Oracle Fusion Middleware & Application Server

Tuesday, May 16, 2017

Oracle Forms 12c: frmconfighelper - enable_ohs

Yesterday I was blogging about how to create new Forms Managed Servers and how to deploy a new formsapp into them with the frmconfighelper tool (http://dirknachbar.blogspot.com/2017/05/oracle-forms-122120-multiple-managed.html).

Today I was testing the function enable_ohs from the frmconfighelper tool, which is mainly dedicated to generate a forms.conf file in your Oracle HTTP Server which contains the directives for your Forms Environment.

oracle@server> cd $ORACLE_HOME/forms/provision
oracle@server> ./frmconfighelper.sh
using log file /home/oracle/frmconfighelper/logs/frmconfighelper_2017_05_15_20_49_31.log ..........
-----------------------------------------------------------------
   Forms configuration helper script                             
-----------------------------------------------------------------
 This script helps administrators perform some of the Forms      
 related configuration tasks                                     
                                                                 
**Important**: - Please backup the Weblogic domain before        
                 performing any administration tasks on it using 
                 this script.                                    
               - You can run enable_sso, enable_webgate          
                 and enable_sso_ssl options  only once.          
                                                                 
 frmconfighelper.sh <option> <arguments>                         
                                                                 
 options:                                                        
    - enable_ohs <domain-home> <ohs-instance> <forms-managed-server1-host> 
                 <forms-managed-server1-port> [<forms-managed-server2-host> 
                 <forms-managed-server2-port>..]                    
. . .
. . .

As you can see from the above listing, the tool will generate a forms.conf file under the $DOMAIN_HOME/config/fmwconfig/components/OHS/<OHS_INSTANCE>/moduleconf with your provided Servers on which your Forms Managed Servers are running and their Port.
But the disadvantage of the function enable_ohs is, that:

  • the Location tag in the forms.conf is hardcoded with /forms
  • the directive is only for a Forms Cluster Environment
In case you have just a single Managed Server, you can not use it.
In case you have created a new Managed Server with an own defined Context Root (see my blogpost from 15th May 2017) you can not use it.
So, I had a closer look on the frmconfighelper.sh and did some modifications, so that I have now 2 functions for enable_ohs:
  • enable_ohs_cluster
  • enable_ohs_single
You can find my modified frmconfighelper.sh here for download, as its too long to provided here as inline text: https://drive.google.com/file/d/0Bziqha1Q1rglcng4dGhDM0p6TDA/view?usp=sharing
Transfer the new version to your target server, make a backup copy of the original frmconfighelper.sh under $ORACLE_HOME/forms/provision and place my modified frmconfighelper.sh in the same location.

The enable_ohs_cluster is mainly the same as the original version, just extended for one parameter for the Root-Context of your Formsapp

oracle@server> ./frmconfighelper.sh
. . .
. . .
 enable_ohs_cluster:                                             
    - domain-home    : Domain Home directory                     
    - ohs-instance   : OHS instance name (example ohs1)          
    - Forms Context  : Root Context (example forms)              
    - forms-managed-server(n)-host : Forms managed server host   
    - forms-managed-server(n)-port : Forms managed server port   
. . .
. . .
 examples:                                                       
                                                                 
  enable ohs cluster routing to forms managed servers                    
 ./frmconfighelper.sh enable_ohs_cluster /scratch/user_projects/domain/base_domain ohs1 sales wlshost.example.com 9001 wlshost.example.com 9010

The enable_ohs_single is newly added and will generate you a forms.conf with the correct directive for a single Forms Managed Server and the flexibility to provide your own Root-Context.
oracle@server> ./frmconfighelper.sh
. . .
. . .
 enable_ohs_single:                                              
    - domain-home    : Domain Home directory                     
    - ohs-instance   : OHS instance name (example ohs1)          
    - Forms Context  : Root Context (example forms)              
    - forms-managed-server-host : Forms managed server host      
    - forms-managed-server-port : Forms managed server port   
. . .
. . .
 examples: 

  enable ohs single routing to forms managed server              
  ./frmconfighelper.sh enable_ohs_single /scratch/user_projects/domain/base_domain ohs1 finance wlshost.example.com 9020

After you have executed either the enable_ohs_cluster or enable_ohs_single function, keep in mind that you have to restart your OHS, so that the newly added config file will be captured by the OHS.

Monday, May 15, 2017

Oracle Forms 12.2.1.2.0 - Multiple Managed Servers via frmconfighelper

In October 2016 I was blogging how to create multiple Oracle Forms 12c Multiple Managed Servers.
In case you are already on the latest Oracle Forms 12.2.1.2.0 Release, you can now create in a really comfortable way multiple Oracle Forms Managed Servers and deploy the necessary formsapp into your newly created Managed Server.

Since Oracle Forms 12.2.1 there is a small not really well know tool added to Oracle Forms - frmconfighelper. According the documentation (12.2.1.0.0 / 12.2.1.1.0 / 12.2.1.2.0) the frmconfighelper tool contains 5 functions (http://docs.oracle.com/middleware/12212/formsandreports/deploy-forms/GUID-AE8C9D19-BC55-4AD7-A6F0-A36843E3FE83.htm#FSDEP860) :
  • enable_ohs
  • deploy_app
  • update_app
  • enable_sso
  • enable_webgate
But when you call the frmconfighelper in Forms 12.2.1.2.0 you will find some functions which are not documented :-)

oracle@server> cd $ORACLE_HOME/forms/provision
oracle@server> ./frmconfighelper
using log file /home/oracle/frmconfighelper/logs/frmconfighelper_2017_05_15_20_49_31.log ..........
-----------------------------------------------------------------
   Forms configuration helper script                             
-----------------------------------------------------------------
 This script helps administrators perform some of the Forms      
 related configuration tasks                                     
                                                                 
**Important**: - Please backup the Weblogic domain before        
                 performing any administration tasks on it using 
                 this script.                                    
               - You can run enable_sso, enable_webgate          
                 and enable_sso_ssl options  only once.          
                                                                 
 frmconfighelper.sh <option> <arguments>                         
                                                                 
 options:                                                        
    - enable_ohs <domain-home> <ohs-instance> <forms-managed-server1-host> 
                 <forms-managed-server1-port> [<forms-managed-server2-host> 
                 <forms-managed-server2-port>..]                    
                                                                 
    - create_machine <wls-machine-name> <machine-host-name>      
                                                                 
    - create_managed_server <managed-server-name> <wls-machine-name> 
                            <managed-server-port> <standalone>   
                                                                 
    - deploy_app <new-context-root> <new-servlet-alias> <target>
                                                                 
    - update_app <new-context-root> <new-servlet-alias>
                                                                 
    - enable_sso <oam-host> <oam-port> <ohs-host> <ohs-port>     
                 <domain-home> <ohs-instance>                    
                                                                 
    - enable_sso_ssl <oam-host> <oam-port> <ohs-host> <ohs-ssl-port> 
                     <ohs-non-ssl-port> <domain-home> <ohs-instance> 
                                                                 
    - enable_webgate <domain home> <ohs-instance> 
                                                                 
    - help (or no option): prints help                           
                                                                 
-----------------------------------------------------------------
 options description:                                            
                                                                 
. . .
. . .

As you can see, under Oracle Forms 12.2.1.2.0 the frmconfighelper contains in reality 8 functions, so 3 more than documented:
  • create_machine
  • create_managed_server
  • enable_sso_ssl
Within this blogpost I will focus on the create_managed_server function in combination with the function deploy_app.

Lets say, you have a running Oracle Forms & Reports 12.2.1.2.0 environment with the 2 classical Managed Servers MS_FORMS & MS_REPORTS.
Now you are having the requirements to create a new Managed Server called MS_HR_APP for an independent Oracle Forms Application. Under Forms 11g you can achieve this by following the MOS Note 955822.1 which was not really straight forward. Now with Oracle Forms 12.2.1.2.0 you just need 2 commands :-)

The first command is using the function create_managed_server, which comes with following options:

  • create_managed_server:
    • managed-server-name: Managed server name - wls-machine-name : WLS machine name
    • managed-server-port: Managed server port number
    • standalone (optional): indicates standalone managed server which is not part of any cluster.
oracle@server> cd $ORACLE_HOME/forms/provision
oracle@server> ./frmconfighelper.sh create_managed_server MS_HR_APP AdminServerMachine 9010 standalone

running frmconfighelper.sh create_managed_server
using log file /home/oracle/frmconfighelper/logs/frmconfighelper_2017_05_15_21_33_56.log ..........

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

frmconfighelper.py output
-------------------------------b-e-g-i-n--------------------------------------------
Please enter your username :weblogic
Please enter your password :
Please enter your server URL [t3://localhost:7001] :
Connecting to t3://localhost:7001 with userid weblogic ...
Successfully connected to Admin Server "AS_FRDEVEL" that belongs to domain "FRDEVEL".

Warning: An insecure protocol was used to connect to the server. 
To ensure on-the-wire security, the SSL port or Admin port should be used instead.

processCreateManagedServer
processing createManagedServer MS_HR_APP
createServer MBean: [MBeanServerInvocationHandler]com.bea:Name=MS_HR_APP,Type=Server
configuring standalone managed server
Target JRF components to "MS_HR_APP"
Copying JRF configuration files from /u00/app/oracle/product/fmw-fr-12.2.1.2.0/oracle_common/modules to /u00/app/oracle/user_projects/domains/FRDEVEL/config/fmwconfig/servers/MS_HR_APP
Update JRF changes to domain /u00/app/oracle/user_projects/domains/FRDEVEL in online mode
frmconfighelper.py script returning ...
------------------------------------------------------------------------------------
command :createManagedServer succeeded... 

-------------------------------e-n-d------------------------------------------------

Now we have created a new standalone Managed Server for our next step to deploy the formsapp into it by using an own context root and an own servlet alias. To deploy the formsapp we will use the function deploy_app from the frmconfighelper:
oracle@server> cd $ORACLE_HOME/forms/provision
oracle@server> ./frmconfighelper.sh deploy_app hrapp hrappservlet MS_HR_APP

running frmconfighelper.sh deploy_app
using log file /home/oracle/frmconfighelper/logs/frmconfighelper_2017_05_15_21_39_59.log ..........

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

frmconfighelper.py output
-------------------------------b-e-g-i-n--------------------------------------------
Please enter your username :weblogic
Please enter your password :
Please enter your server URL [t3://localhost:7001] :
Connecting to t3://localhost:7001 with userid weblogic ...
Successfully connected to Admin Server "AS_FRDEVEL" that belongs to domain "FRDEVEL".

