Demystifying Shared Storage Requirements for Oracle Identity Management 11gR2


Roland Davis 13/12/2012

I’ve spent the day going through and planning the disk environment for a HA deployment of OIM, OAM, OPAM and OVD.  There really isn’t a very good reference on this topic, there are a couple of publications from Oracle: the Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management, and the Oracle Identity Management 11.1.2 Enterprise Deployment Blueprint that have some good information but these documents do need to be updated to reflect the most recently supported WebLogic server (10.3.6).

It turns out that there are some interesting high-level findings:

  1. The Web Tier uses local storage – most customers use OHS for the Web Tier, which isn’t clustered and uses the OPMN framework to try and restart a downed instance of OHS
  2. The Directory Tier uses local storage – this is true of OVD and it uses the same OPMN framework as OHS.
  3. The App Tier (OAM, OIM and OPAM), uses a combination of local and shared storage and special care needs to be taken to design for the AdminServer to failover.

So looking at the App Tier, one requires shared storage for the following:

  • MW_HOME – this is where all the install binaries are laid down.  It is the location for the WebLogic binaries, as well as the binaries for the Oracle Identity Management Suite of products.
  • Default Persistent Stores – there is a Default Persistent Store for each of the Managed Servers and Admin Servers in the environment and it is responsible for storage of the JTA Transaction Logs.
  • Admin Server – this is a singleton service and if you want it to failover, you need to have shared storage (mounted to only one host at a time).
  • Non-Default Persistent Stores – if you are Persisting JMS to a File Store (instead of a database), then you need Shared Storage for it, and you can’t use the Default Persistent Store to failover JMS.

The Managed Servers can run Shared Storage, but Oracle claims there is a performance hit if you do that.  In my design, I am using Local Storage for the Managed Servers.

There are a couple of places where I am thinking about deviating from the Oracle recommendation around the MW_HOME and how it is shared…  Oracle recommends a couple of things:

  • A separate MW_HOME for each domain
  • A duplicate MW_HOME for each domain

I’ve chosen to go with 3 domains (so that I can patch each independantly of the others), so if I follow Oracle’s recommendation, I would have 6 MW_HOMEs.   I am thinking about going with just a single MW_HOME.  The argument of having a duplicate MW_HOME seems like you are doing a whole bunch of work, just incase MW_HOME gets corrupted somehow…  If that is the case, could I not just resort to my backup or if worse comes to worse, just run the installers again for Oracle Identity Management and WebLogic?

As for a separate MW_HOME for each domain, well, I have already moved the Domain Directory so that it is not located under MW_HOME (it will go there by default) and then instead of installing Identity Management 11gR2 in say Oracle_IDM1, install it in Oracle_IDM_11gR2, this way if you need to install 11gR1 components (like is the case for OVD), you can lay the binaries down in Oracle_IDM_11gR1 and isolate them from the previous binaries. 

So, I am going to give it a try, unless someone has some major recommendations against this approach…  I can easily change the architecture at this point, since it is just paper and we haven’t start the build stage yet…

No Results