PeopleTools 8.59 UI Changes

To start out, the User Interface (UI) changes in PeopleTools 8.59 are very good! There is a difference between seeing screenshots and using the application. The improvements to search make it a great navigation tool and navigating the system is more fun with updates to the Navigator and the new Quick Access Bar. I am excited to use applications on PeopleTools 8.59 after getting some hands-on time with the changes.

I have compiled is a list of changes and improvements that I think have the biggest impact, including some that were not talked about by the PeopleTools team.

Quick Access Bar

I really like this new Quick Access Bar. On the homepage, it sits on the left-hand side of the page and your favorites and recent places are just a click away. Getting these two collections of links out of the NavBar is a good change.

The Quick Access Bar is only the home page. I found myself wishing the Quick Access Bar was static on every page. I’m sure that would be some UI issues with Nav Collections, Work Centers, etc, but I think a persistent Quick Access Bar would be quite useful.

Breadcrumbs

In the Navigator, I’m excited that breadcrumbs are back! I think the way breadcrumbs are implemented is well done. In previous versions of the Navigator, there was a “Back” and “Top” buttons that you could use to move up the folder paths. This was functional but you don’t always know where you are in the Navigator. To be fair, the intent with Fluid Navigation is to use Nav Collections, Tiles, and Work Centers instead of the Navigator, but the Navigator still gets lots of use.

The breadcrumbs in 8.59 replace the “Back” and “Top” buttons.

I like this much better because you can go back to any point in the navigation hierarchy with just a click.

Alphabetical Sorting

The Navigator can now be sorted alphabetically, or use the original sorting. This does return another feature from previous versions of PeopleTools, but it’s a welcome change. I’ve worked at organizations that spend time customizing the Menu to be alphabetical. As a frequent user of the PeopleTools folder, I appreciate that both sorting options are offered.

I also like that the alphabetical sorting option has groupings for each letter to make it easier to find the folders you are looking for.

New Icons

The icons throughout the Homepage, Search Bar, NavBar and Quick Access Bar have a new clean, and simple look. The icons for folders and content references are distinct and the use of color is helpful. The icons are also present in the search results and a Recent Items icon in the search bar helps you easily find what you are looking for.

I would like to see this icon style adopted by the default tile images to provide a stronger brand feeling.

Search Bar

On the Homepage, the Search Bar is featured at the top. I like the ever-present search bar; it is quicker to use and having the search bar waiting for you feels more like a search-driven UI. The menu search seems much faster, the type-ahead searching is responsive, and the ability to enable Real Time Indexing on the Recent Places items is very useful.

Notifications and Fluid Search Results

Notifications are now prominent on the Homepage in their own right-hand pane. I think this is a great change that will hopefully drive more adoption for notifications within PeopleSoft. Clicking on a notification will bring you to the page that needs your attention. But you can also view all of your Notifications as a collection. This new view has some interesting UI changes in 8.59 that are good and bad.

First, in the header, there are new forward/back buttons that will take you through the list of work. These exist elsewhere in 8.59 on Fluid Pages. (The Real Time Indexing page is where I also saw this behavior). The continues a trend in PeopleTools where action buttons are moved into the Header. In classic pages, the action buttons are mostly at the bottom of the content page. I like the forward/back buttons when working through a list.

Second, the normal header buttons are hidden behind the Action Menu. I don’t like this. If I’m working through a list of notifications and I’m done, my next action is to go somewhere else in the system (or log off). The Home, Search, and NavBar buttons are now buried under an extra click. I feel the Home and Search buttons should always be visible to users; the NavBar makes sense to hide if you short on space in the Header.

Third, from time to time the left also minimizes to a yellow bar on the left-hand side. This doesn’t seem to replace the little “tab” when collapsing the left-hand pane in Nav Collections, it does seem to show when the page is wider than your browser to give you some extra screen real estate. The inconsistency is throwing me off, but maybe that’s because this is all new.

[UPDATE: 4/13/2021]

I can’t believe I posted this blog post without calling out the Process Monitor changes!

Process Monitor

The Process Monitor has the most changes I have seen since working with PeopleSoft! (8.4 was just released when I started my career). There is now “Clear” button to remove any filters you have added, and “Reset” button to set the Process Monitor back to default settings. Both buttons are long overdue!

