Oracle

WebLogic Server
Oracle WebLogic Server on Amazon EC2 Reference
Release 10gR3 for Amazon EC2 - AMI Version 1.0
Revision 1.0
January 2009
Oracle WebLogic Server on Amazon EC2 Reference, Release 10gR3 for Amazon EC2 - AMI Version 1.0
Copyright 2007, 2008, 2009 Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure
and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you
may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any
part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law
for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors,
please report them to us in writing.
If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S.
Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S.
Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal
Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification,
and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the
extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial
Computer Software License (December 2007). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
This software is developed for general use in a variety of information management applications. It is not developed or intended
for use in any inherently dangerous applications, including applications which may create a risk of personal injury. If you use
this software in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and
other measures to ensure the safe use of this software. Oracle Corporation and its affiliates disclaim any liability for any damages
caused by use of this software in dangerous applications.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective
owners.
This software and documentation may provide access to or information on content, products and services from third parties.
Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to
third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or
damages incurred due to your access to or use of third-party content, products, or services.
Oracle WebLogic Server on Amazon EC2 Reference 1
Oracle WebLogic Server on Amazon EC2
The WebLogic Server Amazon Machine Image (AMI) provides the software necessary to easily
deploy Oracle WebLogic Server applications in the Amazon Elastic Compute Cloud (EC2).
This document describes how to access and use the WebLogic Server AMI on Amazon EC2.
Topics include:
Roadmap for Using the WebLogic Server AMI
WebLogic Server AMI Contents
Security Considerations
Guidelines for Using WebLogic Server
Related Information
2 Oracle WebLogic Server on Amazon EC2 Reference
Roadmap for Using the WebLogic Server AMI
The following section summarizes the overall process for using the WebLogic Server AMI on
Amazon EC2.
Table 1 Roadmap for Using the WebLogic Server AMI
Step Description
1. Familiarize yourself with the
contents of the WebLogic
Server AMI.
The WebLogic Server AMI contains an OS, JDK, and WebLogic Server. For
details about the WebLogic Server AMI, see WebLogic Server AMI
Contents on page 5.
2. Ensure that you have
satisfied all the Amazon EC2
prerequisites.
Before deploying a WebLogic Server EC2 instance using the WebLogic
Server AMI, you need to ensure that you have signed up for Amazon EC2
and set up your EC2 environment.
Amazon provides two mechanisms for interfacing with the Amazon EC2
Web site:
Using command line tools provided by Amazon.
Using Elasticfox, which is an extension to Mozilla Firefox that allows
you to interact with the Amazon EC2 Web site using a browser-based
interface.
For details about getting started using Amazon EC2, and obtaining and using
the EC2 interfaces, see the Amazon EC2 Web site at
http://aws.amazon.com/ec2/.
3. Create SSH keypair. Administrative access to the WebLogic Server AMI EC2 instance requires
use of the SSH protocol and an SSH keypair. You must create an SSH
keypair before you can launch and log into the instance. For more
information, see Security Considerations on page 6.
4. Define firewall rules for
network access.
Before launching the WebLogic Server AMI EC2 instance, you should
determine the ports on which you want to authorize network access to the
instance.
For more information, see Providing Network Access Using EC2 Security
Groups on page 7.
Oracle WebLogic Server on Amazon EC2 Reference 3
5. Find the AMI ID and
manifest for the WebLogic
Server AMI to be used.
Go to the AMIs by Provider - Oracle on the Amazon AWS Web site at
http://developer.amazonwebservices.com/connect/kbcategory.jspa?categor
yID=205 to find the AMI ID and manifest for the following WebLogic
Server AMIs:
Oracle WebLogic Server 10g Release 3 - 32 Bit
Oracle WebLogic Server 10g Release 3 - 64 Bit
6. Launch the instance of the
AMI.
The procedures for launching an EC2 instance are the same for all AMIs. For
details, refer to the documentation on the Amazon Web site at
http://aws.amazon.com/documentation/.
