Requirements and Access for Fleet Application Management
Before you get started with Fleet Application Management, you must meet target machine requirements, complete prerequisite tasks, and ensure that access has been granted.
Supported Products
Fleet Application Management supports patch management for the following products:
The "Bring your own product" feature in Fleet Application Management allows you to manage a custom product or manage the lifecycle of a custom product.
| Product | Supported Versions |
|---|---|
| Microsoft Windows | Supported Images |
| Oracle Base Database Service | Supported Database Editions |
| Oracle Clusterware Only Oracle Clusterware within Oracle Base Database Service is supported. |
Only versions corresponding to supported Oracle Base Database Service versions are supported. |
| Oracle Exadata Database Service on Dedicated Infrastructure | Supported Database Edition and Versions |
| Oracle Exadata OS | Only versions corresponding to supported Oracle Exadata Database Service on Dedicated Infrastructure are supported. |
| Oracle HTTP Server (OHS) | 12.2.1.4.0 and later |
| Oracle Java | 1.8.0 and later |
| Oracle Linux | Supported Images |
| Oracle WebLogic Server Oracle WebLogic Server is supported only as a standalone product and not as a product suite that includes Oracle PeopleSoft, Oracle E-Business Suite Applications, and other related products. |
Oracle WebLogic Server 12cR2 (12.2.1.4.0) and later |
- Oracle Java and Oracle WebLogic Server aren't supported on Microsoft Windows.
- Patching the operating system for Oracle Linux and Microsoft Windows isn't supported for OCI Compute instances configured with an OS Management Hub profile of type "Lifecycle environment" or "Groups." The supported profile type for operating system patching is "Software sources." See OS Management Hub.
Supported Product Stacks
Fleet Application Management supports patch management for the following product stacks:
| Product Stack | Included Products |
|---|---|
| Oracle Database | Oracle Clusterware, Oracle Base Database Service |
| Oracle Fusion Middleware with OS Restart | Oracle HTTP Server (OHS), Oracle WebLogic Server, Oracle Java, Oracle Linux |
| Oracle Fusion Middleware | Oracle Base Database Service, Oracle HTTP Server (OHS), Oracle WebLogic Server, Oracle Java, Oracle Linux |
| Oracle WebLogic Server and Java | Oracle WebLogic Server, Oracle Java |
About Fleet Application Management Plugin
Fleet Application Management uses a plugin to manage resources, discover product homes and apply patches on Compute instances.
OCI Compute instances use the Oracle Cloud Agent to interact with Fleet Application Management. The plugin influences the following areas in Fleet Application Management:
- Enables Fleet Application Management to discover and apply patches for the software running on Compute instances. Note
The required policies are automatically updated when you upgrade to this release. - Grants
sudopermission on Oracle Linux instances and executes the tasks of discovering and applying patches for the software running on Compute instances with thesudoprivilege.You must continue to state whether
sudopermission is required by enabling it in the runbook and provide the correct user permissions (FAMS_SCHEDULE_CREATE_WITH_SUDO) for creating a schedule. See Basic information in creating a runbook and Permissions Required for Each API Operation.
If the Fleet Application Management plugin needed for lifecycle operations is disabled outside of Fleet Application Management, it leads to a failure in execution. For example, if either the Fleet Application Management plugin or the OS Management Hub plugin isn't enabled on a resource managed by Fleet Application Management, this results in an error.
For managing resources and fleets migrated from previous releases, where Fleet Application Management plugin isn't supported, see Migrating from Previous Releases in Fleet Application Management.
Prerequisites
Before you begin using Fleet Application Management, ensure that you meet the following prerequisites:
Your organization can be any organization with a single or multitenancy, and your tenancy administrator can provide the necessary access permissions to your user account. In addition to the role of a tenancy administrator, the Fleet Application Management administrator is tasked with overseeing business administration responsibilities, including the management of properties, product metadata, patches, and other relevant tasks within Fleet Application Management.
- You're familiar with OCI and OCI services. To get started with OCI, see Welcome to Oracle Cloud Infrastructure.
- You have access to an OCI tenancy.
- A tenancy administrator in your organization enables Fleet Application Management and adds rules to the dynamic group that Fleet Application Management creates during the onboarding process. See Fleet Application Management Policies and Permissions.
- A tenancy administrator in your organization has set up groups , compartments , and policies that control which users in a group can access Fleet Application Management and its resources. See Authentication and Authorization.
- You have provisioned and deployed OCI resources that can be managed using Fleet Application Management.
- You have installed Oracle Cloud Agent for managing the plugins running on OCI Compute based on platform images supported by it. To know the supported images, see Oracle Cloud Agent.
- You have enabled OS Management Hub to discover and apply patches for Oracle Linux and Microsoft Windows OS. For more information, see Migrating from OS Management to OS Management Hub.
-
You have enabled the Fleet Application Management plugin on the Oracle Cloud Agent before adding resources to a fleet. See Managing plugins.Important
Failing to enable the plugin might delay the fleet validation process, as Fleet Application Management must automatically enable it during your fleet preparation. Note that on resource addition, Fleet Application Management automatically enables the Fleet Application Management plugin on the Oracle Cloud Agent.
