X

@OracleIMC Partner Resources & Training: Discover your Modernization options + Reach new potential through Innovation

How to provision an Oracle SOA CS Instance in the new Oracle Cloud Infrastructure (OCI) - part 1

Alexandru Dinea
Oracle EMEA A&C Cloud Adoption & Implementation Consultant

Introduction

Oracle SOA Suite is a comprehensive, standards-based software suite to build, deploy and manage integration following the concepts of service-oriented architecture (SOA). The components of the suite benefit from consistent tooling, a single deployment and management model, end-to-end security and unified metadata management. Oracle SOA Suite helps businesses lower costs by allowing maximum re-use of existing IT investments and assets, regardless of the environment (OS, application server, etc.) they run in, or the technology they were built upon. It is easy-to-use, re-use focused, unified application development tooling and end-to-end lifecycle management support further reduces development and maintenance cost and complexity.

Oracle SOA Cloud Service provides an integration platform as a service (iPaaS) so that you can quickly provision your new platform, start developing and deploying your APIs and integration projects and provide real-time analytics as you transition to Digital Business. It provides complete access to the SOA Suite software, so that administrators can tune, configure, and monitor the SOA environment.

In this blog miniseries, I will show how to successfully provision your Oracle SOA CS Instance in the new OCI to start integrating your on premise and cloud applications.

In this first part, I will cover all the prerequisites that have to be met in order to ensure a successful provisioning of a new SOA CS instance. In the second part I will cover the entire creation process of a new SOA CS instance plus a verification to see if you built the correct Object Storage URL.

 

Prerequisite: Create a new Database in OCI

To successfully provision an Oracle SOA CS Instance, you must first create a new Database in Oracle Cloud Infrastructure. In order to accomplish this task, you must have a Compartment and a Virtual Cloud Network (VCN) or create them. By default, when you receive your Oracle Cloud Account you should already have a Compartment and a VCN created for you.

 

Create a new Compartment

  1. Open the navigation menu. Under Governance and Administration, go to Identity and click Compartments.
  2. Click Create Compartment.
  3. Enter the following:
    • Name: Enter a name (required), for example "SOACSCompartment".
    • Description: Enter a description (required), for example: "Compartment for SOACS Resources".
  1. Click Create Compartment.

Your compartment is displayed in the list.

  1. Switch to your new compartment by selecting it from the Compartment list on the left side of the Console.

 

 

Create a new VCN

  1. Open the navigation menu. Under Core Infrastructure, go to Networking and click Virtual Cloud Networks.

Ensure that the “SOACSCompartment” compartment (or the compartment designated for you) is selected in the Compartment list on the left.

  1. Click Create Virtual Cloud Network.
  2. Enter the following:
    • Create in Compartment: This field defaults to your current compartment. Select the “SOACSCompartment” compartment you created earlier in order to create the VCN in, if not already selected.
    • Name: Enter a name for your cloud network. In this case, I am using the “SOACSVCN” name.
    • Select Create Virtual Cloud Network Plus Related Resources. The dialog expands to list the items that will be created with your cloud network.
    • Accept the defaults for any other fields.
  3. Scroll to the bottom of the dialog and click Create Virtual Cloud Network.

 

.

.

.

 

Create a new Database in OCI

  1. Open the navigation menu. Under Database, click Bare Metal, VM, and Exadata.
  2. Choose your “SOACSCompartment” Compartment that you created on the left side, if not already selected.
  1. Click Create DB System.
  2. In the Create DB System page, enter the following:

DB System Information

    • Select your compartment: Choose the compartment in which the database will be created. In my case, I select “SOACSCompartment” compartment.
    • Name your DB system: A friendly, display name for the DB system. The name doesn't need to be unique. An Oracle Cloud Identifier (OCID) will uniquely identify the DB system. In my case, I am using the “SOACSDBSystem” name.
    • Select an availability domain: The availability domain in which the DB system resides. Use the default option selected – “AD-1”.
    • Select a shape type: The type of shape to use to launch the DB system. Choose “Virtual Machine”.
    • Select a Shape: The shape to use to launch the DB system. The shape determines the type of DB system and the resources allocated to the system. In my case, I am using “VM.Standard2.1” – only choose options ending with “2.X”, options ending with “1.X” are obsolete and will be deprecated.
    • Configure the DB system
      • Total node count: Virtual machine DB systems only. The number of nodes in the DB system. The number depends on the shape you select. You can specify 1 or 2 nodes for virtual machine DB systems, except for “VM.Standard2.1” which is a single-node DB system.
      • Oracle Database software edition: The database edition supported by the DB system. In my case, I am using “Standard Edition”.
    • Choose Storage Management Software: Choose the storage management software you want to use depending on your requirements. In my case, I am using the default option – “Oracle Grid Infrastructure”.
    • Configure Storage
      • Available Storage Size (GB): Virtual machine DB systems only. The amount of Block Storage you wish to allocate to the virtual machine DB system. You can allocate the lowest amount of 256 GB. Depending on your requirements please increase when necessary.
    • Add public SSH Keys: The public key portion of the key pair you want to use for SSH access to the DB system. You have the option to “Upload SSH key files” or “Paste SSH keys”.
    • Choose a license type: The type of license you want to use for the DB system. Your choice affects metering for billing. You can choose “BYOL”.
      • License Included means the cost of the cloud service includes a license for the Database service.
      • Bring Your Own License (BYOL) means you are an Oracle Database customer with an Unlimited License Agreement or Non-Unlimited License Agreement and want to use your license with Oracle Cloud Infrastructure.
    • Specify the network information
      • Virtual Cloud Network: The VCN in which to launch the DB system. I my case, I am using the “SOACSVCN”.
      • Client Subnet: The subnet to which the bare metal or virtual machine DB system should attach. You can select the only option from the list.
      • Hostname Prefix: Your choice of host name for the bare metal or virtual machine DB system. In my case, I am using the “soacsdb” name.
    • Click on the blue Next button to go to “Database Information”.

