Deployment Guide

Introduction

The Oracle Insurance Policy Administration (OIPA) application and the Oracle Insurance Rules workbench (OIRW) application together form a complete solution. The below installation process is required in order to install and set up both applications.

The OIRW application allows a build manager or server administrator to configure the Rules Palette environment. Once this information has been saved, either a new user can be mapped to that environment or the existing users can be imported to create/access/modify the rules.

Customer Support

If you have any questions about the installation or use of our products, please visit the My Oracle Support

website: https://support.oracle.com or call (800) 223-1711.

Oracle customers have access to electronic support through My Oracle Support. For information, visit

http://www.oracle.com/us/corporate/accessibility/support/index.html#info or visit http://www.oracle.com/us/corporate/accessibility/support/index.html#trs if you are hearing impaired.

Pre-Requisites

  • Compatible OIPA version V12.1 deployed on a supported server.

  • Recommended Java Version: Java 17 or higher

  • Node.js (For installing NodeJS (Version: v22 or higher) on VMs running Oracle Linux follow the instructions given in https://yum.oracle.com/oracle-linux-nodejs.html)

  • NPM (Version 10 or later)—required to install the Node.js modules needed for the Rules Workbench. Most modules are already included in the distribution.

  • Administrative rights to the server.

  • Oracle Insurance Rules Workbench Media Pack from the Oracle Software Delivery Cloud.

Note: For the Technology Stack details, refer to the information published in the Technology Stack section of the Oracle Insurance Policy Administration (OIPA - Rules Workbench) documents available in Oracle Help Center (OHC).

Distribution File Structure (Palette/Release management Services)

Few directories to run the executables are as follows:

  • conf: This directory contains the main configuration files for Helidon MP applications running in their own JVM powered by Helidon WebServer.

  • libs: This directory contains Java Archive files required for the application to run on the Helidon web server.

  • JAR: This is the directory in which application executable files are present.

  • Scripts: This is the directory where migration scripts required for the application are present for the Oracle and SQL Server stacks (both for the OIPA schema and OIRW schema).

  • docker: This is the directory where the configuration file and Docker script are located for running the images.

Palette Service Setup

  • Create a directory on server to run the executables and store various configuration files for Palette microservice (i.e., /%/scratch/oipa/oirw/palette).

  • Copy the palette.jar file from the Palette distribution zip file under JAR folder into the directory (Ex : /%/scratch/oipa/oirw/palette/).

  • Create/Copy subdirectories inside the directory from Step 1 called conf and libs from Palette distribution ZIP.

    • Copy the database drivers for your database into this directory.

      1. Oracle – The necessary driver, ojdbc11-21.3.0.0.jar, is included in the libs directory of the OIPA Media Pack.

      2. Microsoft SQL Server – Use the compatible jdbc driver shipped with MS SQL Server software.

      3. IBM DB2 – The two necessary .jar files (db2jcc4 and db2jcc4_license_cu) are included with the purchase of the DB2 software (DB2 Version 11.5). These files are not available for download. Contact your IT department if you need assistance locating these files.

  • Copy the following configuration files from Palette distribution ZIP/conf directory into the \OIRW\palette\conf directory:

    1. basic-security.yaml

    2. config.yaml

    3. EDKeyValue.dat

    4. idcs-security.yaml

    5. network.yaml

  • Use a text editor to open the configuration files that you just copied to the conf folder.

Note: Refer to the System Properties document in the Oracle Insurance Rule Workbench Documentation on the OTN for a complete list of all properties and allowed values.

Release Management Service Setup

  • Create a directory on server to run the executables and store various configuration files for Release management microservice (i.e., /%/scratch/oipa/oirw/rm).

  • Copy rm.jar file from the Release Management distribution zip file under JAR folder into the directory (Ex : /%/scratch/oipa/oirw/rm/).

  • Create/Copy subdirectories inside the directory from Step 1 called conf and libs from Release Management distribution ZIP.

    • Copy the database drivers for your database into this directory.

