Oracle SDM Cloud Deployment Process and Procedures

2 Oracle SDM Cloud Deployment Process and Procedures

Obtaining and Installing the Oracle® Session Delivery Management Cloud (Oracle SDM Cloud) service requires a multi-step process that includes tasks for you to perform in the Oracle Cloud and on premises. New customers must take steps to establish and set up their Oracle Cloud account in addition to the procedures for installing the Oracle SDM Cloud service. See the following topics to guide you through the process.

Oracle SDM Cloud Deployment Process
Establish an Oracle SDM Cloud Service Subscription
Login to Oracle SDM Cloud to obtain inputs for Management Cloud Engine (MCE)
Establish a site with the Oracle SDM Cloud's Registration ID to which the Management Cloud Engine (MCE) can connect
Install, Configure, and Activate the MCE

Oracle SDM Cloud Deployment Process

The high-level process for deploying the Oracle® Session Delivery Management Cloud (Oracle SDM Cloud) includes the following steps. You will perform some steps in the Oracle Cloud and others on-premises.

Oracle Cloud—Contact your Oracle Cloud sales representative to establish a subscription for Oracle SDM Cloud and activate your Oracle Cloud and Oracle Identity Cloud Services accounts.
Oracle Cloud—Login to Oracle SDM Cloud and obtain the Identity and Access Management (IAM) for inputs to Management Cloud Engine (MCE).
Oracle Cloud—While logged into Oracle SDM Cloud, create a site. Once created, select the site to edit and obtain the generated site Registration ID to use for MCE inputs.
On premises—Install the Management Cloud Engine (MCE) with the install, activate, and configuration scripts provided in the software download.
The following diagram illustrates the deployment process and shows the parameters you need to set in each Oracle SDM Cloud component to establish the service.

Supported Regions

Oracle® Session Delivery Management Cloud (Oracle SDM Cloud) supports deployment in two OCI Regions, Ashburn (IAD) and Frankfurt (FRA).

Within these two regions, users select a home region, which is where IAM resources are defined.

Oracle SDM Cloud supports the IAM domain home region to any of the following Ashburn deployment regions.

Region Name	Region Location
Canada Southeast (Montreal)	Montreal, Canada
Canada Southeast (Toronto)	Toronto, Canada
US East (Ashburn)	Ashburn, VA
US West (Phoenix)	Phoenix, AZ
US West (San Jose)	San Jose, CA

Oracle SDM Cloud supports the IAM domain home region to any of the following Frankfurt deployment regions.

Region Name	Region Location
Germany Central (Frankfurt)	Frankfurt, Germany
Netherlands Northwest (Amsterdam)	Amsterdam, Netherlands
Switzerland North (Zurich)	Zurich, Switzerland

Establish an Oracle SDM Cloud Service Subscription

To obtain the Oracle® Session Delivery Management Cloud (Oracle SDM Cloud) service, contact Oracle Cloud Sales to purchase a Cloud Services Agreement and the Oracle SDM Cloud service description.

Establishing an Oracle SDM Cloud service subscription is a multi-step process. Use the information provided in the following links to guide you through the process.

Go to https://docs.oracle.com/en/cloud/paas/identity-cloud/index.html for information about how to purchase a subscription to Oracle SDM Cloud.
Go to https://docs.oracle.com/en/cloud/get-started/subscriptions-cloud/index.html for information about how to activate your Oracle Applications account order.
Go to https://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/getting_started/create_cloud_account_admin_obe/create_cloud_acc_admin.html for information about how to manage your Oracle Cloud services.

Obtain the IAM Inputs for MCE

To connect the Oracle® Session Delivery Management Cloud (Oracle SDM Cloud) to the Management Cloud Engine (MCE), you must login to the Oracle SDM Cloud and obtain the Identity and Access Management (IAM) parameters.

Log on to the Oracle SDM Cloud using the URL that you received in your "Welcome" email from Oracle.
Browse to Security Manager, IAM.
The Identity Access Management page displays showing the unique identifiers for the following components:
- Oracle SDM Cloud FQDN
- Oracle SDM Cloud Tenant ID
- IDCS FQDN
- IDCS Tenant ID
- MCE IDCS Client ID
- MCE IDCS Client Secret

Create a Site and Retrieve Generated ID for MCE Inputs

To connect the Oracle® Session Delivery Management Cloud (Oracle SDM Cloud) to the Management Cloud Engine (MCE), you must login to the Oracle SDM Cloud, create a Site, and retrieve the Generated ID for MCE inputs.

