orawls
Version information
This version is compatible with:
- Puppet Enterprise >=2.7.20
- Puppet >=2.7.20
- , , , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'biemond-orawls', '1.0.31'
Learn more about managing modules with a PuppetfileDocumentation
Oracle WebLogic / Fusion Middleware puppet module V2
created by Edwin Biemond email biemond at gmail dot com biemond.blogspot.com Github homepage
Got the same options as the WLS puppet module but with
- types & providers instead of wlstexec scripts ( detect changes )
- more FMW product installations
- support for FMW clusters ( SOA Suite,OSB & ADF )
- optimized for Hiera
- totally refactored
- only for Linux and Solaris
Many thanks to Bert Hajee (hajee) for his contributions, help and the his easy_type module
Should work for all Linux & Solaris versions like RedHat, CentOS, Ubuntu, Debian, Suse SLES, OracleLinux, Solaris 10,11 sparc / x86
Dependency with
- hajee/easy_type >=0.10.0
- adrien/filemapper >= 1.1.1
- reidmv/yamlfile >=0.2.0
- fiddyspence/sleep => 1.1.2
Complete examples
- Docker with WebLogic 12.1.3 Cluster docker-weblogic-puppet
- WebLogic 12.1.3 Reference implementation, the vagrant test case for full working WebLogic 12.1.3 cluster example biemond-orawls-vagrant-12.1.3
- WebLogic 12.1.3 infra (JRF), the vagrant test case for full working WebLogic 12.1.3 infra cluster example with WebTier (Oracle HTTP Server) biemond-orawls-vagrant-12.1.3-infra
- WebLogic 12.1.3 infra with OSB, the vagrant test case for full working WebLogic 12.1.3 infra OSB cluster example biemond-orawls-vagrant-12.1.3-infra-osb
- WebLogic 12.1.3 infra with OSB & SOA,ESS,BAM, the vagrant test case for full working WebLogic 12.1.3 infra OSB SOA Cluster example biemond-orawls-vagrant-12.1.3-infra-soa
- WebLogic 12.1.2 Reference implementation, the vagrant test case for full working WebLogic 12.1.2 cluster example biemond-orawls-vagrant-12.1.2
- WebLogic 12.1.2 infra (JRF) with WebTier, the vagrant test case for full working WebLogic 12.1.2 infra cluster example with WebTier (Oracle HTTP Server) biemond-orawls-vagrant-12.1.2-infra
- Reference Solaris implementation, the vagrant test case for full working WebLogic 12.1.3 cluster example biemond-orawls-vagrant-solaris
- Reference OIM / OAM with WebTier, Webgate & Oracle Unified Directory, the vagrant test case for Oracle Identity Manager & Oracle Access Manager 11.1.2.2 example biemond-orawls-vagrant-oim_oam
- WebLogic 11g Reference implementation, the vagrant test case for full working WebLogic 10.3.6 cluster example biemond-orawls-vagrant
- Reference Oracle SOA Suite, the vagrant test case for full working WebLogic 10.3.6 SOA Suite + OSB cluster example biemond-orawls-vagrant-solaris-soa
- Example of Opensource Puppet 3.4.3 Puppet master configuration in a vagrant box vagrant-puppetmaster
Orawls WebLogic Features
- Installs WebLogic, version 10g,11g,12c( 12.1.1 & 12.1.2 & 12.1.3 + FMW infra )
- Apply a BSU patch on a Middleware home ( < 12.1.2 )
- Apply a OPatch on a Middleware home ( >= 12.1.2 ) or a Oracle product home
- Create a WebLogic domain
- Pack a WebLogic domain
- Copy a WebLogic domain to a other node with SSH, unpack and enroll to a nodemanager
- JSSE Java Secure Socket Extension support
- Custom Identity and Trust Store support
- Linux low on entropy or urandom fix
- Startup a nodemanager
- start or stop AdminServer, Managed or a Cluster
- StoreUserConfig for storing WebLogic Credentials and using in WLST
Fusion Middleware Features 11g & 12.1.3
- installs FMW software(add-on) to a middleware home, like OSB,SOA Suite, Oracle Identity & Access Management, Oracle Unified Directory, WebCenter Portal + Content
- WebTier Oracle HTTP server
- OSB, SOA Suite with BPM and BAM Cluster configuration support ( convert single osb/soa/bam servers to clusters and migrate OPSS to the database )
- ADF/JRF support, Assign JRF libraries to a Server or Cluster target
- OIM IDM / OAM configurations with Oracle OHS OAM WebGate, Also Cluster support for OIM OAM
- OUD OUD Oracle Unified Directory install, WebLogic domain, instances creation & OUD control
- Change FMW log location of a managed server
- Resource Adapter plan and entries for AQ, DB and JMS
Wls types and providers
- wls_setting, set the default wls parameters for the other types and also used by puppet resource
- wls_adminserver control the adminserver or subscribe to changes
- wls_managedserver control the managed server,cluster or subscribe to changes
- wls_domain
- wls_deployment
- wls_domain
- wls_user
- wls_authentication_provider
- wls_identity_asserter
- wls_machine
- wls_server
- wls_server_channel
- wls_cluster
- wls_coherence_cluster
- wls_server_template
- wls_dynamic_cluster
- wls_virtual_host
- wls_workmanager_constraint
- wls_workmanager
- wls_datasource
- wls_file_persistence_store
- wls_jmsserver
- wls_safagent
- wls_jms_module
- wls_jms_quota
- wls_jms_subdeployment
- wls_jms_queue
- wls_jms_topic
- wls_jms_connection_factory
- wls_saf_remote_context
- wls_saf_error_handler
- wls_saf_imported_destination
- wls_saf_imported_destination_object
- wls_foreign_server
- wls_foreign_server_object
- wls_mail_session
- wls_multi_datasource
- wls_jms_bridge_destination
- wls_messaging_bridge
Domain creation options (Dev or Prod mode)
all templates creates a WebLogic domain, logs the domain creation output
- domain 'standard' -> a default WebLogic
- domain 'adf' -> JRF + EM + Coherence (12.1.2 & 12.1.3) + OWSM (12.1.2 & 12.1.3) + JAX-WS Advanced + Soap over JMS (12.1.2 & 12.1.3)
- domain 'osb' -> OSB + JRF + EM + OWSM
- domain 'osb_soa' -> OSB + SOA Suite + BAM + JRF + EM + OWSM
- domain 'osb_soa_bpm' -> OSB + SOA Suite + BAM + BPM + JRF + EM + OWSM
- domain 'soa' -> SOA Suite + BAM + JRF + EM + OWSM
- domain 'soa_bpm' -> SOA Suite + BAM + BPM + JRF + EM + OWSM
- domain 'wc_wcc_bpm' -> WC (webcenter) + WCC ( Content ) + BPM + JRF + EM + OWSM
- domain 'wc' -> WC (webcenter) + JRF + EM + OWSM
- domain 'oim' -> OIM (Oracle Identity Manager) + OAM ( Oracle Access Manager)
- domain 'oud' -> OUD (Oracle Unified Directory)
Puppet master with orawls module key points
it should work on every PE or opensource puppet master, customers and I succesfull tested orawls on PE 3.0, 3.1, 3.2, 3.3. See also the puppet master vagrant box
But when it fails you can do the following actions.
- Check the time difference/timezone between all the puppet master and agent machines.
- Update orawls and its dependencies on the puppet master.
- After adding or refreshing the easy_type or orawls modules you need to restart all the PE services on the puppet master (this will flush the PE cache) and always do a puppet agent run on the Puppet master
- To solve this error "no such file to load -- easy_type" you need just to do a puppet run on the puppet master when it is still failing you can move the easy_type module to its primary module location ( /etc/puppetlabs/puppet/module )
- Move orawls and easy_type to the primary module location pup-1515 when the Puppet master loads a Type, it searches the environment that the agent requested. When it loads providers for that type, it searches the default environment instead of the one the agent requested.
Orawls WebLogic Facter
Contains WebLogic Facter which displays the following
- Middleware homes
- Oracle Software
- BSU & OPatch patches
- Domain configuration ( everything of a WebLogic Domain like deployments, datasource, JMS, SAF)
Override the default Oracle operating system user
default this orawls module uses oracle as weblogic install user you can override this by setting the following fact 'override_weblogic_user', like override_weblogic_user=wls or set FACTER_override_weblogic_user=wls
Override the default WebLogic domain folder
Set the following hiera parameters for weblogic.pp
wls_domains_dir: '/opt/oracle/wlsdomains/domains'
wls_apps_dir: '/opt/oracle/wlsdomains/applications'
Set the following wls_domains_dir & wls_apps_dir parameters in
- weblogic.pp
- domain.pp
- control.pp
- packdomain.pp
- copydomain.pp
- fmwcluster.pp
- fmwclusterjrf.pp
or hiera parameters of weblogic.pp
orawls::weblogic::wls_domains_dir: *wls_domains_dir
orawls::weblogic::wls_apps_dir: *wls_apps_dir
Java Secure Socket Extension support
Requires the JDK 7 or 8 JCE extension
jdk7::install7{ 'jdk1.7.0_51':
version => "7u51" ,
fullVersion => "jdk1.7.0_51",
alternativesPriority => 18000,
x64 => true,
downloadDir => "/data/install",
urandomJavaFix => true,
rsakeySizeFix => true, <!--
cryptographyExtensionFile => "UnlimitedJCEPolicyJDK7.zip", <!---
sourcePath => "/software",
}
To enable this in orawls you can set the jsse_enabled on the following manifests
- nodemanager.pp
- domain.pp
- control.pp
or set the following hiera parameter
wls_jsse_enabled: true
Enterprise security with Custom Identity and Trust store
in combination with JDK7 JCE policy, ORAUTILS and WebLogic JSSE you can use your own certificates
just generates all the certificates and set the following hiera variables.
# custom trust
orautils::customTrust: true
orautils::trustKeystoreFile: '/vagrant/truststore.jks'
orautils::trustKeystorePassphrase: 'welcome'
# used by nodemanager, control and domain creation
wls_custom_trust: &wls_custom_trust true
wls_trust_keystore_file: &wls_trust_keystore_file '/vagrant/truststore.jks'
wls_trust_keystore_passphrase: &wls_trust_keystore_passphrase 'welcome'
# create a standard domain with custom identity for the adminserver
domain_instances:
'Wls1036':
domain_template: "standard"
development_mode: false
log_output: *logoutput
custom_identity: true
custom_identity_keystore_filename: '/vagrant/identity_admin.jks'
custom_identity_keystore_passphrase: 'welcome'
custom_identity_alias: 'admin'
custom_identity_privatekey_passphrase: 'welcome'
nodemanager_instances:
'nodemanager':
log_output: *logoutput
custom_identity: true
custom_identity_keystore_filename: '/vagrant/identity_admin.jks'
custom_identity_keystore_passphrase: 'welcome'
custom_identity_alias: 'admin'
custom_identity_privatekey_passphrase: 'welcome'
nodemanager_address: *domain_adminserver_address
server_instances:
'wlsServer1':
ensure: 'present'
arguments: '-XX:PermSize=256m -XX:MaxPermSize=256m -Xms752m -Xmx752m -Dweblogic.Stdout=/var/log/weblogic/wlsServer1.out -Dweblogic.Stderr=/var/log/weblogic/wlsServer1_err.out'
listenaddress: '10.10.10.100'
listenport: '8001'
logfilename: '/var/log/weblogic/wlsServer1.log'
machine: 'Node1'
sslenabled: '1'
ssllistenport: '8201'
sslhostnameverificationignored: '1'
jsseenabled: '1'
custom_identity: '1'
custom_identity_keystore_filename: '/vagrant/identity_node1.jks'
custom_identity_keystore_passphrase: 'welcome'
custom_identity_alias: 'node1'
custom_identity_privatekey_passphrase: 'welcome'
trust_keystore_file: *wls_trust_keystore_file
trust_keystore_passphrase: *wls_trust_keystore_passphrase
Linux low on entropy or urandom fix
can cause certain operations to be very slow. Encryption operations need entropy to ensure randomness. Entropy is generated by the OS when you use the keyboard, the mouse or the disk.
