Oracle Cloud Infrastructure - General

Get Involved. Join the Conversation.

Topic

    Samrat Sinha
    Oracle EBS cloud admin tool url is not opening
    Topic posted February 11, 2019 by Samrat SinhaRed Ribbon: 250+ Points, last edited February 11, 2019, tagged Block Storage, Cloud at Customer, Compute, File Storage, Object Storage, Security, Virtual Cloud Network 
    232 Views, 18 Comments
    Title:
    Oracle EBS cloud admin tool url is not opening
    Summary:
    I deployed the cloud manager tool by following the note 2434500.1. Successfully deployed the cloud manager tool but when i am trying to open the url in my local pc, it is not opening.
    Content:

    I deployed the cloud manager tool by following the note 2434500. Successfully deployed the cloud manager tool but when i am trying to open the url in my local pc, it is not opening. The message says "the page cannot be reached". I need the url to work in order to deploy EBS on Oracle Cloud

    Comment

     

    • Robin Chatterjee

      Have you opened the necessary ports in your security list  and route table ?

       

      • Samrat Sinha

        Hi Robin

         

        I have created the security lists as per the MOS Deploying Oracle E-Business Suite Cloud Manager on Oracle Cloud Infrastructure (Doc ID 2434500.1)

         

        3.4 Create Security Lists

        In this section, you will create two separate security lists, one for the Oracle E-Business Suite Cloud Manager VM and one for the Load Balancer. In the examples below, we will use the names ebscmvm-seclist and lbaas-seclist respectively.

        3.4.1 To Create the Oracle E-Business Suite Cloud Manager VM Security list

        1. On the Virtual Cloud Networks screen, click on the link with the name of your VCN, such as ebscm-vcn.
        2. Under Resources on the navigation menu at the left, select Security Lists.
        3. Click Create Security List:
          1. CREATE IN COMPARTMENT: Select your compartment name, such as ebscm-compartment.
          2. SECURITY LIST NAME: Specify a name such as ebscmvm-seclist.
          3. Under Allow Rules For Ingress:
            • For the first rule that is needed, modify the default rule as follows:
              • SOURCE TYPE: CIDR
              • SOURCE CIDR: Enter the CIDR of your choice (Note: 0.0.0.0/0 is the Public Internet)
              • IP PROTOCOL: TCP
              • SOURCE PORT RANGE: All
              • DESTINATION PORT RANGE: 22
            • For the second rule that is needed, click + Another Ingress Rule and enter the following values:
              • SOURCE TYPE: CIDR
              • SOURCE CIDR: 0.0.0.0/0
              • IP PROTOCOL: ICMP
              • TYPE AND CODE: 3, 4
          4. Under Allow Rules For Egress:
            • For the single rule that is needed, modify the default rule as follows:
              • DESTINATION TYPE: CIDR
              • DESTINATION CIDR: 0.0.0.0/0
              • IP PROTOCOL: TCP
              • SOURCE PORT RANGE: All
              • DESTINATION PORT RANGE: All
          5. Click Create Security List at the bottom of the window.

        3.3.1 Create Route Tables for Public Subnet

        To create the route tables for a public subnet:

        1. On the Virtual Cloud Networks screen, click on the link with the name of your VCN, such as ebscm-vcn.
        2. Under Resources on the navigation menu at the left, select Route Tables.
        3. Click Create Route Table:
          1. CREATE IN COMPARTMENT: Select your compartment name, such as ebscm-compartment.
          2. NAME: Specify a name such as ebscm-RouteTable or lbaas-RouteTable.
          3. Enter Route Rules details as follows:
            1. TARGET TYPE: Select Internet Gateway.
            2. DESTINATION: 0.0.0.0/0
            3. COMPARTMENT: Select the previously identified compartment.
            4. TARGET INTERNET GATEWAY: Select the previously created gateway.
          4. Click Create Route Table at the bottom of the window.

        Do i also need to edit my /etc/hosts of my local pc and add the public hostname of the cloud manager there? 

         

        Thanks

        Samrat

    • Robin Chatterjee

      Hi Samrat,

      Did you complete the configuration of the Cloud manager. I believe it add rules to the security lists. It also sets up the load balancer to allow access to the cloud manager vm . If the configuration was successful you will get a PROMPT like this Load Balancer demolbaas1 configuration completed.

      Creating ssh key pair. Register application in IDCS with the URL: https://______-

      Then complete sections 5.4 and 5.5 of the document. Can you confirm that tese were successful. Note you only access the Ui through the loa balancer and not dircetly hence there is not need to worry about the public hostname of the cloud manager.

       

    • Richard Garsthagen

      the security list does not show a rule for http(s) only for ssh (port 22). So you might want to include the webport you are using.

      Can you ssh into your environment? If not, you probably do not have an internet gateway and outgoing route rule for your VCN.

       

    • Samrat Sinha

      Have attached the ingress rule.

      My Cloud manager url constructs to https://132.145.233.246:8012/

    • Samrat Sinha

      I am also attaching the screenshot for the lbaas creation. Can you please confirm whether the load balancer url which is getting corrected is correct or not. My CIDR value was 

       

      Source: 10.0.0.0/24
      IP Protocol: TCP
      Source Port Range: All
      Destination Port Range: 8012
      Allows: TCP traffic for ports: 8012
       
       
       
    • Robin Chatterjee

      did you complete the idcs integration ?

       section 5.5 ?

       

    • Robin Chatterjee

      if you see the last screenshot it says complete idcs and then rerun this script... did you rerun the script after idcs integration ?

       

    • Samrat Sinha
      Hi Robin Yes. I have completed them as well. Thanks Samrat
    • Robin Chatterjee

      So now there should be an additional security rule for either port  8012 or 8081 on the loadbalancer.  you should also have a new application in your applications on oci dashboard. This is the ui for cloud manager

       

    • Samrat Sinha

      This is now working. I changed the ingress rule from 10.0.0.0/24(which i think is internal subnet) to 0.0.0.0/0 and the url opened after that.

       

      Thanks

      Samrat

    • Robin Chatterjee

      i believe oracle expects you to access this through applications tab of console via the loadbalancer which is why they do not open direct access to the vm running the manager. I guess you have bypassed that... naturally this will not give you HA as there is a single point of failure but to all intents and purposes you can do you work :)

      • Samrat Sinha

        Hi Robin

        If i understand it correct, i have changed only the rule for load balancer subnet to 0.0.0.0/0 which means it is open to public internet. Earlier the request to URL was not at all hitting the Load balancer.

         

        Thanks

        Samrat