Oracle WebLogic Server · version 1.6.0_05) WebLogic Server The WebLogic Server components included in a complete WebLogic Server installation, with the exception of the following,

Oracle® WebLogic ServerOracle WebLogic Server on Amazon EC2 Reference

Release 10gR3 for Amazon EC2 - AMI Version 1.0

Revision 1.0

January 2009

Oracle WebLogic Server on Amazon EC2 Reference, Release 10gR3 for Amazon EC2 - AMI Version 1.0

Copyright © 2007, 2008, 2009 Oracle and/or its affiliates. All rights reserved.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:

U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065.

This software is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications which may create a risk of personal injury. If you use this software in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure the safe use of this software. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software in dangerous applications.

Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

This software and documentation may provide access to or information on content, products and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.

Oracle WebLogic Server on Amazon EC2

The WebLogic Server Amazon Machine Image (AMI) provides the software necessary to easily deploy Oracle WebLogic Server applications in the Amazon Elastic Compute Cloud (EC2).This document describes how to access and use the WebLogic Server AMI on Amazon EC2. Topics include:

Roadmap for Using the WebLogic Server AMI

WebLogic Server AMI Contents

Security Considerations

Guidelines for Using WebLogic Server

Related Information

Oracle WebLogic Server on Amazon EC2 Reference 1

Roadmap for Using the WebLogic Server AMIThe following section summarizes the overall process for using the WebLogic Server AMI on Amazon EC2.

Table 1 Roadmap for Using the WebLogic Server AMI

Step Description

1. Familiarize yourself with the contents of the WebLogic Server AMI.

The WebLogic Server AMI contains an OS, JDK, and WebLogic Server. For details about the WebLogic Server AMI, see “WebLogic Server AMI Contents” on page 5.

2. Ensure that you have satisfied all the Amazon EC2 prerequisites.

Before deploying a WebLogic Server EC2 instance using the WebLogic Server AMI, you need to ensure that you have signed up for Amazon EC2 and set up your EC2 environment.

Amazon provides two mechanisms for interfacing with the Amazon EC2 Web site: • Using command line tools provided by Amazon.• Using Elasticfox, which is an extension to Mozilla Firefox that allows

you to interact with the Amazon EC2 Web site using a browser-based interface.

For details about getting started using Amazon EC2, and obtaining and using the EC2 interfaces, see the Amazon EC2 Web site at http://aws.amazon.com/ec2/.

3. Create SSH keypair. Administrative access to the WebLogic Server AMI EC2 instance requires use of the SSH protocol and an SSH keypair. You must create an SSH keypair before you can launch and log into the instance. For more information, see “Security Considerations” on page 6.

4. Define firewall rules for network access.

Before launching the WebLogic Server AMI EC2 instance, you should determine the ports on which you want to authorize network access to the instance.

For more information, see “Providing Network Access Using EC2 Security Groups” on page 7.

2 Oracle WebLogic Server on Amazon EC2 Reference

5. Find the AMI ID and manifest for the WebLogic Server AMI to be used.

Go to the “AMIs by Provider - Oracle” on the Amazon AWS Web site at http://developer.amazonwebservices.com/connect/kbcategory.jspa?categoryID=205 to find the AMI ID and manifest for the following WebLogic Server AMIs:• Oracle WebLogic Server 10g Release 3 - 32 Bit• Oracle WebLogic Server 10g Release 3 - 64 Bit

6. Launch the instance of the AMI.

The procedures for launching an EC2 instance are the same for all AMIs. For details, refer to the documentation on the Amazon Web site at http://aws.amazon.com/documentation/.

You can launch the instance using the command line API or the browser-based Elasticfox interface.

Note the following when launching the instance using the WebLogic Server AMI:• You do not need to specify AKI and ARI IDs because default values are

embedded in the WebLogic Server AMI metadata. Oracle recommends that you do not override these values.

• The value of m1.small should be sufficient as the instance type for most 32-bit WebLogic Server applications. If you are using the 64-bit AMI, you should choose an instance type that supports 64-bit, for example m1.large.For details about the CPUs, memory, and storage capacity for each instance type, see the Amazon EC2 documentation at http://aws.amazon.com/documentation/.

• You must specify the SSH keypair to access the WebLogic Server AMI instance. For more information, see “Security Considerations” on page 6.

• You can launch the instance in the default EC2 security group, or in a group that you created. For more information, see “Providing Network Access Using EC2 Security Groups” on page 7.

7. Establish the connection to the instance using an SSH client.

After the instance is up and running, you must use an SSH client to establish a connection to the instance by specifying the following information:• The public DNS name• The private key of the SSH keypair that was used to launch the machine

Table 1 Roadmap for Using the WebLogic Server AMI

Step Description

Oracle WebLogic Server on Amazon EC2 Reference 3

8. Login as root Once you have established the connection, you must login as root. If the private-key based authentication was successful, you are not prompted for a password. If you want to allow a password-based login on subsequent logins, you can modify the configuration. For more information, see “Security Considerations” on page 6.

