Oracle WLS on Amazon EC2

8/11/2019 Oracle WLS on Amazon EC2

1/12

Oracle WebLogic ServerOracle WebLogic Server on Amazon EC2 ReferenceRelease 10 g R3 for Amazon EC2 - AMI Version 1.0Revision 1.0

January 2009


2/12

Oracle WebLogic Server on Amazon EC2 Reference, Release 10 g R3 for Amazon EC2 - AMI Version 1.0

Copyright 2007, 2008, 2009 Oracle and/or its affiliates. All rights reserved.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure

and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, youmay not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by lawfor interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S.Government, the following notice is applicable:

U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S.Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable FederalAcquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification,and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to theextent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, CommercialComputer Software License (December 2007). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065.

This software is developed for general use in a variety of information management applications. It is not developed or intendedfor use in any inherently dangerous applications, including applications which may create a risk of personal injury. If you usethis software in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, andother measures to ensure the safe use of this software. Oracle Corporation and its affiliates disclaim any liability for any damagescaused by use of this software in dangerous applications.

Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respectiveowners.

This software and documentation may provide access to or information on content, products and services from third parties.Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to

third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, ordamages incurred due to your access to or use of third-party content, products, or services.


3/12Oracle WebLogic Server on Amazon EC2 Reference 1

Oracle WebLogic Server on Amazon E

The WebLogic Server Amazon Machine Image (AMI) provides the software necessary to easilydeploy Oracle WebLogic Server applications in the Amazon Elastic Compute Cloud (EC2).

This document describes how to access and use the WebLogic Server AMI on Amazon EC2.Topics include:

Roadmap for Using the WebLogic Server AMI

WebLogic Server AMI Contents

Security Considerations

Guidelines for Using WebLogic Server

Related Information


4/122 Oracle WebLogic Server on Amazon EC2 Reference

Roadmap for Using the WebLogic Server AMIThe following section summarizes the overall process for using the WebLogic Server AMI onAmazon EC2.

Table 1 Roadmap for Using the WebLogic Server AMI

Step Description

1. Familiarize yourself with thecontents of the WebLogicServer AMI.

The WebLogic Server AMI contains an OS, JDK, and WebLogic Server. Fordetails about the WebLogic Server AMI, see WebLogic Server AMIContents on page 5 .

2. Ensure that you havesatisfied all the Amazon EC2

prerequisites.

Before deploying a WebLogic Server EC2 instance using the WebLogicServer AMI, you need to ensure that you have signed up for Amazon EC2and set up your EC2 environment.

Amazon provides two mechanisms for interfacing with the Amazon EC2Web site:

Using command line tools provided by Amazon.

Using Elasticfox, which is an extension to Mozilla Firefox that allowsyou to interact with the Amazon EC2 Web site using a browser-basedinterface.

For details about getting started using Amazon EC2, and obtaining and using

the EC2 interfaces, see the Amazon EC2 Web site athttp://aws.amazon.com/ec2/ .

3. Create SSH keypair. Administrative access to the WebLogic Server AMI EC2 instance requiresuse of the SSH protocol and an SSH keypair. You must create an SSHkeypair before you can launch and log into the instance. For moreinformation, see Security Considerations on page 6 .

4. Define firewall rules fornetwork access.

Before launching the WebLogic Server AMI EC2 instance, you shoulddetermine the ports on which you want to authorize network access to theinstance.

For more information, see Providing Network Access Using EC2 SecurityGroups on page 7 .
http://aws.amazon.com/ec2/http://aws.amazon.com/ec2/



5. Find the AMI ID andmanifest for the WebLogicServer AMI to be used.

Go to the AMIs by Provider - Oracle on the Amazon AWS Web site athttp://developer.amazonwebservices.com/connect/kbcategory.jspa?categor yID=205 to find the AMI ID and manifest for the following WebLogicServer AMIs:

Oracle WebLogic Server 10g Release 3 - 32 Bit

Oracle WebLogic Server 10g Release 3 - 64 Bit

6. Launch the instance of theAMI.

The procedures for launching an EC2 instance are the same for all AMIs. Fordetails, refer to the documentation on the Amazon Web site athttp://aws.amazon.com/documentation/ .You can launch the instance using the command line API or the

browser-based Elasticfox interface.

