diff --git a/OracleSOASuite/kubernetes/README.md b/OracleSOASuite/kubernetes/README.md index 855f6ce62..efcbaca9d 100755 --- a/OracleSOASuite/kubernetes/README.md +++ b/OracleSOASuite/kubernetes/README.md @@ -7,7 +7,7 @@ The WebLogic Kubernetes operator (the “operator”) supports deployment of Ora * `soaosb`: Deploys a domain with SOA, Oracle Enterprise Scheduler (ESS), and Oracle Service Bus *** -The current supported production release is [22.1.2](https://github.com/oracle/fmw-kubernetes/releases). +The current supported production release is [22.2.2](https://github.com/oracle/fmw-kubernetes/releases). *** In this release, Oracle SOA Suite domains are supported using the “domain on a persistent volume” diff --git a/OracleSOASuite/kubernetes/charts/ingress-per-domain/README.md b/OracleSOASuite/kubernetes/charts/ingress-per-domain/README.md index e01a53684..7d05dca0a 100755 --- a/OracleSOASuite/kubernetes/charts/ingress-per-domain/README.md +++ b/OracleSOASuite/kubernetes/charts/ingress-per-domain/README.md @@ -48,7 +48,7 @@ The Ingress resource will be created in the same namespace as the SOA domain clu Command to Generate Secret: ``` $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/tls1.key -out /tmp/tls1.crt -subj "/CN=*" -$ kubectl -n soans create secret tls domain1-tls-cert --key /tmp/tls1.key --cert /tmp/tls1.crt +$ kubectl -n soans create secret tls soainfra-tls-cert --key /tmp/tls1.key --cert /tmp/tls1.crt ``` diff --git a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-e2essl.yaml b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-e2essl.yaml new file mode 100755 index 000000000..a4889ee41 --- /dev/null +++ b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-e2essl.yaml @@ -0,0 +1,110 @@ +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# +{{- if eq .Values.type "NGINX" }} +{{- if (eq .Values.sslType "E2ESSL")}} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower }}-nginx-ssl + namespace: {{ .Release.Namespace }} +spec: + ports: + - port: {{ .Values.wlsDomain.adminServerSSLPort }} + protocol: TCP + targetPort: {{ .Values.wlsDomain.adminServerSSLPort }} + selector: + weblogic.domainUID: {{ .Values.wlsDomain.domainUID }} + weblogic.serverName: {{ .Values.wlsDomain.adminServerName }} + type: ClusterIP + +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.wlsDomain.domainUID }}-nginx-e2essl-admin + namespace: {{ .Release.Namespace }} + annotations: + kubernetes.io/ingress.class: 'nginx' + nginx.ingress.kubernetes.io/affinity: 'cookie' + nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' + nginx.ingress.kubernetes.io/ssl-passthrough: 'true' +spec: + tls: + - hosts: + - '{{ .Values.hostName.admin }}' + secretName: {{ .Values.wlsDomain.domainUID }}-tls-cert + rules: + - host: '{{ .Values.hostName.admin }}' + http: + paths: + - path: + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerSSLPort }} +{{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.wlsDomain.domainUID }}-nginx-e2essl-soa + namespace: {{ .Release.Namespace }} + annotations: + kubernetes.io/ingress.class: 'nginx' + nginx.ingress.kubernetes.io/affinity: 'cookie' + nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' + nginx.ingress.kubernetes.io/ssl-passthrough: 'true' +spec: + tls: + - hosts: + - '{{ .Values.hostName.soa }}' + secretName: {{ .Values.wlsDomain.domainUID }}-tls-cert + rules: + - host: '{{ .Values.hostName.soa }}' + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerSSLPort }} +{{- end }} +{{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.wlsDomain.domainUID }}-nginx-e2essl-osb + namespace: {{ .Release.Namespace }} + annotations: + kubernetes.io/ingress.class: 'nginx' + nginx.ingress.kubernetes.io/affinity: 'cookie' + nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' + nginx.ingress.kubernetes.io/ssl-passthrough: 'true' +spec: + tls: + - hosts: + - '{{ .Values.hostName.osb }}' + secretName: {{ .Values.wlsDomain.domainUID }}-tls-cert + rules: + - host: '{{ .Values.hostName.osb }}' + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.osbClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.osbManagedServerSSLPort }} +{{- end }} + +{{- end }} +{{- end }} + diff --git a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-nonssl.yaml b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-nonssl.yaml new file mode 100755 index 000000000..d90d8f144 --- /dev/null +++ b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-nonssl.yaml @@ -0,0 +1,154 @@ +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# +{{- if eq .Values.type "NGINX" }} +{{- if (eq .Values.sslType "NONSSL") }} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.wlsDomain.domainUID }}-nginx + namespace: {{ .Release.Namespace }} + annotations: + kubernetes.io/ingress.class: 'nginx' + nginx.ingress.kubernetes.io/affinity: 'cookie' + nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' + nginx.ingress.kubernetes.io/affinity-mode: 'persistent' +spec: + rules: + - host: '{{ .Values.nginx.hostname }}' + http: + paths: + - path: /console + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + - path: /em + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + - path: /weblogic/ready + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + {{- if or (eq .Values.domainType "soa") }} + - path: / + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "osb") }} + - path: / + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.osbClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.osbManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /soa-infra + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /soa/composer + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /integration/worklistapp + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} + - path: /servicebus + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} + - path: /lwpfconsole + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} + - path: /xbusrouting + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} + - path: /xbustransform + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /ess + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /EssHealthCheck + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /b2bconsole + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + +{{- end }} +{{- end }} + diff --git a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-k8s1.19.yaml b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-ssl.yaml similarity index 59% rename from OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-k8s1.19.yaml rename to OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-ssl.yaml index 22c8323c8..2a116abc8 100755 --- a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-k8s1.19.yaml +++ b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress-ssl.yaml @@ -1,9 +1,8 @@ -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} {{- if eq .Values.type "NGINX" }} -{{- if or (eq .Values.sslType "NONSSL") (eq .Values.sslType "SSL") }} +{{- if (eq .Values.sslType "SSL") }} --- apiVersion: networking.k8s.io/v1 kind: Ingress @@ -15,10 +14,10 @@ metadata: nginx.ingress.kubernetes.io/affinity: 'cookie' nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' nginx.ingress.kubernetes.io/affinity-mode: 'persistent' -{{- if eq .Values.sslType "SSL" }} +{{- if eq .Values.sslType "SSL" }} nginx.ingress.kubernetes.io/configuration-snippet: | - more_clear_input_headers "WL-Proxy-Client-IP" "WL-Proxy-SSL"; more_set_input_headers "X-Forwarded-Proto: https"; + more_clear_input_headers "WL-Proxy-Client-IP" "WL-Proxy-SSL"; more_set_input_headers "WL-Proxy-SSL: true"; nginx.ingress.kubernetes.io/ingress.allow-http: 'false' {{- end }} @@ -66,7 +65,7 @@ spec: port: number: {{ .Values.wlsDomain.osbManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /soa-infra pathType: ImplementationSpecific backend: @@ -75,7 +74,7 @@ spec: port: number: {{ .Values.wlsDomain.soaManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /soa/composer pathType: ImplementationSpecific backend: @@ -84,7 +83,7 @@ spec: port: number: {{ .Values.wlsDomain.soaManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /integration/worklistapp pathType: ImplementationSpecific backend: @@ -93,7 +92,7 @@ spec: port: number: {{ .Values.wlsDomain.soaManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} - path: /servicebus pathType: ImplementationSpecific backend: @@ -102,7 +101,7 @@ spec: port: number: {{ .Values.wlsDomain.adminServerPort }} {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} - path: /lwpfconsole pathType: ImplementationSpecific backend: @@ -111,7 +110,7 @@ spec: port: number: {{ .Values.wlsDomain.adminServerPort }} {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} - path: /xbusrouting pathType: ImplementationSpecific backend: @@ -120,7 +119,7 @@ spec: port: number: {{ .Values.wlsDomain.adminServerPort }} {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} - path: /xbustransform pathType: ImplementationSpecific backend: @@ -129,7 +128,7 @@ spec: port: number: {{ .Values.wlsDomain.adminServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /ess pathType: ImplementationSpecific backend: @@ -138,7 +137,7 @@ spec: port: number: {{ .Values.wlsDomain.soaManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /EssHealthCheck pathType: ImplementationSpecific backend: @@ -147,7 +146,7 @@ spec: port: number: {{ .Values.wlsDomain.soaManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /b2bconsole pathType: ImplementationSpecific backend: @@ -160,112 +159,10 @@ spec: tls: - hosts: - '{{ .Values.nginx.hostname }}' - secretName: domain1-tls-cert + secretName: {{ .Values.wlsDomain.domainUID }}-tls-cert {{- end }} -{{- else }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower }}-nginx-ssl - namespace: {{ .Release.Namespace }} -spec: - ports: - - port: {{ .Values.wlsDomain.adminServerSSLPort }} - protocol: TCP - targetPort: {{ .Values.wlsDomain.adminServerSSLPort }} - selector: - weblogic.domainUID: {{ .Values.wlsDomain.domainUID }} - weblogic.serverName: {{ .Values.wlsDomain.adminServerName }} - type: ClusterIP ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ .Values.wlsDomain.domainUID }}-nginx-e2essl-admin - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/ingress.class: 'nginx' - nginx.ingress.kubernetes.io/affinity: 'cookie' - nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' - nginx.ingress.kubernetes.io/ssl-passthrough: 'true' -spec: - tls: - - hosts: - - '{{ .Values.hostName.admin }}' - secretName: domain1-tls-cert - rules: - - host: '{{ .Values.hostName.admin }}' - http: - paths: - - path: - pathType: ImplementationSpecific - backend: - service: - name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}-nginx-ssl' - port: - number: {{ .Values.wlsDomain.adminServerSSLPort }} -{{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ .Values.wlsDomain.domainUID }}-nginx-e2essl-soa - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/ingress.class: 'nginx' - nginx.ingress.kubernetes.io/affinity: 'cookie' - nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' - nginx.ingress.kubernetes.io/ssl-passthrough: 'true' -spec: - tls: - - hosts: - - '{{ .Values.hostName.soa }}' - secretName: domain1-tls-cert - rules: - - host: '{{ .Values.hostName.soa }}' - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - port: - number: {{ .Values.wlsDomain.soaManagedServerSSLPort }} -{{- end }} -{{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ .Values.wlsDomain.domainUID }}-nginx-e2essl-osb - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/ingress.class: 'nginx' - nginx.ingress.kubernetes.io/affinity: 