From 97a3db83756b05d79a1f658d464c3bd0b7ae711f Mon Sep 17 00:00:00 2001 From: haixia Date: Tue, 24 Nov 2020 14:02:30 +0800 Subject: [PATCH 1/5] Refactor WLS on AKS to cover two domain home source type scenarios. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Model in Image * Domain on PV This refactoring uses hugo shortcodes, like so: ``` {{< readfile file="/samples/simple/azure-kubernetes-service/includes/prerequisites-01.txt" >}} ``` This shortcode is defined in `docs-source/layouts/shortcodes/readfile.html`, which is simply: ``` {{ $toRead := .Get "file" }} {{ readFile $toRead | markdownify }} ``` By using hugo shortcodes, we can keep the text DRY, but maintain readability. Before this change, the WLS on AKS arrangement looks like: ``` 3. Samples Simple samples Credentials ... Azure Kubernetes Service Tanzu Kubernetes Service ``` After this change, the WLS on AKS arrangement looks like: ``` 3. Samples Simple samples Credentials ... Azure Kubernetes Service Domain home on a PV Model in image Troubleshooting Tanzu Kubernetes Service ``` Naturally, the steps in the two domain home source types have significant overlap. Hugho shortcode readfile allows us to account for that overlap while maintaining DRY. Running WLS on AKS via "Model in image" On branch wls-on-aks-model-in-image modified: docs-source/content/samples/simple/azure-kubernetes-service/_index.md - Use "Domain home source type" instead of "Domain home source scenario" for consistency with other parts of the documentation. - Update into to account for other values of Domain home source type. - Use "Domain in PV" instead of "Domain on a PV" for consistency with other parts of the docs. modified: docs-source/content/userguide/managing-domains/_index.md - Add "Azure Container Registry". modified: docs-source/content/userguide/managing-domains/domain-resource.md - Use the term `domainUID` consistently. modified: docs-source/content/userguide/managing-domains/prepare.md - Briefly define the term `domainUID` in place. modified: docs-source/content/userguide/overview/k8s-setup.md modified: docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md - Add automation step for domain-on-pv. - Validate service account - Complete PENDING activities. - Additional TOC entry Remove steps to build image. Use readfile with shortcode to allow content reuse On branch wls-on-aks-model-in-image Completed refactoring to verify domain-on-pv is correct. Next step is to revisit model-in-image. * Moved info block "The following sections of the" to the top, to get it out of the include. * Section *Prerequisites*. * Add dependency on Docker for Desktop. * Section *Oracle Container Registry*. * Simplified steps. * 12.2.1.4 pull. * Moved section *Clone WebLogic Server Kubernetes Operator repository* lower, to get it out of the include. * Added correctness check at end of section on setting up AKS. Starts with "After your Kubernetes cluster is up and running". * See above about info block. * Section *Generate configuration files* has been renamed *Create PV and PVC* The table in this section has been greatly simplified. * Things start to diverge greatly when the upstream says "Now let’s ask the operator to create a WebLogic Server domain within the AKS cluster." and the fork says "Follow Domain home on a PV - Use the script to create a domain to create the WebLogic domain home within the AKS cluster." We get back on track with the text "You may observe error-related output during the creation of the domain." * In the fork, in the section that starts with the text "You must create LoadBalancer services" the YAML snippets for the admin and managed servers are adjacent, and the apply commands are in the same execute block. * Troubleshooting is a separate section. modified: docs-source/content/samples/simple/azure-kubernetes-service/_index.md - Remove TOC entries to non-existent content. - Capitalize D in domain when appropriate. - Make it clear the two sub-sections are independent. deleted: docs-source/content/samples/simple/azure-kubernetes-service/create-aks-cluster.md - Content absorbed into files included with `readFile` shortcode. modified: docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md - See above. new file: docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources.md modified: docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body.md modified: docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.md - Extractions. modified: docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md - Start first validation work. On branch wls-on-aks-model-in-image Complete refactoring. modified: docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md - Use 3.1.1 instead of 3.0.3. - Move prerequisites into include. new file: docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites.md - Move prerequisites into include. modified: docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md - Move prerequisites into include. - Remove OCR. It is in a file that is included. - Move clone steps up. - Apply lessons from Jianguo from https://github.com/Azure/AKS/issues/1517#issuecomment-634551363 modified: docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md - Add JDK to prereqs. - Add "--admin-enabled". - Fix typos in table. On branch wls-on-aks-model-in-image modified: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/mii-initial.yaml modified: kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-initial-d1-JRF-v1.yaml modified: kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-initial-d1-WLS-v1.yaml - Correct admin/managed. On branch wls-on-aks-model-in-image modified: docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md - Move notice to correct place. - Make headings be same as in live docs. new file: docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-01.md new file: docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-02.md - Break up files to separate parts. deleted: docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body.md modified: docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.md - Re-add rows removed from table. modified: docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md - Use two parts. - Remove unnecessary heading. modified: docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md new file: docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-01.md new file: docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-02.md deleted: docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources.md modified: docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.md modified: docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md modified: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/azure-file-pv-template.yaml modified: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/azure-file-pvc-template.yaml renamed: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-aks-cluster-inputs.yaml -> kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks-inputs.yaml renamed: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-aks-cluster.sh -> kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks.sh deleted: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/domain-on-pv/admin-lb.yaml deleted: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/domain-on-pv/cluster-lb.yaml deleted: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/domain-on-pv/create-domain-inputs.yaml new file: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/loadbalancer-template.yaml modified: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/admin-lb.yaml modified: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/cluster-lb.yaml modified: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/helm-sa-cluster-admin-role.yaml modified: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/mii-initial.yaml Fix the menu issue. The live page will show included files in the menu. Change the included files as txt can solve this problem. Changes to be committed: modified: ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md renamed: ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-01.md -> ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-01.txt renamed: ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-02.md -> ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-02.txt renamed: ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-01.md -> ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-01.txt renamed: ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-02.md -> ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-02.txt renamed: ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.md -> ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.txt renamed: ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites.md -> ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-01.txt new file: ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-02.txt modified: ../../../../../docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md - Validate model-in-image On branch wls-on-aks-model-in-image modified: docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md - Added note to skip to sample deployment. - Use 1. for numbered lists. modified: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks-inputs.yaml - Update weblogic version number in image to 12.2.1.4. Add troubeshooting for WebLogic Kubernetes Operator ErrImagePull Troubleshooting for VM size error Update troubleshooting.md Update domain-on-pv.md Remove diff markers Thanks @tbarnes-us. On branch wls-on-aks-model-in-image Apply suggestions from @rosemarymarano and @tbarnes-us. modified: docs-source/content/samples/simple/azure-kubernetes-service/_index.md modified: docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md modified: docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.txt modified: docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-02.txt modified: docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md modified: docs-source/content/samples/simple/azure-kubernetes-service/troubleshooting.md modified: docs-source/content/userguide/managing-domains/prepare.md modified: kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-initial-d1-JRF-v1.yaml modified: kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-initial-d1-WLS-v1.yaml modified: operator/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-JRF modified: operator/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-WLS deleted: kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/mii-initial.yaml --- .../simple/azure-kubernetes-service/_index.md | 1024 +---------------- .../azure-kubernetes-service/domain-on-pv.md | 549 +++++++++ .../includes/clean-up-resources-body-01.txt | 13 + .../includes/clean-up-resources-body-02.txt | 6 + .../includes/create-aks-cluster-body-01.txt | 82 ++ .../includes/create-aks-cluster-body-02.txt | 54 + .../includes/create-aks-cluster-storage.txt | 182 +++ .../includes/prerequisites-01.txt | 10 + .../includes/prerequisites-02.txt | 12 + .../model-in-image.md | 836 ++++++++++++++ .../troubleshooting.md | 334 ++++++ .../simple/tanzu-kubernetes-service/_index.md | 8 - .../userguide/managing-domains/_index.md | 6 - .../managing-domains/domain-resource.md | 2 +- .../userguide/managing-domains/prepare.md | 3 +- .../content/userguide/overview/k8s-setup.md | 4 +- docs-source/layouts/shortcodes/readfile.html | 2 + .../azure-file-pv-template.yaml | 2 +- .../azure-file-pvc-template.yaml | 2 +- .../create-domain-on-aks-inputs.yaml | 2 +- .../loadbalancer-template.yaml | 4 +- .../model-in-image/admin-lb.yaml | 19 + .../model-in-image/cluster-lb.yaml | 19 + .../helm-sa-cluster-admin-role.yaml | 15 + .../JRF/mii-initial-d1-JRF-v1.yaml | 1 + .../WLS/mii-initial-d1-WLS-v1.yaml | 1 + .../mii-domain.yaml.template-JRF | 1 + .../mii-domain.yaml.template-WLS | 1 + 28 files changed, 2172 insertions(+), 1022 deletions(-) create mode 100644 docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md create mode 100644 docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-01.txt create mode 100644 docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-02.txt create mode 100644 docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-01.txt create mode 100644 docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-02.txt create mode 100644 docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.txt create mode 100644 docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-01.txt create mode 100644 docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-02.txt create mode 100644 docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md create mode 100644 docs-source/content/samples/simple/azure-kubernetes-service/troubleshooting.md create mode 100644 docs-source/layouts/shortcodes/readfile.html create mode 100644 kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/admin-lb.yaml create mode 100644 kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/cluster-lb.yaml create mode 100644 kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/helm-sa-cluster-admin-role.yaml diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/_index.md b/docs-source/content/samples/simple/azure-kubernetes-service/_index.md index 4538fde860f..284bd0b0d34 100644 --- a/docs-source/content/samples/simple/azure-kubernetes-service/_index.md +++ b/docs-source/content/samples/simple/azure-kubernetes-service/_index.md @@ -5,1017 +5,45 @@ weight: 8 description: "Sample for using the operator to set up a WLS cluster on the Azure Kubernetes Service." --- -This sample demonstrates how to use the [Oracle WebLogic Server Kubernetes Operator](/weblogic-kubernetes-operator/) (hereafter "the operator") to set up a WebLogic Server (WLS) cluster on the Azure Kubernetes Service (AKS). After going through the steps, your WLS domain runs on an AKS cluster instance and you can manage your WLS domain by accessing the WebLogic Server Administration Console. -AKS is a managed Kubernetes Service that lets you quickly deploy and manage Kubernetes clusters. To learn more, please see the [Azure Kubernetes Service (AKS)](https://docs.microsoft.com/azure/aks/) overview page. +### Contents -#### Contents + - [Introduction](#introduction) + - [Azure Kubernetes Service cluster](#azure-kubernetes-service-cluster) + - [Domain home source types](#domain-home-source-types) + - [Domain in PV]({{< relref "/samples/simple/azure-kubernetes-service/domain-on-pv.md" >}}): Running the WebLogic cluster on AKS with domain home on PV + - [Model in Image]({{< relref "/samples/simple/azure-kubernetes-service/model-in-image.md" >}}): Running the WebLogic cluster on AKS with domain model in image + - [Troubleshooting]({{< relref "/samples/simple/azure-kubernetes-service/troubleshooting.md" >}}) - - [Prerequisites](#prerequisites) - - [Create the AKS cluster](#create-the-aks-cluster) - - [Create storage and set up file share](#create-storage-and-set-up-file-share) - - [Install WebLogic Server Kubernetes Operator](#install-weblogic-server-kubernetes-operator) - - [Create WebLogic domain](#create-weblogic-domain) - - [Automation](#automation) - - [Deploy sample application](#deploy-sample-application) - - [Access WebLogic Server logs](#access-weblogic-server-logs) - - [Troubleshooting](#troubleshooting) - - [Useful links](#useful-links) -#### Prerequisites +### Introduction -This sample assumes the following prerequisite environment setup: +This sample demonstrates how to use the [Oracle WebLogic Server Kubernetes Operator]({{< relref "/" >}}) (hereafter "the operator") to set up a WebLogic Server (WLS) cluster on the Azure Kubernetes Service (AKS). After going through the steps, your WLS domain runs on an AKS cluster. You have several options for managing the cluster, depending on which [domain home source type]({{< relref "/userguide/managing-domains/choosing-a-model/" >}}) you choose. With Domain in PV, you can manage your WLS domain by accessing the WebLogic Server Administration Console or WLST. With Model in Image you use the operator to perform WLS administrative operations. -* Operating System: GNU/Linux, macOS or [WSL for Windows 10](https://docs.microsoft.com/windows/wsl/install-win10). -* [Git](https://git-scm.com/downloads), use `git --version` to test if `git` works. This document was tested with version 2.17.1. -* [Azure CLI](https://docs.microsoft.com/cli/azure), use `az --version` to test if `az` works. This document was tested with version 2.9.1. -* [kubectl](https://kubernetes-io-vnext-staging.netlify.com/docs/tasks/tools/install-kubectl/), use `kubectl version` to test if `kubectl` works. This document was tested with version v1.16.3. -* [helm](https://helm.sh/docs/intro/install/), version 3.1 and later, use `helm version` to check the `helm` version. This document was tested with version v3.2.4. +#### Azure Kubernetes Service cluster -##### Create Service Principal for AKS +Azure Kubernetes Service makes it simple to deploy a managed Kubernetes cluster in Azure. AKS reduces the complexity and operational overhead of managing Kubernetes by offloading much of that responsibility to Azure. As a hosted Kubernetes service, Azure handles critical tasks like health monitoring and maintenance for you. The Kubernetes masters are managed by Azure. You only manage and maintain the agent nodes. As a managed Kubernetes service, AKS is free - you only pay for the agent nodes within your clusters, not for the masters. -An AKS cluster requires either an [Azure Active Directory (AD) service principal](https://docs.microsoft.com/azure/active-directory/develop/app-objects-and-service-principals) or a [managed identity](https://docs.microsoft.com/azure/aks/use-managed-identity) to interact with Azure resources. +To learn more, please see the [What is Azure Kubernetes Service?](https://docs.microsoft.com/en-us/azure/aks/intro-kubernetes). -We will use a service principal to create an AKS cluster. Follow the commands below to create a new service principal. +#### Domain home source types -Please run `az login` first. Do set the subscription you want to work with. You can get a list of your subscriptions by running `az account list`. +This sample demonstrates running the WebLogic cluster on AKS using two domain home types. The instructions for each are self contained and independent. This section lists the domain home source types recommended for use with AKS, along with some benefits of each. For complete details on domain home source types, see [Choose a domain home source type]({{< relref "/userguide/managing-domains/choosing-a-model/" >}}). -```bash -# Login -$ az login +- [Model in Image]({{< relref "/samples/simple/azure-kubernetes-service/model-in-image.md" >}}): running the WebLogic cluster on AKS with domain home in image offers the following benefits. -# Set your working subscription -$ export SUBSCRIPTION_ID= -$ az account set -s $SUBSCRIPTION_ID -``` + - Reuse image to create different domains with different `domainUID` and different configurations. + - Mutate the domain home configuration with additional model files supplied in a `ConfigMap`. Many such changes do not need to restart the entire domain for the change to take effect. + - The model file syntax is far simpler and less error prone than the configuration override syntax, and, unlike configuration overrides, allows you to directly add data sources and JMS modules. -Create the new service principal with the following commands: +- [Domain in PV]({{< relref "/samples/simple/azure-kubernetes-service/domain-on-pv.md" >}}): running the WebLogic cluster on AKS with domain home in PV offers the following benefits. -```bash -# Create Service Principal -$ export SP_NAME=myAKSClusterServicePrincipal -$ az ad sp create-for-rbac --skip-assignment --name $SP_NAME + - Use standard Oracle-provided images with patches installed. + - No docker environment required. You are able to run your business quickly without building knowledge of docker. + - Mutate the live domain configuration with Administration Console from a browser or WLST. -# Copy the output to a file, we will use it later. -``` +### References -If you see an error similar to the following: - -```bash -Found an existing application instance of "5pn2s201-nq4q-43n1-z942-p9r9571qr3rp". We will patch it -Insufficient privileges to complete the operation. -``` - -The problem may be a pre-existing service principal with the same name. Either delete the other service principal or pick a different name. - -Successful output will look like the following: - -```json -{ - "appId": "r3qnq743-61s9-4758-8163-4qpo87s72s54", - "displayName": "myAKSClusterServicePrincipal", - "name": "http://myAKSClusterServicePrincipal", - "password": "TfhR~uOJ1C1ftD5NS_LzJJj6UOjS2OwXfz", - "tenant": "82sr215n-0ns5-404e-9161-206r0oqyq999" -} -``` - -Grant your service principal with a contributor role to create AKS resources. - -```bash -# Use the from the output of the last command -$ export SP_APP_ID=r3qnq743-61s9-4758-8163-4qpo87s72s54 -$ az role assignment create --assignee $SP_APP_ID --role Contributor -``` - -Successful output will look like the following: - -```json -{ - "canDelegate": null, - "id": "/subscriptions/p7844r91-o11q-4n7s-np6s-996308sopqo9/providers/Microsoft.Authorization/roleAssignments/4oq396os-rs95-4n6s-n3qo-sqqpnpo91035", - "name": "4oq396os-rs95-4n6s-n3qo-sqqpnpo91035", - "principalId": "952551r8-n129-4on3-oqo9-231n0s6011n3", - "principalType": "ServicePrincipal", - "roleDefinitionId": "/subscriptions/p7844r91-o11q-4n7s-np6s-996308sopqo9/providers/Microsoft.Authorization/roleDefinitions/o24988np-6180-42n0-no88-20s7382qq24p", - "scope": "/subscriptions/p7844r91-o11q-4n7s-np6s-996308sopqo9", -} -``` - -##### Oracle Container Registry - -You will need an Oracle account. The following steps will direct you to accept the license agreement for WebLogic Server. Make note of your Oracle Account password and email. This sample pertains to 12.2.1.3, but other versions may work as well. - -1. Obtain the WebLogic Server image from the [Oracle Container Registry](https://container-registry.oracle.com/). - - a. First time users, [follow these directions](/weblogic-kubernetes-operator/userguide/managing-domains/domain-in-image/base-images/#obtaining-standard-images-from-the-oracle-container-registry). - - b. Find and then pull the WebLogic 12.2.1.3 install image: - - ```bash - $ docker pull container-registry.oracle.com/middleware/weblogic:12.2.1.3 - ``` - -##### Clone WebLogic Server Kubernetes Operator repository - -Clone the [Oracle WebLogic Server Kubernetes Operator repository](https://github.com/oracle/weblogic-kubernetes-operator) to your machine. We will use several scripts in this repository to create a WebLogic domain. This sample was tested with v3.0.3. - -```bash -$ git clone https://github.com/oracle/weblogic-kubernetes-operator.git -#cd weblogic-kubernetes-operator -$ git checkout v3.0.3 -``` - -{{% notice info %}} The following sections of the sample instructions will guide you, step-by-step, through the process of setting up a WebLogic cluster on AKS - remaining as close as possible to a native Kubernetes experience. This lets you understand and customize each step. If you wish to have a more automated experience that abstracts some lower level details, you can skip to the [Automation](#automation) section. -{{% /notice %}} - -#### Create the AKS cluster - -This sample requires that you disable the AKS addon `http_application_routing` by default. If you want to enable `http_application_routing`, please follow [HTTP application routing](https://docs.microsoft.com/azure/aks/http-application-routing). - -Run the following commands to create the AKS cluster instance. - -```bash -# Change these parameters as needed for your own environment -# Specify a prefix to name resources, only allow lowercase letters and numbers, between 1 and 7 characters -$ export NAME_PREFIX=0730 -# Used to generate resource names. -$ export TIMESTAMP=`date +%s` -$ export AKS_CLUSTER_NAME="${NAME_PREFIX}aks${TIMESTAMP}" -$ export AKS_PERS_RESOURCE_GROUP="${NAME_PREFIX}resourcegroup${TIMESTAMP}" -$ export AKS_PERS_LOCATION=eastus -$ export SP_APP_ID= -$ export SP_CLIENT_SECRET= - -$ az group create --name $AKS_PERS_RESOURCE_GROUP --location $AKS_PERS_LOCATION -$ az aks create \ - --resource-group $AKS_PERS_RESOURCE_GROUP \ - --name $AKS_CLUSTER_NAME \ - --node-count 2 \ - --generate-ssh-keys \ - --nodepool-name nodepool1 \ - --node-vm-size Standard_DS2_v2 \ - --location $AKS_PERS_LOCATION \ - --service-principal $SP_APP_ID \ - --client-secret $SP_CLIENT_SECRET -``` - -Successful output will be a JSON object with the entry `"type": "Microsoft.ContainerService/ManagedClusters"`. - -After the deployment finishes, run the following command to connect to the AKS cluster. This command updates your local `~/.kube/config` so that subsequent `kubectl` commands interact with the named AKS cluster. - -```bash -$ az aks get-credentials --resource-group $AKS_PERS_RESOURCE_GROUP --name $AKS_CLUSTER_NAME -``` - -Successful output will look similar to: - -```bash -Merged "0730aks1596087429" as current context in /home/username/.kube/config -``` - -To verify the connection to your cluster, use the `kubectl get` command to return a list of the cluster nodes. - -```bash -$ kubectl get nodes -``` - -Example output: - -```bash -$ kubectl get nodes -NAME STATUS ROLES AGE VERSION -aks-nodepool1-15992006-vmss000000 Ready agent 7m49s v1.15.11 -aks-nodepool1-15992006-vmss000001 Ready agent 7m32s v1.15.11 -aks-nodepool1-15992006-vmss000002 Ready agent 7m52s v1.15.11 -``` - -#### Create storage and set up file share - -Our usage pattern for the operator involves creating Kubernetes "persistent volumes" to allow the WebLogic Server to persist its configuration and data separately from the Kubernetes Pods that run WebLogic Server workloads. - -We will create an external data volume to access and persist data. There are several options for data sharing as described in [Storage options for applications in Azure Kubernetes Service (AKS)](https://docs.microsoft.com/azure/aks/concepts-storage). - -We will use Azure Files as a Kubernetes volume. Consult the [Azure Files Documentation](https://docs.microsoft.com/azure/aks/azure-files-volume) for details about this full featured cloud storage solution. - -First, create a storage account. Note that the storage account name can contain only lowercase letters and numbers, and must be between 3 and 24 characters in length: - -```bash -# Change the value as needed for your own environment -$ export AKS_PERS_STORAGE_ACCOUNT_NAME="${NAME_PREFIX}storage${TIMESTAMP}" - -$ az storage account create \ - -n $AKS_PERS_STORAGE_ACCOUNT_NAME \ - -g $AKS_PERS_RESOURCE_GROUP \ - -l $AKS_PERS_LOCATION \ - --sku Standard_LRS -``` - -Successful output will be a JSON object with the entry `"type": "Microsoft.Storage/storageAccounts"`. - -Now we need to create a file share. To create the file share, you need a storage connection string. Run the `show-connection-string` command to get connection string, then create the share with `az storage share create`, as shown here. - -```bash -# Change value as needed for your own environment -$ export AKS_PERS_SHARE_NAME="${NAME_PREFIX}-weblogic-${TIMESTAMP}" -# Get connection string -$ export AZURE_STORAGE_CONNECTION_STRING=$(az storage account show-connection-string -n $AKS_PERS_STORAGE_ACCOUNT_NAME -g $AKS_PERS_RESOURCE_GROUP -o tsv) -# Create file share -$ az storage share create -n $AKS_PERS_SHARE_NAME --connection-string $AZURE_STORAGE_CONNECTION_STRING -``` - -Successful output will be exactly the following: - -```bash -{ - "created": true -} -``` - -The operator uses Kubernetes Secrets. We need a storage key for the secret. These commands query the storage account to obtain the key, and then stores the storage account key as a Kubernetes secret. - -```bash -$ export STORAGE_KEY=$(az storage account keys list --resource-group $AKS_PERS_RESOURCE_GROUP --account-name $AKS_PERS_STORAGE_ACCOUNT_NAME --query "[0].value" -o tsv) -``` - -Verify the successful output by examining the `STORAGE_KEY` environment variable. It must not be empty. It must be a long ASCII string. - -We will use the `kubernetes/samples/scripts/create-kuberetes-secrets/create-azure-storage-credentials-secret.sh` script to create the storage account key as a Kubernetes secret, naming the secret with value `${NAME_PREFIX}azure-secret`. Please run: - -```bash -# Please change persistentVolumeClaimNameSuffix if you changed pre-defined value "regcred" before generating the configuration files. -$ export SECRET_NAME_AZURE_FILE="${NAME_PREFIX}azure-secret" - -#cd kubernetes/samples/scripts/create-kuberetes-secrets -$ ./create-azure-storage-credentials-secret.sh -s $SECRET_NAME_AZURE_FILE -a $AKS_PERS_STORAGE_ACCOUNT_NAME -k $STORAGE_KEY -``` - -You will see the following output: - -```text -secret/0730azure-secret created -The secret 0730azure-secret has been successfully created in the default namespace. -``` - -##### Generate configuration files - -This sample uses Kubernetes Persistent Volume Claims (PVC) and load balancing to bring WLS to AKS. These features are expressed to Kubernetes using YAML files. The script `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks.sh` generates the required configuration files automatically, given an input file containing the parameters. A parameters file is provided at `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks-inputs.yaml`. Copy and customize this file for your needs. - -For example, given the service principal created above, the following values must be substituted in your copy of the input file. - -| Name in YAML file | Example value | Notes | -|-------------------|---------------|-------| -| `azureLocation` | `eastus` | Must match the value provided for the environment variable `AKS_PERS_LOCATION`. | -| `azureServicePrincipalAppId` | `nr086o75-pn59-4782-no5n-nq2op0rsr1q6` | `appId` | -| `azureServicePrincipalClientSecret` | `8693089o-q190-45ps-9319-or36252s3s90` | `password` | -| `azureServicePrincipalTenantId` | `72s988os-86s1-cafe-babe-2q7pq011qo47` | `tenant` | -| `dockerEmail` | `yourDockerEmail` | Your Oracle Single Sign-On (SSO) account email, used to pull the WebLogic Server image from the Oracle Container Registry. | -| `dockerPassword` | `yourDockerPassword`| Your Oracle Single Sign-On (SSO) account password in clear text. | -| `dockerUserName` | `yourDockerId` | The same value as `dockerEmail`. | -| `namePrefix` | `0730` | Alphanumeric value used as a disambiguation prefix for several Kubernetes resources. Make sure the value matches the value of `${NAME_PREFIX}` to keep names in step-by-step commands the same with those in configuration files. | - -Use the following command to generate configuration files, assuming the output directory is `~/azure`. The script will overwrite any files generated by a previous invocation. - -```bash -#cd kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service -$ cp create-domain-on-aks-inputs.yaml my-create-domain-on-aks-inputs.yaml -$ ./create-domain-on-aks.sh -i my-create-domain-on-aks-inputs.yaml -o ~/azure -u ${TIMESTAMP} -``` - -After running the command, all needed configuration files are generated and output to `~/azure/weblogic-on-aks`: - -```bash -The following files were generated: - /home/username/azure/weblogic-on-aks/pv.yaml - /home/username/azure/weblogic-on-aks/pvc.yaml - /home/username/azure/weblogic-on-aks/admin-lb.yaml - /home/username/azure/weblogic-on-aks/cluster-lb.yaml - /home/username/azure/weblogic-on-aks/domain1.yaml - /home/username/azure/weblogic-on-aks/cluster-admin-role.yaml - -Completed -``` - -{{% notice info %}} Beyond the required and default configurations generated by the command, you can modify the generated YAML files to further customize your deployment. Please consult the [operator documentation]({{< relref "/userguide/_index.md" >}}), [AKS documentation](https://docs.microsoft.com/en-us/azure/aks/) and Kubernetes references for further information about customizing your deployment. -{{% /notice %}} - -##### Apply generated configuration files - -In order to mount the file share as a persistent volume, we have provided a configuration file `pv.yaml`. You can find it in your output directory. The following content is an example that uses the value `0730-weblogic-1597391432` as "shareName", `0730azure-secret` as "secretName", and the persistent volume name is `0730-azurefile-1597391432`. - -We will use the storage class `azurefile`. If you want to create a new class, follow this document [Create a storage class](https://docs.microsoft.com/en-us/azure/aks/azure-files-dynamic-pv#create-a-storage-class). For more information, see the page [Storage options for applications in Azure Kubernetes Service (AKS)](https://docs.microsoft.com/en-us/azure/aks/concepts-storage#storage-classes). - -```yaml -apiVersion: v1 -kind: PersistentVolume -metadata: - name: 0730-azurefile-1597391432 -spec: - capacity: - storage: 5Gi - accessModes: - - ReadWriteMany - storageClassName: azurefile - azureFile: - secretName: 0730azure-secret - shareName: 0730-weblogic-1597391432 - readOnly: false - mountOptions: - - dir_mode=0777 - - file_mode=0777 - - uid=1000 - - gid=1000 - - mfsymlinks - - nobrl -``` - -We have provided another configuration file `pvc.yaml` for the PersistentVolumeClaim. Both `pv.yaml` and `pvc.yaml` have exactly the same content for `storageClassName` attributes. This is required. We set the same value to the `metadata` property in both files. The following content is an example that uses the persistent volume claim name `0730-azurefile-1597391432`. - -```yaml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: 0730-azurefile-1597391432 -spec: - accessModes: - - ReadWriteMany - storageClassName: azurefile - resources: - requests: - storage: 5Gi -``` - -Use the `kubectl` command to create the persistent volume and persistent volume claim. - -```bash -$ kubectl apply -f ~/azure/weblogic-on-aks/pv.yaml -$ kubectl apply -f ~/azure/weblogic-on-aks/pvc.yaml -``` - -You will see the following output after each command, respectively. - -```bash -$ kubectl apply -f ~/azure/weblogic-on-aks/pv.yaml -persistentvolume/0730-azurefile-1597391432 created -$ kubectl apply -f ~/azure/weblogic-on-aks/pvc.yaml -persistentvolumeclaim/0730-azurefile-1597391432 created -``` - -Use the following command to verify: - -```bash -$ kubectl get pv,pvc -``` - -Example output: - -```bash -$ kubectl get pv,pvc -NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE -persistentvolume/0730-azurefile-1597391432 5Gi RWX Retain Bound default/0730-azurefile-1597391432 azurefile 16m - -NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE -persistentvolumeclaim/0730-azurefile-1597391432 Bound 0730-azurefile-1597391432 5Gi RWX azurefile 16m -``` - -> **Note**: Carefully inspect the output and verify it matches the above. `ACCESS MODES`, `CLAIM`, and `STORAGECLASS` are vital. - -#### Install WebLogic Server Kubernetes Operator into the AKS cluster - -The Oracle WebLogic Server Kubernetes Operator is an adapter to integrate WebLogic Server and Kubernetes, allowing Kubernetes to serve as a container infrastructure hosting WLS instances. The operator runs as a Kubernetes Pod and stands ready to perform actions related to running WLS on Kubernetes. - -Kubernetes Operators use [Helm](https://helm.sh/) to manage Kubernetes applications. The operator’s Helm chart is located in the `kubernetes/charts/weblogic-operator` directory. Please install the operator by running the corresponding command. - -```bash -$ helm repo add weblogic-operator https://oracle.github.io/weblogic-kubernetes-operator/charts -$ helm repo update -$ helm install weblogic-operator weblogic-operator/weblogic-operator --version "3.0.3" -``` - -The output will show something similar to the following: - -```bash -$ helm install weblogic-operator weblogic-operator/weblogic-operator --version "3.0.3" -NAME: weblogic-operator -LAST DEPLOYED: Wed Jul 1 23:47:44 2020 -NAMESPACE: default -STATUS: deployed -REVISION: 1 -TEST SUITE: None -``` - -Verify the operator with the following command; the status will be running. - -```bash -$ kubectl get pods -w -``` - -Example output: - -```bash -$ kubectl get pods -w -NAME READY STATUS RESTARTS AGE -weblogic-operator-56654bcdb7-qww7f 1/1 Running 0 25m -``` - -{{% notice tip %}} You will have to press Ctrl-C to exit this command due to the `-w` flag. -{{% /notice %}} - -#### Create WebLogic domain - -Now that we have created the AKS cluster, installed the operator, and verified that the operator is ready to go, we can have the operator create a WLS domain. - -1. We will use the `kubernetes/samples/scripts/create-weblogic-domain-credentials/create-weblogic-credentials.sh` script to create the domain credentials as a Kubernetes secret. - - ```bash - #cd kubernetes/samples/scripts/create-weblogic-domain-credentials - $ ./create-weblogic-credentials.sh -u weblogic -p welcome1 -d domain1 - ``` - - The successful output will look similar to the following: - - ```bash - $ ./create-weblogic-credentials.sh -u weblogic -p welcome1 -d domain1 - secret/domain1-weblogic-credentials created - secret/domain1-weblogic-credentials labeled - The secret domain1-weblogic-credentials has been successfully created in the default namespace. - ``` - -2. We will use the `kubernetes/samples/scripts/create-kuberetes-secrets/create-docker-credentials-secret.sh` script to create the container registry credentials as a Kubernetes secret. Please run: - - ```bash - # Please change imagePullSecretNameSuffix if you change pre-defined value "regcred" before generating the configuration files. - $ export SECRET_NAME_DOCKER="${NAME_PREFIX}regcred" - - #cd kubernetes/samples/scripts/create-kuberetes-secrets - $ ./create-docker-credentials-secret.sh -s ${SECRET_NAME_DOCKER} -e -p -u -d container-registry.oracle.com - ``` - - The following is an example of successful output: - - ```bash - $ ./create-docker-credentials-secret.sh -s ${SECRET_NAME_DOCKER} -e foo@bar.com -p oracleSsoPassword -u foo@bar.com - secret/0730regcred created - The secret 0730regcred has been successfully created in the default namespace. - ``` - - Verify secrets with the following command: - - ```bash - $ kubectl get secret - ``` - - Example output: - - ```bash - $ kubectl get secret - NAME TYPE DATA AGE - 0730azure-secret Opaque 2 17m - 0730regcred kubernetes.io/dockerconfigjson 1 2m25s - default-token-csdvd kubernetes.io/service-account-token 3 25m - domain1-weblogic-credentials Opaque 2 3m42s - sh.helm.release.v1.weblogic-operator.v1 helm.sh/release.v1 1 5m41s - weblogic-operator-secrets Opaque 1 5m41s - ``` - - > **Note**: If the `NAME` column in your output is missing any of the values shown above, please reexamine your execution of the preceding steps in this sample to ensure that you correctly followed all of them. The `default-token-mwdj8` shown above will have a different ending in your output. - -3. We will use the `kubernetes/samples/scripts/create-weblogic-domain/domain-home-on-pv/create-domain.sh` script to create the WLS domain in the persistent volume we created previously. - - We need to set up the domain configuration for the WebLogic domain. This step uses the configuration generated previously. - - Validate all the resources created above using the script `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/validate.sh`. - - Use the following commands to check if the resources are ready: - - ```bash - #cd kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service - $ ./validate.sh -g ${AKS_PERS_RESOURCE_GROUP} \ - --aks-name ${AKS_CLUSTER_NAME} \ - --file-share ${AKS_PERS_SHARE_NAME} \ - --storage-account ${AKS_PERS_STORAGE_ACCOUNT_NAME} \ - --domain-uid domain1 \ - --pv-name ${NAME_PREFIX}-azurefile-${TIMESTAMP} \ - --pvc-name ${NAME_PREFIX}-azurefile-${TIMESTAMP} \ - --secret-docker ${SECRET_NAME_DOCKER} \ - --secret-storage ${SECRET_NAME_AZURE_FILE} - ``` - - You will see output with `PASS` if all the resources are ready. The following is an example of output: - - ```text - PASS - You can create your domain with the following resources ready: - Azure resource group: 0730resourcegroup1597391432 - Azure Kubenetes Service instacne: 0730aks1597391432 - Azure storage account: 0730storage1597391432 - Azure file share: 0730-weblogic-1597391432 - Kubenetes secret for Azure storage: 0730azure-secret - Kubenetes secret for Container Registry Account: 0730regcred - Kubenetes secret for Weblogic domain: domain1-weblogic-credentials - Persistent Volume: 0730-azurefile-1597391432 - Persistent Volume Claim: 0730-azurefile-1597391432 - ``` - - Now let's ask the operator to create a WebLogic Server domain within the AKS cluster. - - ```bash - #cd kubernetes/samples/scripts/create-weblogic-domain/domain-home-on-pv - $ ./create-domain.sh -i ~/azure/weblogic-on-aks/domain1.yaml -o ~/azure -e -v - ``` - - You may observe error-related output during the creation of the domain. This is due to timing issues during domain creation. The script accounts for this with a series of retries. The error output looks similar to the following: - - ```text - Waiting for the job to complete... - Error from server (BadRequest): container "create-weblogic-sample-domain-job" in pod "domain1-create-weblogic-sample-domain-job-4l767" is waiting to start: PodInitializing - status on iteration 1 of 20 - pod domain1-create-weblogic-sample-domain-job-4l767 status is Init:0/1 - status on iteration 2 of 20 - pod domain1-create-weblogic-sample-domain-job-4l767 status is Running - ``` - - If you see error messages that include the status `ImagePullBackOff` along with output similar to the following, it is likely your credentials for the Oracle Container Registry have not been successfully conveyed to the AKS cluster. - - ```bash - Failed to pull image "container-registry.oracle.com/middleware/weblogic:12.2.1.3": rpc error: code = Unknown desc = Error response from daemon: Get https://container-registry-phx.oracle.com/v2/middleware/weblogic/manifests/12.2.1.3: unauthorized: authentication required - ``` - - Ensure the arguments you passed to the script `create-docker-credentials-secret.sh` are correct with respect to your Oracle SSO credentials. - - The following example output shows the WebLogic domain was created successfully. - - ```bash - $ ./create-domain.sh -i ~/azure/weblogic-on-aks/domain1.yaml -o ~/azure -e -v - Input parameters being used - export version="create-weblogic-sample-domain-inputs-v1" - export adminPort="7001" - export adminServerName="admin-server" - export domainUID="domain1" - export domainHome="/shared/domains/domain1" - export serverStartPolicy="IF_NEEDED" - export clusterName="cluster-1" - export configuredManagedServerCount="5" - export initialManagedServerReplicas="2" - export managedServerNameBase="managed-server" - export managedServerPort="8001" - export image="store/oracle/weblogic:12.2.1.3" - export imagePullPolicy="IfNotPresent" - export imagePullSecretName="0730regcred" - export productionModeEnabled="true" - export weblogicCredentialsSecretName="domain1-weblogic-credentials" - export includeServerOutInPodLog="true" - export logHome="/shared/logs/domain1" - export httpAccessLogInLogHome="true" - export t3ChannelPort="30012" - export exposeAdminT3Channel="false" - export adminNodePort="30701" - export exposeAdminNodePort="true" - export namespace="default" - javaOptions=-Dweblogic.StdoutDebugEnabled=false - export persistentVolumeClaimName="0730-azurefile-1597391432" - export domainPVMountPath="/shared" - export createDomainScriptsMountPath="/u01/weblogic" - export createDomainScriptName="create-domain-job.sh" - export createDomainFilesDir="wlst" - export serverPodMemoryRequest="768Mi" - export serverPodCpuRequest="250m" - export istioEnabled="false" - export istioReadinessPort="8888" - - Generating /home/username/azure/weblogic-domains/domain1/create-domain-job.yaml - Generating /home/username/azure/weblogic-domains/domain1/delete-domain-job.yaml - Generating /home/username/azure/weblogic-domains/domain1/domain.yaml - Checking to see if the secret domain1-weblogic-credentials exists in namespace default - Checking if the persistent volume claim 0730-azurefile-1597391432 in NameSpace default exists - The persistent volume claim 0730-azurefile-1597391432 already exists in NameSpace default - W0730 07:15:52.866794 53745 helpers.go:535] --dry-run is deprecated and can be replaced with --dry-run=client. - configmap/domain1-create-weblogic-sample-domain-job-cm created - Checking the configmap domain1-create-weblogic-sample-domain-job-cm was created - configmap/domain1-create-weblogic-sample-domain-job-cm labeled - Checking if object type job with name domain1-create-weblogic-sample-domain-job exists - No resources found in default namespace. - Creating the domain by creating the job /home/weblogic/azure/weblogic-domains/domain1/create-domain-job.yaml - job.batch/domain1-create-weblogic-sample-domain-job created - Waiting for the job to complete... - Error from server (BadRequest): container "create-weblogic-sample-domain-job" in pod "domain1-create-weblogic-sample-domain-job-4l767" is waiting to start: PodInitializing - status on iteration 1 of 20 - pod domain1-create-weblogic-sample-domain-job-4l767 status is Init:0/1 - status on iteration 2 of 20 - pod domain1-create-weblogic-sample-domain-job-4l767 status is Running - status on iteration 3 of 20 - pod domain1-create-weblogic-sample-domain-job-4l767 status is Completed - domain.weblogic.oracle/domain1 created - - Domain domain1 was created and will be started by the WebLogic Kubernetes Operator - - Administration console access is available at http://wlswls1596-0730resourcegrou-685ba0-7434b4f5.hcp.eastus.azmk8s.io:30701/console - The following files were generated: - /home/username/azure/weblogic-domains/domain1/create-domain-inputs.yaml - /home/username/azure/weblogic-domains/domain1/create-domain-job.yaml - /home/username/azure/weblogic-domains/domain1/domain.yaml - - Completed - ``` - - > **Note**: If your output does not show a successful completion, you must - troubleshoot the reason and resolve it before proceeding to the next - step. - -4. You must create `LoadBalancer` services for the Administration Server and the WLS cluster. This enables WLS to service requests from outside the AKS cluster. - - Use the configuration file in `~/azure/weblogic-on-aks/admin-lb.yaml` to create a load balancer service for the Administration Server. The following content is an example of `admin-lb.yaml`, with default domain UID `domain1`, server name `admin-server`, and default port `7001`. - - ```yaml - apiVersion: v1 - kind: Service - metadata: - name: domain1-admin-server-external-lb - namespace: default - spec: - ports: - - name: default - port: 7001 - protocol: TCP - targetPort: 7001 - selector: - weblogic.domainUID: domain1 - weblogic.serverName: admin-server - sessionAffinity: None - type: LoadBalancer - ``` - - Create the load balancer service using the following command: - - ```bash - $ kubectl apply -f ~/azure/weblogic-on-aks/admin-lb.yaml - ``` - - You will see the following output: - - ```bash - $ kubectl apply -f ~/azure/weblogic-on-aks/admin-lb.yaml - service/domain1-admin-server-external-lb created - ``` - - Use the configuration file in `~/azure/weblogic-on-aks/cluster-lb.yaml` to create a load balancer service for the managed servers. The following content is an example of `cluster-lb.yaml`, with default domain UID `domain1`, cluster name `cluster-1`, and default managed server port `8001`. - - ```yaml - apiVersion: v1 - kind: Service - metadata: - name: domain1-cluster-1-lb - namespace: default - spec: - ports: - - name: default - port: 8001 - protocol: TCP - targetPort: 8001 - selector: - weblogic.domainUID: domain1 - weblogic.clusterName: cluster-1 - sessionAffinity: None - type: LoadBalancer - ``` - - Create the load balancer service using the following command: - - ```bash - $ kubectl apply -f ~/azure/weblogic-on-aks/cluster-lb.yaml - ``` - - You will see the following output: - - ```bash - $ kubectl apply -f ~/azure/weblogic-on-aks/cluster-lb.yaml - service/domain1-cluster-1-external-lb created - ``` - - After a short time, you will see the Administration Server and Managed Servers running. - - Use the following command to check server pod status: - - ```bash - $ kubectl get pods --watch - ``` - - It may take you up to 20 minutes to deploy all pods, please wait and make sure everything