If an encryption operation is missing entropy it will wait until enough is generated.
three options
- use rngd service (include orawls::urandomfix class)
- set java.security in JDK ( jre/lib/security in my jdk7 module )
- set -Djava.security.egd=file:/dev/./urandom param
Oracle binaries files and alternate download location
Some manifests like orawls:weblogic bsu opatch fmw supports an alternative mountpoint for the big oracle setup/install files. When not provided it uses the files folder located in the orawls puppet module else you can use $source =>
- "/mnt"
- "/vagrant"
- "puppet:///modules/orawls/" (default)
- "puppet:///middleware/"
when the files are also accesiable locally then you can also set $remote_file => false this will not move the files to the download folder, just extract or install
WebLogic requirements
Operating System settings like User, Group, ULimits and kernel parameters requirements
install the following module to set the kernel parameters puppet module install fiddyspence-sysctl
install the following module to set the user limits parameters puppet module install erwbgy-limits
sysctl { 'kernel.msgmnb': ensure => 'present', permanent => 'yes', value => '65536',}
sysctl { 'kernel.msgmax': ensure => 'present', permanent => 'yes', value => '65536',}
sysctl { 'kernel.shmmax': ensure => 'present', permanent => 'yes', value => '2147483648',}
sysctl { 'kernel.shmall': ensure => 'present', permanent => 'yes', value => '2097152',}
sysctl { 'fs.file-max': ensure => 'present', permanent => 'yes', value => '344030',}
sysctl { 'net.ipv4.tcp_keepalive_time': ensure => 'present', permanent => 'yes', value => '1800',}
sysctl { 'net.ipv4.tcp_keepalive_intvl': ensure => 'present', permanent => 'yes', value => '30',}
sysctl { 'net.ipv4.tcp_keepalive_probes': ensure => 'present', permanent => 'yes', value => '5',}
sysctl { 'net.ipv4.tcp_fin_timeout': ensure => 'present', permanent => 'yes', value => '30',}
class { 'limits':
config => {'*' => { 'nofile' => { soft => '2048' , hard => '8192', },},
'oracle' => { 'nofile' => { soft => '65535' , hard => '65535', },
'nproc' => { soft => '2048' , hard => '2048', },
'memlock' => { soft => '1048576', hard => '1048576',},},},
use_hiera => false,}
create a WebLogic user and group
group { 'dba' :
ensure => present,
}
# http://raftaman.net/?p=1311 for generating password
user { 'oracle' :
ensure => present,
groups => 'dba',
shell => '/bin/bash',
password => '$1$DSJ51vh6$4XzzwyIOk6Bi/54kglGk3.',
home => "/home/oracle",
comment => 'Oracle user created by Puppet',
managehome => true,
require => Group['dba'],
}
Necessary Hiera setup for global vars and Facter
if you don't want to provide the same parameters in all the defines and classes
hiera.yaml main configuration
---
:backends: yaml
:yaml:
:datadir: /vagrant/puppet/hieradata
:hierarchy:
- "%{::fqdn}"
- common
vagrantcentos64.example.com.yaml
---
common.yaml
---
# global WebLogic vars
wls_oracle_base_home_dir: &wls_oracle_base_home_dir "/opt/oracle"
wls_weblogic_user: &wls_weblogic_user "weblogic"
# 12.1.2 settings
#wls_weblogic_home_dir: &wls_weblogic_home_dir "/opt/oracle/middleware12c/wlserver"
#wls_middleware_home_dir: &wls_middleware_home_dir "/opt/oracle/middleware12c"
#wls_version: &wls_version 1212
# 10.3.6 settings
wls_weblogic_home_dir: &wls_weblogic_home_dir "/opt/oracle/middleware11g/wlserver_10.3"
wls_middleware_home_dir: &wls_middleware_home_dir "/opt/oracle/middleware11g"
wls_version: &wls_version 1036
# global OS vars
wls_os_user: &wls_os_user "oracle"
wls_os_group: &wls_os_group "dba"
wls_download_dir: &wls_download_dir "/data/install"
wls_source: &wls_source "/vagrant"
wls_jdk_home_dir: &wls_jdk_home_dir "/usr/java/jdk1.7.0_45"
wls_log_dir: &wls_log_dir "/data/logs"
#WebLogic installation variables
orawls::weblogic::version: *wls_version
orawls::weblogic::filename: "wls1036_generic.jar"
# weblogic 12.1.2
#orawls::weblogic::filename: "wls_121200.jar"
# or with 12.1.2 FMW infra
#orawls::weblogic::filename: "fmw_infra_121200.jar"
#orawls::weblogic::fmw_infra: true
orawls::weblogic::middleware_home_dir: *wls_middleware_home_dir
orawls::weblogic::log_output: false
# hiera default anchors
orawls::weblogic::jdk_home_dir: *wls_jdk_home_dir
orawls::weblogic::oracle_base_home_dir: *wls_oracle_base_home_dir
orawls::weblogic::os_user: *wls_os_user
orawls::weblogic::os_group: *wls_os_group
orawls::weblogic::download_dir: *wls_download_dir
orawls::weblogic::source: *wls_source
WebLogic Module Usage
weblogic
orawls::weblogic installs WebLogic 10.3.[0-6], 12.1.1, 12.1.2 & 12.1.3
class{'orawls::weblogic':
version => 1212, # 1036|1211|1212|1213
filename => 'wls_121200.jar', # wls1036_generic.jar|wls1211_generic.jar|wls_121200.jar
jdk_home_dir => '/usr/java/jdk1.7.0_45',
oracle_base_home_dir => "/opt/oracle",
middleware_home_dir => "/opt/oracle/middleware12c",
os_user => "oracle",
os_group => "dba",
download_dir => "/data/install",
source => "/vagrant", # puppet:///modules/orawls/ | /mnt |
log_output => true,
}
12.1.3 infra
class{'orawls::weblogic':
version => 1213,
filename => 'fmw_12.1.3.0.0_infrastructure.jar',
fmw_infra => true,
jdk_home_dir => '/usr/java/jdk1.7.0_55',
oracle_base_home_dir => "/opt/oracle",
middleware_home_dir => "/opt/oracle/middleware12c",
os_user => "oracle",
os_group => "dba",
download_dir => "/data/install",
source => "puppet:///middleware",
log_output => true,
}
or with a bin file located on a share
class{'orawls::weblogic':
version => 1036,
filename => "oepe-wls-indigo-installer-11.1.1.8.0.201110211138-10.3.6-linux32.bin",
oracle_base_home_dir => "/opt/weblogic",
middleware_home_dir => "/opt/weblogic/Middleware",
fmw_infra => false,
jdk_home_dir => "/usr/java/latest",
os_user => "weblogic",
os_group => "bea",
download_dir => "/data/tmp",
source => "/misc/tact/products/oracle/11g/fmw/wls/11.1.1.8",
remote_file => false,
log_output => true,
temp_directory => "/data/tmp",
}
Same configuration but then with Hiera ( need to have puppet > 3.0 )
include orawls::weblogic
or this
class{'orawls::weblogic':
log_output => true,
}
vagrantcentos64.example.com.yaml
---
orawls::weblogic::log_output: true
opatch
orawls::opatch apply an OPatch on a Middleware home or a Oracle product home
orawls::opatch {'16175470':
ensure => "present",
oracle_product_home_dir => "/opt/oracle/middleware12c",
jdk_home_dir => "/usr/java/jdk1.7.0_45",
patch_id => "16175470",
patch_file => "p16175470_121200_Generic.zip",
os_user => "oracle",
os_group => "dba",
download_dir => "/data/install",
source => "/vagrant",
log_output => false,
}
or when you set the defaults hiera variables
orawls::opatch {'16175470':
ensure => "present",
oracle_product_home_dir => "/opt/oracle/middleware12c",
patch_id => "16175470",
patch_file => "p16175470_121200_Generic.zip",
}
Same configuration but then with Hiera ( need to have puppet > 3.0 )
$default_params = {}
$opatch_instances = hiera('opatch_instances', {})
create_resources('orawls::opatch',$opatch_instances, $default_params)
common.yaml
---
opatch_instances:
'16175470':
ensure: "present"
oracle_product_home_dir: "/opt/oracle/middleware12c"
patch_id: "16175470"
patch_file: "p16175470_121200_Generic.zip"
jdk_home_dir "/usr/java/jdk1.7.0_45"
os_user: "oracle"
os_group: "dba"
download_dir: "/data/install"
source: "/vagrant"
log_output: true
or when you set the defaults hiera variables
---
opatch_instances:
'16175470':
ensure: "present"
oracle_product_home_dir: "/opt/oracle/middleware12c"
patch_id: "16175470"
patch_file: "p16175470_121200_Generic.zip"
bsu
orawls::bsu apply or remove a WebLogic BSU Patch ( ensure = present or absent )
orawls::bsu {'BYJ1':
ensure => "present",
middleware_home_dir => "/opt/oracle/middleware11gR1",
weblogic_home_dir => "/opt/oracle/middleware11gR1/wlserver",
jdk_home_dir => "/usr/java/jdk1.7.0_45",
patch_id => "BYJ1",
patch_file => "p17071663_1036_Generic.zip",
os_user => "oracle",
os_group => "dba",
download_dir => "/data/install",
source => "/vagrant",
log_output => false,
}
or when you set the defaults hiera variables
orawls::bsu {'BYJ1':
ensure => "present",
patch_id => "BYJ1",
patch_file => "p17071663_1036_Generic.zip",
log_output => false,
}
Same configuration but then with Hiera ( need to have puppet > 3.0 )
$default_params = {}
$bsu_instances = hiera('bsu_instances', {})
create_resources('orawls::bsu',$bsu_instances, $default_params)
common.yaml
---
bsu_instances:
'BYJ1':
ensure "present"
middleware_home_dir: "/opt/oracle/middleware11gR1"
weblogic_home_dir: "/opt/oracle/middleware11gR1/wlserver"
jdk_home_dir: "/usr/java/jdk1.7.0_45"
patch_id: "BYJ1"
patch_file: "p17071663_1036_Generic.zip"
os_user: "oracle"
os_group: "dba"
download_dir: "/data/install"
source: "/vagrant"
log_output: false
or when you set the defaults hiera variables
---
bsu_instances:
'BYJ1':
ensure "present"
patch_id: "BYJ1"
patch_file: "p17071663_1036_Generic.zip"
log_output: false
fmw
orawls::fmw installs FMW software (add-on) to a middleware home like OSB,SOA Suite, WebTier (HTTP Server), Oracle Identity Management, Web Center + Content
# fmw_product = adf|soa|osb|wcc|wc|oim|web|webgate|b2b|mft
orawls::fmw{"osbPS6":
middleware_home_dir => "/opt/oracle/middleware11gR1",
weblogic_home_dir => "/opt/oracle/middleware11gR1/wlserver",
jdk_home_dir => "/usr/java/jdk1.7.0_45",
oracle_base_home_dir => "/opt/oracle",
fmw_product => "osb", # adf|soa|osb|oim|wc|wcc|web
fmw_file1 => "ofm_osb_generic_11.1.1.7.0_disk1_1of1.zip",
os_user => "oracle",
os_group => "dba",
download_dir => "/data/install",
source => "/vagrant",
log_output => false,
}
or when you set the defaults hiera variables
orawls::fmw{"osbPS6":
fmw_product => "osb" # adf|soa|osb|oim|wc|wcc|web|webgate
fmw_file1 => "ofm_osb_generic_11.1.1.7.0_disk1_1of1.zip",
log_output => false,
}
orawls::fmw{"osb12.1.3":
version => 1213
fmw_product => "osb"
fmw_file1 => "fmw_12.1.3.0.0_osb_Disk1_1of1.zip",
log_output => false,
}
Same configuration but then with Hiera ( need to have puppet > 3.0 )
