Database and Environment Preconfiguration 2-9 ■ Specify HTTP as the protocol. ■ Enable address and port translation. ■ Enable reset of connections when services andor nodes are down. ■ Assign the pool created in step 1 to the virtual server. ■ Optionally, create rules to filter out access to console and em on this virtual server. 7. Configure monitors for the Oracle HTTP Server nodes to detect failures in these nodes. ■ Set up a monitor to regularly ping the URL context. ■ For the ping interval, specify a value that does not overload your system. You can try 5 seconds as a starting point. ■ For the timeout period, specify a value that can account for the longest response time that you can expect from your SOA system, that is, specify a value greater than the longest period of time any of your requests to HTTP servers can take.

2.2.3 IPs and Virtual IPs

Configure the Administration Server and the managed servers to listen on different virtual IPs and physical IPs as illustrated in Figure 2–3 . Figure 2–3 IPs and VIPs Mapped to Administration Server and Managed Servers As shown in Figure 2–3 , each VIP and IP is attached to the Oracle WebLogic server that uses it. VIP1 is failed manually to restart the Administration Server in SOAHOST2. VIP2 and VIP3 fail over from SOAHOST1 to SOAHOST2 and from Tip: Use GET \n\n instead if the Oracle HTTP Servers document root does not include index.htm and Oracle WebLogic Server returns a 404 error for . 2-10 Oracle Fusion Middleware Enterprise Deployment Guide for Oracle ECM Suite SOAHOST2 to SOAHOST1, respectively, through the Oracle WebLogic Server migration feature. WLS_IPM1 and WLS_IPM2 also use server migration to fail over VIP4 and VIP5, respectively, from ECMHOST1 to ECMHOST2. See the Oracle Fusion Middleware High Availability Guide for information on the WebLogic Server Migration feature. Physical non-virtual IPs are fixed to each node. IP1 is the physical IP of ECMHOST1 and is used as the listen address by the WLS_UCM1 server. IP2 is the physical IP of ECMHOST2 and is used as the listen address by the WLS_UCM2 server. Table 2–2 provides descriptions of the various virtual hosts.