is ready. - - You can tail the logs of the Administration Server with this command: - - ```bash - kubectl logs -f domain1-admin-server - ``` - - The final example of pod output is as following: - - ```bash - $ kubectl get pods --watch - NAME READY STATUS RESTARTS AGE - domain1-admin-server 1/1 Running 0 11m - domain1-create-weblogic-sample-domain-job-4l767 0/1 Completed 0 13m - domain1-managed-server1 1/1 Running 0 3m56s - domain1-managed-server2 1/1 Running 0 3m56s - weblogic-operator-56654bcdb7-qww7f 1/1 Running 0 25m - ``` - -{{% notice tip %}} If Kubernetes advertises the WebLogic pod as `Running` you can be assured the WebLogic Server actually is running because the operator ensures the Kubernetes health checks are actually polling the WebLogic health check mechanism. -{{% /notice %}} - - Get the addresses of the Administration Server and Managed Servers (please wait for the external IP addresses to be assigned): - - ```bash - $ kubectl get svc --watch - ``` - - The final example of service output is as following: - - ```bash - $ kubectl get svc --watch - NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE - domain1-admin-server ClusterIP None 30012/TCP,7001/TCP 2d20h - domain1-admin-server-ext NodePort 10.0.182.50 7001:30701/TCP 2d20h - domain1-admin-server-external-lb LoadBalancer 10.0.67.79 52.188.176.103 7001:32227/TCP 2d20h - domain1-cluster-1-lb LoadBalancer 10.0.112.43 104.45.176.215 8001:30874/TCP 2d17h - domain1-cluster-cluster-1 ClusterIP 10.0.162.19 8001/TCP 2d20h - domain1-managed-server1 ClusterIP None 8001/TCP 2d20h - domain1-managed-server2 ClusterIP None 8001/TCP 2d20h - internal-weblogic-operator-svc ClusterIP 10.0.192.13 8082/TCP 2d22h - kubernetes ClusterIP 10.0.0.1 443/TCP 2d22h - ``` - - In the example, the URL to access the Administration Server is: `http://52.188.176.103:7001/console`. The default user name for the Administration Console is `weblogic` and the default password is `welcome1`. Please change this for production deployments. - - If the WLS Administration Console is still not available, use `kubectl describe domain` to check domain status. - - ```bash - $ kubectl describe domain domain1 - ``` - - Make sure the status of cluster-1 is `ServersReady` and `Available`. - - ```yaml - Status: - Clusters: - Cluster Name: cluster-1 - Maximum Replicas: 5 - Minimum Replicas: 1 - Ready Replicas: 2 - Replicas: 2 - Replicas Goal: 2 - Conditions: - Last Transition Time: 2020-07-06T05:39:32.539Z - Reason: ServersReady - Status: True - Type: Available - Replicas: 2 - Servers: - Desired State: RUNNING - Node Name: aks-nodepool1-11471722-vmss000001 - Server Name: admin-server - State: RUNNING - Cluster Name: cluster-1 - Desired State: RUNNING - Node Name: aks-nodepool1-11471722-vmss000001 - Server Name: managed-server1 - State: RUNNING - Cluster Name: cluster-1 - Desired State: RUNNING - Node Name: aks-nodepool1-11471722-vmss000001 - Server Name: managed-server2 - State: RUNNING - Cluster Name: cluster-1 - Desired State: SHUTDOWN - Server Name: managed-server3 - Cluster Name: cluster-1 - Desired State: SHUTDOWN - Server Name: managed-server4 - Cluster Name: cluster-1 - Desired State: SHUTDOWN - Server Name: managed-server5 - ``` - -#### Automation - -If you want to automate the above steps from [Create the AKS cluster](#create-the-aks-cluster) onward, you can use the `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks.sh` script with the `-e` option. This option applies the YAML files generated by the script. - -For input values, you can edit `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks-inputs.yaml` directly, or copy the file and edit your copy. The following values must be specified: - -| Name in YAML file | Example value | Notes | -|-------------------|---------------|-------| -| `azureServicePrincipalAppId` | `nr086o75-pn59-4782-no5n-nq2op0rsr1q6` | Application ID of your service principal, refer to the application ID in the [Create Service Principal](#create-service-principal-for-aks) section. | -| `azureServicePrincipalClientSecret` | `8693089o-q190-45ps-9319-or36252s3s90` | A client secret of your service principal, refer to the client secret in the [Create Service Principal](#create-service-principal-for-aks) section. | -| `azureServicePrincipalTenantId` | `72s988os-86s1-cafe-babe-2q7pq011qo47` | Tenant (Directory ) ID of your service principal, refer to the client secret in the [Create Service Principal](#create-service-principal-for-aks) section. | -| `dockerEmail` | `yourDockerEmail` | Oracle Single Sign-On (SSO) account email, used to pull the WebLogic Server image. | -| `dockerPassword` | `yourDockerPassword`| Password for Oracle SSO account, used to pull the WebLogic Server image. In clear text. | -| `dockerUserName` | `yourDockerId` | The same value as `dockerEmail`. | -| `namePrefix` | `0730` | Alphanumeric value used as a disambiguation prefix for several Kubernetes resources. | - -If you don't want to change the other parameters, you can use the default values. Please make sure no extra whitespaces are added! - -```bash -# Use ~/azure as output directory, please change it according to your requirement. - -# cd kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service -$ cp create-domain-on-aks-inputs.yaml my-create-domain-on-aks-inputs.yaml -$ ./create-domain-on-aks.sh -i my-create-domain-on-aks-inputs.yaml -o ~/azure -e -``` - -The script will print the Administration Server address after a successful deployment. The default user name for the Administration Console is `weblogic` and the default password is `welcome1`. Please change this for production deployments. To interact with the cluster using `kubectl`, use `az aks get-credentials` as shown in the script output. - -{{% notice info %}} You now have created an AKS cluster with `PersistentVolumeClaim` and `PersistentVolume` to contain the WLS domain configuration files. Using those artifacts, you have used the operator to create a WLS domain. -{{% /notice %}} - -#### Deploy sample application - -Now that you have WLS running in AKS, you can test the cluster by deploying the simple sample application included in the repository: - -1. Go to the WebLogic Server Administration Console, Select "Lock & Edit". -2. Select Deployments. -3. Select Install. -4. Select Upload your file(s). -5. For the Deployment Archive, Select "Choose File". -6. Select the file `kubernetes/samples/charts/application/testwebapp.war`. -7. Select Next. Choose 'Install this deployment as an application'. -8. Select Next. Select cluster-1 and All servers in the cluster. -9. Accept the defaults in the next screens and Select Finish. -10. Select Activate Changes. - -![Deploy Application](screenshot-deploy-test-app.png) - -Next you will need to start the application: - -1. Go to Deployments. -1. Select Control. -1. Select `testwebapp`. -1. Select Start. -1. Select Servicing all requests. -1. Select Yes. - -After the successful deployment, go to the application through the domain1-cluster-1-lb external IP. - -```bash -$ kubectl get svc domain1-cluster-1-external-lb -NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -domain1-cluster-1-external-lb LoadBalancer 10.0.108.249 52.224.248.40 8001:32695/TCP 30m -``` - -In the example, the application address is: `http://52.224.248.40:8001/testwebapp`. - -The test application will list the server host and server IP on the page. - -#### Access WebLogic Server logs - -The logs are stored in the Azure file share. Follow these steps to access the logs: - -1. Go to the [Azure Portal](https://ms.portal.azure.com). -1. Go to your resource group. -1. Open the storage account. -1. In the "File service" section of the left panel, select File shares. -1. Select the file share name (for example, `weblogic` in this example). -1. Select logs. -1. Select domain1. - - WebLogic Server logs are listed in the folder. - - ![WebLogic Server Logs](screenshot-logs.png) - -#### Troubleshooting - -1. **Get pod error details** - - You may get the following message while creating the WebLogic domain: "the job status is not Completed!" - - ```text - status on iteration 20 of 20 - pod domain1-create-weblogic-sample-domain-job-nj7wl status is Init:0/1 - The create domain job is not showing status completed after waiting 300 seconds. - Check the log output for errors. - Error from server (BadRequest): container "create-weblogic-sample-domain-job" in pod "domain1-create-weblogic-sample-domain-job-nj7wl" is waiting to start: PodInitializing - [ERROR] Exiting due to failure - the job status is not Completed! - ``` - - You can get further error details by running `kubectl describe pod`, as shown here: - - ```bash - $ kubectl describe pod - ``` - - This is an output example: - - ```bash - $ kubectl describe pod domain1-create-weblogic-sample-domain-job-nj7wl - Events: - Type Reason Age From Message - ---- ------ ---- ---- ------- - Normal Scheduled 4m2s default-scheduler Successfully assigned default/domain1-create-weblogic-sample-domain-job-qqv6k to aks-nodepool1-58449474-vmss000001 - Warning FailedMount 119s kubelet, aks-nodepool1-58449474-vmss000001 Unable to mount volumes for pod "domain1-create-weblogic-sample-domain-job-qqv6k_default(15706980-73cb-11ea-b804-b2c91b494b00)": timeout expired waiting for volumes to attach or mount for pod "default"/"domain1-create-weblogic-sample-domain-job-qqv6k". list of unmounted volumes=[weblogic-sample-domain-storage-volume]. list of unattached volumes=[create-weblogic-sample-domain-job-cm-volume weblogic-sample-domain-storage-volume weblogic-credentials-volume default-token-zr7bq] - Warning FailedMount 114s (x9 over 4m2s) kubelet, aks-nodepool1-58449474-vmss000001 MountVolume.SetUp failed for volume "0730-azurefile-1597391432" : Couldn't get secret default/azure-secrea - ``` - -2. **Fail to access Administration Console** - - Here are some common reasons for this failure, along with some tips to help you investigate. - - * **Create WebLogic domain job fails** - - Check the deploy log and find the failure details with `kubectl describe pod podname`. - Please go to 1. Getting pod error details. - - * **Process of starting the servers is still running** - - Check with `kubectl get svc` and if domain1-admin-server, domain1-managed-server1 and domain1-managed-server2 are not listed, - we need to wait some more for the Administration Server to start. - - The following output is an example of when the Administration Server has started. - - ```bash - $ kubectl get svc - NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE - domain1-admin-server ClusterIP None 30012/TCP,7001/TCP 7m3s - domain1-admin-server-ext NodePort 10.0.78.211 7001:30701/TCP 7m3s - domain1-admin-server-external-lb LoadBalancer 10.0.6.144 40.71.233.81 7001:32758/TCP 7m32s - domain1-cluster-1-lb LoadBalancer 10.0.29.231 52.142.39.152 8001:31022/TCP 7m30s - domain1-cluster-cluster-1 ClusterIP 10.0.80.134 8001/TCP 1s - domain1-managed-server1 ClusterIP None 8001/TCP 1s - domain1-managed-server2 ClusterIP None 8001/TCP 1s - internal-weblogic-operator-svc ClusterIP 10.0.1.23 8082/TCP 9m59s - kubernetes ClusterIP 10.0.0.1 443/TCP 16m - ``` - - If services are up but the WLS Administration Console is still not available, use `kubectl describe domain` to check domain status. - - ```bash - $ kubectl describe domain domain1 - ``` - - Make sure the status of cluster-1 is `ServersReady` and `Available`. The status of admin-server, managed-server1 and managed-server2 should be `RUNNING`. Otherwise, the cluster is likely still in the process of becoming fully ready. - - ```yaml - Status: - Clusters: - Cluster Name: cluster-1 - Maximum Replicas: 5 - Minimum Replicas: 1 - Ready Replicas: 2 - Replicas: 2 - Replicas Goal: 2 - Conditions: - Last Transition Time: 2020-07-06T05:39:32.539Z - Reason: ServersReady - Status: True - Type: Available - Replicas: 2 - Servers: - Desired State: RUNNING - Node Name: aks-nodepool1-11471722-vmss000001 - Server Name: admin-server - State: RUNNING - Cluster Name: cluster-1 - Desired State: RUNNING - Node Name: aks-nodepool1-11471722-vmss000001 - Server Name: managed-server1 - State: RUNNING - Cluster Name: cluster-1 - Desired State: RUNNING - Node Name: aks-nodepool1-11471722-vmss000001 - Server Name: managed-server2 - State: RUNNING - Cluster Name: cluster-1 - Desired State: SHUTDOWN - Server Name: managed-server3 - Cluster Name: cluster-1 - Desired State: SHUTDOWN - Server Name: managed-server4 - Cluster Name: cluster-1 - Desired State: SHUTDOWN - Server Name: managed-server5 - ``` - -3. **Domain debugging** - - Some suggestions for debugging problems with Model in Image after your Domain YAML file is deployed are found in the section on [debugging](/weblogic-kubernetes-operator/userguide/managing-domains/model-in-image/debugging/). - -#### Clean up resources - -The output from the `create-domain-on-aks.sh` script includes a statement about the Azure resources created by the script. To delete the cluster and free all the related resources, simply delete the resource groups. The output will list the resource groups, such as: - -```bash -The following Azure Resouces have been created: - Resource groups: ejb8191resourcegroup1597641911, MC_ejb8191resourcegroup1597641911_ejb8191akscluster1597641911_eastus -``` - -Given the above output, the following Azure CLI commands will delete the resource groups. - -```bash -az group delete --yes --no-wait --name ejb8191resourcegroup1597641911 -az group delete --yes --no-wait --name MC_ejb8191resourcegroup1597641911_ejb8191akscluster1597641911_eastus -``` - -#### Useful links - -* [Quickstart: Deploy an Azure Kubernetes Service cluster using the Azure CLI](https://docs.microsoft.com/azure/aks/kubernetes-walkthrough) -* [WebLogic Server Kubernetes Operator](https://oracle.github.io/weblogic-kubernetes-operator/userguide/introduction/introduction/) -* [Manually create and use a volume with Azure Files share in Azure Kubernetes Service (AKS)](https://docs.microsoft.com/azure/aks/azure-files-volume) -* [Create a Secret by providing credentials on the command line](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line) +For references to the relevant user documentation, see: + - [Choose a domain home source type]({{< relref "/userguide/managing-domains/choosing-a-model/_index.md" >}}) user documentation + - [Model in Image]({{< relref "/userguide/managing-domains/model-in-image/_index.md" >}}) user documentation diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md b/docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md new file mode 100644 index 00000000000..40a374ece54 --- /dev/null +++ b/docs-source/content/samples/simple/azure-kubernetes-service/domain-on-pv.md @@ -0,0 +1,549 @@ +--- +title: "Domain home on a PV" +date: 2020-07-12T18:22:31-05:00 +weight: 2 +description: "Sample for creating a WebLogic domain home on an existing PV or PVC on the Azure Kubernetes Service." +--- + +This sample demonstrates how to use the [Oracle WebLogic Server Kubernetes Operator](/weblogic-kubernetes-operator/) (hereafter "the operator") to set up a WebLogic Server (WLS) cluster on the Azure Kubernetes Service (AKS) using the model in persistence volume approach. After going through the steps, your WLS domain runs on an AKS cluster instance and you can manage your WLS domain by accessing the WebLogic Server Administration Console. + +#### Contents + + - [Prerequisites](#prerequisites) + - [Create an AKS cluster](#create-the-aks-cluster) + - [Install WebLogic Server Kubernetes Operator](#install-weblogic-server-kubernetes-operator-into-the-aks-cluster) + - [Create WebLogic domain](#create-weblogic-domain) + - [Automation](#automation) + - [Deploy sample application](#deploy-sample-application) + - [Access WebLogic Server logs](#access-weblogic-server-logs) + - [Clean up resources](#clean-up-resources) + - [Troubleshooting](#troubleshooting) + - [Useful links](#useful-links) + +{{< readfile file="/samples/simple/azure-kubernetes-service/includes/prerequisites-01.txt" >}} + +{{< readfile file="/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-01.txt" >}} + +##### Clone WebLogic Server Kubernetes Operator repository + +Clone the [Oracle WebLogic Server Kubernetes Operator repository](https://github.com/oracle/weblogic-kubernetes-operator) to your machine. We will use several scripts in this repository to create a WebLogic domain. This sample was tested with v3.1.1. + +```bash +$ git clone https://github.com/oracle/weblogic-kubernetes-operator.git +#cd weblogic-kubernetes-operator +#TODO: we have to fix the branch after the source code are merged +#git checkout v3.1.1 +``` + +{{% notice info %}} The following sections of the sample instructions will guide you, step-by-step, through the process of setting up a WebLogic cluster on AKS - remaining as close as possible to a native Kubernetes experience. This lets you understand and customize each step. If you wish to have a more automated experience that abstracts some lower level details, you can skip to the [Automation](#automation) section. +{{% /notice %}} + +{{< readfile file="/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-02.txt" >}} + +> **Note**: If you run into VM size failure, see [Troubleshooting - Virtual Machine size is not supported]({{< relref "/samples/simple/azure-kubernetes-service/troubleshooting#virtual-machine-size-is-not-supported" >}}). + +{{< readfile file="/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.txt" >}} + + +#### Install WebLogic Server Kubernetes Operator into the AKS cluster + +The Oracle WebLogic Server Kubernetes Operator is an adapter to integrate WebLogic Server and Kubernetes, allowing Kubernetes to serve as a container infrastructure hosting WLS instances. The operator runs as a Kubernetes Pod and stands ready to perform actions related to running WLS on Kubernetes. + +Kubernetes Operators use [Helm](https://helm.sh/) to manage Kubernetes applications. The operator’s Helm chart is located in the `kubernetes/charts/weblogic-operator` directory. Please install the operator by running the corresponding command. + +```bash +$ helm repo add weblogic-operator https://oracle.github.io/weblogic-kubernetes-operator/charts +$ helm repo update +$ helm install weblogic-operator weblogic-operator/weblogic-operator --version "3.1.1" +``` + +The output will show something similar to the following: + +```bash +$ helm install weblogic-operator weblogic-operator/weblogic-operator --version "3.1.1" +NAME: weblogic-operator +LAST DEPLOYED: Wed Jul 1 23:47:44 2020 +NAMESPACE: default +STATUS: deployed +REVISION: 1 +TEST SUITE: None +``` + +Verify the operator with the following command; the `STATUS` must be `Running`. The `READY` must be `1/1`. + +```bash +$ kubectl get pods -w +NAME READY STATUS RESTARTS AGE +weblogic-operator-56654bcdb7-qww7f 1/1 Running 0 25m +``` + +{{% notice tip %}} You will have to press Ctrl-C to exit this command due to the `-w` flag. +{{% /notice %}} + +#### Create WebLogic domain + + - [Create secrets](#create-secrets) + - [Create WebLogic Domain](#create-weblogic-domain-1) + +Now that we have created the AKS cluster, installed the operator, and verified that the operator is ready to go, we can have the operator create a WLS domain. + +##### Create secrets + +We will use the `kubernetes/samples/scripts/create-weblogic-domain-credentials/create-weblogic-credentials.sh` script to create the domain credentials as a Kubernetes secret. Please run: + +```bash +#cd kubernetes/samples/scripts/create-weblogic-domain-credentials +$ ./create-weblogic-credentials.sh -u weblogic -p welcome1 -d domain1 +secret/domain1-weblogic-credentials created +secret/domain1-weblogic-credentials labeled +The secret domain1-weblogic-credentials has been successfully created in the default namespace. +``` + +We will use the `kubernetes/samples/scripts/create-kuberetes-secrets/create-docker-credentials-secret.sh` script to create the Docker credentials as a Kubernetes secret. Please run: + +```bash +# Please change imagePullSecretNameSuffix if you change pre-defined value "regcred" before generating the configuration files. +$ export SECRET_NAME_DOCKER="${NAME_PREFIX}regcred" + +#cd kubernetes/samples/scripts/create-kuberetes-secrets +$ ./create-docker-credentials-secret.sh -s ${SECRET_NAME_DOCKER} -e oracleSsoEmail@bar.com -p oracleSsoPassword -u oracleSsoEmail@bar.com +secret/regcred created +The secret regcred has been successfully created in the default namespace. +``` + +Verify secrets with the following command: + +```bash +$ kubectl get secret +NAME TYPE DATA AGE +wlsazure-secret Opaque 2 17m +regcred kubernetes.io/dockerconfigjson 1 2m25s +default-token-csdvd kubernetes.io/service-account-token 3 25m +domain1-weblogic-credentials Opaque 2 3m42s +sh.helm.release.v1.weblogic-operator.v1 helm.sh/release.v1 1 5m41s +weblogic-operator-secrets Opaque 1 5m41s +``` + +> **Note**: If the `NAME` column in your output is missing any of the values shown above, please reexamine your execution of the preceding steps in this sample to ensure that you correctly followed all of them. The `default-token-mwdj8` shown above will have a different ending in your output. + +##### Create WebLogic Domain +We will use the `kubernetes/samples/scripts/create-weblogic-domain/domain-home-on-pv/create-domain.sh` script to create the WLS domain in the persistent volume we created previously. + +We need to set up the domain configuration for the WebLogic domain. + +1. Check if resources are ready + + If you used the automation script to create the AKS cluster, skip this step and go to step 2. + + If you create Azure resources step by step according to the steps above, validate all the resources created above using the script `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/validate.sh`. + + Use the following commands to check if the resources are ready: + + ```bash + #cd kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service + $ ./validate.sh -g ${AKS_PERS_RESOURCE_GROUP} \ + --aks-name ${AKS_CLUSTER_NAME} \ + --file-share ${AKS_PERS_SHARE_NAME} \ + --storage-account ${AKS_PERS_STORAGE_ACCOUNT_NAME} \ + --domain-uid domain1 \ + --pv-name ${NAME_PREFIX}-azurefile-${TIMESTAMP} \ + --pvc-name ${NAME_PREFIX}-azurefile-${TIMESTAMP} \ + --secret-docker ${SECRET_NAME_DOCKER} \ + --secret-storage ${SECRET_NAME_AZURE_FILE} + ``` + + You will see output with `PASS` if all the resources are ready. The following is an example of output: + + ```text + PASS + You can create your domain with the following resources ready: + Azure resource group: wlsresourcegroup1612795811 + Azure Kubenetes Service instacne: wlsaks1612795811 + Azure storage account: wlsstorage1612795811 + Azure file share: wls-weblogic-1612795811 + Kubenetes secret for Azure storage: wlsazure-secret + Kubenetes secret for Docker Account: regcred + Kubenetes secret for Weblogic domain: domain1-weblogic-credentials + Persistent Volume: wls-azurefile-1612795811 + Persistent Volume Claim: wls-azurefile-1612795811 + ``` + +2. Now let's ask the operator to create a WebLogic Server domain within the AKS cluster. + + For complete details on domain creation, see [Domain home on a PV - Use the script to create a domain]({{< relref "/samples/simple/domains/domain-home-on-pv#use-the-script-to-create-a-domain" >}}). If you do not want the complete details and just want to continue with the domain creation for AKS, invoke the `create-domain.sh` script as shown next. + + ```bash + #cd kubernetes/samples/scripts/create-weblogic-domain/domain-home-on-pv + $ ./create-domain.sh -i ~/azure/weblogic-on-aks/domain1.yaml -o ~/azure -e -v + ``` + + You may observe error-related output during the creation of the domain. This is due to timing issues during domain creation. The script accounts for this with a series of retries. The error output looks similar to the following: + + ```text + Waiting for the job to complete... + Error from server (BadRequest): container "create-weblogic-sample-domain-job" in pod "domain1-create-weblogic-sample-domain-job-4l767" is waiting to start: PodInitializing + status on iteration 1 of 20 + pod domain1-create-weblogic-sample-domain-job-4l767 status is Init:0/1 + status on iteration 2 of 20 + pod domain1-create-weblogic-sample-domain-job-4l767 status is Running + ``` + + If you see error messages that include the status `ImagePullBackOff` along with output similar to the following, it is likely your credentials for the Oracle Container Registry have not been successfully conveyed to the AKS cluster. + + ```bash + Failed to pull image "container-registry.oracle.com/middleware/weblogic:12.2.1.4": rpc error: code = Unknown desc = Error response from daemon: Get https://container-registry-phx.oracle.com/v2/middleware/weblogic/manifests/12.2.1.4: unauthorized: authentication required + ``` + + Ensure the arguments you passed to the script `create-docker-credentials-secret.sh` are correct with respect to your Oracle SSO credentials. + + The following example output shows the WebLogic domain was created successfully. + + {{%expand "Click here to view the example output." %}} + ```bash + $ ./create-domain.sh -i ~/azure/weblogic-on-aks/my-create-domain-inputs.yaml -o ~/azure -e -v + Input parameters being used + export version="create-weblogic-sample-domain-inputs-v1" + export adminPort="7001" + export adminServerName="admin-server" + export domainUID="domain1" + export domainHome="/shared/domains/domain1" + export serverStartPolicy="IF_NEEDED" + export clusterName="cluster-1" + export configuredManagedServerCount="5" + export initialManagedServerReplicas="2" + export managedServerNameBase="managed-server" + export managedServerPort="8001" + export image="store/oracle/weblogic:12.2.1.4" + export imagePullPolicy="IfNotPresent" + export imagePullSecretName="regcred" + export productionModeEnabled="true" + export weblogicCredentialsSecretName="domain1-weblogic-credentials" + export includeServerOutInPodLog="true" + export logHome="/shared/logs/domain1" + export httpAccessLogInLogHome="true" + export t3ChannelPort="30012" + export exposeAdminT3Channel="false" + export adminNodePort="30701" + export exposeAdminNodePort="true" + export namespace="default" + javaOptions=-Dweblogic.StdoutDebugEnabled=false + export persistentVolumeClaimName="wls-azurefile" + export domainPVMountPath="/shared" + export createDomainScriptsMountPath="/u01/weblogic" + export createDomainScriptName="create-domain-job.sh" + export createDomainFilesDir="wlst" + export serverPodMemoryRequest="768Mi" + export serverPodCpuRequest="250m" + export istioEnabled="false" + export istioReadinessPort="8888" + + Generating /home/username/azure/weblogic-domains/domain1/create-domain-job.yaml + Generating /home/username/azure/weblogic-domains/domain1/delete-domain-job.yaml + Generating /home/username/azure/weblogic-domains/domain1/domain.yaml + Checking to see if the secret domain1-weblogic-credentials exists in namespace default + Checking if the persistent volume claim wls-azurefile in NameSpace default exists + The persistent volume claim wls-azurefile already exists in NameSpace default + Wwls 07:15:52.866794 53745 helpers.go:535] --dry-run is deprecated and can be replaced with --dry-run=client. + configmap/domain1-create-weblogic-sample-domain-job-cm created + Checking the configmap domain1-create-weblogic-sample-domain-job-cm was created + configmap/domain1-create-weblogic-sample-domain-job-cm labeled + Checking if object type job with name domain1-create-weblogic-sample-domain-job exists + No resources found in default namespace. + Creating the domain by creating the job /home/weblogic/azure/weblogic-domains/domain1/create-domain-job.yaml + job.batch/domain1-create-weblogic-sample-domain-job created + Waiting for the job to complete... + Error from server (BadRequest): container "create-weblogic-sample-domain-job" in pod "domain1-create-weblogic-sample-domain-job-4l767" is waiting to start: PodInitializing + status on iteration 1 of 20 + pod domain1-create-weblogic-sample-domain-job-4l767 status is Init:0/1 + status on iteration 2 of 20 + pod domain1-create-weblogic-sample-domain-job-4l767 status is Running + status on iteration 3 of 20 + pod domain1-create-weblogic-sample-domain-job-4l767 status is Completed + domain.weblogic.oracle/domain1 created + + Domain domain1 was created and will be started by the WebLogic Kubernetes Operator + + Administration console access is available at http://wlswls1596-wlsresourcegrou-685ba0-7434b4f5.hcp.eastus.azmk8s.io:30701/console + The following files were generated: + /home/username/azure/weblogic-domains/domain1/create-domain-inputs.yaml + /home/username/azure/weblogic-domains/domain1/create-domain-job.yaml + /home/username/azure/weblogic-domains/domain1/domain.yaml + + Completed + ``` + {{% /expand %}} + + > **Note**: If your output does not show a successful completion, you must + troubleshoot the reason and resolve it before proceeding to the next + step. + +4. You must create `LoadBalancer` services for the Administration Server and the WLS cluster. This enables WLS to service requests from outside the AKS cluster. + + Use the sample configuration file `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/domain-on-pv/admin-lb.yaml` to create a load balancer service for the Administration Server. If you are choosing not to use the predefined YAML file and instead created new one with customized values, then substitute the following content with your domain values. + + ```yaml + apiVersion: v1 + kind: Service + metadata: + name: domain1-admin-server-external-lb + namespace: default + spec: + ports: + - name: default + port: 7001 + protocol: TCP + targetPort: 7001 + selector: + weblogic.domainUID: domain1 + weblogic.serverName: admin-server + sessionAffinity: None + type: LoadBalancer + ``` + + Use the sample configuration file `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/domain-on-pv/cluster-lb.yaml` to create a load balancer service for the managed servers. If you are choosing not to use the predefined YAML file and instead created new one with customized values, then substitute the following content with you domain values. + + ```yaml + apiVersion: v1 + kind: Service + metadata: + name: domain1-cluster-1-lb + namespace: default + spec: + ports: + - name: default + port: 8001 + protocol: TCP + targetPort: 8001 + selector: + weblogic.domainUID: domain1 + weblogic.clusterName: cluster-1 + sessionAffinity: None + type: LoadBalancer + ``` + + Create the load balancer services using the following commands: + + ```bash + $ kubectl apply -f ~/azure/weblogic-on-aks/admin-lb.yaml + service/domain1-admin-server-external-lb created + + $ kubectl apply -f ~/azure/weblogic-on-aks/cluster-lb.yaml + service/domain1-cluster-1-external-lb created + ``` + + After a short time, you will see the Administration Server and Managed Servers running. + + Use the following command to check server pod status: + + ```bash + $ kubectl get pods --watch + ``` + + It may take you up to 20 minutes to deploy all pods, please wait and make sure everything is ready. + + You can tail the logs of the Administration Server with this command: + + ```bash + kubectl logs -f domain1-admin-server + ``` + + The final example of pod output is as following: + + ```bash + $ kubectl get pods --watch + NAME READY STATUS RESTARTS AGE + domain1-admin-server 1/1 Running 0 11m + domain1-create-weblogic-sample-domain-job-4l767 0/1 Completed 0 13m + domain1-managed-server1 1/1 Running 0 3m56s + domain1-managed-server2 1/1 Running 0 3m56s + weblogic-operator-56654bcdb7-qww7f 1/1 Running 0 25m + ``` + + {{% notice tip %}} If Kubernetes advertises the WebLogic pod as `Running` you can be assured the WebLogic Server actually is running because the operator ensures the Kubernetes health checks are actually polling the WebLogic health check mechanism. + {{% /notice %}} + + Get the addresses of the Administration Server and Managed Servers (please wait for the external IP addresses to be assigned): + + ```bash + $ kubectl get svc --watch + ``` + + The final example of service output is as following: + + ```bash + $ kubectl get svc --watch + NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE + domain1-admin-server ClusterIP None 30012/TCP,7001/TCP 2d20h + domain1-admin-server-ext NodePort 10.0.182.50 7001:30701/TCP 2d20h + domain1-admin-server-external-lb LoadBalancer 10.0.67.79 52.188.176.103 7001:32227/TCP 2d20h + domain1-cluster-1-lb LoadBalancer 10.0.112.43 104.45.176.215 8001:30874/TCP 2d17h + domain1-cluster-cluster-1 ClusterIP 10.0.162.19 8001/TCP 2d20h + domain1-managed-server1 ClusterIP None 8001/TCP 2d20h + domain1-managed-server2 ClusterIP None 8001/TCP 2d20h + internal-weblogic-operator-svc ClusterIP 10.0.192.13 8082/TCP 2d22h + kubernetes ClusterIP 10.0.0.1 443/TCP 2d22h + ``` + + In the example, the URL to access the Administration Server is: `http://52.188.176.103:7001/console`. The default user name for the Administration Console is `weblogic` and the default password is `welcome1`. Please change this for production deployments. + + If the WLS Administration Console is still not available, use `kubectl describe domain` to check domain status. + + ```bash + $ kubectl describe domain domain1 + ``` + + Make sure the status of cluster-1 is `ServersReady` and `Available`. + {{%expand "Click here to view the example status." %}} + ```yaml + Status: + Clusters: + Cluster Name: cluster-1 + Maximum Replicas: 5 + Minimum Replicas: 1 + Ready Replicas: 2 + Replicas: 2 + Replicas Goal: 2 + Conditions: + Last Transition Time: 2020-07-06T05:39:32.539Z + Reason: ServersReady + Status: True + Type: Available + Replicas: 2 + Servers: + Desired State: RUNNING + Node Name: aks-nodepool1-11471722-vmss000001 + Server Name: admin-server + State: RUNNING + Cluster Name: cluster-1 + Desired State: RUNNING + Node Name: aks-nodepool1-11471722-vmss000001 + Server Name: managed-server1 + State: RUNNING + Cluster Name: cluster-1 + Desired State: RUNNING + Node Name: aks-nodepool1-11471722-vmss000001 + Server Name: managed-server2 + State: RUNNING + Cluster Name: cluster-1 + Desired State: SHUTDOWN + Server Name: managed-server3 + Cluster Name: cluster-1 + Desired State: SHUTDOWN + Server Name: managed-server4 + Cluster Name: cluster-1 + Desired State: SHUTDOWN + Server Name: managed-server5 + ``` + {{% /expand %}} + +To deploy a sample application on WLS, you may skip to the section [Deploy sample application](#deploy-sample-application). The next section includes a script that automates all of the preceding steps. + +#### Automation + +If you want to automate the above steps of creating AKS cluster and WLS domain, you can use the script `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks.sh`. + +The sample script will create a WLS domain home on the AKS cluster, including + - Creating a new Azure resource group, with a new Azure Storage Account and Azure File Share to allow WebLogic to persist its configuration and data separately from the Kubernetes pods that run WLS workloads. + - Creating WLS domain home. + - Generating the domain resource YAML files, which can be used to restart the Kubernetes artifacts of the corresponding domain. + +For input values, you can edit `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks-inputs.yaml` directly, or copy the file and edit your copy. The following values must be specified: + +| Name in YAML file | Example value | Notes | +|-------------------|---------------|-------| +| `azureServicePrincipalAppId` | `nr086o75-pn59-4782-no5n-nq2op0rsr1q6` | Application ID of your service principal; refer to the application ID in the [Create Service Principal]({{< relref "/samples/simple/azure-kubernetes-service/domain-on-pv#create-a-service-principal-for-aks" >}}) section. | +| `azureServicePrincipalClientSecret` | `8693089o-q190-45ps-9319-or36252s3s90` | A client secret of your service principal; refer to the client secret in the [Create Service Principal]({{< relref "/samples/simple/azure-kubernetes-service/domain-on-pv#create-a-service-principal-for-aks" >}}) section. | +| `azureServicePrincipalTenantId` | `72s988os-86s1-cafe-babe-2q7pq011qo47` | Tenant (Directory ) ID of your service principal; refer to the client secret in the [Create Service Principal]({{< relref "/samples/simple/azure-kubernetes-service/domain-on-pv#create-a-service-principal-for-aks" >}}) section. | +| `dockerEmail` | `yourDockerEmail` | Oracle Single Sign-On (SSO) account email, used to pull the WebLogic Server Docker image. | +| `dockerPassword` | `yourDockerPassword`| Password for Oracle SSO account, used to pull the WebLogic Server Docker image. In clear text. | +| `dockerUserName` | `yourDockerId` | The same value as `dockerEmail`. | +| `namePrefix` | `0730` | Alphanumeric value used as a disambiguation prefix for several Kubernetes resources. | + +If you don't want to change the other parameters, you can use the default values. Please make sure no extra whitespaces are added! + +```bash +# Use ~/azure as output directory, please change it according to your requirement. + +# cd kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service +$ cp create-domain-on-aks-inputs.yaml my-create-domain-on-aks-inputs.yaml +$ ./create-domain-on-aks.sh -i my-create-domain-on-aks-inputs.yaml -o ~/azure -e +``` + +The script will print the Administration Server address after a successful deployment. The default user name for the Administration Console is `weblogic` and the default password is `welcome1`. Please change this for production deployments. To interact with the cluster using `kubectl`, use `az aks get-credentials` as shown in the script output. + +{{% notice info %}} You now have created an AKS cluster with `PersistentVolumeClaim` and `PersistentVolume` to contain the WLS domain configuration files. Using those artifacts, you have used the operator to create a WLS domain. +{{% /notice %}} + +#### Deploy sample application + +Now that you have WLS running in AKS, you can test the cluster by deploying the simple sample application included in the repository: + +1. Go to the WebLogic Server Administration Console, Select "Lock & Edit". +1. Select Deployments. +1. Select Install. +1. Select Upload your file(s). +1. For the Deployment Archive, Select "Choose File". +1. Select the file `kubernetes/samples/charts/application/testwebapp.war`. +1. Select Next. Choose 'Install this deployment as an application'. +1. Select Next. Select cluster-1 and All servers in the cluster. Select Next. +1. Accept the defaults in the next screen and select Next +1. Select Finish. +1. Select Activate Changes. + +{{%expand "Click here to view the application deployment screenshot." %}} +![Deploy Application](../screenshot-deploy-test-app.png) +{{% /expand %}} + +Next you will need to start the application: + +1. Go to Deployments. +1. Select Control. +1. Select the check box next to `testwebapp`. +1. Select Start. +1. Select Servicing all requests. +1. Select Yes. + +After the successful deployment, go to the application through the `domain1-cluster-1-lb` external IP. + +```bash +$ kubectl get svc domain1-cluster-1-external-lb +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +domain1-cluster-1-external-lb LoadBalancer 10.0.108.249 52.224.248.40 8001:32695/TCP 30m +``` + +In the example, the application address is: `http://52.224.248.40:8001/testwebapp`. + +The test application will list the server host and server IP on the page. + +#### Access WebLogic Server logs + +The logs are stored in the Azure file share. Follow these steps to access the log: + +1. Go to the [Azure Portal](https://ms.portal.azure.com). +2. Go to your resource group. +3. Open the storage account. +4. In the "File service" section of the left panel, select File shares. +5. Select the file share name (e.g. weblogic in this example). +6. Select logs. +7. Select domain1. +8. WebLogic Server logs are listed in the folder. + +{{%expand "Click here to view the WebLogic Server logs screenshot." %}} +![WebLogic Server Logs](../screenshot-logs.png) +{{% /expand %}} + +#### Clean up resources + +{{< readfile file="/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-01.txt" >}} + +If you created the AKS cluster step by step, run the following commands to clean up resources. + +{{< readfile file="/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-02.txt" >}} + +#### Troubleshooting + +For troubleshooting advice, see [Troubleshooting]({{< relref "/samples/simple/azure-kubernetes-service/troubleshooting.md" >}}). + +#### Useful links + +- [Domain on a PV]({{< relref "/samples/simple/domains/domain-home-on-pv/_index.md" >}}) sample diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-01.txt b/docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-01.txt new file mode 100644 index 00000000000..721a25447f7 --- /dev/null +++ b/docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-01.txt @@ -0,0 +1,13 @@ +The output from the `create-domain-on-aks.sh` script includes a statement about the Azure resources created by the script. To delete the cluster and free all related resources, simply delete the resource groups. The output will list the resource groups, such as. + +```bash +The following Azure resouces have been created: + Resource groups: ejb8191resourcegroup1597641911, MC_ejb8191resourcegroup1597641911_ejb8191akscluster1597641911_eastus +``` + +Given the above output, the following Azure CLI commands will delete the resource groups. + +```bash +az group delete --yes --no-wait --name ejb8191resourcegroup1597641911 +az group delete --yes --no-wait --name MC_ejb8191resourcegroup1597641911_ejb8191akscluster1597641911_eastus +``` \ No newline at end of file diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-02.txt b/docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-02.txt new file mode 100644 index 00000000000..29d6b67f796 --- /dev/null +++ b/docs-source/content/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-02.txt @@ -0,0 +1,6 @@ +```bash +$ az group delete --yes --no-wait --name $AKS_PERS_RESOURCE_GROUP +$ az group delete --yes --no-wait --name "MC_$AKS_PERS_RESOURCE_GROUP"_"$AKS_CLUSTER_NAME"_"$AKS_PERS_LOCATION" +$ az ad sp delete --id $SP_APP_ID +``` + diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-01.txt b/docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-01.txt new file mode 100644 index 00000000000..e0228756bf6 --- /dev/null +++ b/docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-01.txt @@ -0,0 +1,82 @@ +##### Create a Service Principal for AKS + +An AKS cluster requires either an [Azure Active Directory (AD) service principal](https://docs.microsoft.com/azure/active-directory/develop/app-objects-and-service-principals) or a [managed identity](https://docs.microsoft.com/azure/aks/use-managed-identity) to interact with Azure resources. + +We will use a service principal to create an AKS cluster. Follow the commands below to create a new service principal. + +Please run `az login` first. Do set the subscription you want to work with. You can get a list of your subscriptions by running `az account list`. + +```bash +# Login +$ az login + +# Set your working subscription +$ export SUBSCRIPTION_ID= +$ az account set -s $SUBSCRIPTION_ID +``` + +Create the new service principal with the following commands: + +```bash +# Create Service Principal +$ export SP_NAME=myAKSClusterServicePrincipal +$ az ad sp create-for-rbac --skip-assignment --name $SP_NAME + +# Copy the output to a file, we will use it later. +``` + +If you see an error similar to the following: + +```bash +Found an existing application instance of "5pn2s201-nq4q-43n1-z942-p9r9571qr3rp". We will patch it +Insufficient privileges to complete the operation. +``` + +The problem may be a pre-existing service principal with the same name. Either delete the other Service Principal or pick a different name. + +Successful output will look like the following: + +```json +{ + "appId": "r3qnq743-61s9-4758-8163-4qpo87s72s54", + "displayName": "myAKSClusterServicePrincipal", + "name": "http://myAKSClusterServicePrincipal", + "password": "TfhR~uOJ1C1ftD5NS_LzJJj6UOjS2OwXfz", + "tenant": "82sr215n-0ns5-404e-9161-206r0oqyq999" +} +``` + +Grant your service principal with a contributor role to create AKS resources. + +```bash +# Use the from the output of the last command +$ export SP_APP_ID=r3qnq743-61s9-4758-8163-4qpo87s72s54 +$ az role assignment create --assignee $SP_APP_ID --role Contributor +``` + +Successful output will look like the following: + +```json +{ + "canDelegate": null, + "id": "/subscriptions/p7844r91-o11q-4n7s-np6s-996308sopqo9/providers/Microsoft.Authorization/roleAssignments/4oq396os-rs95-4n6s-n3qo-sqqpnpo91035", + "name": "4oq396os-rs95-4n6s-n3qo-sqqpnpo91035", + "principalId": "952551r8-n129-4on3-oqo9-231n0s6011n3", + "principalType": "ServicePrincipal", + "roleDefinitionId": "/subscriptions/p7844r91-o11q-4n7s-np6s-996308sopqo9/providers/Microsoft.Authorization/roleDefinitions/o24988np-6180-42n0-no88-20s7382qq24p", + "scope": "/subscriptions/p7844r91-o11q-4n7s-np6s-996308sopqo9", +} +``` + +##### Oracle Container Registry + +You will need an Oracle account. The following steps will direct you to accept the license agreement for WebLogic Server. Make note of your Oracle Account password and email. This sample pertains to 12.2.1.4, but other versions may work as well. + + - In a web browser, navigate to https://container-registry.oracle.com and log in using the Oracle Single Sign-On authentication service. If you do not already have SSO credentials, at the top of the page, click the **Sign In** link to create them. + - The Oracle Container Registry provides a WebLogic Server 12.2.1.4.0 Docker image, which already has the necessary patches applied, and the Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 images, which do not require any patches. + - Ensure Docker desktop is running. Find and then pull the WebLogic 12.2.1.4 install image: + ```bash + $ docker pull container-registry.oracle.com/middleware/weblogic:12.2.1.4 + ``` + + If you have problems accessing the Oracle Container Registry, you can build your own docker images from the [Oracle GitHub repository](https://github.com/oracle/docker-images/tree/main/OracleWebLogic/dockerfiles). diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-02.txt b/docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-02.txt new file mode 100644 index 00000000000..dd66dff7e3f --- /dev/null +++ b/docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-02.txt @@ -0,0 +1,54 @@ +#### Create the AKS cluster + +This sample requires that you disable the AKS addon `http_application_routing` by default. If you want to enable `http_application_routing`, please follow [HTTP application routing](https://docs.microsoft.com/azure/aks/http-application-routing). + +Run the following commands to create the AKS cluster instance. + +```bash +# Change these parameters as needed for your own environment +# Specify a prefix to name resources, only allow lowercase letters and numbers, between 1 and 7 characters +$ export NAME_PREFIX=wls +# Used to generate resource names. +$ export TIMESTAMP=`date +%s` +$ export AKS_CLUSTER_NAME="${NAME_PREFIX}aks${TIMESTAMP}" +$ export AKS_PERS_RESOURCE_GROUP="${NAME_PREFIX}resourcegroup${TIMESTAMP}" +$ export AKS_PERS_LOCATION=eastus +$ export SP_APP_ID= +$ export SP_CLIENT_SECRET= + +$ az group create --name $AKS_PERS_RESOURCE_GROUP --location $AKS_PERS_LOCATION +$ az aks create \ + --resource-group $AKS_PERS_RESOURCE_GROUP \ + --name $AKS_CLUSTER_NAME \ + --node-count 2 \ + --generate-ssh-keys \ + --nodepool-name nodepool1 \ + --node-vm-size Standard_DS2_v2 \ + --location $AKS_PERS_LOCATION \ + --service-principal $SP_APP_ID \ + --client-secret $SP_CLIENT_SECRET +``` + +Successful output will be a JSON object with the entry `"type": "Microsoft.ContainerService/ManagedClusters"`. + +After the deployment finishes, run the following command to connect to the AKS cluster. This command updates your local `~/.kube/config` so that subsequent `kubectl` commands interact with the named AKS cluster. + +```bash +$ az aks get-credentials --resource-group $AKS_PERS_RESOURCE_GROUP --name $AKS_CLUSTER_NAME +``` + +Successful output will look similar to: + +```bash +Merged "wlsaks1596087429" as current context in /home/username/.kube/config +``` + +After your Kubernetes cluster is up and running, run the following commands to make sure kubectl can access the Kubernetes cluster: + +```shell +$ kubectl get nodes -o wide +NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME +aks-pool1haiche-33688868-vmss000000 Ready agent 4m25s v1.17.13 10.240.0.4 Ubuntu 16.04.7 LTS 4.15.0-1098-azure docker://19.3.12 +aks-pool1haiche-33688868-vmss000001 Ready agent 4m12s v1.17.13 10.240.0.5 Ubuntu 16.04.7 LTS 4.15.0-1098-azure docker://19.3.12 +``` + diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.txt b/docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.txt new file mode 100644 index 00000000000..f1493a6f3dc --- /dev/null +++ b/docs-source/content/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-storage.txt @@ -0,0 +1,182 @@ +#### Create storage and set up file share + +Our usage pattern for the operator involves creating Kubernetes "persistent volumes" to allow the WebLogic Server to persist its configuration and data separately from the Kubernetes Pods that run WebLogic Server workloads. + +We will create an external data volume to access and persist data. There are several options for data sharing as described in [Storage options for applications in Azure Kubernetes Service (AKS)](https://docs.microsoft.com/azure/aks/concepts-storage). + +We will use Azure Files as a Kubernetes volume. Consult the [Azure Files Documentation](https://docs.microsoft.com/azure/aks/azure-files-volume) for details about this full featured cloud storage solution. + +##### Create an Azure Storage account + +Create a storage account using Azure CLI. Note that the storage account name can contain only lowercase letters and numbers, and must be between 3 and 24 characters in length: + +```bash +# Change the value as needed for your own environment +$ export AKS_PERS_STORAGE_ACCOUNT_NAME="${NAME_PREFIX}storage${TIMESTAMP}" + +$ az storage account create \ + -n $AKS_PERS_STORAGE_ACCOUNT_NAME \ + -g $AKS_PERS_RESOURCE_GROUP \ + -l $AKS_PERS_LOCATION \ + --sku Standard_LRS +``` + +Successful output will be a JSON object with the entry `"type": "Microsoft.Storage/storageAccounts"`. + +Now we need to create a file share. To create the file share, you need a storage connection string. Run the `show-connection-string` command to get connection string, then create the share with `az storage share create`, as shown here. + +```bash +# Change value as needed for your own environment +$ export AKS_PERS_SHARE_NAME="${NAME_PREFIX}-weblogic-${TIMESTAMP}" +# Get connection string +$ export AZURE_STORAGE_CONNECTION_STRING=$(az storage account show-connection-string -n $AKS_PERS_STORAGE_ACCOUNT_NAME -g $AKS_PERS_RESOURCE_GROUP -o tsv) +# Create file share +$ az storage share create -n $AKS_PERS_SHARE_NAME --connection-string $AZURE_STORAGE_CONNECTION_STRING +``` + +Successful output will be exactly the following: + +```bash +{ + "created": true +} +``` + +The operator uses Kubernetes Secrets. We need a storage key for the secret. These commands query the storage account to obtain the key, and then stores the storage account key as a Kubernetes secret. + +```bash +$ export STORAGE_KEY=$(az storage account keys list --resource-group $AKS_PERS_RESOURCE_GROUP --account-name $AKS_PERS_STORAGE_ACCOUNT_NAME --query "[0].value" -o tsv) +``` + +Verify the successful output by examining the `STORAGE_KEY` environment variable. It must not be empty. It must be a long ASCII string. + +We will use the `kubernetes/samples/scripts/create-kuberetes-secrets/create-azure-storage-credentials-secret.sh` script to create the storage account key as a Kubernetes secret, naming the secret with value `${NAME_PREFIX}azure-secret`. Please run: + +```bash +# Please change persistentVolumeClaimNameSuffix if you changed pre-defined value "regcred" before generating the configuration files. +$ export SECRET_NAME_AZURE_FILE="${NAME_PREFIX}azure-secret" + +#cd kubernetes/samples/scripts/create-kuberetes-secrets +$ ./create-azure-storage-credentials-secret.sh -s $SECRET_NAME_AZURE_FILE -a $AKS_PERS_STORAGE_ACCOUNT_NAME -k $STORAGE_KEY +``` + +You will see the following output: + +```text +secret/wlsazure-secret created +The secret wlsazure-secret has been successfully created in the default namespace. +``` + +##### Create PV and PVC + +This sample uses Kubernetes Persistent Volume Claims (PVC) as storage resource. These features are passed to Kubernetes using YAML files. The script `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks.sh` generates the required configuration files automatically, given an input file containing the parameters. A parameters file is provided at `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks-inputs.yaml`. Copy and customize this file for your needs. + +To generate YAML files to create PV and PVC in the AKS cluster, the following values must be substituted in your copy of the input file. + +| Name in YAML file | Example value | Notes | +|-------------------|---------------|-------| +| `azureServicePrincipalAppId` | `nr086o75-pn59-4782-no5n-nq2op0rsr1q6` | Application ID of your service principal; refer to the application ID in the [Create Service Principal]({{< relref "/samples/simple/azure-kubernetes-service/domain-on-pv#create-a-service-principal-for-aks" >}}) section. | +| `azureServicePrincipalClientSecret` | `8693089o-q190-45ps-9319-or36252s3s90` | A client secret of your service principal; refer to the client secret in the [Create Service Principal]({{< relref "/samples/simple/azure-kubernetes-service/domain-on-pv#create-a-service-principal-for-aks" >}}) section. | +| `azureServicePrincipalTenantId` | `72s988os-86s1-cafe-babe-2q7pq011qo47` | Tenant (Directory ) ID of your service principal; refer to the client secret in the [Create Service Principal]({{< relref "/samples/simple/azure-kubernetes-service/domain-on-pv#create-a-service-principal-for-aks" >}}) section. | +| `dockerEmail` | `yourDockerEmail` | Oracle Single Sign-On (SSO) account email, used to pull the WebLogic Server Docker image. | +| `dockerPassword` | `yourDockerPassword`| Password for Oracle SSO account, used to pull the WebLogic Server Docker image. In clear text. | +| `dockerUserName` | `yourDockerId` | The same value as `dockerEmail`. | +| `namePrefix` | `wls` | Alphanumeric value used as a disambiguation prefix for several Kubernetes resources. Make sure the value matches the value of `${NAME_PREFIX}` to keep names in step-by-step commands the same with those in configuration files. | + +Use the following command to generate configuration files, assuming the output directory is `~/azure`. The script will overwrite any files generated by a previous invocation. + +```bash +#cd kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service +$ cp create-domain-on-aks-inputs.yaml my-create-domain-on-aks-inputs.yaml +$ ./create-domain-on-aks.sh -i my-create-domain-on-aks-inputs.yaml -o ~/azure -u ${TIMESTAMP} +``` + +After running the command, all needed configuration files are generated and output to `~/azure/weblogic-on-aks`: + +```bash +The following files were generated: + /home/username/azure/weblogic-on-aks/pv.yaml + /home/username/azure/weblogic-on-aks/pvc.yaml + /home/username/azure/weblogic-on-aks/admin-lb.yaml + /home/username/azure/weblogic-on-aks/cluster-lb.yaml + /home/username/azure/weblogic-on-aks/domain1.yaml + /home/username/azure/weblogic-on-aks/cluster-admin-role.yaml + +Completed +``` + +**Note:** Beyond the required and default configurations generated by the command, you can modify the generated YAML files to further customize your deployment. Please consult the operator documentation, [AKS documentation](https://docs.microsoft.com/en-us/azure/aks/) and Kubernetes references for further information about customizing your deployment. + +##### Apply generated configuration files + +In order to mount the file share as a persistent volume, we have provided a configuration file `pv.yaml`. You can find it in your output directory. The following content is an example that uses the value `wls-weblogic` as "shareName", `wlsazure-secret` as "secretName", and the persistent volume name is `wls-azurefile`. + +We will use the storage class `azurefile`. If you want to create a new class, follow this document [Create a storage class](https://docs.microsoft.com/en-us/azure/aks/azure-files-dynamic-pv#create-a-storage-class). For more information, see the page [Storage options for applications in Azure Kubernetes Service (AKS)](https://docs.microsoft.com/en-us/azure/aks/concepts-storage#storage-classes). + +```yaml +apiVersion: v1 +kind: PersistentVolume +metadata: + name: wls-azurefile +spec: + capacity: + storage: 5Gi + accessModes: + - ReadWriteMany + storageClassName: azurefile + azureFile: + secretName: wlsazure-secret + shareName: wls-weblogic-1597391432 + readOnly: false + mountOptions: + - dir_mode=0777 + - file_mode=0777 + - uid=1000 + - gid=1000 + - mfsymlinks + - nobrl +``` + +We have provided another configuration file `pvc.yaml` for the PersistentVolumeClaim. Both `pv.yaml` and `pvc.yaml` have exactly the same content for `storageClassName` attributes. This is required. We set the same value to the `metadata` property in both files. The following content is an example that uses the persistent volume claim name `wls-azurefile`. + +```yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: wls-azurefile +spec: + accessModes: + - ReadWriteMany + storageClassName: azurefile + resources: + requests: + storage: 5Gi +``` + +Use the `kubectl` command to create the persistent volume and persistent volume claim to `default` namespace. + +```bash +$ kubectl apply -f ~/azure/weblogic-on-aks/pv.yaml +persistentvolume/wls-azurefile created +$ kubectl apply -f ~/azure/weblogic-on-aks/pvc.yaml +persistentvolumeclaim/wls-azurefile created +``` + +Use the following command to verify: + +```bash +$ kubectl get pv,pvc +``` + +Example output: + +```bash +$ kubectl get pv,pvc +NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE +persistentvolume/wls-azurefile 5Gi RWX Retain Bound default/wls-azurefile azurefile 16m + +NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE +persistentvolumeclaim/wls-azurefile Bound wls-azurefile 5Gi RWX azurefile 16m +``` + +> **Note**: Carefully inspect the output and verify it matches the above. `ACCESS MODES`, `CLAIM`, and `STORAGECLASS` are vital. diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-01.txt b/docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-01.txt new file mode 100644 index 00000000000..7f6233038c2 --- /dev/null +++ b/docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-01.txt @@ -0,0 +1,10 @@ +#### Prerequisites + +This sample assumes the following prerequisite environment. + +* Operating System: GNU/Linux, macOS or [WSL2 for Windows 10](https://docs.microsoft.com/windows/wsl/install-win10). +* [Git](https://git-scm.com/downloads), use `git --version` to test if `git` works. This document was tested with version 2.17.1. +* [Azure CLI](https://docs.microsoft.com/cli/azure), use `az --version` to test if `az` works. This document was tested with version 2.9.1. +* [Docker for Desktop](https://www.docker.com/products/docker-desktop). This document was tested with `Docker version 20.10.2, build 2291f61` +* [kubectl](https://kubernetes-io-vnext-staging.netlify.com/docs/tasks/tools/install-kubectl/), use `kubectl version` to test if `kubectl` works. This document was tested with version v1.16.3. +* [helm](https://helm.sh/docs/intro/install/), version 3.1 and later, use `helm version` to check the `helm` version. This document was tested with version v3.2.4. \ No newline at end of file diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-02.txt b/docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-02.txt new file mode 100644 index 00000000000..1db0a5a0e88 --- /dev/null +++ b/docs-source/content/samples/simple/azure-kubernetes-service/includes/prerequisites-02.txt @@ -0,0 +1,12 @@ +#### Prerequisites + +This sample assumes the following prerequisite environment. + +* Operating System: GNU/Linux, macOS or [WSL2 for Windows 10](https://docs.microsoft.com/windows/wsl/install-win10). +* [Git](https://git-scm.com/downloads), use `git --version` to test if `git` works. This document was tested with version 2.17.1. +* [Azure CLI](https://docs.microsoft.com/cli/azure), use `az --version` to test if `az` works. This document was tested with version 2.9.1. +* [Docker for Desktop](https://www.docker.com/products/docker-desktop). This document was tested with `Docker version 20.10.2, build 2291f61` +* [kubectl](https://kubernetes-io-vnext-staging.netlify.com/docs/tasks/tools/install-kubectl/), use `kubectl version` to test if `kubectl` works. This document was tested with version v1.16.3. +* [Helm](https://helm.sh/docs/intro/install/), version 3.1 and later, use `helm version` to check the `helm` version. This document was tested with version v3.2.4. +* A Java JDK, Version 8 or 11. Azure recommends [Azul Zulu for Azure](https://www.azul.com/downloads/azure-only/zulu/). Ensure your `JAVA_HOME` environment variable is set correctly in the shells in which you run the commands. +* Ensure you have the zip/unzip utility installed, use `zip/unzip -v` to test if `zip/unzip` works. diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md b/docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md new file mode 100644 index 00000000000..ae11d1f1757 --- /dev/null +++ b/docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md @@ -0,0 +1,836 @@ +--- +title: "Model in Image" +date: 2020-11-24T18:22:31-05:00 +weight: 3 +description: "Sample for creating a WebLogic cluster on the Azure Kubernetes Service with model in image approach." +--- + +This sample demonstrates how to use the [Oracle WebLogic Server Kubernetes Operator](/weblogic-kubernetes-operator/) (hereafter "the operator") to set up a WebLogic Server (WLS) cluster on the Azure Kubernetes Service (AKS) using the model in image approach. After going through the steps, your WLS domain runs on an AKS cluster instance and you can manage your WLS domain by interacting with the operator. + +#### Contents + + - [Prerequisites](#prerequisites) + - [Create an AKS cluster](#create-the-aks-cluster) + - [Install WebLogic Server Kubernetes Operator](#install-weblogic-server-kubernetes-operator) + - [Create Docker image](#create-docker-image) + - [Create WebLogic domain](#create-weblogic-domain) + - [Invoke the web application](#invoke-the-web-application) + - [Rolling updates](#rolling-updates) + - [Clean up resource](#clean-up-resources) + - [Troubleshooting](#troubleshooting) + - [Useful links](#useful-links) + +{{< readfile file="/samples/simple/azure-kubernetes-service/includes/prerequisites-02.txt" >}} + + +{{< readfile file="/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-01.txt" >}} + +##### Clone WebLogic Server Kubernetes Operator repository + +Clone the [Oracle WebLogic Server Kubernetes Operator repository](https://github.com/oracle/weblogic-kubernetes-operator) to your machine. We will use several scripts in this repository to create a WebLogic domain. This sample was tested with v3.1.1. + +```bash +$ git clone https://github.com/oracle/weblogic-kubernetes-operator.git +cd weblogic-kubernetes-operator +#TODO: we have to fix the branch after the source code are merged +#git checkout v3.1.1 +``` + +{{< readfile file="/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-02.txt" >}} + +> **Note**: If you run into VM size failure, see [Troubleshooting - Virtual Machine size is not supported]({{< relref "/samples/simple/azure-kubernetes-service/troubleshooting#virtual-machine-size-is-not-supported" >}}). + + +#### Install WebLogic Server Kubernetes Operator + +The Oracle WebLogic Server Kubernetes Operator is an adapter to integrate WebLogic Server and Kubernetes, allowing Kubernetes to serve as a container infrastructure hosting WLS instances. The operator runs as a Kubernetes Pod and stands ready to perform actions related to running WLS on Kubernetes. + +You must have the `cluster-admin` role to install the operator. The operator does not need the `cluster-admin` role at runtime. Grant the Helm service account the `cluster-admin role` using this configuration file `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/helm-sa-cluster-admin-role.yaml`. + +```bash +# cd kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image +$ kubectl apply -f helm-sa-cluster-admin-role.yaml +clusterrolebinding.rbac.authorization.k8s.io/helm-user-cluster-admin-role created +``` + +Create a namespace and service account for the operator. + +```bash +$ kubectl create namespace sample-weblogic-operator-ns +namespace/sample-weblogic-operator-ns created + + +$ kubectl create serviceaccount -n sample-weblogic-operator-ns sample-weblogic-operator-sa +serviceaccount/sample-weblogic-operator-sa created +``` + +Validate the service account was created with this command. + +```bash +$ kubectl -n sample-weblogic-operator-ns get serviceaccount + +NAME SECRETS AGE +default 1 9m24s +sample-weblogic-operator-sa 1 9m5s +``` + +Install the operator. Ensure your current directory is `weblogic-kubernetes-operator`. It may take you several minutes to install the operator. + +```bash +# cd weblogic-kubernetes-operator +$ helm install weblogic-operator kubernetes/charts/weblogic-operator \ + --namespace sample-weblogic-operator-ns \ + --set image=ghcr.io/oracle/weblogic-kubernetes-operator:3.1.1 \ + --set serviceAccount=sample-weblogic-operator-sa \ + --set "enableClusterRoleBinding=true" \ + --set "domainNamespaceSelectionStrategy=LabelSelector" \ + --set "domainNamespaceLabelSelector=weblogic-operator\=enabled" \ + --wait + +NAME: weblogic-operator +LAST DEPLOYED: Tue Nov 17 09:33:58 2020 +NAMESPACE: sample-weblogic-operator-ns +STATUS: deployed +REVISION: 1 +TEST SUITE: None +``` + +Verify the operator with the following commands; the status will be `Running`. + +```bash +$ helm list -A +NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION +sample-weblogic-operator sample-weblogic-operator-ns 1 2020-11-17 09:33:58.584239273 -0700 PDT deployed weblogic-operator-3.1 + + +$ kubectl get pods -n sample-weblogic-operator-ns +NAME READY STATUS RESTARTS AGE +weblogic-operator-775b668c8f-nwwnn 1/1 Running 0 32s +``` + +{{% notice note %}} +You can sepcify the operator image by changing value of `--set image`. If you run into failures, see [Troubleshooting - WebLogic Kubernetes Operator installation failure]({{< relref "/samples/simple/azure-kubernetes-service/troubleshooting#weblogic-kubernetes-operator-installation-failure" >}}). +{{% /notice %}} + +{{% notice info %}} +If you have a Docker image built with domain models following [Model in Image]({{< relref "/samples/simple/domains/model-in-image/_index.md" >}}), you can go to [Create WebLogic domain](#create-weblogic-domain) directly. +{{% /notice %}} + +#### Create Docker image + + - [Image creation prerequisites](#image-creation-prerequisites) + - [Image creation - Introduction](#image-creation---introduction) + - [Understanding your first archive](#understanding-your-first-archive) + - [Staging a ZIP file of the archive](#staging-a-zip-file-of-the-archive) + - [Staging model files](#staging-model-files) + - [Creating the image with WIT](#creating-the-image-with-wit) + - [Pushing the image to Azure Container Registry](#pushing-the-image-to-azure-container-registry) + +##### Image creation prerequisites +1. The `JAVA_HOME` environment variable must be set and must reference a valid JDK 8 or 11 installation. +1. Copy the sample to a new directory; for example, use the directory `/tmp/mii-sample`. + + ```bash + $ mkdir /tmp/mii-sample + $ cd kubernetes/samples/scripts/create-weblogic-domain/model-in-image + $ cp -r * /tmp/mii-sample + ``` + + **Note**: We will refer to this working copy of the sample as `/tmp/mii-sample`, (`mii` is short for model in image); however, you can use a different location. + +1. Download the latest WebLogic Deploying Tooling (WDT) and WebLogic Image Tool (WIT) installer ZIP files to your `/tmp/mii-sample/model-images` directory. Both WDT and WIT are required to create your Model in Image Docker images. + + For example, visit the GitHub [WebLogic Deploy Tooling Releases](https://github.com/oracle/weblogic-deploy-tooling/releases) and [WebLogic Image Tool Releases](https://github.com/oracle/weblogic-image-tool/releases) web pages to determine the latest release version for each, and then, assuming the version numbers are `1.9.7` and `1.9.5` respectively, call: + + ```bash + $ cd /tmp/mii-sample/model-images + + $ curl -m 120 -fL https://github.com/oracle/weblogic-deploy-tooling/releases/download/release-1.9.7/weblogic-deploy.zip \ + -o /tmp/mii-sample/model-images/weblogic-deploy.zip + + $ curl -m 120 -fL https://github.com/oracle/weblogic-image-tool/releases/download/release-1.9.5/imagetool.zip \ + -o /tmp/mii-sample/model-images/imagetool.zip + ``` + + + To set up the WebLogic Image Tool, run the following commands: + ```bash + $ cd /tmp/mii-sample/model-images + + $ unzip imagetool.zip + + $ ./imagetool/bin/imagetool.sh cache addInstaller \ + --type wdt \ + --version latest \ + --path /tmp/mii-sample/model-images/weblogic-deploy.zip + ``` + + These steps will install WIT to the `/tmp/mii-sample/model-images/imagetool` directory, plus put a `wdt_latest` entry in the tool’s cache which points to the WDT ZIP file installer. You will use WIT later in the sample for creating model images. + +##### Image creation - Introduction + +The goal of image creation is to demonstrate using the WebLogic Image Tool to create an image named `model-in-image:WLS-v1` from files that you will stage to `/tmp/mii-sample/model-images/model-in-image:WLS-v1/`. +The staged files will contain a web application in a WDT archive, and WDT model configuration for a WebLogic Administration Server called `admin-server` and a WebLogic cluster called `cluster-1`. + +A "Model in Image" image contains the following elements: +* A WebLogic Server installation and a WebLogic Deploy Tooling installation in its `/u01/wdt/weblogic-deploy` directory. +* If you have WDT model archive files, then the image must also contain these files in its `/u01/wdt/models` directory. +* If you have WDT model YAML file and properties files, then they go in in the same `/u01/wdt/models` directory. If you do not specify a WDT model YAML file in your `/u01/wdt/models` directory, then the model YAML file must be supplied dynamically using a Kubernetes `ConfigMap` that is referenced by your Domain `spec.model.configMap` field. + +We provide an example of using a model `ConfigMap` later in this sample. + +The following sections contain the steps for creating the image `model-in-image:WLS-v1`. + +##### Understanding your first archive + +The sample includes a predefined archive directory in `/tmp/mii-sample/archives/archive-v1` that you will use to create an archive ZIP file for the image. + +The archive top directory, named `wlsdeploy`, contains a directory named `applications`, which includes an ‘exploded’ sample JSP web application in the directory, `myapp-v1`. Three useful aspects to remember about WDT archives are: + - A model image can contain multiple WDT archives. + - WDT archives can contain multiple applications, libraries, and other components. + - WDT archives have a [well defined directory structure](https://github.com/oracle/weblogic-deploy-tooling/blob/master/site/archive.md), which always has `wlsdeploy` as the top directory. + +The application displays important details about the WebLogic Server instance that it’s running on: namely its domain name, cluster name, and server name, as well as the names of any data sources that are targeted to the server. + + +##### Staging a ZIP file of the archive + +When you create the image, you will use the files in the staging directory, `/tmp/mii-sample/model-in-image__WLS-v1`. In preparation, you need it to contain a ZIP file of the WDT application archive. + +Run the following commands to create your application archive ZIP file and put it in the expected directory: + +```bash +# Delete existing archive.zip in case we have an old leftover version +$ rm -f /tmp/mii-sample/model-images/model-in-image__WLS-v1/archive.zip + +# Move to the directory which contains the source files for our archive +$ cd /tmp/mii-sample/archives/archive-v1 + +# Zip the archive to the location will later use