Warning: An insecure protocol was used to connect to the server. 
To ensure on-the-wire security, the SSL port or Admin port should be used instead.

processDeployApp
deploying the formsapp.dependencies library to target MS_HR_APP
<May 15, 2017 9:40:19 PM CEST> <Info> <J2EE Deployment SPI> <BEA-260121> <Initiating deploy operation for application, oracle.formsapp.dependencieslib#12.2.1@12.2.1 [archive: /u00/app/oracle/product/fmw-fr-12.2.1.2.0/forms/j2ee/formsapp_deps.jar], to MS_HR_APP .> 
deploying custom Forms JavaEE application hrappapp
<May 15, 2017 9:40:20 PM CEST> <Info> <J2EE Deployment SPI> <BEA-260121> <Initiating deploy operation for application, hrappapp [archive: /u00/app/oracle/product/fmw-fr-12.2.1.2.0/forms/j2ee/hrapp.ear], to MS_HR_APP .> 
frmconfighelper.py script returning ...
------------------------------------------------------------------------------------
command :deployApp succeeded... 

-------------------------------e-n-d------------------------------------------------
<May 15, 2017 9:40:23 PM CEST> <Warning> <JNDI> <BEA-050001> <WLContext.close() was called in a different thread than the one in which it was created.> 

When you login to your WebLogic Server Console, you will find under Domain Structure / Environment / Servers your newly created Managed Server MS_HR_APP, assigned to the Machine AdminServerMachine.



Under Domain Structure / Deployments you will find the newly deploy formsapp called hrappapp, which is targeted to the above created Managed Server MS_HR_APP:


Just start the above create Managed Server MS_HR_APP, the deployment will become active and you can open a browser and point to: http://servername:9010/hrapp/hrappservlet


Under the $DOMAIN_HOME/config/fmwconfig/servers/MS_HR_APP/applications/hrappapp_12.2.1/config directory you will find the standard configuration files for your Forms Applications, e.g. formsweb.cfg, default.env

Also you can configure your new formsapp via the Enterprise Manager Fusion Middleware Control http://servername:7001/em

Navigate via the Target Navigation to the Forms Tree and click on forms


And you will find the new formsapp called hrappapp:


The function create_managed_server in combination with deploy_app enables you to created quickly and stable and bullet-proofed multiple Oracle Forms Managed Servers including the required formsapp deployment including context root naming and alias servlet naming.



Tuesday, May 9, 2017

Fully unintended CPU Patch Download for Oracle WebLogic Server

In case you are owning different versions of Oracle WebLogic Server, e.g. 10.3.6, 12.1.3, 12.2.1.2 and so on and you are regularly applying the Oracle Critical Patch Updates, you will have to download various different Patches.

Mainly you will have to click through different Websites and My Oracle Support Notes until you can download the required patches.

For this purpose I have developed a handy script, with which you can perform a fully unintended download of the latest Oracle WebLogic Server CPU Patches.

All what you need is:

Instructions

At first generate the required folder structure on your Linux Server:

root@server> cd /
root@server> mkdir -p CPU_TOOL/em_catalog
root@server> mkdir -p CPU_TOOL/archive
root@server> mkdir CPU_PATCHES

Create in the directory CPU_TOOL the following 2 files:
patch_download.ksh (afterwards make it executable chmod +x patch_download.ksh

#!/bin/ksh
# Author: Dirk Nachbar, http://dirknachbar.blogspot.com
#
# Purpose:    Wrapper Script for automated Critical Patch Update
#             download from My Oracle Suppurt (MOS)
#             
# Requirements: getMOSPatch, Author: Maris Elsins
#               Source: https://github.com/MarisElsins/getMOSPatch
#
#
# Parameters: -i <PropertiesFile> 
#       e.g.: -i mos.properties
#
#
# Exit Codes:
#             - 1 = Exit Code of Usage Function
#             - 2 = Missing Property or Value in configfile
#
#---------------------------------------------------------------------


#---------------------------------------------------------------------
# CONSTANTS
#---------------------------------------------------------------------

MyName="$(basename $0)"
StartDate="$(date '+%Y-%m-%d_%H:%M:%S')"
LogDir=/work/logs
WorkDir=`pwd`

#---------------------------------------------------------------------
Usage()
#
# PURPOSE: Displays the Usage of the script
#---------------------------------------------------------------------
{
cat << EOF
Usage: patch_download.ksh -i <ConfigFile>
       Wrapper Script for automated Critical Patch Update
       download from My Oracle Support (MOS)
       for Oracle WebLogic Server Release 10.3.6, 12.1.x, 12.2.x

Parameters:
   -i: config file with required parameters

EOF
exit 1
}

#---------------------------------------------------------------------
DoMsg()
#
# PURPOSE: Displays the TimeStamp in front of each status line
#---------------------------------------------------------------------
{
    if [ "${DoAppend}" = "TRUE" ]; then
        echo "`date +%Y-%m-%d_%H:%M:%S` `printf "%05d" $$` ${1}" | tee -a ${LogFile}
    else
        echo "`date +%Y-%m-%d_%H:%M:%S` `printf "%05d" $$` ${1}"
    fi

    shift

    while [ "${1}" != "" ]; do

        if [ "${DoAppend}" = "TRUE" ]; then
            echo "                     ${1}" | tee -a ${LogFile}
        else
            echo "                     ${1}"
        fi

        shift
    done
}


#---------------------------------------------------------------------
CheckParams()
#
# PURPOSE: Checks the input Parmeter -i
#---------------------------------------------------------------------
{
    if [ "${ConfigFile}" = "" ] ; then
        DoMsg "  ERR: Missing parameter(s), the flags -i must be used."
        Usage
    fi
}


#---------------------------------------------------------------------
ReadParams()
#
# PURPOSE: Reads the Parmeters of the Configfile and validate them
#---------------------------------------------------------------------
{
DoMsg "Reading provided Configuration File"
DoMsg "..."

TheMOSUser="$(cat ${ConfigFile} | grep -i "^MOSUser=" | head -n 1 | cut -d= -f2-)"
TheMOSPassword="$(cat ${ConfigFile} | grep -i "^MOSPassword=" | head -n 1 | cut -d= -f2-)"
TheUploadDir="$(cat ${ConfigFile} | grep -i "^UploadDir=" | head -n 1 | cut -d= -f2-)"

    if [ "${TheMOSUser}" = "" ] ; then
        echo "  ERR: Missing value MOSUser in the provided Config File."
        exit 2
    fi

    if [ "${TheMOSPassword}" = "" ] ; then
        echo "  ERR: Missing value MOSPassword in the provided Config File."
        exit 2
    fi

    if [ "${TheUploadDir}" = "" ] ; then
        echo "  ERR: Missing value UploadDir in the provided Config File."
        exit 2
    fi
}


#---------------------------------------------------------------------
DownloadEMCatalog()
#
# PURPOSE: Download of actual Patch List from MOS
#---------------------------------------------------------------------
{

DoMsg "Starting to download latest Version of em_catalog.zip from My Oracle Support"

# Cleanup the em_catalog directory from previous executions
rm -f ${WorkDir}/em_catalog/*.*

TheCookieFile=/tmp/$$.cookies
TheEM_CatalogLogFile=${LogDir}/wget_em_catalog_download_${StartDate}.log

# Contact updates site so that we can get SSO Params for logging in
SSO_Response=`wget https://updates.oracle.com/Orion/Services/download 2>&1|grep Location`

# Extract request parameters for SSO
SSO_Token=`echo $SSO_Response| cut -d '=' -f 2|cut -d ' ' -f 1`
SSO_Server=`echo $SSO_Response| cut -d ' ' -f 2|cut -d 'p' -f 1,2`
SSO_Auth_URL=sso/auth
Auth_Data="ssousername=${TheMOSUser}&password=${TheMOSPassword}&site2pstoretoken=$SSO_Token"

wget --post-data $Auth_Data --save-cookies=${TheCookieFile} --keep-session-cookies $SSO_Server$SSO_Auth_URL >> ${TheEM_CatalogLogFile} 2>&1
wget  --load-cookies=${TheCookieFile} --save-cookies=${TheCookieFile} --keep-session-cookies "https://updates.oracle.com/download/em_catalog.zip" -O em_catalog.zip >> ${TheEM_CatalogLogFile} 2>&1

# Cleanup the Cookie File
rm -f ${TheCookieFile}
rm -f auth

# Extract the em_catalog.zip
unzip ${WorkDir}/em_catalog.zip -d ${WorkDir}/em_catalog/

mv ${WorkDir}/em_catalog.zip ${WorkDir}/archive/em_catalog_${StartDate}.zip

DoMsg "Done to download latest Version of em_catalog.zip from My Oracle Support"

}

#---------------------------------------------------------------------
#
DownloadPatches()
# PURPOSE: Download the actual Patches for Oracle WLS
#---------------------------------------------------------------------
{

# Calculate actual Quarter Year
TheQYear=`echo $(date +%Y)_Q$(( ($(date +%-m)-1)/3+1 ))`
TheDownloadLogFile=${LogDir}/download_patches_${StartDate}.log
DoMsg "Starting to download Oracle WLS CPU's" | tee -a ${TheDownloadLogFile}


# Patch Download for WLS 10.3.6
PatchNumber=`grep -B 2 "<psu_bundle>WLS 10.3" em_catalog/patch_recommendations.xml | grep "<name>" | sed -e 's,.*<name>\([^<]*\)</name>.*,\1,g'`

ThePatchDir=${TheUploadDir}/WLS10.3.6.0/${TheQYear}/${PatchNumber}
mkdir -p ${ThePatchDir}
cd ${ThePatchDir}

DoMsg "Downloading CPU Patch ${PatchNumber} for WLS 10.3.6" | tee ${TheDownloadLogFile}

java -jar ${WorkDir}/getMOSPatch/getMOSPatch.jar MOSUser=${TheMOSUser} MOSPass=${TheMOSPassword} patch=${PatchNumber} regexp=.*Generic.* download=all platform=1234P >> ${TheDownloadLogFile}

cd ${TheUploadDir}/WLS10.3.6.0
rm -f actual
ln -s ${ThePatchDir} actual
cd ${WorkDir}

# Patch Download for WLS 12.1.2
PatchNumber=`grep -B 2 "<psu_bundle>WLS 12.1.2" em_catalog/patch_recommendations.xml | grep "<name>" | sed -e 's,.*<name>\([^<]*\)</name>.*,\1,g'`

ThePatchDir=${TheUploadDir}/WLS12.1.2.0.0/${TheQYear}/${PatchNumber}
mkdir -p ${ThePatchDir}
cd ${ThePatchDir}

DoMsg "Downloading CPU Patch ${PatchNumber} for WLS 12.1.2" | tee -a ${TheDownloadLogFile}

java -jar ${WorkDir}/getMOSPatch/getMOSPatch.jar MOSUser=${TheMOSUser} MOSPass=${TheMOSPassword} patch=${PatchNumber} regexp=.*Generic.* download=all platform=1234P >> ${TheDownloadLogFile}

cd ${TheUploadDir}/WLS12.1.2.0.0
rm -f actual
ln -s ${ThePatchDir} actual
cd ${WorkDir}

# Patch Download for WLS 12.1.3
PatchNumber=`grep -B 2 "<psu_bundle>Oracle WebLogic Server 12.1.3" em_catalog/patch_recommendations.xml | grep "<name>" | sed -e 's,.*<name>\([^<]*\)</name>.*,\1,g'`