Availability
Oracle hosts its OCI services in regions and availability domains. A region is a localized geographic area, and an Availability domain is one or more data centers in that region.
| Region Name | Region Identifier | Region Location | Region Key | Realm Key | Availability Domains |
|---|---|---|---|---|---|
| Brazil East (Sao Paulo) | sa-saopaulo-1 | Sao Paulo, Brazil | GRU | OC1 | 1 |
| Canada Southeast (Toronto) | ca-toronto-1 | Toronto, Canada | YYZ | OC1 | 1 |
| Germany Central (Frankfurt) | eu-frankfurt-1 | Frankfurt, Germany | FRA | OC1 | 3 |
| India West (Mumbai) | ap-mumbai-1 | Mumbai, India | BOM | OC1 | 1 |
| Japan East (Tokyo) | ap-tokyo-1 | Tokyo, Japan | NRT | OC1 | 1 |
| Netherlands Northwest (Amsterdam) | eu-amsterdam-1 | Amsterdam, Netherlands | AMS | OC1 | 1 |
| Saudi Arabia West (Jeddah) | me-jeddah-1 | Jeddah, Saudi Arabia | JED | OC1 | 1 |
| UAE East (Dubai) | me-dubai-1 | Dubai, UAE | DXB | OC1 | 1 |
| UK South (London) | uk-london-1 | London, United Kingdom | LHR | OC1 | 3 |
| US East (Ashburn) | us-ashburn-1 | Ashburn, VA | IAD | OC1 | 3 |
| US West (Phoenix) | us-phoenix-1 | Phoenix, AZ | PHX | OC1 | 3 |
See About Regions and Availability Domains for the list of all available regions, along with associated locations, region identifiers, region keys, and availability domains.
Access Permission for Groups and Users
To work in Fleet Application Management, a tenancy administrator in your organization must create groups, add users to groups, and add policies that control which users can access the service and its resources, and the type of access they have.
Create at least one user in the tenancy who wants to work with Fleet Application Management. This user must be created in the IAM service.
Follow these steps as a tenancy administrator:
-
Create a group or use an existing group in the tenancy.
-
Create users and add them to the group, or add existing users to the group.
- Create policies for the groups that control users' access to Fleet Application Management resources. For more information about policy types, see Fleet Application Management Policies and Permissions.
Authentication and Authorization
Each service in Oracle Cloud Infrastructure integrates with IAM for authentication and authorization, for all interfaces (the Console, SDK or CLI, and REST API).
An administrator in an organization needs to set up groups , compartments , and policies that control which users can access which services, which resources, and the type of access. For example, the policies control who can create new users, create and manage the cloud network, create instances, create buckets, download objects, and so on. For more information, see Managing Identity Domains. For specific details about writing policies for each of the different services, see Policy Reference.
If you're a regular user (not an administrator) who needs to use the Oracle Cloud Infrastructure resources that the company owns, contact an administrator to set up a user ID for you. The administrator can confirm which compartment or compartments you can use.
Required IAM Policies
To use Oracle Cloud Infrastructure, an administrator must be a member of a group granted security access in a policy by a tenancy administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don't have permission or are unauthorized, verify with the tenancy administrator what type of access you have and which compartment your access works in.
If you're new to policies, see IAM Policies Overview.
Tenancy administrators: To know about policies that provide access to Fleet Application Management resources, see IAM Policies.
Accessing Fleet Application Management
You can access Fleet Application Management by using the Console (a browser-based interface), REST API, or CLI. Instructions for using the Console, API, and CLI are included in topics throughout this documentation. For a list of available SDKs, see Software Development Kits and Command Line Interface.
To access the Console, you must use a supported browser. To go to the Console sign-in page, open the navigation menu at the top of this page and select Infrastructure Console. You are prompted to enter your cloud tenant, your user name, and your password.
After signing in to the Console, navigate to Fleet Application Management:Open the navigation menu and select Observability & Management, and then select Fleet Application Management.
-
To use the CLI or REST APIs, configure the environment by using the following options, or use OCI Cloud Shell:
- To use the CLI or REST APIs in Cloud Shell, sign in to the Console. See Using Cloud Shell and the CLI Command Reference.
-
To install the CLI in your environment, follow the steps in Install CLI. For more information about CLI, see the Command Line Interface (CLI) overview.
-
To use the REST APIs, see REST API documentation and API Reference and Endpoints.
If you get a permission or authorization error, contact your tenancy administrator to verify the type of access that you're granted.
Service Limits
When you sign up for Oracle Cloud Infrastructure, a set of service limits is configured for your tenancy. The service limit is the quota or allowance set on a resource. Review the following service limits for Fleet Application Management.
| Resource | Limit Name | Oracle Universal Credits | Pay As You Go or Trial |
|---|---|---|---|
| Fleets | fleet-count | 1000 | 100 |
| Maintenance Windows | maintenance-window-count | 500 | 50 |
| Properties | property-count | 1000 | 100 |
| Runbooks | runbook-count | 200 | 100 |
| Compliance Policy Rules | compliance-policy-rules-count | 500 | 100 |
| Patches | patch-count | 5000 | 1000 |
| Platform Configurations | platform-configuration-count | 1000 | 500 |
| Catalog Items | catalog-item-count | 1000 | 500 |
| Provisions | provision-count | 500 | 100 |
See Service Limits for a list of applicable limits and instructions for requesting a limit increase.
For instructions to view the usage level against the tenancy's resource limits, see Viewing Your Service Limits, Quotas, and Usage.