$default_params = {}
$fmw_installations = hiera('fmw_installations', {})
create_resources('orawls::fmw',$fmw_installations, $default_params)
common.yaml
when you set the defaults hiera variables
if ( defined(Orawls::Fmw["b2b1213"])) {
Orawls::Fmw["soa1213"] -> Orawls::Fmw["b2b1213"]
}
fmw_installations:
'soa1213':
version: *wls_version
fmw_product: "soa"
fmw_file1: "fmw_12.1.3.0.0_soa_Disk1_1of1.zip"
bpm: true
log_output: true
remote_file: false
'webtier1213':
version: *wls_version
fmw_product: "web"
fmw_file1: "fmw_12.1.3.0.0_ohs_linux64_Disk1_1of1.zip"
log_output: true
remote_file: false
'osb1213':
version: *wls_version
fmw_product: "osb"
fmw_file1: "fmw_12.1.3.0.0_osb_Disk1_1of1.zip"
log_output: true
remote_file: false
'mft1213':
version: *wls_version
fmw_product: "mft"
fmw_file1: "fmw_12.1.3.0.0_mft_Disk1_1of1.zip"
log_output: true
remote_file: false
'b2b1213':
version: *wls_version
fmw_product: "b2b"
healthcare: true
fmw_file1: "fmw_12.1.3.0.0_b2b_Disk1_1of1.zip"
log_output: true
remote_file: false
# FMW installation on top of WebLogic 10.3.6
fmw_installations:
'osbPS6':
fmw_product: "osb"
fmw_file1: "ofm_osb_generic_11.1.1.7.0_disk1_1of1.zip"
log_output: true
'soaPS6':
fmw_product: "soa"
fmw_file1: "ofm_soa_generic_11.1.1.7.0_disk1_1of2.zip"
fmw_file2: "ofm_soa_generic_11.1.1.7.0_disk1_2of2.zip"
log_output: true
# FMW installation on top of WebLogic 12.1.2
fmw_installations:
'webtier1212':
version: 1212
fmw_product: "web"
fmw_file1: "ofm_ohs_linux_12.1.2.0.0_64_disk1_1of1.zip"
log_output: true
remote_file: false
fmw_installations:
'webTierPS6':
fmw_product: "web"
fmw_file1: "ofm_webtier_linux_11.1.1.7.0_64_disk1_1of1.zip"
log_output: true
remote_file: false
fmw_installations:
'wcPS7':
fmw_product: "wc"
fmw_file1: "ofm_wc_generic_11.1.1.8.0_disk1_1of1.zip"
log_output: true
remote_file: false
'soaPS6':
fmw_product: "soa"
fmw_file1: "ofm_soa_generic_11.1.1.7.0_disk1_1of2.zip"
fmw_file2: "ofm_soa_generic_11.1.1.7.0_disk1_2of2.zip"
log_output: true
remote_file: false
'wccPS7':
fmw_product: "wcc"
fmw_file1: "ofm_wcc_generic_11.1.1.8.0_disk1_1of2.zip"
fmw_file2: "ofm_wcc_generic_11.1.1.8.0_disk1_2of2.zip"
log_output: true
remote_file: false
'webGate11.1.2.2':
version: 1112
fmw_product: "webgate"
fmw_file1: "ofm_webgates_generic_11.1.2.2.0_disk1_1of1.zip"
log_output: true
remote_file: false
'oud11.1.2.2':
version: 1112
fmw_product: "oud"
fmw_file1: "ofm_oud_generic_11.1.2.2.0_disk1_1of1.zip"
log_output: true
remote_file: false
domain
orawls::domain creates WebLogic domain like a standard | OSB or SOA Suite | ADF | WebCenter | OIM or OAM or OUD
optional override the default server arguments in the domain.py template with java_arguments parameter
orawls::domain { 'wlsDomain12c':
version => 1212, # 1036|1111|1211|1212|1213
weblogic_home_dir => "/opt/oracle/middleware12c/wlserver",
middleware_home_dir => "/opt/oracle/middleware12c",
jdk_home_dir => "/usr/java/jdk1.7.0_45",
domain_template => "standard", #standard|adf|osb|osb_soa|osb_soa_bpm|soa|soa_bpm
domain_name => "Wls12c",
development_mode => false,
adminserver_name => "AdminServer",
adminserver_address => "localhost",
adminserver_port => 7001,
nodemanager_secure_listener => true,
nodemanager_port => 5556,
java_arguments => { "ADM" => "...", "OSB" => "...", "SOA" => "...", "BAM" => "..."},
weblogic_user => "weblogic",
weblogic_password => "weblogic1",
os_user => "oracle",
os_group => "dba",
log_dir => "/data/logs",
download_dir => "/data/install",
log_output => true,
}
or when you set the defaults hiera variables
orawls::domain { 'wlsDomain12c':
domain_template => "standard",
domain_name => "Wls12c",
development_mode => false,
adminserver_name => "AdminServer",
adminserver_address => "localhost",
adminserver_port => 7001,
nodemanager_port => 5556,
weblogic_password => "weblogic1",
log_output => true,
}
Same configuration but then with Hiera ( need to have puppet > 3.0 )
$default = {}
$domain_instances = hiera('domain_instances', {})
create_resources('orawls::domain',$domain_instances, $default)
vagrantcentos64.example.com.yaml
---
domain_instances:
'wlsDomain12c':
version: 1212
weblogic_home_dir: "/opt/oracle/middleware12c/wlserver"
middleware_home_dir: "/opt/oracle/middleware12c"
jdk_home_dir: "/usr/java/jdk1.7.0_45"
domain_template: "standard"
domain_name: "Wls12c"
development_mode: false
adminserver_name: "AdminServer"
adminserver_address: "localhost"
adminserver_port: 7001
nodemanager_secure_listener: true
nodemanager_port: 5556
weblogic_user: "weblogic"
weblogic_password: "weblogic1"
os_user: "oracle"
os_group: "dba"
log_dir: "/data/logs"
download_dir: "/data/install"
java_arguments:
ADM: "-XX:PermSize=256m -XX:MaxPermSize=512m -Xms1024m -Xmx1024m"
OSB: "-XX:PermSize=256m -XX:MaxPermSize=512m -Xms1024m -Xmx1024m"
log_output: true
or when you set the defaults hiera variables
---
domain_instances:
'wlsDomain12c':
domain_template: "standard"
domain_name: "Wls12c"
development_mode: false
adminserver_name: "AdminServer"
adminserver_address: "localhost"
adminserver_port: 7001
nodemanager_port: 5556
weblogic_password: "weblogic1"
java_arguments:
ADM: "-XX:PermSize=256m -XX:MaxPermSize=512m -Xms1024m -Xmx1024m"
log_output: true
when you just have one WebLogic domain on a server
---
# when you have just one domain on a server
domain_name: "Wls1036"
domain_adminserver: "AdminServer"
domain_adminserver_address: "localhost"
domain_adminserver_port: 7001
domain_nodemanager_port: 5556
domain_wls_password: "weblogic1"
# create a standard domain
domain_instances:
'wlsDomain':
domain_template: "standard"
development_mode: false
log_output: *logoutput
or with custom identity and custom truststore
# used by nodemanager, control and domain creation
wls_custom_trust: &wls_custom_trust true
wls_trust_keystore_file: &wls_trust_keystore_file '/vagrant/truststore.jks'
wls_trust_keystore_passphrase: &wls_trust_keystore_passphrase 'welcome'
# create a standard domain with custom identity for the adminserver
domain_instances:
'Wls1036':
domain_template: "standard"
development_mode: false
log_output: *logoutput
custom_identity: true
custom_identity_keystore_filename: '/vagrant/identity_admin.jks'
custom_identity_keystore_passphrase: 'welcome'
custom_identity_alias: 'admin'
custom_identity_privatekey_passphrase: 'welcome'
FMW 11g, 12.1.2 , 12.1.3 ADF domain with webtier
# create a standard domain
domain_instances:
'adf_domain':
domain_template: "adf"
development_mode: true
log_output: *logoutput
nodemanager_address: "10.10.10.21"
repository_database_url: "jdbc:oracle:thin:@wlsdb.example.com:1521/wlsrepos.example.com"
repository_prefix: "DEV"
repository_password: "Welcome01"
repository_sys_password: "Welcome01"
rcu_database_url: "wlsdb.example.com:1521:wlsrepos.example.com"
webtier_enabled: true
create_rcu: true
FMW 11g WebLogic SOA Suite domain
# create a standard domain
domain_instances:
'wlsDomain':
domain_template: "osb_soa_bpm"
development_mode: false
log_output: *logoutput
repository_database_url: "jdbc:oracle:thin:@10.10.10.5:1521/test.oracle.com"
repository_prefix: "DEV"
repository_password: "Welcome01"
FMW 11g WebLogic OIM / OAM domain
domain_instances:
'oimDomain':
version: 1112
domain_template: "oim"
development_mode: true
log_output: *logoutput
repository_database_url: "jdbc:oracle:thin:@oimdb.example.com:1521/oimrepos.example.com"
repository_prefix: "DEV"
repository_password: "Welcome01"
repository_sys_password: "Welcome01"
rcu_database_url: "oimdb.example.com:1521/oimrepos.example.com"
FMW 12.1.3 WebLogic SOA Suite domain
# create a soa domain
domain_instances:
'soa_domain':
version: 1213
domain_template: "osb_soa_bpm"
bam_enabled: true
b2b_enabled: true
ess_enabled: true
development_mode: true
log_output: *logoutput
nodemanager_address: "10.10.10.21"
repository_database_url: "jdbc:oracle:thin:@soadb.example.com:1521/soarepos.example.com"
repository_prefix: "DEV"
repository_password: "Welcome01"
repository_sys_password: "Welcome01"
rcu_database_url: "soadb.example.com:1521:soarepos.example.com"
FMW 12.1.3 WebLogic OSB domain
domain_instances:
'osb_domain':
version: *wls_version
domain_template: "osb"
development_mode: true
log_output: *logoutput
nodemanager_address: *domain_adminserver_address
repository_database_url: "jdbc:oracle:thin:@osbdb.example.com:1521/osbrepos.example.com"
repository_prefix: "DEV"
repository_password: "Welcome01"
repository_sys_password: "Welcome01"
rcu_database_url: "osbdb.example.com:1521:osbrepos.example.com"
packdomain
orawls::packdomain pack a WebLogic Domain and add this to the download folder
orawls::packdomain{"Wls12c":
weblogic_home_dir => "/opt/oracle/middleware12c/wlserver",
middleware_home_dir => "/opt/oracle/middleware12c",
jdk_home_dir => "/usr/java/jdk1.7.0_45",
wls_domains_dir => "/opt/oracle/domains",
domain_name => "Wls12c",
os_user => "oracle",
os_group => "dba",
download_dir => "/data/install",
}
or with hiera
$default_params = {}
$pack_domain_instances = hiera('pack_domain_instances', {})
create_resources('orawls::packdomain',$pack_domain_instances, $default_params)
# pack domains
pack_domain_instances:
'wlsDomain':
log_output: *logoutput
copydomain
orawls::copydomain copies a WebLogic domain with SSH or from a share, unpack and enroll to a nodemanager
When using ssh (use_ssh = true) you need to setup ssh so you won't need to provide a password
orawls::copydomain{"Wls12c":
version => 1212,
weblogic_home_dir => "/opt/oracle/middleware12c/wlserver",
middleware_home_dir => "/opt/oracle/middleware12c",
jdk_home_dir => "/usr/java/jdk1.7.0_45",
wls_domains_dir => "/opt/oracle/domains",
wls_apps_dir => "/opt/oracle/applications",
domain_name => "Wls12c",
os_user => "oracle",
os_group => "dba",
download_dir => "/data/install",
log_dir => "/var/log/weblogic",
log_output => true,
use_ssh => false,
domain_pack_dir => /mnt/fmw_share,
adminserver_address => "10.10.10.10",
adminserver_port => 7001,
weblogic_user => "weblogic",
weblogic_password => "weblogic1",
}