'cookie' - nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' - nginx.ingress.kubernetes.io/ssl-passthrough: 'true' -spec: - tls: - - hosts: - - '{{ .Values.hostName.osb }}' - secretName: domain1-tls-cert - rules: - - host: '{{ .Values.hostName.osb }}' - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.osbClusterName | lower | replace "_" "-" }}' - port: - number: {{ .Values.wlsDomain.osbManagedServerSSLPort }} -{{- end }} - -{{- end }} {{- end }} {{- end }} + diff --git a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress.yaml b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress.yaml deleted file mode 100755 index bb74202c2..000000000 --- a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/nginx-ingress.yaml +++ /dev/null @@ -1,217 +0,0 @@ -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -# -{{- if semverCompare "<1.19-0" .Capabilities.KubeVersion.GitVersion -}} -{{- if eq .Values.type "NGINX" }} -{{- if or (eq .Values.sslType "NONSSL") (eq .Values.sslType "SSL") }} ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ .Values.wlsDomain.domainUID }}-nginx - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/ingress.class: 'nginx' - nginx.ingress.kubernetes.io/affinity: 'cookie' - nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' - nginx.ingress.kubernetes.io/affinity-mode: 'persistent' -{{- if eq .Values.sslType "SSL" }} - nginx.ingress.kubernetes.io/configuration-snippet: | - more_clear_input_headers "WL-Proxy-Client-IP" "WL-Proxy-SSL"; - more_set_input_headers "X-Forwarded-Proto: https"; - more_set_input_headers "WL-Proxy-SSL: true"; - nginx.ingress.kubernetes.io/ingress.allow-http: 'false' -{{- end }} -spec: - rules: - - host: '{{ .Values.nginx.hostname }}' - http: - paths: - - path: /console - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - - path: /em - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - - path: /weblogic/ready - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - {{- if or (eq .Values.domainType "soa") }} - - path: / - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "osb") }} - - path: / - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.osbClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.osbManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /soa-infra - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /soa/composer - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /integration/worklistapp - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} - - path: /servicebus - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} - - path: /lwpfconsole - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} - - path: /xbusrouting - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} - - path: /xbustransform - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /ess - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /EssHealthCheck - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /b2bconsole - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} -{{- if eq .Values.sslType "SSL" }} - tls: - - hosts: - - '{{ .Values.nginx.hostname }}' - secretName: domain1-tls-cert -{{- end }} -{{- else }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower }}-nginx-ssl - namespace: {{ .Release.Namespace }} -spec: - ports: - - port: {{ .Values.wlsDomain.adminServerSSLPort }} - protocol: TCP - targetPort: {{ .Values.wlsDomain.adminServerSSLPort }} - selector: - weblogic.domainUID: {{ .Values.wlsDomain.domainUID }} - weblogic.serverName: {{ .Values.wlsDomain.adminServerName }} - type: ClusterIP - ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ .Values.wlsDomain.domainUID }}-nginx-e2essl-admin - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/ingress.class: 'nginx' - nginx.ingress.kubernetes.io/affinity: 'cookie' - nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' - nginx.ingress.kubernetes.io/ssl-passthrough: 'true' -spec: - tls: - - hosts: - - '{{ .Values.hostName.admin }}' - secretName: domain1-tls-cert - rules: - - host: '{{ .Values.hostName.admin }}' - http: - paths: - - path: - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}-nginx-ssl' - servicePort: {{ .Values.wlsDomain.adminServerSSLPort }} -{{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ .Values.wlsDomain.domainUID }}-nginx-e2essl-soa - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/ingress.class: 'nginx' - nginx.ingress.kubernetes.io/affinity: 'cookie' - nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' - nginx.ingress.kubernetes.io/ssl-passthrough: 'true' -spec: - tls: - - hosts: - - '{{ .Values.hostName.soa }}' - secretName: domain1-tls-cert - rules: - - host: '{{ .Values.hostName.soa }}' - http: - paths: - - path: / - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerSSLPort }} -{{- end }} -{{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ .Values.wlsDomain.domainUID }}-nginx-e2essl-osb - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/ingress.class: 'nginx' - nginx.ingress.kubernetes.io/affinity: 'cookie' - nginx.ingress.kubernetes.io/session-cookie-name: 'sticky' - nginx.ingress.kubernetes.io/ssl-passthrough: 'true' -spec: - tls: - - hosts: - - '{{ .Values.hostName.osb }}' - secretName: domain1-tls-cert - rules: - - host: '{{ .Values.hostName.osb }}' - http: - paths: - - path: / - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.osbClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.osbManagedServerSSLPort }} -{{- end }} - -{{- end }} -{{- end }} -{{- end }} - diff --git a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-e2essl.yaml b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-e2essl.yaml new file mode 100755 index 000000000..447d17b33 --- /dev/null +++ b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-e2essl.yaml @@ -0,0 +1,43 @@ +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# +{{- if eq .Values.type "TRAEFIK" }} +{{- if (eq .Values.sslType "E2ESSL") }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRouteTCP +metadata: + name: {{ .Values.wlsDomain.domainUID }}-traefik + namespace: {{ .Release.Namespace }} +spec: + entryPoints: + - websecure + routes: + - match: HostSNI(`{{ .Values.hostName.admin }}`) + services: + - name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: {{ .Values.wlsDomain.adminServerSSLPort }} + weight: 3 + terminationDelay: 400 + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - match: HostSNI(`{{ .Values.hostName.soa }}`) + services: + - name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: {{ .Values.wlsDomain.soaManagedServerSSLPort }} + weight: 3 + terminationDelay: 400 + {{- end }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} + - match: HostSNI(`{{ .Values.hostName.osb }}`) + services: + - name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.osbClusterName | lower | replace "_" "-" }}' + port: {{ .Values.wlsDomain.osbManagedServerSSLPort }} + weight: 3 + terminationDelay: 400 + {{- end }} + tls: + passthrough: true + +{{- end }} +{{- end }} + diff --git a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-nonssl.yaml b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-nonssl.yaml new file mode 100755 index 000000000..1694e8e04 --- /dev/null +++ b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-nonssl.yaml @@ -0,0 +1,153 @@ +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# +{{- if eq .Values.type "TRAEFIK" }} +{{- if (eq .Values.sslType "NONSSL") }} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.wlsDomain.domainUID }}-traefik + namespace: {{ .Release.Namespace }} + labels: + weblogic.resourceVersion: domain-v2 + annotations: + kubernetes.io/ingress.class: 'traefik' +spec: + rules: + - host: '{{ .Values.traefik.hostname }}' + http: + paths: + - path: /console + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + - path: /em + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + - path: /weblogic/ready + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + {{- if or (eq .Values.domainType "soa") }} + - path: / + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "osb") }} + - path: / + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.osbClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.osbManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /soa-infra + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /soa/composer + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /integration/worklistapp + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} + - path: /servicebus + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} + - path: /lwpfconsole + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} + - path: /xbusrouting + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} + - path: /xbustransform + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.adminServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /ess + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /EssHealthCheck + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} + - path: /b2bconsole + pathType: ImplementationSpecific + backend: + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} + {{- end }} + +{{- end }} +{{- end }} + diff --git a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-k8s1.19.yaml b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-ssl.yaml similarity index 73% rename from OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-k8s1.19.yaml rename to OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-ssl.yaml index d1ad97033..518a70ef3 100755 --- a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-k8s1.19.yaml +++ b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress-ssl.yaml @@ -1,9 +1,8 @@ -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} {{- if eq .Values.type "TRAEFIK" }} -{{- if or (eq .Values.sslType "NONSSL") (eq .Values.sslType "SSL") }} +{{- if (eq .Values.sslType "SSL") }} --- apiVersion: networking.k8s.io/v1 kind: Ingress @@ -17,7 +16,7 @@ metadata: {{- if eq .Values.sslType "SSL" }} traefik.ingress.kubernetes.io/router.entrypoints: 'websecure' traefik.ingress.kubernetes.io/router.tls: 'true' - traefik.ingress.kubernetes.io/router.middlewares: 'soans-wls-proxy-ssl@kubernetescrd' + traefik.ingress.kubernetes.io/router.middlewares: '{{ .Release.Namespace}}-wls-proxy-ssl@kubernetescrd' {{- end }} spec: rules: @@ -63,7 +62,7 @@ spec: port: number: {{ .Values.wlsDomain.osbManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /soa-infra pathType: ImplementationSpecific backend: @@ -72,7 +71,7 @@ spec: port: number: {{ .Values.wlsDomain.soaManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /soa/composer pathType: ImplementationSpecific backend: @@ -81,7 +80,7 @@ spec: port: number: {{ .Values.wlsDomain.soaManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /integration/worklistapp pathType: ImplementationSpecific backend: @@ -90,7 +89,7 @@ spec: port: number: {{ .Values.wlsDomain.soaManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} - path: /servicebus pathType: ImplementationSpecific backend: @@ -99,7 +98,7 @@ spec: port: number: {{ .Values.wlsDomain.adminServerPort }} {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} - path: /lwpfconsole pathType: ImplementationSpecific backend: @@ -108,7 +107,7 @@ spec: port: number: {{ .Values.wlsDomain.adminServerPort }} {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} - path: /xbusrouting pathType: ImplementationSpecific backend: @@ -117,7 +116,7 @@ spec: port: number: {{ .Values.wlsDomain.adminServerPort }} {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") }} - path: /xbustransform pathType: ImplementationSpecific backend: @@ -126,7 +125,7 @@ spec: port: number: {{ .Values.wlsDomain.adminServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /ess