Oracle WebLogic 14c on Linux User Guide
Overview
This guide covers the deployment and configuration of Oracle WebLogic Server 14c (14.1.2.0.0) on Linux using cloudimg AMIs from the AWS Marketplace.
What's included in this AMI:
- Oracle WebLogic Server 14c (14.1.2.0.0) with Java EE 8 support
- Oracle JDK 21 LTS
- Pre-configured WebLogic domain with Admin Server on port 7001
- Web-based Administration Console
- Systemd services for automatic startup
- NodeManager for server lifecycle management
- AWS CLI v2, Systems Manager Agent, and CloudWatch Agent
Supported Operating Systems: Oracle Linux 9, Oracle Linux 8, AlmaLinux 9, AlmaLinux 8, Rocky Linux 9, Rocky Linux 8
Visit www.cloudimg.co.uk to explore the full catalogue of preconfigured AMIs available on the AWS Marketplace.
Prerequisites
Before launching this AMI, ensure you have:
- An active AWS account
- An active subscription to the Oracle WebLogic 14c on Linux listing on AWS Marketplace
- Familiarity with EC2 instance management and SSH
Recommended Instance Type: m5.large (2 vCPU, 8 GB RAM) or larger for production workloads.
Step 1: Launch the AMI
- Navigate to the AWS Marketplace and search for "Oracle WebLogic 14c cloudimg"
- Click Continue to Subscribe, accept the terms, then Continue to Configuration
- Select your preferred Region and Software Version
- Click Continue to Launch
- Choose Launch through EC2 for full control over instance configuration
- Select your instance type (
m5.largerecommended) - Configure storage: 50 GB gp3 minimum recommended
- Configure your Security Group with the following inbound rules:
| Port | Protocol | Source | Purpose |
|---|---|---|---|
| 22 | TCP | Your IP | SSH access |
| 7001 | TCP | Your IP | WebLogic Administration Console |
| 7002 | TCP | Your IP | WebLogic Server (SSL) |
| 5556 | TCP | Your IP | NodeManager |
Important: Restrict ports 7001, 7002, and 5556 to your IP address only. Do not open these to 0.0.0.0/0.
Step 2: Connect via SSH
Once your instance is running, connect using SSH:
ssh -i your-key.pem ec2-user@<public-ip-address>
Replace your-key.pem with the path to your EC2 key pair and <public-ip-address> with your instance's public IP.
Step 3: Retrieve Your Credentials
The WebLogic administrator password is randomly generated at build time. Retrieve it from the credentials file:
sudo cat /home/oracle/CREDENTIALS.txt
- Username:
weblogic - Password: (unique per instance, see CREDENTIALS.txt)
Important: Change the password after first use and delete the credentials file. See the Security Hardening section below.
Step 4: Start WebLogic Server
Start the WebLogic Server using the systemd service:
sudo systemctl start weblogic.service
Wait approximately 60 to 90 seconds for the server to fully start. You can monitor the startup progress:
sudo journalctl -u weblogic.service -f
Look for the message Server state changed to RUNNING to confirm the server is ready.
Step 5: Verify the Installation
Verify the WebLogic installation and server status:
# Check JDK version
/u01/java/jdk-21/bin/java -version
# Check WebLogic home exists
ls /u01/app/oracle/product/wlserver/
# Check domain exists
ls /u01/app/oracle/product/user_projects/domains/base_domain/config/config.xml
# Check services are enabled
systemctl is-enabled weblogic.service
systemctl is-enabled nodemanager.service
# Test the server is listening
curl -s -o /dev/null -w "%{http_code}" http://localhost:7001/console/login/LoginForm.jsp
A 200 response code confirms the Administration Console is running.
Step 6: Access the Administration Console
Open your web browser and navigate to:
http://<public-ip>:7001/console
You will see the Oracle WebLogic Server Administration Console login page.
Enter the following credentials:
- Username:
weblogic - Password: The password from
/home/oracle/CREDENTIALS.txt
Click Login to access the console.