Note the following when launching the instance using the WebLogic ServerAMI:

You do not need to specify AKI and ARI IDs because default values areembedded in the WebLogic Server AMI metadata. Oracle recommendsthat you do not override these values.

The value of m1.small should be sufficient as the instance type for most32-bit WebLogic Server applications.

If you are using the 64-bit AMI, you should choose an instance type thatsupports 64-bit, for example m1.large.

For details about the CPUs, memory, and storage capacity for eachinstance type, see the Amazon EC2 documentation athttp://aws.amazon.com/documentation/ .

You must specify the SSH keypair to access the WebLogic Server AMIinstance. For more information, see Security Considerations on

page 6 .

You can launch the instance in the default EC2 security group, or in agroup that you created. For more information, see Providing Network

Access Using EC2 Security Groups on page 7 .7. Establish the connection to

the instance using an SSHclient.

After the instance is up and running, you must use an SSH client to establisha connection to the instance by specifying the following information:

The public DNS name

The private key of the SSH keypair that was used to launch the machine


Step Description
http://developer.amazonwebservices.com/connect/kbcategory.jspa?categoryID=205http://developer.amazonwebservices.com/connect/kbcategory.jspa?categoryID=205http://aws.amazon.com/documentation/http://aws.amazon.com/documentation/http://aws.amazon.com/documentation/http://aws.amazon.com/documentation/http://developer.amazonwebservices.com/connect/kbcategory.jspa?categoryID=205http://developer.amazonwebservices.com/connect/kbcategory.jspa?categoryID=205



8. Login as root Once you have established the connection, you must login as root. If the private-key based authentication was successful, you are not prompted for a password. If you want to allow a password-based login on subsequent logins,you can modify the configuration. For more information, see SecurityConsiderations on page 6 .

9. Accept the licenseagreement.

On your initial login, you are presented with an Oracle license agreement.You must accept the terms of the license to use the WebLogic Server AMI.On subsequent logins as root, you are not prompted to accept the agreement.

10. Use WebLogic Server onEC2.

Once you have accepted the license agreement, your WebLogic Serverruntime environment is essentially the same as a standard, headless Linuxenvironment.

You will be prompted by the JumpStart Tool to choose one of the followingoptions:

Start an Administration Server in the WebLogic Server default domain.

Create a new WebLogic Server domain using the WebLogic DomainConfiguration Wizard.

Use other WebLogic Server tools, such as the pack command, to deployyour domain and applications.

For more information, see Guidelines for Using WebLogic Server on page 7 .

11. Preserve your instance forsubsequent use.

It is important to note that anything you do to populate a server on aninstance is lost if the instance is shut down or fails. Therefore, after you

populate the server on your instance, you may want to preserve it so that youcan reuse the same configuration on a subsequent startup of an instance.

To preserve your data and patches, you can do either of the following:

Create a snapshot of the image that is currently booted and bundle thesnapshot into a new AMI using Amazon-provided tools.

Attach the running EC2 instance to personal storage in the AmazonElastic Block Store (EBS). You can choose to create the domain directlyon your attached EBS volume or you can configure the domain in theEC2 instance-scoped storage, and then back it up to your volume.

For instructions on how to bundle an AMI and use the EBS, refer to thedocumentation on the Amazon Web site athttp://aws.amazon.com/documentation/ .


Step Description
http://aws.amazon.com/documentation/http://aws.amazon.com/documentation/



WebLogic Server AMI ContentsTable 2 lists the software components and the associated version numbers that are contained inthe WebLogic Server AMI.

Table 2 WebLogic Server AMI Contents

Component Description Version Number

OEL JeOSOperating System

OEL JeOS is a headless version of the OracleEnterprise Linux 5.2 Operating System.

Oracle Enterprise Linux 5.2JeOS-1.0.1-6

JRockit JDK JRockit provides the Java run-time environmentfor the WebLogic Server instances. The JRockitcomponents/features provided in the followingdirectories are not included in the AMI: /demo /missioncontrol /sample src.zip /bin/console

/bin/jrmc

JRockit JDK 6.0 R27.6 (Javaversion 1.6.0_05)

WebLogic Server The WebLogic Server components included in acomplete WebLogic Server installation, with theexception of the following, are included in theAMI:

Server Examples

WebLogic Web Server Plug-ins

Both Workshop components

WebLogic Server 10.3.0.0

Directory StructureThe directory structure in the AMI is similar to a typical Linux file system.Under the standardLinux root file system, you will also find the following directories:

/opt/oracle Contains both the JRockit JDKand WebLogic Server product components.This directory should be reserved for the JRockit and WebLogic Server productcomponents; you should not create or transfer domains into this directory.