Important!
The host name must be unique within the subnet. If it is not unique, the DB system will fail to provision.

    • Host Domain Name: The domain name for the DB system.
    • Host and Domain URL: Combines the host and domain names to display the fully qualified domain name (FQDN) for the database.

     

 

Database Information

    • Database name: The name for the database. In my case, I am using the “SOACSDB” name.
    • Database Version: The version of the initial database created on the DB system when it is launched. In my case, I am using the “12.2.0.1” version.
    • PDB Name: Not applicable to version 11.2.0.4. The name of the pluggable database. Specify the PDB Name – in my case, I am using the “PDB1” name.
    • Create administrator credentials
      • Username: The administrator name of the user – sys.
      • Password: A strong password for SYS, SYSTEM, TDE wallet, and PDB Admin.
        • Password must be 9 to 30 characters and contain at least 2 uppercase, 2 lowercase, 2 special, and 2 numeric characters. The special characters must be _, #, or -.
      • Confirm Password: Re-enter the Database Admin Password you specified.
    • Select workload type: not applicable for Standard Edition.
    • Configure database backups
      • You can check the Enable automatic backups
      • (Optional) If you enable automatic backups, you can choose one of the following Backup retention period: 7 days, 15 days, 30 days, 45 days or 60 days. The default selection is 30 days.
      • (Optional) If you enable automatic backups, you can choose one of the options for Backup scheduling (UTC). The default selection is Anytime.
  1. Click on the blue Create DB System blue button. 
    The DB system appears in the list with a status of Provisioning. The DB system's icon changes from yellow to green (or red to indicate errors).
  2. Wait for the DB system's icon to turn green, with a status of Available, and then click the highlighted DB system name.

Details about the DB system are displayed.

 

Prerequisite: Create specific policies

Next, you must create policies to ensure that the SOA CS Installer has access to the resources defined in the compartment you created. A policy is a document that specifies who can access which Oracle Cloud Infrastructure resources that your company has, and how. A policy simply allows a group to work in certain ways with specific types of resources in a particular compartment.

Prerequisite: The group and compartment that you're writing the policy for must already exist.

  1. Open the navigation menu. Under Governance and Administration, go to Identity and click Policies.
    A list of the policies in the compartment you're viewing is displayed.
  2. If you want to attach the policy to a compartment other than the one you're viewing, select the desired compartment from the list on the left.
  3. Click the Create Policy blue button.
  4. Enter the following:
    • Name: A unique name for the policy. The name must be unique across all policies in your tenancy. You cannot change this later. In my case, I am using the “VCN_Policy” name.
    • Description: A friendly description. You can change this later if you want to. In my case, I am using the “VCN resources need to be seen by PSM service”.
    • Policy Versioning: Select Keep Policy Current if you'd like the policy to stay current with any future changes to the service's definitions of verbs and resources. Or if you'd prefer to limit access according to the definitions that were current on a specific date, select Use Version Date and enter that date in format YYYY-MM-DD format. In my case, I am using the “Keep Policy Current” option.
    • Statement: A policy statement. You must add “Allow service PSM to inspect vcns in compartment SOACSCompartment”
    • Tags: Optionally, you can apply tags. If you have permissions to create a resource, you also have permissions to apply free-form tags to that resource.
  5. Click the blue Create button.

The new policy will go into effect typically within 10 seconds.