when we run the WebLogic Image Tool +$ zip -r /tmp/mii-sample/model-images/model-in-image__WLS-v1/archive.zip wlsdeploy +``` + +##### Staging model files + +In this step, you explore the staged WDT model YAML file and properties in the `/tmp/mii-sample/model-in-image__WLS-v1` directory. The model in this directory references the web application in your archive, configures a WebLogic Server Administration Server, and configures a WebLogic cluster. It consists of only two files, `model.10.properties`, a file with a single property, and, `model.10.yaml`, a YAML file with your WebLogic configuration. + +Here is the WLS `model.10.properties`: + +``` +CLUSTER_SIZE=5 +``` + +Here is the WLS `model.10.yaml`: + +``` +domainInfo: + AdminUserName: '@@SECRET:__weblogic-credentials__:username@@' + AdminPassword: '@@SECRET:__weblogic-credentials__:password@@' + ServerStartMode: 'prod' + +topology: + Name: '@@ENV:CUSTOM_DOMAIN_NAME@@' + AdminServerName: 'admin-server' + Cluster: + 'cluster-1': + DynamicServers: + ServerTemplate: 'cluster-1-template' + ServerNamePrefix: 'managed-server' + DynamicClusterSize: '@@PROP:CLUSTER_SIZE@@' + MaxDynamicClusterSize: '@@PROP:CLUSTER_SIZE@@' + MinDynamicClusterSize: '0' + CalculatedListenPorts: false + Server: + 'admin-server': + ListenPort: 7001 + ServerTemplate: + 'cluster-1-template': + Cluster: 'cluster-1' + ListenPort: 8001 + +appDeployments: + Application: + myapp: + SourcePath: 'wlsdeploy/applications/myapp-v1' + ModuleType: ear + Target: 'cluster-1' +``` + +The model file: + +- Defines a WebLogic domain with: + - Cluster `cluster-1` + - Administration Server `admin-server` + - An EAR application, targeted to `cluster-1`, located in the WDT archive ZIP file at `wlsdeploy/applications/myapp-v1` + +- Leverages macros to inject external values: + - The property file `CLUSTER_SIZE` property is referenced in the model YAML file `DynamicClusterSize` and `MaxDynamicClusterSize` fields using a PROP macro. + - The model file domain name is injected using a custom environment variable named `CUSTOM_DOMAIN_NAME` using an ENV macro. + - You set this environment variable later in this sample using an env field in its Domain. + - _This conveniently provides a simple way to deploy multiple differently named domains using the same model image_. + - The model file administrator user name and password are set using a `weblogic-credentials` secret macro reference to the WebLogic credential secret. + - This secret is in turn referenced using the `webLogicCredentialsSecret` field in the Domain. + - The `weblogic-credentials` is a reserved name that always dereferences to the owning Domain actual WebLogic credentials secret name. + +A Model in Image image can contain multiple properties files, archive ZIP files, and YAML files but in this sample you use just one of each. For a complete discussion of Model in Images model file naming conventions, file loading order, and macro syntax, see [Model files]({{< relref "/userguide/managing-domains/model-in-image/model-files.md" >}}) files in the Model in Image user documentation. + +##### Creating the image with WIT + +At this point, you have staged all of the files needed for the image `model-in-image:WLS-v1`; they include: + + - `/tmp/mii-sample/model-images/weblogic-deploy.zip` + - `/tmp/mii-sample/model-images/model-in-image__WLS-v1/model.10.yaml` + - `/tmp/mii-sample/model-images/model-in-image__WLS-v1/model.10.properties` + - `/tmp/mii-sample/model-images/model-in-image__WLS-v1/archive.zip` + +If you don’t see the `weblogic-deploy.zip` file, then you missed a step in the [prerequisites](#image-creation-prerequisites). + +Now, you use the Image Tool to create a Docker image named `model-in-image:WLS-v1` with a `FROM` clause that references a base WebLogic image. You’ve already set up this tool during the prerequisite steps. + +Run the following commands to create the model image and verify that it worked: + +```bash +$ cd /tmp/mii-sample/model-images +$ ./imagetool/bin/imagetool.sh update \ + --tag model-in-image:WLS-v1 \ + --fromImage container-registry.oracle.com/middleware/weblogic:12.2.1.4 \ + --wdtModel ./model-in-image__WLS-v1/model.10.yaml \ + --wdtVariables ./model-in-image__WLS-v1/model.10.properties \ + --wdtArchive ./model-in-image__WLS-v1/archive.zip \ + --wdtModelOnly \ + --wdtDomainType WLS \ + --chown oracle:root +``` + +If you don’t see the `imagetool` directory, then you missed a step in the prerequisites. + +The preceding command runs the WebLogic Image Tool in its Model in Image mode, and does the following: + + - Builds the final Docker image as a layer on the `container-registry.oracle.com/middleware/weblogic:12.2.1.4` base image. + - Copies the WDT ZIP file that’s referenced in the WIT cache into the image. + - Note that you cached WDT in WIT using the keyword `latest` when you set up the cache during the sample prerequisites steps. + - This lets WIT implicitly assume it’s the desired WDT version and removes the need to pass a `-wdtVersion` flag. + - Copies the specified WDT model, properties, and application archives to image location `/u01/wdt/models`. + +When the command succeeds, you should see output like the following: + +``` +[INFO ] Build successful. Build time=36s. Image tag=model-in-image:WLS-v1 +``` + +Verify the image is available in the local Docker server with the following command. + +```shell +$ docker images | grep WLS-v1 +model-in-image WLS-v1 012d3bfa3536 5 days ago 1.13GB +``` + +{{% notice note %}} +You may run into a `Dockerfile` parsing error if your docker buildkit is enabled, see [Troubleshooting - WebLogic Image Tool failure]({{< relref "/samples/simple/azure-kubernetes-service/troubleshooting#weblogic-image-tool-failure" >}}). +{{% /notice %}} + +##### Pushing the image to Azure Container Registry + +AKS can pull Docker images from any container registry, but the easiest integration is to use Azure Container Registry (ACR). In this section we will create a new Azure Container Registry, connect it to our pre-existing AKS cluster and push the Docker image built in the preceding section to it. For complete details see [Azure Container Registry documentation](https://docs.microsoft.com/en-us/azure/container-registry/). + +Let's create an instance of ACR in the same resource group we used for AKS. We will use the environment variables used during the steps above. For simplicity, we use the resource group name as the name of the ACR instance. + +```shell +$ az acr create --resource-group $AKS_PERS_RESOURCE_GROUP --name $AKS_PERS_RESOURCE_GROUP --sku Basic --admin-enabled true +``` + +Closely examine the JSON output from this command. Save the value of the `loginServer` property aside. It will look something like the following. + +```json +"loginServer": "contosoresourcegroup1610068510.azurecr.io", +``` + +Use this value to sign in to the ACR instance. Note that because you are signing in with the `az` cli, you do not need a password because your identity is already conveyed via having done `az login` previously. + +```shell +$ export AKS_PERS_ACR= +$ az acr login --name $AKS_PERS_ACR +``` + +Ensure Docker is running on your local machine. Run the following commands to tag and push the image to your ACR. + +```shell +$ docker tag model-in-image:WLS-v1 $AKS_PERS_ACR/$AKS_PERS_ACR:model-in-image-aks +$ docker push $AKS_PERS_ACR/$AKS_PERS_ACR:model-in-image-aks +The push refers to repository [contosorgresourcegroup1610068510.azurecr.io/contosorgresourcegroup1610068510.azurecr.io] +model-in-image-aks: digest: sha256:208217afe336053e4c524caeea1a415ccc9cc73b206ee58175d0acc5a3eeddd9 size: 2415 +``` + +Finally, connect AKS to the ACR. For more details on connecting ACR to an existing AKS see [Configure ACR integration for existing AKS clusters](https://docs.microsoft.com/en-us/azure/aks/cluster-container-registry-integration#configure-acr-integration-for-existing-aks-clusters). + +```shell +$ az aks update --name $AKS_CLUSTER_NAME --resource-group $AKS_PERS_RESOURCE_GROUP --attach-acr $AKS_PERS_RESOURCE_GROUP +``` + +If you see an error that seems related to you not being an **Owner on this subscription**, please refer to the troubleshooting section [Cannot attach ACR due to not being Owner of subscription]({{< relref "/samples/simple/azure-kubernetes-service/troubleshooting#cannot-attach-acr-due-to-not-being-owner-of-subscription" >}}). + +Successful output will be a JSON object with the entry "type": "Microsoft.ContainerService/ManagedClusters". + + +#### Create WebLogic domain + +In this section, you will deploy the new image to namespace `sample-domain1-ns`, including the following steps: + +- Create a namespace for the WebLogic domain. +- Upgrade the operator to manage the WebLogic domain namespace. +- Create a Secret containing your WebLogic administrator user name and password. +- Create a Secret containing your Model in Image runtime encryption password: + - All Model in Image domains must supply a runtime encryption Secret with a `password` value. + - The runtime encryption password is used to encrypt configuration that is passed around internally by the operator. + - The value must be kept private but can be arbitrary; you can optionally supply a different secret value every time you restart the domain. +- Deploy a Domain YAML file that references the new image. +- Wait for the domain’s Pods to start and reach their ready state. + +##### Namespace + +Create a namespace that can host one or more domains: + +```bash +$ kubectl create namespace sample-domain1-ns + +## label the domain namespace so that the operator can autodetect and create WebLogic Server pods. +$ kubectl label namespace sample-domain1-ns weblogic-operator=enabled +``` + +##### Kubernetes Secrets for WebLogic + +First, create the secrets needed by the WLS type model domain. For more on secrets in the context of running domains, see [Prepare to run a domain]({{< relref "/userguide/managing-domains/prepare" >}}). In this case, you have two secrets. + +Run the following `kubectl` commands to deploy the required secrets: + +```bash +$ kubectl -n sample-domain1-ns create secret generic \ + sample-domain1-weblogic-credentials \ + --from-literal=username=weblogic --from-literal=password=welcome1 +$ kubectl -n sample-domain1-ns label secret \ + sample-domain1-weblogic-credentials \ + weblogic.domainUID=sample-domain1 + +$ kubectl -n sample-domain1-ns create secret generic \ + sample-domain1-runtime-encryption-secret \ + --from-literal=password=welcome1 +$ kubectl -n sample-domain1-ns label secret \ + sample-domain1-runtime-encryption-secret \ + weblogic.domainUID=sample-domain1 +``` + + Some important details about these secrets: + + - The WebLogic credentials secret: + - It is required and must contain `username` and `password` fields. + - It must be referenced by the `spec.webLogicCredentialsSecret` field in your Domain resource YAML file. For complete details about the `Domain` resource, see the [Domain resource reference](https://github.com/oracle/weblogic-kubernetes-operator/blob/master/docs/domains/Domain.md#domain-spec) + - It also must be referenced by macros in the `domainInfo.AdminUserName` and `domainInfo.AdminPassWord` fields in your `model.10.yaml` file. + + - The Model WDT runtime encrytion secret: + - This is a special secret required by Model in Image. + - It must contain a `password` field. + - It must be referenced using the `spec.model.runtimeEncryptionSecret` field in your Domain resource YAML file. + - It must remain the same for as long as the domain is deployed to Kubernetes but can be changed between deployments. + - It is used to encrypt data as it's internally passed using log files from the domain's introspector job and on to its WebLogic Server pods. + + - Deleting and recreating the secrets: + - You must delete a secret before creating it, otherwise the `create` command will fail if the secret already exists. + - This allows you to change the secret when using the `kubectl create secret` command. + + - You name and label secrets using their associated `domainUID` for two reasons: + - To make it obvious which secrets belong to which domains. + - To make it easier to clean up a domain. Typical cleanup scripts use the `weblogic.domainUID` label as a convenience for finding all resources associated with a domain. + +##### Kubernetes Secrets for Docker + +Deploy a corresponding Kubernetes `docker secret` to the same namespace to access the image during domain creation. + +Use `kubernetes/samples/scripts/create-kuberetes-secrets/create-docker-credentials-secret.sh` to create the secret. Please invoke the script with the `-h` option to see the available switches and usage. + +```shell +$ cd weblogic-kubernetes-operator +$ cd kubernetes/samples/scripts/create-kuberetes-secrets +$ ./create-docker-credentials-secret.sh -h +``` + +Get the password for the ACR and store it in the Kubernetes secret. + +```shell +$ az acr credential show --name $AKS_PERS_ACR +The login server endpoint suffix '.azurecr.io' is automatically omitted. +{ + "passwords": [ + { + "name": "password", + "value": "f02Ls3jqnNQ0ToXIoyY2g8oJrVk0w5P/" + }, + { + "name": "password2", + "value": "qbZx1bZT7=rha7Ta6Wa0zfCZqoNMNoj1" + } + ], + "username": "contosoresourcegroup1610068510" +} +$ export AKS_PERS_ACR_PASSWORD= +``` + +Use the `create-docker-credentials-secret.sh` script to store the ACR credentials as a Kubernetes secret. + +```shell +# cd kubernetes/samples/scripts/create-kuberetes-secrets +$ export SECRET_NAME_DOCKER="regsecret" +$ ./create-docker-credentials-secret.sh -s ${SECRET_NAME_DOCKER} -e $AKS_PERS_RESOURCE_GROUP -p $AKS_PERS_ACR_PASSWORD -u $AKS_PERS_RESOURCE_GROUP -d $AKS_PERS_ACR -n sample-domain1-ns +secret/regsecret created +The secret regsecret has been successfully created in the sample-domain1-ns namespace. +``` + +##### Domain resource + +Now, you create a Domain YAML file. Think of the Domain YAML file as the way to configure some aspects of your WebLogic domain using Kubernetes. The operator uses the Kubernetes "custom resource" feature to define a Kubernetes resource type called `Domain`. For more on the `Domain` Kubernetes resource, see [Domain Resource]({{< relref "/userguide/managing-domains/domain-resource" >}}). For more on custom resources see [the Kubernetes documentation](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/). + +We provide a sample file at `kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-initial-d1-WLS-v1.yaml`, copy it to a file called `/tmp/mii-sample/mii-initial.yaml`. + +```bash +$ cd kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS +$ cp mii-initial-d1-WLS-v1.yaml /tmp/mii-sample/mii-initial.yaml +``` + +Modify the Domain YAML with your values. + +| Name in YAML file | Example value | Notes | +|-------------------|---------------|-------| +|`spec.image`|`$AKS_PERS_ACR/$AKS_PERS_ACR:model-in-image-aks`|Must be the same as the value to which you pushed the image to by running the command `docker push $AKS_PERS_ACR/$AKS_PERS_ACR:model-in-image-aks`| +|`spec.imagePullSecrets.name`|`regsecret`|Make sure its value is the same value with `${SECRET_NAME_DOCKER}`| + +Run the following command to create the domain custom resource: + +```bash +$ kubectl apply -f /tmp/mii-sample/mii-initial.yaml +``` + +Successfull output will look like: + +``` +domain.weblogic.oracle/sample-domain1 created +``` + +Verify the WebLogic Server pods are all running: + +```bash +$ kubectl get pods -n sample-domain1-ns --watch +NAME READY STATUS RESTARTS AGE +sample-domain1-introspector-xwpbn 0/1 ContainerCreating 0 0s +sample-domain1-introspector-xwpbn 1/1 Running 0 1s +sample-domain1-introspector-xwpbn 0/1 Completed 0 66s +sample-domain1-introspector-xwpbn 0/1 Terminating 0 67s +sample-domain1-introspector-xwpbn 0/1 Terminating 0 67s +sample-domain1-admin-server 0/1 Pending 0 0s +sample-domain1-admin-server 0/1 Pending 0 0s +sample-domain1-admin-server 0/1 ContainerCreating 0 0s +sample-domain1-admin-server 0/1 Running 0 2s +sample-domain1-admin-server 1/1 Running 0 42s +sample-domain1-managed-server1 0/1 Pending 0 0s +sample-domain1-managed-server1 0/1 Pending 0 0s +sample-domain1-managed-server1 0/1 ContainerCreating 0 0s +sample-domain1-managed-server2 0/1 Pending 0 0s +sample-domain1-managed-server2 0/1 Pending 0 0s +sample-domain1-managed-server2 0/1 ContainerCreating 0 0s +sample-domain1-managed-server2 0/1 Running 0 3s +sample-domain1-managed-server2 1/1 Running 0 40s +sample-domain1-managed-server1 0/1 Running 0 53s +sample-domain1-managed-server1 1/1 Running 0 93s + +# The success deployment should be: +$ kubectl get all -n sample-domain1-ns +NAME READY STATUS RESTARTS AGE +pod/sample-domain1-admin-server 1/1 Running 0 16m +pod/sample-domain1-managed-server1 1/1 Running 0 15m +pod/sample-domain1-managed-server2 1/1 Running 0 15m + +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +service/sample-domain1-admin-server ClusterIP None 7001/TCP 16m +service/sample-domain1-cluster-cluster-1 ClusterIP 10.0.188.60 8001/TCP 15m +service/sample-domain1-managed-server1 ClusterIP None 8001/TCP 15m +service/sample-domain1-managed-server2 ClusterIP None 8001/TCP 15m +``` + +It may take you up to 10 minutes to deploy all pods, please wait and make sure everything is ready. + +#### Invoke the web application + +##### Create Azure load balancer + +Create the Azure public standard load balancer to access the WebLogic Server Administration Console and applications deployed in the cluster. + +Use the configuration file in `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/admin-lb.yaml` to create a load balancer service for the Administration Server. If you are choosing not to use the predefined YAML file and instead created a new one with customized values, then substitute the following content with you domain values. + +{{%expand "Click here to view YAML content." %}} +```yaml +apiVersion: v1 +kind: Service +metadata: + name: sample-domain1-admin-server-external-lb + namespace: sample-domain1-ns +spec: + ports: + - name: default + port: 7001 + protocol: TCP + targetPort: 7001 + selector: + weblogic.domainUID: sample-domain1 + weblogic.serverName: admin-server + sessionAffinity: None + type: LoadBalancer +``` +{{% /expand %}} + +Use the configuration file in `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/cluster-lb.yaml` to create a load balancer service for the managed servers. If you are choosing not to use the predefined YAML file and instead created new one with customized values, then substitute the following content with you domain values. + +{{%expand "Click here to view YAML content." %}} +```yaml +apiVersion: v1 +kind: Service +metadata: + name: sample-domain1-cluster-1-lb + namespace: sample-domain1-ns +spec: + ports: + - name: default + port: 8001 + protocol: TCP + targetPort: 8001 + selector: + weblogic.domainUID: sample-domain1 + weblogic.clusterName: cluster-1 + sessionAffinity: None + type: LoadBalancer + +``` +{{% /expand %}} + +Create the load balancer services using the following command: + +```bash +$ cd kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image +$ kubectl apply -f admin-lb.yaml +service/sample-domain1-admin-server-external-lb created + +$ kubectl apply -f cluster-lb.yaml +service/sample-domain1-cluster-1-external-lb created +``` + +Get the external IP addresses of the administration server and cluster load balancers (please wait for the external IP addresses to be assigned): + +```bash +$ kubectl get svc -n sample-domain1-ns --watch +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +sample-domain1-admin-server ClusterIP None 7001/TCP 8m33s +sample-domain1-admin-server-external-lb LoadBalancer 10.0.184.118 52.191.234.149 7001:30655/TCP 2m30s +sample-domain1-cluster-1-lb LoadBalancer 10.0.76.7 52.191.235.71 8001:30439/TCP 2m25s +sample-domain1-cluster-cluster-1 ClusterIP 10.0.118.225 8001/TCP 7m53s +sample-domain1-managed-server1 ClusterIP None 8001/TCP 7m53s +sample-domain1-managed-server2 ClusterIP None 8001/TCP 7m52s +``` + +In the example, the URL to access the Administration Server is: `http://52.191.234.149:7001/console`. **IMPORTANT: You must ensure that any Network Security Group rules that govern access to the console allow inbound traffic on port 7001.** The default user name for the Administration Console is `weblogic` and the default password is `welcome1`. Please change this for production deployments. + +If the WLS Administration Console is still not available, use `kubectl describe domain` to check domain status. + +```bash +$ kubectl describe domain domain1 +``` + +Make sure the status of cluster-1 is `ServersReady` and `Available`. + +{{%expand "Click here to view the example domain status." %}} +```yaml +Name: sample-domain1 +Namespace: sample-domain1-ns +Labels: weblogic.domainUID=sample-domain1 +Annotations: +API Version: weblogic.oracle/v8 +Kind: Domain +Metadata: + Creation Timestamp: 2020-11-30T05:40:11Z + Generation: 1 + Resource Version: 9346 + Self Link: /apis/weblogic.oracle/v8/namespaces/sample-domain1-ns/domains/sample-domain1 + UID: 9f10a602-714a-46c5-8dcb-815616b587af +Spec: + Admin Server: + Server Start State: RUNNING + Clusters: + Cluster Name: cluster-1 + Replicas: 2 + Server Pod: + Affinity: + Pod Anti Affinity: + Preferred During Scheduling Ignored During Execution: + Pod Affinity Term: + Label Selector: + Match Expressions: + Key: weblogic.clusterName + Operator: In + Values: + $(CLUSTER_NAME) + Topology Key: kubernetes.io/hostname + Weight: 100 + Server Start State: RUNNING + Configuration: + Model: + Domain Type: WLS + Runtime Encryption Secret: sample-domain1-runtime-encryption-secret + Domain Home: /u01/domains/sample-domain1 + Domain Home Source Type: FromModel + Image: docker.io/sleepycat2/wls-on-aks:model-in-image + Image Pull Policy: IfNotPresent + Image Pull Secrets: + Name: regsecret + Include Server Out In Pod Log: true + Replicas: 1 + Restart Version: 1 + Server Pod: + Env: + Name: CUSTOM_DOMAIN_NAME + Value: domain1 + Name: JAVA_OPTIONS + Value: -Dweblogic.StdoutDebugEnabled=false + Name: USER_MEM_ARGS + Value: -Djava.security.egd=file:/dev/./urandom -Xms256m -Xmx512m + Resources: + Requests: + Cpu: 250m + Memory: 768Mi + Server Start Policy: IF_NEEDED + Web Logic Credentials Secret: + Name: sample-domain1-weblogic-credentials +Status: + Clusters: + Cluster Name: cluster-1 + Maximum Replicas: 5 + Minimum Replicas: 0 + Ready Replicas: 2 + Replicas: 2 + Replicas Goal: 2 + Conditions: + Last Transition Time: 2020-11-30T05:45:15.493Z + Reason: ServersReady + Status: True + Type: Available + Introspect Job Failure Count: 0 + Replicas: 2 + Servers: + Desired State: RUNNING + Health: + Activation Time: 2020-11-30T05:44:15.652Z + Overall Health: ok + Subsystems: + Subsystem Name: ServerRuntime + Symptoms: + Node Name: aks-pool1model-71528953-vmss000001 + Server Name: admin-server + State: RUNNING + Cluster Name: cluster-1 + Desired State: RUNNING + Health: + Activation Time: 2020-11-30T05:44:54.699Z + Overall Health: ok + Subsystems: + Subsystem Name: ServerRuntime + Symptoms: + Node Name: aks-pool1model-71528953-vmss000000 + Server Name: managed-server1 + State: RUNNING + Cluster Name: cluster-1 + Desired State: RUNNING + Health: + Activation Time: 2020-11-30T05:45:07.211Z + Overall Health: ok + Subsystems: + Subsystem Name: ServerRuntime + Symptoms: + Node Name: aks-pool1model-71528953-vmss000001 + Server Name: managed-server2 + State: RUNNING + Cluster Name: cluster-1 + Desired State: SHUTDOWN + Server Name: managed-server3 + Cluster Name: cluster-1 + Desired State: SHUTDOWN + Server Name: managed-server4 + Cluster Name: cluster-1 + Desired State: SHUTDOWN + Server Name: managed-server5 + Start Time: 2020-11-30T05:40:11.709Z +Events: +``` +{{% /expand %}} + +##### Access the application + +Access the Administration Console using the admin load balancer IP address, `http://52.191.234.149:7001/console` + +Access the sample application using the cluster load balancer IP address. + +```bash +## Access the sample application using the cluster load balancer IP (52.191.235.71) +$ curl http://52.191.235.71:8001/myapp_war/index.jsp + +
+*****************************************************************
+
+Hello World! This is version 'v1' of the mii-sample JSP web-app.
