Step by Steps Oracle EBS DMZ setup and Configuration (Adding the DMZ NODE on your exiting Oracle EBS setup)
1) Apply the TLS patches on exiting production setup. Follow the below steps by steps
Download the 27301611,27120730,23630525 and 26045188 (Note this was latest TLS patches when we configure the TLS, patch may be supeerceded, you can download latest one)
export TLS_STAGE=/erp_stage/oracle/ACS/TLS
export ORACLE_HOME=$IAS_ORACLE_HOME
export PATH=$ORACLE_HOME/OPatch:$PATH
cd $TLS_STAGE/27301611
opatch apply -jre $ORACLE_HOME/jdk/jre
cd $TLS_STAGE/26610710
opatch apply
cd $TLS_STAGE/27120730/oui
export ORACLE_HOME=$FMW_HOME/oracle_common
export PATH=$ORACLE_HOME/OPatch:$PATH
opatch apply
export ORACLE_HOME=$IAS_ORACLE_HOME
export PATH=$ORACLE_HOME/OPatch:$PATH
cd $TLS_STAGE/23630525
opatch apply
cd $TLS_STAGE/26045188
opatch apply
2) Source the run file system & run the txkChangeProfH.sql in Internal Source EBS server
$ . EBSapps.env run
sqlplus apps/apps @$FND_TOP/patch/115/sql/txkChangeProfH.sql SERVRESP
3.Source the Run file system env file in Internal Source EBS server
cd $ADMIN_SCRIPTS_HOME/
perl adpreclone.pl appsTier
4. Source the Patch file system env file in Internal Source EBS server
$ . ./u01/install/APPS/EBSapps.env patch
$ $INST_TOP/admin/scripts/adadminsrvctl.sh start forcepatchfs
$ $INST_TOP/admin/scripts/adpreclone.pl appsTier
5.Take a tar of $RUN_BASE/EBSapps directory in Internal Source EBS server:
Source the Run file system env file
. EBSapps.env run
$ cd $RUN_BASE
$ tar –cvhf /erp_appl/HRDPRE/PREPROD/EBSAPPS.tar EBSapps
6. Make Below directory, copy the tar file from source internal EBS server and extract the tar file on target DMZ nodes
mkdir fs1
mkdir fs2
mkdir fs_ne
cd fs2
tar –xvhf /erp_appl/HRDPRE/PREPROD/EBSAPPS.tar
7. Point /var/op/oracle/oraInst.loc to the valid location in Newly created DMZ node(dmznode1)
8. Go to below Location in Newly created DMZ node (dmznode1)
cd /erp_apps/oracle/app/fs1/EBSapps/comn/clone/bin
perl adcfgclone.pl appsTier dualfs
applmgr@dmznode1:/erp_apps/oracle/app/fs1/EBSapps/comn/clone/bin$ perl adcfgclone.pl appsTier dualfs
Copyright (c) 2002, 2015 Oracle Corporation
Redwood Shores, California, USA
Oracle E-Business Suite Rapid Clone
Version 12.2
adcfgclone Version 120.63.12020000.60
Enter the APPS password :
Enter the Weblogic AdminServer password :
Do you want to add a node (yes/no) [no] : yes
Verifying: Run file system AdminServer is running
Verifying: Patch file system AdminServer is running
Running: Context clone...
Log file located at /erp_apps/oracle/app/fs1/EBSapps/comn/clone/bin/CloneContext_0529214254.log
Target System Hostname (virtual or normal) [dmznode1] :
Target System Domain Name : nizamappsdba.com
Target System Base Directory set to /erp_apps/oracle/app
Target System Current File System Base set to /erp_apps/oracle/app/fs1
Target System Other File System Base set to /erp_apps/oracle/app/fs2
Target System Fusion Middleware Home set to /erp_apps/oracle/app/fs1/FMW_Home
Target System Other File System Fusion Middleware Home set to /erp_apps/oracle/app/fs2/FMW_Home
Target System Web Oracle Home set to /erp_apps/oracle/app/fs1/FMW_Home/webtier
Target System Other File System Web Oracle Home set to /erp_apps/oracle/app/fs2/FMW_Home/webtier
Target System Appl TOP set to /erp_apps/oracle/app/fs1/EBSapps/appl
Target System Other File System Appl TOP set to /erp_apps/oracle/app/fs2/EBSapps/appl
Target System COMMON TOP set to /erp_apps/oracle/app/fs1/EBSapps/comn
Target System Other File System COMMON TOP set to /erp_apps/oracle/app/fs2/EBSapps/comn
Target System Instance Home Directory [/erp_apps/oracle/app] :
Target System Current File System Instance Top set to /erp_apps/oracle/app/fs1/inst/apps/HRD_au1608
Do you want to preserve the Display [internalnode1:0.0] (y/n) : n
Target System Display [dmznode1:0.0] :
Target System Root Service [enabled] :
Target System Web Entry Point Services [enabled] :
Target System Web Application Services [enabled] :
Target System Batch Processing Services [enabled] : disabled
Target System Other Services [disabled] :
Do you want the target system to have the same port values as the source system (y/n) [y] ? : y
Validating if the source port numbers are available on the target system..
Complete port information available at /erp_apps/oracle/app/fs1/EBSapps/comn/clone/bin/out/ERPDB_dmznode1/portpool.lst
UTL_FILE_DIR on database tier consists of the following directories.
1. /erp_temp/oradata/tmp
2. /usr/tmp choose 2
9. Source the EBSapps.env file in Newly created DMZ node(dmznode1)
$ . ./u01/install/APPS/EBSapps.env run
$ perl $AD_TOP/bin/adSyncContext.pl contextfile=$CONTEXT_FILE
10. Edit this variables in $CONTEXT_FILE on both run and patch file system in nwely created DMZ node(dmznode1). Below values are depended on your environments
1. s_url_protocol=https
2. s_local_url_protocol=https
3. s_webentryurlprotocol=https
4. s_active_webport=443
5. s_webssl_port=4443
6. s_https_listen_parameter=4443
7. s_login_page=https://nizamappsdba.com/OA_HTML/AppsLocalLogin.jsp
8. s_external_url=https://nizamappsdba.com/OA_HTML/AppsLocalLogin.jsp
9. s_endUserMonitoringURL=http://dmnode1.nizamappsdba.corp.com:8008/oracle_smp_chronos/oracle_smp_chronos_sdk.gif
11. s_webentryhost=www
12. s_webentrydomain=nizamappsdba.com
11.Execute Autoconfig on the run file system for the DMZ nodes.
$ . ./u01/install/APPS/EBSapps.env run
$ $INST_TOP/admin/scripts/adautocfg.sh
Upload the Patch file system context file to the Database
$ . ./u01/install/APPS/EBSapps.env patch
$ $ADJVAPRG oracle.apps.ad.autoconfig.oam.CtxSynchronizer action=upload
contextfile=<full path to patch context file> logfile=/tmp/patchctxupload.log
12. Remove the managed servers of other internal nodes(these parameters are based on your environments)
perl $FND_TOP/patch/115/bin/txkSetAppsConf.pl -contextfile=$CONTEXT_FILE -configoption=removeMS -oacore=node1.nizamappsdba.corp.com:7232,node2.nizamappsdba.corp.com:7232,node3.nizamappsdba.corp.com:7232 -oafm=node1.nizamappsdba.corp.com:7632,node2.nizamappsdba.corp.com:7632,node3.nizamappsdba.corp.com:7632 -forms=node1.nizamappsdba.corp.com:7432,node2.nizamappsdba.corp.com:7432,node3.nizamappsdba.corp.com:7432 -formsc4ws=node1.nizamappsdba.corp.com:7832,node2.nizamappsdba.corp.com,node3.nizamappsdba.corp.com:7832
$ . ./u01/install/APPS/EBSapps.env run
Switch the hierarchy type of the profile options to be of type server-responsibility
$ sqlplus apps/apps @$FND_TOP/patch/115/sql/txkChangeProfH.sql SERVRESP
13. s_appserverid_authentication
14.Set Node%Trust%Level% as external for DMZ node.