Configuration with Hiera ( need to have puppet > 3.0 )
$default_params = {}
$copy_instances = hiera('copy_instances', {})
create_resources('orawls::copydomain',$copy_instances, $default_params)
when you just have one WebLogic domain on a server
---
# when you have just one domain on a server
domain_name: "Wls1036"
domain_adminserver: "AdminServer"
domain_adminserver_address: "localhost"
domain_adminserver_port: 7001
domain_nodemanager_port: 5556
domain_wls_password: "weblogic1"
# copy domains to other nodes
copy_instances:
'wlsDomain':
use_ssh: false
domain_pack_dir: /mnt/fmw_share
log_output: *logoutput
'wlsDomain2':
log_output: *logoutput
nodemanager
orawls::nodemanager start the nodemanager of a WebLogic Domain or Middleware Home
orawls::nodemanager{'nodemanager12c':
version => 1212, # 1036|1111|1211|1212
weblogic_home_dir => "/opt/oracle/middleware12c/wlserver",
jdk_home_dir => "/usr/java/jdk1.7.0_45",
nodemanager_port => 5556,
nodemanager_secure_listener => true,
domain_name => "Wls12c",
os_user => "oracle",
os_group => "dba",
log_dir => "/data/logs",
download_dir => "/data/install",
log_output => true,
sleep => 20,
}
or when you set the defaults hiera variables
orawls::nodemanager{'nodemanager12c':
nodemanager_port => 5556,
domain_name => "Wls12c",
log_output => true,
}
Same configuration but then with Hiera ( need to have puppet > 3.0 )
$default = {}
$nodemanager_instances = hiera('nodemanager_instances', [])
create_resources('orawls::nodemanager',$nodemanager_instances, $default)
vagrantcentos64.example.com.yaml
---
nodemanager_instances:
'nodemanager12c':
version: 1212
weblogic_home_dir: "/opt/oracle/middleware12c/wlserver"
jdk_home_dir: "/usr/java/jdk1.7.0_45"
nodemanager_port: 5556
nodemanager_secure_listener: true
domain_name: "Wls12c"
os_user: "oracle"
os_group: "dba"
log_dir: "/data/logs"
download_dir: "/data/install"
log_output: true
or when you set the defaults hiera variables
---
nodemanager_instances:
'nodemanager12c':
nodemanager_port: 5556
domain_name: "Wls12c"
log_output: true
when you just have one WebLogic domain on a server
#when you just have one domain on a server
domain_name: "Wls1036"
domain_nodemanager_port: 5556
---
nodemanager_instances:
'nodemanager12c':
log_output: true
or with custom identity and custom truststore
# used by nodemanager, control and domain creation
wls_custom_trust: &wls_custom_trust true
wls_trust_keystore_file: &wls_trust_keystore_file '/vagrant/truststore.jks'
wls_trust_keystore_passphrase: &wls_trust_keystore_passphrase 'welcome'
nodemanager_instances:
'nodemanager':
log_output: *logoutput
custom_identity: true
custom_identity_keystore_filename: '/vagrant/identity_admin.jks'
custom_identity_keystore_passphrase: 'welcome'
custom_identity_alias: 'admin'
custom_identity_privatekey_passphrase: 'welcome'
nodemanager_address: *domain_adminserver_address
control
orawls::control start or stops the AdminServer,Managed Server or a Cluster of a WebLogic Domain, this will call the wls_managedserver and wls_adminserver types
orawls::control{'startWLSAdminServer12c':
domain_name => "Wls12c",
server_type => 'admin', # admin|managed
target => 'Server', # Server|Cluster
server => 'AdminServer',
action => 'start',
weblogic_home_dir => "/opt/oracle/middleware12c/wlserver",
jdk_home_dir => "/usr/java/jdk1.7.0_45",
weblogic_user => "weblogic",
weblogic_password => "weblogic1",
adminserver_address => 'localhost',
adminserver_port => 7001,
nodemanager_port => 5556,
nodemanager_secure_listener => true,
os_user => "oracle",
os_group => "dba",
download_dir => "/data/install",
log_output => true,
}
or when you set the defaults hiera variables
orawls::control{'startWLSAdminServer12c':
domain_name => "Wls12c",
server_type => 'admin', # admin|managed
target => 'Server', # Server|Cluster
server => 'AdminServer',
action => 'start',
weblogic_password => "weblogic1",
adminserver_address => 'localhost',
adminserver_port => 7001,
nodemanager_port => 5556,
log_output => true,
}
Same configuration but then with Hiera ( need to have puppet > 3.0 )
$default = {}
$control_instances = hiera('control_instances', {})
create_resources('orawls::control',$control_instances, $default)
vagrantcentos64.example.com.yaml
---
control_instances:
'startWLSAdminServer12c':
domain_name: "Wls12c"
domain_dir: "/opt/oracle/middleware12c/user_projects/domains/Wls12c"
server_type: 'admin'
target: 'Server'
server: 'AdminServer'
action: 'start'
weblogic_home_dir: "/opt/oracle/middleware12c/wlserver"
jdk_home_dir: "/usr/java/jdk1.7.0_45"
weblogic_user: "weblogic"
weblogic_password: "weblogic1"
adminserver_address: 'localhost'
adminserver_port: 7001
nodemanager_port: 5556
nodemanager_secure_listener: true
os_user: "oracle"
os_group: "dba"
download_dir: "/data/install"
log_output: true
or when you set the defaults hiera variables
---
control_instances:
'startWLSAdminServer12c':
domain_name: "Wls12c"
domain_dir: "/opt/oracle/middleware12c/user_projects/domains/Wls12c"
server_type: 'admin'
target: 'Server'
server: 'AdminServer'
action: 'start'
weblogic_password: "weblogic1"
adminserver_address: 'localhost'
adminserver_port: 7001
nodemanager_port: 5556
log_output: true
when you just have one WebLogic domain on a server
---
#when you just have one domain on a server
domain_name: "Wls1036"
domain_adminserver_address: "localhost"
domain_adminserver_port: 7001
domain_nodemanager_port: 5556
domain_wls_password: "weblogic1"
# startup adminserver for extra configuration
control_instances:
'startWLSAdminServer':
domain_dir: "/opt/oracle/middleware11g/user_projects/domains/Wls1036"
server_type: 'admin'
target: 'Server'
server: 'AdminServer'
action: 'start'
log_output: *logoutput
urandomfix
orawls::urandomfix Linux low on entropy or urandom fix can cause certain operations to be very slow. Encryption operations need entropy to ensure randomness. Entropy is generated by the OS when you use the keyboard, the mouse or the disk.
If an encryption operation is missing entropy it will wait until enough is generated.
three options
- use rngd service (use this wls::urandomfix class)
- set java.security in JDK ( jre/lib/security in my jdk7 module )
- set -Djava.security.egd=file:/dev/./urandom param
storeuserconfig
orawls::storeuserconfig Creates WLST user config for WLST , this way you don't need to know the weblogic password. when you set the defaults hiera variables
orawls::storeuserconfig{'Wls12c':
domain_name => "Wls12c",
adminserver_address => "localhost",
adminserver_port => 7001,
weblogic_password => "weblogic1",
user_config_dir => '/home/oracle',
log_output => false,
}
Same configuration but then with Hiera ( need to have puppet > 3.0 )
notify { 'class userconfig':}
$default_params = {}
$userconfig_instances = hiera('userconfig_instances', {})
create_resources('orawls::storeuserconfig',$userconfig_instances, $default_params)
vagrantcentos64.example.com.yaml or when you set the defaults hiera variables
---
userconfig_instances:
'Wls12c':
domain_name: "Wls12c"
adminserver_address: "localhost"
adminserver_port: 7001
weblogic_password: "weblogic1"
log_output: true
user_config_dir: '/home/oracle'
when you just have one WebLogic domain on a server
#when you just have one domain on a server
domain_name: "Wls1036"
domain_adminserver_address: "localhost"
domain_adminserver_port: 7001
domain_wls_password: "weblogic1"
---
userconfig_instances:
'Wls12c':
log_output: true
user_config_dir: '/home/oracle'
fmwlogdir
orawls::fmwlogdir Change a log folder location of a FMW server when you set the defaults hiera variables
orawls::fmwlogdir{'AdminServer':
middleware_home_dir => "/opt/oracle/middleware11gR1",
weblogic_user => "weblogic",
weblogic_password => "weblogic1",
os_user => "oracle",
os_group => "dba",
download_dir => "/data/install"
log_dir => "/var/log/weblogic"
adminserver_address => "localhost",
adminserver_port => 7001,
server => "AdminServer",
log_output => false,
}
Same configuration but then with Hiera ( need to have puppet > 3.0 )
$default_params = {}
$fmwlogdir_instances = hiera('fmwlogdir_instances', {})
create_resources('orawls::fmwlogdir',$fmwlogdir_instances, $default_params)
vagrantcentos64.example.com.yaml or when you set the defaults hiera variables
---
fmwlogdir_instances:
'AdminServer':
log_output: true
server: 'AdminServer'
resourceadapter
orawls::resourceadapter Add a Resource adapter plan for Aq ,DB or JMS with some entries when you set the defaults hiera variables
$default_params = {}
$resource_adapter_instances = hiera('resource_adapter_instances', {})
create_resources('orawls::resourceadapter',$resource_adapter_instances, $default_params)
vagrantcentos64.example.com.yaml or when you set the defaults hiera variables
resource_adapter_instances:
'JmsAdapter_hr':
adapter_name: 'JmsAdapter'
adapter_path: "/opt/oracle/middleware11g/Oracle_SOA1/soa/connectors/JmsAdapter.rar"
adapter_plan_dir: "/opt/oracle/wlsdomains"
adapter_plan: 'Plan_JMS.xml'
adapter_entry: 'eis/JMS/cf'
adapter_entry_property: 'ConnectionFactoryLocation'
adapter_entry_value: 'jms/cf'
'AqAdapter_hr':
adapter_name: 'AqAdapter'
adapter_path: "/opt/oracle/middleware11g/Oracle_SOA1/soa/connectors/AqAdapter.rar"
adapter_plan_dir: "/opt/oracle/wlsdomains"
adapter_plan: 'Plan_AQ.xml'
adapter_entry: 'eis/AQ/hr'
adapter_entry_property: 'xADataSourceName'
adapter_entry_value: 'jdbc/hrDS'
'DbAdapter_hr':
adapter_name: 'DbAdapter'
adapter_path: "/opt/oracle/middleware11g/Oracle_SOA1/soa/connectors/DbAdapter.rar"
adapter_plan_dir: "/opt/oracle/wlsdomains"
adapter_plan: 'Plan_DB.xml'
adapter_entry: 'eis/DB/hr'
adapter_entry_property: 'xADataSourceName'
adapter_entry_value: 'jdbc/hrDS'
fmwcluster
orawls::utils::fmwcluster convert existing cluster to a OSB or SOA suite cluster (BPM is optional) and also convert BAM to a BAM cluster. This will also work for OIM / OAM cluster. The security store is migrated to a database store during this conversion. To maintain a file based store set a standalone hiera param "retain_security_file_store" to true.
