy Port = 8889
      
      #This port indicates the OHS SSL Port
      OHS SSL Port = 4443
      
      ########################Begin section for Web Cache component################################
      #This port nos will be considered only if Web Cache is selected for configuration
      #######################################################################################
      
      [WEBCACHE]
      
      #The port indicates the Web Cache Listen Port
      #Web Cache Listen Port = 7777
      
      #The port indicates the Web Cache Admin Port
      #Web Cache Admin Port = 7778
      
      #The port indicates the Web Cache Statistics Port
      #Web Cache Statistics Port = 7779
      
      #The port indicates the Web Cache Invalidation Port
      #Web Cache Invalidation Port = 7780
      
      #The port indicates the Web Cache SSL Port
      #Web Cache SSL Port = 7781
      
    I
  • Installing the HTTP_Server software
    • patch6/Disk1/runInstaller -silent -responseFile /opt/install/oam/WebTierInstallAndConfigurePatch6.rsp
    • Result:
      Starting Oracle Universal Installer...
      Checking Temp space: must be greater than 400 MB.   Actual 2380 MB    Passed
      Checking swap space: must be greater than 500 MB.   Actual 16383 MB    Passed
      Preparing  to launch Oracle Universal Installer from  /tmp/OraInstall2013-02-28_10-04-05AM. Please wait ...[oam@oamhost  oam]$ Log:  /u01/app/oracle/product/oraInventory/logs/install2013-02-28_10-04-05AM.log
      Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
      Reading response file..
      Expected  result: One of  oracle-6,oracle-5.6,enterprise-5.4,enterprise-4,enterprise-5,redhat-5.4,redhat-4,redhat-5,SuSE-10,SuSE-11
      Actual Result: redhat-Red
      Check complete. The overall result of this check is: Failed <<<<
      Problem: This Oracle software is not certified on the current operating system.
      Recommendation: Make sure you are installing the software on the correct platform.
      Warning: Check:CertifiedVersions failed.
      Expected result: 1024MB
      Actual Result: 15948MB
      Check complete. The overall result of this check is: Passed
      TotalMemory Check: Success.
      Expected result: LD_ASSUME_KERNEL environment variable should not be set in the environment.
      Actual Result: Variable Not set.
      Check complete. The overall result of this check is: Passed
      Check Env Variable Check: Success.
      Verifying data......
      Copying Files...
      -----------20%----------40%----------60%----------80%--------100%
      [oam@oamhost oam]$ [CONFIG] Launching Config Actions....
      Started Configuration:Web Tier Configuration
      [CONFIG]:Create and Start AS Instance (instance1)
      [CONFIG] [Web Tier Configuration] [Create and Start AS Instance (instance1)]:Creating Oracle Instance directories...
      [CONFIG] [Web Tier Configuration] [Create and Start AS Instance (instance1)]:Recording OPMN ports reservations...
      [CONFIG] [Web Tier Configuration] [Create and Start AS Instance (instance1)]:Bootstrapping OPMN configuration files...
      [CONFIG] [Web Tier Configuration] [Create and Start AS Instance (instance1)]:Instantiating opmnctl for direct usage...
      [CONFIG] [Web Tier Configuration] [Create and Start AS Instance (instance1)]:Skipping instance registration
      [CONFIG] SUCCESS:Create and Start AS Instance (instance1)
      [CONFIG]:Create and Start OHS Component (ohs1)
      [CONFIG] [Web Tier Configuration] [Create and Start OHS Component (ohs1)]:Creating empty component directories...
      [CONFIG] [Web Tier Configuration] [Create and Start OHS Component (ohs1)]:Provisioning OHS files for ohs1
      [CONFIG]  [Web Tier Configuration] [Create and Start OHS Component  (ohs1)]:Copying OHS files from ORACLE_HOME to ORACLE_INSTANCE locations
      [CONFIG] [Web Tier Configuration] [Create and Start OHS Component (ohs1)]:Customizing httpd.conf
      [CONFIG] [Web Tier Configuration] [Create and Start OHS Component (ohs1)]:Adding component's process control to OPMN...
      [CONFIG] [Web Tier Configuration] [Create and Start OHS Component (ohs1)]:Skipping ohs1 component registration.
      [CONFIG] [Web Tier Configuration] [Create and Start OHS Component (ohs1)]:Invoking opmn reload...
      [CONFIG] SUCCESS:Create and Start OHS Component (ohs1)
      Configuration:Web Tier Configuration completed successfully
      The installation of Oracle AS Common Toplevel Component, Oracle WebTier and Utilities CD completed successfully.
      
