Oracle EBS did not support in-place OS upgrade until April 30, 2024 when they updated Oracle document 1330701.1 (Oracle E-Business Suite Installation and Upgrade Notes Release 12 (12.2) for Linux x86-64):
An in-place OS upgrade from Oracle Linux 7 to 8 using the Leapp utility is certified for Oracle E-Business Suite Release 12.2. While you were previously required to install Oracle Linux 8 on a separate target environment before cloning or re-mounting file systems to it, you can now choose to preserve your current Oracle Linux 7 environment and perform an in-place upgrade to Oracle Linux 8 using Leapp. You should review the Operating System upgrades using Leapp section below.
If server team allows the server name unchanged as we did in RHEL 5, 6, and 7 upgrades, it is an easy task for EBS Apps Admin to bring EBS up on the new RHEL 8 server. But, if server team has to change the server name (e.g. migrate the host to a cloud), we have to clone EBS apps to the new server and to make other areas (such as in network, F5, security/firewall, FTP/email, custom codes and PPM) also work with cloned EBS instances.
RHEL 8 in-place upgrade steps on our R12.2.10 servers:
1. Check current RHEL version
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.9 (Maipo)
2. Apply two patches to EBS:
- WebLogic patch 32931976. Download the .zip file to get patch file p31090393_1036_Linux-x86-64.zip (which has no relation with patch 31090393). Without this patch, users get a blank page without error message when viewing output or log of concurrent requests. Unzip the file to cache_dir folder and then use bsu.sh to apply EG54.
$ cd $FMW_HOME/utils/bsu/
$ ./bsu.sh -prod_dir=$FMW_HOME/wlserver_10.3 -status=applied -verbose -view | egrep -i 'EG54'
- Patch 33471111. Follow special steps in Doc ID 13307011.1 to apply it by using folder prereq from p33471111_111190_Generic.zip to replace both $FMW_HOME/webtier/inventory/Scripts/prereq and $PATCH_BASE/FMW_Home/webtier/inventory/Scripts/prereq
3. Verify apps (login page & forms) works and back up all file systems.
4. Shutdown all EBS services.
5. Linux Admin upgrades RHEL to RHEL 8 by using Leapp.
6. Verify it is RHEL8 now
$ cat /etc/redhat-release
Red Hat Enterprise Linux release 8.10 (Ootpa)
- Kernel Settings: /etc/sysctl.conf
Restore sysctl.conf from the backup that was taken prior to the upgrade.
- Make sure to include the options parameter in the resolve.conf.
$ cat /etc/resolv.conf | grep -i options
options timeout:1 attempts:5 rotate
- If the /etc/sysconfig/networking/profiles/default/network file exists, remove it.
- Values in /etc/security/limits.conf
Restore /etc/security/limits.conf from the backup
- Make sure /etc/oraInst.loc has proper permission.
7. Verify all rpm packages required by Oracle doc 1330701.1 exist on the server. Use YUM to install them, such as
$ yum install libXp-devel-1.0.3-3.el8.i686
Some important packages installed on my servers:
$ rpm -qa | grep libXp
libXp-devel-1.0.3-3.el8.i686
libXp-1.0.3-3.el8.x86_64
libXp-1.0.3-3.el8.i686
libXp-devel-1.0.3-3.el8.x86_64
libXpm-3.5.12-11.el8.x86_64
$ rpm -qa | grep motif
motif-devel-2.3.4-20.el8.x86_64
motif-2.3.4-20.el8.x86_64
motif-devel-2.3.4-20.el8.i686
motif-2.3.4-20.el8.i686
Notes: opemmotif21 is not installed
$ rpm -qa | grep redhat-lsb
redhat-lsb-desktop-4.1-47.el8.x86_64
redhat-lsb-printing-4.1-47.el8.x86_64
redhat-lsb-submod-security-4.1-47.el8.x86_64
redhat-lsb-cxx-4.1-47.el8.x86_64
redhat-lsb-submod-multimedia-4.1-47.el8.x86_64
redhat-lsb-languages-4.1-47.el8.x86_64
redhat-lsb-core-4.1-47.el8.x86_64
redhat-lsb-4.1-47.el8.x86_64
$ rpm -qa | grep xorg-x11 (Optional?)