9. Accept the license agreement.

On your initial login, you are presented with an Oracle license agreement. You must accept the terms of the license to use the WebLogic Server AMI. On subsequent logins as root, you are not prompted to accept the agreement.

10. Use WebLogic Server on EC2.

Once you have accepted the license agreement, your WebLogic Server runtime environment is essentially the same as a standard, headless Linux environment.

You will be prompted by the JumpStart Tool to choose one of the following options: • Start an Administration Server in the WebLogic Server default domain. • Create a new WebLogic Server domain using the WebLogic Domain

Configuration Wizard.• Use other WebLogic Server tools, such as the pack command, to deploy

your domain and applications.

For more information, see “Guidelines for Using WebLogic Server” on page 7.

11. Preserve your instance for subsequent use.

It is important to note that anything you do to populate a server on an instance is lost if the instance is shut down or fails. Therefore, after you populate the server on your instance, you may want to preserve it so that you can reuse the same configuration on a subsequent startup of an instance.

To preserve your data and patches, you can do either of the following:• Create a snapshot of the image that is currently booted and bundle the

snapshot into a new AMI using Amazon-provided tools. • Attach the running EC2 instance to personal storage in the Amazon

Elastic Block Store (EBS). You can choose to create the domain directly on your attached EBS volume or you can configure the domain in the EC2 instance-scoped storage, and then back it up to your volume.

For instructions on how to bundle an AMI and use the EBS, refer to the documentation on the Amazon Web site at http://aws.amazon.com/documentation/.

Table 1 Roadmap for Using the WebLogic Server AMI

Step Description

4 Oracle WebLogic Server on Amazon EC2 Reference

WebLogic Server AMI ContentsTable 2 lists the software components and the associated version numbers that are contained in the WebLogic Server AMI.

Table 2 WebLogic Server AMI Contents

Component Description Version Number

OEL JeOS Operating System

OEL JeOS is a headless version of the Oracle Enterprise Linux 5.2 Operating System.

Oracle Enterprise Linux 5.2 JeOS-1.0.1-6

JRockit JDK JRockit provides the Java run-time environment for the WebLogic Server instances. The JRockit components/features provided in the following directories are not included in the AMI:• /demo

• /missioncontrol

• /sample

• src.zip

• /bin/console

• /bin/jrmc

JRockit JDK 6.0 R27.6 (Java version 1.6.0_05)

WebLogic Server The WebLogic Server components included in a complete WebLogic Server installation, with the exception of the following, are included in the AMI:• Server Examples• WebLogic Web Server Plug-ins• Both Workshop components

WebLogic Server 10.3.0.0

Directory StructureThe directory structure in the AMI is similar to a typical Linux file system.Under the standard Linux root file system, you will also find the following directories:

/opt/oracle—Contains both the JRockit JDKand WebLogic Server product components. This directory should be reserved for the JRockit and WebLogic Server product components; you should not create or transfer domains into this directory.

Oracle WebLogic Server on Amazon EC2 Reference 5

/mnt—Default storage provided for each AMI instance in EC2. Although this directory provides a significant amount of storage available for use by the instance, all of the contents are destroyed when the instance is shut down or fails.

Note: You can also mount Amazon EBS volumes to your instance.

Security ConsiderationsBy default, the WebLogic Server AMI is configured to allow root login using SSH public/private key authentication only. Therefore, when launching an EC2 instance from the WebLogic Server AMI, you must specify a previously created SSH keypair to enable SSH login by the root user. For information about creating the SSH keypair and logging into the instance, see the Amazon EC2 documentation at http://aws.amazon.com/documentation/.When the instance launches, the oracle-ec2-config script retrieves the SSH public key for the root user from the EC2 metadata and installs it in the ssh/authorized_keys file for the root login. The root user must use an SSH client and specify the corresponding private key to login into the instance without using a password.For subsequent logins, you can modify the SSH configuration to allow root access using a password. To do so:

1. Change the PermitRootLogin parameter in the /etc/ssh/sshd_config file from:

PermitRootLogin without-password

to:

PermitRootLogin yes

2. Restart the sshd service.

SSH AccessOn subsequent connections using the SSH client, you may choose to use password-based login instead of using private-key based authentication.

Changing the Root PasswordThe root password is randomized on first startup of the EC2 instance. If you have modified the SSH configuration to allow login using a password, you can change the root password using standard OS mechanisms.

Note: By default, root is the only user available in the AMI. If you want to run WebLogic Server as a non-root user, you must first create the user.

6 Oracle WebLogic Server on Amazon EC2 Reference

Providing Network Access Using EC2 Security GroupsThe default EC2 security group is configured to open the standard SSH and HTTP ports, 22 and 80, respectively. You can modify the default port settings in this group to further restrict external access to the instance, or to open additional ports. Alternatively, you can create a separate EC2 security group that opens only the ports to which you want to provide access, and then use that security group to launch your instance. For example, you may want to create a WebLogic EC2 security group that opens the default SSH port (22), the default HTTP/S ports (80,443), and the default ports used to access the WebLogic Server Administration Console (7001,7002). If you do so, you can choose to launch the instance in the new group.For details on controlling port access, refer to EC2 documentation on the Amazon AWS Web site at http://aws.amazon.com/documentation.