15. TLS PART: (DO IT IN BOTH RUN AND PATCH FILE SYSTEM)
===================================================
export WEB_SSL_DIR="SET FROM CONTEXT_FILE"
export OHS_LOC="SET FROM CONTEXT_FILE"
mkdir $WEB_SSL_DIR/Apache
cd $WEB_SSL_DIR/Apache
cp $HOME/wallet/cwallet.sso .
cp $HOME/wallet/ewallet.p12 .
cp $ORACLE_HOME/sysman/config/b64InternetCertificate.txt $ORACLE_HOME/sysman/config/b64InternetCertificate.txt.before.tls
cat $HOME/wallet/RootCA.cer >> $ORACLE_HOME/sysman/config/b64InternetCertificate.txt
cat $HOME/wallet/InterCA.cer >> $ORACLE_HOME/sysman/config/b64InternetCertificate.txt
cd $OHS_LOC/config/OHS/*/keystores/default
mkdir bkup
mv *.* bkup
cp $WEB_SSL_DIR/Apache/* .
cd $OHS_LOC/config/OPMN/opmn/wallet
mkdir bkup
mv *.* bkup
cp $WEB_SSL_DIR/Apache/* .
CONFIG CHANGES:
===============
cd $OHS_LOC/config/OPMN/opmn
cp opmn.xml opmn.xml.bkup.before.tls12
vi opmn.xml
from:
<ssl enabled="true" wallet-file="/erp_appl/apps/fs2/FMW_Home/webtier/instances/EBS_web_HRD_OHS2/config/OPMN/opmn/wallet" ssl-versions="TLSv1.0" ssl-ciphers="SSL_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA"/>
to:
<ssl enabled="true" wallet-file="/erp_appl/apps/fs2/FMW_Home/webtier/instances/EBS_web_HRD_OHS2/config/OPMN/opmn/wallet" ssl-versions="TLSv1.0,TLSv1.1,TLSv1.2" ssl-ciphers="SSL_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA"/>
cd $OHS_LOC/config/OHS/*
cp admin.conf admin.conf.bkup.before.tls12
vi $OHS_LOC/config/OHS/EBS_web_HRD/admin.conf
Change:
SSLCipherSuite SSL_RSA_WITH_AES_128_CBC_SHA:SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSLProtocol nzos_Version_1_0 nzos_Version_3_0
to
SSLCipherSuite SSL_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA
SSLProtocol nzos_Version_1_0 nzos_Version_1_1 nzos_Version_1_2
cd $OHS_LOC/config/OHS/*
cp ssl.conf ssl.conf.bkup.tls12
vi $OHS_LOC/config/OHS/*/ssl.conf
SSLProtocol TLSv1 TLSv1.1 TLSv1.2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!RC4:!3DES:!SEED:!IDEA:!CAMELLIA:+HIGH:+MEDIUM
perl $AD_TOP/bin/adSyncContext.pl contextfile=$CONTEXT_FILE
Run autoconfig.
Add the secondary DMZ node if it is multi node MZ noed environment
Add the Secondary Node dmznode2:
a) Execute adpreclone Utility on the Run and Patch File System in primary DMZ node(DMnode1).
Run file system:
a. Please make sure adminserver is running
b. Source the run file system
c. cd $INST_TOP/admin/scripts
d. ./adpreclone.pl appsTier
Patch file system:
e. Source the patch file system.
f. cd $INST_TOP/admin/scripts
g. ./adadminsrvctl.sh start forcepatchfs
h. ./adpreclone.pl appsTier
b.Prepare the PairsFile for Configuring secondary DMZ node:
1.Login to Primary DMZ node(dmznode1) and source run file system
2.scp $INST_TOP/appl/admin/${CONTEXT_NAME}.txt dmznode2:$HOME/
3.Login to secondary dmz node(dmznode2) and edit $HOME/{CONTEXT_NAME}.txt
(ERPDB_internal_node) .Please change instance specific values & services enabled sections.
[Services Enabled on the Primary Application Tier Node]
#s_web_applications_status=enabled
#s_web_entry_status=enabled
#s_apcstatus=enabled
#s_root_status=enabled
#s_batch_status=disabled
#s_other_service_group_status=disabled
#s_adminserverstatus=disabled
#s_web_admin_status=disabled
c. Execute adclonectx:
Ensure the WebLogic Administration Server is running from both run and Patch file system on the primary application tier node
export PATH=/erp_apps/oracle/app/fs2/FMW_Home/webtier/perl/bin:$PATH
cd /erp_apps/oracle/app/fs2/EBSapps/comn/clone/bin
/erp_apps/oracle/app/fs2/FMW_Home/webtier/perl/bin/perl ./adclonectx.pl addnode contextfile=/erp_apps/oracle/app/fs2/inst/apps/ERPDB_internalnode1/appl/admin/ERPDB_internalnode1.xml pairsfile=/export/home/applprd/pairsfile/ERPDB_internal_node.txt dualfs=yes
d. Remove the managed servers of other nodes:
perl $FND_TOP/patch/115/bin/txkSetAppsConf.pl -contextfile=$CONTEXT_FILE -configoption=removeMS -oacore=node1.nizamappsdba.corp.com:7232,node2.nizamappsdba.corp.com:7232,node3.nizamappsdba.corp.com:7232 -oafm=node1.nizamappsdba.corp.com:7632,node2.nizamappsdba.corp.com:7632,node3.nizamappsdba.corp.com:7632 -forms=node1.nizamappsdba.corp.com:7432,node2.nizamappsdba.corp.com:7432,node3.nizamappsdba.corp.com:7432 -formsc4ws=node1.nizamappsdba.corp.com:7832,node2.nizamappsdba.corp.com:7832,node3.nizamappsdba.corp.com:7832
e. Set Node%Trust%Level% as external for DMZ node.