Logon to the Oracle SDM Cloud using the URL that you received in your "Welcome" email from Oracle.
Browse to Device Manager, Sites.
The Sites page displays.
Click Add, enter a Site name and optionally a Description and click Apply.
The Sites page displays showing the newly added Site.
Select the Site and click Edit.
The Edit Site page displays with a Site ID with a unique identifier.
Use the Site ID when adding your MCE in Oracle SDM Cloud.

Install and Configure the MCE

The Management Cloud Engine (MCE) installation procedure requires the archive file containing the installation and configuration scripts that you downloaded from Oracle onto your host hardware. Oracle recommends running the two scripts consecutively in one session the first time you install the MCE. For that reason, this procedure includes the prerequisites and steps for running both scripts.

MCE Installation Prerequisites

Do the following before performing the procedure.

System Prerequisites

Ensure that the host meets Operation System and resource requirements.
Operating System Oracle Linux 8.8 or higher or Red Hat compatible Kernel

Note:
The latest version of Oracle SDM Cloud is not tested on Red Hat Enterprise Linux (RHEL) and Oracle recommends using the base version of Linux on the 8.x release.
Install Perl V5.26.3 or higher on the host.
Install Podman v4.4.1 or higher on the host.
Download the archive file (mce-<version>.tgz) from My Oracle Support (MOS) to the host server. This .tgz file includes all necessary scripts.

Note:
Users are no longer required to have root access for installation and activation.

Installation Script Prerequisites

Ensure that there is no MCE installation existing on the hardware. See the last step in this procedure for instructions.
Ensure that you have root access.

Configuration Script Prerequisites

Note the MCE WAN IP, MCE LAN IP, and MCE name.
Navigate to Oracle® Session Delivery Management Cloud (Oracle SDM Cloud) Security Manager, IAM page to configure IAM parameters.

Procedure

The following procedure provides instructions for installing the MCE initially and for re-installing the MCE later, for example, in a disaster recovery scenario.

Note:

Before re-installing, you must first uninstall the existing MCE.

Unpack the mce-<version>.tgz archive.

tar -xvzf mce-<version>.<build>.tgz

The system creates the mce-<version> directory and copies the unpacked files there in the following directory tree.

mce-<version>.<build>/
mce-<version>.<build>/mce/
mce-<version>.<build>/mce/perl/
mce-<version>.<build>/mce/perl/activate.pl
mce-<version>.<build>/mce/perl/deactivate.pl
mce-<version>.<build>/mce/perl/uninstall.pl
mce-<version>.<build>/mce/perl/config.pl
mce-<version>.<build>/mce/perl/changeloglevel.pl
mce-<version>.<build>/mce/perl/showversion.pl
mce-<version>.<build>/mce/perl/collectinfo.pl
mce-<version>.<build>/mce/perl/helper.pl
mce-<version>.<build>/mce/cfg/
mce-<version>.<build>/mce/cfg/mce.properties
mce-<version>.<build>/mce/cfg/version
mce-<version>.<build>/mce/cfg/log4j2.xml
mce-<version>.<build>/mce/cfg/log4j2_debug.xml
mce-<version>.<build>/mce/ssl/
mce-<version>.<build>/mce/logs/
mce-<version>.<build>/mce/img/
mce-<version>.<build>/mce/img/mce.tar
mce-<version>.<build>/install.pl
mce-<version>.<build>/upgrade.pl

Log on to the server at root. Ensure the user logging in has the proper Linux permissions.

Run the install.pl script.

./install.pl
-------------------------------------------------------------------------------
Oracle Communications Management Cloud Engine, (c) 2025 Oracle
MCE v25.1.0.0.0 install.pl @ 2020-07-14 12:00:59
-------------------------------------------------------------------------------
Checking pre-conditions...
Ok.
Proceed with install (y/n) : y
Installing mce to /opt/oracle ...
Installation successful.
[abcd@acme123 mce-1.0.0]$

The system checks for an existing MCE instance in Podman.

If it exists, the script execution stops and you must uninstall it.

This creates the /oracle/mce directory under /opt. (If an oracle directory already exists, the install creates an mce directory only.)

From /opt/oracle/mce/perl, run the config.pl script and configure the attributes according to your environment.