/mnt Default storage provided for each AMI instance in EC2. Although this directory

provides a significant amount of storage available for use by the instance, all of thecontents are destroyed when the instance is shut down or fails.

Note: You can also mount Amazon EBS volumes to your instance.

Security ConsiderationsBy default, the WebLogic Server AMI is configured to allow root login using SSH public/privatekey authentication only. Therefore, when launching an EC2 instance from the WebLogic ServerAMI, you must specify a previously created SSH keypair to enable SSH login by the root user.For information about creating the SSH keypair and logging into the instance, see the Amazon

EC2 documentation at http://aws.amazon.com/documentation/ .When the instance launches, the oracle-ec2-config script retrieves the SSH public key for theroot user from the EC2 metadata and installs it in the ssh/authorized_keys file for the rootlogin. The root user must use an SSH client and specify the corresponding private key to logininto the instance without using a password.

For subsequent logins, you can modify the SSH configuration to allow root access using a password. To do so:

1. Change the PermitRootLogin parameter in the /etc/ssh/sshd_config file from:

PermitRootLogin without-password

to:

PermitRootLogin yes

2. Restart the sshd service.

SSH AccessOn subsequent connections using the SSH client, you may choose to use password-based logininstead of using private-key based authentication.

Changing the Root PasswordThe root password is randomized on first startup of the EC2 instance. If you have modified theSSH configuration to allow login using a password, you can change the root password usingstandard OS mechanisms.

Note: By default, root is the only user available in the AMI. If you want to run WebLogicServer as a non-root user, you must first create the user.
http://aws.amazon.com/documentation/http://aws.amazon.com/documentation/



Providing Network Access Using EC2 Security GroupsThe default EC2 security group is configured to open the standard SSH and HTTP ports, 22 and80, respectively. You can modify the default port settings in this group to further restrict externalaccess to the instance, or to open additional ports. Alternatively, you can create a separate EC2security group that opens only the ports to which you want to provide access, and then use thatsecurity group to launch your instance.

For example, you may want to create a WebLogic EC2 security group that opens the default SSH port (22), the default HTTP/S ports (80,443), and the default ports used to access the WebLogicServer Administration Console (7001,7002). If you do so, you can choose to launch the instancein the new group.

For details on controlling port access, refer to EC2 documentation on the Amazon AWS Web siteat http://aws.amazon.com/documentation .

WebLogic Server SecurityTo ensure the most secure environment for running WebLogic Server on EC2, you should takethe same basic security measures required for a non-EC2 implementation of WebLogic Server.For information about securing WebLogic Server, please refer to the WebLogic Serverdocumentation at http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.html.

Guidelines for Using WebLogic ServerOnce you have logged into the AMI instance, you can use WebLogic Server just as if you wereworking in a standard, headless Linux production environment.

Note: The JeOS operating system is headless and does not provide a GUI. Therefore, if youattempt to execute a program that requires a local GUI, such as QuickStart, you will geta headless exception.

A JumpStart tool presents the options to start an Administration Server in a default domain,launch the Domain Configuration Wizard, or use other WebLogic Server tools to deploy yourdomain and applications.

For details about using WebLogic Server, please refer to the WebLogic Server documentation athttp://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.html.
http://aws.amazon.com/documentation/http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.htmlhttp://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.htmlhttp://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.htmlhttp://aws.amazon.com/documentation/http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.html



Starting the Administration Server in the Default DomainThe JumpStart Tool provides an option to start the Administration Server that is packaged in adefault domain in the /mnt/domains/default_domain directory. When you choose the firstJumpStart option, the Administration Server is started in the background on port 7001. Once theAdministration Server is started, you can tail (i.e., view) the standard output, which is redirectedto the default_domain directory: /mnt/domains/default_domain/AdminServer.out .