pathType: ImplementationSpecific backend: @@ -135,7 +134,7 @@ spec: port: number: {{ .Values.wlsDomain.soaManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /EssHealthCheck pathType: ImplementationSpecific backend: @@ -144,7 +143,7 @@ spec: port: number: {{ .Values.wlsDomain.soaManagedServerPort }} {{- end }} - {{- if or (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} + {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") }} - path: /b2bconsole pathType: ImplementationSpecific backend: @@ -157,7 +156,7 @@ spec: tls: - hosts: - '{{ .Values.traefik.hostname }}' - secretName: soainfra-tls-cert + secretName: {{ .Values.wlsDomain.domainUID }}-tls-cert {{- end }} --- #Create Traefik Middleware custom resource for SSL Termination @@ -177,42 +176,6 @@ spec: WL-Proxy-SSL: "true" sslRedirect: true {{- end }} -{{- else }} ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRouteTCP -metadata: - name: {{ .Values.wlsDomain.domainUID }}-traefik - namespace: {{ .Release.Namespace }} -spec: - entryPoints: - - websecure - routes: - - match: HostSNI(`{{ .Values.hostName.admin }}`) - services: - - name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - port: {{ .Values.wlsDomain.adminServerSSLPort }} - weight: 3 - TerminationDelay: 400 - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - match: HostSNI(`{{ .Values.hostName.soa }}`) - services: - - name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - port: {{ .Values.wlsDomain.soaManagedServerSSLPort }} - weight: 3 - TerminationDelay: 400 - {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} - - match: HostSNI(`{{ .Values.hostName.osb }}`) - services: - - name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.osbClusterName | lower | replace "_" "-" }}' - port: {{ .Values.wlsDomain.osbManagedServerSSLPort }} - weight: 3 - TerminationDelay: 400 - {{- end }} - tls: - passthrough: true -{{- end }} {{- end }} {{- end }} diff --git a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress.yaml b/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress.yaml deleted file mode 100755 index 42773a1e7..000000000 --- a/OracleSOASuite/kubernetes/charts/ingress-per-domain/templates/traefik-ingress.yaml +++ /dev/null @@ -1,174 +0,0 @@ -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -# -{{- if semverCompare "<1.19-0" .Capabilities.KubeVersion.GitVersion -}} -{{- if eq .Values.type "TRAEFIK" }} -{{- if or (eq .Values.sslType "NONSSL") (eq .Values.sslType "SSL") }} ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ .Values.wlsDomain.domainUID }}-traefik - namespace: {{ .Release.Namespace }} - labels: - weblogic.resourceVersion: domain-v2 - annotations: - kubernetes.io/ingress.class: 'traefik' -{{- if eq .Values.sslType "SSL" }} - traefik.ingress.kubernetes.io/router.entrypoints: 'websecure' - traefik.ingress.kubernetes.io/router.tls: 'true' - traefik.ingress.kubernetes.io/router.middlewares: 'soans-wls-proxy-ssl@kubernetescrd' -{{- end }} -spec: - rules: - - host: '{{ .Values.traefik.hostname }}' - http: - paths: - - path: /console - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - - path: /em - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - - path: /weblogic/ready - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - {{- if or (eq .Values.domainType "soa") }} - - path: / - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "osb") }} - - path: / - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.osbClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.osbManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /soa-infra - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /soa/composer - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /integration/worklistapp - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} - - path: /servicebus - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} - - path: /lwpfconsole - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} - - path: /xbusrouting - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} - - path: /xbustransform - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /ess - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /EssHealthCheck - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} - {{- if or (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - path: /b2bconsole - backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} - {{- end }} -{{- if eq .Values.sslType "SSL" }} - tls: - - hosts: - - '{{ .Values.traefik.hostname }}' - secretName: soainfra-tls-cert -{{- end }} ---- -#Create Traefik Middleware custom resource for SSL Termination -{{- if eq .Values.sslType "SSL" }} -apiVersion: traefik.containo.us/v1alpha1 -kind: Middleware -metadata: - name: wls-proxy-ssl - namespace: {{ .Release.Namespace }} -spec: - headers: - customRequestHeaders: - X-Custom-Request-Header: "" - X-Forwarded-For: "" - WL-Proxy-Client-IP: "" - WL-Proxy-SSL: "" - WL-Proxy-SSL: "true" - sslRedirect: true -{{- end }} -{{- else }} ---- -apiVersion: traefik.containo.us/v1alpha1 -kind: IngressRouteTCP -metadata: - name: {{ .Values.wlsDomain.domainUID }}-traefik - namespace: {{ .Release.Namespace }} -spec: - entryPoints: - - websecure - routes: - - match: HostSNI(`{{ .Values.hostName.admin }}`) - services: - - name: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - port: {{ .Values.wlsDomain.adminServerSSLPort }} - weight: 3 - TerminationDelay: 400 - {{- if or (eq .Values.domainType "soa") (eq .Values.domainType "soaosb") (eq .Values.domainType "soab2b") (eq .Values.domainType "soaosbb2b") }} - - match: HostSNI(`{{ .Values.hostName.soa }}`) - services: - - name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - port: {{ .Values.wlsDomain.soaManagedServerSSLPort }} - weight: 3 - TerminationDelay: 400 - {{- end }} - {{- if or (eq .Values.domainType "osb") (eq .Values.domainType "soaosb") (eq .Values.domainType "soaosbb2b") }} - - match: HostSNI(`{{ .Values.hostName.osb }}`) - services: - - name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.osbClusterName | lower | replace "_" "-" }}' - port: {{ .Values.wlsDomain.osbManagedServerSSLPort }} - weight: 3 - TerminationDelay: 400 - {{- end }} - tls: - passthrough: true -{{- end }} - -{{- end }} -{{- end }} - diff --git a/OracleSOASuite/kubernetes/charts/ingress-per-domain/values.yaml b/OracleSOASuite/kubernetes/charts/ingress-per-domain/values.yaml index d364dc81a..22e5f2c01 100755 --- a/OracleSOASuite/kubernetes/charts/ingress-per-domain/values.yaml +++ b/OracleSOASuite/kubernetes/charts/ingress-per-domain/values.yaml @@ -6,13 +6,14 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. # -# Load balancer type. Supported values are: TRAEFIK, VOYAGER, NGINX + +# Load balancer type. Supported values are: TRAEFIK,NGINX type: TRAEFIK -# Type of Configuration Supported Values are : NONSSL, SSL and E2ESSL +# SSL configuration Type. Supported Values are : NONSSL,SSL,E2ESSL sslType: NONSSL -# domainType Supported values are soa,osb and soaosb. +# domainType. Supported values are: osb,soa,soaosb domainType: soa #WLS domain as backend to the load balancer @@ -33,16 +34,13 @@ hostName: admin: admin.org soa: soa.org osb: osb.org + +# Ngnix specific values +nginx: + connectTimeout: 1800 + readTimeout: 1800 + sendTimeout: 1800 + cookieExpires: 172800 + cookieMaxAge: 172800 -# Voyager specific values -voyager: - # web port - webPort: 30305 - webSSLPort: 30443 -# For Voyager E2E Access - adminSSLPort: 30445 - soaSSLPort: 30447 - osbSSLPort: 30449 - # stats port - statsPort: 30319 diff --git a/OracleSOASuite/kubernetes/charts/traefik/values.yaml b/OracleSOASuite/kubernetes/charts/traefik/values.yaml index e94bf24f2..f680d34e3 100755 --- a/OracleSOASuite/kubernetes/charts/traefik/values.yaml +++ b/OracleSOASuite/kubernetes/charts/traefik/values.yaml @@ -1,9 +1,9 @@ -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # image: name: traefik - tag: 2.2.8 + tag: 2.6.0 pullPolicy: IfNotPresent ingressRoute: dashboard: @@ -49,4 +49,7 @@ ports: # The port protocol (TCP/UDP) protocol: TCP nodePort: 30443 +additionalArguments: + - "--log.level=INFO" + diff --git a/OracleSOASuite/kubernetes/charts/weblogic-operator/Chart.yaml b/OracleSOASuite/kubernetes/charts/weblogic-operator/Chart.yaml index b5cac770e..0858a5b73 100755 --- a/OracleSOASuite/kubernetes/charts/weblogic-operator/Chart.yaml +++ b/OracleSOASuite/kubernetes/charts/weblogic-operator/Chart.yaml @@ -6,5 +6,5 @@ name: weblogic-operator description: Helm chart for configuring the WebLogic operator. type: application -version: 3.3.0 -appVersion: 3.3.0 +version: 3.4.0 +appVersion: 3.4.0 diff --git a/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-cm.tpl b/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-cm.tpl index dd6594de2..8f7f2ff51 100755 --- a/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-cm.tpl +++ b/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-cm.tpl @@ -49,6 +49,18 @@ data: {{- if .tokenReviewAuthentication }} tokenReviewAuthentication: {{ .tokenReviewAuthentication | quote }} {{- end }} + {{- if (hasKey . "istioLocalhostBindingsEnabled") }} + istioLocalhostBindingsEnabled: {{ .istioLocalhostBindingsEnabled | quote }} + {{- end }} + {{- if .kubernetesPlatform }} + kubernetesPlatform: {{ .kubernetesPlatform | quote }} + {{- end }} + {{- if .domainPresenceFailureRetryMaxCount }} + domainPresenceFailureRetryMaxCount: {{ .domainPresenceFailureRetryMaxCount | quote }} + {{- end }} + {{- if .domainPresenceFailureRetrySeconds }} + domainPresenceFailureRetrySeconds: {{ .domainPresenceFailureRetrySeconds | quote }} + {{- end }} kind: "ConfigMap" metadata: labels: diff --git a/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-dep.tpl b/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-dep.tpl index 3fadac7dc..8a5794d30 100755 --- a/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-dep.tpl +++ b/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-dep.tpl @@ -64,6 +64,8 @@ spec: value: "false" - name: "JAVA_LOGGING_LEVEL" value: {{ .javaLoggingLevel | quote }} + - name: "KUBERNETES_PLATFORM" + value: {{ .kubernetesPlatform | quote }} - name: "JAVA_LOGGING_MAXSIZE" value: {{ .javaLoggingFileSizeLimit | default 20000000 | quote }} - name: "JAVA_LOGGING_COUNT" @@ -112,7 +114,7 @@ spec: command: - "bash" - "/operator/livenessProbe.sh" - initialDelaySeconds: 20 + initialDelaySeconds: 40 periodSeconds: 5 readinessProbe: exec: diff --git a/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-external-svc.tpl b/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-external-svc.tpl index 44bfc1191..18b0876a9 100755 --- a/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-external-svc.tpl +++ b/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-external-svc.tpl @@ -19,11 +19,13 @@ spec: {{- if .externalRestEnabled }} - name: "rest" port: 8081 + appProtocol: https nodePort: {{ .externalRestHttpsPort }} {{- end }} {{- if .remoteDebugNodePortEnabled }} - name: "debug" port: {{ .internalDebugHttpPort }} + appProtocol: http nodePort: {{ .externalDebugHttpPort }} {{- end }} {{- end }} diff --git a/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-internal-svc.tpl b/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-internal-svc.tpl index 0108738de..b03aa8aee 100755 --- a/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-internal-svc.tpl +++ b/OracleSOASuite/kubernetes/charts/weblogic-operator/templates/_operator-internal-svc.tpl @@ -17,4 +17,5 @@ spec: ports: - port: 8082 name: "rest" + appProtocol: https {{- end }} diff --git a/OracleSOASuite/kubernetes/charts/weblogic-operator/values.yaml b/OracleSOASuite/kubernetes/charts/weblogic-operator/values.yaml index dac9a5382..b67c533ec 100755 --- a/OracleSOASuite/kubernetes/charts/weblogic-operator/values.yaml +++ b/OracleSOASuite/kubernetes/charts/weblogic-operator/values.yaml @@ -63,7 +63,7 @@ domainNamespaces: enableClusterRoleBinding: false # image specifies the container image containing the operator. -image: "ghcr.io/oracle/weblogic-kubernetes-operator:3.3.0" +image: "ghcr.io/oracle/weblogic-kubernetes-operator:3.4.0" # imagePullPolicy specifies the image pull policy for the operator's container image. imagePullPolicy: IfNotPresent @@ -104,7 +104,7 @@ elkIntegrationEnabled: false # logStashImage specifies the container image containing logstash. # This parameter is ignored if 'elkIntegrationEnabled' is false. -logStashImage: "logstash:6.6.0" +logStashImage: "logstash:6.8.23" # elasticSearchHost specifies the hostname of where elasticsearch is running. # This parameter is ignored if 'elkIntegrationEnabled' is false. @@ -222,3 +222,9 @@ clusterSizePaddingValidationEnabled: true # to the Domain resource so that it is done using the caller's privileges. # The default value is false. #tokenReviewAuthentication: false + +# domainPresenceFailureRetryMaxCount and domainPresenceFailureRetrySeconds specify the number of introspector job +# retries for a Domain and the interval in seconds between these retries, respectively. +# Defaults to 5 retries and 10 seconds between each retry. +# domainPresenceFailureRetryMaxCount: 5 +# domainPresenceFailureRetrySeconds: 10 diff --git a/OracleSOASuite/kubernetes/common/utility.sh b/OracleSOASuite/kubernetes/common/utility.sh index 979207be2..a7ae01450 100755 --- a/OracleSOASuite/kubernetes/common/utility.sh +++ b/OracleSOASuite/kubernetes/common/utility.