-------------------------------------------------------------------------------
Oracle Communications Management Cloud Engine, (c) 2025 Oracle
MCE v25.1.0.0.0  @ 2023-06-01 10:46:01
-------------------------------------------------------------------------------
Checking pre-conditions...
The following inputs are required for MCE to register with Oracle SDM Cloud:
MCE Host Name               : cgbu-phx-347
Host WAN IP Address         : 100.77.50.195
Host LAN IP Address         : 10.196.248.92
Oracle SDM Cloud FQDN       : <From IAM page>
Oracle SDM Cloud tenant ID  : <From IAM page>
IDCS tenant ID              : <From IAM page>
MCE IDCS client secret      : <From IAM page>
Oracle SDM Cloud Site ID    : <From Device manager → Sites>
Enable proxy(y/n)           : y
Proxy server address        : 100.77.50.145
Proxy server port           : 3128
--------------------------------------------------------------------
The following inputs are required for MCE KeyStore configuration:
MCE TLS Key Store Password   :
MCE TLS Key Store Password   confirm :
--------------------------------------------------------------------
The following inputs are required for MCE operation:
Trap Receiver Port        : 162
--------------------------------------------------------------------
Ready to process inputs
Proceed with configuration (y/n) : y

MCE Host Name

Set the local host name.

Host WAN IP Address

Set the host WAN IP address. (Provided by the customer)

Host LAN IP Address

Set the host LAN IP address. (provided by the customer)

Oracle SDM Cloud FQDN

Set the Oracle SDM Cloud FQDN from the Security Manager, IAM page of Oracle SDM Cloud.

Oracle SDM Cloud Tenant ID

Set the Oracle SDM Cloud Tenant ID from the Security Manager, IAM page of Oracle SDM Cloud.

IDCS Tenant ID

Set the IDCS Tenant ID from the Security Manager, IAM page of Oracle SDM Cloud.

IDCS FQDN

Set the IDCS FQDN from the Security Manager, IAM page of Oracle SDM Cloud.

MCE IDCS Client ID

Set the MCE IDCS FQDN from the

MCE IDCS Client Secret

Set the MCE IDCS Client Secret from the Security Manager, IAM page of Oracle SDM Cloud.

Oracle SDM Cloud Site ID

Set the site ID generated from Oracle SDM Cloud.

Enable Proxy

Enter y for yes and n for no.

Proxy Server Address

Set proxy server address, if proxy is enabled.

Proxy Port

Set proxy port.

Trap Receiver Port

Set the listening port for SNMP trap receiver on local host.

This creates a mce.properties file under /opt/oracle/mce/cfg, which contains all of the information entered in config.pl.

From /opt/oracle/mce/perl, run the activate.pl script to activate the MCE.

Note:

The MCE activation script also creates a systemd service, allowing users the ability to configure the MCE container to restart every time the VM reboots. This service is removed when the deactivate script is run.

./activate.pl
-------------------------------------------------------------------------------
Oracle Communications Management Cloud Engine, (c) 2025 Oracle
MCE v25.1.0.0.0  @ 2020-07-14 12:49:22
-------------------------------------------------------------------------------
Checking pre-conditions...
Ok.
MCE tomcat port:7070, Trap receiver port:2000
Proceed with activate (y/n) : y
Activating container mce...
Start to run container mce, image id fb90a2c4b930 ...
Container mce with image id fb90a2c4b930 started.

Do you wish to auto restart MCE after VM reboot? (y/n): y
Creating Service for MCE auto start …
[sudo] password for aiskamat:
Activation successful!

(Optional) Check your work with Podman.
1. At the prompt type: podman images, and press Enter to list the MCE instances. Under TAG look for <version> <build> which is the new installation. The following code block shows an example.
```
% podman images
REPOSITORY                    TAG               IMAGE ID           CREATED    SIZE
cne-repos1.us.oracle.com:7744/apps/cgbu/ums/mce 1.0.0 fb90a2c4b930 4 days ago 434MB
```
2. At the prompt type: podman ps, and press Enter to list the running images. In the list, under "NAMES", look for "mce". Under STATUS, look for the newest one of each. The following code block shows an example.
```
% podman ps
CONTAINERID  IMAGE        COMMAND    CREATED      STATUS  PORTS NAMES
ed6f90a7993d fb90a2c4b930 "/bin/bash ./start.sh"  3 days ago     mce
```

(Optional) From /opt/oracle/mce/perl, run the deactivate.pl script to deactivate the MCE.

Running the deactivate script removes the systemd service that automatically restarts the MCE when the VM reboots.