You can launch the instance using the command line API or the
browser-based Elasticfox interface.
Note the following when launching the instance using the WebLogic Server
AMI:
You do not need to specify AKI and ARI IDs because default values are
embedded in the WebLogic Server AMI metadata. Oracle recommends
that you do not override these values.
The value of m1.small should be sufficient as the instance type for most
32-bit WebLogic Server applications.
If you are using the 64-bit AMI, you should choose an instance type that
supports 64-bit, for example m1.large.
For details about the CPUs, memory, and storage capacity for each
instance type, see the Amazon EC2 documentation at
http://aws.amazon.com/documentation/.
You must specify the SSH keypair to access the WebLogic Server AMI
instance. For more information, see Security Considerations on
page 6.
You can launch the instance in the default EC2 security group, or in a
group that you created. For more information, see Providing Network
Access Using EC2 Security Groups on page 7.
7. Establish the connection to
the instance using an SSH
client.
After the instance is up and running, you must use an SSH client to establish
a connection to the instance by specifying the following information:
The public DNS name
The private key of the SSH keypair that was used to launch the machine
Table 1 Roadmap for Using the WebLogic Server AMI
Step Description
4 Oracle WebLogic Server on Amazon EC2 Reference
8. Login as root Once you have established the connection, you must login as root. If the
private-key based authentication was successful, you are not prompted for a
password. If you want to allow a password-based login on subsequent logins,
you can modify the configuration. For more information, see Security
Considerations on page 6.
9. Accept the license
agreement.
On your initial login, you are presented with an Oracle license agreement.
You must accept the terms of the license to use the WebLogic Server AMI.
On subsequent logins as root, you are not prompted to accept the agreement.
10. Use WebLogic Server on
EC2.
Once you have accepted the license agreement, your WebLogic Server
runtime environment is essentially the same as a standard, headless Linux
environment.
You will be prompted by the JumpStart Tool to choose one of the following
options:
Start an Administration Server in the WebLogic Server default domain.
Create a new WebLogic Server domain using the WebLogic Domain
Configuration Wizard.
Use other WebLogic Server tools, such as the pack command, to deploy
your domain and applications.
For more information, see Guidelines for Using WebLogic Server on
page 7.
11. Preserve your instance for
subsequent use.
It is important to note that anything you do to populate a server on an
instance is lost if the instance is shut down or fails. Therefore, after you
populate the server on your instance, you may want to preserve it so that you
can reuse the same configuration on a subsequent startup of an instance.
To preserve your data and patches, you can do either of the following:
Create a snapshot of the image that is currently booted and bundle the
snapshot into a new AMI using Amazon-provided tools.
Attach the running EC2 instance to personal storage in the Amazon
Elastic Block Store (EBS). You can choose to create the domain directly
on your attached EBS volume or you can configure the domain in the
EC2 instance-scoped storage, and then back it up to your volume.
For instructions on how to bundle an AMI and use the EBS, refer to the
documentation on the Amazon Web site at
http://aws.amazon.com/documentation/.
Table 1 Roadmap for Using the WebLogic Server AMI
Step Description
Oracle WebLogic Server on Amazon EC2 Reference 5
WebLogic Server AMI Contents
Table 2 lists the software components and the associated version numbers that are contained in
the WebLogic Server AMI.
Table 2 WebLogic Server AMI Contents
Component Description Version Number
OEL JeOS
Operating System
OEL JeOS is a headless version of the Oracle
Enterprise Linux 5.2 Operating System.