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -# Copyright (c) 2018, 2021, Oracle and/or its affiliates. +# Copyright (c) 2018, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # @@ -185,6 +185,23 @@ function checkPvState { fi } +# +# Check the state of a persistent volume claim. +# $1 - name of volume claim +# $2 - expected state of volume claim +function checkPvcState { + echo "Checking if the persistent volume claim ${1:?} is ${2:?}" + local end_secs=$((SECONDS + 30)) + local pvc_state=`kubectl get pvc $1 -o jsonpath='{.status.phase}'` + while [ ! "$pvc_state" = "$2" ] && [ $SECONDS -le $end_secs ]; do + sleep 1 + pvc_state=`kubectl get pvc $1 -o jsonpath='{.status.phase}'` + done + if [ "$pvc_state" != "$2" ]; then + fail "The persistent volume state should be $2 but is $pvc_state" + fi +} + # # Function to check if a persistent volume exists # $1 - name of volume @@ -926,3 +943,44 @@ function checkService(){ done echo "Service [$svc] found" } + +# Get pod name when pod available in a given namespace +function getPodName(){ + + local max=$((SECONDS + 120)) + + local pod=$1 + local ns=$2 + + local pname="" + while [ $SECONDS -le $max ] ; do + pname=`kubectl get po -n ${ns} | grep -w ${pod} | awk '{print $1}'` + [ -z "${pname}" ] || break + sleep 1 + done + + if [ -z "${pname}" ] ; then + echo "[ERROR] Could not find Pod [$pod] after $max seconds"; + exit 1 + fi + + echo "${pname}" +} + +# Checks if a pod is available in a given namespace +function detectPod() { + ns=$1 + startSecs=$SECONDS + maxWaitSecs=10 + while [ -z "`kubectl get pod -n ${ns} -o jsonpath={.items[0].metadata.name}`" ]; do + if [ $((SECONDS - startSecs)) -lt $maxWaitSecs ]; then + echo "Pod not found after $((SECONDS - startSecs)) seconds, retrying ..." + sleep 2 + else + echo "[Error] Could not find Pod after $((SECONDS - startSecs)) seconds" + exit 1 + fi + done + retVal=`kubectl get pod -n ${ns} -o jsonpath={.items[0].metadata.name}` + echo "$retVal" +} diff --git a/OracleSOASuite/kubernetes/create-oracle-db-service/start-db-service.sh b/OracleSOASuite/kubernetes/create-oracle-db-service/start-db-service.sh index 9a522d4eb..452860272 100755 --- a/OracleSOASuite/kubernetes/create-oracle-db-service/start-db-service.sh +++ b/OracleSOASuite/kubernetes/create-oracle-db-service/start-db-service.sh @@ -1,14 +1,14 @@ #!/bin/bash -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -# + # Bring up Oracle DB Instance in [default] NameSpace with a NodePort Service script="${BASH_SOURCE[0]}" scriptDir="$( cd "$( dirname "${script}" )" && pwd )" source ${scriptDir}/../common/utility.sh -function usage { +usage() { echo "usage: ${script} -p -i -s -n [-h]" echo " -i Oracle DB Image (optional)" echo " (default: container-registry.oracle.com/database/enterprise:12.2.0.1-slim)" @@ -67,28 +67,39 @@ fi echo "NodePort[$nodeport] ImagePullSecret[$pullsecret] Image[${dbimage}] NameSpace[${namespace}]" +#create unique db yaml file if does not exists +dbYaml=${scriptDir}/common/oracle.db.${namespace}.yaml +if [ ! -f "$dbYaml" ]; then + echo "$dbYaml does not exist." + cp ${scriptDir}/common/oracle.db.yaml ${dbYaml} +fi + # Modify ImagePullSecret and DatabaseImage based on input -sed -i -e '$d' ${scriptDir}/common/oracle.db.yaml -echo ' - name: docker-store' >> ${scriptDir}/common/oracle.db.yaml -sed -i -e "s?name: docker-store?name: ${pullsecret}?g" ${scriptDir}/common/oracle.db.yaml -sed -i -e "s?image:.*?image: ${dbimage}?g" ${scriptDir}/common/oracle.db.yaml -sed -i -e "s?namespace:.*?namespace: ${namespace}?g" ${scriptDir}/common/oracle.db.yaml +sed -i -e '$d' ${dbYaml} +echo ' - name: docker-store' >> ${dbYaml} +sed -i -e "s?name: docker-store?name: ${pullsecret}?g" ${dbYaml} +sed -i -e "s?image:.*?image: ${dbimage}?g" ${dbYaml} +sed -i -e "s?namespace:.*?namespace: ${namespace}?g" ${dbYaml} # Modify the NodePort based on input if [ "${nodeport}" = "none" ]; then - sed -i -e "s? nodePort:? #nodePort:?g" ${scriptDir}/common/oracle.db.yaml - sed -i -e "s? type:.*NodePort? #type: NodePort?g" ${scriptDir}/common/oracle.db.yaml + sed -i -e "s? nodePort:? #nodePort:?g" ${dbYaml} + sed -i -e "s? type:.*NodePort? #type: NodePort?g" ${dbYaml} else - sed -i -e "s?[#]*nodePort:.*?nodePort: ${nodeport}?g" ${scriptDir}/common/oracle.db.yaml - sed -i -e "s?[#]*type:.*NodePort?type: NodePort?g" ${scriptDir}/common/oracle.db.yaml # default type is ClusterIP + sed -i -e "s?[#]*nodePort:.*?nodePort: ${nodeport}?g" ${dbYaml} + sed -i -e "s?[#]*type:.*NodePort?type: NodePort?g" ${dbYaml} # default type is ClusterIP fi kubectl delete service oracle-db -n ${namespace} --ignore-not-found -kubectl apply -f ${scriptDir}/common/oracle.db.yaml +kubectl apply -f ${dbYaml} -dbpod=`kubectl get po -n ${namespace} | grep oracle-db | cut -f1 -d " " ` +detectPod ${namespace} +dbpod=${retVal} +echo "Is going to check dbpod: ${dbpod} in the namespace: ${namespace} " checkPod ${dbpod} ${namespace} + +echo " checking pod state for pod ${dbpod} running in ${namespace}" checkPodState ${dbpod} ${namespace} "1/1" checkService oracle-db ${namespace} diff --git a/OracleSOASuite/kubernetes/create-oracle-db-service/stop-db-service.sh b/OracleSOASuite/kubernetes/create-oracle-db-service/stop-db-service.sh index 7ab14928c..a99af10b4 100755 --- a/OracleSOASuite/kubernetes/create-oracle-db-service/stop-db-service.sh +++ b/OracleSOASuite/kubernetes/create-oracle-db-service/stop-db-service.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # # Drop the DB Service created by start-db-service.sh @@ -8,7 +8,7 @@ script="${BASH_SOURCE[0]}" scriptDir="$( cd "$( dirname "${script}" )" && pwd )" source ${scriptDir}/../common/utility.sh -function usage { +usage() { echo "usage: ${script} -n namespace [-h]" echo " -n Kubernetes NameSpace for Oracle DB Service to be Stopped (optional)" echo " (default: default) " @@ -34,7 +34,8 @@ fi dbpod=`kubectl get po -n ${namespace} | grep oracle-db | cut -f1 -d " " ` -kubectl delete -f ${scriptDir}/common/oracle.db.yaml --ignore-not-found +kubectl delete -f ${scriptDir}/common/oracle.db.${namespace}.yaml --ignore-not-found +rm ${scriptDir}/common/oracle.db.${namespace}.yaml --force if [ -z ${dbpod} ]; then echo "Couldn't find oracle-db pod in [${namespace}] namesapce" diff --git a/OracleSOASuite/kubernetes/create-rcu-schema/README.md b/OracleSOASuite/kubernetes/create-rcu-schema/README.md index c4d77af6a..8b4895cc1 100755 --- a/OracleSOASuite/kubernetes/create-rcu-schema/README.md +++ b/OracleSOASuite/kubernetes/create-rcu-schema/README.md @@ -26,7 +26,7 @@ $ ./create-rcu-schema.sh -h usage: ./create-rcu-schema.sh -s -t -d -i -u -p -n -q -r -o -c [-l] [-h] -s RCU Schema Prefix (required) -t RCU Schema Type (optional) - (supported values: osb,soa,soaosb,soab2b,soaosbb2b) + (supported values: osb,soa,soaosb) -d RCU Oracle Database URL (optional) (default: oracle-db.default.svc.cluster.local:1521/devpdb.k8s) -p OracleSOASuite ImagePullSecret (optional) @@ -46,11 +46,11 @@ usage: ./create-rcu-schema.sh -s -t -d -i -d -n -q -r [-h] -s RCU Schema Prefix (required) -t RCU Schema Type (optional) - (supported values: osb,soa,soaosb,soab2b,soaosbb2b) + (supported values: osb,soa,soaosb) -d Oracle Database URL (optional) (default: oracle-db.default.svc.cluster.local:1521/devpdb.k8s) -n Namespace where RCU pod is deployed (optional) @@ -155,7 +155,7 @@ PATH=/u01/oracle/wlserver/server/bin:/u01/oracle/wlserver/../oracle_common/modul Your environment has been set. Check if the DB Service is ready to accept request -DB Connection String [oracle-db.default.svc.cluster.local:1521/devpdb.k8s] schemaPrefix [domain1] rcuType[fmw] +DB Connection String [oracle-db.default.svc.cluster.local:1521/devpdb.k8s] schemaPrefix [domain1] rcuType[soa] **** Success!!! **** diff --git a/OracleSOASuite/kubernetes/create-rcu-schema/common/createRepository.sh b/OracleSOASuite/kubernetes/create-rcu-schema/common/createRepository.sh index ff1cb36aa..f3fb6289b 100755 --- a/OracleSOASuite/kubernetes/create-rcu-schema/common/createRepository.sh +++ b/OracleSOASuite/kubernetes/create-rcu-schema/common/createRepository.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # . /u01/oracle/wlserver/server/bin/setWLSEnv.sh @@ -7,7 +7,7 @@ echo "Check if the DB Service is ready to accept request " connectString=${1:-oracle-db.default.svc.cluster.local:1521/devpdb.k8s} schemaPrefix=${2:-soainfra} -rcuType=${3:-fmw} +rcuType=${3:-soa} sysPassword=${4:-Oradoc_db1} customVariables=${5:-none} @@ -44,13 +44,13 @@ osb) extComponents="-component SOAINFRA" echo "Creating RCU Schema for OracleSOASuite Domain ..." ;; -soa|soaosb|soab2b|soaosbb2b) +soa|soaosb) extComponents="-component SOAINFRA -component ESS" echo "Creating RCU Schema for OracleSOASuite Domain ..." ;; * ) echo "[ERROR] Unknown RCU Schema Type [$rcuType]" - echo "Supported values: osb,soa,soaosb,soab2b,soaosbb2b" + echo "Supported values: osb,soa,soaosb" exit -1 ;; esac diff --git a/OracleSOASuite/kubernetes/create-rcu-schema/common/dropRepository.sh b/OracleSOASuite/kubernetes/create-rcu-schema/common/dropRepository.sh index 476c276ba..feed02c27 100755 --- a/OracleSOASuite/kubernetes/create-rcu-schema/common/dropRepository.sh +++ b/OracleSOASuite/kubernetes/create-rcu-schema/common/dropRepository.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # . /u01/oracle/wlserver/server/bin/setWLSEnv.sh @@ -7,7 +7,7 @@ echo "Check if the DB Service is ready to accept request " connectString=${1:-oracle-db.default.svc.cluster.local:1521/devpdb.k8s} schemaPrefix=${2:-soainfra} -rcuType=${3:-fmw} +rcuType=${3:-soa} sysPassword=${4:-Oradoc_db1} customVariables=${5:-none} @@ -42,13 +42,13 @@ osb) extComponents="-component SOAINFRA" echo "Dropping RCU Schema for OracleSOASuite Domain ..." ;; -soa|soaosb|soab2b|soaosbb2b) +soa|soaosb) extComponents="-component SOAINFRA -component ESS" echo "Dropping RCU Schema for OracleSOASuite Domain ..." ;; * ) echo "[ERROR] Unknown RCU Schema Type [$rcuType]" - echo "Supported values: osb,soa,soaosb,soab2b,soaosbb2b" + echo "Supported values: osb,soa,soaosb" exit -1 ;; esac diff --git a/OracleSOASuite/kubernetes/create-rcu-schema/create-rcu-schema.sh b/OracleSOASuite/kubernetes/create-rcu-schema/create-rcu-schema.sh index bfc9fceb7..db7c12a78 100755 --- a/OracleSOASuite/kubernetes/create-rcu-schema/create-rcu-schema.sh +++ b/OracleSOASuite/kubernetes/create-rcu-schema/create-rcu-schema.