./deactivate.pl
-------------------------------------------------------------------------------
Oracle Communications Management Cloud Engine, (c) 2025 Oracle
MCE v25.1.0.0.0  @ 2020-07-14 12:49:22
-------------------------------------------------------------------------------
Checking pre-conditions...
Ok.
Proceed with deactivate (y/n) : y
Start deactivation

Stopping container: mce ...
Container mce stopped.

Removing volumes with image: mce ...
Volumes for container mce removed.

Removing image with id: ba8b72dcfec ...
Image with id: ba8b72dcfec removed.

Removing systemd auto-start mce service...
Removed /home/aiskamat/.config/systemd/user/default.target.wants/container-mce.service.
Deactivation Success!

(Optional) Run the following commands to manage the container-mce.service:
- To check the service's status when running the MCE as a non root user:
```
systemctl --user status container-mce.service
```
- To check the service's status when running the MCE as a root user:
```
sudo systemctl status container-mce.service **
```
  Enter the password when prompted.
- To disable the service when the running the MCE as a non root user:
```
systemctl --user disable container-mce.service
```
- To disable the service when running the MCE as a root user:
```
sudo systemctl disable container-mce.service **
```
  Enter the password when prompted.

Traffic Flow and Firewall Port Recommendations

The following table provides traffic flow and firewall port recommendations for communication between the Management Cloud Engine (MCE) and Network Functions (NFs).

Port Number	Protocol	Service	Configurable	Purpose
161	UDP	SNMP	Y	SNMP traffic between the MCE and the NF.
162	UDP	SNMP	Y	SNMP trap reporting from the device to the MCE server.
22	TCP	SFTP/SSH	N	Used for secure file transfer (for example, software upgrades, Route Manager, and LRT updates) and SSH sessions between MCE and southbound NFs.
3001/3000	TCP	ACP/ACLI	N	Used by the MCE to communicate with all versions of a NF.
443	TCP	HTTPS	N	Usec by MCE to communicate with Media Engines (MEs).

Upgrading the MCE

The Management Cloud Engine (MCE) upgrade procedure requires the archive file containing the installation and configuration scripts that you downloaded from Oracle onto your host hardware. For more information on the installation and configuration scripts and prerequisites, see "Install and Configure the MCE".

Use the following procedure to upgrade the MCE using the upgrade.pl.

Log onto the server as a root user and ensure the user logging in has the proper Linux permissions.
Shut down the existing version of MCE by running the deactivate.pl script.
```
/opt/oracle/mce/perl/deactivate.pl
```
Install the latest version of the MCE (provided by development) from MOS.

Unpack the new mce-<version>.<build>.tgz archive.

[root@cgbu-phx-604 perl]# tar -xvf  mce<version>.<build>.tgz

Run the upgrade.pl script (under the new mce-<version>.<build>/) to upgrade to the latest version.
```
[root@cgbu-phx-604 perl]# ./upgrade.pl
```
The upgrade.pl script displays a banner with information about the new MCE version.
The MCE performs the following validations to ensure the upgrade is supported and valid:
- Validation that an existing version of MCE exists under /opt/oracle/mce.
- Validation that MCE is not currently activated.
- Validation that the upgrade path is supported.
Once validation is complete, the user is prompted to continue. Either continue or opt out to abort the upgrade.
Run the activate.pl script under /opt/oracle/mce/perl script to activate the new version of MCE .
```
[root@cgbu-phx-604 perl]# ./activate.pl
```

Persistent data files, including configuration properties and artifacts generated when MCE registers with Oracle SDM Cloud, are copied from the old installation of MCE to the new installation. During installation, the old installation of MCE gets moved from /opt/oracle/mceto /opt/oracle/mce.bak and the new version is moved to /opt/oracle/mce.

Use the following procedure to upgrade the MCE performing a fresh installation.

From Oracle Linux 7:

Log onto the server as a root user and ensure the user logging in has the proper Linux permissions.
Shut down the existing version of MCE by running the deactivate.pl script.
```
/opt/oracle/mce/perl/deactivate.pl
```
Upgrade the operating system from Oracle Linux 7 to Oracle Linux 8.8.
From Oracle Linux 8:
Log onto the server as a root user and ensure the user logging in has the proper Linux permissions.
Unpack the new mce-<version>.<build>.tgz archive. The system installs the files in the /opt/oracle/mce directory.

Run the install.pl script.

[root@cgbu-phx-604 mce-24.1.0.0.0]# ./install.pl
-------------------------------------------------------------------------------
Oracle Cloud Communications Service,(c) 2020 Oracle
MCE v24.1.0.0.0 install.pl @ 2023-12-10 16:58:00
-------------------------------------------------------------------------------
Checking pre-conditions...
Ok.
Proceed with install (y/n) : y
Installing mce to /opt/oracle ...
Installation successful.