xorg-x11-fonts-misc-7.5-19.el8.noarch
xorg-x11-xbitmaps-1.1.1-13.el8.noarch
xorg-x11-server-utils-7.7-27.el8.x86_64
xorg-x11-apps-7.7-21.el8.x86_64 <= xclock
xorg-x11-utils-7.5-28.el8.x86_64
xorg-x11-proto-devel-2020.1-3.el8.noarch
xorg-x11-xauth-1.0.9-12.el8.x86_64
xorg-x11-font-utils-7.5-41.el8.x86_64
xorg-x11-xinit-1.3.4-18.el8.x86_64
$ rpm -qa | grep libXrender
libXrender-devel-0.9.10-7.el8.x86_64
libXrender-0.9.10-7.el8.x86_64
libXrender-0.9.10-7.el8.i686
8. Run AutoConfig
9. Start all EBS services
10. After RHEL8 upgrade, some ports may not be opened on the server. If Apache services start without error, but EBS login webpage does not load up on browsers, the port number may become not open for TCP or may be blocked by a firewall after OS upgrade. In a case, "wget https://sitename.domain.com:4470" returned "connected" on the Linux server itself but got "failed: No route to host." from any remote server. After I asked Linux Admin to fix the issue on port 4470, the login page https://sitename.domain.com:4470 works on browsers.
Please check
my post on port or https://runcloud.io/blog/check-tcp-port-linux,
11. Listener issue in opening concurrent job log.
It was also due to port problem. When trying to open concurrent request log, get message an error occurred while attempting to establish an Applications File Server connection with the node FNDFS_nodeName. There may be a network configuration problem, or the TNS listener on node FNDFS_nodeName may not be running. Please contact your system administrator.
"tnsping FNDFS_nodeName" should work and tell the listener port on the server where FNDFS_nodeName is an entry of tnsnames.ora file. Most likely, the listener port is blocked on the server.
12. SELinux may be enabled in RHEL8. Check file /etc/selinux/config. That may make ssh
passwordless login fails. "-Z" option in "ls -alZ" command is available only when selinux is enabled.
13. Make sure applMgr account has the right
umask value in $HOME/.profile. This is very important if other OS users need to view output file (in $APPLCSF) of concurrent jobs or to submit concurrent jobs from a shell script.
$ umask 0022
14. Kill switches
Minimum Security Baseline (MSB), also known as a Minimum Baseline Security Standard (MBSS), is a set of foundational security guidelines and requirements that organizations must meet to protect their information systems and data, ensuring a basic level of security.
MSB says $HOME directories should be 700 permissions (drwx------.). If an EBS is installed under /u01/app ($HOME) directory, the proper permission on app is 750 (drwxr-x---.) and its owner is applMgr. In that case, Server Admin has to add a kill switch so that Chef will not remove those permissions. A Kill Switch is one line (such as cis_rhel8_01_02_03=false) added to a company custom file (usually, it is /etc/xxxxx.info) to prevent something is uninstalled or is removed by Chef.
15. X11 is removed on RHEL8 unless an Exception (such as Archer exception. See https://www.archerirm.com) is filed, and a kill switch is added.
In RHEL8, folder lib under /usr/X11R6 may still exist, but /usr/X11R6/lib does not have any .so files or is empty. openmofit21 is replaced by another package in RHEL8. Without it, EBS Forms still works. If Forms Server failed to start with error FRM-92101, see Doc ID 3052209.1. Also check logs in $EBS_DOMAIN_HOME/servers/forms_server1/log/*.out
16. X-Windows is disabled in RHEL8 by default per Security Requirements as it does not meet the MSB as set in the CIS standards. An exception is needed to make X-Window (such xclock) work on laptop/PC.
17. Server tools in our RHEL8 servers are installed under /opt.
$ ls -d */
BESClient
Tivoli
tivoli
Symantec
appdynamics
chef
Tanium
splunkforwarder
CrowdStrike
Each of them is a folder. Use "ps -ef | grep chef" (e.g.) to check if the tool is running on the server.