Add the additional managed servers if required to handile more load and connection:
in this we are adding 3 oacore servers and 1 forms servers for demonstration purpose
Create managerd servers under the RUN file system
Run adminserver should be up and running
OACORE Run:
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server11 -servicetype=oacore -managedsrvport=7211 -logfile=$HOME/addMS_oacoreserver11.log
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server12 -servicetype=oacore -managedsrvport=7212 -logfile=$HOME/addMS_oacoreserver12.log
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server13 -servicetype=oacore -managedsrvport=7213 -logfile=$HOME/addMS_oacoreserver13.log
Forms Run:
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=forms_server11 -servicetype=forms -managedsrvport=7411 -logfile=$HOME/addMS_formsserver11.log
perl $FND_TOP/patch/115/bin/txkSetAppsConf.pl -contextfile=$CONTEXT_FILE -configoption=addMS -oacore=dmznode1.nizamappsdba.corp.com:7211,dmznode1.nizamappsdba.corp.com:7212,dmznode1.nizamappsdba.corp.com:7213 -forms=dmznode1.nizamappsdba.corp.com:7411
OACORE Patch:
patch adminserver should be up and running
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server11 -servicetype=oacore -managedsrvport=7214 -logfile=$HOME/addMS_oacoreserver11_patch.log
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server12 -servicetype=oacore -managedsrvport=7215 -logfile=$HOME/addMS_oacoreserver12_patch.log
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server13 -servicetype=oacore -managedsrvport=7216 -logfile=$HOME/addMS_oacoreserver13_patch.log
Forms Run:
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=forms_server11 -servicetype=forms -managedsrvport=7412 -logfile=$HOME/addMS_formsserver11.log
java oracle.apps.ad.autoconfig.InstantiateFile -e $CONTEXT_FILE -tmpl $AD_TOP/admin/template/fsclone_config_txt.tmp -out $INST_TOP/appl/admin/fsclone_config.txt
1) Apply the TLS patches on exiting production setup. Follow the below steps by steps
Download the 27301611,27120730,23630525 and 26045188 (Note this was latest TLS patches when we configure the TLS, patch may be supeerceded, you can download latest one)
export TLS_STAGE=/erp_stage/oracle/ACS/TLS
export ORACLE_HOME=$IAS_ORACLE_HOME
export PATH=$ORACLE_HOME/OPatch:$PATH
cd $TLS_STAGE/27301611
opatch apply -jre $ORACLE_HOME/jdk/jre
cd $TLS_STAGE/26610710
opatch apply
cd $TLS_STAGE/27120730/oui
export ORACLE_HOME=$FMW_HOME/oracle_common
export PATH=$ORACLE_HOME/OPatch:$PATH
opatch apply
export ORACLE_HOME=$IAS_ORACLE_HOME
export PATH=$ORACLE_HOME/OPatch:$PATH
cd $TLS_STAGE/23630525
opatch apply
cd $TLS_STAGE/26045188
opatch apply
2) Source the run file system & run the txkChangeProfH.sql in Internal Source EBS server
$ . EBSapps.env run
sqlplus apps/apps @$FND_TOP/patch/115/sql/txkChangeProfH.sql SERVRESP
3.Source the Run file system env file in Internal Source EBS server
cd $ADMIN_SCRIPTS_HOME/
perl adpreclone.pl appsTier
4. Source the Patch file system env file in Internal Source EBS server
$ . ./u01/install/APPS/EBSapps.env patch
$ $INST_TOP/admin/scripts/adadminsrvctl.sh start forcepatchfs
$ $INST_TOP/admin/scripts/adpreclone.pl appsTier
5.Take a tar of $RUN_BASE/EBSapps directory in Internal Source EBS server:
Source the Run file system env file
. EBSapps.env run
$ cd $RUN_BASE
$ tar –cvhf /erp_appl/HRDPRE/PREPROD/EBSAPPS.tar EBSapps
6. Make Below directory, copy the tar file from source internal EBS server and extract the tar file on target DMZ nodes
mkdir fs1
mkdir fs2
mkdir fs_ne
cd fs2
tar –xvhf /erp_appl/HRDPRE/PREPROD/EBSAPPS.tar
7. Point /var/op/oracle/oraInst.loc to the valid location in Newly created DMZ node(dmznode1)
8. Go to below Location in Newly created DMZ node (dmznode1)
cd /erp_apps/oracle/app/fs1/EBSapps/comn/clone/bin
perl adcfgclone.pl appsTier dualfs
applmgr@dmznode1:/erp_apps/oracle/app/fs1/EBSapps/comn/clone/bin$ perl adcfgclone.pl appsTier dualfs
Copyright (c) 2002, 2015 Oracle Corporation
Redwood Shores, California, USA
Oracle E-Business Suite Rapid Clone
Version 12.2
adcfgclone Version 120.63.12020000.60
Enter the APPS password :
Enter the Weblogic AdminServer password :
Do you want to add a node (yes/no) [no] : yes
Verifying: Run file system AdminServer is running
Verifying: Patch file system AdminServer is running
Running: Context clone...
Log file located at /erp_apps/oracle/app/fs1/EBSapps/comn/clone/bin/CloneContext_0529214254.log
Target System Hostname (virtual or normal) [dmznode1] :
Target System Domain Name : nizamappsdba.com
Target System Base Directory set to /erp_apps/oracle/app
Target System Current File System Base set to /erp_apps/oracle/app/fs1
Target System Other File System Base set to /erp_apps/oracle/app/fs2
Target System Fusion Middleware Home set to /erp_apps/oracle/app/fs1/FMW_Home
Target System Other File System Fusion Middleware Home set to /erp_apps/oracle/app/fs2/FMW_Home
Target System Web Oracle Home set to /erp_apps/oracle/app/fs1/FMW_Home/webtier
Target System Other File System Web Oracle Home set to /erp_apps/oracle/app/fs2/FMW_Home/webtier
Target System Appl TOP set to /erp_apps/oracle/app/fs1/EBSapps/appl
Target System Other File System Appl TOP set to /erp_apps/oracle/app/fs2/EBSapps/appl
Target System COMMON TOP set to /erp_apps/oracle/app/fs1/EBSapps/comn
Target System Other File System COMMON TOP set to /erp_apps/oracle/app/fs2/EBSapps/comn
Target System Instance Home Directory [/erp_apps/oracle/app] :
Target System Current File System Instance Top set to /erp_apps/oracle/app/fs1/inst/apps/HRD_au1608
Do you want to preserve the Display [internalnode1:0.0] (y/n) : n
Target System Display [dmznode1:0.0] :
Target System Root Service [enabled] :
Target System Web Entry Point Services [enabled] :
Target System Web Application Services [enabled] :
Target System Batch Processing Services [enabled] : disabled
Target System Other Services [disabled] :
Do you want the target system to have the same port values as the source system (y/n) [y] ? : y
Validating if the source port numbers are available on the target system..
Complete port information available at /erp_apps/oracle/app/fs1/EBSapps/comn/clone/bin/out/ERPDB_dmznode1/portpool.lst
UTL_FILE_DIR on database tier consists of the following directories.
1. /erp_temp/oradata/tmp
2. /usr/tmp choose 2
9. Source the EBSapps.env file in Newly created DMZ node(dmznode1)
$ . ./u01/install/APPS/EBSapps.env run
$ perl $AD_TOP/bin/adSyncContext.pl contextfile=$CONTEXT_FILE
10. Edit this variables in $CONTEXT_FILE on both run and patch file system in nwely created DMZ node(dmznode1). Below values are depended on your environments
1. s_url_protocol=https
2. s_local_url_protocol=https
3. s_webentryurlprotocol=https
4. s_active_webport=443
5. s_webssl_port=4443
6. s_https_listen_parameter=4443
7. s_login_page=https://nizamappsdba.com/OA_HTML/AppsLocalLogin.jsp
8. s_external_url=https://nizamappsdba.com/OA_HTML/AppsLocalLogin.jsp
9. s_endUserMonitoringURL=http://dmnode1.nizamappsdba.corp.com:8008/oracle_smp_chronos/oracle_smp_chronos_sdk.gif
11. s_webentryhost=www
12. s_webentrydomain=nizamappsdba.com
11.Execute Autoconfig on the run file system for the DMZ nodes.