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # # Configure RCU schema based on schemaPreifix and rcuDatabaseURL @@ -12,7 +12,7 @@ function usage { echo "usage: ${script} -s -t -d -i -u -p -n -q -r -o -c [-l] [-h] " echo " -s RCU Schema Prefix (required)" echo " -t RCU Schema Type (optional)" - echo " (supported values: osb,soa,soaosb,soab2b,soaosbb2b)" + echo " (supported values: osb,soa,soaosb)" echo " -d RCU Oracle Database URL (optional) " echo " (default: oracle-db.default.svc.cluster.local:1521/devpdb.k8s) " echo " -p OracleSOASuite ImagePullSecret (optional) " @@ -122,7 +122,7 @@ if [ -z ${dburl} ]; then fi if [ -z ${rcuType} ]; then - rcuType="fmw" + rcuType="soa" fi if [ -z ${pullsecret} ]; then diff --git a/OracleSOASuite/kubernetes/create-rcu-schema/drop-rcu-schema.sh b/OracleSOASuite/kubernetes/create-rcu-schema/drop-rcu-schema.sh index ad7a4c919..175fee731 100755 --- a/OracleSOASuite/kubernetes/create-rcu-schema/drop-rcu-schema.sh +++ b/OracleSOASuite/kubernetes/create-rcu-schema/drop-rcu-schema.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # # Drop the RCU schema based on schemaPreifix and Database URL @@ -12,7 +12,7 @@ function usage { echo "usage: ${script} -s -d -n -q -r -c [-h]" echo " -s RCU Schema Prefix (required)" echo " -t RCU Schema Type (optional)" - echo " (supported values: osb,soa,soaosb,soab2b,soaosbb2b) " + echo " (supported values: osb,soa,soaosb) " echo " -d Oracle Database URL (optional)" echo " (default: oracle-db.default.svc.cluster.local:1521/devpdb.k8s) " echo " -n Namespace where RCU pod is deployed (optional)" @@ -60,7 +60,7 @@ if [ -z ${dburl} ]; then fi if [ -z ${rcuType} ]; then - rcuType="fmw" + rcuType="soa" fi if [ -z ${namespace} ]; then diff --git a/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/create-domain-inputs.yaml b/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/create-domain-inputs.yaml index 3d63795a2..732f5ed7f 100755 --- a/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/create-domain-inputs.yaml +++ b/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/create-domain-inputs.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # The version of this inputs file. Do not modify. @@ -209,3 +209,9 @@ rcuCredentialsSecret: soainfra-rcu-credentials # The persistent store for 'JMS servers' and 'Transaction log store' in the domain. Valid values are 'jdbc' or 'file'. Default is 'jdbc'. persistentStore: jdbc + +# istioEnabled specifies whether or not it is deployed under Istio. +istioEnabled: false + +# istioReadinessPort specifies the WebLogic NAP port for use by the readiness probe +istioReadinessPort: 8888 \ No newline at end of file diff --git a/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/create-domain-job-template.yaml b/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/create-domain-job-template.yaml index 741871d6f..30104fe32 100755 --- a/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/create-domain-job-template.yaml +++ b/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/create-domain-job-template.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. apiVersion: batch/v1 kind: Job @@ -12,6 +12,8 @@ spec: weblogic.domainUID: %DOMAIN_UID% weblogic.domainName: %DOMAIN_NAME% app: %DOMAIN_UID%-create-soa-infra-domain-job + annotations: + sidecar.istio.io/inject: "false" spec: restartPolicy: Never containers: diff --git a/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/delete-domain-job-template.yaml b/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/delete-domain-job-template.yaml index 5c0403c07..422eff489 100755 --- a/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/delete-domain-job-template.yaml +++ b/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/delete-domain-job-template.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. apiVersion: v1 kind: ConfigMap @@ -29,6 +29,8 @@ spec: weblogic.domainUID: %DOMAIN_UID% weblogic.domainName: %DOMAIN_NAME% app: %DOMAIN_UID%-delete-soa-infra-domain-job + annotations: + sidecar.istio.io/inject: "false" spec: restartPolicy: Never containers: diff --git a/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/deploy-artifacts-job-template.yaml b/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/deploy-artifacts-job-template.yaml index 0e20279aa..478e3bbcd 100755 --- a/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/deploy-artifacts-job-template.yaml +++ b/OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/deploy-artifacts-job-template.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2021, Oracle and/or its affiliates. +# Copyright (c) 2021, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. apiVersion: batch/v1 kind: Job @@ -12,6 +12,8 @@ spec: weblogic.domainUID: %DOMAIN_UID% weblogic.domainName: %DOMAIN_NAME% app: %DOMAIN_UID%-deploy-artifacts-job + annotations: + sidecar.istio.io/inject: "false" spec: restartPolicy: Never %ARTIFACTS_IN_IMAGE_PREFIX%initContainers: diff --git a/OracleSOASuite/kubernetes/create-soa-domain/utils/soasuite-domain-template.yaml b/OracleSOASuite/kubernetes/create-soa-domain/utils/soasuite-domain-template.yaml index c0de98c03..c126929f8 100755 --- a/OracleSOASuite/kubernetes/create-soa-domain/utils/soasuite-domain-template.yaml +++ b/OracleSOASuite/kubernetes/create-soa-domain/utils/soasuite-domain-template.yaml @@ -91,6 +91,13 @@ spec: - name: USER_MEM_ARGS value: "-Djava.security.egd=file:/dev/./urandom -Xms512m -Xmx1024m " + # Istio + %ISTIO_PREFIX%configuration: + %ISTIO_PREFIX% istio: + %ISTIO_PREFIX% enabled: %ISTIO_ENABLED% + %ISTIO_PREFIX% readinessPort: %ISTIO_READINESS_PORT% + %ISTIO_PREFIX% localhostBindingsEnabled: false + # clusters is used to configure the desired behavior for starting member servers of a cluster. # If you use this entry, then the rules will be applied to ALL servers that are members of the named clusters. clusters: @@ -120,9 +127,3 @@ spec: # The number of managed servers to start for unlisted clusters # replicas: 1 - # Istio - %ISTIO_PREFIX%configuration: - %ISTIO_PREFIX% istio: - %ISTIO_PREFIX% enabled: %ISTIO_ENABLED% - %ISTIO_PREFIX% readinessPort: %ISTIO_READINESS_PORT% - diff --git a/OracleSOASuite/kubernetes/domain-lifecycle/helper.sh b/OracleSOASuite/kubernetes/domain-lifecycle/helper.sh index efb277e63..61cb10dd9 100755 --- a/OracleSOASuite/kubernetes/domain-lifecycle/helper.sh +++ b/OracleSOASuite/kubernetes/domain-lifecycle/helper.sh @@ -1,5 +1,5 @@ # !/bin/sh -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # @@ -10,7 +10,7 @@ # $3 - Return value for cluster level server start policy. # Legal return values are "NEVER" or "IF_NEEDED" or "". # -function getClusterPolicy { +getClusterPolicy() { local domainJson=$1 local clusterName=$2 local __clusterPolicy=$3 @@ -31,7 +31,7 @@ function getClusterPolicy { # $2 - Return value containing domain level server start policy. # Legal retrun values are "NEVER" or "IF_NEEDED" or "ADMIN_ONLY". # -function getDomainPolicy { +getDomainPolicy() { local domainJson=$1 local __domainPolicy=$2 local effectivePolicy="" @@ -53,7 +53,7 @@ function getDomainPolicy { # $4 - Return value containing effective server start policy # Legal retrun values are "NEVER" or "IF_NEEDED" or "ALWAYS". # -function getEffectivePolicy { +getEffectivePolicy() { local domainJson=$1 local serverName=$2 local clusterName=$3 @@ -77,7 +77,7 @@ function getEffectivePolicy { # $2 - Return value containing effective server start policy # Legal retrun values are "NEVER" or "IF_NEEDED" or "ALWAYS". # -function getEffectiveAdminPolicy { +getEffectiveAdminPolicy() { local domainJson=$1 local __effectivePolicy=$2 local __adminStartPolicy="" @@ -98,7 +98,7 @@ function getEffectiveAdminPolicy { # $3 - Return value containing current server start policy # Legal retrun values are "NEVER" or "IF_NEEDED", "ALWAYS" or "". # -function getServerPolicy { +getServerPolicy() { local domainJson=$1 local serverName=$2 local __currentPolicy=$3 @@ -122,10 +122,10 @@ function getServerPolicy { # Function to create server start policy patch string # $1 - Domain resource in json format # $2 - Name of server whose policy will be patched -# $3 - Policy value +# $3 - Policy value # $4 - Return value containing server start policy patch string # -function createServerStartPolicyPatch { +createServerStartPolicyPatch() { local domainJson=$1 local serverName=$2 local policy=$3 @@ -150,7 +150,7 @@ function createServerStartPolicyPatch { else .+ [{serverName: \"${serverName}\" , serverStartPolicy: \"${policy}\"}] end" serverStartPolicyPatch=$(echo ${domainJson} | jq "${extractSpecCmd}" | jq "${mapCmd}") else - # Server start policy exists, replace policy value + # Server start policy exists, replace policy value replacePolicyCmd="(.spec.managedServers[] \ | select (.serverName == \"${serverName}\") | .serverStartPolicy) |= \"${policy}\"" servers="(.spec.managedServers)" @@ -166,7 +166,7 @@ function createServerStartPolicyPatch { # $3 - String containing replica patch string # $4 - Return value containing patch json string # -function createPatchJsonToUnsetPolicyAndUpdateReplica { +createPatchJsonToUnsetPolicyAndUpdateReplica() { local domainJson=$1 local serverName=$2 local replicaPatch=$3 @@ -178,11 +178,11 @@ function createPatchJsonToUnsetPolicyAndUpdateReplica { } # -# Function to create patch json string to update policy +# Function to create patch json string to update policy # $1 - String containing start policy info # $2 - String containing json to patch domain resource # -function createPatchJsonToUpdatePolicy { +createPatchJsonToUpdatePolicy() { local startPolicy=$1 local __result=$2 patchJson="{\"spec\": {\"managedServers\": "${startPolicy}"}}" @@ -195,7 +195,7 @@ function createPatchJsonToUpdatePolicy { # $2 - Policy value # $3 - Return value containing server start policy patch string # -function createPatchJsonToUpdateAdminPolicy { +createPatchJsonToUpdateAdminPolicy() { local domainJson=$1 local policy=$2 local __result=$3 @@ -218,11 +218,11 @@ function createPatchJsonToUpdateAdminPolicy { } # -# Function to create patch json string to update replica +# Function to create patch json string to update replica # $1 - String containing replica # $2 - String containing json to patch domain resource # -function createPatchJsonToUpdateReplica { +createPatchJsonToUpdateReplica() { local replicaInfo=$1 local __result=$2 patchJson="{\"spec\": {\"clusters\": "${replicaInfo}"}}" @@ -235,7 +235,7 @@ function createPatchJsonToUpdateReplica { # $2 - Name of server whose policy will be patched # $3 - Return value containing patch json string # -function createPatchJsonToUpdateReplicaAndPolicy { +createPatchJsonToUpdateReplicaAndPolicy() { local replicaInfo=$1 local startPolicy=$2 local __result=$3 @@ -250,7 +250,7 @@ function createPatchJsonToUpdateReplicaAndPolicy { # $2 - Name of server whose policy will be patched # $3 - Return value containing patch json string # -function createPatchJsonToUnsetPolicy { +createPatchJsonToUnsetPolicy() { local domainJson=$1 local serverName=$2 local __result=$3 @@ -266,12 +266,14 @@ function createPatchJsonToUnsetPolicy { # $2 - Name of server whose policy will be unset # $3 - Return value containing patch string with server start policy unset # -function unsetServerStartPolicy { +unsetServerStartPolicy() { local domainJson=$1 local serverName=$2 local __result=$3 local unsetStartPolicyPatch="" local mapCmd="" + local removeNullCmd="" + local unsetStartPolicyPatchNoNulls="" unsetCmd="(.spec.managedServers[] | select (.serverName == \"${serverName}\") | del (.serverStartPolicy))" replacePolicyCmd=$(echo ${domainJson} | jq -cr "${unsetCmd}") @@ -282,7 +284,9 @@ function unsetServerStartPolicy { mapCmd=". |= map(if .serverName == \"${serverName}\" then . = ${replacePolicyCmd} else . end)" fi unsetStartPolicyPatch=$(echo ${domainJson} | jq "(.spec.managedServers)" | jq "${mapCmd}") - eval $__result="'${unsetStartPolicyPatch}'" + removeNullCmd="del(.