      1. Oracle – The necessary driver, ojdbc11-21.3.0.0.jar, is included in the libs directory of the OIPA Media Pack.

      2. Microsoft SQL Server – Use the compatible jdbc driver shipped with MS SQL Server software

      3. IBM DB2 – The two necessary .jar files (db2jcc4 and db2jcc4_license_cu) are included with the purchase of the DB2 software (DB2 Version 11.5). These files are not available for download. Contact your IT department if you need assistance locating these files.

  • Copy the following configuration files from Release Management distribution ZIP/conf directory into the \OIRW\rm\conf directory:

    1. basic-security.yaml

    2. config.yaml

    3. EDKeyValue.dat

    4. idcs-security.yaml

    5. network.yaml

  • Use a text editor to open the configuration files that you just copied to the conf folder.

Note: Refer to the System Properties document in the Oracle Insurance Rule Palette Documentation on the OTN for a complete list of all properties and allowed values.

Rules Workbench Web Setup

  • Create a directory on server to run the node JS application (i.e., /%/scratch/oipa/oirw/UI).

  • Extract the Rules workbench UI distribution ZIP to the above directory.

    • static_files folder ( Palette internal files)

    • node_modules

    • app.js

    • conf/.env

  • Configure the properties .env file.

    • Use a text editor to open the .env file.

    Note: Refer to the System Properties document in the Oracle Insurance Rule Workbench Documentation on the OTN for a complete list of all properties and allowed values.

  • Run the globally available node command (once you install Node.js) and pass the name of the file (app.js) to execute. File should have executable permission and while running the command, make sure you are in the same directory which contains the app.js file.

Oracle Insurance Rules Workbench Data Sources Details (Palette/Release management Services)

Pre-Requisites

Migrate scripts should be executed in Rules Workbench central schema and OIPA schemas.

For Release V12.2.0, migrate scripts are provided with the Media pack and same should be executed on successful creation of Schema.

  • Copy the following script files from Palette distribution ZIP/scripts directory as per the stack.

  • Copy migrate script from "palette-distribution\scripts\central\oracle" - Execute the migration scripts "OIRW-12.1.0.0 migrate.sql" and "OIRW-12.2.0.0 migrate.sql" on the OIRW central schema.

  • Copy migrate script from "palette-distribution\scripts\oipa\oracle" - Execute the migrate scripts "OIRW-12.1.0.0 migrate.sql" and "OIRW-12.2.0.0 migrate.sql" on the OIPA schema.

  • Copy the migration script from "palette-distribution\scripts\ivs\oracle" - Execute the migrate script "OIRW-12.2.0.0 migrate.sql" on IVSSchema.

Note: OIPA/IVS changes will be taken care of by the upgrade utility. For reference, the above scripts for OIPA and IVS will help for verification.

The config.yaml file for Palette and RM microservices is where the data source information is defined for an application to run. OIRW requires central schema data sources to be defined to authenticate and authorize.

Configuration of the data sources that are required for OIRW to run:

Palette/RM Central Schemas - Oracle

# Central datasource (OIRW schema) properties
javax.sql.DataSource.central.dataSourceClassName: oracle.jdbc.pool.OracleDataSource
javax.sql.DataSource.central.dataSource.url: jdbc:oracle:thin:@<host>:<port>:<sid>
javax.sql.DataSource.central.dataSource.user: <user>
javax.sql.DataSource.central.dataSource.password: <password>

Palette/RM Central Schemas - DB2

# For DB2, the DataSource class name corresponds to the driver class name, which is com.ibm.db2.jcc.DB2Driver
#javax.sql.DataSource.central.dataSourceClassName: com.ibm.db2.jcc.DB2Driver
#javax.sql.DataSource.central.dataSource.url: jdbc:db2://<host>:<port>/<databasename>:currentSchema=<schema>;
#javax.sql.DataSource.central.dataSource.user: <user>
#javax.sql.DataSource.central.dataSource.password: <password>

