Upload
matt-wright
View
1.747
Download
1
Tags:
Embed Size (px)
DESCRIPTION
The “Enterprise Deployment Guide for Oracle SOA Suite” is a comprehensive guideline document describing how to build an enterprise-strength SOA infrastructure. This session looks at common mistakes administrators make in implementing this guide, suggests ways to avoid them, and examines the rationale behind its guidelines. The presentation identifies how to build an enterprise-strength SOA infrastructure successfully and explains how virtualization can help accelerate this process. Finally, it discusses how to use Rubicon Red MyST to automate a complete install and configuration of an “Enterprise Deployment Guide for Oracle SOA Suite”–compliant SOA, reducing the chances for mistakes. The presentation draws on the presenters’ extensive experience in implementing this guide at multiple customers.
Citation preview
Best Practices for Building
an Enterprise SOA
Infrastructure
Antony Reynolds
Craig Barr
Matt Wright
Ramkumar Menon
2 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
What We Will Do
Enterprise Deployment Guide
– Explain the why
– Identify best practice
Demonstrate simplified enterprise deployment
3 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Who We Are
Antony Reynolds Master Principal Sales Consultant Oracle Author SOA Suite 11g Developers Cookbook & SOA Suite 11g Developers Guide
Matthew Wright Director & Founder Rubicon Red Author SOA Suite 11g Developers Cookbook & SOA Suite 11g Developers Guide
Ramkumar Menon Principal Product Manager Oracle
Craig Barr Platform Architect Rubicon Red
4 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Rubicon Red
• Experience
– Interacted with over 100 Oracle BPM / SOA Suite customers in 6 years
– Assisted in the rescue of failing projects.
– Oracle Partner Network - SOA Specialization
• Knowledge
– Involved in first beta of Oracle SOA Suite 11g in 2007.
– Co-authored ‘Oracle SOA Suite 11gR1 Developer’s Guide’
– Over 30 FMW specialist consultants – one of the largest SOA Specialized
partners in ANZ
• Connected
– Close relationships with local and Oracle HQ based resources
– Lend credibility to issue escalation
– Interact with key members of product support and development team
5 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
DEMO KICKOFF
6 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Program Agenda
• Enterprise Deployment Requirements
• EDG Solution
• Virtualization Alternative
• Automation Approach
7 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
ENTERPRISE DEPLOYMENT REQUIREMENTS
8 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Enterprise Requirements - Availability
• In event of server failure
– No loss of service
– Recovery of persistent messages
– Recovery of in-flight transactions
• Achieved by
– Active-active configuration
– Warm standby
– Cold standby
HLB HLB
OHS/OTD OHS/OTD
Admin SOA SOA
RAC/DB RAC/DB
Load
Balancing
Tier
Web
Tier
App
Tier
DB
Tier
Redundancy
Redundancy
Redundancy
Redundancy
9 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Enterprise Requirements - Scalability
• Ability to increase capacity of system
– Only scale components needing it
• Achieved by
– Scale out – more servers
– Scale up – bigger servers
HLB HLB
OHS/OTD OHS/OTD
Admin SOA SOA
RAC/DB RAC/DB
Load
Balancing
Tier
Web
Tier
App
Tier
DB
Tier
OHS/OTD
SOA
RAC/DB
Scalability
Scalability
Scalability
10 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Enterprise Requirements - Security
• Secure servers
– Prevent direct access to
• App tier
• DB tier
– Limit services exposed
– Isolate tiers
– Only adjacent tiers communicate
• Secure services
– Authorized users only
• Achieved by
– Network port restrictions
– Access management HLB HLB
OHS/OTD OHS/OTD
Admin SOA SOA
RAC/DB RAC/DB
Load
Balancing
Tier
Web
Tier
App
Tier
DB
Tier
Firewall
Firewall
Firewall
OHS/OTD
OAM
OID Security DB
Isolated
Access
Management
11 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
The Enterprise Deployment Guide
• Oracle Best Practice Document
• Strong on What
• Weak on Why
• Lacking Options
346 Detailed Pages
12 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Networking
HLB HLB
OHS/OTD OHS/OTD
Admin SOA SOA
RAC/DB RAC/DB
Load
Balancing
Tier
Web
Tier
App
Tier
DB
Tier
IP Addresses
13 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Virtual Server Names
• What
– Function specific names
• Why
– Separate admin from soa traffic
– Separate internal from external traffic
• Alternatives
– Separate DNS for internal/external
– OSB for all external access
3.2 Network soa.mycompany.com
osb.mycompany.com
admin.mycompany.com
soainternal.mycompany.com
14 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Load Balancer
• What – Expose virtual hosts
– SSL termination
• Why – IP load balancing
– SSL acceleration
– Port mapping
• Alternatives – OTD/SLB
3.3 Network
15 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Virtual IPs