Using the Administration Console
The WebLogic Administration Console is a web-based interface for managing all aspects of your WebLogic domain.
Editing Configuration
The console operates in a lock and edit mode. To make changes:
- Click Lock & Edit in the Change Center panel on the left.
- Make your configuration changes.
- Click Release Configuration to save and apply.
This ensures that multiple administrators do not make conflicting changes simultaneously.
Key Console Sections
- Domain Structure in the left panel shows the overall domain tree including Environment, Deployments, Services, Security Realms, and Diagnostics.
- Environment > Servers displays all configured server instances.
- Deployments allows you to deploy and manage Java EE applications and modules.
- Services > Data Sources is where you configure JDBC connections to databases.
- Security Realms manages users, groups, roles, and authentication providers.
- Diagnostics provides access to log files, images, and performance data.
Deploying an Application
- Click Lock & Edit.
- Navigate to Deployments in the left panel.
- Click Install and browse to your WAR, EAR, or JAR file.
- Follow the wizard to select targeting options and deployment settings.
- Click Release Configuration to activate the deployment.
Directory Structure
| Path | Description |
|---|---|
/u01/java/jdk-21/ |
Oracle JDK 21 LTS (JAVA_HOME) |
/u01/app/oracle/product/ |
Middleware Home (MW_HOME / ORACLE_HOME) |
/u01/app/oracle/product/wlserver/ |
WebLogic Server Home (WL_HOME) |
/u01/app/oracle/product/oracle_common/ |
Oracle Common Home |
/u01/app/oracle/product/user_projects/domains/base_domain/ |
Default Domain (DOMAIN_HOME) |
/u01/app/oraInventory/ |
Oracle Inventory |
Environment variables are pre-configured in /home/oracle/.bash_profile:
export JAVA_HOME=/u01/java/jdk-21
export MW_HOME=/u01/app/oracle/product
export WL_HOME=/u01/app/oracle/product/wlserver
export DOMAIN_HOME=/u01/app/oracle/product/user_projects/domains/base_domain
To use them, switch to the oracle user:
sudo su - oracle
Managing WebLogic Services
The AMI includes systemd services for WebLogic Server and NodeManager:
# Start WebLogic Server
sudo systemctl start weblogic.service
# Stop WebLogic Server
sudo systemctl stop weblogic.service
# Check WebLogic Server status
sudo systemctl status weblogic.service
# Start NodeManager
sudo systemctl start nodemanager.service
# Check NodeManager status
sudo systemctl status nodemanager.service
# View WebLogic logs
sudo journalctl -u weblogic.service -f
Both services are enabled for automatic startup on boot.
Creating Additional Domains
To create a new WebLogic domain, use the WLST scripting tool:
sudo su - oracle
# Launch WLST
$WL_HOME/common/bin/wlst.sh
# In the WLST shell:
readTemplate('/u01/app/oracle/product/wlserver/common/templates/wls/wls.jar')
cd('Servers/AdminServer')
set('ListenAddress', '')
set('ListenPort', 7001)
cd('/')
cd('Security/base_domain/User/weblogic')
cmo.setPassword('YourSecurePassword')
setOption('ServerStartMode', 'prod')
writeDomain('/u01/app/oracle/product/user_projects/domains/your_domain_name')
closeTemplate()
exit()
Remember to create a boot.properties file for any new domain you create in production mode.
Verify Boot Configuration
The AMI comes with boot.properties pre-configured so WebLogic Server starts automatically in production mode without interactive credential prompts. No manual setup is required.
If you need to recreate boot.properties after a password change:
sudo su - oracle
cat > $DOMAIN_HOME/servers/AdminServer/security/boot.properties << EOF
username=weblogic
password=YourNewPassword
EOF
chmod 600 $DOMAIN_HOME/servers/AdminServer/security/boot.properties
WebLogic encrypts this file automatically on the next startup.
Security Hardening
Change the Default Admin Password
After your first login, change the administrator password through the Administration Console:
- Click Lock & Edit in the top left pane to enter edit mode.