Upon installation, the system checks for an existing MCE instance in Podman and if one exists, the script execution stops and you must uninstall the MCE.

This creates the /oracle/mce directory under /opt. If an Oracle directory already exists, the install creates a MCE directory only.

Run the config.pl script from the /opt/oracle/mce/perl directory and configure the attributes according to your environment.

[root@cgbu-phx-604 perl]# ./config.pl
-------------------------------------------------------------------------------
Oracle Cloud Communications Service, (c) 2020 Oracle
MCE v24.1.0.0.0  @ 2023-12-10 16:58:35
-------------------------------------------------------------------------------
Checking pre-conditions...
The following inputs are required for MCE to register with Oracle SDM Cloud:
MCE Host Name               : cgbu-phx-604
Host WAN IP Address         : 100.77.50.195
Host LAN IP Address         : 10.196.248.92
Oracle SDM Cloud FQDN       : <From IAM page>
Oracle SDM Cloud tenant ID  : <From IAM page>
IDCS tenant ID              : <From IAM page>
IDCS FQDN                   : <From IAM page>
MCE IDCS client ID          : <From IAM page>
MCE IDCS client secret      : <From IAM page>
Oracle SDM Cloud Site ID    : <From Device manager     → Sites>
Enable proxy (y/n)          : y
Proxy server address        : 100.77.50.145
Proxy server port           : 3128
--------------------------------------------------------------------
The following inputs are required for MCE KeyStore configuration:
MCE TLS Key Store Password  :
MCE TLS Key Store Password  confirm  :
--------------------------------------------------------------------
The following inputs are required for MCE operation:
Trap Receiver Port          : 162
--------------------------------------------------------------------
Ready to process inputs
Proceed with configuration (y/n)    : y
Encrypting data ...
Generating local mce.properties...             
Success.

This creates a mce.properties file under /opt/oracle.mce/cfg, which contains all of the information entered in config.pl.

Login to the Oracle SDM Cloud interface and delete the registered MCE from Device Manager. For more information, see "Device Manager" in the User Guide.

Run the activate.pl script from /opt/oracle.mce/perl to activate the MCE.

[root@cgbu-phx-604 perl]# ./activate.pl
-------------------------------------------------------------------------------
Oracle Cloud Communications Service, (c) 2020 Oracle
MCE v24.1.0.0.0  @ 2023-12-10 17:01:15
-------------------------------------------------------------------------------
Checking pre-conditions...
Ok.
MCE tomcat port:7070, Trap receiver port:2000
Proceed with activate (y/n) : y
Activating container mce...
Start to run container mce, image id
          1cb6109fc65a ...
Container mce with image id 1cb6109fc65a started. 
Activation successful!

Optionally, you can check your work with Podman.
- List the MCE instances by typing podman images at the prompt and pressing Enter. Under TAG, look for <version> <build> to see the new installation. The following code block shows an example:
```
% podman images                          
REPOSITORY CREATED   SIZE     TAG     IMAGE ID
cne-repos1.us.oracle.com:7744/apps/cgbu/ums/mce 1.0.0 fb90a2c4b930 4 days ago 434MB
```
- List the running images by typing podman ps at the prompt and pressing Enter. In the list, under NAMES, look for mce. Under STATUS, look for the newest images. The following code block shows an example:
```
% podman ps
CONTAINERID   IMAGE   COMMAND   CREATED   STATUS   PORT NAMES
% podman psIMAGECOMMANDCREATEDSTATUSPORTS
ed6f90a7993dfb90a2c4b930"/bin/bash./start.sh" 3 days ago mce
```

Configure MCE Behind NAT or Firewall

Oracle® Session Delivery Management Cloud (Oracle SDM Cloud) allows you to configure the Management Cloud Engine (MCE) to operate behind a Network Address Translation (NAT) or a firewall. Oracle SDM Cloud contacts the MCE using the value for the mce.ip in mce.properties or wan-ip on setting up ./config.pl configuration.

The MCE supplies the mce.ip value when it registers with Oracle SDM Cloud. You can set the mce.ip value as a static IP address that maps to the NAT public interface or firewall. For example:

 mce.ip : 10.x.x.x

Oracle SDM Cloud always uses port 443 for these connections, requiring any device placed between the MCE and Oracle SDM Cloud to dedicate port 443 to the MCE for all possible IP addresses.