Install Control Center Agent on Oracle Application Server
By qianqian on May 08, 2010
Control Center Agent (CCA)
The Control Center Agent is the OWB component that runs the Template Mappings in the Oracle Containers for J2EE (OC4J) server; also referred to as the J2EE Runtime.
The Control Center Agent provides a Java-based runtime environment that can be installed on Oracle and non-Oracle database hosts. The Control Center Agent provides fundamental infrastructure for the heterogeneous, Code Template-based mapping support and Web services-related features of OWB in this release.
In Oracle Warehouse Builder 11gR2 the Control Center Agent, by default will run in the built-in OC4J that is bundled in the Oracle Home. Besides that, you also have ability to install the Control Center Agent in an Oracle Application Server install. In this article, you will find step-by-step instructions how to install the Control Center Agent on an Oracle Application Server instance.
The instructions cover the following tasks:
- Task 1: Install and Configure the Application Server
- Task 2: Deploy the Control Center Agent to the Application Server
- Task 3: Optional Configuration Tasks
Task 1: Install and Configure the Application Server
Before configuring the Application Server, you need to install it from Oracle Application Server CD-ROM, or by downloading the installation program from Oracle Technology Network (OTN).
Once the installation is completed, you are ready to configure the Application Server. The purpose of the configuration task is to make sure the Control Center Agent ear file can be deployed and runs in the Application Server successfully. The essential configuration tasks are outlined below:
· Modify the OC4J Startup Script
· Set up Control Center Agent Server Side Logging
· Set up Audit Table Data Source
· Copy ct_permissions.properties File
· Set up Security Roles for Control Center Agent
· Create JMS Queues
· Install JDBC Drivers to OC4J
Modify the OC4J Startup Script
The OC4J startup script "opmn.xml" is located in Application Server configuration directory, $AS_HOME/opmn/conf. $AS_HOME stands for the root home directory of the application server. Open the file opmn.xml in a text editor, and alter the contents of the file as displayed in the following sample.
You need to make sure that:
- The MaxPerSize is set to 128M. This is to ensure that you allocate enough PermGen space to OC4J to run Control Center Agent. This will prevent java.lang.OutOfMemoryError when running the agent.
- The Python.path sets the path for the Python library files used by the Control Center Agent: jython_lib.zip and jython_owblib.jar. These two files are in the $OWB_HOME/owb/lib/int directory, where $OWB_HOME is the directory where owb is installed.
· The km_security_needed determines whether restrictions will be applied to the kinds of operating system commands allowed to be executed by the OWB Code Template script executed by Control Center Agent. Setting km_security_needed to "true" enforces such restriction while setting it to "false" removes such restrictions.
Set up Control Center Agent Server Side Logging
Ensure that you are in the Application Server configuration directory, $AS_HOME/j2ee/home/config. Open the file j2ee-logging.xml in a text editor and add the following lines to the log handler section. The jrt-internal-log-handler is the handler used by Control Center Agent runtime logger to create log files.
Then add the following entry into the loggers section to create the logger for Control Center Agent runtime auditing.
Set up Audit Table Data Source
To enable Audit Table logging, a managed data source and connection pool need to be set up before Control Center Agent deployment. Ensure that you are in the Application Server configuration directory, $AS_HOME/j2ee/home/config. Open the file data-sources.xml in a text editor. Define the audit data source shown below in the file,
<managed-data-source name="AuditDS" connection-pool-name="OWBSYS Audit
Connection Pool" jndi-name="jdbc/AuditDS"/>
<connection-pool name="OWBSYS Audit Connection Pool">
Copy ct_permissions.properties File
The ct_permissions.properties can be obtained from $OWB_HOME /owb/jrt/config/ directory. You need to copy the file to $AS_HOME/j2ee/home/config directory.This properties file takes effect when the setting km-security is set to true in Control Center Agent.
By default the ALLOWED_CMD is commented out in ct_permissions.properties file. This prevents all system command from being invoked from scripts executed in Control Center Agent (when km-security is set to true). To allow certain system commands to be invoked, ALLOWED_CMD needs to be uncommented out, and the system commands (allowed to be invoked) need to be added to the ALLOWED_CMD.
Set up Security Roles for Control Center Agent
You can set up the Control Center Agent security roles through Oracle Enterprise Manager. In a web browser, navigate to Enterprise Manager Homepage (e.g. http://hostname:8889/em).
1. Log in using the oc4jadmin credentials. After the Cluster Topology page is loaded, click home (the OC4J instance). This takes you to the home page of the OC4J instance. On the OC4J home screen, click the Administration tab. On the Administration Tasks screen, expand Security. Click the task icon next to Security Providers.
2. On Security Providers page click on the button "Instance Level Security". On Instance Level Security page, go to "Realms" tab. You will see a row for the default realm "jazn.com" in the results table. It has a "Roles" column and a "Users" column. Click on the number in "Roles" column. In the "Roles" page it will display all the roles available for the realm. Click on "Create" button to create a new role "OWB_J2EE_ EXECUTOR".
3. On the Add Role screen, enter Name OWB_J2EE_EXECUTOR, and click OK.
4. Follow the same steps as before, and create a new role "OWB_J2EE_OPERATOR".
5. Assign role "oc4j-administrators" and "OWB_J2EE_EXECUTOR" to the role "OWB_J2EE_OPERATOR" by moving these roles from "Available Roles" and click "OK" to save.