WebLogic Server SecurityTo ensure the most secure environment for running WebLogic Server on EC2, you should take the same basic security measures required for a non-EC2 implementation of WebLogic Server. For information about securing WebLogic Server, please refer to the WebLogic Server documentation at http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.html.

Guidelines for Using WebLogic ServerOnce you have logged into the AMI instance, you can use WebLogic Server just as if you were working in a standard, headless Linux production environment.

Note: The JeOS operating system is headless and does not provide a GUI. Therefore, if you attempt to execute a program that requires a local GUI, such as QuickStart, you will get a headless exception.

A JumpStart tool presents the options to start an Administration Server in a default domain, launch the Domain Configuration Wizard, or use other WebLogic Server tools to deploy your domain and applications. For details about using WebLogic Server, please refer to the WebLogic Server documentation at http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.html.

Oracle WebLogic Server on Amazon EC2 Reference 7

Starting the Administration Server in the Default DomainThe JumpStart Tool provides an option to start the Administration Server that is packaged in a default domain in the /mnt/domains/default_domain directory. When you choose the first JumpStart option, the Administration Server is started in the background on port 7001. Once the Administration Server is started, you can tail (i.e., view) the standard output, which is redirected to the default_domain directory: /mnt/domains/default_domain/AdminServer.out. The Administration Server is fully up and running when the “Server started in RUNNING state” message appears in the standard out. At that point, you can connect to the running server using the Administration Console at the URL provided by the JumpStart tool, which is http://machine-host:7001/console. The machine-host name depends on the virtual machine that is created. For example, a similar Amazon Cloud URL could look like this:http://ec2-75-101-234-183.compute-1.amazonaws.com:7001/console You can log into the Administration Console using the default WebLogic Server administrator user name and password of weblogic/weblogic. Oracle recommends that you change the WebLogic Server administrator password as soon as possible.To view the configuration details of the default domain, you can refer to the WebLogic Server configuration file (config.xml) in the /mnt/domains/default_domain/config directory. You can also restart the JumpStart Tool at any time by typing wls_jumpstart from the command-line.

Creating a New WebLogic DomainOne of the main differences between running WebLogic Server on JeOS and a standard Linux is that the JeOS operating system is headless and does not provide a GUI. Therefore, if you choose to create a new WebLogic domain, you need to run the Domain Configuration Wizard in console mode. You can do so by selecting the second JumpStart option, or by using the following command:/opt/oracle/weblogic/common/bin/config.sh -mode=console

For information about creating domains using the Domain Configuration Wizard, see Creating WebLogic Domains Using the Configuration Wizard at http://download.oracle.com/docs/cd/E12840_01/common/docs103/confgwiz/index.html.

Note: If you have attached an EBS volume to your EC2 instance, you may want to create the domain on that volume. Alternatively, you can create it in /mnt. If you do so, you may want to back it up to your EBS volume before you shut down the instance to avoid losing all of the data.

8 Oracle WebLogic Server on Amazon EC2 Reference

Transferring an Existing DomainIf you choose to transfer an existing domain from another machine to the EC2 instance, you can do so using the same methods that you use in a non-EC2 environment. For example, one method to transfer the domain is to use the pack command to create a template jar file that contains a snapshot of your domain, copy the jar file to the EC2 instance using an SSH-compatible file transfer client such as scp or sftp, and unpack it on the EC2 instance using the unpack command.

Accessing the WebLogic Server Administration ConsoleTo access your running instance using the WebLogic Server Administration Console, you must enable access to the port on which the Administration Server is listening for requests (7001 by default). For more information, see “Providing Network Access Using EC2 Security Groups” on page 7.

Using WebLogic Server Clustering on EC2Multicast is not supported in the EC2 environment. For information about using other supported WebLogic Server clustering methods, see “Using Clusters” in the WebLogic Server documentation at http://download.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/features.html.

Service MigrationMounting of an Elastic Block Store (EBS) block level storage volume to multiple AMI instances is not currently supported in the EC2 environment. As a result, service migration of JMS-related services is only supported when the configured persistent store is a JDBC store and is not supported with file stores. Likewise, migration of JTA Transaction Recovery Services is not supported due to the requirement for shared, persistent file stores. For more information, see “Service Migration” in the WebLogic Server documentation at http://download-llnw.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/service_migration.html.

Related InformationOracle Cloud Computing Center at http://wlww.oracle.com/technology/tech/cloud/index.html

Amazon Elastic Compute Cloud (Amazon EC2) at http://aws.amazon.com/ec2/.

Oracle WebLogic Server on Amazon EC2 Reference 9

WebLogic Server Documentation at http://download.oracle.com/docs/cd/E12840_01/wls/docs103/sitemap.html.

Oracle JRockit Documentation at http://download.oracle.com/docs/cd/E13150_01/jrockit_jvm/jrockit/webdocs/index.html

10 Oracle WebLogic Server on Amazon EC2 Reference