2.2.4 Firewalls and Ports

Many Oracle Fusion Middleware components and services use ports. As an administrator, you must know the port numbers used by these services, and to ensure that the same port number is not used by two services on a host. Most port numbers are assigned during installation. Table 2–3 lists the ports used in the Oracle ECM topology, including the ports that you must open on the firewalls in the topology. Firewall notation: ■ FW0 refers to the outermost firewall. ■ FW1 refers to the firewall between the web tier and the application tier. ■ FW2 refers to the firewall between the application tier and the data tier. Table 2–2 Virtual Hosts Virtual IP VIP Maps to... Description VIP1 ADMINVHN ADMINVHN is the virtual host name that is the listen address for the Administration Server and fails over with manual failover of the Administration Server. It is enabled on the node where the Administration Server process is running SOAHOST1 by default. VIP2 SOAHOST1VHN1 SOAHOST1VHN1 is the virtual host name that maps to the listen address for WLS_SOA1 and fails over with server migration of this managed server. It is enabled on the node where WLS_SOA1 process is running SOAHOST1 by default. VIP3 SOAHOST2VHN1 SOAHOST2VHN1 is the virtual host name that maps to the listen address for WLS_SOA2 and fails over with server migration of this managed server. It is enabled on the node where WLS_SOA2 process is running SOAHOST2 by default. VIP4 ECMHOST1VHN1 ECMHOST1VHN1 is the virtual host name that maps to the listen address for WLS_IPM1 and fails over with server migration of this managed server. It is enabled on the node where WLS_IPM1 process is running ECMHOST1 by default. VIP5 ECMHOST2VHN1 ECMHOST2VHN1 is the virtual host name that maps to the listen address for WLS_IPM2 and fails over with server migration of this managed server. It is enabled on the node where WLS_IPM2 process is running ECMHOST2 by default. Database and Environment Preconfiguration 2-11 Table 2–3 Ports Used Type Firewall Port and Port Range Protocol Application Inbound Outbound Other Considerations and Timeout Guidelines Browser request FW0 80 HTTP Load Balancer Inbound Timeout depends on all HTML content and the type of process model used for SOA. Browser request FW0 443 HTTPS Load Balancer Inbound Timeout depends on all HTML content and the type of process model used for SOA. Browser request FW1 80 HTTP Load Balancer Outbound for intranet clients Timeout depends on all HTML content and the type of process model used for SOA. Browser request FW1 443 HTTPS Load Balancer Outbound for intranet clients Timeout depends on all HTML content and the type of process model used for SOA. Callbacks and outbound invocations FW1 80 HTTP Load Balancer Outbound Timeout depends on all HTML content and the type of process model used for SOA. Callbacks and Outbound invocations FW1 443 HTTPS Load Balancer Outbound Timeout depends on all HTML content and the type of process model used for SOA. Load balancer to Oracle HTTP Server na 7777 HTTP na See Section 2.2.2, Load Balancers. OHS registration with Administration Server FW1 7001 HTTPt3 Inbound Set the timeout to a short period 5-10 seconds. OHS management by Administration Server FW1 OPMN port 6701 and OHS Admin Port 7779 TCP and HTTP, respectively Outbound Set the timeout to a short period 5-10 seconds. SOA and WSM server access FW1 8001 Range: 8000 - 8080 HTTP WLS_SOAn Inbound Timeout varies based on the type of process model used for SOA. UCM access FW1 16200 HTTP WLS_UCMn Inbound Browser-based access. Configurable session timeouts. IPM access FW1 16000 HTTP WLS_IPMn Inbound Browser-based access. Configurable session timeouts. IPM connection to UCM na 4444 HTTP WLS_IPMn Inbound Persistent connection. Timeout configurable on UCM Server. Communication between SOA Cluster members na 8001 TCPIP Unicast na By default, this communication uses the same port as the servers listen address. 2-12 Oracle Fusion Middleware Enterprise Deployment Guide for Oracle ECM Suite Communication between UCM Cluster members na 16200 TCPIP Unicast na By default, this communication uses the same port as the servers listen address. Communication between IPM Cluster members na 16000 TCPIP Unicast na By default, this communication uses the same port as the servers listen address. Session replication within a WebLogic Server cluster na na na na By default, this communication uses the same port as the servers listen address. Administration Console access FW1 7001 HTTP Administration Server and Enterprise Manager t3 Both You should tune this timeout based on the type of access to the administration console whether it is planned to use the Oracle WebLogic Server Administration Console from application tier clients or clients external to the application tier. Node Manager na 5556 TCPIP na na For actual values, see Firewalls and Ports in Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management. Access Server access FW1 6021 OAP Inbound For actual values, see Firewalls and Ports in Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management. Identity Server access FW1 6022 OAP Inbound Database access FW2 1521 SQLNet Both Timeout depends on all database content and on the type of process model used for SOA. Coherence for deployment na 8088 Range: 8000 - 8090 na na Table 2–3 Cont. Ports Used Type Firewall Port and Port Range Protocol Application Inbound Outbound Other Considerations and Timeout Guidelines Database and Environment Preconfiguration 2-13

2.3 Shared Storage and Recommended Directory Structure

This following section details the directories and directory structure that Oracle recommends for the reference enterprise deployment topology in this guide. Other directory layouts are possible and supported, but the model adopted in this guide was chosen for maximum availability, providing both the best isolation of components and symmetry in the configuration and facilitating backup and disaster recovery. The rest of the document uses this directory structure and directory terminology. This section covers these topics: ■ Section 2.3.1, Terminology for Directories and Directory Environment Variables ■ Section 2.3.2, Recommended Locations for the Different Directories ■ Section 2.3.3, Shared Storage Configuration

2.3.1 Terminology for Directories and Directory Environment Variables

This enterprise deployment guide uses the following references to directory locations: ■ ORACLE_BASE: This environment variable and related directory path refers to the base directory under which Oracle products are installed. ■ MW_HOME: This environment variable and related directory path refers to the location where Fusion Middleware FMW resides. ■ WL_HOME: This environment variable and related directory path contains installed files necessary to host a WebLogic Server. ■ ORACLE_HOME: This environment variable and related directory path refers to the location where Oracle Fusion Middleware SOA Suite or Oracle Enterprise Content Management Suite is installed. ■ ORACLE_COMMON_HOME: This environment variable and related directory path refers to the Oracle home that contains the binary and library files required for the Oracle Enterprise Manager Fusion Middleware Control and Java Required Files JRF. Oracle Internet Directory access FW2 389 LDAP Inbound You should tune the directory servers parameters based on load balancer, and not the other way around. Oracle Internet Directory access FW2 636 LDAP SSL Inbound You should tune the directory servers parameters based on load balancer, and not the other way around. JOC for OWSM na 9991 Range: 9988-9998 TCPIP na na Note: The firewall ports depend on the definition of TCPIP ports. Table 2–3 Cont. Ports Used Type Firewall Port and Port Range Protocol Application Inbound Outbound Other Considerations and Timeout Guidelines