ThePatchDir=${TheUploadDir}/WLS12.1.3.0.0/${TheQYear}/${PatchNumber}
mkdir -p ${ThePatchDir}
cd ${ThePatchDir}

DoMsg "Downloading CPU Patch ${PatchNumber} for WLS 12.1.3" | tee -a ${TheDownloadLogFile}

java -jar ${WorkDir}/getMOSPatch/getMOSPatch.jar MOSUser=${TheMOSUser} MOSPass=${TheMOSPassword} patch=${PatchNumber} regexp=.*Generic.* download=all platform=1234P >> ${TheDownloadLogFile}

cd ${TheUploadDir}/WLS12.1.3.0.0
rm -f actual
ln -s ${ThePatchDir} actual
cd ${WorkDir}

# Patch Download for WLS 12.2.1.0
PatchNumber=`grep -B 2 "<psu_bundle>Oracle WebLogic Server 12.2.1.0" em_catalog/patch_recommendations.xml | grep "<name>" | sed -e 's,.*<name>\([^<]*\)</name>.*,\1,g'`

ThePatchDir=${TheUploadDir}/WLS12.2.1.0.0/${TheQYear}/${PatchNumber}
mkdir -p ${ThePatchDir}
cd ${ThePatchDir}

DoMsg "Downloading CPU Patch ${PatchNumber} for WLS 12.2.1.0" | tee -a ${TheDownloadLogFile}

java -jar ${WorkDir}/getMOSPatch/getMOSPatch.jar MOSUser=${TheMOSUser} MOSPass=${TheMOSPassword} patch=${PatchNumber} regexp=.*Generic.* download=all platform=1234P >> ${TheDownloadLogFile}

cd ${TheUploadDir}/WLS12.2.1.0.0
rm -f actual
ln -s ${ThePatchDir} actual
cd ${WorkDir}

# Patch Download for WLS 12.2.1.1
PatchNumber=`grep -B 2 "<psu_bundle>Oracle WebLogic Server 12.2.1.1" em_catalog/patch_recommendations.xml | grep "<name>" | sed -e 's,.*<name>\([^<]*\)</name>.*,\1,g'`

ThePatchDir=${TheUploadDir}/WLS12.2.1.1.0/${TheQYear}/${PatchNumber}
mkdir -p ${ThePatchDir}
cd ${ThePatchDir}

DoMsg "Downloading CPU Patch ${PatchNumber} for WLS 12.2.1.1" | tee -a ${TheDownloadLogFile}

java -jar ${WorkDir}/getMOSPatch/getMOSPatch.jar MOSUser=${TheMOSUser} MOSPass=${TheMOSPassword} patch=${PatchNumber} regexp=.*Generic.* download=all platform=1234P >> ${TheDownloadLogFile}

cd ${TheUploadDir}/WLS12.2.1.1.0
rm -f actual
ln -s ${ThePatchDir} actual
cd ${WorkDir}

# Patch Download for WLS 12.2.1.2
PatchNumber=`grep -B 2 "<psu_bundle>Oracle WebLogic Server 12.2.1.2" em_catalog/patch_recommendations.xml | grep "<name>" | sed -e 's,.*<name>\([^<]*\)</name>.*,\1,g'`

ThePatchDir=${TheUploadDir}/WLS12.2.1.2.0/${TheQYear}/${PatchNumber}
mkdir -p ${ThePatchDir}
cd ${ThePatchDir}

DoMsg "Downloading CPU Patch ${PatchNumber} for WLS 12.2.1.2" | tee -a ${TheDownloadLogFile}

java -jar ${WorkDir}/getMOSPatch/getMOSPatch.jar MOSUser=${TheMOSUser} MOSPass=${TheMOSPassword} patch=${PatchNumber} regexp=.*Generic.* download=all platform=1234P >> ${TheDownloadLogFile}

cd ${TheUploadDir}/WLS12.2.1.2.0
rm -f actual
ln -s ${ThePatchDir} actual
cd ${WorkDir}

DoMsg "Done to download Oracle WLS CPU's" | tee -a ${TheDownloadLogFile}

}

#---------------------------------------------------------------------
# MAIN
#---------------------------------------------------------------------

ConfigFile=""

# All required ConfigParameters are initially set to empty
TheMOSUser=
TheMOSPassword=

while getopts i: CurOpt; do
    case ${CurOpt} in
        i) ConfigFile="${OPTARG}" ;;
        ?) Usage
           exit 1 ;;
    esac
done

shift $((${OPTIND}-1))

if [ $# -ne 0 ]; then
    Usage
fi

# Check Input Params
CheckParams

# Read the Params from the Config File
ReadParams
# Downloading EM Catalog zip file
DownloadEMCatalog
# Downloading the latest available Patches
DownloadPatches


mos.properties
# Configuration File for Automated Critical Patch Download
#
# Author: Dirk Nachbar, http://dirknachbar.blogspot.com
#

# My Oracle Support Credentials

MOSUser=<your_email>
MOSPassword=<your_mos_password>

# Upload Directory for CPU Patches

UploadDir=/CPU_PATCHES

Download the getMOSPatch.jar from https://github.com/MarisElsins/getMOSPatch and place it under /CPU_TOOL/getMOSPatch

root@server> mkdir -p /CPU_TOOL/getMOSPatch
root@server> cp /tmp/getMOSPatch.jar /CPU_TOOL/getMOSPatch

Make sure that you have a java 1.6 or higher in your PATH
root@server> which java
/bin/java
root@server> java -version
openjdk version "1.8.0_102"
OpenJDK Runtime Environment (build 1.8.0_102-b14)
OpenJDK 64-Bit Server VM (build 25.102-b14, mixed mode)

How does it work?

The trick behind the unintended CPU download is really simple, I am using the em_catalog.zip provided by My Oracle Support, which is used by Oracle Cloud Control for the so called Offline Patching (see MOS Note https://support.oracle.com/epmos/faces/DocContentDisplay?id=1931891.1)
In the patch_download.ksh script within the function DownloadEMCatalog() I am downloading the latest version of the em_catalog.zip, place it in the subdirectory /CPU_TOOL/em_catalog, unzip the file.
In the function DownloadPatches() I am using grep to identify the latest available CPU Patches for various WebLogic Server Releases within the file /CPU_TOOL/em_catalog/patch_recommendations.xml and through Maris Elsins' getMOSPatch I am downloading unintended the identified Patches, place them in the directory /CPU_PATCHES/WLS/<VersionNumber>/YYYY_Q[1|2|3|4] and creating a symlink on the latest CPU Patch to actual.

Get your Patches

To download the latest available patches, simply execute following commands:

root@server> cd /CPU_TOOL
root@server> ./patch_download.ksh -i mos.properties

2017-05-09_11:46:19 08102 Reading provided Configuration File
2017-05-09_11:46:19 08102 ...
2017-05-09_11:46:19 08102 Starting to download latest Version of em_catalog.zip from My Oracle Support
Archive:  /CPU_TOOL/em_catalog.zip
  inflating: /CPU_TOOL/em_catalog/aru_products.xml  
  inflating: /CPU_TOOL/em_catalog/aru_releases.xml  
  inflating: /CPU_TOOL/em_catalog/aru_platforms.xml  
  inflating: /CPU_TOOL/em_catalog/aru_languages.xml  
  inflating: /CPU_TOOL/em_catalog/aru_product_groups.xml  
  inflating: /CPU_TOOL/em_catalog/aru_product_releases.xml  
  inflating: /CPU_TOOL/em_catalog/aru_component_releases.xml  
  inflating: /CPU_TOOL/em_catalog/aru_targets.xml  
  inflating: /CPU_TOOL/em_catalog/components.xml  
  inflating: /CPU_TOOL/em_catalog/certifications.xml  
  inflating: /CPU_TOOL/em_catalog/patch_recommendations.xml  
 extracting: /CPU_TOOL/em_catalog/README.txt  
2017-05-09_11:46:56 08102 Done to download latest Version of em_catalog.zip from My Oracle Support
2017-05-09_11:46:56 08102 Starting to download Oracle WLS CPU's
2017-05-09_11:46:57 08102 Downloading CPU Patch 25388747 for WLS 10.3.6
2017-05-09_11:47:39 08102 Downloading CPU Patch 22505331 for WLS 12.1.2
2017-05-09_11:48:07 08102 Downloading CPU Patch 25388793 for WLS 12.1.3
2017-05-09_11:48:34 08102 Downloading CPU Patch 25388847 for WLS 12.2.1.0
2017-05-09_11:48:54 08102 Downloading CPU Patch 25388843 for WLS 12.2.1.1
2017-05-09_11:49:18 08102 Downloading CPU Patch 25388866 for WLS 12.2.1.2
2017-05-09_11:49:41 08102 Done to download Oracle WLS CPU's


Now you will find under the directory /CPU_PATCHES/WLS<VersionNumber>/YYYY_Q[1|2|3|4] the latest available CPU Patch for your Oracle WebLogic Server.
You can easily change in the mos.properties configuration file the target location for the CPU Patches to e.g. a mounted NAS drive, which you can attach to your WebLogic hosts, so that the patches are immediately available on your hosts for WebLogic Server.

Monday, April 10, 2017

Silent Installation and Configuration of Standalone Oracle HTTP Server

Currently I am working in a project for which will be needed the Oracle HTTP Server (OHS) in a Standalone Mode as a frontend Web Server for a Oracle SOA 12.2.1.2.0 environment.

As I am not really a fan of clicking through several installers and configuration wizards, I have created some scripts for a complete silent installation of the Standalone Oracle HTTP Server 12.2.1.2.0 and on top a silent configuration of the standalone Domain for the Oracle HTTP Server.

Silent Installation of the Oracle HTTP Server Software

For the following example, we will use following naming convention:
  • MW_HOME=/u00/app/oracle/product/fmw-webtier-12.2.1.2.0
  • JAVA_HOME=/u00/app/oracle/product/jdk1.8.0_121
  • DOMAIN_HOME=/u00/app/oracle/user_projects/domains/ohs_domain
Download at first the required installation software from Oracle Technology Network http://www.oracle.com/technetwork/middleware/webtier/downloads/index.html and transfer the installation software to your target server, e.g. /u00/app/oracle/tmp.