[] | select(. == null))" + unsetStartPolicyPatchNoNulls=$(echo "${unsetStartPolicyPatch}" | jq "${removeNullCmd}") + eval $__result="'${unsetStartPolicyPatchNoNulls}'" } # @@ -292,7 +296,7 @@ function unsetServerStartPolicy { # $3 - policy value of "IF_NEEDED" or "NEVER" # $4 - Return value containing patch json string # -function createPatchJsonToUpdateClusterPolicy { +createPatchJsonToUpdateClusterPolicy() { local domainJson=$1 local clusterName=$2 local policy=$3 @@ -302,7 +306,7 @@ function createPatchJsonToUpdateClusterPolicy { local existingClusters="" local patchJsonVal="" local startPolicyPatch="" - + existingClusters=$(echo ${domainJson} | jq -cr '(.spec.clusters)') if [ "${existingClusters}" == "null" ]; then # cluster doesn't exist, add cluster with server start policy @@ -329,7 +333,7 @@ function createPatchJsonToUpdateClusterPolicy { # $3 - replica count # $4 - Return value containing patch json string # -function createPatchJsonToUpdateReplicas { +createPatchJsonToUpdateReplicas() { local domainJson=$1 local clusterName=$2 local replicas=$3 @@ -363,10 +367,10 @@ function createPatchJsonToUpdateReplicas { # $1 - policy value of "IF_NEEDED" or "NEVER" # $2 - Return value containing patch json string # -function createPatchJsonToUpdateDomainPolicy { +createPatchJsonToUpdateDomainPolicy() { local policy=$1 local __result=$2 - + patchServerStartPolicy="{\"spec\": {\"serverStartPolicy\": \"${policy}\"}}" eval $__result="'${patchServerStartPolicy}'" } @@ -375,12 +379,12 @@ function createPatchJsonToUpdateDomainPolicy { # Function to get sorted list of servers in a cluster. # The sorted list is created in 'sortedByAlwaysServers' array. # $1 - Domain resource in json format -# $2 - Name of server -# $3 - Name of cluster +# $2 - Name of server +# $3 - Name of cluster # $4 - Indicates if policy of current server would be unset. # valid values are "UNSET" and "CONSTANT" # -function getSortedListOfServers { +getSortedListOfServers() { local domainJson=$1 local serverName=$2 local clusterName=$3 @@ -399,10 +403,10 @@ function getSortedListOfServers { IFS=$'\n' sortedServers=($(sort --version-sort <<<"${servers[*]}" )) unset IFS clusterSize=${#sortedServers[@]} - else + else # Cluster is a dynamic cluster, calculate server names prefix=$(echo ${dynaCluster} | jq -r .serverNamePrefix) - clusterSize=$(echo ${dynaCluster} | jq .dynamicClusterSize) + clusterSize=$(echo ${dynaCluster} | jq .dynamicClusterSize) for (( i=1; i<=$clusterSize; i++ )); do localServerName=${prefix}$i sortedServers+=(${localServerName}) @@ -421,7 +425,7 @@ function getSortedListOfServers { otherServers+=(${localServerName}) fi done - + # append other servers to the list of servers with always policy for otherServer in ${otherServers[@]:-}; do sortedByAlwaysServers+=($otherServer) @@ -431,10 +435,10 @@ function getSortedListOfServers { # # Get replica count for a cluster # $1 - Domain resource in json format -# $2 - Name of cluster +# $2 - Name of cluster # $3 - Return value containing replica count # -function getReplicaCount { +getReplicaCount() { local domainJson=$1 local clusterName=$2 local __replicaCount=$3 @@ -465,7 +469,7 @@ function getReplicaCount { # $1 - Domain resource in json format # $2 - Return value containing the restart version. # -function generateDomainRestartVersion { +generateDomainRestartVersion() { local domainJson=$1 local __result=$2 local __restartVersion="" @@ -486,7 +490,7 @@ function generateDomainRestartVersion { # $1 - Domain resource in json format # $2 - Return value containing the introspect version. # -function generateDomainIntrospectVersion { +generateDomainIntrospectVersion() { local domainJson=$1 local __result=$2 local __introspectVersion="" @@ -512,7 +516,7 @@ function generateDomainIntrospectVersion { # $2 - Name of cluster # $3 - Return value containing the restart version. # -function generateClusterRestartVersion { +generateClusterRestartVersion() { local domainJson=$1 local clusterName=$2 local __result=$3 @@ -539,7 +543,7 @@ function generateClusterRestartVersion { # $1 - domain restart version # $2 - Return value containing patch json string # -function createPatchJsonToUpdateDomainRestartVersion { +createPatchJsonToUpdateDomainRestartVersion() { local restartVersion=$1 local __result=$2 local __restartVersionPatch="" @@ -553,7 +557,7 @@ function createPatchJsonToUpdateDomainRestartVersion { # $1 - domain introspect version # $2 - Return value containing patch json string # -function createPatchJsonToUpdateDomainIntrospectVersion { +createPatchJsonToUpdateDomainIntrospectVersion() { local introspectVersion=$1 local __result=$2 local __introspectVersionPatch="" @@ -569,7 +573,8 @@ function createPatchJsonToUpdateDomainIntrospectVersion { # $3 - restart version # $4 - Return value containing patch json string # -function createPatchJsonToUpdateClusterRestartVersion { +createPatchJsonToUpdateClusterRestartVersion() { + local domainJson=$1 local clusterName=$2 local restartVersion=$3 @@ -599,18 +604,18 @@ function createPatchJsonToUpdateClusterRestartVersion { } # -# Check servers started in a cluster based on server start policy and +# Check servers started in a cluster based on server start policy and # replica count. # $1 - Domain resource in json format -# $2 - Name of server -# $3 - Name of cluster +# $2 - Name of server +# $3 - Name of cluster # $4 - Indicates if replicas will stay constant, incremented or decremented. # Valid values are "CONSTANT", "INCREMENT" and "DECREMENT" # $5 - Indicates if policy of current server will stay constant or unset. # Valid values are "CONSTANT" and "UNSET" # $6 - Return value of "true" or "false" indicating if current server will be started # -function checkStartedServers { +checkStartedServers() { local domainJson=$1 local serverName=$2 local clusterName=$3 @@ -623,7 +628,7 @@ function checkStartedServers { local currentReplicas=0 local startedServers=() local sortedByAlwaysServers=() - + # Get sorted list of servers in 'sortedByAlwaysServers' array getSortedListOfServers "${domainJson}" "${serverName}" "${clusterName}" "${withPolicy}" getReplicaCount "${domainJson}" "${clusterName}" replicaCount @@ -665,10 +670,10 @@ function checkStartedServers { # $3 - Replica count # $4 - Returns "true" or "false" indicating if server should start. # -function shouldStart { +shouldStart() { local currentReplicas=$1 local policy=$2 - local replicaCount=$3 + local replicaCount=$3 local __result=$4 if [ "$policy" == "ALWAYS" ]; then @@ -677,7 +682,7 @@ function shouldStart { eval $__result=false elif [ "${currentReplicas}" -lt "${replicaCount}" ]; then eval $__result=true - else + else eval $__result=false fi } @@ -689,7 +694,7 @@ function shouldStart { # $3 - Returns "true" or "false" indicating if replica count is equal to # or greater than min replicas. # -function isReplicaCountEqualToMinReplicas { +isReplicaCountEqualToMinReplicas() { local domainJson=$1 local clusterName=$2 local __result=$3 @@ -711,7 +716,7 @@ function isReplicaCountEqualToMinReplicas { # the allowed range # $5 - Returns allowed range for replica count for the given cluster # -function isReplicasInAllowedRange { +isReplicasInAllowedRange() { local domainJson=$1 local clusterName=$2 local replicas=$3 @@ -735,7 +740,7 @@ function isReplicasInAllowedRange { # $2 - Name of the cluster # $3 - Return value containing minimum replica count # -function getMinReplicas { +getMinReplicas() { local domainJson=$1 local clusterName=$2 local __result=$3 @@ -755,7 +760,7 @@ function getMinReplicas { # $2 - Name of the cluster # $3 - Return value containing maximum replica count # -function getMaxReplicas { +getMaxReplicas() { local domainJson=$1 local clusterName=$2 local __result=$3 @@ -772,12 +777,12 @@ function getMaxReplicas { # Function to create patch string for updating replica count # $1 - Domain resource in json format # $2 - Name of cluster whose replica count will be patched -# $3 - operation string indicating whether to increment or decrement replica count. +# $3 - operation string indicating whether to increment or decrement replica count. # Valid values are "INCREMENT" and "DECREMENT" # $4 - Return value containing replica update patch string # $5 - Return value containing updated replica count # -function createReplicaPatch { +createReplicaPatch() { local domainJson=$1 local clusterName=$2 local operation=$3 @@ -814,9 +819,9 @@ Not increasing replica count value." # $4 - Return value of "true" or "false" indicating if server is valid (i.e. if it's part of a cluster or independent server). # $5 - Retrun value containting cluster name to which this server belongs. # -function validateServerAndFindCluster { +validateServerAndFindCluster() { local domainUid=$1 - local domainNamespace=$2 + local domainNamespace=$2 local serverName=$3 local __isValidServer=$4 local __clusterName=$5 @@ -884,7 +889,7 @@ function validateServerAndFindCluster { # $3 - cluster name # $4 - Retrun value "true" or "false" indicating whether cluster name is valid # -function validateClusterName { +validateClusterName() { local domainUid=$1 local domainNamespace=$2 local clusterName=$3 @@ -899,17 +904,17 @@ function validateClusterName { fi } -function getTopology { +getTopology() { local domainUid=$1 local domainNamespace=$2 - local __result=$3 + local __result=$3 local __jsonTopology="" local __topology="" if [[ "$OSTYPE" == "darwin"* ]]; then configMap=$(${kubernetesCli} get cm ${domainUid}-weblogic-domain-introspect-cm \ -n ${domainNamespace} -o yaml --ignore-not-found) - else + else configMap=$(${kubernetesCli} get cm ${domainUid}-weblogic-domain-introspect-cm \ -n ${domainNamespace} -o json --ignore-not-found) fi @@ -960,26 +965,26 @@ checkStringInArray() { } # try to execute jq to see whether jq is available -function validateJqAvailable { +validateJqAvailable() { if ! [ -x "$(command -v jq)" ]; then validationError "jq is not installed" fi } # try to execute kubernetes cli to see whether cli is available -function validateKubernetesCliAvailable { +validateKubernetesCliAvailable() { if ! [ -x "$(command -v ${kubernetesCli})" ]; then validationError "${kubernetesCli} is not installed" fi } # Function to print an error message -function printError { +printError() { echo [`timestamp`][ERROR] $* } # Function to print an error message -function printInfo { +printInfo() { echo [`timestamp`][INFO] $* } @@ -991,7 +996,7 @@ function printInfo { # $4 - Json string to be used in 'patch' command # $5 - Verbose mode. Legal values are "true" or "false" # -function executePatchCommand { +executePatchCommand() { local kubernetesCli=$1 local domainUid=$2 local domainNamespace=$3 @@ -1008,7 +1013,7 @@ function executePatchCommand { # timestamp # purpose: echo timestamp in the form yyyy-mm-ddThh:mm:ss.nnnnnnZ # example: 2018-10-01T14:00:00.000001Z -function timestamp() { +timestamp() { local timestamp="`date --utc '+%Y-%m-%dT%H:%M:%S.