Oracle Apps Load Balancer Setup for HTTP Server

I am going to cover most common load balancer setup in Oracle Apps 11i i.e. Setup Two or more Middle tier with Web Server & Form Server with Hardware Load balancer in front of middle tier . This type of setup is also called as “HTTP Layer Hardware Load balancing” in Oracle Applications.

Below are steps you need to follow to configure Multiple Middle Tier (Web & Forms Server ) with Hardware Load balancer in front.

1. Setup a Load balancer such that it forwards requests to first middle tier only.

2. Make sure sticky bit is set on load balancer for session persistence (Check Load balancer documentation), You can Network level switch as well to send requests to multiple middle tier

3. Apply Prereq. patches (3175852, 3077386, 3209878)

4. Edit following entry in XML or Context File directly ($APPL_TOP/admin/$CONTEXT_NAME.xml) or via Oracle Application Manager

— 4.1 “Web entry point Host” to the HTTP load-balancer machine name

— 4.2 “Web entry point Domain” to the HTTP load-balancer domain name

— 4.3 “Web entry protocol” to the HTTP load-balancer protocol e.g. “http” or “https”

— 4.4 “Active Web Port” to the value of the HTTP load-balancer’s external port

— 4.5 “Login Page” to include “Web entry protocol”://”Web Host entry point”.”Web domain entry point”:”Active Web Port”

— 4.6 “disco_machine” to load balancer machine

5. Run Autoconfig

6. Start Services & check if you can login to applications via Load balancer

7. Now clone this middle tier to another node (where you want to add another node)

8. Make sure above parameter are pointing to load balancer in second node as well

9. Change load balancer to point to second node only

10. shutdown services on first node

11. try accessing application from second node (you should be able to access application without issues)

11.1 — If forms are not opening properly , check “ICX Form Launcher ..” Profile option should point to load balancer

12. Now start application on both middle tier

13. Point load balancer to both middle tier

14. You should be able to access applications

Things to Note :

——————

Above solution is for HTTP Layer load balancing & HTTP Server will forward Forms request to form server running on same node .

Related Links

Metalink Note : 217368.1 Advanced Configurations and Topologies for Enterprise Deployments of E-Business Suite 11i

http://teachMeOracle.com/forum

About the Author Atul Kumar

Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.

follow me on:

Leave a Comment:

16 comments
fhasweh says December 21, 2006

very good post

thank you

fadi hasweh
http://oracle-magic.blogspot.com/
Oracle is not Magic, it just takes years of experience

Reply
Navdeep Saini says December 28, 2006

Hi Atul

As promised i am checking your blog ;-)…
Nice post.

cya
Nav
http://practicalappsdba.wordpress.com

Reply
Sudhakar says March 27, 2007

Hi Atul,

Am going to implement the HTTP Layer Load Balancer for Oracle Apps HRMS. But am having a doubt about the prereq patch 3209878 which is a Oracle Configurator Patch. Please suggest whether we have to apply this patch even though we are not using the Oracle Configurator.
Thanks
Sudhakar

Reply
Atul Kumar says March 27, 2007

Hi

For any apps quesries/questions / doubts raise them in forum at http://teachMeOracle.com/forum

Reply
Naveen.K.V says July 24, 2008

hey atul,

i am using balance software from sourcforge.net to balance request between oracle application servers 10.1.3.3.0. so what i want to know is the procedure to route https requests between the 2 nodes. if you have any documents or any links, please forward me the same 🙂

Reply
Atul says July 24, 2008

Naveen,
If I understand your problem, you have two 10.1.3 application server listening on SSL.

You downloaded some load balancer software from sourcforge.net and now you wish to fwd requests via software load balancer to these two 10.1.3 application server .

If this is the case you need to check software load balancer documentation on how to configure 10.1.3 application server as destination server(also called as origin server)

Reply
Naveen.K.V says October 6, 2008

Hi,

· I have followed the enterprise deployment guide 10.1.3.1.0 and have internel load balncer and no external load balancer.

· On accessing em, bpel console and my own application using internal load balancer url, it is redirecting the https request on http protocol, which is wrong, because http traffic with https port number is totally absurd

· Consequently in order to open the em console or any application with load balancer url, I have to force the url by changing http to https without which any of the application will not work.

· One more problem that has been observed is the loadbalncer url is redirected to the url of node in cluster where the load balancer redirects the request to, this should not happen and the url should remain constant with respect to the hostname and it should not share the information as to which node the load balancer sent the request to.

· The load balance software being used is balance software from sourceforge.net

. i am trying to setup ssl between load balancer and webserver

Reply
Naveen.K.V says October 6, 2008

hi,
i am getting this error in apache logs

” mod_ossl: SSL protocol error [Hint: the client probably speaks HTTPS over HTTP protocol]” and looking at the change in URL i can understand that this is happening, any solution to this?

Reply
Atul says October 6, 2008

What do you mean by Internel load balncer ?
Is this that you are using balance ..

How and which document you used to configure SSL for 10g R3 (SOA suite) ?

Looking at issues it seems all steps were not followed proprly to configure Load Balancer & SSL

Is SSL terminating at load balancer or you are configuring it all the way till apps server

client load balancer 10.1.3 web server 10.1.3 App server (OC4J)

Reply
Naveen.K.V says October 6, 2008

hi,

http://download-uk.oracle.com/docs/cd/B31017_01/core.1013/b28939/j2ee.htm#sthref127

the above link is 10g relase 3 deployment guide, which i am following. there if you look at it, there is one external load balancer which will listen to internal load balancer and internal load balancer will listen to 2 app servers. but in my case, i am not using the external load balancer , i use only internal load balancer with the https.conf settings mentioned in the document.

i dont think my load balancer has ssl accelarator to decrypt https traffic and send plain http to web server. instead i believe my http server is doing all decrytion and sending http traffic to appserver.

i have not configured ssl in app layer though.

Reply
Atul says October 6, 2008

@ Naveen,

Issue is that document mentioned in
http://download-uk.oracle.com/docs/cd/B31017_01/core.1013/b28939/j2ee.htm#sthref127

is based on assumption that load balancer is listening on port 443 and doing ssl encryption and decryption.

so communication from client to load balancer is ssl and from load balancer to web server and then app server is all non ssl.

should i use real ssl certificate?
No test certificate should work, issue seems with configuration at your end

is ssl certificate bound to an ip?
No this is bound to server name and not IP. This is URL name to be more specific

Is there any way i can use the default ssl certs?
Yes

How exactly should the httpd.conf look like?
It should be part of configuration , first configure web server to listen on SSL

Any changes necessary to ssl.conf?
It should be part of configuration

For configuring SSL on 10g R3 use http://download-uk.oracle.com/docs/cd/B31017_01/core.1013/b28940/sslmid.htm

Reply
Naveen.K.V says October 8, 2008

hi Atul,

Thank you for the support, i have put all my ssl configuration into ssl.conf and http related configuration into httpd.conf. that resolved my url rewrite from https to http problem. But then i had to create a wallet with self signed certificate to procedd ahead with https on clustered environment.

so summary is:

defult wallet doesnot work for https on clustered environment,

i had raised a SR in metalink about this problem and as per meta link ssl cert is bound to an ip. let me post you the exact conversation that i had with metalink.

1) is ssl bound to an ip?
It is bound to an IP address and you can only have 1 SSL listener per IP

so, now my next step is, i have an extenal load balancer and looking forward to use extenal load balancer. similar to so.mycompany.com in the document 🙂

Reply
Atul says October 8, 2008

Good to hear that configuration is working for you now

Are you still confused with SSL certificate ? Your question to oracle support was wrong.

Is should be “Is ssl “certificate” bound to an IP or ServerName”
Answer is certificate is linked to serverName (what so ever user type in browser to access web server)

Is ssl bound to an ip? (ssl here is protocol & not ssl certificate)
SSL/protocol is bound to combination of IP & port number so in one IP address you could start two SSL server like

IP1:443
IP1:444

Reply
» Add new Application Tier/Node to Oracle Apps/E-Business Suite (11i/R12/12i) Online Apps DBA: One Stop Shop for Apps DBA’s says May 3, 2009

[…] – If this is second middle tier node in your configuration then configure load balancer for existing and new middle tier (Use Metalink Note 380489.1 for R12 and 217368.1 for 11i). Check more on Load Balancer Here […]

Reply
Amber says December 13, 2011

This was really a good post. very informative

Reply
layzrockz says June 16, 2012

Hi Atul,

In Our environment we have configured OHS as a reverse proxy which forwards the request to weblogic nodes. We have our OHS instance configured on the Bigip Level. There are some scenarios where we have to test the application deployed on the individual managed server for troubleshooting purpose. Currently our application can only be accessed through Oracle access manager and it gives OAM error when we try to access the application directly. Can we have a irule in place on the BIGIP level to access the application deployed on the individual managed server.

Reply
Add Your Reply

Not found