Make sure you that you have a JDK 1.8 on your server, I prefer to install the JDK under the Oracle user, e.g. /u00/app/oracle/product/jdk1.8.0_121

Connect to your server as oracle user and create following files under the directory /u00/app/oracle/tmp

webtier.rsp
[ENGINE]
Response File Version=1.0.0.0.0
[GENERIC]
ORACLE_HOME=/u00/app/oracle/product/fmw-webtier-12.2.1.2.0
INSTALL_TYPE=Standalone HTTP Server (Managed independently of WebLogic server)
DECLINE_SECURITY_UPDATES=true
SECURITY_UPDATES_VIA_MYORACLESUPPORT=false

oraInst.loc
inst_group=oinstall
inventory_loc=/u00/app/oracle/oraInventory

Now we can extract the installation software and install the Oracle HTTP Server in silent mode
oracle@server> cd /u00/app/oracle/tmp
oracle@server> unzip fmw_12.2.1.2.0_ohs_linux64_Disk1_1of1.zip
oracle@server> ./fmw_12.2.1.2.0_ohs_linux64.bin -jreLoc /u00/app/oracle/product/jdk1.8.0_121 -silent -responseFile /u00/app/oracle/tmp/webtier.rsp -invPtrLoc /u00/app/oracle/tmp/oraInst.loc

0%...................................................................................................100%
Launcher log file is /tmp/OraInstall2017-04-10_12-39-12PM/launcher2017-04-10_12-39-12PM.log.
Checking if CPU speed is above 300 MHz.   Actual 2194.918 MHz    Passed
Checking swap space: must be greater than 512 MB.   Actual 3071 MB    Passed
Checking if this platform requires a 64-bit JVM.   Actual 64    Passed (64-bit not required)
Checking temp space: must be greater than 300 MB.   Actual 8528 MB    Passed
. . .
. . .
Percent Complete : 90
Visit http://www.oracle.com/support/policies.html for Oracle Technical Support policies.
Percent Complete : 100

The installation of Oracle HTTP Server 12.2.1.2.0 completed successfully.
Logs successfully copied to /u00/app/oracle/oraInventory/logs.

Now we have installed the Oracle HTTP Server Software.

Silent Configuration of the Standalone Domain for the Oracle HTTP Server

The next step is to configure in a silent way the required Standalone Domain for our Oracle HTTP Server.

For this I have 3 scripts:

  • setLocalEnv.sh = contains all necessary Environment Variables for the creation of the Standalone Domain
  • cr_ohs_domain.sh = Wrapper Script to source the setLocalEnv.sh and execute the cr_ohs_domain.py
  • cr_ohs_domain.py = Python Script to create the Standalone Domain for the Oracle HTTP Server

setLocalEnv.sh
#
# Author: Dirk Nachbar
#
# http://dirknachbar.blogspot.com
#
# Environment Script for silent Standalone OHS Domain Creation
# 
#
export SCRIPT_HOME=$PWD
export MW_HOME=/u00/app/oracle/product/fmw-webtier-12.2.1.2.0
export WLST_HOME=$MW_HOME/oracle_common/common/bin
export JAVA_HOME=/u00/app/oracle/product/jdk1.8.0_121
export DOMAIN_NAME=ohs_domain
export DOMAIN_HOME=/u00/app/oracle/user_projects/domains/$DOMAIN_NAME
export NM_LISTENADDRESS=`hostname -f`
export NM_TYPE=SSL
export NM_PORT=5557
export NM_USERNAME=nodemanager
export NM_PASSWORD=welcome1
export NM_HOME=$DOMAIN_HOME/nodemanager
export OHSINSTANCENAME=ohs1
export OHSADMINPORT=9999
export OHSHTTPPORT=7777
export OHSHTTPSPORT=4443

The above Environment Variables are all self-explained, you may align them to your specific needs.
cr_ohs_domain.sh
#!/bin/sh
#
# Author: Dirk Nachbar
#
# http://dirknachbar.blogspot.com
#
# Shell Script Wrapper for Silent Standalone OHS Domain Creation
#

start_time=$(date +%s)

. $PWD/setLocalEnv.sh

echo "============================================="
echo " Program: cr_ohs_domain.sh              ....."
echo "============================================="

if [ -z "${WLST_HOME}" ]; then
   echo " Environment not correctly set - please verify"
   exit 1
fi

if ! test -d "${DOMAIN_HOME}"; then
   echo "============================================="
   echo " Domain will be installed               ....."
   echo "============================================="
   if [ -z "${MW_HOME}" -o -z "${JAVA_HOME}" -o -z "${DOMAIN_NAME}" -o -z "${DOMAIN_HOME}" -o -z "${NM_LISTENADDRESS}" -o -z "${NM_TYPE}" -o -z "${NM_PORT}" -o -z "${NM_USERNAME}" -o -z "${NM_PASSWORD}" -o -z "${NM_HOME}" -o -z "${OHSADMINPORT}" -o -z "${OHSHTTPPORT}" -o -z "${OHSHTTPSPORT}" ]; then
      echo " Environment not set - Exit"
      exit 1
   fi

   # In case we are facing problems with /dev/random
   export CONFIG_JVM_ARGS=-Djava.security.egd=file:/dev/./urandom:$CONFIG_JVM_ARGS

   ${WLST_HOME}/wlst.sh ${SCRIPT_HOME}/cr_ohs_domain.py

   # Set End Time
   finish_time=$(date +%s)
   echo "Finished"
   echo "Domain Build Time: $(( $((finish_time - start_time))/60))  minutes."
 else
   echo "Domain is already installed ..."
fi

cr_ohs_domain.py
#!/usr/bin/python
#
# Author: Dirk Nachbar
#
# http://dirknachbar.blogspot.com
#

import os, sys

v_mwHome=os.environ['MW_HOME']
v_jdkHome=os.environ['JAVA_HOME']
v_domainHome=os.environ['DOMAIN_HOME']
v_domainName=os.environ['DOMAIN_NAME']
v_NMUsername=os.environ['NM_USERNAME']
v_NMPassword=os.environ['NM_PASSWORD']
v_NMHome=os.environ['NM_HOME']
v_NMHost=os.environ['NM_LISTENADDRESS']
v_NMPort=os.environ['NM_PORT']
v_NMType=os.environ['NM_TYPE']
v_OHSInstanceName=os.environ['OHSINSTANCENAME']
v_OHSAdminPort=os.environ['OHSADMINPORT']
v_OHSHTTPPort=os.environ['OHSHTTPPORT']
v_OHSHTTPSPort=os.environ['OHSHTTPSPORT']

readTemplate(v_mwHome +'/wlserver/common/templates/wls/base_standalone.jar')
addTemplate(v_mwHome +'/ohs/common/templates/wls/ohs_standalone_template.jar')

cd('/')
create(v_domainName, 'SecurityConfiguration') 
cd('SecurityConfiguration/' + v_domainName)
set('NodeManagerUsername',v_NMUsername)
set('NodeManagerPasswordEncrypted',v_NMPassword)
setOption('NodeManagerType', 'CustomLocationNodeManager');
setOption('NodeManagerHome', v_NMHome);
setOption('JavaHome', v_jdkHome )

cd('/Machines/localmachine/NodeManager/localmachine')
cmo.setListenAddress(v_NMHost);
cmo.setListenPort(int(v_NMPort));
cmo.setNMType(v_NMType);

delete(v_OHSInstanceName,'SystemComponent')
create (v_OHSInstanceName,'SystemComponent')
cd('/OHS/'+v_OHSInstanceName)
cmo.setAdminPort(v_OHSAdminPort)
cmo.setListenPort(v_OHSHTTPPort)
cmo.setSSLListenPort(v_OHSHTTPSPort)

writeDomain(v_domainHome) 

Now we can execute the cr_ohs_domain.sh which will create silently the Standalone Domain for our Oracle HTTP Server:

oracle@server> cd /u00/app/oracle/tmp
./cr_ohs_domain.sh

=============================================
 Program: cr_ohs_domain.sh              .....
=============================================
=============================================
 Domain will be installed               .....
=============================================

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Finished
Domain Build Time: 1  minutes.

And thats it, now you can start your Oracle HTTP Server Instance named ohs1

oracle@server> cd /u00/app/oracle/user_projects/domains/ohs_domain/bin
oracle@server> ./startNodeManager > /dev/null 2>&1 &
oracle@server> ./startComponent.sh ohs1 storeUserConfig



Friday, April 7, 2017

Switching MPM Type for Oracle HTTP Server 12c

The Oracle HTTP Server (OHS) comes by default with the MPM (Multi-Processing Modules) Type event for Linux systems, but sometimes you need to change the MPM Type for example to prefork.

The Oracle HTTP Server comes by default with 4 MPM Types:
  • Worker: This is the default for non-Linux UNIX Platforms, e.g. Solaris, AIX ...
  • Event: This is the default for Linux Platforms
  • Prefork: This Type implements a non-threaded, pre-forking server, that handles request as an Apache HTTPD Server 1.3
  • WinNT: This is the default for Windows Platforms
For more details about the MPM Types see http://docs.oracle.com/middleware/12212/webtier/administer-ohs/man_server.htm#zzaszzohszzmpm

In case you need to switch the MPM Type, you need at first to check if you have a standalone OHS or a OHS in a WebLogic Server Domain, as the way to switch the MPM Type is depending on these 2 options.

Switching MPM for a standalone OHS:

Simply connect to your server as oracle user and perform following steps:
cd $DOMAIN_HOME/config/fmwconfig/components/OHS/<OHS_Componentname>/

# Open the Config File ohs.plugins.nodemanager.properties
# and add following line at the end
# depending on your desired MPM Type
# mpm = prefork
# mpm = worker
# mpm = event
mpm = prefork

After that restart your OHS with:
cd $DOMAIN_HOME/bin
./stopComponent.sh <OHS_Componentname>
./startComponent.sh <OHS_Componentname> 

Switching MPM for OHS in a WebLogic Domain

Simply connect to your server as oracle user and perform following steps:
$ORACLE_HOME/oracle_common/common/bin/wlst.sh
connect('weblogic', '<AdminPassword>', '<servername>:<Port>')
editCustom()
cd('oracle.ohs')
cd('oracle.ohs:type=OHSInstance.NMProp,OHSInstance=<OHS_Componentname>,component=OHS')
startEdit()
# Set here your desired MPM Type
# possible values are:
# - prefork
# - event
# - worker
# - winnt (only for Windows)
set('Mpm','prefork') 
save()
activate()

After that restart your OHS with:
cd $DOMAIN_HOME/bin
./stopComponent.sh <OHS_Componentname>
./startComponent.sh <OHS_Componentname> 


Wednesday, March 22, 2017

Consume WebLogic Server RESTFul Management Services with ELK

In several of my projects for Oracle WebLogic Server and Oracle Fusion Middleware Environments a main topic is the monitoring.
Oracle provides with the Oracle Enterprise Manager Cloud Control are really powerful solution to monitor Oracle WebLogic Server and Oracle Fusion Middleware Environments, but the disadvantage is the huge license cost for the necessary Management Packs for Oracle WebLogic / Fusion Middleware. Moreover in many small to midrange sized environments the Oracle Enterprise Manager Cloud Control can be an overkill and due to the license costs for the Management Packs a no-go.

There are several solutions on the market, some commercial and some open source, for Oracle WebLogic Server Monitoring.