Oracle Enterprise Linux 5.2
JeOS-1.0.1-6
JRockit JDK JRockit provides the Java run-time environment
for the WebLogic Server instances. The JRockit
components/features provided in the following
directories are not included in the AMI:
/demo
/missioncontrol
/sample
src.zip
/bin/console
/bin/jrmc
JRockit JDK 6.0 R27.6 (Java
version 1.6.0_05)
WebLogic Server The WebLogic Server components included in a
complete WebLogic Server installation, with the
exception of the following, are included in the
AMI:
Server Examples
WebLogic Web Server Plug-ins
Both Workshop components
WebLogic Server 10.3.0.0
Directory Structure
The directory structure in the AMI is similar to a typical Linux file system.Under the standard
Linux root file system, you will also find the following directories:
/opt/oracleContains both the JRockit JDKand WebLogic Server product components.
This directory should be reserved for the JRockit and WebLogic Server product
components; you should not create or transfer domains into this directory.
6 Oracle WebLogic Server on Amazon EC2 Reference
/mntDefault storage provided for each AMI instance in EC2. Although this directory
provides a significant amount of storage available for use by the instance, all of the
contents are destroyed when the instance is shut down or fails.
Note: You can also mount Amazon EBS volumes to your instance.
Security Considerations
By default, the WebLogic Server AMI is configured to allow root login using SSH public/private
key authentication only. Therefore, when launching an EC2 instance from the WebLogic Server
AMI, you must specify a previously created SSH keypair to enable SSH login by the root user.
For information about creating the SSH keypair and logging into the instance, see the Amazon
EC2 documentation at http://aws.amazon.com/documentation/.
When the instance launches, the oracle-ec2-config script retrieves the SSH public key for the
root user from the EC2 metadata and installs it in the ssh/authorized_keys file for the root
login. The root user must use an SSH client and specify the corresponding private key to login
into the instance without using a password.
For subsequent logins, you can modify the SSH configuration to allow root access using a
password. To do so:
1. Change the PermitRootLogin parameter in the /etc/ssh/sshd_config file from:
PermitRootLogin without-password
to:
PermitRootLogin yes
2. Restart the sshd service.
SSH Access
On subsequent connections using the SSH client, you may choose to use password-based login
instead of using private-key based authentication.
Changing the Root Password
The root password is randomized on first startup of the EC2 instance. If you have modified the
SSH configuration to allow login using a password, you can change the root password using
standard OS mechanisms.
Note: By default, root is the only user available in the AMI. If you want to run WebLogic
Server as a non-root user, you must first create the user.
Oracle WebLogic Server on Amazon EC2 Reference 7
Providing Network Access Using EC2 Security Groups
The default EC2 security group is configured to open the standard SSH and HTTP ports, 22 and
80, respectively. You can modify the default port settings in this group to further restrict external
access to the instance, or to open additional ports. Alternatively, you can create a separate EC2
security group that opens only the ports to which you want to provide access, and then use that
security group to launch your instance.
For example, you may want to create a WebLogic EC2 security group that opens the default SSH
port (22), the default HTTP/S ports (80,443), and the default ports used to access the WebLogic
Server Administration Console (7001,7002). If you do so, you can choose to launch the instance
in the new group.
For details on controlling port access, refer to EC2 documentation on the Amazon AWS Web site
at http://aws.amazon.com/documentation.
WebLogic Server Security
To ensure the most secure environment for running WebLogic Server on EC2, you should take
the same basic security measures required for a non-EC2 implementation of WebLogic Server.
For information about securing WebLogic Server, please refer to the WebLogic Server
documentation at http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.html.
Guidelines for Using WebLogic Server
Once you have logged into the AMI instance, you can use WebLogic Server just as if you were
working in a standard, headless Linux production environment.
Note: The JeOS operating system is headless and does not provide a GUI. Therefore, if you
attempt to execute a program that requires a local GUI, such as QuickStart, you will get
a headless exception.
A JumpStart tool presents the options to start an Administration Server in a default domain,
launch the Domain Configuration Wizard, or use other WebLogic Server tools to deploy your
domain and applications.
For details about using WebLogic Server, please refer to the WebLogic Server documentation at
http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.html.