$ . ./u01/install/APPS/EBSapps.env run
$ $INST_TOP/admin/scripts/adautocfg.sh
Upload the Patch file system context file to the Database
$ . ./u01/install/APPS/EBSapps.env patch
$ $ADJVAPRG oracle.apps.ad.autoconfig.oam.CtxSynchronizer action=upload
contextfile=<full path to patch context file> logfile=/tmp/patchctxupload.log
12. Remove the managed servers of other internal nodes(these parameters are based on your environments)
perl $FND_TOP/patch/115/bin/txkSetAppsConf.pl -contextfile=$CONTEXT_FILE -configoption=removeMS -oacore=node1.nizamappsdba.corp.com:7232,node2.nizamappsdba.corp.com:7232,node3.nizamappsdba.corp.com:7232 -oafm=node1.nizamappsdba.corp.com:7632,node2.nizamappsdba.corp.com:7632,node3.nizamappsdba.corp.com:7632 -forms=node1.nizamappsdba.corp.com:7432,node2.nizamappsdba.corp.com:7432,node3.nizamappsdba.corp.com:7432 -formsc4ws=node1.nizamappsdba.corp.com:7832,node2.nizamappsdba.corp.com,node3.nizamappsdba.corp.com:7832
$ . ./u01/install/APPS/EBSapps.env run
Switch the hierarchy type of the profile options to be of type server-responsibility
$ sqlplus apps/apps @$FND_TOP/patch/115/sql/txkChangeProfH.sql SERVRESP
13. s_appserverid_authentication
14.Set Node%Trust%Level% as external for DMZ node.
15. TLS PART: (DO IT IN BOTH RUN AND PATCH FILE SYSTEM)
===================================================
export WEB_SSL_DIR="SET FROM CONTEXT_FILE"
export OHS_LOC="SET FROM CONTEXT_FILE"
mkdir $WEB_SSL_DIR/Apache
cd $WEB_SSL_DIR/Apache
cp $HOME/wallet/cwallet.sso .
cp $HOME/wallet/ewallet.p12 .
cp $ORACLE_HOME/sysman/config/b64InternetCertificate.txt $ORACLE_HOME/sysman/config/b64InternetCertificate.txt.before.tls
cat $HOME/wallet/RootCA.cer >> $ORACLE_HOME/sysman/config/b64InternetCertificate.txt
cat $HOME/wallet/InterCA.cer >> $ORACLE_HOME/sysman/config/b64InternetCertificate.txt
cd $OHS_LOC/config/OHS/*/keystores/default
mkdir bkup
mv *.* bkup
cp $WEB_SSL_DIR/Apache/* .
cd $OHS_LOC/config/OPMN/opmn/wallet
mkdir bkup
mv *.* bkup
cp $WEB_SSL_DIR/Apache/* .
CONFIG CHANGES:
===============
cd $OHS_LOC/config/OPMN/opmn
cp opmn.xml opmn.xml.bkup.before.tls12
vi opmn.xml
from:
<ssl enabled="true" wallet-file="/erp_appl/apps/fs2/FMW_Home/webtier/instances/EBS_web_HRD_OHS2/config/OPMN/opmn/wallet" ssl-versions="TLSv1.0" ssl-ciphers="SSL_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA"/>
to:
<ssl enabled="true" wallet-file="/erp_appl/apps/fs2/FMW_Home/webtier/instances/EBS_web_HRD_OHS2/config/OPMN/opmn/wallet" ssl-versions="TLSv1.0,TLSv1.1,TLSv1.2" ssl-ciphers="SSL_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA"/>
cd $OHS_LOC/config/OHS/*
cp admin.conf admin.conf.bkup.before.tls12
vi $OHS_LOC/config/OHS/EBS_web_HRD/admin.conf
Change:
SSLCipherSuite SSL_RSA_WITH_AES_128_CBC_SHA:SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSLProtocol nzos_Version_1_0 nzos_Version_3_0
to
SSLCipherSuite SSL_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA
SSLProtocol nzos_Version_1_0 nzos_Version_1_1 nzos_Version_1_2
cd $OHS_LOC/config/OHS/*
cp ssl.conf ssl.conf.bkup.tls12
vi $OHS_LOC/config/OHS/*/ssl.conf
SSLProtocol TLSv1 TLSv1.1 TLSv1.2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!RC4:!3DES:!SEED:!IDEA:!CAMELLIA:+HIGH:+MEDIUM
perl $AD_TOP/bin/adSyncContext.pl contextfile=$CONTEXT_FILE
Run autoconfig.
For iSuppliuer User Level profile option, update the value with DMZ site URL
1> Apps Servlet Agent
2> Application Framework Agent
At the site level profile options for the so-far created supplier users at the user level.
And as one-time activity you need to update with DMZ site URL
1> POS: External URL
2> POS: Internal URL
Add the secondary DMZ node if it is multi node MZ noed environment
Add the Secondary Node dmznode2:
a) Execute adpreclone Utility on the Run and Patch File System in primary DMZ node(DMnode1).
Run file system:
a. Please make sure adminserver is running
b. Source the run file system
c. cd $INST_TOP/admin/scripts
d. ./adpreclone.pl appsTier
Patch file system:
e. Source the patch file system.
f. cd $INST_TOP/admin/scripts
g. ./adadminsrvctl.sh start forcepatchfs
h. ./adpreclone.pl appsTier
b.Prepare the PairsFile for Configuring secondary DMZ node:
1.Login to Primary DMZ node(dmznode1) and source run file system
2.scp $INST_TOP/appl/admin/${CONTEXT_NAME}.txt dmznode2:$HOME/
3.Login to secondary dmz node(dmznode2) and edit $HOME/{CONTEXT_NAME}.txt
(ERPDB_internal_node) .Please change instance specific values & services enabled sections.
[Services Enabled on the Primary Application Tier Node]
#s_web_applications_status=enabled
#s_web_entry_status=enabled
#s_apcstatus=enabled
#s_root_status=enabled
#s_batch_status=disabled
#s_other_service_group_status=disabled
#s_adminserverstatus=disabled
#s_web_admin_status=disabled
c. Execute adclonectx:
Ensure the WebLogic Administration Server is running from both run and Patch file system on the primary application tier node
export PATH=/erp_apps/oracle/app/fs2/FMW_Home/webtier/perl/bin:$PATH
cd /erp_apps/oracle/app/fs2/EBSapps/comn/clone/bin
/erp_apps/oracle/app/fs2/FMW_Home/webtier/perl/bin/perl ./adclonectx.pl addnode contextfile=/erp_apps/oracle/app/fs2/inst/apps/ERPDB_internalnode1/appl/admin/ERPDB_internalnode1.xml pairsfile=/export/home/applprd/pairsfile/ERPDB_internal_node.txt dualfs=yes
d. Remove the managed servers of other nodes:
perl $FND_TOP/patch/115/bin/txkSetAppsConf.pl -contextfile=$CONTEXT_FILE -configoption=removeMS -oacore=node1.nizamappsdba.corp.com:7232,node2.nizamappsdba.corp.com:7232,node3.nizamappsdba.corp.com:7232 -oafm=node1.nizamappsdba.corp.com:7632,node2.nizamappsdba.corp.com:7632,node3.nizamappsdba.corp.com:7632 -forms=node1.nizamappsdba.corp.com:7432,node2.nizamappsdba.corp.com:7432,node3.nizamappsdba.corp.com:7432 -formsc4ws=node1.nizamappsdba.corp.com:7832,node2.nizamappsdba.corp.com:7832,node3.nizamappsdba.corp.com:7832
e. Set Node%Trust%Level% as external for DMZ node.