I will show you a short test case, how to consume Oracle WebLogic Server RESTFul Management Services with the so called ELK Stack (Elasticsearch / Logstash / Kibana). How to setup the ELK stack, just check Google or the documentation on elastic.co https://www.elastic.co/guide/en/elastic-stack/current/index.html

My environment is as follows:

  • Ubuntu 16.04 server named "monitoring" which is hosting my ELK Stack
  • Oracle Enterprise Linux named "wls12212" which is hosting my Oracle WebLogic Server with a Domain called demo_domain
    • AdminServer running on Port 7001
On the ELK server monitoring add a Logstash configuration file wls-rest.conf under /etc/logstash/conf.d
For this I will use the Input Plugin http_poller (see https://www.elastic.co/guide/en/logstash/current/plugins-inputs-http_poller.html)

input {
  http_poller {
    urls => {
      test1 => {
        method => get
        # define the RESTFul Management Service URL
        url => "http://wls12212:7001/management/wls/latest/servers"
        headers => {
          Accept => "application/json"
        }
        # Define the Basic Authentication against the WebLogic Server
        auth => {
          user => "weblogic"
          password => "welcome01"
        }
      }
    }
    request_timeout => 30
    # poll every 60 seconds the metrics
    interval => 60
    # Set the Codec to json
    codec => "json"
    metadata_target => "http_poller_metadata"
  }
}

output {
  # Output to elasticsearch
  elasticsearch { hosts => ["localhost:9200"] }
  # Output to stdout
  stdout { codec => rubydebug }
}


Now we can start our logstash process on the ELK server monitoring

/opt/logstash/bin/logstash -f /etc/logstash/conf.d/wls-rest.conf
Settings: Default pipeline workers: 1
Pipeline main started
{
                   "items" => [
        [0] {
                   "heapFreeCurrent" => 188998424,
                   "heapSizeCurrent" => 374341632,
                "usedPhysicalMemory" => 3520323584,
                  "jvmProcessorLoad" => 0,
                            "health" => {
                "state" => "ok"
            },
            "activeHttpSessionCount" => 0,
                 "activeThreadCount" => 11,
                              "name" => "DemoAdminServer",
                             "state" => "running"
        },
        [1] {
                   "heapFreeCurrent" => 275771456,
                   "heapSizeCurrent" => 401080320,
                "usedPhysicalMemory" => 3520323584,
                  "jvmProcessorLoad" => 0,
                            "health" => {
                "state" => "ok"
            },
            "activeHttpSessionCount" => 0,
                 "activeThreadCount" => 8,
                              "name" => "DemoMS1",
                             "state" => "running"
        },
. . .
. . .


Now we can check in Kibana the Indices under Settings:



and define our Visualization under Visualize:




With this really simple configuration you can consume all available Metrics within the WebLogic RESTFul Management Services via ELK Stack just by defining the url in the http_poller configuration, visualise them, create dashboard and with the Output Plugins in Logstash (https://www.elastic.co/guide/en/logstash/current/output-plugins.html) you can even define notifications through Email, Nagios, Zabbix and so on ...


Wednesday, March 1, 2017

Oracle Database 12.2.0.1.0 available for download

The new Oracle Database 12.2.0.1.0 Software were released earlier than announced, its available since today for download on Oracle Technology Network http://www.oracle.com/technetwork/database/enterprise-edition/downloads/index.html

Currently the Oracle Database 12.2.0.1.0 are available for following Operating Systems:


  • Linux x86-64
  • Oracle Solaris on SPARC
  • Oracle Solaris on x86 systems, 64-bit

The following Software is available:

  • Oracle Database 12c Release 2 (12.2.0.1.0)
  • Oracle Database 12c Release 2 (12.2.0.1.0) Grid Infrastructure
  • Oracle Database 12c Release 2 (12.2.0.1.0) Global Service Manager
  • Oracle Database Gateways 12c Release 2 (12.2.0.1.0) 
  • Oracle Database 12c Release 2 (12.2.0.1.0) Examples
  • Oracle Database 12c Release 2 Client (12.2.0.1.0)

And on top, to make the day perfect, Oracle released also in the GitHub Repository https://github.com/oracle/docker-images/tree/master/OracleDatabase the corresponding Docker Files for Oracle Database 12.2.0.1.0 :-)



Happy download and happy Docker build :-)

Thursday, February 9, 2017

SOA 12.2.1.2.0: Schedule your Integration Workload Statistics (IWS) Report by Command Line

From Oracle SOA Suite 12.2.1 on, Oracle added a nice feature - The Integration Workload Statistics, which you can compare to an Oracle Database AWR report for your SOA Suite.

Kevin King from AVIO Consulting has released for this a really good blog post about the IWS http://www.avioconsulting.com/blog/no-more-hidden-soa-performance-problems

As I am more coming from the Administration site, I prefer to have script-based solutions.

Here I will show you how to scheduled an automated way for the generation of your Integration Workload Statistics including mailing of the report for UNIX platforms:

On your server which is hosting your SOA suite simply perform following steps as SOA Suite Software owner:


cd $HOME
mkdir -p iws_report/logs
cd iws_report

Create in the new folder $HOME/iws_report a script called create_soa_iws_report.ksh with following content:

#!/bin/ksh
#
# Author: Dirk Nachbar
#
# Purpose: Script to create an IWS Report for a given SOA Domain
#          and Managed Server
#
#---------------------------------------------------------------------


#---------------------------------------------------------------------
# CONSTANTS
#---------------------------------------------------------------------
MyName="$(basename $0)"
# Align the value for your Middleware Home directory
MW_HOME=/u00/app/oracle/product/fmw-soa-12.2.1.2.0
WorkDir=`pwd`


#---------------------------------------------------------------------
Usage()
#
# PURPOSE: Verwendung
#---------------------------------------------------------------------
{

  echo "ERR: create_soa_iws_report.ksh called with wrong parameters"
  cat <<_EOI

SYNOPSIS
       create_soa_iws_report.ksh  -d <Domain_Name> -s <ManagedServer> 
               -t <Number of Hours to look back>
               
DESCRIPTION
       
Creation of IWS Report for a given SOA Domain and Managed Server

_EOI


    exit 1
}

#---------------------------------------------------------------------
CheckParams()
#
# PURPOSE: Checks the input Parmeters 
#---------------------------------------------------------------------
{
    if [ "${TheDomain}" = "" ] ; then
        echo "ERR: Missing parameter(s), the flags -d must be used."
        Usage
    fi

    if [ "${TheManagedServer}" = "" ] ; then
        echo "ERR: Missing parameter(s), the flags -s must be used."
        Usage
    fi

    if [ "${TheHoursBack}" = "" ] ; then
        echo "ERR: Missing parameter(s), the flags -t must be used."
        Usage
    fi

}


#---------------------------------------------------------------------
CreateIWSReport()
#
# PURPOSE: Creates an IWS Report for the given ManagedServer
#
#---------------------------------------------------------------------
{

echo "STARTING: Creating IWS Report for ${TheDomain} / ${TheManagedServer} over the last ${TheHoursBack} hours"
HighDate="$(date '+%Y-%m-%dT%H:%M:%S+0200')"

LowDate=$(eval "date '+%Y-%m-%dT%H:%M:%S+0200' -d '${TheHoursBack} hours ago'")

LogFileDate="$(date '+%Y-%m-%d_%H:%M:%S')"

export TheLogFile=${WorkDir}/logs/iws_report_${TheDomain}_${TheManagedServer}_${LogFileDate}.html


${MW_HOME}/oracle_common/common/bin/wlst.sh ${WorkDir}/soa_iws_report.py ${TheManagedServer} ${LowDate} ${HighDate}

echo "DONE: Creating IWS Report for ${TheDomain} / ${TheManagedServer} over the last ${TheHoursBack} hours"
echo "INFO: IWS Report = ${TheLogFile}"


}

#---------------------------------------------------------------------
MailIWSReport()
#
# PURPOSE: Mail the prior create IWS Report 
#
#---------------------------------------------------------------------
{

# Getting the Email Recipients
ConfigFile=${TheManagedServer}.properties

TheMailRecipients="$(cat ${WorkDir}/${ConfigFile} | grep -i "^mailrecipients=" | head -n 1 | cut -d= -f2-)"
TheEmailSubject="IWS for ${TheDomain} - ${TheManagedServer}"

echo "STARTING: Mail the IWS Report ${TheLogFile}"

echo "IWS Report" | mailx -s "${TheEmailSubject}" -a ${TheLogFile} ${TheMailRecipients}

echo "DONE: Mail the IWS Report ${TheLogFile}"

}


#---------------------------------------------------------------------
# MAIN
#---------------------------------------------------------------------

TheDomain=""
TheManagedServer=""
TheHoursBack=""

while getopts d:s:t:h: CurOpt; do
    case ${CurOpt} in
        d) TheDomain="${OPTARG}"        ;;
        s) TheManagedServer="${OPTARG}" ;;
        t) TheHoursBack="${OPTARG}"     ;;
        h) Usage           exit 1       ;;
        ?) Usage           exit 1       ;;
    esac
done
shift $((${OPTIND}-1))

if [ $# -ne 0 ]; then
    Usage
fi


CheckParams

CreateIWSReport

MailIWSReport


Create in the folder $HOME/iws_report a property file with following naming convention <your_managed_server_name>.properties and fill it with following content:

domain.name=<your_domain_name>
soa.url=<your_server_name>:<port_of_your_managed_server>
admin.userName=weblogic
admin.password=<password_of_weblogic_user>
mailrecipients=<email>


Moreover we need in the $HOME/iws_report directory a Python script named soa_iws_report.py with following content:

# ============================================================
#
# Script: soa_iws_report.py
#
# Author: Dirk Nachbar
#
# Purpose: Generates an IWS Report based on input time range
#
# ============================================================

import sys, os, getopt
from java.util import Date
from java.text import SimpleDateFormat
from java.io import File
from java.io import FileOutputStream
from java.io import FileInputStream

# Load the WLS Connection Credential and establish the connection
propInputStream = FileInputStream(sys.argv[1]+".properties")
# propInputStream = FileInputStream("domain.properties")
configProps = Properties()
configProps.load(propInputStream)
domainName=configProps.get("domain.name")
soaURL=configProps.get("soa.url")
adminUserName=configProps.get("admin.userName")
adminPassword=configProps.get("admin.password")
LogFile=os.environ['TheLogFile']

connect(adminUserName,adminPassword,soaURL)

getSoaIWSReportByDateTime(sys.argv[1], 0, sys.argv[2], sys.argv[3], 'default', None, 10, 'html', LogFile)
disconnect()



After that validate that the IWS is activated, either by Enterprise Manager Fusion Middleware or with wlst:

cd $ORACLE_HOME/oracle_common/common/bin
./wlst.sh
Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

wls:/offline> connect('weblogic','<your_weblogic_password>','<your_server_name>:<port_of_your_managed_server>')

# Check the current status of the IWS
wls:/demo_domain/serverConfig/> getSoaIWSStatisticsLevel()

Successfully executed the command. SOA IWS Statistics Level is : OFF

# Check the current Snapshot Interval for IWS
wls:/demo_domain/serverConfig/> getSoaIWSSnapshotInterval()

Successfully executed the command. SOA IWS Snapshot Interval is : 10 minutes.