There is a new field on the Process Monitor grid that gives you quick access to pages under the Details page. You don’t save any clicks, but the Action menu is faster than loading a subpage and clicking another link.

These are good changes and it’s nice to see a page that is used by so many users given some love. I’d call it Process Monitor 1.1. The PeopleTools team could take some more cues from the Process Monitor 2.0 project.

psadmin.conf 2021 Registration is Open!


We are excited to announce that registration for psadmin.conf 2021 is open! This year, psadmin.conf will be a virtual conference held on May 10-12, 2021.

psadmin.conf is a conference specifically for PeopleSoft Administrators. The conference features talks from expert admins on topics like PeopleSoft automation, open source tools to simplify your job, and success stories on upgrades and patching. This year, the conference offers you the option to sign up for 1, 2, or 3 hands-on guided labs that you won’t get anywhere else. The goal of the conference is to expand your knowledge of PeopleSoft Administration and network with PeopleSoft admins from around the world.

This year, you can choose to sign up for up to 3 Guided Labs that interest you. There are multiple labs to choose from this year:

  • Rundeck and PeopleSoft
  • Clustering PeopleSoft Applications
  • Introductory DPK
  • Intermediate DPK

We are also accepting session proposals until March 19th. Our favorite part of psadmin.conf is hearing from PeopleSoft Admins and how they solved a problem, built a fun tool to make life easier, or why they started working with a new technology. As PeopleSoft Admins, we are always looking to improve how we manage our environments and the best way to learn is from others.

Head over to psadmin.io/conference to view the Lab descriptions, register, view the agenda, and get more details on the event. We will publish a detailed agenda and session descriptions in early April after the Call for Proposals has closed.

We’re excited to see you in May! dan and kyle

Upcoming Speaking Sessions

Hello there! Just a quick update to let you know Dan and Kyle have some upcoming speaking sessions. These are some great sessions, so make sure to register and check them out!

Environment Template Security in Cloud Manager

Now that Cloud Manager is here, we have self-service ability to create PeopleSoft environments in OCI. Cue Uncle Ben… “With great power comes great responsibility.” Having a self-service portal that allows for the creation of these environments is fantastic, but how do we put some controls around this awesome power? This is where Environment Template security comes in to play.

To create an Environment in Cloud Manager, you first need an Environment Template. This template is created using some General Details, a Topology, and finally Security. It is this security detail that will help us control who can use these templates to create environments in the future. When you are creating a template, you will see the following section 3 – Define Security in the wizard. Let’s break down what our options are.

Assign Template to Zone(s)

Templates can be assigned to a single or multiple Zones. As of Image 11, there are currently three zones to choose from:

  • Development
  • Test
  • Production

A Zone is just “a logical grouping of environments,” according to Oracle’s Cloud Manager FAQ. At this time, it doesn’t serve any other purpose outside of helping you organize your environments. I could see a level of security being added to Zones in the future. If not by Oracle, maybe a custom bolt-on?

Assign Template to Role(s)

Templates can also be assigned to PeopleSoft security Roles. Any user that has a Role specified in this section will have the ability to create an Environment based on this template. Cloud Manager delivers three roles intended to be used with templates:

  • Cloud Administrator (PACL_CAD)
  • Cloud PeopleSoft Administrator (PACL_PAD)
  • Self-Service User (PACL_SSC)

As you would expect with PeopleSoft security, you are free to create and use your custom roles here. I think the delivered roles make it clear how Oracle sees the breakdown of potential users. Users who admin OCI resources, users who admin PeopleSoft, and users of PeopleSoft who might want ad-hoc environments(thinking developers or maybe even business staff looking for demos). I could see the OCI and PS admin roles combined often. Also, the self-service user might be split out into a technical and functional role or disabled altogether. Each organization will have to review this for themselves and come up with a good policy. Just keep in mind, you can add multiple roles to each template.

Creating Environments

Once the security and other details are added to a template, it will be available to use when creating an Environment.

Only the templates the user has access to will be in the Template Name dropdown. The Zone dropdown will also be populated with available zones from the selected template. If a single zone were added, this would be auto-selected and read-only.

Overall, I feel that Environment Template security offers a lot of control. It gives us enough control to provide a level of self-service environment deployments if desired. I do look forward to seeing actual functionality added to Zones. It might be easier to manage this security if we could somehow control access by zone versus strictly individual template security.