+
+Welcome to WebLogic Server 'managed-server1'!
+
+ domain UID  = 'sample-domain1'
+ domain name = 'domain1'
+
+Found 1 local cluster runtime:
+  Cluster 'cluster-1'
+
+Found 0 local data sources:
+
+*****************************************************************
+
+ +$ curl http://52.191.235.71:8001/myapp_war/index.jsp + +
+*****************************************************************
+
+Hello World! This is version 'v1' of the mii-sample JSP web-app.
+
+Welcome to WebLogic Server 'managed-server2'!
+
+ domain UID  = 'sample-domain1'
+ domain name = 'domain1'
+
+Found 1 local cluster runtime:
+  Cluster 'cluster-1'
+
+Found 0 local data sources:
+
+*****************************************************************
+
+``` + +#### Rolling updates + +Naturally, you will want to deploy newer versions of the EAR application, located in the WDT archive ZIP file at `wlsdeploy/applications/myapp-v1`. To learn how to do this, follow the steps in [Update 3]({{< relref "/samples/simple/domains/model-in-image/update3" >}}). + +#### Clean up resources + +Run the following commands to clean up resources. + +{{< readfile file="/samples/simple/azure-kubernetes-service/includes/clean-up-resources-body-02.txt" >}} + +#### Troubleshooting + + [Troubleshooting]({{< relref "/samples/simple/azure-kubernetes-service/troubleshooting.md" >}}) + +#### Useful links + +- [Model in Image]({{< relref "/userguide/managing-domains/model-in-image/_index.md" >}}) user documentation +- [Model in Image]({{< relref "/samples/simple/domains/model-in-image/_index.md" >}}) sample diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/troubleshooting.md b/docs-source/content/samples/simple/azure-kubernetes-service/troubleshooting.md new file mode 100644 index 00000000000..a6db23a0c8f --- /dev/null +++ b/docs-source/content/samples/simple/azure-kubernetes-service/troubleshooting.md @@ -0,0 +1,334 @@ +--- +title: "Troubleshooting" +date: 2020-11-24T18:22:31-05:00 +weight: 3 +description: "Troubleshooting." +--- + + +- [Access Administration Console](#fail-to-access-administration-console): possible causes for Administration Console inaccessibility. +- [Domain debugging](#domain-debugging) +- [Pod Error](#get-pod-error-details): how to get details of the pod error. +- [WebLogic Image Tool failure](#weblogic-image-tool-failure) +- [WebLogic Kubernetes Operator installation failure](#weblogic-kubernetes-operator-installation-failure) + - [System pods are pending](#the-aks-cluster-system-pods-are-pending) + - [WebLogic Kubernetes Operator ErrImagePull](#weblogic-kubernetes-operator-errimagepull) +- [WSL2 bad timestamp](#wsl2-bad-timestamp) +- [Cannot attach ACR due to not being Owner of subscription](#cannot-attach-acr-due-to-not-being-owner-of-subscription) +- [Virtual Machine size is not supported](#virtual-machine-size-is-not-supported) + +#### Get pod error details + +You may get the following message while creating the WebLogic domain: "the job status is not Completed!" + +```text +status on iteration 20 of 20 +pod domain1-create-weblogic-sample-domain-job-nj7wl status is Init:0/1 +The create domain job is not showing status completed after waiting 300 seconds. +Check the log output for errors. +Error from server (BadRequest): container "create-weblogic-sample-domain-job" in pod "domain1-create-weblogic-sample-domain-job-nj7wl" is waiting to start: PodInitializing +[ERROR] Exiting due to failure - the job status is not Completed! +``` + +You can get further error details by running `kubectl describe pod`, as shown here: + +```bash +$ kubectl describe pod +``` + +This is an output example: + +```bash +$ kubectl describe pod domain1-create-weblogic-sample-domain-job-nj7wl +Events: +Type Reason Age From Message +---- ------ ---- ---- ------- +Normal Scheduled 4m2s default-scheduler Successfully assigned default/domain1-create-weblogic-sample-domain-job-qqv6k to aks-nodepool1-58449474-vmss000001 +Warning FailedMount 119s kubelet, aks-nodepool1-58449474-vmss000001 Unable to mount volumes for pod "domain1-create-weblogic-sample-domain-job-qqv6k_default(15706980-73cb-11ea-b804-b2c91b494b00)": timeout expired waiting for volumes to attach or mount for pod "default"/"domain1-create-weblogic-sample-domain-job-qqv6k". list of unmounted volumes=[weblogic-sample-domain-storage-volume]. list of unattached volumes=[create-weblogic-sample-domain-job-cm-volume weblogic-sample-domain-storage-volume weblogic-credentials-volume default-token-zr7bq] +Warning FailedMount 114s (x9 over 4m2s) kubelet, aks-nodepool1-58449474-vmss000001 MountVolume.SetUp failed for volume "wls-azurefile" : Couldn't get secret default/azure-secrea +``` + +#### Fail to access Administration Console + +Here are some common reasons for this failure, along with some tips to help you investigate. + +* **Create WebLogic domain job fails** + +Check the deploy log and find the failure details with `kubectl describe pod podname`. +Please go to 1. Getting pod error details. + +* **Process of starting the servers is still running** + +Check with `kubectl get svc` and if domainUID-admin-server, domainUID-managed-server1 and domainUID-managed-server2 are not listed, +we need to wait some more for the Administration Server to start. + +The following output is an example of when the Administration Server has started. + +```bash +$ kubectl get svc +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +domain1-admin-server ClusterIP None 30012/TCP,7001/TCP 7m3s +domain1-admin-server-ext NodePort 10.0.78.211 7001:30701/TCP 7m3s +domain1-admin-server-external-lb LoadBalancer 10.0.6.144 40.71.233.81 7001:32758/TCP 7m32s +domain1-cluster-1-lb LoadBalancer 10.0.29.231 52.142.39.152 8001:31022/TCP 7m30s +domain1-cluster-cluster-1 ClusterIP 10.0.80.134 8001/TCP 1s +domain1-managed-server1 ClusterIP None 8001/TCP 1s +domain1-managed-server2 ClusterIP None 8001/TCP 1s +internal-weblogic-operator-svc ClusterIP 10.0.1.23 8082/TCP 9m59s +kubernetes ClusterIP 10.0.0.1 443/TCP 16m +``` + +If services are up but the WLS Administration Console is still not available, use `kubectl describe domain` to check domain status. + +```bash +$ kubectl describe domain domain1 +``` + +Make sure the status of `cluster-1` is `ServersReady` and `Available`. The status of `admin-server`, `managed-server1` and `managed-server2` should be `RUNNING`. Otherwise, the cluster is likely still in the process of becoming fully ready. + +{{%expand "Click here to view the example status." %}} +```yaml +Status: + Clusters: + Cluster Name: cluster-1 + Maximum Replicas: 5 + Minimum Replicas: 1 + Ready Replicas: 2 + Replicas: 2 + Replicas Goal: 2 + Conditions: + Last Transition Time: 2020-07-06T05:39:32.539Z + Reason: ServersReady + Status: True + Type: Available + Replicas: 2 + Servers: + Desired State: RUNNING + Node Name: aks-nodepool1-11471722-vmss000001 + Server Name: admin-server + State: RUNNING + Cluster Name: cluster-1 + Desired State: RUNNING + Node Name: aks-nodepool1-11471722-vmss000001 + Server Name: managed-server1 + State: RUNNING + Cluster Name: cluster-1 + Desired State: RUNNING + Node Name: aks-nodepool1-11471722-vmss000001 + Server Name: managed-server2 + State: RUNNING + Cluster Name: cluster-1 + Desired State: SHUTDOWN + Server Name: managed-server3 + Cluster Name: cluster-1 + Desired State: SHUTDOWN + Server Name: managed-server4 + Cluster Name: cluster-1 + Desired State: SHUTDOWN + Server Name: managed-server5 +``` +{{% /expand %}} + +#### Domain debugging + +Some suggestions for debugging problems with Model in Image after your Domain YAML file is deployed are found in the section on [debugging](/weblogic-kubernetes-operator/userguide/managing-domains/model-in-image/debugging/). + +#### WSL2 bad timestamp + +If you are running with WSL2, you may run into the [bad timestamp issue](https://github.com/microsoft/WSL/issues/4245), which blocks Azure CLI. You may see the following error: + +```shell +$ kubectl get pod +Unable to connect to the server: x509: certificate has expired or is not yet valid: current time 2020-11-25T15:58:10+08:00 is before 2020-11-27T04:25:04Z +``` + +You can run the following command to update WSL2 system time: + +``` +# Fix the outdated systime time +$ sudo hwclock -s + +# Check systime time +$ data +Fri Nov 27 13:07:14 CST 2020 +``` + +#### Timeout for the operator installation + +You may run into a timeout while installing the operator and get the following error: + +``` +$ helm install weblogic-operator kubernetes/charts/weblogic-operator \ + --namespace sample-weblogic-operator-ns \ + --set serviceAccount=sample-weblogic-operator-sa \ + --set "enableClusterRoleBinding=true" \ + --set "domainNamespaceSelectionStrategy=LabelSelector" \ + --set "domainNamespaceLabelSelector=weblogic-operator\=enabled" \ +--wait +Error: timed out waiting for the condition +``` + +Make sure you are working with the master branch. Remove the operator and install again. + +```bash +$ helm uninstall weblogic-operator -n sample-weblogic-operator-ns +release "weblogic-operator" uninstalled +``` + +Check out master and install the operator. + +```bash +$ cd weblogic-kubernetes-operator +$ git checkout master +$ helm install weblogic-operator kubernetes/charts/weblogic-operator \ + --namespace sample-weblogic-operator-ns \ + --set serviceAccount=sample-weblogic-operator-sa \ + --set "enableClusterRoleBinding=true" \ + --set "domainNamespaceSelectionStrategy=LabelSelector" \ + --set "domainNamespaceLabelSelector=weblogic-operator\=enabled" \ + --wait +``` + +#### WebLogic Image Tool failure + +You will get an error running `./imagetool/bin/imagetool.sh` if the Docker buildkit is enabled. + +Here is the warning message shown: + +```text +failed to solve with frontend dockerfile.v0: failed to create LLB definition: failed to parse stage name "WDT_BUILD": invalid reference format: repository name must be lowercase +``` + +To resolve the error, disable the Docker buildkit with the following commands and run the `imagetool` command again. + +```bash +$ export DOCKER_BUILDKIT=0 +$ export COMPOSE_DOCKER_CLI_BUILD=0 +``` + +#### WebLogic Kubernetes Operator installation failure + +Currently, we meet two cases that block the operator installation: + +* The system pods in the AKS cluster are pending. +* The operator image is unavailable. + +Follow the steps and dig into the error. + +##### The AKS cluster system pods are pending + +If system pods in the AKS cluster are pending, it will block the operator installation. + +This is an error example with warning message **no nodes available to schedule pods**. + +```bash +$ kubectl get pod -A +NAMESPACE NAME READY STATUS RESTARTS AGE +default weblogic-operator-c5c78b8b5-ssvqk 0/1 Pending 0 13m +kube-system coredns-79766dfd68-wcmkd 0/1 Pending 0 3h22m +kube-system coredns-autoscaler-66c578cddb-tc946 0/1 Pending 0 3h22m +kube-system dashboard-metrics-scraper-6f5fb5c4f-9f5mb 0/1 Pending 0 3h22m +kube-system kubernetes-dashboard-849d5c99ff-xzknj 0/1 Pending 0 3h22m +kube-system metrics-server-7f5b4f6d8c-bqzrn 0/1 Pending 0 3h22m +kube-system tunnelfront-765bf6df59-msj27 0/1 Pending 0 3h22m +sample-weblogic-operator-ns weblogic-operator-f86b879fd-v2xrz 0/1 Pending 0 35m + +$ kubectl describe pod weblogic-operator-f86b879fd-v2xrz -n sample-weblogic-operator-ns +... +Events: + Type Reason Age From Message + ---- ------ ---- ---- ------- + Warning FailedScheduling 71s (x25 over 36m) default-scheduler no nodes available to schedule pods +``` + +If you run into this error, remove the AKS cluster and create a new one. + +Run the `kubectl get pod -A` to make sure all the system pods are running. + +```bash +$ kubectl get pod -A +NAMESPACE NAME READY STATUS RESTARTS AGE +kube-system coredns-79766dfd68-ch5b9 1/1 Running 0 3h44m +kube-system coredns-79766dfd68-sxk4g 1/1 Running 0 3h43m +kube-system coredns-autoscaler-66c578cddb-s5qm5 1/1 Running 0 3h44m +kube-system dashboard-metrics-scraper-6f5fb5c4f-wtckh 1/1 Running 0 3h44m +kube-system kube-proxy-fwll6 1/1 Running 0 3h42m +kube-system kube-proxy-kq6wj 1/1 Running 0 3h43m +kube-system kube-proxy-t2vbb 1/1 Running 0 3h43m +kube-system kubernetes-dashboard-849d5c99ff-hrz2w 1/1 Running 0 3h44m +kube-system metrics-server-7f5b4f6d8c-snnbt 1/1 Running 0 3h44m +kube-system omsagent-8tf4j 1/1 Running 0 3h43m +kube-system omsagent-n9b7k 1/1 Running 0 3h42m +kube-system omsagent-rcmgr 1/1 Running 0 3h43m +kube-system omsagent-rs-787ff54d9d-w7tp5 1/1 Running 0 3h44m +kube-system tunnelfront-794845c84b-v9f98 1/1 Running 0 3h44m +``` + +##### WebLogic Kubernetes Operator ErrImagePull + +If you got an error of **ErrImagePull** from pod status, use `docker pull` to check the operator image. If an error occurs, you can switch to a version that is greater than `3.1.1`. + +```bash +$ docker pull ghcr.io/oracle/weblogic-kubernetes-operator: + +# Example: pull 3.1.1. +$ docker pull ghcr.io/oracle/weblogic-kubernetes-operator:3.1.1 +3.1.1: Pulling from oracle/weblogic-kubernetes-operator +980316e41237: Pull complete +c980371d97ea: Pull complete +db19c8ff0d12: Pull complete +550f44317ae5: Pull complete +be2e701f5ee0: Pull complete +1cb891615559: Pull complete +4f4fb700ef54: Pull complete +Digest: sha256:6b060ec1989fcb26e1acb0d0b906d81fce6b8ec2e0a30fa2b9d9099290eb6416 +Status: Downloaded newer image for ghcr.io/oracle/weblogic-kubernetes-operator:3.1.1 +ghcr.io/oracle/weblogic-kubernetes-operator:3.1.1 +``` + +#### Cannot attach ACR due to not being Owner of subscription + +If you're unable to create an ACR and you're using a Service Principal, you can use manual Role Assignments to grant access to the ACR as described in [Azure Container Registry authentication with service principals](https://docs.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal). + +First, find the `objectId` of the Service Principal used when the AKS cluster was created. You will need the output from `az ad sp create-for-rbac`, which you were directed to save to a file. Within the output, you need the value of the `name` property. It will start with `http`. Get the `objectId` with this command. + +```bash +$ az ad sp show --id http:// | grep objectId +"objectId": "nror4p30-qnoq-4129-o89r-p60n71805npp", +``` + +Next, assign the `acrpull` role to that Service Principal with this command. + +```bash +$ az role assignment create --assignee-object-id --scope $AKS_PERS_RESOURCE_GROUP --role acrpull +{ + "canDelegate": null, + "condition": null, +... + "type": "Microsoft.Authorization/roleAssignments" +} +``` + +After you do this, re-try the command that gave the error. + +#### Virtual Machine size is not supported + +If you run into the following error when creating the AKS cluster, please use an available VM size in the region. + +```bash +$ az aks create \ + --resource-group $AKS_PERS_RESOURCE_GROUP \ + --name $AKS_CLUSTER_NAME \ + --node-count 2 \ + --generate-ssh-keys \ + --nodepool-name nodepool1 \ + --node-vm-size Standard_DS2_v2 \ + --location $AKS_PERS_LOCATION \ + --service-principal $SP_APP_ID \ + --client-secret $SP_CLIENT_SECRET + +BadRequestError: Operation failed with status: 'Bad Request'. Details: Virtual Machine size: 'Standard_DS2_v2' is not supported for subscription subscription-id in location 'eastus'. The available VM sizes are 'basic_a0,basic_a1,basic_a2,basic_a3,basic_a4,standard_a2'. Please refer to aka.ms/aks-vm-sizes for the details. +ResourceNotFoundError: The Resource 'Microsoft.ContainerService/managedClusters/wlsaks1613726008' under resource group 'wlsresourcegroup1613726008' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix +``` + +As shown in the example, you can use `standard_a2`; pay attention to the CPU and memory of that size; make sure it meets your memory requirements. diff --git a/docs-source/content/samples/simple/tanzu-kubernetes-service/_index.md b/docs-source/content/samples/simple/tanzu-kubernetes-service/_index.md index a9ed4d6f265..8170312ab75 100644 --- a/docs-source/content/samples/simple/tanzu-kubernetes-service/_index.md +++ b/docs-source/content/samples/simple/tanzu-kubernetes-service/_index.md @@ -50,14 +50,6 @@ k8s-cluster-101-md-0-577b7dc766-p2gkz Ready 2d20h v1.18.6+vmwa You will need an Oracle Container Registry account. The following steps will direct you to accept the Oracle Standard Terms and Restrictions to pull the WebLogic Server images. Make note of your Oracle Account password and email. This sample pertains to 12.2.1.4, but other versions may work as well. -Obtain the WebLogic Server image from the [Oracle Container Registry](https://container-registry.oracle.com/). - - - First time users, [follow these directions](/weblogic-kubernetes-operator/userguide/managing-domains/domain-in-image/base-images/#obtaining-standard-images-from-the-oracle-container-registry). - - Find and then pull the WebLogic 12.2.1.4 install image: - ```bash - $ docker pull container-registry.oracle.com/middleware/weblogic:12.2.1.4 - ``` - #### Install WebLogic Server Kubernetes Operator The Oracle WebLogic Server Kubernetes Operator is an adapter to integrate WebLogic Server and Kubernetes, allowing Kubernetes to serve as a container infrastructure hosting WLS instances. diff --git a/docs-source/content/userguide/managing-domains/_index.md b/docs-source/content/userguide/managing-domains/_index.md index 9b12936247b..c42a4e0282d 100644 --- a/docs-source/content/userguide/managing-domains/_index.md +++ b/docs-source/content/userguide/managing-domains/_index.md @@ -127,12 +127,6 @@ Configuration overrides allow changing a configuration without modifying its ori parameterizing overrides so that you can inject values into them from Kubernetes Secrets. For example, you can inject database user names, passwords, and URLs that are stored in a secret. -For Domain in Image and Domain in PV you can use [configuration overrides]({{< relref "/userguide/managing-domains/configoverrides/_index.md" >}}). - -Configuration overrides allow changing a configuration without modifying its original `config.xml` or system resource XML files, and supports -parameterizing overrides so that you can inject values into them from Kubernetes Secrets. For example, you can inject database user names, passwords, -and URLs that are stored in a secret. - For Model in Image you use [Runtime Updates]({{}}). ### About the Domain resource diff --git a/docs-source/content/userguide/managing-domains/domain-resource.md b/docs-source/content/userguide/managing-domains/domain-resource.md index f2b5b3c4867..65e37f35bc4 100644 --- a/docs-source/content/userguide/managing-domains/domain-resource.md +++ b/docs-source/content/userguide/managing-domains/domain-resource.md @@ -93,7 +93,7 @@ $ kubectl get crd domains.weblogic.oracle #### Domain resource attribute references -The domain resource `metadata` section names the Domain and its namespace. The name of the Domain is the default value for the `domain UID` which is used by the operator to distinguish domains running in the Kubernetes cluster that may have the same domain name. The Domain name must be unique in the namespace and the domain UID should be unique across the cluster. The domain UID, Domain resource name, and domain name (from the WebLogic domain configuration) may all be different. +The domain resource `metadata` section names the Domain and its namespace. The name of the Domain is the default value for the `domainUID` which is used by the operator to distinguish domains running in the Kubernetes cluster that may have the same domain name. The Domain name must be unique in the namespace and the `domainUID` should be unique across the cluster. The `domainUID`, Domain resource name, and domain name (from the WebLogic domain configuration) may all be different. The domain resource `spec` section describes the intended running state of the domain, including intended runtime state of WebLogic Server instances, number of cluster members started, and details about Kubernetes Pod or Service generation, such as resource constraints, scheduling requirements, or volume mounts. diff --git a/docs-source/content/userguide/managing-domains/prepare.md b/docs-source/content/userguide/managing-domains/prepare.md index b853ab6ec43..7e975cc3f08 100644 --- a/docs-source/content/userguide/managing-domains/prepare.md +++ b/docs-source/content/userguide/managing-domains/prepare.md @@ -29,8 +29,7 @@ Perform these steps to prepare your Kubernetes cluster to run a WebLogic domain: ``` * Replace `domain-namespace-1` with the namespace that the domain will be in. - * Replace `domain1-weblogic-credentials` with the name of the secret. The operator expects the secret name to be - the `domainUID` followed by the literal string `-weblogic-credentials`, and many of the samples assume this name. + * Replace `domain1-weblogic-credentials` with the name of the secret. It is a recommended best practice to name the secret using the domain's `domainUID` followed by the literal string `-weblogic-credentials` where `domainUID` is a unique identifier for the domain. Many of the samples follow this practice and use a `domainUID` of `domain1` or `sample-domain1`. * Replace the string `username` in the third line with the user name for the administrative user. * Replace the string `password` in the fourth line with the password. diff --git a/docs-source/content/userguide/overview/k8s-setup.md b/docs-source/content/userguide/overview/k8s-setup.md index 30f1eb688a7..2005b99f917 100644 --- a/docs-source/content/userguide/overview/k8s-setup.md +++ b/docs-source/content/userguide/overview/k8s-setup.md @@ -6,7 +6,7 @@ weight: 2 --- #### Cheat sheet for setting up Kubernetes -If you need some help setting up a Kubernetes environment to experiment with the operator, please read on! The supported environments are either an on-premises installation of Kubernetes, for example, on bare metal, or on a cloud provider like Oracle Cloud, Google, or Amazon. Cloud providers allow you to provision a managed Kubernetes environment from their management consoles. You could also set up Kubernetes manually using compute resources on a cloud. There are also a number of ways to run a Kubernetes single-node cluster that are suitable for development or testing purposes. Your options include: +If you need some help setting up a Kubernetes environment to experiment with the operator, please read on! The supported environments are either an on-premises installation of Kubernetes, for example, on bare metal, or on a cloud provider like Oracle Cloud, [Microsoft Azure](/weblogic-kubernetes-operator/samples/simple/azure-kubernetes-service/), Google, or Amazon. Cloud providers allow you to provision a managed Kubernetes environment from their management consoles. You could also set up Kubernetes manually using compute resources on a cloud. There are also a number of ways to run a Kubernetes single-node cluster that are suitable for development or testing purposes. Your options include: "Production" options: @@ -16,7 +16,7 @@ If you need some help setting up a Kubernetes environment to experiment with the "Development/test" options: -* Install [Docker for Mac](https://docs.docker.com/docker-for-mac/#kubernetes) and enable its embedded Kubernetes cluster (or register for the [Docker for Windows](https://beta.docker.com/form) beta and wait until Kubernetes is available there). +* Install [Docker for Mac](https://docs.docker.com/docker-for-mac/#kubernetes) or [Docker for Windows](https://docs.docker.com/docker-for-windows/kubernetes/) and enable its embedded Kubernetes cluster. * We *do not* recommend or support other development/test options like Minikube, Minishift, kind, and so on. We have provided our hints and tips for several of these options in the sections below. diff --git a/docs-source/layouts/shortcodes/readfile.html b/docs-source/layouts/shortcodes/readfile.html new file mode 100644 index 00000000000..dd9f1485399 --- /dev/null +++ b/docs-source/layouts/shortcodes/readfile.html @@ -0,0 +1,2 @@ +{{ $toRead := .Get "file" }} +{{ readFile $toRead | markdownify }} diff --git a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/azure-file-pv-template.yaml b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/azure-file-pv-template.yaml index 3ce4516c3bf..164b49712a0 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/azure-file-pv-template.