8 Oracle WebLogic Server on Amazon EC2 Reference
Starting the Administration Server in the Default Domain
The JumpStart Tool provides an option to start the Administration Server that is packaged in a
default domain in the /mnt/domains/default_domain directory. When you choose the first
JumpStart option, the Administration Server is started in the background on port 7001. Once the
Administration Server is started, you can tail (i.e., view) the standard output, which is redirected
to the default_domain directory: /mnt/domains/default_domain/AdminServer.out.
The Administration Server is fully up and running when the Server started in RUNNING state
message appears in the standard out. At that point, you can connect to the running server using
the Administration Console at the URL provided by the JumpStart tool, which is
http://machine-host:7001/console. The machine-host name depends on the virtual
machine that is created. For example, a similar Amazon Cloud URL could look like this:
http://ec2-75-101-234-183.compute-1.amazonaws.com:7001/console
You can log into the Administration Console using the default WebLogic Server administrator
user name and password of weblogic/weblogic. Oracle recommends that you change the
WebLogic Server administrator password as soon as possible.
To view the configuration details of the default domain, you can refer to the WebLogic Server
configuration file (config.xml) in the /mnt/domains/default_domain/config directory.
You can also restart the JumpStart Tool at any time by typing wls_jumpstart from the
command-line.
Creating a New WebLogic Domain
One of the main differences between running WebLogic Server on JeOS and a standard Linux is
that the JeOS operating system is headless and does not provide a GUI. Therefore, if you choose
to create a new WebLogic domain, you need to run the Domain Configuration Wizard in console
mode. You can do so by selecting the second JumpStart option, or by using the following
command:
/opt/oracle/weblogic/common/bin/config.sh -mode=console
For information about creating domains using the Domain Configuration Wizard, see Creating
WebLogic Domains Using the Configuration Wizard at
http://download.oracle.com/docs/cd/E12840_01/common/docs103/confgwiz/index.html.
Note: If you have attached an EBS volume to your EC2 instance, you may want to create the
domain on that volume. Alternatively, you can create it in /mnt. If you do so, you may
want to back it up to your EBS volume before you shut down the instance to avoid losing
all of the data.
Oracle WebLogic Server on Amazon EC2 Reference 9
Transferring an Existing Domain
If you choose to transfer an existing domain from another machine to the EC2 instance, you can
do so using the same methods that you use in a non-EC2 environment. For example, one method
to transfer the domain is to use the pack command to create a template jar file that contains a
snapshot of your domain, copy the jar file to the EC2 instance using an SSH-compatible file
transfer client such as scp or sftp, and unpack it on the EC2 instance using the unpack
command.
Accessing the WebLogic Server Administration Console
To access your running instance using the WebLogic Server Administration Console, you must
enable access to the port on which the Administration Server is listening for requests (7001 by
default). For more information, see Providing Network Access Using EC2 Security Groups on
page 7.
Using WebLogic Server Clustering on EC2
Multicast is not supported in the EC2 environment. For information about using other supported
WebLogic Server clustering methods, see Using Clusters in the WebLogic Server
documentation at
http://download.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/features.html.
Service Migration
Mounting of an Elastic Block Store (EBS) block level storage volume to multiple AMI instances
is not currently supported in the EC2 environment. As a result, service migration of JMS-related
services is only supported when the configured persistent store is a JDBC store and is not
supported with file stores. Likewise, migration of JTA Transaction Recovery Services is not
supported due to the requirement for shared, persistent file stores. For more information, see
Service Migration in the WebLogic Server documentation at
http://download-llnw.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/service_migration.ht
ml.
Related Information
Oracle Cloud Computing Center at
http://wlww.oracle.com/technology/tech/cloud/index.html
Amazon Elastic Compute Cloud (Amazon EC2) at http://aws.amazon.com/ec2/.
10 Oracle WebLogic Server on Amazon EC2 Reference
WebLogic Server Documentation at
http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.html.
Oracle JRockit Documentation at
http://download.oracle.com/docs/cd/E13150_01/jrockit_jvm/jrockit/webdocs/index.html