You first need to create some OSB, SOA or BAM clusters and add some managed servers to these clusters for OSB 11g or SOA Suite 11g managed servers make sure to also set the coherence arguments parameters
$default_params = {}
$fmw_cluster_instances = hiera('fmw_cluster_instances', $default_params)
create_resources('orawls::utils::fmwcluster',$fmw_cluster_instances, $default_params)
hiera configuration
# FMW 11g cluster
fmw_cluster_instances:
'soaCluster':
domain_name: "soa_domain"
soa_cluster_name: "SoaCluster"
bam_cluster_name: "BamCluster"
osb_cluster_name: "OsbCluster"
log_output: *logoutput
bpm_enabled: true
bam_enabled: true
soa_enabled: true
osb_enabled: true
repository_prefix: "DEV"
# FMW 12.1.3 cluster
fmw_cluster_instances:
'soaCluster':
domain_name: "soa_domain"
soa_cluster_name: "SoaCluster"
bam_cluster_name: "BamCluster"
osb_cluster_name: "OsbCluster"
log_output: *logoutput
bpm_enabled: true
bam_enabled: true
soa_enabled: true
osb_enabled: true
b2b_enabled: true
ess_enabled: true
repository_prefix: "DEV"
fmwclusterjrf
orawls::utils::fmwclusterjrf convert existing cluster to a ADF/JRF cluster you need to create a wls cluster with some managed servers first
$default_params = {}
$fmw_jrf_cluster_instances = hiera('fmw_jrf_cluster_instances', $default_params)
create_resources('orawls::utils::fmwclusterjrf',$fmw_jrf_cluster_instances, $default_params)
hiera configuration
fmw_jrf_cluster_instances:
'WebCluster':
domain_name: "adf_domain"
jrf_target_name: "WebCluster"
opss_datasource_name: "opss-data-source" #optional
log_output: *logoutput
webtier
orawls::utils::webtier add an OHS instance to a WebLogic Domain and in the Enterprise Manager, optional with OHS OAM Webgate
$default_params = {}
$webtier_instances = hiera('webtier_instances', {})
create_resources('orawls::utils::webtier',$webtier_instances, $default_params)
hiera configuration
# 11g
webtier_instances:
'ohs1':
action_name: 'create'
instance_name: 'ohs1'
webgate_configure: true
log_output: *logoutput
# 12.1.2
webtier_instances:
'ohs1':
action_name: 'create'
instance_name: 'ohs1'
machine_name: 'Node1'
oimconfig
orawls::utils::oimconfig Configure OIM , oim server, design or remote configuration
$default_params = {}
$oimconfig_instances = hiera('oimconfig_instances', $default_params)
create_resources('orawls::utils::oimconfig',$oimconfig_instances, $default_params)
oimconfig_instances:
'oimDomain':
version: 1112
oim_home: '/opt/oracle/middleware11g/Oracle_IDM1'
server_config: true
oim_password: 'Welcome01'
remote_config: false
keystore_password: 'Welcome01'
design_config: false
oimserver_hostname: 'oim1admin.example.com'
oimserver_port: '14000'
repository_database_url: "oimdb.example.com:1521:oimrepos.example.com"
repository_prefix: "DEV"
repository_password: "Welcome01"
instance
orawls::oud::instance Configure OUD (Oracle Unified Directory) ldap instance
$default_params = {}
$oudconfig_instances = hiera('oudconfig_instances', $default_params)
create_resources('orawls::oud::instance',$oudconfig_instances, $default_params)
oudconfig_instances:
'instance1':
version: 1112
oud_home: '/opt/oracle/middleware11g/Oracle_OUD1'
oud_instance_name: 'instance1'
oud_root_user_password: 'Welcome01'
oud_baseDN: 'dc=example,dc=com'
oud_ldapPort: 1389
oud_adminConnectorPort: 4444
oud_ldapsPort: 1636
log_output: *logoutput
'instance2':
version: 1112
oud_home: '/opt/oracle/middleware11g/Oracle_OUD1'
oud_instance_name: 'instance2'
oud_root_user_password: 'Welcome01'
oud_baseDN: 'dc=example,dc=com'
oud_ldapPort: 2389
oud_adminConnectorPort: 5555
oud_ldapsPort: 2636
log_output: *logoutput
oud_control
orawls::oud::control Stop or start an OUD (Oracle Unified Directory) ldap instance
$default_params = {}
$oud_control_instances = hiera('oud_control_instances', $default_params)
create_resources('orawls::oud::control',$oud_control_instances, $default_params)
oud_control_instances:
'instance1':
oud_instances_home_dir: '/opt/oracle/oud_instances'
oud_instance_name: 'instance1'
action: 'start'
log_output: *logoutput
Types and providers
All wls types needs a wls_setting definition, this is a pointer to an WebLogic AdminServer and you need to create one for every WebLogic domain. When you don't provide a wls_setting identifier in the title of the weblogic type then it will use default as identifier.
Global timeout parameter for WebLogic resource types. use timeout and value in seconds, default = 120 seconds or 2 minutes
###wls_setting
required for all the weblogic type/providers, this is a pointer to an WebLogic AdminServer.
wls_setting { 'default':
user => 'oracle',
weblogic_home_dir => '/opt/oracle/middleware11g/wlserver_10.3',
connect_url => "t3://localhost:7001",
weblogic_user => 'weblogic',
weblogic_password => 'weblogic1',
}
wls_setting { 'domain2':
user => 'oracle',
weblogic_home_dir => '/opt/oracle/middleware11g/wlserver_10.3',
connect_url => "t3://localhost:7011",
weblogic_user => 'weblogic',
weblogic_password => 'weblogic1',
post_classpath => '/opt/oracle/wlsdomains/domains/Wls1036/lib/aa.jar'
}
or in hiera
# and for with weblogic infra 12.1.3, use this post_classpath
wls_setting_instances:
'default':
user: 'oracle'
weblogic_home_dir: '/opt/oracle/middleware12c/wlserver'
connect_url: "t3://10.10.10.21:7001"
weblogic_user: 'weblogic'
weblogic_password: 'weblogic1'
post_classpath: '/opt/oracle/middleware12c/oracle_common/modules/internal/features/jrf_wlsFmw_oracle.jrf.wlst_12.1.3.jar'
wls_domain
it needs wls_setting and when identifier is not provided it will use the 'default'. Probably after changing the domain you need to restart the AdminServer or subscribe for a restart to this change with the wls_adminserver type
or use puppet resource wls_domain
# In this case it will use default as wls_setting identifier
wls_domain { 'Wls1036':
ensure => 'present',
jmx_platform_mbean_server_enabled => '1',
jmx_platform_mbean_server_used => '1',
jpa_default_provider => 'org.eclipse.persistence.jpa.PersistenceProvider',
jta_max_transactions => '20000',
jta_transaction_timeout => '35',
log_file_min_size => '5000',
log_filecount => '10',
log_filename => '/var/log/weblogic/Wls1036.log',
log_number_of_files_limited => '1',
log_rotate_logon_startup => '1',
log_rotationtype => 'bySize',
security_crossdomain => '0',
web_app_container_show_archived_real_path_enabled => '1',
}
wls_domain { 'Wls11gSetting/Wls11g':
ensure => 'present',
jmx_platform_mbean_server_enabled => '0',
jmx_platform_mbean_server_used => '1',
jpa_default_provider => 'org.apache.openjpa.persistence.PersistenceProviderImpl',
jta_max_transactions => '10000',
jta_transaction_timeout => '30',
log_file_min_size => '5000',
log_filecount => '5',
log_filename => '/var/log/weblogic/Wls11g.log',
log_number_of_files_limited => '0',
log_rotate_logon_startup => '0',
log_rotationtype => 'byTime',
security_crossdomain => '1',
web_app_container_show_archived_real_path_enabled => '0',
}
in hiera
require userconfig
$default_params = {}
$wls_domain_instances = hiera('wls_domain_instances', {})
create_resources('wls_domain',$wls_domain_instances, $default_params)
# 'Wls1036' will use default as wls_setting identifier
# 'Wls11g' will use domain2 as wls_setting identifier
wls_domain_instances:
'Wls1036':
ensure: 'present'
jpa_default_provider: 'org.eclipse.persistence.jpa.PersistenceProvider'
jta_max_transactions: '20000'
jta_transaction_timeout: '35'
log_file_min_size: '5000'
log_filecount: '5'
log_filename: '/var/log/weblogic/Wls1036.log'
log_number_of_files_limited: '1'
log_rotate_logon_startup: '1'
log_rotationtype: 'bySize'
security_crossdomain: '0'
'domain2/Wls11g':
ensure: 'present'
jpa_default_provider: 'org.apache.openjpa.persistence.PersistenceProviderImpl'
jta_max_transactions: '10000'
jta_transaction_timeout: '30'
log_file_min_size: '5000'
log_filecount: '10'
log_filename: '/var/log/weblogic/Wls11g.log'
log_number_of_files_limited: '0'
log_rotate_logon_startup: '0'
log_rotationtype: 'byTime'
security_crossdomain: '1'
wls_adminserver
type for adminserver control like start, running, abort and stop. also supports subscribe with refreshonly
# for this type you won't need a wls_setting identifier
wls_adminserver{'AdminServer_Wls1036:':
ensure => 'running', #running|start|abort|stop
server_name => hiera('domain_adminserver'),
domain_name => hiera('domain_name'),
domain_path => "/opt/oracle/wlsdomains/domains/Wls1036",
os_user => hiera('wls_os_user'),
weblogic_home_dir => hiera('wls_weblogic_home_dir'),
weblogic_user => hiera('wls_weblogic_user'),
weblogic_password => hiera('domain_wls_password'),
jdk_home_dir => hiera('wls_jdk_home_dir'),
nodemanager_address => hiera('domain_adminserver_address'),
nodemanager_port => hiera('domain_nodemanager_port'),
jsse_enabled => false,
custom_trust => false,
}
with JSSE and custom trust
# for this type you won't need a wls_setting identifier
wls_adminserver{'AdminServer_Wls1036:':
ensure => 'running', #running|start|abort|stop
server_name => hiera('domain_adminserver'),
domain_name => hiera('domain_name'),
domain_path => "/opt/oracle/wlsdomains/domains/Wls1036",
os_user => hiera('wls_os_user'),
weblogic_home_dir => hiera('wls_weblogic_home_dir'),
weblogic_user => hiera('wls_weblogic_user'),
weblogic_password => hiera('domain_wls_password'),
jdk_home_dir => hiera('wls_jdk_home_dir'),
nodemanager_address => hiera('domain_adminserver_address'),
nodemanager_port => hiera('domain_nodemanager_port'),
jsse_enabled => hiera('wls_jsse_enabled'),
custom_trust => hiera('wls_custom_trust'),
trust_keystore_file => hiera('wls_trust_keystore_file'),
trust_keystore_passphrase => hiera('wls_trust_keystore_passphrase'),
}
subscribe to a wls_domain, wls_authenticaton_provider or wls_identity_asserter event
# for this type you won't need a wls_setting identifier
wls_adminserver{'AdminServer_Wls1036:':
ensure => 'running', #running|start|abort|stop
server_name => hiera('domain_adminserver'),
domain_name => hiera('domain_name'),
domain_path => "/opt/oracle/wlsdomains/domains/Wls1036",
os_user => hiera('wls_os_user'),
weblogic_home_dir => hiera('wls_weblogic_home_dir'),
weblogic_user => hiera('wls_weblogic_user'),
weblogic_password => hiera('domain_wls_password'),
jdk_home_dir => hiera('wls_jdk_home_dir'),
nodemanager_address => hiera('domain_adminserver_address'),
nodemanager_port => hiera('domain_nodemanager_port'),
jsse_enabled => hiera('wls_jsse_enabled'),
custom_trust => hiera('wls_custom_trust'),
trust_keystore_file => hiera('wls_trust_keystore_file'),
trust_keystore_passphrase => hiera('wls_trust_keystore_passphrase'),
refreshonly => true,
subscribe => Wls_domain['Wls1036'],
}
wls_managedserver
type for managed server control like start, running, abort and stop a managed server or a cluster. also supports subscribe with refreshonly
# for this type you won't need a wls_setting identifier
wls_managedserver{'JMSServer1_Wls1036:':
ensure => 'running', #running|start|abort|stop
target => 'Server', #Server|Cluster
server_name => 'JMSServer1',
domain_name => hiera('domain_name'),
os_user => hiera('wls_os_user'),
weblogic_home_dir => hiera('wls_weblogic_home_dir'),
weblogic_user => hiera('wls_weblogic_user'),
weblogic_password => hiera('domain_wls_password'),
jdk_home_dir => hiera('wls_jdk_home_dir'),
adminserver_address => hiera('domain_adminserver_address'),
adminserver_port => hiera('domain_adminserver_port'),
}
subscribe to a wls_domain, wls_identity_asserter or wls_authenticaton_provider event
# for this type you won't need a wls_setting identifier
wls_managedserver{'JMSServer1_Wls1036':
ensure => 'running', #running|start|abort|stop
target => 'Server', #Server|Cluster
server_name => 'JMSServer1',
domain_name => hiera('domain_name'),
os_user => hiera('wls_os_user'),
weblogic_home_dir => hiera('wls_weblogic_home_dir'),
weblogic_user => hiera('wls_weblogic_user'),
weblogic_password => hiera('domain_wls_password'),
jdk_home_dir => hiera('wls_jdk_home_dir'),
adminserver_address => hiera('domain_adminserver_address'),
adminserver_port => hiera('domain_adminserver_port'),
refreshonly => true,
subscribe => Wls_domain['Wls1036'],
}
wls_deployment
it needs wls_setting and when identifier is not provided it will use the 'default'. or use puppet resource wls_deployment
# 'jersey-bundle' will use default as wls_setting identifier
wls_deployment { 'jersey-bundle':
ensure => 'present',
deploymenttype => 'Library',
target => ['AdminServer','WebCluster'],
targettype => ['Server','Cluster'],
versionidentifier => '1.18@1.18.0.0',
localpath => '/vagrant/jersey-bundle-1.18.war',
timeout => 60,
}
# this will use default as wls_setting identifier
wls_deployment { 'webapp':
ensure => 'present',
deploymenttype => 'AppDeployment',
target => ['WebCluster'],
targettype => ['Cluster'],
localpath => '/vagrant/webapp.war',
timeout => 60,
}
or add a version
# this will use default as wls_setting identifier
wls_deployment { 'webapp':
ensure => 'present',
deploymenttype => 'AppDeployment',
target => ['WebCluster'],
targettype => ['Cluster'],
versionidentifier => '1.1@1.1.0.0',
localpath => '/vagrant/webapp.war',
}
in hiera
$default_params = {}
$deployment_instances = hiera('deployment_library_instances', $default_params)
create_resources('wls_deployment',$deployment_instances, $default_params)
# this will use default as wls_setting identifier
deployment_library_instances:
'jersey-bundle':
ensure: 'present'
deploymenttype: 'Library'
versionidentifier: '1.18@1.18.0.0'
target:
- 'AdminServer'
- 'WebCluster'
targettype:
- 'Server'
- 'Cluster'
localpath: '/vagrant/jersey-bundle-1.18.war'
$default_params = {}
$deployment_instances = hiera('deployment_application_instances', $default_params)
create_resources('wls_deployment',$deployment_instances, $default_params)
# this will use default as wls_setting identifier
deployment_application_instances:
'webapp':
ensure: 'present'
deploymenttype: 'AppDeployment'
versionidentifier: '1.1@1.1.0.0'
target:
- 'AdminServer'
- 'WebCluster'
targettype:
- 'Server'
- 'Cluster'
localpath: '/vagrant/webapp.war'
wls_user
it needs wls_setting and when identifier is not provided it will use the 'default'.
or use puppet resource wls_user
# this will use default as wls_setting identifier
wls_user { 'OracleSystemUser':
ensure => 'present',
authenticationprovider => 'DefaultAuthenticator',
description => 'Oracle application software system user.',
realm => 'myrealm',
}
# this will use default as wls_setting identifier
wls_user { 'default/testuser1':
ensure => 'present',
authenticationprovider => 'DefaultAuthenticator',
description => 'testuser1',
realm => 'myrealm',
}
# this will use domain2 as wls_setting identifier
wls_user { 'domain2/testuser1':
ensure => 'present',
authenticationprovider => 'DefaultAuthenticator',
description => 'testuser1',
realm => 'myrealm',
}
in hiera
$default_params = {}
$user_instances = hiera('user_instances', {})
create_resources('wls_user',$user_instances, $default_params)
# testuser1 will use default as wls_setting identifier
# testuser2 will use domain2 as wls_setting identifier
user_instances:
'testuser1':
ensure: 'present'
password: 'weblogic1'
authenticationprovider: 'DefaultAuthenticator'
realm: 'myrealm'
description: 'my test user'
'domain2/testuser2':
ensure: 'present'
password: 'weblogic1'
authenticationprovider: 'DefaultAuthenticator'
realm: 'myrealm'
description: 'my test user'
wls_group
it needs wls_setting and when identifier is not provided it will use the 'default'.
or use puppet resource wls_group
# this will use default as wls_setting identifier
wls_group { 'SuperUsers':
ensure => 'present',
authenticationprovider => 'DefaultAuthenticator',
description => 'SuperUsers',
realm => 'myrealm',
users => ['testuser2'],
}
# this will use default as wls_setting identifier
wls_group { 'TestGroup':
ensure => 'present',
authenticationprovider => 'DefaultAuthenticator',
description => 'TestGroup',
realm => 'myrealm',
users => ['testuser1','testuser2'],
}
in hiera
$default_params = {}
$group_instances = hiera('group_instances', {})
create_resources('wls_group',$group_instances, $default_params)
# this will use default as wls_setting identifier
group_instances:
'TestGroup':
ensure: 'present'
authenticationprovider: 'DefaultAuthenticator'
description: 'TestGroup'
realm: 'myrealm'
users:
- 'testuser1'
- 'testuser2'
'SuperUsers':
ensure: 'present'
authenticationprovider: 'DefaultAuthenticator'
description: 'SuperUsers'
realm: 'myrealm'
users:
- 'testuser2'
wls_authentication_provider
it needs wls_setting and when identifier is not provided it will use the 'default' and probably after the creation the AdminServer needs a reboot or subscribe to a restart with the wls_adminserver type
only control_flag is a property, the rest are parameters and only used in a create action
Optionally, providers can be ordered by providing a value to the order paramater, which is a zero-based list. When configuring ordering order, it may be necessary to create the resources with Puppet ordering (if not using Hiera) or by structuring Hiera in matching order. Otherwise ordering may fail if not all authentication providers are created yet (by default the provider will be ordered last if it is greater than the number of providers currently configured).
To manage Weblogic's DefaultIdentityAsserter use the wls_identity_asserter type.
or use puppet resource wls_authentication_provider
# this will use default as wls_setting identifier
wls_authentication_provider { 'DefaultAuthenticator':
ensure => 'present',
control_flag => 'SUFFICIENT',
}
# this provider will be ordered first in the providers list
wls_authentication_provider { 'ldap':
ensure => 'present',
control_flag => 'SUFFICIENT',
providerclassname => 'weblogic.security.providers.authentication.LDAPAuthenticator',
attributes: => 'Principal;Host;Port;CacheTTL;CacheSize;MaxGroupMembershipSearchLevel;SSLEnabled',
attributesvalues => 'ldapuser;ldapserver;389;60;1024;4;1',
order => '0'
}
in hiera
$default_params = {}
$authentication_provider_instances = hiera('authentication_provider_instances', {})
create_resources('wls_authentication_provider',$authentication_provider_instances, $default_params)
# this will use default as wls_setting identifier
authentication_provider_instances:
'DefaultAuthenticator':
ensure: 'present'
control_flag: 'SUFFICIENT'
#ldap will be the first listed provider
'ldap':
ensure: 'present'
control_flag: 'SUFFICIENT'
providerclassname: 'weblogic.security.providers.authentication.LDAPAuthenticator'
attributes: 'Principal;Host;Port;CacheTTL;CacheSize;MaxGroupMembershipSearchLevel;SSLEnabled'
attributesvalues: 'ldapuser;ldapserver;389;60;1024;4;1'
order: '0'
'IdmsAuthenticator':
ensure: 'present'
control_flag: 'SUFFICIENT'
providerclassname: 'nl.rsg.security.idms.providers.authentication.IdmsAuthenticator'
attributes: 'Endpoint;RequestTimeout;ConnectTimeout'
attributesvalues: 'http://xxxx.com/MSL/4/AccountService;60000;5000'
order: '0'
'ActiveDirectoryAuthenticator':
ensure: 'present'
control_flag: 'SUFFICIENT'
providerclassname: 'weblogic.security.providers.authentication.ActiveDirectoryAuthenticator'
attributes: 'Credential;GroupBaseDN;GroupFromNameFilter;GroupMembershipSearching;Host;MaxGroupMembershipSearchLevel;Principal;UserBaseDN;UserFromNameFilter;UserNameAttribute;Port'
attributesvalues: 'password;DC=ad,DC=company,DC=org;(&(sAMAccountName=%g)(objectclass=group));limited;ad.company.org;0;CN=SER_WASadmin,OU=Service Accounts,DC=ad,DC=company,DC=org;DC=ad,DC=company,DC=org;(&(sAMAccountName=%u)(objectclass=user));sAMAccountName;389'
order: '1'
wls_identity_asserter
it needs wls_setting and when identifier is not provided it will use the 'default' and probably after the creation the AdminServer needs a reboot or subscribe to a restart with the wls_adminserver type
to provide a list of token types to create provide a "::" seperated list for attribute 'ActiveTypes'
Optionally, the provider can be ordered by specifying a value to the order paramater, which is a zero-based list. When configuring ordering order, it may be necessary to create the resources with Puppet ordering (if not using Hiera) or by structuring Hiera in matching order. Otherwise ordering may fail if not all authentication providers are created yet (by default the provider will be ordered last if it is greater than the number of providers currently configured).
or use puppet resource wls_identity_asserter
wls_authentication_provider { 'DefaultIdentityAsserter':
ensure => 'present',
providerclassname => 'weblogic.security.providers.authentication.DefaultIdentityAsserter',
attributes: => 'DigestReplayDetectionEnabled;UseDefaultUserNameMapper',
attributesvalues => '1;1;',
activetypes => 'AuthenticatedUser::X.509',
defaultmappertype => 'CN',
}
in hiera
$default_params = {}
$identity_asserter_instances = hiera('identity_asserter_instances', {})
create_resources('wls_identity_asserter',$identity_asserter_instances, $default_params)
identity_asserter_instances:
'DefaultIdentityAsserter':
order: '3'
ensure: 'present'
providerclassname: 'weblogic.security.providers.authentication.DefaultIdentityAsserter'
attributes: 'DigestReplayDetectionEnabled;UseDefaultUserNameMapper'
attributesvalues: '1;1'
activetypes: 'AuthenticatedUser::X.509'
defaultmappertype: 'CN'
wls_machine
it needs wls_setting and when identifier is not provided it will use the 'default'.
or use puppet resource wls_machine
# this will use default as wls_setting identifier
wls_machine { 'test2':
ensure => 'present',
listenaddress => '10.10.10.10',
listenport => '5556',
machinetype => 'UnixMachine',
nmtype => 'SSL',
}
# this will use domain2 as wls_setting identifier
wls_machine { 'domain2/test2':
ensure => 'present',
listenaddress => '10.10.10.10',
listenport => '5556',
machinetype => 'UnixMachine',
nmtype => 'SSL',
}
in hiera
# Node1 will use default as wls_setting identifier
# Node2 will use domain2 as wls_setting identifier
machines_instances:
'Node1':
ensure: 'present'
listenaddress: '10.10.10.100'
listenport: '5556'
machinetype: 'UnixMachine'
nmtype: 'SSL'
'domain2/Node2':
ensure: 'present'
listenaddress: '10.10.10.200'
listenport: '5556'
machinetype: 'UnixMachine'
nmtype: 'SSL'
wls_server
it needs wls_setting and when identifier is not provided it will use the 'default'.
or use puppet resource wls_server
# this will use default as wls_setting identifier
wls_server { 'wlsServer1':
ensure => 'present',
arguments => '-XX:PermSize=256m -XX:MaxPermSize=256m -Xms752m -Xmx752m -Dweblogic.Stdout=/var/log/weblogic/wlsServer1.out -Dweblogic.Stderr=/var/log/weblogic/wlsServer1_err.out',
jsseenabled => '0',
listenaddress => '10.10.10.100',
listenport => '8001',
machine => 'Node1',
sslenabled => '0',
tunnelingenabled => '0',
max_message_size => '10000000',
}
or with log parameters, default file store and ssl
# this will use default as wls_setting identifier
wls_server { 'default/wlsServer2':
ensure => 'present',
arguments => '-XX:PermSize=256m -XX:MaxPermSize=256m -Xms752m -Xmx752m -Dweblogic.Stdout=/var/log/weblogic/wlsServer2.out -Dweblogic.Stderr=/var/log/weblogic/wlsServer2_err.out',
jsseenabled => '0',
listenaddress => '10.10.10.200',
listenport => '8001',
log_file_min_size => '2000',
log_filecount => '10',
log_number_of_files_limited => '1',
log_rotate_logon_startup => '1',
log_rotationtype => 'bySize',
logfilename => '/var/log/weblogic/wlsServer2.log',
log_datasource_filename => 'logs/datasource.log',
log_http_filename => 'logs/access.log',
log_http_format => 'date time cs-method cs-uri sc-status',
log_http_format_type => 'common',
log_http_file_count => '10',
log_http_number_of_files_limited => '0',
log_redirect_stderr_to_server => '0',
log_redirect_stdout_to_server => '0',
logintimeout => '5000',
restart_max => '2',
machine => 'Node2',
sslenabled => '1',
sslhostnameverificationignored => '1',
ssllistenport => '8201',
two_way_ssl => '0',
client_certificate_enforced => '0',
default_file_store => '/path/to/default_file_store/',
max_message_size => '25000000',
}
or with JSSE with custom identity and trust
# this will use domain2 as wls_setting identifier
wls_server { 'domain2/wlsServer2':
ensure => 'present',
arguments => '-XX:PermSize=256m -XX:MaxPermSize=256m -Xms752m -Xmx752m -Dweblogic.Stdout=/var/log/weblogic/wlsServer2.out -Dweblogic.Stderr=/var/log/weblogic/wlsServer2_err.out',
listenaddress => '10.10.10.200',
listenport => '8001',
log_file_min_size => '2000',
log_filecount => '10',
log_number_of_files_limited => '1',
log_rotate_logon_startup => '1',
log_rotationtype => 'bySize',
logfilename => '/var/log/weblogic/wlsServer2.log',
machine => 'Node2',
sslenabled => '1',
sslhostnameverificationignored => '1',
ssllistenport => '8201',
two_way_ssl => '0'
client_certificate_enforced => '0'
jsseenabled => '1',
custom_identity => '1',
custom_identity_alias => 'node2',
custom_identity_keystore_filename => '/vagrant/identity_node2.jks',
custom_identity_keystore_passphrase => 'welcome',
custom_identity_privatekey_passphrase => 'welcome',
trust_keystore_file => '/vagrant/truststore.jks',
trust_keystore_passphrase => 'welcome',
max_message_size => '25000000',
}
in hiera
# this will use default as wls_setting identifier
server_instances:
'wlsServer1':
ensure: 'present'
arguments: '-XX:PermSize=256m -XX:MaxPermSize=256m -Xms752m -Xmx752m -Dweblogic.Stdout=/data/logs/wlsServer1.out -Dweblogic.Stderr=/data/logs/wlsServer1_err.out'
listenaddress: '10.10.10.100'
listenport: '8001'
logfilename: '/data/logs/wlsServer1.log'
machine: 'Node1'
sslenabled: '1'
jsseenabled: '0'
ssllistenport: '8201'
sslhostnameverificationignored: '1'
two_way_ssl: '0'
client_certificate_enforced: '0'
or with log parameters
# this will use default as wls_setting identifier
server_instances:
'wlsServer1':
ensure: 'present'
arguments: '-XX:PermSize=256m -XX:MaxPermSize=256m -Xms752m -Xmx752m -Dweblogic.Stdout=/data/logs/wlsServer1.out -Dweblogic.Stderr=/data/logs/wlsServer1_err.out'
listenaddress: '10.10.10.100'
listenport: '8001'
logfilename: '/var/log/weblogic/wlsServer1.log'
log_file_min_size: '2000'
log_filecount: '10'
log_number_of_files_limited: '1'
log_rotate_logon_startup: '1'
log_rotationtype: 'bySize'
log_datasource_filename: 'logs/datasource.log'
log_http_filename: 'logs/access.log'
log_http_file_count: '10'
log_http_number_of_files_limited: '0'
log_redirect_stderr_to_server: '0'
log_redirect_stdout_to_server: '0'
logintimeout: '5000'
restart_max: '2'
machine: 'Node1'
sslenabled: '1'
ssllistenport: '8201'
sslhostnameverificationignored: '1'
jsseenabled: '1'
default_file_store: '/path/to/default_file_store/'
max_message_size: '25000000'
You can also pass server arguments as an array, as it makes it easier to use references in YAML.
server_vm_args_permsize: &server_vm_args_permsize '-XX:PermSize=256m'
server_vm_args_max_permsize: &server_vm_args_max_permsize '-XX:MaxPermSize=256m'
server_vm_args_memory: &server_vm_args_memory '-Xms752m'
server_vm_args_max_memory: &server_vm_args_max_memory '-Xmx752m'
# this will use default as wls_setting identifier
server_instances:
'wlsServer1':
ensure: 'present'
arguments:
- *server_vm_args_permsize
- *server_vm_args_max_permsize
- *server_vm_args_memory
- *server_vm_args_max_memory
- '-Dweblogic.Stdout=/var/log/weblogic/wlsServer1.out'
- '-Dweblogic.Stderr=/var/log/weblogic/wlsServer1_err.out'
listenaddress: '10.10.10.100'
listenport: '8001'
logfilename: '/var/log/weblogic/wlsServer1.log'
machine: 'Node1'
sslenabled: '1'
ssllistenport: '8201'
sslhostnameverificationignored: '1'
jsseenabled: '1'
'wlsServer2':
ensure: 'present'
arguments:
- *server_vm_args_permsize
- *server_vm_args_max_permsize
- *server_vm_args_memory
- *server_vm_args_max_memory
- '-Dweblogic.Stdout=/var/log/weblogic/wlsServer2.out'
- '-Dweblogic.Stderr=/var/log/weblogic/wlsServer2_err.out'
listenport: '8001'
logfilename: '/var/log/weblogic/wlsServer2.log'
machine: 'Node2'
sslenabled: '1'
ssllistenport: '8201'
sslhostnameverificationignored: '1'
listenaddress: '10.10.10.200'
jsseenabled: '1'
or with custom identity and custom truststore
# used by nodemanager, control and domain creation
wls_custom_trust: &wls_custom_trust true
wls_trust_keystore_file: &wls_trust_keystore_file '/vagrant/truststore.jks'
wls_trust_keystore_passphrase: &wls_trust_keystore_passphrase 'welcome'
# this will use default as wls_setting identifier
server_instances:
'wlsServer1':
ensure: 'present'
arguments: '-XX:PermSize=256m -XX:MaxPermSize=256m -Xms752m -Xmx752m -Dweblogic.Stdout=/var/log/weblogic/wlsServer1.out -Dweblogic.Stderr=/var/log/weblogic/wlsServer1_err.out'
listenaddress: '10.10.10.100'
listenport: '8001'
logfilename: '/var/log/weblogic/wlsServer1.log'
machine: 'Node1'
sslenabled: '1'
ssllistenport: '8201'
sslhostnameverificationignored: '1'
jsseenabled: '1'
custom_identity: '1'
custom_identity_keystore_filename: '/vagrant/identity_node1.jks'
custom_identity_keystore_passphrase: 'welcome'
custom_identity_alias: 'node1'
custom_identity_privatekey_passphrase: 'welcome'
trust_keystore_file: *wls_trust_keystore_file
trust_keystore_passphrase: *wls_trust_keystore_passphrase
wls_server_channel
it needs wls_setting and when identifier is not provided it will use the 'default', the title must also contain the server name
or use puppet resource wls_server_channel
# this will use default as wls_setting identifier
wls_server_channel { 'wlsServer1:Channel-Cluster':
ensure => 'present',
enabled => '1',
httpenabled => '1',
listenaddress => '10.10.10.100',
listenport => '8003',
outboundenabled => '0',
protocol => 'cluster-broadcast',
publicaddress => '10.10.10.100',
tunnelingenabled => '0',
}
# this will use default as wls_setting identifier
wls_server_channel { 'wlsServer2:Channel-Cluster':
ensure => 'present',
enabled => '1',
httpenabled => '1',
listenport => '8003',
publicport => '8103',
outboundenabled => '0',
protocol => 'cluster-broadcast',
tunnelingenabled => '0',
max_message_size => '25000000',
}
in hiera
# this will use default as wls_setting identifier
server_channel_instances:
'wlsServer1:Channel-Cluster':
ensure: 'present'
enabled: '1'
httpenabled: '1'
listenaddress: '10.10.10.100'
listenport: '8003'
outboundenabled: '0'
protocol: 'cluster-broadcast'
publicaddress: '10.10.10.100'
tunnelingenabled: '0'
'wlsServer2:Channel-Cluster':
ensure: 'present'
enabled: '1'
httpenabled: '1'
listenport: '8003'
publicport: '8103'
outboundenabled: '0'
protocol: 'cluster-broadcast'
tunnelingenabled: '0'
max_message_size: '25000000'
wls_cluster
it needs wls_setting and when identifier is not provided it will use the 'default'.
or use puppet resource wls_cluster
# this will use default as wls_setting identifier
wls_cluster { 'WebCluster':
ensure => 'present',
messagingmode => 'unicast',
migrationbasis => 'consensus',
servers => ['wlsServer3','wlsServer4'],
multicastaddress => '239.192.0.0',
multicastport => '7001',
}
# this will use default as wls_setting identifier
wls_cluster { 'WebCluster2':
ensure => 'present',
messagingmode => 'unicast',
migrationbasis => 'consensus',
servers => ['wlsServer3','wlsServer4'],
unicastbroadcastchannel => 'channel',
multicastaddress => '239.192.0.0',
multicastport => '7001',
frontendhost => '10.10.10.10'
frontendhttpport => '1001'
frontendhttpsport => '1002'
}
in hiera
# this will use default as wls_setting identifier
cluster_instances:
'WebCluster':
ensure: 'present'
messagingmode: 'unicast'
migrationbasis: 'consensus'
servers:
- 'wlsServer1'
- 'wlsServer2'
wls_coherence_cluster
it needs wls_setting and when identifier is not provided it will use the 'default'.
or use puppet resource wls_coherence_cluster
# this will use default as wls_setting identifier
wls_coherence_cluster { 'WebCoherenceCluster':
ensure => 'present',
clusteringmode => 'unicast',
multicastport => '33389',
target => ['WebCluster'],
targettype => ['Cluster'],
unicastport => '9999',
storage_enabled => '1',
}
wls_coherence_cluster { 'defaultCoherenceCluster':
ensure => 'present',
clusteringmode => 'unicast',
multicastport => '33387',
unicastport => '8888',
}
in hiera
Types in this module release
History
1.0.31
- wls_jms_queue, new attribute forwarddelay
- wls_foreign_server_object, bug when removing object plus also removing dependencies
- wls_cluster, new attribute clusteraddress
- nodemanager.properties was overwritten in case of weblogic 12c and a domain extension
- nodemanager with 12c didn't start when log_dir was empty
1.0.30
- download dir dependency cycle error between weblogic and domain manifest.
- bsu unzip -o option instead of -n so the new readme is also added to the cache_dir
- wls_server, new attributes log_redirect_stderr_to_server, log_redirect_stdout_to_server, restart_max, log_http_file_count, log_http_number_of_files_limited, bea_home
- wls_jmsserver, new attributes bytes_maximum, allows_persistent_downgrade
- wls_datasource, new attributes secondstotrustidlepoolconnection, testfrequency, connectioncreationretryfrequency
- wls_server_channnel, new attributes publicport, max_message_size
1.0.29
- calculated_listen_port attribute for wls_dynamic_cluster
- mincapacity, statementcachesize, testconnectionsonreserve for wls_datasource
- wls_managedserver type fix when target is cluster, doesn't use ps -ef but uses wlst to check the cluster status
- new wls_messaging_bridge wls type
- new wls_jms_bridge_destination wls type
- wls_setting added a 'default' entry in wls_settings.yaml even when default is not used
1.0.28
- new wls_identity_asserter type for customising default identy asserter
- xaproperties attributes in wls_datasource
- better error handling for wls_authentication_provider ordering
- option to skip the OPSS security store migration from file to the database in fmwcluster.pp
- Custom type for oracle weblogic/domain directory structure instead of using a structure manifest
- logintimeout attribute for wls_server
- added some extra autorequire on wls resource types
1.0.27
- bug fixes in auto require and post classpath parameter bug when running in debug mode
- wls_multi_datasource resource type added
1.0.26
- auto require based on the wls resource parameters, no need to use require on the all wls resource types
- wls_adminserver type used plain as a default in nmconnect
1.0.25
- Auto require on wls resource types
- urandom fix for rngd service on RedHat Family version 7
- Secure replication parameter for wls_cluster
- ignore ldap providers for wls_user & wls_group
- Support for nodemanagers without security ( plain, with nodemanager_secure_listener = false) on control.pp, nodemanager.pp & domain.pp
1.0.24
- Wls_setting resource type check for required attributes
- Timeout parameter bug on all wls resource types ( the default 120 was always used)
- Nodemanager.pp exec sleep command replaced by fiddyspence/sleep resource type, will check every 2 seconds with netstat
1.0.23
- Solaris 11 fixes for nodemanager, wls_adminserver & wls_managedserver resource types
- wls_server resource type changes like: check for Adminserver creation/deletion, new properties tunnelingenabled, log_http_format_type, log_http_format, default_file_store, log_datasource_filename
- wls_domain resource type properties: platform-m-bean-server-enabled, platform-m-bean-server-used, show-archived-real-path-enabled
- wls_jms_connection_factory resource type properties: client-id-policy, subscription-sharing-policy, messages-maximum, reconnect-policy, load-balancing-enabled, server-affinity-enabled, attach-jmsx-user-id
- changed oraInst.loc permissions to 0755
1.0.22
- fix for copydomain when the standard domains location is used
- enable storage on wls_coherence_cluster
- AdminServer option to listen on all interfaces, adminserver_listen_on_all_interfaces = true on domain.pp
1.0.21
- puppet custom type for 12.1.2, 12.1.3 RCU, checks first if it already exists
- refactor all domains py scripts to standard one with an FMW extension (optional)
- fmw temp directory bug fix
1.0.20
- unset DISPLAY on install/configurations actions to avoid X timeout
- exclude the standard puppet attributes from the wls_setting yaml files
- Print the WLST scripts of all the wls types when puppet runs in debug mode
- Added new attributes log_http_filename & log_datasource_filename to the wls_server type
- SOA Cluster 12.1.3 fix for activating soa-infra application
- control the startup delay for the nodemanager with the sleep parameter
- option to assign the jrfcluster to a opss database
1.0.19
- changed property and removed propertyvalues of wls_mail_session, now there is no change detected when there is a different sorting
- changed users of wls_group, no change when there is a different sorting
- removed extrapropertiesvalues of wls_datasource, you can use now extraproperties with key=value,key1=value
- removed extrapropertiesvalues of wls_foreign_server, you can use now extraproperties with key=value,key1=value
- New Order parameter on the wls_authentication_provider type so you can change the order
- Timout parameter for all the wls types, can be used to override the default timeout (120s) on every wls resource
- MaxMessageSize parameter for wls_server resource type
1.0.18
- small fix for the server_template type with the arguments parameter
- Frontend parameters for wls_cluster
- Option to skip RCU with a domain creation ( weblogic > 12.1.2)
- new WebLogic type wls_mail_session
- new parameter default file store with wls_server
1.0.17
- utils.py fix for multiple domains
- Refactor for rubocop warnings
1.0.16
- Gridlink support for the Datasource type
- Extra properties can now be removed in a update of the Datasource
- Refactor domain py scripts and use a utils.py script for common functions
1.0.15
- RCU 12.1.3 support for MFT
- BSU fix for hard mdw path in patch policy
- OPatch, check the outcome of the action else fail
- SOA Cluster also works for FMW version 11.1.1.6
- wls_server type new attributes two_way_ssl, client_certificate_enforced
- wls_authentication_provider type now works for DefaultIdentityAsserter
1.0.14
- Change log Tab for puppetlabs forge
1.0.13
- Support for multiple jrf clusters
- New WLS 12c types like wls_server_template, wls_coherence_cluster, wls_dynamic_cluster
1.0.12
- SOA 12.1.3 Cluster support
- 12.1.3 FMW fixes
- BSU policy patch
- OAM & OIM cluster support
- 11g option to associate WebTier with a domain
1.0.11
- OSB 12.1.3 Cluster support
- FMW domains update for datasources based on servicetable
- Target & targettype on all wls types expects an array
- Same for servers parameter on wls_domain type
- Same for users parameter on wls_group type
- Same virtualhostnames parameter on wls_virtual_host
- Same for jndinames, extraproperties, extrapropertiesvalues parameters on wls_datasource & wls_foreign_server
1.0.10
- fixed WebLogic 12.1.2 & 12.1.3 standard domain bug.
1.0.9
- WebLogic 12.1.3 (infra) support
- Support for 12.1.3 SOA,OSB,B2B,MFT installation
- 12.1.3 Standard, ADF, SOA, OSB domain (no cluster)
- wls_adminserver type fix when using no custom trust
1.0.8
- wls_server pass server arguments as an array, as it makes it easier to use references in YAML
- Added log file options to wls_server
1.0.7
- wls_adminserver,wls_managedserver type to start,stop and refresh a managed server ( or subscribe to changes and do an autorestart )
- BSU
- Opatch
- Resource adapter
- Small nodemanager fix
1.0.6
- Readme with links
- wls types title cleanup
- Multiple resource adapter entries fix
- wls_domain fix
- bsu & opatch also works on < puppet 3.2
- hiera vars without an undef default
1.0.5
- wls_domain type to modify JTA,Security,Log & JPA
- Oracle Unified Directory install, domain, instances creation
- OUD control
1.0.4
- wls_deployment type/provider
- Post_classpath param on wls_setting
- WebTier for 12.1.2 and 11.1.1.7
- OIM & OAM 11.1.2.1 & 11.1.2.2 support with OHS OAM Webgate
1.0.3
- WLST Domain daemin for fast WLS types execution
- BSU & OPatch absent option and better output when it fails
1.0.2
- Custom Identity and Custom Trust
1.0.1
- Multi domain support with Puppet WLS types and providers
Dependencies
- hajee/easy_type (>=0.10.0)
- adrien/filemapper (>=1.1.1)
- reidmv/yamlfile (>=0.2.0)
- fiddyspence/sleep (>=1.1.2)
Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.