• What
– Managed servers floating IP
• Why
– Whole server migration
– Admin server failover
• Alternatives
– Virtualization
3.4 Network
SOAHost1
WLS_WSM1Admin
Server
WLS_SOA1
WLS
Console
EM
Console
WSM-PM SOA
B2B
SOAHost2
WLS_WSM2Admin
Server
WLS_SOA2
WLS
Console
EM
Console
WSM-PM SOA
B2B
VIP 1 IP 1 VIP 2 IP 2 VIP 3
16 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Firewalls
• What
– Restrict access between layers
• Why
– Isolate tiers
• Alternatives
– May not be needed
– Separate management network
– Dedicated replication network
3.6 Network
17 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
File System
HLB HLB
OHS/OTD OHS/OTD
Admin SOA SOA
RAC/DB RAC/DB
Load
Balancing
Tier
Web
Tier
App
Tier
DB
Tier
File System
18 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Oracle Homes
• What
– At least 2 homes
• Why
– Separate binary from config
– Resilient to corruption
– Simplify patching
• Alternatives
– 1 local binary per server
4.3.1 File Systems SOAHost1
WLS_WSM1Admin
Server
WLS_SOA1
WLS
Console
EM
Console
WSM-PM SOA
B2B
SOAHost2
WLS_WSM2Admin
Server
WLS_SOA2
WLS
Console
EM
Console
WSM-PM SOA
B2B
FMW_HOME1
FMW_HOME2
19 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Domain Directories
• What – Separate admin &
managed domain dirs
– Separate managed domain dirs per server
• Why – Reduce risk of corruption
• Alternatives – Managed domain dirs on local
storage
4.3.2 File Systems SOAHost1
WLS_WSM1Admin
Server
WLS_SOA1
WLS
Console
EM
Console
WSM-PM SOA
B2B
SOAHost2
WLS_WSM2Admin
Server
WLS_SOA2
WLS
Console
EM
Console
WSM-PM SOA
B2B
MServer1
MServer2
AServer AServer MServerMServer
AServer
20 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
JMS File Stores & Transaction Logs
• What – Shared folder for
ALL servers
• Why – Support recovery of JMS msgs
– Support recovery of XA xacts
• Alternatives – Use database for JMS queues
– Use database for TLogs
4.3.3 File Systems SOAHost1
WLS_WSM1Admin
Server
WLS_SOA1
WLS
Console
EM
Console
WSM-PM SOA
B2B
SOAHost2
WLS_WSM2Admin
Server
WLS_SOA2
WLS
Console
EM
Console
WSM-PM SOA
B2B
TX Logs
JMS Persistent Stores
21 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Database
HLB HLB
OHS/OTD OHS/OTD
Admin SOA SOA
RAC/DB RAC/DB
Load
Balancing
Tier
Web
Tier
App
Tier
DB
Tier
22 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
DB Requirements
• What
– RAC
– GridLink
– UTF-8
• Why
– High availability & Scalability
– FCF, RCLB & affinity
– International character sets
• Alternatives
– Single instance with cold failover
5.2 Database SOAHost1
WLS_WSM1Admin
Server
WLS_SOA1
WLS
Console
EM
Console
WSM-PM SOA
B2B
SOAHost2
WLS_WSM2Admin
Server
WLS_SOA2
WLS
Console
EM
Console
WSM-PM SOA
B2B
SOA
Database
DBHost1 DBHost1
db-scan.mycompany.com
23 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
DB Service & Transactions
• What
– Optimized SOA service
– Transaction privileges
• Why
– Load distribution & targeting
– Enables XA recovery
5.3,5.5 Database
24 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
OHS
HLB HLB
OHS/OTD OHS/OTD
Admin SOA SOA
RAC/DB RAC/DB
Load
Balancing
Tier
Web
Tier
App
Tier
DB
Tier
25 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
OHS
• What – Virtual Hosts
– WL_Plugin
• Why – Separate traffic
– Load balancing
• Alternatives – OTD
– Non-Oracle web server – Same host as SOA – No OHS
7. Web Tier SOAHost1
WLS_WSM1Admin
Server
WLS_SOA1
WLS
Console
EM
Console
WSM-PM SOA
B2B
SOAHost2
WLS_WSM2Admin
Server
WLS_SOA2
WLS
Console
EM
Console
WSM-PM SOA
B2B
WebHost1
OHS1OPMN
WebHost2
OHS2OPMN
WL_PlugIn WL_PlugIn
26 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Clustering
HLB HLB
OHS/OTD OHS/OTD
Admin SOA SOA
RAC/DB RAC/DB
Load
Balancing
Tier
Web
Tier
App
Tier
DB
Tier
27 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Managed Servers & Clusters
• What – Distributed JMS destinations
– Cluster address
– FrontEnd host
• Why – Scalability & Resiliency
– Internal service lookup
– Correct redirection
• Alternatives – DB store
9. SOA, 10. BPM, 11. OSB, 12. BAM Server1
jms/Queue_1
Server1
jms/Queue_2
Physical
Queues
Cluster1
jms/Queue
Logical
Queue
28 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Server Migration
• What – Configure node manager
• Why – JMS messages recovery
– XA transaction recovery
– Singleton servers
• Alternatives – Virtualization
– DB JMS store
– Cluster services
SOAHost1
WLS_WSM1Admin
Server
WLS_SOA1
WLS
Console
EM
Console
WSM-PM SOA
B2B
SOAHost2
WLS_WSM2Admin
Server
WLS_SOA2
WLS
Console
EM
Console
WSM-PM SOA
B2B
WLS_SOA1
SOA
B2B
29 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Coherence
• What
– Use WKA discovery
– List subset of servers
• Why
– Avoid cross talk
– Only need 1 listed server
• Bad Alternative
– Change default multicast address
SOAHost1
WLS_WSM1Admin
Server
WLS_SOA1
WLS
Console
EM
Console
WSM-PM SOA
B2B
SOAHost2
WLS_WSM2Admin
Server
WLS_SOA2
WLS
Console
EM
Console
WSM-PM SOA
B2B
SOAHost3