# List all available Statistics Levels
wls:/demo_domain/serverConfig/> getSoaIWSStatisticsLevelList()

Successfully executed the command. SOA IWS Statistics Level List : 
--------------------------------------------------------------
FINEST
NORMAL
BASIC
MINIMUM
OFF
--------------------------------------------------------------

# Set your IWS Statistics Level, e.g. NORMAL
wls:/demo_domain/serverConfig/> setSoaIWSStatisticsLevel('NORMAL')

# Validate your IWS Statistics Level
wls:/demo_domain/serverConfig/> getSoaIWSStatisticsLevel()

Successfully executed the command. SOA IWS Statistics Level is : NORMAL

wls:/demo_domain/serverConfig/> exit()


Perform some activities on your SOA Suite and after some time run the create_soa_iws_report.ksh:

cd $HOME/iws_report
./create_soa_iws_report.ksh
ERR: Missing parameter(s), the flags -d must be used.
ERR: create_soa_iws_report.ksh called with wrong parameters

SYNOPSIS
       create_soa_iws_report.ksh  -d <domain_name> -s <managedserver> 
               -t <Number of Hours to look back>
               
DESCRIPTION
       
Creation of IWS Report for a given SOA Domain and Managed Server

./create_soa_iws_report.ksh -d demo_domain -s soa_server1 -t 1

STARTING: Creating IWS Report for demo_domain / soa_server1 over the last 1 hours

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Connecting to t3://soaserver1:7004 with userid weblogic ...
Successfully connected to managed Server "soa_server1" that belongs to domain "demo_domain".

Warning: An insecure protocol was used to connect to the server. 
To ensure on-the-wire security, the SSL port or Admin port should be used instead.


Successfully executed the command. Report generated in the file given.

Disconnected from weblogic server: soa_server1
DONE: Creating IWS Report for demo_domain / soa_server1 over the last 1 hours
INFO: IWS Report = /home/oracle/iws_report/logs/iws_report_demo_domain_soa_server1_2017-02-09_15:58:23.html
STARTING: Mail the IWS Report /home/oracle/iws_report/logs/iws_report_demo_domain_soa_server1_2017-02-09_15:58:23.html
DONE: Mail the IWS Report /home/oracle/iws_report/logs/iws_report_demo_domain_soa_server1_2017-02-09_15:58:23.html


Now you should find in your Inbox for your Mail your IWS Report and under the $HOME/iws_report/logs directory the generated HTML IWS Report.

Wednesday, December 21, 2016

Oracle Database 12.1.0.2.0 are officially supported on Docker

Since yesterday, Tuesday 20th December 2016, the Oracle Database 12.1.0.2.0 and later are officially supported on Docker :-)

The corresponding My Oracle Support Note 2216342.1 can be found here: https://support.oracle.com/epmos/faces/DocContentDisplay?id=2216342.1


In the GitHub Repository of Oracle the related README is also updated to reflect the support for Oracle Database 12.1.0.2.0 and later on Docker.
All required files to build such a supported Oracle Database Instance on Docker can be found here: https://github.com/oracle/docker-images/tree/master/OracleDatabase


Friday, December 16, 2016

Accessing WebLogic Server Logfiles via RESTFul Management Services

The RESTFul Management Services within Oracle WebLogic 12c is one of the greatest features and my personal favorite.

You can achieve a lot of things with the RESTFul Management Services, like creating DataSources, perform deployments, startup and shutdown Managed Servers and so on.

But you also can access the different WebLogic Server Logfiles :-)

Let's say your developers needs access to the Logfiles of your Oracle WebLogic Server, but you don't want to give them access to your Server which is hosting your Oracle WebLogic Server.
Just create a new User in your WebLogic Admin Console and give this new User the Group "Monitor". With the Monitor Group you can access the WebLogic RESTFul Management Services.

Now your developers can retrieve the Logfiles with a simple cURL command from their desktops:

http://<servername>:<adminport>/management/wls/latest/servers/id/<ServerName>/logs/<LogType>

For the LogType you have following options:
  • DataSourceLog
  • DomainLog (only for AdminServer)
  • HTTPAccessLog
  • ServerLog


A possible cURL request to retrieve the DomainLog of your WebLogic Domain could be as follows:

# Replace the Server Name and Port with your values
# Replace the AdminServer Name "PRODAdminServer" with your AdminServer Name
#
curl -s --user RESTAdmin:welcome1 \
        -H X-Requested-By:MyClient \
        -H Accept:application/json \
        -X GET http://wls122:7101/management/wls/latest/servers/id/PRODAdminServer/logs/id/DomainLog > domain.log

or like this:

# Replace the Server Name and Port with your values
# Replace the Managed Server Name "Prod_ManagedServer1" with your Managed Server Name
#
curl -s --user RESTAdmin:welcome1 \
        -H X-Requested-By:MyClient \
        -H Accept:application/json \
        -X GET http://wls122:7101/management/wls/latest/servers/id/Prod_ManagedServer1/logs/id/ServerLog > Prod_ManagedServer1_ServerLog.log

The corresponding Logfile retrieval in JSON format will look as follows:

DomainLog:


Managed Server ServerLog:



Permanent Re-Login for WebLogic Consoles for multiple WebLogic Domains on one Server

In case you have multiple Oracle WebLogic Server Domains on one Server running, you might realise the following problem:

Opening 2 or more WebLogic Consoles in one Browser and switching the Browser tabs between the different WebLogic Consoles, you have to re-login all the times for your different WebLogic Consoles. This is really annoying ...

The problem behind is really simple, its the WebLogic Admin Console Cookie, as for all Oracle WebLogic Admin Consoles the default Cookie Name is identical, its named "ADMINCONSOLESESSION".

In order to avoid this permanent re-login to your multiple WebLogic Admin Consoles, you simply have to configure for each Oracle WebLogic Server Domain running on the same server unique Cookie Names.
I prefer the following naming convention: Cookie Name = Domain Name.

Open your WebLogic Admin Console and navigate to the Domain Configuration.


Activate the Lock & Edit Mode under the Change Center:


Expand the Advanced Configuration Options in the Domain Configuration / General Section:


Within the Advanced Configuration Options you will find the Configuration Item "Console Cookie Name" with the default Cookie Name "ADMINCONSOLESESSION":


Change the Console Cookie Name to a unique Cookie Name, e.g. your WebLogic Domain Name and press the Save button:


Finally activate your changes under the Change Center:


After the activation of your changes, you will get a notification message, that you have to restart 1 item. To check which item you have to restart, click under the Change Center the Text Line "View changes and restarts"


Within "Changes and Restarts" under the tab "Restart Checklist" you will see that your AdminServer needs to be restarted in order to take your prior changes.


Restart your Admin Server and from now on your WebLogic Admin Console will use a unique cookie name. Perform the above steps for all WebLogic Server Domains running on your server and you will not have anymore the problem with the permanent re-login to your WebLogic Admin Console for multiple WebLogic Domains on one server.

Thursday, December 15, 2016

WLST Error "General SSLEngine problem" after Nodemanager SSL Configuration

In case you configured your WebLogic Nodemanager with SSL, you might run into the following error while using nmConnect via WLST.


cd $ORACLE_HOME/oracle_common/common/bin
./wlst.sh

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

wls:/offline> nmConnect('nodemanager', 'welcome1', 'soaserver1', '5556', 'demo_domain' , '/u00/app/oracle/user_projects/domains/demo_domain' , 'ssl')
Connecting to Node Manager ...
<Dec 15, 2016 2:22:30 PM CET> <Info> <Security> <BEA-090905> <Disabling the CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true.> 
<Dec 15, 2016 2:22:30 PM CET> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG128 to HMACDRBG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true.> 
<Dec 15, 2016 2:22:30 PM CET> <Info> <Security> <BEA-090909> <Using the configured custom SSL Hostname Verifier implementation: weblogic.security.utils.SSLWLSHostnameVerifier$NullHostnameVerifier.> 
Traceback (innermost last):
  File "<console>", line 1, in ?
  File "<iostream>", line 111, in nmConnect
  File "<iostream>", line 553, in raiseWLSTException
WLSTException: Error occurred while performing nmConnect : Cannot connect to Node Manager. : General SSLEngine problem 
Use dumpStack() to view the full stacktrace :


My current nodemanager configuration is as follows:

#Node manager properties
#Fri Dec 09 12:04:54 CET 2016
DomainsFile=/u00/app/oracle/user_projects/domains/demo_domain/nodemanager/nodemanager.domains
LogLimit=0
PropertiesVersion=12.2.1.2.0
AuthenticationEnabled=true
NodeManagerHome=/u00/app/oracle/user_projects/domains/demo_domain/nodemanager
JavaHome=/u00/app/oracle/product/jdk1.8.0_101
LogLevel=INFO
DomainsFileEnabled=true
ListenAddress=soaserver1
NativeVersionEnabled=true
ListenPort=5556
LogToStderr=true
weblogic.StartScriptName=startWebLogic.sh
SecureListener=true
LogCount=1
QuitEnabled=false
LogAppend=true
weblogic.StopScriptEnabled=false
StateCheckInterval=500
CrashRecoveryEnabled=false
weblogic.StartScriptEnabled=true
LogFile=/u00/app/oracle/user_projects/domains/demo_domain/nodemanager/nodemanager.log
LogFormatter=weblogic.nodemanager.server.LogFormatter
ListenBacklog=50
KeyStores=CustomIdentityAndCustomTrust
CustomIdentityKeystoreType=jks
CustomIdentityKeyStoreFileName=/home/soa/keystore/identity.jks
CustomIdentityKeyStorePassPhrase={AES}rQXxLXU2h6IBTrreiBVce3kGEfK8d4uUzsb+WKQqCu8=
CustomIdentityPrivateKeyPassPhrase={AES}M0Wl5V0kcCy27txsYyFzngS2jUoShI92PNlKUWb+JQo=
CustomIdentityAlias=selfsigned
CustomTrustKeystoreType=jks
CustomTrustKeyStoreFileName=/home/soa/keystore/trust.jks
CustomTrustKeyStorePassPhrase=


The solution to be able to connect via WLST to your Nodemanager is pretty simple, just modify the $ORACLE_HOME/oracle_common/common/bin/wlst.sh as follows:

#
# Search for the line 
#    JVM_ARGS="${WLST_PROPERTIES} ${JVM_D64} ${UTILS_MEM_ARGS} ${CONFIG_JVM_ARGS}"
# Add before the JVM_ARGS line following lines with the shown JAVA_OPTIONS
# and replace the line 
#    eval '"${JAVA_HOME}/bin/java"' ${JVM_ARGS} weblogic.WLST '"$@"'
# as shown below with
#    eval '"${JAVA_HOME}/bin/java"' ${JVM_ARGS} ${JAVA_OPTIONS} weblogic.WLST '"$@"'
#
JAVA_OPTIONS="-Dweblogic.ssl.JSSEEnabled=true ${JAVA_OPTIONS}"
JAVA_OPTIONS="-Dweblogic.security.SSL.enableJSSE="true" ${JAVA_OPTIONS}"
JAVA_OPTIONS="-Dweblogic.security.SSL.ignoreHostnameVerification=true ${JAVA_OPTIONS}"
JAVA_OPTIONS="-Dweblogic.security.TrustKeyStore=CustomTrust ${JAVA_OPTIONS}"
JAVA_OPTIONS="-Dweblogic.security.CustomTrustKeyStoreFileName=/home/soa/keystore/trust.jks ${JAVA_OPTIONS}"
JAVA_OPTIONS="-Dweblogic.security.CustomTrustKeyStorePassPhrase=welcome1 ${JAVA_OPTIONS}"
JAVA_OPTIONS="-Dweblogic.security.CustomTrustKeyStoreType=JKS ${JAVA_OPTIONS}"
export JAVA_OPTIONS

JVM_ARGS="${WLST_PROPERTIES} ${JVM_D64} ${UTILS_MEM_ARGS} ${CONFIG_JVM_ARGS}"
if [ -d "${JAVA_HOME}" ]; then
 # eval '"${JAVA_HOME}/bin/java"' ${JVM_ARGS} weblogic.WLST '"$@"'
 eval '"${JAVA_HOME}/bin/java"' ${JVM_ARGS} ${JAVA_OPTIONS} weblogic.WLST '"$@"'
else
 exit 1
fi


After the above modifications you can use WLST to connect to the Nodemanager with the nmConnect command.

cd $ORACLE_HOME/oracle_common/common/bin
./wlst.sh

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

wls:/offline> nmConnect('nodemanager', 'welcome1', 'soaserver1', '5556', 'demo_domain' , '/u00/app/oracle/user_projects/domains/demo_domain' , 'ssl')
Connecting to Node Manager ...
<Dec 15, 2016 2:38:15 PM CET> <Info> <Security> <BEA-090905> <Disabling the CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true.> 

<Dec 15, 2016 2:38:15 PM CET> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG128 to HMACDRBG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true.> 

<Dec 15, 2016 2:38:16 PM CET> <Info> <Security> <BEA-090909> <Using the configured custom SSL Hostname Verifier implementation: weblogic.security.utils.SSLWLSHostnameVerifier$NullHostnameVerifier./gt; 

Successfully Connected to Node Manager.


Friday, December 9, 2016

Install and Configure Oracle SOA Suite 12c with 2 different Linux Users

I am currently involved in a project were one requirement is, that the Oracle Software (WebLogic Server and Oracle SOA Suite) is installed by one Linux User and the on top to be used Oracle SOA Domain should be created and started as another Linux User.

In general that's according to the Oracle Documentation for Oracle SOA Suite 12.2.1.2.0 possible


But there is a small and important note: Certain domain files do not have the group permissions. For example, cwallet.sso.

Oracle is just providing one file (cwallet.sso) out of certain files which are lacking from the correct group permission.

Before you run in the same try-and-error procedure to find out the complete list of files which needs to be aligned, here are my list of files, which I aligned and afterwards I could create my SOA Domain under a second Linux User.

Let's assume following scenario:

  • Oracle Software Owner is: oracle
  • Primary Group of User oracle is: oinstall
  • SOA Domain Owner is: soa
  • Primary Group of User soa is: oinstall

Connect as Oracle Software Owner oracle and perform following chmod commands

chmod 660 $ORACLE_HOME/oracle_common/modules/oracle.jps/domain_config/wls/system-jazn-data.xml
chmod 660 $ORACLE_HOME/oracle_common/modules/oracle.jps/domain_config/cwallet.sso
chmod 660 $ORACLE_HOME/oracle_common/modules/oracle.jps/domain_config/audit-store.xml

After the above alignments you can start to create your SOA Domain with $ORACLE_HOME/oracle_common/common/bin/config.sh as Linux User soa.


Monday, November 14, 2016

Controlling Oracle WebLogic Server via RESTFul Management Service

RESTFul Management Services are really powerful in terms of monitoring your Oracle WebLogic Server Domain, but you can also use RESTFul Management Services to control your Oracle WebLogic Server Domain.

RESTFul Management Services are enabling you to startup, suspend, resume and shutdown for example your Managed Servers.

All what you need is cURL, the Admin User and Password of your Oracle WebLogic Server, Hostname of your Oracle WebLogic Domain and the Port of your AdminServer.

# cURL syntax to start up the Managed Server called DemoManagedServer1
#
curl -s --user weblogic:welcome1 \
> -H X-Requested-By:MyClient \
> -H Accept:application/json \
> -X POST http://localhost:7001/management/wls/latest/servers/id/DemoManagedServer1/start
{
    "item": {
        "beginTime": 1479137278206,
        "endTime": 1479137293451,
        "status": "completed",
        "description": "Starting DemoManagedServer1 server ...",
        "serverName": "DemoManagedServer1",
        "operation": "start",
        "name": "_0_start",
        "id": "DemoManagedServer1:_0_start",
        "type": "server"
    },
    "messages": [{
        "message": "Started the server 'DemoManagedServer1'.",
        "severity": "SUCCESS"
    }],
    "links": [{
        "rel": "job",
        "uri": "http:\/\/localhost:7001\/management\/wls\/latest\/jobs\/server\/id\/DemoManagedServer1:_0_start"
    }]

# cURL syntax to suspend the Managed Server called DemoManagedServer1
#
curl -s --user weblogic:welcome1 \
> -H X-Requested-By:MyClient \
> -H Accept:application/json \
> -X POST http://localhost:7001/management/wls/latest/servers/id/DemoManagedServer1/suspend
{
    "item": {
        "beginTime": 1479137373341,
        "endTime": 1479137378061,
        "status": "completed",
        "description": "suspending DemoManagedServer1 server ...",
        "serverName": "DemoManagedServer1",
        "operation": "suspending",
        "name": "_1_suspendWithTimeout",
        "id": "DemoManagedServer1:_1_suspendWithTimeout",
        "type": "server"
    },
    "messages": [{
        "message": "Suspended the server 'DemoManagedServer1'.",
        "severity": "SUCCESS"
    }],
    "links": [{
        "rel": "job",
        "uri": "http:\/\/localhost:7001\/management\/wls\/latest\/jobs\/server\/id\/DemoManagedServer1:_1_suspendWithTimeout"
    }]

# cURL syntax to resume the Managed Server called DemoManagedServer1
#
curl -s --user weblogic:welcome1 \
> -H X-Requested-By:MyClient \
> -H Accept:application/json \
> -X POST http://localhost:7001/management/wls/latest/servers/id/DemoManagedServer1/resume
{
    "item": {
        "beginTime": 1479137414870,
        "endTime": 1479137420100,
        "status": "completed",
        "description": "Resuming DemoManagedServer1 server ...",
        "serverName": "DemoManagedServer1",
        "operation": "resume",
        "name": "_2_resume",
        "id": "DemoManagedServer1:_2_resume",
        "type": "server"
    },
    "messages": [{
        "message": "Resumed the server 'DemoManagedServer1'.",
        "severity": "SUCCESS"
    }],
    "links": [{
        "rel": "job",
        "uri": "http:\/\/localhost:7001\/management\/wls\/latest\/jobs\/server\/id\/DemoManagedServer1:_2_resume"
    }]

# cURL syntax to shutdown the Managed Server called DemoManagedServer1
#
curl -s --user weblogic:welcome1 \
> -H X-Requested-By:MyClient \
> -H Accept:application/json \
> -X POST http://localhost:7001/management/wls/latest/servers/id/DemoManagedServer1/shutdown
{
    "item": {
        "beginTime": 1479137450438,
        "endTime": 1479137457385,
        "status": "completed",
        "description": "Shutting down DemoManagedServer1 server ...",
        "serverName": "DemoManagedServer1",
        "operation": "shutdown",
        "name": "_3_shutdown",
        "id": "DemoManagedServer1:_3_shutdown",
        "type": "server"
    },
    "messages": [{
        "message": "Shutdown the server 'DemoManagedServer1'.",
        "severity": "SUCCESS"
    }],
    "links": [{
        "rel": "job",
        "uri": "http:\/\/localhost:7001\/management\/wls\/latest\/jobs\/server\/id\/DemoManagedServer1:_3_shutdown"
    }]



And with a bit of scripting you can create a UNIX Wrapper Shell script to cover all above described startup, suspend, resume and shutdown operations.

Tuesday, November 8, 2016

Running Oracle HTTP Server 12c with Privileged Port

In some cases you need to configure a privileged port (less than 1024, typically port 80) within your Oracle HTTP Server 12c Instance.

At first create your Oracle HTTP Server Instance with the wlst tool:

cd $ORACLE_HOME/oracle_common/common/bin
./wlst.sh
Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands
#
# Connect to the WebLogic Domain with your weblogic user,
# password and correct host and port
#
wls:/offline>connect('weblogic','welcome01', 'localhost:7001')
Connecting to t3://localhost:7001 with userid weblogic ...
Successfully connected to Admin Server "FRAdminServer" that belongs to domain "fr_domain".

Warning: An insecure protocol was used to connect to the server. 
To ensure on-the-wire security, the SSL port or Admin port should be used instead.

#
# Provide a unique name for the instanceName and
# provide the Machine Name of your WebLogic Server Domain
# The Machine Name be found within the WebLogic Server Console
# under "Environment / Machine"
#
wls:/fr_domain/serverConfig/> ohs_createInstance(instanceName='ohs2', machine='AdminServerMachine')
Location changed to edit custom tree. This is a writable tree with No root.
For more help, use help('editCustom')

Starting an edit session ...
Started edit session, be sure to save and activate your changes once you are done.
Saving all your changes ...
Saved all your changes successfully.
Activating all your changes, this may take a while ... 
The edit lock associated with this edit session is released once the activation is completed.
Activation completed
OHS instance "ohs2" was successfully created.
wls:/fr_domain/serverConfig/> exit()

As next navigate to your $DOMAIN_HOME/config/fmwconfig/components/OHS/instances/<Your_OHS_InstanceName>/ directory and modify the httpd.conf file as follows:

# Search for the Listen Directive and align to port 80
Listen 80

The next step will be to change the permissions of the $ORACLE_HOME/ohs/bin/launch executable, login as root user to your Server and perform following steps

# Do a backup copy of the current launch executable
cd $ORACLE_HOME/ohs/bin
cp -p launch launch.org
# Change ownership to root
chown root launch
# Change permissions to 4750
chmod 4750 launch
ls -la launch
-rwsr-x---. 1 root oinstall 34073 Oct  5  2015 launch

Now we can start the Oracle HTTP Server Instance, connect as oracle user to your server and perform following steps:

cd $DOMAIN_HOME/bin
# Start the above created Oracle HTTP Server Instance
# First time startup use the option "storeUserConfig"
# and provide the Node Manager password
# Afterwards you will not be prompted again,
# when you startup your Oracle HTTP Server Instance
#
./startComponent.sh ohs2 storeUserConfig
Starting system Component ohs2 ...