Taking PeopleSoft Swimming in an OCI Instance Pool

I was recently studying for some OCI Certification exams when I came across the topic of Instance Pools. I’ve known about this OCI feature for a while but realized I somehow never thought seriously about using them with PeopleSoft. So, I decided to do a proof of concept and write about it. What I found was with a few changes to a traditional PeopleSoft topology and configuration, you can get this working!

Please keep in mind that this is a proof of concept. I know I didn’t touch on all PeopleSoft configuration and features, so there is likely more work to be done to make this setup viable. I will try to call out some “gotchas” that come to mind but feel free to call out potential issues in the comments. If we can turn this POC into something usable, it might even open the door for container exploration!

Getting Started

To get started, we first need to understand what an Instance Pool is, and what is required to create one. An Instance Pool is a feature that allows you to create and manage multiple compute instances that share the same configuration. What makes them powerful is the ability to scale instance count and attach to a Load Balancer. You can scale on a schedule, with metric based rules, with Terraform or a script using OCI CLI, or manually with the OCI Console. Adjusting the instance count will create or terminate instances automatically. Also, when the pool is attached to a load balancer, the instances are automatically added or removed from the load balancer’s backend set. As you can see, this type of functionality would be great in the PeopleSoft space, where the load on a system can vary day-to-day. Think “timesheet day,” open enrollment, course registration, etc.

To complete this POC, we first need a few things.

Load Balancer

We will leverage the Load Balancing service that OCI offers. This service’s integration with our Instance Pool will give us the automation that we need. Creating a Load Balancer is straight forward, but there are a few things to keep in mind for this POC.

  1. Select a visibility type of Public if you hope to access it from the internet.
  2. Don’t worry about adding Backends at the time of Load Balancer creation. This will be handled by the Instance Pool in the future.
  3. Make sure to enable Session Persistence on the Backend Set. This is needed for PeopleSoft to work correctly.

Custom Image

An Instance Pool uses an Instance Configuration to spin up new instances on demand. An Instance Configuration contains all the configuration details like network, OS, shape, and image needed to create an instance. The image can be an Oracle provided platform image( Oracle-Linux-7.x, etc.) or a custom image that you create.

This image marks the first real decision on how to approach this POC. What we are after is a server with PeopleSoft web and application domains fully deployed and running. I see two approaches to this. One, use a standard platform image and then use cloud-init to configure and deploy the domains using DPK at instance creation. Two, create a custom image with the domains already deployed. I chose to leverage the custom image approach for this POC. I felt this was the fastest, most reliable way to create these instances. With rule-based scaling, and maybe to a lesser extent scheduled scaling, we ideally want these instances created quickly, and DPK takes time.

If startup time at creation isn’t a concern, then an approach using cloud-init probably is the way to go. One thought I had was to keep all middleware installations on FSS. The cloud-init script could just mount that and have DPK just focus on deploying PS_CFG_HOME. That would really speed things up. Maybe something to try in a future blog post!

Create Base Instance

I found a few things that were needed when prepping a PeopleSoft webapp server for Custom Image creation. I started by creating a new instance using the latest Linux 7 platform image. Next, I downloaded the latest PeopleTools 8.58 DPK to the instance and ran the psft-dpk-setup.sh setup script, passing the --env_type midtier --domain_type all options. This gave me a server with working web and application domains.

Update PeopleSoft Configuration

If we stopped here and created a Custom Image from this base instance, we might have some success. However, every future instance created from this image would have the exact same PeopleSoft domain configuration. There are some parts of a PeopleSoft domain configuration that are required to be unique. Also, some parts of the configuration will have a hostname “hardcoded,” etc. Here is a list of changes I made to address these concerns before I created a Custom Image. As mentioned before, there are likely more changes needed. However, these were enough to get this POC working.