%NZ' 2>&1`" if [ ! "${timestamp/illegal/xyz}" = "${timestamp}" ]; then # old shell versions don't support %N or --utc @@ -1020,7 +1025,7 @@ function timestamp() { # # Function to note that a validate error has occurred # -function validationError { +validationError() { printError $* validateErrors=true } @@ -1028,7 +1033,7 @@ function validationError { # # Function to cause the script to fail if there were any validation errors # -function failIfValidationErrors { +failIfValidationErrors() { if [ "$validateErrors" = true ]; then printError 'The errors listed above must be resolved before the script can continue. Please see usage information below.' usage 1 @@ -1039,11 +1044,10 @@ function failIfValidationErrors { # Function to lowercase a value and make it a legal DNS1123 name # $1 - value to convert to DNS legal name # $2 - return value containing DNS legal name. -function toDNS1123Legal { +toDNS1123Legal() { local name=$1 local __result=$2 local val=`echo "${name}" | tr "[:upper:]" "[:lower:]"` val=${val//"_"/"-"} eval $__result="'$val'" } - diff --git a/OracleSOASuite/kubernetes/monitoring-service/README.md b/OracleSOASuite/kubernetes/monitoring-service/README.md index 8ca7ad65d..e99198212 100755 --- a/OracleSOASuite/kubernetes/monitoring-service/README.md +++ b/OracleSOASuite/kubernetes/monitoring-service/README.md @@ -1,35 +1,73 @@ -# Monitor the Oracle SOA Suite instance using Prometheus and Grafana -Using the `WebLogic Monitoring Exporter` you can scrape runtime information from a running Oracle SOA Suite instance and monitor them using Prometheus and Grafana. +# Monitor the OracleSOASuite instance using Prometheus and Grafana +Using the `WebLogic Monitoring Exporter` you can scrape runtime information from a running OracleSOASuite instance and monitor them using Prometheus and Grafana. ## Prerequisites + - Have Docker and a Kubernetes cluster running and have `kubectl` installed and configured. - Have Helm installed. -- An Oracle SOA Suite domain cluster deployed by `weblogic-operator` is running in the Kubernetes cluster. +- An OracleSOASuite domain deployed by `weblogic-operator` is running in the Kubernetes cluster. -## Set up monitoring for Oracle SOA Suite domain +## Set up monitoring for OracleSOASuite domain -Set up the WebLogic Monitoring Exporter that will collect WebLogic Server metrics and monitor Oracle SOA Suite domain. +Set up the WebLogic Monitoring Exporter that will collect WebLogic Server metrics and monitor OracleSOASuite domain. -**Note**: Either of the following methods can be used to set up monitoring for Oracle SOA Suite domain. Using `setup-monitoring.sh` does the set up in an automated way. +**Note**: Either of the following methods can be used to set up monitoring for OracleSOASuite domain. Using `setup-monitoring.sh` does the set up in an automated way. 1. [Set up manually](#set-up-manually) 1. [Set up using `setup-monitoring.sh`](#set-up-using-setup-monitoringsh) ## Set up manually -Before setting up WebLogic Monitoring Exporter, make sure that Prometheus and Grafana are deployed on the Kubernetes cluster. Refer [Deploy Prometheus and Grafana](https://oracle.github.io/fmw-kubernetes/soa-domains/adminguide/monitoring-soa-domains/#deploy-prometheus-and-grafana) for details. +### Deploy Prometheus and Grafana + +Refer to the compatibility matrix of [Kube Prometheus](https://github.com/coreos/kube-prometheus#kubernetes-compatibility-matrix) and clone the [release](https://github.com/coreos/kube-prometheus/releases) version of the `kube-prometheus` repository according to the Kubernetes version of your cluster. + +1. Clone the `kube-prometheus` repository: + ``` + $ git clone https://github.com/coreos/kube-prometheus.git + ``` + +1. Change to folder `kube-prometheus` and enter the following commands to create the namespace and CRDs, and then wait for their availability before creating the remaining resources: + + ``` + $ cd kube-prometheus + $ kubectl create -f manifests/setup + $ until kubectl get servicemonitors --all-namespaces ; do date; sleep 1; echo ""; done + $ kubectl create -f manifests/ + ``` + +1. `kube-prometheus` requires all nodes in the Kubernetes cluster to be labeled with `kubernetes.io/os=linux`. If any node is not labeled with this, then you need to label it using the following command: + + ``` + $ kubectl label nodes --all kubernetes.io/os=linux + ``` + +1. Enter the following commands to provide external access for Grafana, Prometheus, and Alertmanager: -#### Generate the WebLogic Monitoring Exporter Deployment Package + ``` + $ kubectl patch svc grafana -n monitoring --type=json -p '[{"op": "replace", "path": "/spec/type", "value": "NodePort" },{"op": "replace", "path": "/spec/ports/0/nodePort", "value": 32100 }]' + + $ kubectl patch svc prometheus-k8s -n monitoring --type=json -p '[{"op": "replace", "path": "/spec/type", "value": "NodePort" },{"op": "replace", "path": "/spec/ports/0/nodePort", "value": 32101 }]' + + $ kubectl patch svc alertmanager-main -n monitoring --type=json -p '[{"op": "replace", "path": "/spec/type", "value": "NodePort" },{"op": "replace", "path": "/spec/ports/0/nodePort", "value": 32102 }]' + ``` + + Note: + * `32100` is the external port for Grafana + * `32101` is the external port for Prometheus + * `32102` is the external port for Alertmanager + +### Generate the WebLogic Monitoring Exporter Deployment Package The `wls-exporter.war` package need to be updated and created for each listening ports (Administration Server and Managed Servers) in the domain. -Set the below environment values based on your domainType and run the script `get-wls-exporter.sh` to generate the required WAR files at `${WORKDIR}/monitoring-service/scripts/wls-exporter-deploy`: +Set the below environment values based on your environment and run the script `get-wls-exporter.sh` to generate the required WAR files at `${WORKDIR}/monitoring-service/scripts/wls-exporter-deploy`: - adminServerPort - wlsMonitoringExporterTosoaCluster - soaManagedServerPort - wlsMonitoringExporterToosbCluster - osbManagedServerPort -Example for `soaosb` domainType: +For example: ``` $ cd ${WORKDIR}/monitoring-service/scripts @@ -47,9 +85,10 @@ Verify whether the required WAR files are generated at `${WORKDIR}/monitoring-se $ ls ${WORKDIR}/monitoring-service/scripts/wls-exporter-deploy ``` -#### Deploy the WebLogic Monitoring Exporter into the Oracle SOA Suite domain +### Deploy the WebLogic Monitoring Exporter into the OracleSOASuite domain + +Follow these steps to copy and deploy the WebLogic Monitoring Exporter WAR files into the OracleSOASuite Domain. -Follow these steps to copy and deploy the WebLogic Monitoring Exporter WAR files into the Oracle SOA Suite Domain. **Note**: Replace the `` with appropriate values based on your environment: ``` @@ -63,7 +102,7 @@ $ kubectl exec -it -n -- /u01/oracle/oracle_common/ -username -password ``` -Example for `soaosb` domainType: +For example: ``` $ cd ${WORKDIR}/monitoring-service/scripts @@ -76,11 +115,11 @@ $ kubectl exec -it -n soans soainfra-adminserver -- /u01/oracle/oracle_common/co -username weblogic -password Welcome1 ``` -#### Configure Prometheus Operator +### Configure Prometheus Operator Prometheus enables you to collect metrics from the WebLogic Monitoring Exporter. The Prometheus Operator identifies the targets using service discovery. To get the WebLogic Monitoring Exporter end point discovered as a target, you must create a service monitor pointing to the service. -The service monitor deployment YAML configuration file is available at `${WORKDIR}/monitoring-service/manifests/wls-exporter-ServiceMonitor.yaml.template`. Copy the file as `wls-exporter-ServiceMonitor.yaml` to update with appropraite values as detailed below. +The service monitor deployment YAML configuration file is available at `${WORKDIR}/monitoring-service/manifests/wls-exporter-ServiceMonitor.yaml.template`. Copy the file as `wls-exporter-ServiceMonitor.yaml` to update with appropriate values as detailed below. The exporting of metrics from `wls-exporter` requires `basicAuth`, so a Kubernetes `Secret` is created with the user name and password that are base64 encoded. This `Secret` is used in the `ServiceMonitor` deployment. The `wls-exporter-ServiceMonitor.yaml` has namespace as `soans` and has `basicAuth` with credentials as `username: %USERNAME%` and `password: %PASSWORD%`. Update `%USERNAME%` and `%PASSWORD% ` in base64 encoded and all occurences of `soans` based on your environment. @@ -102,7 +141,7 @@ $ cd ${WORKDIR}/monitoring-service/manifests $ kubectl apply -f . ``` -#### Verify the service discovery of WebLogic Monitoring Exporter +### Verify the service discovery of WebLogic Monitoring Exporter After the deployment of the service monitor, Prometheus should be able to discover wls-exporter and collect the metrics. @@ -113,7 +152,7 @@ After the deployment of the service monitor, Prometheus should be able to discov 1. Verify that `wls-exporter` is listed in the discovered Services. -#### Deploy Grafana Dashboard +### Deploy Grafana Dashboard You can access the Grafana dashboard at `http://mycompany.com:32100/`. @@ -124,13 +163,13 @@ You can access the Grafana dashboard at `http://mycompany.com:32100/`. ## Set up using `setup-monitoring.sh` -Alternatively, you can run the helper script `setup-monitoring.sh` available at `${WORKDIR}/monitoring-service` to setup the monitoring for Oracle SOA Suite domain. +Alternatively, you can run the helper script `setup-monitoring.sh` available at `${WORKDIR}/monitoring-service` to setup the monitoring for OracleSOASuite domain. This script creates kube-prometheus-stack(Prometheus, Grafana and Alertmanager), WebLogic Monitoring Exporter and imports `weblogic-server-dashboard.json` into Grafana for WebLogic Server Dashboard. ### Prepare to use the setup monitoring script -The sample scripts for setup monitoring for Oracle SOA Suite domain are available at `${WORKDIR}/monitoring-service`. +The sample scripts for setup monitoring for OracleSOASuite domain are available at `${WORKDIR}/monitoring-service`. You must edit `monitoring-inputs.yaml`(or a copy of it) to provide the details of your domain. Refer to the configuration parameters below to understand the information that you must provide in this file. @@ -140,8 +179,8 @@ The following parameters can be provided in the inputs file. | Parameter | Description | Default | | --- | --- | --- | -| `domainUID` | domainUID of the Oracle SOA Suite domain. | `soainfra` | -| `domainNamespace` | Kubernetes namespace of the Oracle SOA Suite domain. | `soans` | +| `domainUID` | domainUID of the OracleSOASuite domain. | `soainfra` | +| `domainNamespace` | Kubernetes namespace of the OracleSOASuite domain. | `soans` | | `setupKubePrometheusStack` | Boolean value indicating whether kube-prometheus-stack (Prometheus, Grafana and Alertmanager) to be installed | `true` | | `additionalParamForKubePrometheusStack` | The script install's kube-prometheus-stack with `service.type` as NodePort and values for `service.nodePort` as per the parameters defined in `monitoring-inputs.yaml`. Use `additionalParamForKubePrometheusStack` parameter to further configure with additional parameters as per [values.yaml](https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-prometheus-stack/values.yaml). Sample value to disable NodeExporter, Prometheus-Operator TLS support and Admission webhook support for PrometheusRules resources is `--set nodeExporter.enabled=false --set prometheusOperator.tls.enabled=false --set prometheusOperator.admissionWebhooks.enabled=false`| | | `monitoringNamespace` | Kubernetes namespace