Add the additional managed servers if required to handile more load and connection:
in this we are adding 3 oacore servers and 1 forms servers for demonstration purpose
Create managerd servers under the RUN file system
Run adminserver should be up and running
OACORE Run:
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server11 -servicetype=oacore -managedsrvport=7211 -logfile=$HOME/addMS_oacoreserver11.log
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server12 -servicetype=oacore -managedsrvport=7212 -logfile=$HOME/addMS_oacoreserver12.log
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server13 -servicetype=oacore -managedsrvport=7213 -logfile=$HOME/addMS_oacoreserver13.log
Forms Run:
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=forms_server11 -servicetype=forms -managedsrvport=7411 -logfile=$HOME/addMS_formsserver11.log
perl $FND_TOP/patch/115/bin/txkSetAppsConf.pl -contextfile=$CONTEXT_FILE -configoption=addMS -oacore=dmznode1.nizamappsdba.corp.com:7211,dmznode1.nizamappsdba.corp.com:7212,dmznode1.nizamappsdba.corp.com:7213 -forms=dmznode1.nizamappsdba.corp.com:7411
OACORE Patch:
patch adminserver should be up and running
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server11 -servicetype=oacore -managedsrvport=7214 -logfile=$HOME/addMS_oacoreserver11_patch.log
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server12 -servicetype=oacore -managedsrvport=7215 -logfile=$HOME/addMS_oacoreserver12_patch.log
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=oacore_server13 -servicetype=oacore -managedsrvport=7216 -logfile=$HOME/addMS_oacoreserver13_patch.log
Forms Run:
perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-create-managedserver -contextfile=$CONTEXT_FILE -managedsrvname=forms_server11 -servicetype=forms -managedsrvport=7412 -logfile=$HOME/addMS_formsserver11.log
java oracle.apps.ad.autoconfig.InstantiateFile -e $CONTEXT_FILE -tmpl $AD_TOP/admin/template/fsclone_config_txt.tmp -out $INST_TOP/appl/admin/fsclone_config.txt
----------------------------------------------Completed ----------------------------------------------------------------
--- -------------------------------Above Steps only for Reference(Appendix)---------------------------------
------------------------------------------------------------------------------------------------------
Appendix - For the reference purpose only - Adding the nodes(logs), Errors and Resolutions
------------------------------------------------------------------------------------------------------
Adding the nodes steps logs(logs), Errors and Resolutions.
--------------------------------------------------------------------------------------------------------
Pre-req:
========
Please change below ulimit parameter on server OracleEBSNode2-SecondaryNode similar to what is set under server OracleEBSNode1-PrimaryNode.
coredump
file maxuprc
nofiles
stack
time
vmemory
-> OS user name should be same in all the nodes. password less connectivity between all the nodes
-> Directory structure should be same.
1] Execute below on OracleEBSNode1-PrimaryNode:
============================
bash-4.4$ echo $FILE_EDITION
run
bash-4.4$ sqlplus apps
SQL*Plus: Release 10.1.0.5.0 - Production on Tue Oct 12 12:00:49 2021
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Enter password:
Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
SQL> @$FND_TOP/patch/115/sql/txkChangeProfH.sql SERVRESP
Changing the hierarchy type for the Profile APPS_WEB_AGENT
Profile APPS_WEB_AGENT hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile APPS_SERVLET_AGENT
Profile APPS_SERVLET_AGENT hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile APPS_JSP_AGENT
Profile APPS_JSP_AGENT hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile APPS_FRAMEWORK_AGENT
Profile APPS_FRAMEWORK_AGENT hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile ICX_FORMS_LAUNCHER
Profile ICX_FORMS_LAUNCHER hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile ICX_DISCOVERER_LAUNCHER
Profile ICX_DISCOVERER_LAUNCHER hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile ICX_DISCOVERER_VIEWER_LAUNCHER
Profile ICX_DISCOVERER_VIEWER_LAUNCHER hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile HELP_WEB_AGENT
Profile HELP_WEB_AGENT hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile APPS_PORTAL
Profile APPS_PORTAL hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile CZ_UIMGR_URL
Profile CZ_UIMGR_URL hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile QP_PRICING_ENGINE_URL
Profile QP_PRICING_ENGINE_URL hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile TCF:HOST
Profile TCF:HOST hierarchy type has been
successfully changed to SERVRESP
Disconnected from Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
bash-4.4$
2] Run adpreclone script on primary:
------------------------------------
-bash-4.4$ cd $ADMIN_SCRIPTS_HOME/
-bash-4.4$ perl adpreclone.pl appsTier
3] Source patch file system and start admin server on Primary.
---------------------------------------------------------------
bash-4.4$ . ./EBSapps.env
E-Business Suite Environment Information
----------------------------------------
RUN File System : /erp_appl/apps/fs1/EBSapps/appl
PATCH File System : /erp_appl/apps/fs2/EBSapps/appl
Non-Editioned File System : /erp_appl/apps/fs_ne
DB Host: OracleEBSNode1-PrimaryNode.nizamappsdba.com Service/SID: ERPDEV7
E-Business Suite Environment Setting
------------------------------------
- Enter [R/r] for sourcing Run File System Environment file, or
- Enter [P/p] for sourcing Patch File System Environment file, or
- Enter anything else to exit
Please choose the environment file you wish to source [R/P]:P
Sourcing the PATCH File System ...
bash-4.4$ echo $FILE_EDITION
patch
bash-4.4$
bash-4.4$ $INST_TOP/admin/scripts/adadminsrvctl.sh start forcepatchfs
You are running adadminsrvctl.sh version 120.10.12020000.11
Enter the WebLogic Admin password:
Enter the APPS Schema password:
Starting WLS Admin Server...
Refer /erp_appl/apps/fs2/inst/apps/ERPDEV7_OracleEBSNode1-PrimaryNode/logs/appl/admin/log/adadminsrvctl.txt for details
AdminServer logs are located at /erp_appl/apps/fs2/FMW_Home/user_projects/domains/EBS_domain_ERPDEV7/servers/AdminServer/logs
adadminsrvctl.sh: exiting with status 0
adadminsrvctl.sh: check the logfile /erp_appl/apps/fs2/inst/apps/ERPDEV7_OracleEBSNode1-PrimaryNode/logs/appl/admin/log/adadminsrvctl.txt for more information ...
bash-4.4$
4] Run adpreclone from patch FS on primary OracleEBSNode1-PrimaryNode.
-------------------------------------------------
bash-4.4$ $INST_TOP/admin/scripts/adpreclone.pl appsTier
Copyright (c) 2011, 2014 Oracle Corporation
Redwood Shores, California, USA
Oracle E-Business Suite Rapid Clone
Version 12.2
adpreclone Version 120.31.12020000.25
Enter the APPS User Password:
Enter the Weblogic AdminServer password :
Checking the status of the Oracle WebLogic Administration Server....
Running perl /erp_appl/apps/fs2/EBSapps/appl/ad/12.0.0/patch/115/bin/adProvisionEBS.pl ebs-get-serverstatus -contextfile=/erp_appl/apps/fs2/inst/apps/ERPDEV7_OracleEBSNode1-PrimaryNode/appl/admin/ERPDEV7_OracleEBSNode1-PrimaryNode.xml -servername=AdminServer -promptmsg=hide
The Oracle WebLogic Administration Server is up.
wlsDomainName: EBS_domain_ERPDEV7
WLS Domain Name is VALID.