  1. Update Cookie Configuration
    • Make sure your cookie configuration in the weblogic.xml file is set not to include a hostname.
    • <cookie-name>DBNAME-PORTAL-PSJSESSIONID</cookie-name>
  2. Update configuration.properties
    • Set the psserver= value to use localhost, since we are using a webapp deployment approach.
    • This will pin each web domain to use its local app domain, with load balancing and failover handled strictly by the OCI Load Balancer.
  3. Update setEnv.sh
    • By default, the ADMINSERVER_HOSTNAME variable is set to the hostname the domain was installed on.
    • Change this to be a dynamic value, driving off of the $HOSTNAME environment variable.
      • ADMINSERVER_HOSTNAME=${HOSTNAME}
  4. Update psappsrv.cfg
    • The [Domain Settings]\Domain ID value should be unique across all your PeopleSoft domains.
    • It is common for domain ids to follow a sequence number pattern. Example: APPDOM1, APPDOM2, etc.
    • Update the value to use an environment variable for the sequence number, ensuring a unique ID.
      • Domain ID=APPDOM%PS_DOMAIN_NBR%
      • We will discuss ideas on how to set this %PS_DOMAIN_NBR% variable later.
  5. Update psft-appserver service script
    • To ensure our domain configurations are correct and domains start properly, we should enforce a domain configure during instance creation and boot.
    • For this POC, I simply added a psadmin configure command to the domain service script.
    • For each application domain installed by the DPK, there is a service setup using a script found here:
      • $PS_CFG_HOME/appserv/APPDOM/psft-appserver-APPDOM-domain-appdom.sh
    • Update this script in the start_application_server function and add the following configure command before the start command.
      • su - $APPSRV_ADMIN -c "$APPSRV_PS_HOME/bin/psadmin -c configure -d $APPSRVDOM" 1>>$LOG_FILE 2>&1
  6. Create $PS_DOMAIN_NBR
    • In the psadm2 ~/.bashrc file, export a $PS_DOMAIN_NBR variable.
    • The goal for this is to generate a unique number that can be used in your domain configuration.
    • When an Instance Pool creates an instance, a random number is appended to the hostname.
      • Example: webapp-634836, webapp-973369, etc.
    • To leverage this appended number for $PS_DOMAIN_NBR, you can use something like this:
      • export PS_DOMAIN_NBR=$(hostname | rev | cut -d- -f1 | rev)

Create a Custom Image

Before creating the custom image, there are a few more things to clean up. First, remove any unwanted domains or software. Depending on your DPK deployment, a process scheduler domain may have been created. We won’t be needing this, so it can be manually removed using psadmin. Next, remove any unwanted entries in /etc/hosts file. For this POC, I stripped down to just the “localhost” entries. New entries will be added when instances are created with new hostnames. Last, stop all running PeopleSoft domains. This step is just to ensure a clean configuration.

Now we are ready to create the Custom Image. In the OCI Console, find your base instance. Under More Actions, select Create Custom Image.

Instance Configuration

After the Custom Image is done provisioning, we are ready to create our Instance Configuration. To start, we need to create an instance based on our new Custom Image. In the OCI Console, navigate to Compute > Custom Image and find the new image. Click on Create Instance. Enter a name, shape, networking, and other details we want to be used in our future Instance Configuration. Select Create and wait for the instance to provision.

Once provisioned, go ahead and validate that the instance looks good. Login to the PIA, make sure the domains started correctly, etc. If all looks well, go back to your newly created instance in the OCI Console. Under More Actions, select Create Instance Configuration. Select a compartment, name, and optional tags, then click Create Instance Configuration.

Instance Pool

Now that we have our Instance Configuration, we can finally create our Instance Pool. In OCI Console, navigate to the newly created Instance Configuration and click on Create Instance Pool. Select a name, the instance configuration, and the number of instances you would like in the pool. Next, we will configure the pool placement with Availability Domain details. Also, make sure to select Attach a Load Balancer. Select the Load Balancer details we created earlier. Lastly, review the details and click Create. You can now follow the provisioning steps under Work Requests.

Once the provisioning work requests are completed, you can validate everything worked as expected. Under Instance Pool Details, you can navigate to Created Instances. You should see the newly created instances listed here. Also, you can navigate to Load Balancers. You will see the attached load balancer. Click into this to review that the Backend Set was updated with the newly created instances.

After validating the initial deployment, you can play around with the instance count. Navigate back to your Instance Pool and click on Edit. Try adding or subtracting to the Number of Instances. Monitor the work requests then validate instances were added or subtracted correctly.

Conclusion

This blog post was a quick, high-level walkthrough of using Instance Pools with PeopleSoft on OCI. My goal was mainly to prove that this was possible in a POC. However, I also wanted to help start a conversation about how this might look in a Production setting. I listed out a few things that could be done to get a custom image approach to work. What other configuration values did I not mention? What ideas do you have for a more dynamic approach, using DPK installs at creation time? As the feature set of OCI grows relating to Load Balancers and Instance Pools, I think we will be more and more motivated to get a deployment like this working outside of the lab!

psadmin.conf: System Performance Data Collection

In this session from psadmin.conf 2018, Frank Dolezal shares how he collects logs and system analytics to address a number of system issues. He explains how they can track average performance trends in the system, identify errors an anomalies, catch new issues before they are reported, and more.