  • Testing the installation: ok
  • Creating start/stop scripts in the /home/oam directory
Installing the WebGate component
  • unzipping software
    • cd /opt/install/oam
    • mkdir webgates
    • unzip AccessManagerWebGates_111200.zip -d webgates
    • cd webgates/Disk1/stage/Response
    • cp WebgateSampleResponse.rsp ../../../../Webgate.rsp
    • Adapt Webgate.rsp
      [ENGINE]
      
      #DO NOT CHANGE THIS.
      Response File Version=1.0.0.0.0
      
      [GENERIC]
      
      #Provide the Oracle Home location. The location has to be the immediate child under the specified Middleware Home location. The Oracle Home directory name may only contain alphanumeric , hyphen (-) , dot (.) and underscore (_) characters, and it must begin with an alphanumeric character. The total length has to be less than or equal to 128 characters.
      ORACLE_HOME=/u01/app/oam/product/webtier/WebGate
      
      #Provide existing Middleware Home location.
      MIDDLEWARE_HOME=/u01/app/oam/product/webtier
      
      #Provide Location of GCC Library.
      GCC_LIBRARY_LOCATION=/usr/lib
      
      [SYSTEM]
      
      
      [APPLICATIONS]
      
      
      [RELATIONSHIPS]
  • Installing the webgate
    • webgates/Disk1/runInstaller -silent -responseFile /opt/install/oam/Webgate.rsp -jreLoc /u01/app/oam/product/jdk1.6.0_39/jre
    • Result
      Starting Oracle Universal Installer...
      Checking if CPU speed is above 300 MHz.    Actual 2933 MHz    Passed
      Checking Temp space: must be greater than 150 MB.   Actual 2380 MB    Passed
      Checking swap space: must be greater than 512 MB.   Actual 16383 MB    Passed
      Preparing  to launch Oracle Universal Installer from  /tmp/OraInstall2013-02-28_10-45-08AM. Please wait ...[oam@oamhost  oam]$ Log:  /u01/app/oracle/product/oraInventory/logs/install2013-02-28_10-45-08AM.log
      Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved.
      Reading response file..
      Expected  result: One of  oracle-6,oracle-5.6,enterprise-5.4,enterprise-4,enterprise-5,redhat-6.1,redhat-6,redhat-5.4,redhat-4,redhat-5,SuSE-10,SuSE-11
      Actual Result: redhat-Red
      Check complete. The overall result of this check is: Failed <<<<
      Problem: This Oracle software is not certified on the current operating system.
      Recommendation: Make sure you are installing the software on the correct platform.
      Warning: Check:CertifiedVersions failed.
      Expected result: 1024MB
      Actual Result: 15948MB
      Check complete. The overall result of this check is: Passed
      TotalMemory Check: Success.
      Verifying data......
      Copying Files...
      -----------20%----------40%----------60%----------80%--------100%
      The installation of oracle.as.webgate.top completed successfully.
      
  • Performing post installation tasks
    • cd /u01/app/oam/product/webtier/WebGate/webgate/ohs/tools/deployWebGate/
    • ./deployWebGateInstance.sh -w /u01/app/oam/product/webtier/instances/instance1/config/OHS/ohs1 -oh /u01/app/oam/product/webtier/WebGate
      Copying files from WebGate Oracle Home to WebGate Instancedir
    • export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/u01/app/oam/product/webtier/OHS/lib:/u01/app/oam/product/webtier/WebGate/webgate/ohs/lib
    • pwd
      /u01/app/oam/product/webtier/WebGate/webgate/ohs/tools/deployWebGate
    • cd ../setup/InstallTools/
    • ./EditHttpConf -w /u01/app/oam/product/webtier/instances/instance1/config/OHS/ohs1 -oh /u01/app/oam/product/webtier/WebGate -o webgate.conf
      The web server configuration file was successfully updated
      /u01/app/oam/product/webtier/instances/instance1/config/OHS/ohs1/httpd.conf has been backed up as /u01/app/oam/product/webtier/instances/instance1/config/OHS/ohs1/httpd.conf.ORIG
  • Registering the new webgate agent
    • Setting up the rreg tool
      • cd /u01/app/oam/product/middleware_home/OAM/oam/server/rreg/client
      • gunzip RREG.tar.gz
      • tar -xvf RREG.tar
      • cd rreg/bin
      • vi oamreg.sh   => setting the java_home directly
    • Updating the /u01/app/oam/product/middleware_home/OAM/oam/server/rreg/client/rreg/input/OAM11gRequest.xml File
      
      
      