Running:
perl /erp_appl/apps/fs2/EBSapps/appl/ad/12.0.0/bin/adclone.pl java=/erp_appl/apps/fs2/EBSapps/comn/util/jdk mode=stage stage=/erp_appl/apps/fs2/EBSapps/comn/clone component=appsTier method= appctx=/erp_appl/apps/fs2/inst/apps/ERPDEV7_OracleEBSNode1-PrimaryNode/appl/admin/ERPDEV7_OracleEBSNode1-PrimaryNode.xml showProgress
Setting the wls environment
Beginning application tier Stage - Tue Oct 12 13:01:50 2021
/erp_appl/apps/fs2/EBSapps/comn/util/jdk/bin/java -Xmx600M -Doracle.jdbc.autoCommitSpecCompliant=false -DCONTEXT_VALIDATED=false -Doracle.installer.oui_loc=/oui -classpath /erp_appl/apps/fs2/FMW_Home/webtier/lib/xmlparserv2.jar:/erp_appl/apps/fs2/FMW_Home/webtier/jdbc/lib/ojdbc6.jar:/erp_appl/apps/fs2/EBSapps/comn/java/classes:/erp_appl/apps/fs2/FMW_Home/webtier/oui/jlib/OraInstaller.jar:/erp_appl/apps/fs2/FMW_Home/webtier/oui/jlib/ewt3.jar:/erp_appl/apps/fs2/FMW_Home/webtier/oui/jlib/share.jar:/erp_appl/apps/fs2/FMW_Home/webtier/../Oracle_EBS-app1/oui/jlib/srvm.jar:/erp_appl/apps/fs2/FMW_Home/webtier/jlib/ojmisc.jar:/erp_appl/apps/fs2/FMW_Home/wlserver_10.3/server/lib/weblogic.jar:/erp_appl/apps/fs2/FMW_Home/oracle_common/jlib/obfuscatepassword.jar oracle.apps.ad.clone.StageAppsTier -e /erp_appl/apps/fs2/inst/apps/ERPDEV7_OracleEBSNode1-PrimaryNode/appl/admin/ERPDEV7_OracleEBSNode1-PrimaryNode.xml -stage /erp_appl/apps/fs2/EBSapps/comn/clone -tmp /tmp -method CUSTOM -showProgress -nopromptmsg
Log file located at /erp_appl/apps/fs2/inst/apps/ERPDEV7_OracleEBSNode1-PrimaryNode/admin/log/clone/StageAppsTier_10121301.log
| 20% completed
Completed Stage...
Tue Oct 12 13:27:25 2021
bash-4.4$
5] Source the Run file system env file in primary (OracleEBSNode1-PrimaryNode) and take backup of EBSapps as Tar file:
===================================================================================================
$ cd $RUN_BASE
$ tar -cvhf EBSAPPS.tar EBSapps
On OracleEBSNode2-SecondaryNode:
==========
6] create directory structure
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps$ mkdir fs1
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps$ mkdir fs2
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps$ mkdir fs_ne
- copy EBSAPPS.tar from OracleEBSNode1-PrimaryNode to below location in OracleEBSNode2-SecondaryNode.
bash-4.4$ scp -r EBSAPPS.tar appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/
On OracleEBSNode2-SecondaryNode:
-----------
$ cd fs1
$ tar –xvhf EBSAPPS.tar
Extract EBSapps.tar.gz to fs1 (which is the current run FS in OracleEBSNode1-PrimaryNode)
7] Point /var/opt/oracle/oraInst.loc to the valid location in OracleEBSNode2-SecondaryNode.
appldev@OracleEBSNode2-SecondaryNode:~$ cat /var/opt/oracle/oraInst.loc
inventory_loc=/erp_appl/apps/oraInventory
inst_group=dba
8] Run Post Clone:
Copy $COMMON_TOP/clone/FMW/FMW_Home.jar file from OracleEBSNode1-PrimaryNode to below location in OracleEBSNode2-SecondaryNode:
-bash-4.4$ pwd
/erp_appl/apps/fs1/EBSapps/comn/clone/FMW
example:
bash-4.4$ pwd
/erp_appl/apps/fs1/EBSapps/comn/clone/FMW
bash-4.4$
bash-4.4$ scp -r FMW_Home.jar appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/EBSapps/comn/clone/FMW/
9] on OracleEBSNode1-PrimaryNode:
--------------
cd /erp_appl/apps/fs1/FMW_Home/user_projects/domains/EBS_domain/config
- take backup of config.xml and update the parameter as below.
<connection-filter-rule>0.0.0.0/0 * * deny</connection-filter-rule>
To
<connection-filter-rule>0.0.0.0/0 * * allow</connection-filter-rule>
bash-4.4$
bash-4.4$
Update the same in Patch FS as below:
bash-4.4$ pwd
/erp_appl/apps/fs2/FMW_Home/user_projects/domains/EBS_domain_ERPDEV7/config
bash-4.4$
- Bounce complete application tier in OracleEBSNode1-PrimaryNode including admin server.
- Bounce admin server on PATCH FS in OracleEBSNode1-PrimaryNode (Which was started as part of isupplier configuration) as below:
Source Patch FS
-bash-4.4$ $INST_TOP/admin/scripts/adadminsrvctl.sh stop forcepatchfs
-bash-4.4$ $INST_TOP/admin/scripts/adadminsrvctl.sh start forcepatchfs
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/EBSapps/comn/clone/bin$ pwd
/erp_appl/apps/fs1/EBSapps/comn/clone/bin
export PERL5LIB=/erp_appl/apps/fs1/EBSapps/10.1.2/perl/lib/5.6.1:/erp_appl/apps/fs1/EBSapps/10.1.2/perl/lib/site_perl/5.6.1
export PATH=/erp_appl/apps/fs1/EBSapps/10.1.2/perl/bin:$PATH
export ADPERLPRG=/erp_appl/apps/fs1/EBSapps/10.1.2/perl/bin/perl
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/EBSapps/comn/clone/bin$ perl adcfgclone.pl appsTier dualfs
Copyright (c) 2002, 2015 Oracle Corporation
Redwood Shores, California, USA
Oracle E-Business Suite Rapid Clone
Version 12.2
adcfgclone Version 120.63.12020000.65
Enter the APPS password :
Enter the Weblogic AdminServer password :
Do you want to add a node (yes/no) [no] : yes
Verifying: Run file system AdminServer is running
Verifying: Patch file system AdminServer is running
Running: Context clone...
Log file located at /erp_appl/apps/fs1/EBSapps/comn/clone/bin/CloneContext_1017142743.log
Target System Hostname (virtual or normal) [OracleEBSNode2-SecondaryNode] :
Target System Base Directory set to /erp_appl/apps
Target System Current File System Base set to /erp_appl/apps/fs1
Target System Other File System Base set to /erp_appl/apps/fs2
Target System Fusion Middleware Home set to /erp_appl/apps/fs1/FMW_Home
Target System Other File System Fusion Middleware Home set to /erp_appl/apps/fs2/FMW_Home
Target System Web Oracle Home set to /erp_appl/apps/fs1/FMW_Home/webtier
Target System Other File System Web Oracle Home set to /erp_appl/apps/fs2/FMW_Home/webtier
Target System Appl TOP set to /erp_appl/apps/fs1/EBSapps/appl
Target System Other File System Appl TOP set to /erp_appl/apps/fs2/EBSapps/appl
Target System COMMON TOP set to /erp_appl/apps/fs1/EBSapps/comn
Target System Other File System COMMON TOP set to /erp_appl/apps/fs2/EBSapps/comn
Target System Instance Home Directory [/erp_appl/apps] :
Target System Current File System Instance Top set to /erp_appl/apps/fs1/inst/apps/ERPDEV7_OracleEBSNode2-SecondaryNode
Do you want to preserve the Display [OracleEBSNode1-PrimaryNode:0.0] (y/n) : n
Target System Display [OracleEBSNode2-SecondaryNode:0.0] :
Target System Root Service [enabled] :
Target System Web Entry Point Services [enabled] :
Target System Web Application Services [enabled] :
Target System Batch Processing Services [enabled] : disabled
Target System Other Services [disabled] :
Do you want the target system to have the same port values as the source system (y/n) [y] ? : y
Validating if the source port numbers are available on the target system..
Complete port information available at /erp_appl/apps/fs1/EBSapps/comn/clone/bin/out/ERPDEV7_OracleEBSNode2-SecondaryNode/portpool.lst
Target System proxy port [80] :
UTL_FILE_DIR on database tier consists of the following directories.
1. /usr/tmp
2. /usr/tmp
3. /erp_base/app/oracle/product/12.1.0.2/appsutil/outbound/ERPDEV7_OracleEBSNode1-PrimaryNode
4. /usr/tmp
Choose a value which will be set as APPLPTMP value on the target node [1] : 1
The new APPL_TOP context file has been created :
/erp_appl/apps/fs1/inst/apps/ERPDEV7_OracleEBSNode2-SecondaryNode/appl/admin/ERPDEV7_OracleEBSNode2-SecondaryNode.xml
Check Clone Context logfile /erp_appl/apps/fs1/EBSapps/comn/clone/bin/CloneContext_1017142743.log for details.
Creating Patch file system context file.....
Log file located at /erp_appl/apps/fs1/EBSapps/comn/clone/bin/CloneContextPatch_1017143501.log
Target System Other File System Instance Top set to /erp_appl/apps/fs2/inst/apps/ERPDEV7_OracleEBSNode2-SecondaryNode
Validating if the source port numbers are available on the target system..
Complete port information available at /erp_appl/apps/fs1/EBSapps/comn/clone/bin/out/ERPDEV7_OracleEBSNode2-SecondaryNode/portpool.lst
Target System proxy port [80] : 8008
The new APPL_TOP context file has been created :
/erp_appl/apps/fs2/inst/apps/ERPDEV7_OracleEBSNode2-SecondaryNode/appl/admin/ERPDEV7_OracleEBSNode2-SecondaryNode.xml
Check Clone Context logfile /erp_appl/apps/fs1/EBSapps/comn/clone/bin/CloneContextPatch_1017143501.log for details.
FMW Pre-requisite check log file location : /erp_appl/apps/fs1/EBSapps/comn/clone/FMW/logs/prereqcheck.log
Running: FMW pre-req check...
/usr/sbin/psrinfo: Perl lib version (5.26.3) doesn't match executable '/usr/perl5/5.22/bin/perl' version (5.22.1) at /usr/perl5/5.26/lib/sun4-solaris-thread-multi-64/Config.pm line 62.
Compilation failed in require at /usr/perl5/5.26/lib/locale.pm line 4.
BEGIN failed--compilation aborted at /usr/perl5/5.26/lib/locale.pm line 4.
Compilation failed in require at /usr/sbin/psrinfo line 14.
BEGIN failed--compilation aborted at /usr/sbin/psrinfo line 14.
Configuring: Run file system....
LogFile located at /erp_appl/apps/fs1/inst/apps/ERPDEV7_OracleEBSNode2-SecondaryNode/admin/log/clone/run/RCloneApplyAppstier_10171440.log
Configuring: Patch file system....
LogFile located at /erp_appl/apps/fs1/inst/apps/ERPDEV7_OracleEBSNode2-SecondaryNode/admin/log/clone/patch/RCloneApplyAppstier_10171530.log
Do you want to startup the Application Services for ERPDEV7? (y/n) [n] : n
Do you want to startup the Application Services for ERPDEV7? (y/n) [n] : n
Services not started
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/EBSapps/comn/clone/bin$
9] : Source the EBSapps.env file on OracleEBSNode2-SecondaryNode(Secondary)
-----------------------------------------------------
$ . ./erp_appl/app/EBSapps.env run
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps$ perl $AD_TOP/bin/adSyncContext.pl contextfile=$CONTEXT_FILE
Enter the APPS user password:
Enter the WebLogic AdminServer password:
The log file is /erp_appl/apps/fs1/inst/apps/ERPDEV7_OracleEBSNode2-SecondaryNode/logs/appl/rgf/Mon_Oct_18_12_55_16_2021/adSyncContext.log
- Run autoconfig on DMZ node.
10] Upload the Patch file system context file to the Database:
--------------------------------------------------------------
$ . ./erp_appl/app/EBSapps.env patch
$ADJVAPRG oracle.apps.ad.autoconfig.oam.CtxSynchronizer action=upload
contextfile=/erp_appl/apps/fs2/inst/apps/ERPDEV7_OracleEBSNode2-SecondaryNode/appl/admin/ERPDEV7_OracleEBSNode2-SecondaryNode.xml logfile=/tmp/patchctxupload.log
Here the contextfile=<full path to patch context file>
11] All OracleEBSNode1-PrimaryNode servers entries should be removed from the file, mod_wl_ohs.conf. Take a backup and remove using below command in OracleEBSNode2-SecondaryNode.
Source RUN FS....
appldev@OracleEBSNode2-SecondaryNode: cd /erp_appl/apps/fs1/FMW_Home/webtier/instances/EBS_web_OHS2/config/OHS/EBS_web
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/FMW_Home/webtier/instances/EBS_web_OHS2/config/OHS/EBS_web$ ls -ltr mod_wl_ohs.conf
-rw-r--r-- 1 appldev dba 4004 Oct 17 15:29 mod_wl_ohs.conf
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/FMW_Home/webtier/instances/EBS_web_OHS2/config/OHS/EBS_web$
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/FMW_Home/webtier/instances/EBS_web_OHS2/config/OHS/EBS_web$ cp -p mod_wl_ohs.conf mod_wl_ohs.conf-org
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/FMW_Home/webtier/instances/EBS_web_OHS2/config/OHS/EBS_web$ grep -i OracleEBSNode1-PrimaryNode mod_wl_ohs.conf
WebLogicCluster OracleEBSNode2-SecondaryNode.nizamappsdba.com:7226,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7230,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7229,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7228,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7227,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7226
WebLogicCluster OracleEBSNode2-SecondaryNode.nizamappsdba.com:7426,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7426,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7427
WebLogicCluster OracleEBSNode2-SecondaryNode.nizamappsdba.com:7626,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7626
WebLogicCluster OracleEBSNode2-SecondaryNode.nizamappsdba.com:7826,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7826
Below are the values for OracleEBSNode1-PrimaryNode from above output.