 

You must create another 5 policies having the following:

Name

Description

Statement

Subnet_Policy

Subnet resources need to be seen by PSM service

Allow service PSM to use subnets in compartment SOACSCompartment

VNICS_Policy

VNICS resources need to be seen by PSM service

Allow service PSM to use vnics in compartment SOACSCompartment

Security_Lists_Policy

Security Lists resources need to be seen by PSM service

Allow service PSM to manage security-lists in compartment SOACSCompartment

Database_Policy

Database resources need to be seen by PSM service

Allow service PSM to inspect database-family in compartment SOACSCompartment

Autonomous_Database_Policy

Autonomous Database resources need to be seen by PSM service

Allow service PSM to inspect autonomous-database in compartment SOACSCompartment

 

The final result should look like this:

 

As mentioned above, the policies should have an unique name, a friendly description and the following statements:

Allow service PSM to inspect vcns in compartment <<SOADBCompartment>>

Allow service PSM to use subnets in compartment <<SOADBCompartment>>

Allow service PSM to use vnics in compartment <<SOADBCompartment>>

Allow service PSM to manage security-lists in compartment <<SOADBCompartment>>

Allow service PSM to inspect database-family in compartment <<SOADBCompartment>>

Allow service PSM to inspect autonomous-database in compartment <<SOADBCompartment>>

where SOADBCompartment is the name of your compartment in which you created the database to be used by SOA CS. In my case, I am using the “SOACSCompartment”.

 

Prerequisite: Create a new object storage

In the Oracle Cloud Infrastructure Object Storage service, a bucket is a container for storing objects in a compartment within an Object Storage namespace. A bucket is associated with a single compartment. The compartment has policies that indicate what actions a user can perform on a bucket and all the objects in the bucket.

  1. Open the navigation menu. Under Core Infrastructure, click Object Storage.
  2. Choose the compartment for your new bucket.

A list of existing buckets is displayed.

  1. Click Create Bucket.
  2. In the Create Bucket dialog box, specify the attributes of the bucket:
    • Bucket Name: The system generates a default bucket name that reflects the current year, month, day, and time, for example bucket-20191104-1639. In my case, I am using the “SOACSBucket” name.
    • Storage Tier: Select the tier in which you want to store your data. Available tiers include:
      • Standard is the primary, default Object Storage tier for storing frequently accessed data that requires fast and immediate access.
      • Archive is a special tier for storing infrequently accessed data that requires long retention periods.
      • In my case, I am using the “Standard” option.
    • Encryption: Buckets are encrypted with keys managed by Oracle by default, but you can optionally encrypt the data in this bucket using your own Key Management encryption key. In my case, I am using the “Encrypt using Oracle Managed Keys” option.
    • Tags: Optionally, you can apply tags.
  3. Click the blue Create Bucket button.

The bucket is created immediately and you can add objects to it.

 

 

Prerequisite: Create a new OCI user

You must create a new user from the OCI Console in order to access the Bucket that you have previously created. The reason for this is that IDCS Federated Users are not supported. If you already have a user created you can move directly to the next step.

  1. Open the navigation menu. Under Governance and Administration, go to Identity and click Users.
    A list of the users in your tenancy is displayed.
  2. Click Create User.
  3. Enter the following:
    • Name: A unique name or email address for the user. In my case, I am using the “soacs.user” name.
    • Description: This could be the user's full name, a nickname, or other descriptive information. You can change this later if you want to. In my case, I am using the “SOACS User”.
    • Email: Enter an email address for the user. In my case, I am not entering any emails.
    • Tags: Optionally, you can apply tags.
  4. Click the blue Create button.

 

 

Next, you need to give the user permissions by adding them to at least one group. Make sure you add the newly created user to the “Administrators” Group.

  1. Open the navigation menu. Under Governance and Administration, go to Identity and click Users.
    A list of the users in your tenancy is displayed.
  2. Locate the user in the list.
  3. Click the user.
    Its details are displayed.
  4. Click Groups.
  5. Click Add User to Group
  6. Select the group from the drop-down list, and then click Add.

 

Finally, for the new created user, you must generate an Authentication Token. This will represent the password of the user when accessing the bucket.

VERY IMPORTANT! Please make sure to copy the Authentication Token as soon as it is generated to a safe location. Otherwise, you cannot find out the value of the Authentication Token and you must create another one. Keep in mind that each user can have up to two Authentication Tokens at a time.

  1. Open the navigation menu. Under Governance and Administration, go to Identity and click Users.
    A list of the users in your tenancy is displayed.
  1. Locate the user in the list.
  1. Click the user.
    Its details are displayed.
  1. On the Auth Tokens page, click Generate Token.
  1. Enter a friendly description for the authentication token. Avoid entering confidential information.
  1. Click Generate Token. The new authentication token is displayed.
  1. Copy the authentication token immediately to a secure location from where you can retrieve it later, because you won't see the authentication token again in the Console.
  1. Close the Generate Token dialog.

 

  

 

Now that all prerequisites have been met, please stay tuned for part 2 where I will showcase how you can create a SOA CS instance. I will also cover an optional verification step to ensure that you have the correct Object Storage URL.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.