Palette/RM Central Schemas - MS Sql Server

# For SQL Server 
javax.sql.DataSource.central.dataSourceClassName: com.microsoft.sqlserver.jdbc.SQLServerDataSource 
javax.sql.DataSource.central.dataSource.url: jdbc:sqlserver://<host>:<port>;databaseName=<database>;encrypt=false;trustServerCertificate=false; 
javax.sql.DataSource.central.dataSource.user: <user> 
javax.sql.DataSource.central.dataSource.password: <password> 
## The new driver is stricter about TLS and certificate validation, SQL Server uses a self-signed cert or an internal CA not present in the JVM truststore, the connection fails. Add the extra attributes, encrypt=false and trustServerCertificate=false, if set to true, valid certificates are required. 
## javax.sql.DataSource.central.dataSource.url: jdbc:sqlserver://<host>:<port>;databaseName=<database>;encrypt=false;trustServerCertificate=false;

Configuring Ports:

The config.yaml should be configured with unique port numbers for Palette/RM applications.

Palette Application Port Details

public-host: <Host Name>
frontend-port: <Port number for Palette web APP>
frontend-https-port: <Https port number for Palette web APP>
rm-port: <Port number for RM Service>
self-port: <Port number for Palette Service>
self-https-port: <Https port number for Palette Service>

RM Application Port Details

public-host:  <Host Name>
frontend-port: <Port number for Palette web APP>
frontend-https-port: <Https port number for Palette web APP>
palette-port: <Port number for palette Service>
palette-https-port: <Https port number for palette Service>
self-port: <Port number for RM Service>
self-https-port: <Https port number for RM Service>

The network.yaml file is part of the configuration to exposes network endpoints (ports, security, sockets) Palette/RM applications.

Network Configuration for Palette

# In case of HTTP-only configuration, comment out the lines below under the sockets: section in network.yaml.
#   https-port:
#      port: ${self-https-port}
#      tls:
#        enabled: true
#        private-key:
#          pem:
#            key:
#              resource:
#                path: "<path>/privatekey.pem"
#            cert-chain:
#              resource:
#                path: "<path>/certificate.pem"

Network Configuration for Release Management

# In case of HTTP-only configuration, comment out the lines below under the sockets: section in network.yaml.
#   https-port:
#      port: ${self-https-port}
#      tls:
#        enabled: true
#        private-key:
#          pem:
#            key:
#              resource:
#                path: "<path>/privatekey.pem"
#            cert-chain:
#              resource:
#                path: "<path>/certificate.pem"

Note: If HTTPS is used, please specify the relative paths to the signed certificates in the network.yaml file (for both Palette and Release Management services) under the private-key properties — key and cert-chain.

Deploying Palette/Release Management Services

Palette

Check if Palette Service is running-

lsof -n -i :8080 (port of palette)

If there is no output, palette is not running. run the following commands

Navigate to copied folder Ex: </scratch/oipa/oirw/palette>

Execute 

nohup java -Dhelidon.serialFilter.missing.action=WARN -Dcom.arjuna.ats.arjuna.coordinator.defaultTimeout=10000 -Dcoherence.localstorage=true -Dcoherence.wka=localhost -Dcoherence.wka.port=7554 -Dcoherence.cluster.useMulticast=false -Dcoherence.cluster=oirw-cluster -jar palette.jar &

For secure communication between services using HTTPS-based REST clients, the calling (client) service must trust the SSL certificate presented by the target (server) service. In config.yaml the property "com.oracle.insurance.palette.restclients.ReleaseManagement/mp-rest/url" is set with HTTPS ( Ex : https://localhost:${rm-https-port})

To enable successful HTTPS communication between services, ensure that the client service is configured with a valid truststore containing the server’s certificate, and that the appropriate JVM arguments to add below arguments

nohup java -Dhelidon.serialFilter.missing.action=WARN -Dcom.arjuna.ats.arjuna.coordinator.defaultTimeout=10000 -Dcoherence.localstorage=true -Dcoherence.wka=localhost -Dcoherence.wka.port=7554 -Dcoherence.cluster.useMulticast=false -Dcoherence.cluster=oirw-cluster -Djavax.net.ssl.trustStore=<path>/truststore.jks -Djavax.net.ssl.trustStorePassword=<password> -jar palette.jar &

Note: The wka.port and cluster values in the above arguments can be modified based on the available ports and the desired unique cluster name. Ensure that the same cluster name is used for both the Palette and Release Management services.