The Administration Server is fully up and running when the Server started in RUNNING statemessage appears in the standard out. At that point, you can connect to the running server usingthe Administration Console at the URL provided by the JumpStart tool, which ishttp:// machine-host :7001/console . The machine-host name depends on the virtualmachine that is created. For example, a similar Amazon Cloud URL could look like this:

http://ec2-75-101-234-183.compute-1.amazonaws.com:7001/console

You can log into the Administration Console using the default WebLogic Server administratoruser name and password of weblogic /weblogic . Oracle recommends that you change theWebLogic Server administrator password as soon as possible.

To view the configuration details of the default domain, you can refer to the WebLogic Serverconfiguration file ( config.xml ) in the /mnt/domains/default_domain/config directory.You can also restart the JumpStart Tool at any time by typing wls_jumpstart from thecommand-line.

Creating a New WebLogic DomainOne of the main differences between running WebLogic Server on JeOS and a standard Linux isthat the JeOS operating system is headless and does not provide a GUI. Therefore, if you chooseto create a new WebLogic domain, you need to run the Domain Configuration Wizard in consolemode. You can do so by selecting the second JumpStart option, or by using the followingcommand:

/opt/oracle/weblogic/common/bin/config.sh -mode=console

For information about creating domains using the Domain Configuration Wizard, see CreatingWebLogic Domains Using the Configuration Wizard athttp://download.oracle.com/docs/cd/E12840_01/common/docs103/confgwiz/index.html.

Note: If you have attached an EBS volume to your EC2 instance, you may want to create thedomain on that volume. Alternatively, you can create it in /mnt . If you do so, you maywant to back it up to your EBS volume before you shut down the instance to avoid losingall of the data.
http://download.oracle.com/docs/cd/E12840_01/common/docs103/confgwiz/index.htmlhttp://download.oracle.com/docs/cd/E12840_01/common/docs103/confgwiz/index.html



Transferring an Existing DomainIf you choose to transfer an existing domain from another machine to the EC2 instance, you cando so using the same methods that you use in a non-EC2 environment. For example, one methodto transfer the domain is to use the pack command to create a template jar file that contains asnapshot of your domain, copy the jar file to the EC2 instance using an SSH-compatible filetransfer client such as scp or sftp , and unpack it on the EC2 instance using the unpack command.

Accessing the WebLogic Server Administration ConsoleTo access your running instance using the WebLogic Server Administration Console, you must

enable access to the port on which the Administration Server is listening for requests (7001 bydefault). For more information, see Providing Network Access Using EC2 Security Groups on

page 7 .

Using WebLogic Server Clustering on EC2Multicast is not supported in the EC2 environment. For information about using other supportedWebLogic Server clustering methods, see Using Clusters in the WebLogic Serverdocumentation athttp://download.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/features.html.

Service MigrationMounting of an Elastic Block Store (EBS) block level storage volume to multiple AMI instancesis not currently supported in the EC2 environment. As a result, service migration of JMS-relatedservices is only supported when the configured persistent store is a JDBC store and is notsupported with file stores. Likewise, migration of JTA Transaction Recovery Services is notsupported due to the requirement for shared, persistent file stores. For more information, seeService Migration in the WebLogic Server documentation athttp://download-llnw.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/service_migration.html .

Related InformationOracle Cloud Computing Center athttp://wlww.oracle.com/technology/tech/cloud/index.html

Amazon Elastic Compute Cloud (Amazon EC2) at http://aws.amazon.com/ec2/.
http://download.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/features.htmlhttp://download-llnw.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/service_migration.htmlhttp://download-llnw.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/service_migration.htmlhttp://www.oracle.com/technology/tech/cloud/index.htmlhttp://aws.amazon.com/ec2/http://www.oracle.com/technology/tech/cloud/index.htmlhttp://aws.amazon.com/ec2/http://download.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/features.htmlhttp://download-llnw.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/service_migration.htmlhttp://download-llnw.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/service_migration.html


12/12

WebLogic Server Documentation at

http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.html.Oracle JRockit Documentation athttp://download.oracle.com/docs/cd/E13150_01/jrockit_jvm/jrockit/webdocs/index.html
http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.htmlhttp://download.oracle.com/docs/cd/E13150_01/jrockit_jvm/jrockit/webdocs/index.htmlhttp://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.htmlhttp://download.oracle.com/docs/cd/E13150_01/jrockit_jvm/jrockit/webdocs/index.html

Documents

Oracle WLS on Amazon EC2