      
      
      
          http://oamhost.contribute.be:7001
          RREG_HostId11G
          TestWebTier_WebGateAgent
          http://oamhost.contribute.be:8888
          false
          RREG_OAM11G
          false
          100000
          1800
          3600
          1
          24
          1
          -1
          60
          false
          open
          1
          false
          false
          false
          false
          no-cache
          no-cache
          0
          
             10.11.11.11
             10.11.11.12
             10.11.11.13
          
          
              /logout1.html
              /logout2.html
          
          /oam_logout_success
          end_url
          
      	/**
          
          
              /public/index.html
          
          
              /excluded/index.html
          
          
          
              
                  TestName
                  testValue1
                  testValue2
                  testValue3
              
          	
                  MaxPostDataLength
                  750000
              
          	
                  maxSessionTimeUnits
                  hours
              
              
                  RetainDownstreamPostData
                  false
              
              
                  useIISBuiltinAuthentication
                  false
                  
              
                  URLInUTF8Format
                  true
              
              
                  inactiveReconfigPeriod
                  10
              
              
                  WaitForFailover
                  -1
              
              
                  proxySSLHeaderVar
                  IS_SSL
              
              
                  client_request_retry_attempts
                  1
              
              
                  ContentLengthFor401Response
                  0
               
              
                  SUN61HttpProtocolVersion
                  1.0
               
              
                  impersonationCredentials
                  cred
              
              
                  UseWebGateExtForPassthrough
                  false
               
              
                  syncOperationMode
                  false
              
              
                  filterOAMAuthnCookie
                  true
                                              
          
      
      
      
      
    • ./oamreg.sh inband /u01/app/oam/product/middleware_home/OAM/oam/server/rreg/client/rreg/input/OAM11GRequest.xml
    • Result:
      JAVA_HOME=/u01/app/oam/product/jdk1.6.0_39
      CLASSPATH=./../lib/rreg.jar:./../lib:./../lib/RequestResponse.jar:./../lib/commons-codec-1.3.jar:./../lib/commons-httpclient-3.1.jar:./../lib/commons-logging-1.1.1.jar:./../lib/ojmisc.jar:./../lib/jps-api.jar:./../lib/jps-internal.jar:./../lib/jps-common.jar:./../lib/identitystore.jar:./../lib/identityutils.jar:./../lib/ldapjclnt11.jar:./../lib/dms.jar:./../lib/fmw_audit.jar:./../lib/ojdl.jar:./../lib/oraclepki.jar:./../lib/osdt_cert.jar:./../lib/osdt_core.jar:./../lib/osdt_jce.jar:./../lib/osdt_saml.jar:./../lib/osdt_xmlsec.jar:./../lib/xmlparserv2.jar:./../lib/jps-unsupported-api.jar:./../lib/nap-api.jar:./../lib/utilities.jar:./../lib/jps-ee.jar:.
      OAM_REG_HOME=./..
      ------------------------------------------------
      Welcome to OAM Remote Registration Tool!
      Parameters passed to the registration tool are: 
      Mode: inband
      Filename: /u01/app/oam/product/middleware_home/OAM/oam/server/rreg/client/rreg/input/OAM11GRequest.xml
      Enter admin username:weblogic
      Username: weblogic
      Enter admin password:         
      Do you want to enter a Webgate password?(y/n):
      y
      Enter webgate password:         
      Enter webgate password again:         
      Password accepted. Proceeding to register..
      Feb 28, 2013 1:56:35 PM oracle.security.am.engines.rreg.client.handlers.request.OAM11GRequestHandler getWebgatePassword
      INFO: Passwords matched and accepted.
      
      ----------------------------------------
      Request summary:
      OAM11G Agent Name:TestWebTier_WebGateAgent
      Base URL:http://oamhost.contribute.be:8888
      URL String:RREG_HostId11G
      Registering in Mode:inband
      Your registration request is being sent to the Admin server at:http://oamhost.contribute.be:7001
      ----------------------------------------
      
      Feb 28, 2013 1:56:39 PM oracle.security.jps.util.JpsUtil disableAudit
      INFO: JpsUtil: isAuditDisabled set to true
      Inband registration process completed successfully! Output artifacts are created in the output folder.
      
    • Copying the result to the instance directory of the webgate
      • cd /u01/app/oam/product/middleware_home/OAM/oam/server/rreg/client/rreg/output/TestWebTier_WebGateAgent
      • cp * /u01/app/oam/product/webtier/instances/instance1/config/OHS/ohs1/webgate/config/.
    • Starting the oam_server1
    • Restarting the webtier

 

1 opmerking: