Earlier in September the Peoplesoft OVM CRM9.1 template has been released, announced here.
It’s now time to test, see how it is working after the HCM9.1 and PS9.1 templates.
It is available on http://edelivery.oracle.com/linux – check for the templates 64bits, : Peoplesoft VM Templates for CRM 9.1 Release Media Pack v1 for x86 (64 bit).
There are two templates, one for the database, one for the app/batch/PIA.
I’ll skip all the steps regarding Oracle VM Manager, Oracle VM Server configuration, uncompress and import of the template since this is the same exercise I did last year for HCM9.1, please if you want to know more, have a look to the tutorial on the top-right of the main blog page. I’ll start the description below from the starting of the new VM.
1. The database server
Select the VM and click on “Power On” 
Then on console (be fast otherwise it will be configured as DHCP that you certainly don’t want). 
Give all what it needs, IP address and so on : 
Here below, (as usual on Peoplesoft template, I do not know if that’s the same for all Oracle template containing database software), we got the CSS error (this step takes quite a while). Whether it fails that is not an issue for the next steps : 
It continues, give the database name, it will create new controlfiles. 
And it is done. 
Few notes
1.1 I choose the database to start on server boot, but it won’t (same for previous HCM and PS templates).
[oracle@psovmcrmdb ~]$ more /etc/oratab
orcl:/u01/app/oracle/product/11.1.0/db_1:N
1.2 Note, the service is your_db_name.us.oracle.com :
[oracle@psovmcrmdb ~]$ lsnrctl status
LSNRCTL for Linux: Version 11.1.0.7.0 - Production on 21-NOV-2010 02:26:30
Copyright (c) 1991, 2008, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=psovmcrmdb)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 11.1.0.7.0 - Production
Start Date 21-NOV-2010 02:18:00
Uptime 0 days 0 hr. 8 min. 30 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /u01/app/oracle/product/11.1.0/db_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/product/11.1.0/db_1/log/diag/tnslsnr/psovmcrmdb/listener/alert/log.xml
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=psovmcrmdb)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1521)))
Services Summary...
Service "C91TMPLT.us.oracle.com" has 1 instance(s).
Instance "C91TMPLT", status READY, has 1 handler(s) for this service...
Service "C91TMPLT_XPT.us.oracle.com" has 1 instance(s).
Instance "C91TMPLT", status READY, has 1 handler(s) for this service...
Service "XDB.us.oracle.com" has 1 instance(s).
Instance "C91TMPLT", status READY, has 1 handler(s) for this service...
The command completed successfully
1.3 SYSADM’s password is in upper case :
[oracle@psovmcrmdb ~]$ export ORACLE_SID=C91TMPLT
[oracle@psovmcrmdb ~]$ sqlplus sysadm/sysadm
SQL*Plus: Release 11.1.0.7.0 - Production on Sun Nov 21 02:27:44 2010
Copyright (c) 1982, 2008, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
Enter user-name:
[oracle@psovmcrmdb ~]$ sqlplus sysadm/SYSADM
SQL*Plus: Release 11.1.0.7.0 - Production on Sun Nov 21 02:27:53 2010
Copyright (c) 1982, 2008, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
1.4 Language installed is only English :
SQL> select language_cd from pslanguages where installed=1;
LANGUAGE_CD
------------
ENG
SQL>
1.5 The default profile of SYSADM and PEOPLE users expires password the 12-FEB-2011 :
SQL> select username,account_status,expiry_date,profile
2 from dba_users
3* where username in ('PEOPLE','SYSADM')
SQL> /
USERNAME ACCOUNT_STATUS EXPIRY_DATE PROFILE
------------------------------ -------------------------------- ------------------ ------------------------------
PEOPLE OPEN 12-FEB-11 DEFAULT
SYSADM OPEN 12-FEB-11 DEFAULT
You should change it to avoid future issues :
SQL> alter profile default limit
failed_login_attempts unlimited
password_life_time unlimited
password_lock_time unlimited
password_grace_time unlimited;
Profile altered.
SQL> select username,account_status,expiry_date,profile
from dba_users
where username in ('PEOPLE','SYSADM');
USERNAME ACCOUNT_STATUS EXPIRY_DATE PROFILE
------------------------------ -------------------------------- ------------------ -----------PEOPLE OPEN DEFAULT
SYSADM OPEN DEFAULT
2. The App/Batch/PIA server
Select the VM and click on “Power On” 
Then on console (be fast otherwise it will be configured as DHCP that you certainly don’t want). 
Give all what it needs, IP address and so on : 
If you select “y” to condifure App/Batch here above, everything will start automatically right now (not on future server boot, you’ll have to start it manually). 
Here, we can see an audit message with access denied. Despite that message, everything will be done successfully. 
And now configuration of the PIA. 
You can choose to setup report node during the VM creation as suggested : 
And at the end : 
Done, we get the login page as expected and successful connection : 
If not done earlier, create a new report node : 
And add the report node to the server OVMDEMO : 
Everything should work and resports posted as well : 
Now you have a full working CRM9.1 DEMO environment.
NOTE :
I was keeping the console opened on the VM during all the steps till the end, and notice the following messages : 
It was already there on the previous App/Batch templates (HCM9.1 and PS9.1), but it is not a show stopper.
The first line was coming when testing a sqlplus connection from the AppServer, the second when starting the domain…
And it is reproductible each time the server is rebooted.
From /var/log/messages we can see the lines :
Nov 21 08:47:09 psovmcrm kernel: audit(1290347229.280:3): avc: denied { execmod } for pid=1466 comm="sqlplus" path="/opt/oracle/psft/pt/oracle-client/11.1.0.7-64bit/lib/libnnz11.so" dev=xvdb1 ino=2486 scontext=root:system_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lib_t:s0 tclass=file
Nov 21 08:59:15 psovmcrm kernel: audit(1290347955.365:4): avc: denied { execmod } for pid=1629 comm="PSAPPSRV" path="/opt/oracle/psft/pt/oracle-client/11.1.0.7-64bit/lib/libnnz11.so" dev=xvdb1 ino=2486 scontext=root:system_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lib_t:s0 tclass=file
Nov 21 09:00:48 psovmcrm kernel: audit(1290348048.663:5): avc: denied { execmod } for pid=1645 comm="PSANALYTICSRV" path="/opt/oracle/psft/pt/tools/bin/libcplex110.so" dev=xvdb1 ino=838585 scontext=root:system_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:bin_t:s0 tclass=file
It is coming from SELinux security which is not turned off (note that it is already disable on the database server VM).
Again, everything works fine, but if you want to get rid off those messages, 2 solutions (choose one) :
1. If you are allowed to turn off the SELinux.
[root@psovmcrm log]# more /etc/selinux/config|grep SELINUX=
# SELINUX= can take one of these three values:
SELINUX=permissive
Change it to :
[root@psovmcrm log]# more /etc/selinux/config|grep SELINUX=
# SELINUX= can take one of these three values:
#SELINUX=permissive
SELINUX=disabled
Reboot your server, and retry a sqlplus connection, restart the domain won’t harm anymore. And those error messages are just gone from the log file.
2. If you don’t want to disable SELinux.
a. As root (in /var/log) :
tail –f messages|tee oracle.log
b. Meanwhile, in an other session as psadm2, try a sqlplus connection onto the database and start the domain.
c. As root, stop the tail, and run :
audit2allow -M oracle < oracle.log
semodule -i oracle.pp
=> From now, no more the messages.
Nicolas.
No comments:
Post a Comment