OracleEBSNode1-PrimaryNode.nizamappsdba.com:7230
OracleEBSNode1-PrimaryNode.nizamappsdba.com:7229
OracleEBSNode1-PrimaryNode.nizamappsdba.com:7228
OracleEBSNode1-PrimaryNode.nizamappsdba.com:7227
OracleEBSNode1-PrimaryNode.nizamappsdba.com:7226
OracleEBSNode1-PrimaryNode.nizamappsdba.com:7426
OracleEBSNode1-PrimaryNode.nizamappsdba.com:7427
OracleEBSNode1-PrimaryNode.nizamappsdba.com:7626
OracleEBSNode1-PrimaryNode.nizamappsdba.com:7826
Execute below command in OracleEBSNode2-SecondaryNode by sourcing RUN FS:
----------------------------------------------------
perl $FND_TOP/patch/115/bin/txkSetAppsConf.pl -contextfile=$CONTEXT_FILE -configoption=removeMS -oacore=OracleEBSNode1-PrimaryNode.nizamappsdba.com:7230,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7229,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7228,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7227,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7226 -oafm=OracleEBSNode1-PrimaryNode.nizamappsdba.com:7626 -forms=OracleEBSNode1-PrimaryNode.nizamappsdba.com:7426,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7427 -formsc4ws=OracleEBSNode1-PrimaryNode.nizamappsdba.com:7826
output:
------
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/FMW_Home/webtier/instances/EBS_web_OHS2/config/OHS/EBS_web$ perl $FND_TOP/patch/115/bin/txkSetAppsConf.pl -contextfile=$CONTEXT_FILE -configoption=removeMS -oacore=OracleEBSNode1-PrimaryNode.nizamappsdba.com:7230,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7229,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7228,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7227,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7226 -oafm=OracleEBSNode1-PrimaryNode.nizamappsdba.com:7626 -forms=OracleEBSNode1-PrimaryNode.nizamappsdba.com:7426,OracleEBSNode1-PrimaryNode.nizamappsdba.com:7427 -formsc4ws=OracleEBSNode1-PrimaryNode.nizamappsdba.com:7826
Enter apps schema password :
*** LOG FILE: /erp_appl/apps/fs1/inst/apps/ERPDEV7_OracleEBSNode2-SecondaryNode/logs/appl/rgf/TXK/txkSetAppsConf_10181332.log ***
appldev@OracleEBSNode2-SecondaryNode:/erp_appl/apps/fs1/FMW_Home/webtier/instances/EBS_web_OHS2/config/OHS/EBS_web$
11] in OracleEBSNode2-SecondaryNode:
---------------
-bash-4.4$ sqlplus apps/appsOracleEBSNode1-PrimaryNode @$FND_TOP/patch/115/sql/txkChangeProfH.sql SERVRESP
appldev@OracleEBSNode2-SecondaryNode:~$ sqlplus apps/appsOracleEBSNode1-PrimaryNode @$FND_TOP/patch/115/sql/txkChangeProfH.sql SERVRESP
SQL*Plus: Release 10.1.0.5.0 - Production on Mon Oct 18 13:34:33 2021
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
Changing the hierarchy type for the Profile APPS_WEB_AGENT
Profile APPS_WEB_AGENT hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile APPS_SERVLET_AGENT
Profile APPS_SERVLET_AGENT hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile APPS_JSP_AGENT
Profile APPS_JSP_AGENT hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile APPS_FRAMEWORK_AGENT
Profile APPS_FRAMEWORK_AGENT hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile ICX_FORMS_LAUNCHER
Profile ICX_FORMS_LAUNCHER hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile ICX_DISCOVERER_LAUNCHER
Profile ICX_DISCOVERER_LAUNCHER hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile ICX_DISCOVERER_VIEWER_LAUNCHER
Profile ICX_DISCOVERER_VIEWER_LAUNCHER hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile HELP_WEB_AGENT
Profile HELP_WEB_AGENT hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile APPS_PORTAL
Profile APPS_PORTAL hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile CZ_UIMGR_URL
Profile CZ_UIMGR_URL hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile QP_PRICING_ENGINE_URL
Profile QP_PRICING_ENGINE_URL hierarchy type has been
successfully changed to SERVRESP
Changing the hierarchy type for the Profile TCF:HOST
Profile TCF:HOST hierarchy type has been
successfully changed to SERVRESP
Disconnected from Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
appldev@OracleEBSNode2-SecondaryNode:~$
---(Skip this step)----12. Login to OracleEBSNode1-PrimaryNode from frontend and Set Node%Trust%Level% as external for DMZ node.
-----------------------------------------------------------------------------------------------------------
13 : Login to OracleEBSNode2-SecondaryNode and run below command from RUN FS:
--------------------------------------------------------
appldev@OracleEBSNode2-SecondaryNode:~$ perl $AD_TOP/bin/adSyncContext.pl contextfile=$CONTEXT_FILE
Enter the APPS user password:
Enter the WebLogic AdminServer password:
The log file is /erp_appl/apps/fs1/inst/apps/ERPDEV7_OracleEBSNode2-SecondaryNode/logs/appl/rgf/Mon_Oct_18_14_00_31_2021/adSyncContext.log
appldev@OracleEBSNode2-SecondaryNode:~$
Run autoconfig.
14: At user level : NIZAM@YAHOO.COM (NB: For ISupplier DMZ User: Please change application framework and servlet profile for all iSupplier users, otherwise it will point to production URLs):
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- Login to OracleEBSNode1-PrimaryNode and set below profile values at user level: NIZAM@YAHOO.COM
Apps Servlet Agent : http://OracleEBSNode2-SecondaryNode.nizamappsdba.com:8008/OA_HTML (default value: https://www.nizamappsdba.com:443/OA_HTML)
Application Framework Agent : http://OracleEBSNode2-SecondaryNode.nizamappsdba.com:8008 (default value: https://www.nizamappsdba.com/OA_HTML/AppsLocalLogin.jsp)
15: At the site level profile options for the so-far created supplier users at the user level. And as one-time activity you need to update with DMZ site URL.
-------------------------------------------------------------------------------------------------------------------------------------------------------------
User level: NIZAM@YAHOO.COM
POS: External URL : http://OracleEBSNode2-SecondaryNode.nizamappsdba.com:8008/OA_HTML/OA.jsp?OAFunc=OAHOMEPAGE
(default value at user: https://www.nizamappsdba.com/OA_HTML/OA.jsp?OAFunc=OAHOMEPAGE)
(default value at site : https://www.nizamappsdba.com:443/)
POS: Internal URL : Empty (Default: empty)
16: Stop admin server on patch FS(Master node, if running) : Source patch FS in OracleEBSNode1-PrimaryNode and run below command.
--------------------------------------------------------------------------------------------------------------
bash-4.4$ $INST_TOP/admin/scripts/adadminsrvctl.sh stop forcepatchfs
17] Start the services on OracleEBSNode2-SecondaryNode (Newly added node) :
--------------------------------------------------------
cd $ADMIN_SCRIPTS_HOME --> ./adstrtal.sh
Login to iSupplier by changing the password for isupplier user:
FNDCPASS apps/*** 0 Y system/**** USER NIZAM@YAHOO.COM **********
URL : http://OracleEBSNode2-SecondaryNode.nizamappsdba.com:8008/
USER: NIZAM@YAHOO.COM
password: *********
18] Run adop empty patch cycle from Master node(OracleEBSNode1-PrimaryNode).
Reference:
----------
https://nizamappsdba.blogspot.com/2020/06/step-by-steps-oracle-ebs-dmz-setup-and.html (Step 6 to 15)
Tags:
Oracle Apps DBA
Oracle Apps DBA Troubleshooting
Oracle EBS Cloning
SSL\TLS Certificates Imports