We released the videos from psadmin.conf as a free course so you can find the sessions in one place. Head over to the psadmin.io courses page and sign up. If you already signed up for the course, you can log in and the new video will be available.

Cloud Manager Configuration

Notes

If you haven’t installed Cloud Manager yet, watch this video first to learn how to install Cloud Manager.

  1. Install Chocolatey

    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
    Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
    
  2. Install Firefox

    choco install firefox -y
    

psadmin.conf: Elasticsearch Clusters on Kubernetes

In this session from psadmin.conf 2018, JR Bing gives an introduction to Kubernetes and then dives into why he is using it to run an Elasticsearch cluster. The session includes a great demo as well showing how PeopleSoft interacts with the Kubernetes cluster. He finishes the session with some ideas on how containers Kubernetes could be used by PeopleSoft in the future.

We released the videos as a free course so you can find the videos in one place. Head over to the psadmin.io courses page and sign up. If you already signed up for the course, you can log in and the new video will be available.

Signing nVision Macros

Signing nVision Macros

If you have to support nVision reports, you’ve probably had to deal with getting nVision configured on developer workstations. To develop nVision reports, you need to run Excel macros inside Excel. But, many organizations are concerned about allowing users to run any macro. Macros are often an attack vector for hackers, so running Excel macros are something that IT security often discourages.

How do we balance the need to run nVision and IT security discouraging macros? We can sign the nVision macros with a certificate from your organization so that the macros are trusted. To sign the macros, we will use tools that come with Microsoft Office.

Generate a Certificate

First, we need to generate a certificate. If you have Office 2016, you will find the selfcert.exe program here: C:\Program Files\Microsoft Office\root\Office16\

PS C:\> cd 'C:\Program Files\Microsoft Office\root\Office16' 
PS C:\Program Files\Microsoft Office\root\Office16> .\SELFCERT.EXE

Give your certificate a name, nVision, and click OK. Your certificate is stored in the Windows Certificate Manager.

Sign the Excel Macro

Next, launch nVision and sign in. If nVision hangs, you can start Excel, set the macro settings to “All Macros enabled” for now (File> Options > Trust Center > Trust Center Settings > Macro Settings), then relaunch nVision.

Once nVision has started, enable the Developer tab under File > Options > Customize Ribbon. Select the Developer option and move it to the toolbar. Next, click on Developer tab and select the Visual Basic button. In the VB Editor, click on Tools > Digital Signature and select the nVision certificate. Save your changes.

Test the Signed Macros

Before we test, make sure your Excel macro settings are correct. Under File> Options > Trust Center > Trust Center Settings > Macro Settings, select the option “Disable all macros except digitally signed macros”. Close Excel and nVision.

Last, launch nVision and watch your digitally signed macros run in Excel.

Cloud Manager Installation

Sign up for an Oracle Cloud Trial Account

Create SSH key

ssh-keygen -f ~/.ssh/cmtrial
cat ~/.ssh/cmtrial.pub

Create OCI API Key

openssl genrsa -out ~/.oci/cmtrial.pem -aes128 2048
openssl rsa -pubout -in ~/.oci/cmtrial.pem -out ~/.oci/cmtrial.pub
openssl rsa -pubout -outform DER -in ~/.oci/cmtrial.pem | openssl md5 -c
cat ~/.oci/cmtrial.pub
base64 ~/.oci/cmtrial.pem | tr -d "\r\n"

More information on building OCI API Keys

Allow Public Access to CM

  1. Menu > Networking > VCN > cm Subnet > Security Lists > cm_sec
  2. Add a new rule: 0.0.0.0/0 8000
  3. Add a hosts entry to access CM
echo "IPADDRESS psftcm.cm.psftcm.oraclevcn.com" | sudo tee -a /etc/hosts

Logs to view while waiting for Cloud Manager to finish.

ssh -i ~/.ssh/cmtrial opc@IPADDRESS
tail -f bootstrap/CloudManagerStatus.log
tail -f bootstrap/psft_oci_setup.log