- In the left hand navigation, click Security Realms.
- Click myrealm to open the security realm settings.
- Select the Users and Groups tab.
- Click on the weblogic user.
- Select the Passwords tab.
- Enter your new strong password in both the New Password and Confirm New Password fields.
- Click Save.
- Click Release Configuration in the left hand pane to apply the changes.
After changing the password, update the boot.properties file as shown above and restart the server.
Delete the Credentials File
Once you have changed the password, delete the default credentials file:
sudo rm /home/oracle/CREDENTIALS.txt
Restrict Network Access
Ensure your Security Group only allows access from trusted IP addresses:
- Port 22 (SSH): Your IP only
- Port 7001/7002 (WebLogic Server): Your IP or VPN CIDR only
- Port 5556 (NodeManager): Internal VPC traffic only
Use SSH Tunnelling for the Console
Instead of opening port 7001 directly, use SSH tunnelling to securely access the console:
ssh -i your-key.pem -L 7001:localhost:7001 ec2-user@<public-ip>
Then access the console at http://localhost:7001/console from your local browser.
Apply Security Updates Regularly
Keep the operating system up to date:
sudo dnf update -y
Monitor Oracle Critical Patch Updates (CPUs) for WebLogic Server security fixes and apply them according to Oracle's guidance.
Troubleshooting
WebLogic Server fails to start
Check the server log:
cat /u01/app/oracle/product/user_projects/domains/base_domain/servers/AdminServer/logs/AdminServer.log
Common causes:
- Insufficient memory: Use an instance type with at least 4 GB RAM
- Port conflict: Ensure port 7001 is not in use by another process
- Missing boot.properties: In production mode, the server requires a boot.properties file (see Verify Boot Configuration above)
- Java heap size: Edit setDomainEnv.sh to increase memory allocation
Cannot connect to the Administration Console
- Verify the server is running:
sudo systemctl status weblogic.service - Check Security Group allows inbound traffic on port 7001 from your IP
- Verify the instance has a public IP or you are connecting via VPN
- Check if the server is still starting:
sudo journalctl -u weblogic.service -f - Ensure you are using
http://(nothttps://) and the correct port in the URL
SSH connection timeout
- Verify the instance is in a running state in the EC2 console
- Check Security Group allows inbound SSH (port 22) from your IP
- Ensure you are using the correct key pair and username (
ec2-user) - Check that the key file permissions are set correctly:
chmod 400 your-key.pem
NodeManager connection issues
# Check NodeManager status
sudo systemctl status nodemanager.service
# View NodeManager logs
cat /u01/app/oracle/product/user_projects/domains/base_domain/nodemanager/nodemanager.log
Cannot log in to the Administration Console
- Verify you are using the username
weblogic(case sensitive) - Retrieve the correct password from
/home/oracle/CREDENTIALS.txt - If you have changed the password and forgotten it, you will need to reset it using WLST from the command line
Oracle WebLogic 14c Key Features
- Java EE 8 Platform: Full support for the
javax.*namespace including Servlet 4.0, JSF 2.3, JAX-RS 2.1, CDI 2.0, and JSON-B 1.0 - JDK 21 LTS: Long term support Java runtime
- Administration Console: Full web-based graphical interface for domain management
- Dynamic Clustering: Elastic server instances for horizontal scaling
- Zero Downtime Patching: Apply patches without service interruption
- Simplified JMS: Streamlined cluster JMS configuration
- XA Transactions: Without transaction TLog writes for improved performance
- RESTful Management Services: REST API for server administration and monitoring
- WebSocket Support: Native WebSocket implementation
- Multitenancy: Domain partitioning for resource isolation
Support
cloudimg provides 24/7/365 support for all AWS Marketplace products.
- Email: support@cloudimg.co.uk
- Response Time: Guaranteed 24 hour response
- Support Plans: View support tiers
- Oracle Documentation: WebLogic 14c Documentation