WLS_WSM3 WLS_SOA3
WSM-PM SOA
B2B
SOAHost4
WLS_WSM3 WLS_SOA3
WSM-PM SOA
B2B
SOAHost4
WLS_WSM3 WLS_SOA3
WSM-PM SOA
B2B
WKA1 WKA2
WKA3
30 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Virtualization
• Run managed servers in VM
• VM have fixed IP – No floating IP for MS
– No whole server migration
• Failure of VM or VM host – Restart on available server
• Live migration
• Shared disk for domain/jms/tx – Maintains state
31 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Performance
• Database is important
• Remove OHS tier
• Separate domains – Long running
– Short running
– SLA based
– Temporal load variation
– User vs System traffic
• Exalogic
32 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Exalogic
• New SOA EDG for Exalogic
– Has options!!!!
• Use OTD
• Optimized with Exadata
• Infiniband for internal communication
• WLS & SOA optimizations
• Physical or virtual
33 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Drawbacks of a Manual Approach
Manual setup can be
– Time consuming
– Error prone
Which leads to
– Pain & stress
– Delays in delivery
– Lack of consistency
– Wasted effort
How do you delivery quickly and consistently?
34 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Automation
What is available out-of-the-box?
Phase Enablers
Installation Silent Installation VM Templates
Repository Setup Command Line
Creation & Configuration WLST
Software Deployment WLST, Apache Ant, Maven
Operations – Start, Stop WLST, OPMN
Patching OPatch, BSU
Customizations ??
35 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Validation Script
• An automated script to check correctness
• Ensures targets are defined as per EDG
• Uses WLST
• Target Verification Script available for download at
https://blogs.oracle.com/reynolds/entry/target_verification
How do we know we built the environment correctly?
36 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Introduction Rubicon Red MyST
• Declarative Configuration Management – Pre-built templates
– Multi Node, Single Node, Complex, Simple topologies
– No scripting or coding required
• Rapid Provisioning – Define, Execute and Report on environments
– Reduce effort to minutes for most complex topologies
• Continuous Delivery Platform – SDLC Support for FMW Projects
– Automates deployment across full set of FMW Components
• Extensible Automation Framework – Supports extensions in multiple technologies
– Add tasks and validators for custom components
100% Automated Rollout of EDG Environments
37 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Extensible Pluggable Framework Example products supported:
• Oracle WebLogic Server
• Oracle SOA Suite (including B2B)
• Oracle BPM Suite
• Oracle AIA Foundation Packs
• Oracle AIA Pre-Built Integration
• Oracle Service Bus
• Oracle Data Integrator
• Oracle Business Intelligence
• Oracle Governance (OER / OSR)
• Oracle WebCenter Portal & Content
• Oracle Repository Creation Utility
• Oracle VM
• Oracle EM 12c Cloud Control
• Oracle BPM Process Accelerators
• Oracle Business Activity Monitoring
• Oracle Business Transaction Management
• Security Administration
• OPatch + Smart Update
• Java Connector Architecture
• User Messaging Service
• Oracle HTTP Server
• Oracle JRockit / Sun JDK
38 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Comparing Options
Features Description Manual Scripted MyST
Automated Provides a simple way to reduce a large number of manual tasks into smaller discrete automated tasks
Consistent Target state is defined once, deployed multiple times in multiple environments. Limited
Predictable Know how long it takes to create an environment or deploy a release.
Easy to Use No additional scripting or coding. Can be used by generic infrastructure teams with little Fusion Middleware knowledge
Extensible Ability to extend the components supported including custom components using a wide range of technologies Limited
SDLC Support Support deployments of FMW components using the same framework as the provisioning
Cost & ROI Benefits Leverage an out of the box solution that has global customers
Supported Traditional Software Support model including forums, support tickets and feature requests
39 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Back to the Demo!
40 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Benefits of Automation
• Deliver significantly faster!
• Deliver more reliably
& consistently
• Reduce overall risk
• Decrease time-to-market
Delivery at the click of a button
41 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Takeaways
• EDG is a Guide not a Gospel
• Automation enables a different game
42 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
Q&A
43 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8
44 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Copyright © 2013, Rubicon Red. All rights reserved.
Insert Information Protection Policy Classification
from Slide 8