Monday, April 18, 2016

Installing Update Images in Amazon Web Services

The last PeopleSoft Update Manager (PUM) images have been delivered in two formats: the traditional VirtualBox image and a newly introduced format: NativeOS.



NativeOS takes advantage of PeopleTools 8.55 Deployment Packages (DPK), which is the cornerstone for the PeopleSoft Cloud Architecture. This new cloud architecture facilitates the deployment of PeopleSoft applications in the cloud, not only covering Oracle Public Cloud but also other providers such as Amazon Web Services (AWS), Google Cloud and Microsoft Azure.

Creating the AWS Instance

At BNB we have been using Amazon Web Services for a while, so it was our natural choice for installing the PeopleSoft HCM Update Image #17. We have done so in a Windows 2012 server using the m4.large instance type, which allocates 2 vCPUs and 8 Gb of RAM. In terms of disk, we have allocated 200 Gb in order to have the needed space for the image download and installation.

Once the instance was created, we downloaded the NativeOS update image from My Oracle Support. Once of the good advantages of NativeOS deployments is that the size of the download is less than the traditional VirtualBox one. Still, the size is considerable, but the network throughput in AWS instances is quite good.

Before proceeding with the installation, you need to edit the c:\windows\system32\drivers\etc\hosts file in order to include the internal server name in it:

127.0.0.1 <server name>.<zone>.compute.internal

The full server name can normally be found in the desktop top right corner.

Once this is done, we are ready to proceed with the DPK installation. For further information on this, I suggest you check My Oracle Support.

Allowing External Access

If you would like to access the PeopleSoft Update Image without connecting with remote desktop to the server, you will need to take some additional steps.

Firstly, you will need to edit the security group linked to your AWS instance so you allow incoming TCP connection at the 8000 port, which is the port used by the PeopleSoft Update Image web server by default.

On top of this, you will need to change the firewall setting in the Windows server itself. This is done within the Windows Firewall with Advance Security application, on which you need to define an inbound rule also allowing 8000 port TCP connections:


Finally, if you want to use the same IP address every time you use the AWS instance, you will need to define an Elastic IP and associate it with the server. This fixed IP address has an additional cost, but if you are planning to distribute the URL to access the PeopleSoft application to other people who does not have access to the AWS Console in order to check the current IP address, it may be the only way to go.


9 comments:

  1. Thank you for sharing such a well documented post. We are trying to install the on AWS with Oracle Linux. While the installation was successful and weblogic console is accessible, Peoplesoft PIA login page does not resolve. Would you have any suggestions?. Seems like some sort of networking issue. The exact same config works great outside AWS.

    ReplyDelete
  2. Hi Raj

    I didn't face the same issue. I wonder if this could be related to the fact that the AWS instances have both an internal and external IP. Do you see any error in the PIA logs?
    Thanks!

    ReplyDelete
  3. Thanks Javier for providing this information. I am trying to setup PUM DPK on AWS. I am able to install it successfully and can access the PIA while logged into AWS VM.

    When i try to access it from outside the VM, i am unable to access the PIA.

    I have used server VM hostname to build PIA.

    Internal URL -

    http://.us-west-2.compute.internal:8000/ps/signon.html

    This works fine while logged into RDP.

    External URL -

    http://ec2-xx-yyy-72-222.us-west-2.compute.amazonaws.com:8000/ps/signon.html

    Not able to access this link.


    Please if you can let us know how to resolve this.


    Thanks,
    Mrinal

    ReplyDelete
  4. Hi Mrinal

    You need to change the security for you instance in AWS, allowing inbound TCP connections on port 8000. That should make it work.
    Thanks

    ReplyDelete
  5. I did open the port in inbound. In fact for testing i have kept all open for inbound and outbound.

    When i try to access
    http://ec2-35-161-72-222.us-west-2.compute.amazonaws.com:8000/

    I am able to access the weblogic page, but when i click on PeopleSoft logon page from there -

    URL - http://ec2-35-161-72-222.us-west-2.compute.amazonaws.com:8000/psp/ps/?cmd=login

    Error -

    Your URL must contain domain ".us-west-2.compute.internal"

    Click Sign in to PeopleSoft to try again.

    ReplyDelete
  6. I did some workaround :

    1. created a new web server domain on a different port
    2. used authentication domain as PUBLIC DNS (.us-west-2.compute.amazonaws.com)
    3. Able to access the new PIA over internet with IE.
    4. When trying to access PIA with chrome browser , get error :

    You must have cookies enabled in order to sign in to your PeopleSoft application.

    Return to Sign In with cookies enabled.If your attempt fails, please contact your System Administrator.

    Sign in to PeopleSoft

    ReplyDelete
  7. Hi Mrinal

    Ok, now I got a better understanding of your issue. By the way, you should probably only leave the needed ports open, otherwise you're really vulnerable to hackers.

    Regarding the authentication domain, the problem is that the Amazon servers have two addresses, the internal and the external one. The authentication domain used during the installation is taken from the internal one, that's why it's not working for you.

    A quick solution I have implemented in the past is to set my own hosts file to recognise the internal full name from my workstation. This way, you can keep using it without a problem. It is a solution only applicable for a controlled number of users, but if this is the case, I would probably go that way.

    Alternatively, you can reinstall the PIA, but as this is an Update Image, I wouldn't modify much of the Oracle delivered installation unless it is totally required. I understand you're having an error with it, my recommendation would be to check in Oracle Support, as this double IP situation is present in multiple PeopleSoft real installations.

    I hope this helps.

    ReplyDelete
  8. Hi Mrinal,

    Can you pls let us know how you have downloaded the DPK required for nativeOS installation on AWS infrastucture. I am looking to install it on AWS infra but concerned about the network latency on the AWS servers.

    Thanks
    Rimpal Johal

    ReplyDelete
  9. Hi Javier,
    Request you to share your approach on downloading (or transferring?) PS nativeOS (or any PS installable for that matter) on EC2 instances.

    Thanks,
    Manish

    ReplyDelete