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/azure-file-pv-template.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates. +# Copyright (c) 2018, 2021, Oracle Corporation and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. apiVersion: v1 diff --git a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/azure-file-pvc-template.yaml b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/azure-file-pvc-template.yaml index 21fc7f5d66c..f35e443567c 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/azure-file-pvc-template.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/azure-file-pvc-template.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates. +# Copyright (c) 2018, 2021, Oracle Corporation and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. apiVersion: v1 diff --git a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks-inputs.yaml b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks-inputs.yaml index 5c1dded93df..fbb8d8bd1f9 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks-inputs.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/create-domain-on-aks-inputs.yaml @@ -78,7 +78,7 @@ weblogicAccountPassword: welcome1 # WebLogic Server image. # Parameter "image" will be overwritten with this field in kubernetes/samples/scripts/create-weblogic-domain/domain-home-on-pv/create-domain-inputs.yaml -weblogicDockerImage: container-registry.oracle.com/middleware/weblogic:12.2.1.3 +weblogicDockerImage: container-registry.oracle.com/middleware/weblogic:12.2.1.4 # Name of weblogic user. weblogicUserName: weblogic diff --git a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/loadbalancer-template.yaml b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/loadbalancer-template.yaml index 4d4445635da..013c47617e1 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/loadbalancer-template.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/loadbalancer-template.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates. +# Copyright (c) 2018, 2021, Oracle Corporation and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. apiVersion: v1 @@ -16,4 +16,4 @@ spec: weblogic.domainUID: %DOMAIN_UID% weblogic.%SELECTOR_SERVER_TYPE%: %SERVER_NAME% sessionAffinity: None - type: LoadBalancer \ No newline at end of file + type: LoadBalancer diff --git a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/admin-lb.yaml b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/admin-lb.yaml new file mode 100644 index 00000000000..699cf424dcf --- /dev/null +++ b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/admin-lb.yaml @@ -0,0 +1,19 @@ +# Copyright (c) 2021, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +apiVersion: v1 +kind: Service +metadata: + name: sample-domain1-admin-server-external-lb + namespace: sample-domain1-ns +spec: + ports: + - name: default + port: 7001 + protocol: TCP + targetPort: 7001 + selector: + weblogic.domainUID: sample-domain1 + weblogic.serverName: admin-server + sessionAffinity: None + type: LoadBalancer diff --git a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/cluster-lb.yaml b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/cluster-lb.yaml new file mode 100644 index 00000000000..e72de75299d --- /dev/null +++ b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/cluster-lb.yaml @@ -0,0 +1,19 @@ +# Copyright (c) 2021, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +apiVersion: v1 +kind: Service +metadata: + name: sample-domain1-cluster-1-lb + namespace: sample-domain1-ns +spec: + ports: + - name: default + port: 8001 + protocol: TCP + targetPort: 8001 + selector: + weblogic.domainUID: sample-domain1 + weblogic.clusterName: cluster-1 + sessionAffinity: None + type: LoadBalancer diff --git a/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/helm-sa-cluster-admin-role.yaml b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/helm-sa-cluster-admin-role.yaml new file mode 100644 index 00000000000..c1252fedb11 --- /dev/null +++ b/kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/helm-sa-cluster-admin-role.yaml @@ -0,0 +1,15 @@ +# Copyright (c) 2021, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: helm-user-cluster-admin-role +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: default + namespace: kube-system \ No newline at end of file diff --git a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-initial-d1-JRF-v1.yaml b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-initial-d1-JRF-v1.yaml index 15b973b996c..dd6c2f45bcd 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-initial-d1-JRF-v1.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-initial-d1-JRF-v1.yaml @@ -115,6 +115,7 @@ spec: values: - $(CLUSTER_NAME) topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster replicas: 2 # Change the restartVersion to force the introspector job to rerun diff --git a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-initial-d1-WLS-v1.yaml b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-initial-d1-WLS-v1.yaml index fa25b69b34d..f7969bda5b8 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-initial-d1-WLS-v1.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-initial-d1-WLS-v1.yaml @@ -110,6 +110,7 @@ spec: values: - $(CLUSTER_NAME) topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster replicas: 2 # Change the restartVersion to force the introspector job to rerun diff --git a/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-JRF b/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-JRF index 0226606dbc5..bc313159dce 100644 --- a/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-JRF +++ b/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-JRF @@ -115,6 +115,7 @@ spec: values: - $(CLUSTER_NAME) topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster replicas: 2 # Change the restartVersion to force the introspector job to rerun diff --git a/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-WLS b/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-WLS index eaf73517c4e..f37c4c6f000 100644 --- a/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-WLS +++ b/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-WLS @@ -110,6 +110,7 @@ spec: values: - $(CLUSTER_NAME) topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster replicas: 2 # Change the restartVersion to force the introspector job to rerun From 8ce58d3ca2b2301141d5f23241fb516863156872 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 24 Feb 2021 12:07:25 -0500 Subject: [PATCH 2/5] On branch wls-on-aks-model-in-image-from-master modified: docs-source/content/samples/simple/azure-kubernetes-service/troubleshooting.md - Address @ddsharpe's comment: @rjeberhard Image Tool 1.9.8 (latest release) no longer has this issue. The user can use Docker with or without buildkit enabled. modified: docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md - Address @rjeberhard's comments - This is obsoleted. Helm needed it's own service account only for Helm 2.x. With Helm 3.x the service account of the customer running the helm install is used. - My preference, though, would be to go further and find a way to do periodic integration testing so that we can just tell customers to use the latest version of the operator. We've had very few upgrade bugs (although, we did just fix one) and we are making it a priority to keep upgrading simple. Therefore, I believe that it will be safe to tell customers to use the latest as long as we do periodic tests (e.g. once per quarter). - @edburns: Yes, let's just go with master. --- .../azure-kubernetes-service/model-in-image.md | 16 +++++----------- .../azure-kubernetes-service/troubleshooting.md | 4 ++-- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md b/docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md index ae11d1f1757..53851dc0c74 100644 --- a/docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md +++ b/docs-source/content/samples/simple/azure-kubernetes-service/model-in-image.md @@ -27,13 +27,11 @@ This sample demonstrates how to use the [Oracle WebLogic Server Kubernetes Opera ##### Clone WebLogic Server Kubernetes Operator repository -Clone the [Oracle WebLogic Server Kubernetes Operator repository](https://github.com/oracle/weblogic-kubernetes-operator) to your machine. We will use several scripts in this repository to create a WebLogic domain. This sample was tested with v3.1.1. +Clone the [Oracle WebLogic Server Kubernetes Operator repository](https://github.com/oracle/weblogic-kubernetes-operator) to your machine. We will use several scripts in this repository to create a WebLogic domain. This sample was tested with v3.1.1, but should work with the latest release. ```bash $ git clone https://github.com/oracle/weblogic-kubernetes-operator.git cd weblogic-kubernetes-operator -#TODO: we have to fix the branch after the source code are merged -#git checkout v3.1.1 ``` {{< readfile file="/samples/simple/azure-kubernetes-service/includes/create-aks-cluster-body-02.txt" >}} @@ -45,14 +43,6 @@ cd weblogic-kubernetes-operator The Oracle WebLogic Server Kubernetes Operator is an adapter to integrate WebLogic Server and Kubernetes, allowing Kubernetes to serve as a container infrastructure hosting WLS instances. The operator runs as a Kubernetes Pod and stands ready to perform actions related to running WLS on Kubernetes. -You must have the `cluster-admin` role to install the operator. The operator does not need the `cluster-admin` role at runtime. Grant the Helm service account the `cluster-admin role` using this configuration file `kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image/helm-sa-cluster-admin-role.yaml`. - -```bash -# cd kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/model-in-image -$ kubectl apply -f helm-sa-cluster-admin-role.yaml -clusterrolebinding.rbac.authorization.k8s.io/helm-user-cluster-admin-role created -``` - Create a namespace and service account for the operator. ```bash @@ -95,6 +85,10 @@ REVISION: 1 TEST SUITE: None ``` +{{% notice tip %}} If you wish to use a more recent version of the operator, replace the `3.1.1` in the preceding command with the other version number. To see the list of version numbers, visit the [GitHub releases page](https://github.com/oracle/weblogic-kubernetes-operator/releases). +{{% /notice %}} + + Verify the operator with the following commands; the status will be `Running`. ```bash diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/troubleshooting.md b/docs-source/content/samples/simple/azure-kubernetes-service/troubleshooting.md index a6db23a0c8f..40a70032017 100644 --- a/docs-source/content/samples/simple/azure-kubernetes-service/troubleshooting.md +++ b/docs-source/content/samples/simple/azure-kubernetes-service/troubleshooting.md @@ -191,7 +191,7 @@ $ helm install weblogic-operator kubernetes/charts/weblogic-operator \ #### WebLogic Image Tool failure -You will get an error running `./imagetool/bin/imagetool.sh` if the Docker buildkit is enabled. +If your version of WIT is older than 1.9.8, you will get an error running `./imagetool/bin/imagetool.sh` if the Docker buildkit is enabled. Here is the warning message shown: @@ -199,7 +199,7 @@ Here is the warning message shown: failed to solve with frontend dockerfile.v0: failed to create LLB definition: failed to parse stage name "WDT_BUILD": invalid reference format: repository name must be lowercase ``` -To resolve the error, disable the Docker buildkit with the following commands and run the `imagetool` command again. +To resolve the error, either upgrade to a newer version of WIT or disable the Docker buildkit with the following commands and run the `imagetool` command again. ```bash $ export DOCKER_BUILDKIT=0 From 2f273ac6fcaa002664b49eb2e2d073885e519d25 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 24 Feb 2021 12:15:48 -0500 Subject: [PATCH 3/5] On branch wls-on-aks-model-in-image-from-master Address comment from @tbarnes-us modified: kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update1-d1-JRF-v1-ds.yaml modified: kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update2-d2-JRF-v1-ds.yaml modified: kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update3-d1-JRF-v2-ds.yaml modified: kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update1-d1-WLS-v1-ds.yaml modified: kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update2-d2-WLS-v1-ds.yaml modified: kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update3-d1-WLS-v2-ds.yaml modified: src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-JRF modified: src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-WLS Address comment from @tbarnes-us: - Note that 8 files will change in total, and all of them must be checked-in so that the integration test will pass... --- .../domain-resources/JRF/mii-update1-d1-JRF-v1-ds.yaml | 1 + .../domain-resources/JRF/mii-update2-d2-JRF-v1-ds.yaml | 1 + .../domain-resources/JRF/mii-update3-d1-JRF-v2-ds.yaml | 1 + .../domain-resources/WLS/mii-update1-d1-WLS-v1-ds.yaml | 1 + .../domain-resources/WLS/mii-update2-d2-WLS-v1-ds.yaml | 1 + .../domain-resources/WLS/mii-update3-d1-WLS-v2-ds.yaml | 1 + .../mii-sample-wrapper/mii-domain.yaml.template-JRF | 2 +- .../mii-sample-wrapper/mii-domain.yaml.template-WLS | 2 +- 8 files changed, 8 insertions(+), 2 deletions(-) diff --git a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update1-d1-JRF-v1-ds.yaml b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update1-d1-JRF-v1-ds.yaml index 363064811c5..0b6719e5636 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update1-d1-JRF-v1-ds.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update1-d1-JRF-v1-ds.yaml @@ -115,6 +115,7 @@ spec: values: - $(CLUSTER_NAME) topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster replicas: 2 # Change the restartVersion to force the introspector job to rerun diff --git a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update2-d2-JRF-v1-ds.yaml b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update2-d2-JRF-v1-ds.yaml index f58e0f18132..9f04d581a95 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update2-d2-JRF-v1-ds.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update2-d2-JRF-v1-ds.yaml @@ -115,6 +115,7 @@ spec: values: - $(CLUSTER_NAME) topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster replicas: 2 # Change the restartVersion to force the introspector job to rerun diff --git a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update3-d1-JRF-v2-ds.yaml b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update3-d1-JRF-v2-ds.yaml index 88314cd5b7b..71527ec3905 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update3-d1-JRF-v2-ds.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/JRF/mii-update3-d1-JRF-v2-ds.yaml @@ -115,6 +115,7 @@ spec: values: - $(CLUSTER_NAME) topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster replicas: 2 # Change the restartVersion to force the introspector job to rerun diff --git a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update1-d1-WLS-v1-ds.yaml b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update1-d1-WLS-v1-ds.yaml index 510de15e95f..be51bc1255b 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update1-d1-WLS-v1-ds.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update1-d1-WLS-v1-ds.yaml @@ -110,6 +110,7 @@ spec: values: - $(CLUSTER_NAME) topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster replicas: 2 # Change the restartVersion to force the introspector job to rerun diff --git a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update2-d2-WLS-v1-ds.yaml b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update2-d2-WLS-v1-ds.yaml index 9c53672be4d..881012b02d1 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update2-d2-WLS-v1-ds.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update2-d2-WLS-v1-ds.yaml @@ -110,6 +110,7 @@ spec: values: - $(CLUSTER_NAME) topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster replicas: 2 # Change the restartVersion to force the introspector job to rerun diff --git a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update3-d1-WLS-v2-ds.yaml b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update3-d1-WLS-v2-ds.yaml index 8a67871f8eb..e7e1a69d3ce 100644 --- a/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update3-d1-WLS-v2-ds.yaml +++ b/kubernetes/samples/scripts/create-weblogic-domain/model-in-image/domain-resources/WLS/mii-update3-d1-WLS-v2-ds.yaml @@ -110,6 +110,7 @@ spec: values: - $(CLUSTER_NAME) topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster replicas: 2 # Change the restartVersion to force the introspector job to rerun diff --git a/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-JRF b/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-JRF index bc313159dce..ff8ce81a150 100644 --- a/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-JRF +++ b/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-JRF @@ -19,7 +19,7 @@ spec: # the image for 'Model in Image' domains. domainHome: /u01/domains/@@DOMAIN_UID@@ - # The WebLogic Server Docker image that the Operator uses to start the domain + # The WebLogic Server image that the Operator uses to start the domain image: "@@MODEL_IMAGE_NAME@@:@@MODEL_IMAGE_TAG@@" # Defaults to "Always" if image tag (version) is ':latest' diff --git a/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-WLS b/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-WLS index f37c4c6f000..3b2c537c683 100644 --- a/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-WLS +++ b/src/integration-tests/model-in-image/mii-sample-wrapper/mii-domain.yaml.template-WLS @@ -19,7 +19,7 @@ spec: # the image for 'Model in Image' domains. domainHome: /u01/domains/@@DOMAIN_UID@@ - # The WebLogic Server Docker image that the Operator uses to start the domain + # The WebLogic Server image that the Operator uses to start the domain image: "@@MODEL_IMAGE_NAME@@:@@MODEL_IMAGE_TAG@@" # Defaults to "Always" if image tag (version) is ':latest' From 4a9ea2c18f0bdde5f60624d78e95d2b8775f0819 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 24 Feb 2021 12:22:05 -0500 Subject: [PATCH 4/5] On branch wls-on-aks-model-in-image-from-master Address comment from @tbarnes-us modified: docs-source/content/samples/simple/azure-kubernetes-service/_index.md - Please append "/_index.md" to the reference. --- .../content/samples/simple/azure-kubernetes-service/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/_index.md b/docs-source/content/samples/simple/azure-kubernetes-service/_index.md index 284bd0b0d34..2083aee4392 100644 --- a/docs-source/content/samples/simple/azure-kubernetes-service/_index.md +++ b/docs-source/content/samples/simple/azure-kubernetes-service/_index.md @@ -18,7 +18,7 @@ description: "Sample for using the operator to set up a WLS cluster on the Azure ### Introduction -This sample demonstrates how to use the [Oracle WebLogic Server Kubernetes Operator]({{< relref "/" >}}) (hereafter "the operator") to set up a WebLogic Server (WLS) cluster on the Azure Kubernetes Service (AKS). After going through the steps, your WLS domain runs on an AKS cluster. You have several options for managing the cluster, depending on which [domain home source type]({{< relref "/userguide/managing-domains/choosing-a-model/" >}}) you choose. With Domain in PV, you can manage your WLS domain by accessing the WebLogic Server Administration Console or WLST. With Model in Image you use the operator to perform WLS administrative operations. +This sample demonstrates how to use the [Oracle WebLogic Server Kubernetes Operator]({{< relref "/_index.md" >}}) (hereafter "the operator") to set up a WebLogic Server (WLS) cluster on the Azure Kubernetes Service (AKS). After going through the steps, your WLS domain runs on an AKS cluster. You have several options for managing the cluster, depending on which [domain home source type]({{< relref "/userguide/managing-domains/choosing-a-model/_index.md" >}}) you choose. With Domain in PV, you can manage your WLS domain by accessing the WebLogic Server Administration Console or WLST. With Model in Image you use the operator to perform WLS administrative operations. #### Azure Kubernetes Service cluster From 62f8d5cd30b6b7e190c2559aadc811fd3954eee1 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 24 Feb 2021 15:53:25 -0500 Subject: [PATCH 5/5] Append _index.md to relref --- .../content/samples/simple/azure-kubernetes-service/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs-source/content/samples/simple/azure-kubernetes-service/_index.md b/docs-source/content/samples/simple/azure-kubernetes-service/_index.md index 2083aee4392..9ae8b66fa62 100644 --- a/docs-source/content/samples/simple/azure-kubernetes-service/_index.md +++ b/docs-source/content/samples/simple/azure-kubernetes-service/_index.md @@ -28,7 +28,7 @@ To learn more, please see the [What is Azure Kubernetes Service?](https://docs.m #### Domain home source types -This sample demonstrates running the WebLogic cluster on AKS using two domain home types. The instructions for each are self contained and independent. This section lists the domain home source types recommended for use with AKS, along with some benefits of each. For complete details on domain home source types, see [Choose a domain home source type]({{< relref "/userguide/managing-domains/choosing-a-model/" >}}). +This sample demonstrates running the WebLogic cluster on AKS using two domain home types. The instructions for each are self contained and independent. This section lists the domain home source types recommended for use with AKS, along with some benefits of each. For complete details on domain home source types, see [Choose a domain home source type]({{< relref "/userguide/managing-domains/choosing-a-model/_index.md" >}}). - [Model in Image]({{< relref "/samples/simple/azure-kubernetes-service/model-in-image.md" >}}): running the WebLogic cluster on AKS with domain home in image offers the following benefits.