6. Go back to Instance Level Security page and create a new role "OWB_J2EE_ADMINISTRATOR".
7. Assign roles "OWB_J2EE_ OPERATOR" and "OWB_J2EE_EXECUTOR" to the role "OWB_J2EE_ ADMINISTRATOR" by moving these roles from "Available Roles" and click "OK" to save.
8.Go back to Instance Level Security page. This time, click on the number in "Users" column for the realm "jazn.com". In the "Users" page, it shows all the users defined for this realm. Locate the user "oc4jadmin" in the results table and click on it.
9. Assign the roles "OWB_J2EE_ADMINISTRATOR" and "oc4j-app-administrators" to this user by moving the role from the "Available Roles" selection box to "Selected Roles" box and click "Apply" to save.
10. Go back to Instance Level Security page and create a new role "OWB_INTERNAL_USERS", assign no user or role to this role. Simply click "OK" to create this role.
Now you have finished creating the security roles required for Control Center Agent.
Create JMS Queues
You need to create two JMS queues for Control Center Agent: owbQueue and abort_owbQueue.
1. Now go to OC4J home Page. On the OC4J home screen, click the Administration tab. On the Administration Tasks screen, expand Services and then expand Enterprise Messaging Service. Click the task icon next to JMS Destinations.
2. On JMS Destinations page, click "Create New" button to create a new JMS queue. On Add Destination page, choose "Queue" as Destination Type. Put "owbQueue" as Destination Name. Select "In Memory Persistence Only" as the Persistence Type and put "jms/owbQueue" as JNDI Location and click on "OK" to finish.
3. Follow the same instruction as above to create the owb_abortQueue.
Now you have finished creating the JMS queues required for Control Center Agent.
Install JDBC Drivers to OC4J
In order to execute Code Templates using commercial databases other than Oracle, e.g. DB2, SQL Server etc, the corresponding jdbc driver files need to be added to $AS_HOME/j2ee/home/applib directory.
1. To install other JDBC drivers to OC4J, first obtain the .jar file containing the JDBC driver. All the external JDBC drivers .jar files can be found in the directory: $OWB_HOME/owb/lib/ext/. For DB2, the files needed are db2jcc.jar and db2jcc_license_cu.jar. For SQL Server the file is sqljdbc.jar. For sunopsis JDBC drivers, the file needed is snpsxmlo.jar.
2. Copy the required JDBC driver file into the directory $AS_HOME/j2ee/home/applib.
Now you have finished the Application Server configuration. To make the configuration to take an effect, you need to restart the Application Server.
Task 2: Deploy the Control Center Agent to the Application Server
Now you can deploy the Control Center Agent to the Application Server. In a web browser, navigate to Enterprise Manager Homepage (e.g. http://hostname:8889/em).
1. Log in using the oc4jadmin credentials. After the Cluster Topology page is loaded, click home (the OC4J instance). This takes you to the home page of the OC4J instance. On the OC4J home screen, click the Applications tab. Click Deploy to begin deploying Control Center Agent.
2. On the Deploy: Select Archive screen, under Archive, select Archive is present on local host. Upload the archive to the server where Application Server Control is running. Click Browse and locate the
jrt.ear file in the $OWB_HOME/owb/jrt/applications directory. Under Deployment Plan, select Automatically create a new deployment plan. Click Next.
3. Wait for the ear file to be uploaded to Application Server. On the Deploy: Application Attributes screen, enter Application Name jrt, and Context Root jrt. Leave the other attributes at their default values. Click Next.
4. On Deploy: Deployment Settings screen, leave all attributes at their default values, and click Deploy. This will take about 1 minute or so and when the application is deployed successfully, a confirmation message will be displayed.
Now the Control Center Agent is started automatically. Go back to OC4J home page and click on Applications tab to make sure the deployed application jrt is showing in the applications list.
Task 3: Optional Configuration Tasks
The optional configuration tasks contain:
· Secure Control Center Agent Web Service
· Setting the PATH Environment Variable
Secure Control Center Agent Web Service
If you want to use JRTWebService with a secure website, you need to do the following steps,
1. Create a file "secure-web-site.xml" in the $AS_HOME/j2ee/home/config directory. The file can be obtained from $OWB_HOME/owb/jrt/config directory. A sample secure-web-site.xml is shown as below. We need to modify the "protocol" to "https", and "secure" to "true", also choose an port as the secure http port. Also we need to add the entry "ssl-config" in the file. Remember to use the absolute path for the key store file.
2. Modify the file "server.xml" that is located at $AS_HOME/j2ee/home/config directory. Then add the <web-site> element in the file for the secure-web-site.
3. Create a key store file "serverkeystore.jks" in the $AS_HOME/j2ee/home/config directory. The file can be obtained from $OWB_HOME/owb/jrt/config directory.
After the three files are altered, restart the application server. Now you can access the JRTWebService in SSL way through https://hostname:4443/jrt/webservice.
Setting the PATH Environment Variable
Sometimes, some system commands such as linux ls, sh etc, can not be executed successfully during the script execution due to they are not found in PATH. To ensure they work normally, you can setup the environment variable PATH. Let's navigate to the Enterprise Manager Homepage.
1. Go to OC4J home screen and click the Administration tab. Expand Administration Tasks, then expand Properties. Click the task icon next to Server Properties.
2. On the Server Properties screen, scroll down to Environment Variables section. Under Environment Variables, click Add Another Row. Enter PATH in Name, and fill Value with directories that contain the system commands. Click Apply.
After you work through this article, I believe you have developed a deeper understanding of the Control Center Agent installation process, and you can apply this knowledge in other installation plan such as Control Center Agent installation on Standalone OC4J.