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Reading domain from /u00/app/oracle/user_projects/domains/fr_domain
. . .
. . .
Successfully Connected to Node Manager.
Starting server ohs2 ...
Successfully started server ohs2 ...
Successfully disconnected from Node Manager.

Exiting WebLogic Scripting Tool.

Done

Now your Oracle HTTP Server Instance is using a privileged port under UNIX.

Important Notice : If you are running multiple Oracle HTTP Server Instances from one ORACLE_HOME, lets say ohs1 Instance is running on a non privileged port 7777 and ohs2 is running on a privileged port 80, both Oracle HTTP Server Instances are running under root !!! As there is only one launch executable which is now under ownership root.

Thursday, November 3, 2016

Modify Fusion Middleware Enterprise Manager Inactivity Timeout

Are you tired of the 45 minutes default inactivity timeout setting of the Oracle Fusion Middleware Enterprise Manager?



You can simply set the inactivity timeout by modifying the emoms.properties file of the Oracle Fusion Middleware Enterprise Manager.

Connect to your server with the oracle installation user and navigate to your $DOMAIN_HOME/config/fmwconfig/servers/<AdminServerName>/applications/em/META-INF directory and open the emoms.properties file.
Check if the parameter oracle.sysman.eml.maxInactiveTime is set, if yes modify the provided values to your desired time in minutes. In case the parameter is not set in your emoms.properties file, simply add it, set your desired Inactivity Timeout value in minutes.

Below an example for an Inactivity Timeout for 3 hours

oracle.sysman.eml.maxInactiveTime=180

After restart your WebLogic AdminServer and that's all.

This method will work for Oracle Fusion Middleware 11g and 12c.

Wednesday, October 19, 2016

Oracle Forms & Reports 12.2.1.2.0 available

Since a few hours the latest Release of the Oracle Forms & Reports 12.2.1.2.0 is available for download in Oracle Technology Network under http://www.oracle.com/technetwork/developer-tools/forms/downloads/index.html



The related documentation can be found under https://docs.oracle.com/middleware/12212/formsandreports/index.html



For all the lovers of Oracle Reports, here is the bad news: It's time to prepare for bye-bye !

The next planned Oracle Reports 12.2.1.3 will be the terminal release for Oracle Reports !

Note can be found here http://tinyurl.com/ReportsDeprecation





Weblogic 12.2.1.2.0 available

Since a few hours the latest Release of the Oracle WebLogic Server 12.2.1.2.0 is available with Oracle Technology Network for download.

The Installation sources can be found under: http://www.oracle.com/technetwork/middleware/weblogic/downloads/index.html



The documentation for the latest Oracle WebLogic Server 12.2.1.2.0 can be found under http://docs.oracle.com/middleware/12212/wls/index.html


Tuesday, October 18, 2016

Did you forgot your Node Manager Username and Password?

Long time ago I've been publishing a blog post "Did you forgot your WebLogic Admin User Password?", now it's time to have a look on the topic, did you forgot your Node Manager Username and Password?

The following steps are working with Oracle WebLogic Server 12.x

Login to the server which is hosting your Oracle WebLogic Server environment and start the wlst utility and connect as weblogic user to your WebLogic Domain:

$ORACLE_HOME/oracle_common/common/bin/wlst.sh
Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

#
# At first we connect with the weblogic user to our WebLogic Domain
#
wls:/offline> connect('weblogic','Welcome01','wls122:7001')
Connecting to t3://wls122:7001 with userid weblogic ...
Successfully connected to Admin Server "DemoAdminServer" that belongs to domain "demo_domain".

Warning: An insecure protocol was used to connect to the server. 
To ensure on-the-wire security, the SSL port or Admin port should be used instead.
#
# Switch to the edit mode
#
wls:/demo_domain/serverConfig/> edit()
Location changed to edit tree.   
This is a writable tree with DomainMBean as the root.   
To make changes you will need to start an edit session via startEdit(). 
For more help, use help('edit').
#
# Perform startEdit
#
wls:/demo_domain/edit/> startEdit()
Starting an edit session ...
Started edit session, be sure to save and activate your changes once you are done.
#
# Change to the SecurityConfiguration Tree of your Domain,
# replace the Domain Name with your Domain Name
#
wls:/demo_domain/edit/ !> cd('SecurityConfiguration/demo_domain')
#
# List all configuration beans, attribute names and values of the current tree
# You can see the Node Manager Username under the attribute name NodeManagerUsername
# The Password of the Node Manager Username is not visible under the attribute NodeManagerPassword
# The attribute ClearTextCredentialAccessEnabled is set to false
#
wls:/demo_domain/edit/SecurityConfiguration/demo_domain !> ls()
dr--   CertRevoc
dr--   DefaultRealm
dr--   JASPIC
dr--   Realms
dr--   SecureMode

-rw-   AdministrativeIdentityDomain                 null
-rw-   AnonymousAdminLookupEnabled                  false
-rw-   ClearTextCredentialAccessEnabled             false
-rw-   CompatibilityConnectionFiltersEnabled        false
-rw-   ConnectionFilter                             null
-rw-   ConnectionFilterRules                        null
-rw-   ConnectionLoggerEnabled                      false
-rw-   ConsoleFullDelegationEnabled                 false
-rw-   Credential                                   ******
-rw-   CredentialEncrypted                          ******
-rw-   CrossDomainSecurityEnabled                   false
-rw-   DowngradeUntrustedPrincipals                 false
-r--   DynamicallyCreated                           false
-rw-   EnforceStrictURLPattern                      true
-rw-   EnforceValidBasicAuthCredentials             true
-rw-   ExcludedDomainNames                          null
-r--   Id                                           0
-rw-   IdentityDomainAwareProvidersRequired         false
-rw-   Name                                         demo_domain
-rw-   NodeManagerPassword                          ******
-rw-   NodeManagerPasswordEncrypted                 ******
-rw-   NodeManagerUsername                          nodemanager
-rw-   NonceTimeoutSeconds                          120
-rw-   Notes                                        null
-rw-   PrincipalEqualsCaseInsensitive               false
-rw-   PrincipalEqualsCompareDnAndGuid              false
-rw-   Tags                                         null
-r--   Type                                         SecurityConfiguration
-rw-   UseKSSForDemo                                false
-rw-   WebAppFilesCaseInsensitive                   false

-r-x   addTag                                       Boolean : String(tag)
-r-x   findDefaultRealm                             WebLogicMBean : 
-r-x   findRealm                                    WebLogicMBean : String(realmDisplayName)
-r-x   findRealms                                   WebLogicMBean[] : 
-r-x   freezeCurrentValue                           Void : String(attributeName)
-r-x   generateCredential                           [B : 
-r-x   getInheritedProperties                       String[] : String[](propertyNames)
-r-x   isInherited                                  Boolean : String(propertyName)
-r-x   isSet                                        Boolean : String(propertyName)
-r-x   removeTag                                    Boolean : String(tag)
-r-x   restoreDefaultValue                          Void : String(attributeName)
-r-x   unSet                                        Void : String(propertyName)

#
# Now lets switch the attribute setClearTextCredentialAccessEnabled to true
# and perform the listing again, I will only show the modified attribute
#
wls:/demo_domain/edit/SecurityConfiguration/demo_domain !> cmo.setClearTextCredentialAccessEnabled(true)
wls:/demo_domain/edit/SecurityConfiguration/demo_domain !> ls()
. . .
. . .
-rw-   ClearTextCredentialAccessEnabled             true
. . .
. . .
#
# Now validate, save and activate the changes
#
wls:/demo_domain/edit/SecurityConfiguration/demo_domain !> validate()
Validating changes ...
Validated the changes successfully
wls:/demo_domain/edit/SecurityConfiguration/demo_domain !> save()
Saving all your changes ...
Saved all your changes successfully.
wls:/demo_domain/edit/SecurityConfiguration/demo_domain !> activate()
Activating all your changes, this may take a while ... 
The edit lock associated with this edit session is released once the activation is completed.
Activation completed
#
# Now we can retrieve the password of the Node Manager User
#
wls:/demo_domain/edit/SecurityConfiguration/demo_domain> get('/SecurityConfiguration/demo_domain/NodeManagerPassword')
'Oracle12c'
wls:/demo_domain/edit/SecurityConfiguration/demo_domain> exit()

In order to test the correctness of the above retrieved values for the Node Manager Username and Password just perform a short connection test.
$ORACLE_HOME/oracle_common/common/bin/wlst.sh
Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands
#
# Perform a nmConnect with the above retrieved data
# for the Node Manager Username and Password
#
wls:/offline> nmConnect(domainName='demo_domain', username='nodemanager', password='Oracle12c')
Connecting to Node Manager ...
Successfully Connected to Node Manager.
wls:/nm/demo_domain> nmDisconnect()
Successfully disconnected from Node Manager.
wls:/offline> exit()

After you have successfully verified the retrieved data, you should switch back the ClearTextCredentialAccessEnabled to false

$ORACLE_HOME/oracle_common/common/bin/wlst.sh
Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

#
# At first we connect with the weblogic user to our WebLogic Domain
#
wls:/offline> connect('weblogic','Welcome01','wls122:7001')
Connecting to t3://wls122:7001 with userid weblogic ...
Successfully connected to Admin Server "DemoAdminServer" that belongs to domain "demo_domain".

Warning: An insecure protocol was used to connect to the server. 
To ensure on-the-wire security, the SSL port or Admin port should be used instead.
#
# Switch to the edit mode
#
wls:/demo_domain/serverConfig/> edit()
Location changed to edit tree.   
This is a writable tree with DomainMBean as the root.   
To make changes you will need to start an edit session via startEdit(). 
For more help, use help('edit').
#
# Perform startEdit
#
wls:/demo_domain/edit/> startEdit()
Starting an edit session ...
Started edit session, be sure to save and activate your changes once you are done.
#
# Change to the SecurityConfiguration Tree of your Domain,
# replace the Domain Name with your Domain Name
#
wls:/demo_domain/edit/ !> cd('SecurityConfiguration/demo_domain')
#
# Switch back the value for ClearTextCredentialAccessEnabled to false
# and validate, save and activate your changes
#
wls:/demo_domain/edit/ !> cmo.setClearTextCredentialAccessEnabled(false)
wls:/demo_domain/edit/SecurityConfiguration/demo_domain !> validate()
Validating changes ...
Validated the changes successfully
wls:/demo_domain/edit/SecurityConfiguration/demo_domain !> save()
Saving all your changes ...
Saved all your changes successfully.
wls:/demo_domain/edit/SecurityConfiguration/demo_domain !> activate()
Activating all your changes, this may take a while ... 
The edit lock associated with this edit session is released once the activation is completed.
Activation completed
wls:/demo_domain/edit/SecurityConfiguration/demo_domain> exit()

With just some simple commands within wlst you can retrieve the Username and Password of your Node Manager User.