Note: By default, the 'conf' directory is assumed to be in the current directory. To specify a different location, use the argument. DconfigPath. Properties can also be passed as Java arguments.

Example: 

nohup java -DconfigPath=<\path\config dir> -D<property_name>=value -jar target/palette.jar

To set the server level transaction timeout, the property "com.arjuna.ats.arjuna.coordinator.defaultTimeout" can be defined in arguments. The default value is set to 10000. The value is in seconds.

RM

Check if Release Management Service is running-

lsof -n -i :8081  (port of palette)

If there is no output, RM is not running. run the following commands

Navigate to copied folder Ex: </scratch/oipa/oirw/rm

Execute

nohup java -Dhelidon.serialFilter.missing.action=WARN -Dcom.arjuna.ats.arjuna.coordinator.defaultTimeout=10000 -Dcoherence.localstorage=true -Dcoherence.wka=localhost -Dcoherence.wka.port=7555 -Dcoherence.cluster.useMulticast=false -Dcoherence.cluster=oirw-cluster -jar rm.jar &

For secure communication between services using HTTPS-based REST clients, the calling (client) service must trust the SSL certificate presented by the target (server) service. In config.yaml the property "com.oracle.insurance.rm.restclients.PaletteService/mp-rest/url" is set with HTTPS ( Ex : https://localhost:${palette-https-port})

To enable successful HTTPS communication between services, ensure that the client service is configured with a valid truststore containing the server’s certificate, and that the appropriate JVM arguments to add below arguments.

nohup java -Dhelidon.serialFilter.missing.action=WARN -Dcom.arjuna.ats.arjuna.coordinator.defaultTimeout=10000 -Dcoherence.localstorage=true -Dcoherence.wka=localhost -Dcoherence.wka.port=7555 -Dcoherence.cluster.useMulticast=false -Dcoherence.cluster=oirw-cluster -Djavax.net.ssl.trustStore=<path>/truststore.jks -Djavax.net.ssl.trustStorePassword=<password> -jar rm.jar &

Note: The wka.port and cluster values in the above arguments can be modified based on the available ports and the desired unique cluster name. Ensure that the same cluster name is used for both the Palette and Release Management services.

WEB

Check if Palette UI is running-

lsof -n -i :8761 (port of ui)

If there is no output, Palette UI is not running. run the following commands

Navigate to copied folder Ex: </scratch/oipa/oirw/UI/server

Execute

nohup node app.js --http-port 8761 --https-port 8861 > app_log.log 2> app_err.log & Context Path: nohup node app.js --context-path /RulesWorkbench --http-port 8761 --https-port 8861 > app_log.log 2> app_err.log &

First time setup

How to Set Up Access in the Oracle Insurance Rules Workbench UI

  1. Open the OIRW user interface in your web browser.

  2. Create an Admin account and log in with these credentials.

  3. Go to the Users menu, add a new user, and assign them the Build Manager role.

  4. Log out, then log back in as the new Build Manager user.

  5. As the build manager, create a new environment to perform OIPA configuration tasks (such as create, read, update, and delete operations).

  6. Once the Environment is created—either as a new setup or by importing from an existing OIRP environment—click the Import Users button to bring in users from the selected environment.

  7. All imported users are automatically assigned the Configurer role.

  8. Configurers can log in using their credentials from the IVSUser table and access the required OIPA configuration.

How to Set Up a New Environment in the OIRW UI

  1. As the build manager, create a new environment to perform OIPA configuration tasks (such as create, read, update, and delete operations).

  2. Once the environment is created—either as a new setup or by importing from an existing OIRP environment—click the Import Users button to bring in users from the selected environment.

  3. All imported users are automatically assigned the Configurer role.

  4. Configurers can log in using their credentials from the IVSUser table and access the required OIPA configuration.

    Important: As part of the distribution, ensure that the relevant schema scripts are executed before accessing the newly created environment.

    • In the Palette distribution, the required migration scripts for the application are located in the “Scripts” directory. These scripts are available for both Oracle and SQL Server stacks, covering OIPA, IVS, and OIRW.