for monitoring setup. | `monitoring` | @@ -159,7 +198,7 @@ The following parameters can be provided in the inputs file. | `alertmanagerNodePort` | Port number of the Alertmanager outside the Kubernetes cluster. | `32102` | | `weblogicCredentialsSecretName` | Name of the Kubernetes secret which has Administration Server’s user name and password. | `soainfra-domain-credentials` | -Note that the values specified in the `monitoring-inputs.yaml` file will be used to install kube-prometheus-stack (Prometheus, Grafana and Alertmanager) and deploying WebLogic Monitoring Exporter into the Oracle SOA Suite domain. Hence make the domain specific values to be same as that used during domain creation. +Note that the values specified in the `monitoring-inputs.yaml` file will be used to install kube-prometheus-stack (Prometheus, Grafana and Alertmanager) and deploying WebLogic Monitoring Exporter into the OracleSOASuite domain. Hence make the domain specific values to be same as that used during domain creation. ### Run the setup monitoring script @@ -179,6 +218,7 @@ The script will perform the following steps: - Exposes the Monitoring Services (Prometheus at `32101`, Grafana at `32100` and Alertmanager at `32102`) outside of the Kubernetes cluster if `exposeMonitoringNodePort` is set to `true`. - Imports the WebLogic Server Grafana Dashboard if `setupKubePrometheusStack` is set to `true`. + ### Verify the results The setup monitoring script will report failure if there was any error. However, verify that required resources were created by the script. @@ -234,3 +274,4 @@ $ cd ${WORKDIR}/monitoring-service $ ./delete-monitoring.sh \ -i monitoring-inputs.yaml ``` + diff --git a/OracleSOASuite/kubernetes/monitoring-service/config/weblogic-server-dashboard-import.json b/OracleSOASuite/kubernetes/monitoring-service/config/weblogic-server-dashboard-import.json index 82d2cd26c..c2fa9e2eb 100755 --- a/OracleSOASuite/kubernetes/monitoring-service/config/weblogic-server-dashboard-import.json +++ b/OracleSOASuite/kubernetes/monitoring-service/config/weblogic-server-dashboard-import.json @@ -43,7 +43,7 @@ "gnetId": null, "graphTooltip": 0, "id": null, - "iteration": 1591295215114, + "iteration": 1563266678971, "links": [], "panels": [ { @@ -3308,5 +3308,5 @@ "timezone": "", "title": "WebLogic Server Dashboard", "uid": "5yUwzbZWz", - "version": 1 + "version": 6 } diff --git a/OracleSOASuite/kubernetes/monitoring-service/config/weblogic-server-dashboard.json b/OracleSOASuite/kubernetes/monitoring-service/config/weblogic-server-dashboard.json index 0efe1958d..cf6d5f776 100755 --- a/OracleSOASuite/kubernetes/monitoring-service/config/weblogic-server-dashboard.json +++ b/OracleSOASuite/kubernetes/monitoring-service/config/weblogic-server-dashboard.json @@ -1,4 +1,4 @@ -{ +{ "dashboard": { "__inputs": [], "__requires": [ @@ -44,7 +44,7 @@ "gnetId": null, "graphTooltip": 0, "id": null, - "iteration": 1591295215114, + "iteration": 1563266678971, "links": [], "panels": [ { @@ -3309,6 +3309,7 @@ "timezone": "", "title": "WebLogic Server Dashboard", "uid": "5yUwzbZWz", - "version": 1 + "version": 6 } } + diff --git a/OracleSOASuite/kubernetes/monitoring-service/delete-monitoring.sh b/OracleSOASuite/kubernetes/monitoring-service/delete-monitoring.sh index b676e9b40..eee881c77 100755 --- a/OracleSOASuite/kubernetes/monitoring-service/delete-monitoring.sh +++ b/OracleSOASuite/kubernetes/monitoring-service/delete-monitoring.sh @@ -62,7 +62,7 @@ function usage { } -function deleteKubePrometheusStack { +function deletePrometheusGrafana { helm delete ${monitoringNamespace} --namespace ${monitoringNamespace} } @@ -115,7 +115,7 @@ fi if [ "${setupKubePrometheusStack}" = "true" ]; then echo "Deleting Prometheus and grafana started" - deleteKubePrometheusStack + deletePrometheusGrafana echo "Deleting Prometheus and grafana completed" fi cd $OLD_PWD diff --git a/OracleSOASuite/kubernetes/monitoring-service/manifests/wls-exporter-ServiceMonitor.yaml b/OracleSOASuite/kubernetes/monitoring-service/manifests/wls-exporter-ServiceMonitor.yaml new file mode 100755 index 000000000..16fa5cce0 --- /dev/null +++ b/OracleSOASuite/kubernetes/monitoring-service/manifests/wls-exporter-ServiceMonitor.yaml @@ -0,0 +1,43 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# +apiVersion: v1 +kind: Secret +metadata: + name: basic-auth + namespace: monitoring +data: + password: V2VsY29tZTE= # Welcome1 i.e.'WebLogic password' + user: d2VibG9naWM= # weblogic i.e. 'WebLogic username' +type: Opaque +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: wls-exporter + namespace: monitoring + labels: + k8s-app: wls-exporter +spec: + namespaceSelector: + matchNames: + - soans + selector: + matchLabels: + weblogic.domainName: soainfra + endpoints: + - basicAuth: + password: + name: basic-auth + key: password + username: + name: basic-auth + key: user + port: default + relabelings: + - action: labelmap + regex: __meta_kubernetes_service_label_(.+) + interval: 10s + honorLabels: true + path: /wls-exporter/metrics + diff --git a/OracleSOASuite/kubernetes/monitoring-service/monitoring-inputs.yaml b/OracleSOASuite/kubernetes/monitoring-service/monitoring-inputs.yaml index 5e16b9957..819713801 100755 --- a/OracleSOASuite/kubernetes/monitoring-service/monitoring-inputs.yaml +++ b/OracleSOASuite/kubernetes/monitoring-service/monitoring-inputs.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2020, 2021, Oracle and/or its affiliates. +# Copyright (c) 2021, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # # The version of this inputs file. Do not modify. @@ -35,7 +35,7 @@ soaClusterName: soa_cluster # Port number for managed server soaManagedServerPort: 8001 -# Boolean value indicating whether to deploy WebLogic Monitoring Exporter to soaCluster +# WebLogic Monitoring Exporter to Cluster wlsMonitoringExporterTosoaCluster: false # Cluster name @@ -44,10 +44,11 @@ osbClusterName: osb_cluster # Port number for managed server osbManagedServerPort: 9001 -# Boolean value indicating whether to deploy WebLogic Monitoring Exporter to osbCluster +# WebLogic Monitoring Exporter to Cluster wlsMonitoringExporterToosbCluster: false -# Boolean to indicate if the Monitoring Services will be exposed + +# Boolean to indicate if the Monitoring Services NodePort will be exposed exposeMonitoringNodePort: false # NodePort to expose Prometheus diff --git a/OracleSOASuite/kubernetes/monitoring-service/scripts/deploy-weblogic-monitoring-exporter.py b/OracleSOASuite/kubernetes/monitoring-service/scripts/deploy-weblogic-monitoring-exporter.py index 880bf5f0d..003de8e04 100755 --- a/OracleSOASuite/kubernetes/monitoring-service/scripts/deploy-weblogic-monitoring-exporter.py +++ b/OracleSOASuite/kubernetes/monitoring-service/scripts/deploy-weblogic-monitoring-exporter.py @@ -28,7 +28,7 @@ def usage(): if len(sys.argv) < 1: usage() -# domainName will be passed by command line parameter -domainName +# domainName will be passed by command line parameter -domainName. domainName = "soainfra" # adminServerName will be passed by command line parameter -adminServerName @@ -37,14 +37,15 @@ def usage(): # adminURL will be passed by command line parameter -adminURL adminURL = "soainfra-adminserver:7001" -# soaClusterName will be passed by command line parameter -soaClusterName -soaClusterName = "soaClusterName" +# soaClusterName will be passed by command line parameter -soaClusterName +soaClusterName = "soa_cluster" # wlsMonitoringExporterTosoaCluster will be passed by command line parameter -wlsMonitoringExporterTosoaCluster wlsMonitoringExporterTosoaCluster = "false" + # osbClusterName will be passed by command line parameter -osbClusterName -osbClusterName = "osbClusterName" +osbClusterName = "osb_cluster" # wlsMonitoringExporterToosbCluster will be passed by command line parameter -wlsMonitoringExporterToosbCluster wlsMonitoringExporterToosbCluster = "false" diff --git a/OracleSOASuite/kubernetes/monitoring-service/scripts/deploy-weblogic-monitoring-exporter.sh b/OracleSOASuite/kubernetes/monitoring-service/scripts/deploy-weblogic-monitoring-exporter.sh index 684521d87..27093abda 100755 --- a/OracleSOASuite/kubernetes/monitoring-service/scripts/deploy-weblogic-monitoring-exporter.sh +++ b/OracleSOASuite/kubernetes/monitoring-service/scripts/deploy-weblogic-monitoring-exporter.sh @@ -22,7 +22,6 @@ function toDNS1123Legal { username=`kubectl get secrets ${weblogicCredentialsSecretName} -n ${domainNamespace} -o=jsonpath='{.data.username}'|base64 --decode` password=`kubectl get secrets ${weblogicCredentialsSecretName} -n ${domainNamespace} -o=jsonpath='{.data.password}'|base64 --decode` - adminServerPodName="${domainUID}-$(toDNS1123Legal ${adminServerName})" InputParameterList=" -domainName ${domainUID} -adminServerName ${adminServerName} -adminURL ${adminServerPodName}:${adminServerPort} -username ${username} -password ${password}" @@ -36,4 +35,3 @@ kubectl cp $scriptDir/deploy-weblogic-monitoring-exporter.py ${domainNamespace}/ EXEC_DEPLOY="kubectl exec -it -n ${domainNamespace} ${adminServerPodName} -- /u01/oracle/oracle_common/common/bin/wlst.sh /u01/oracle/wls-exporter-deploy/deploy-weblogic-monitoring-exporter.py ${InputParameterList}" eval ${EXEC_DEPLOY} - diff --git a/OracleSOASuite/kubernetes/monitoring-service/scripts/undeploy-weblogic-monitoring-exporter.py b/OracleSOASuite/kubernetes/monitoring-service/scripts/undeploy-weblogic-monitoring-exporter.py index 51767c5d8..195e87e17 100755 --- a/OracleSOASuite/kubernetes/monitoring-service/scripts/undeploy-weblogic-monitoring-exporter.py +++ b/OracleSOASuite/kubernetes/monitoring-service/scripts/undeploy-weblogic-monitoring-exporter.py @@ -36,14 +36,13 @@ def usage(): # adminURL will be passed by command line parameter -adminURL adminURL = "soainfra-adminserver:7001" -# soaClusterName will be passed by command line parameter -soaClusterName -soaClusterName = "soaClusterName" +# soaClusterName will be passed by command line parameter -soaClusterName +soaClusterName = "soa_cluster" # wlsMonitoringExporterTosoaCluster will be passed by command line parameter -wlsMonitoringExporterTosoaCluster wlsMonitoringExporterTosoaCluster = "false" - # osbClusterName will be passed by command line parameter -osbClusterName -osbClusterName = "osbClusterName" +osbClusterName = "osb_cluster" # wlsMonitoringExporterToosbCluster will be passed by command line parameter -wlsMonitoringExporterToosbCluster wlsMonitoringExporterToosbCluster = "false" @@ -101,3 +100,4 @@ def usage(): disconnect() exit() + diff --git a/OracleSOASuite/kubernetes/monitoring-service/scripts/undeploy-weblogic-monitoring-exporter.sh b/OracleSOASuite/kubernetes/monitoring-service/scripts/undeploy-weblogic-monitoring-exporter.sh index 7bb45a42a..e579d0e02 100755 --- a/OracleSOASuite/kubernetes/monitoring-service/scripts/undeploy-weblogic-monitoring-exporter.sh +++ b/OracleSOASuite/kubernetes/monitoring-service/scripts/undeploy-weblogic-monitoring-exporter.sh @@ -36,3 +36,4 @@ eval ${EXEC_UNDEPLOY} # Cleanup the local wars rm -rf ${scriptDir}/wls-exporter-deploy + diff --git a/OracleSOASuite/kubernetes/monitoring-service/setup-monitoring.sh b/OracleSOASuite/kubernetes/monitoring-service/setup-monitoring.sh index c36b4bb82..bf7d3619c 100755 --- a/OracleSOASuite/kubernetes/monitoring-service/setup-monitoring.sh +++ b/OracleSOASuite/kubernetes/monitoring-service/setup-monitoring.sh @@ -78,21 +78,22 @@ function installKubePrometheusStack { if [ ${exposeMonitoringNodePort} == "true" ]; then helm install ${monitoringNamespace} prometheus-community/kube-prometheus-stack \ - --namespace ${monitoringNamespace} \ + --namespace ${monitoringNamespace} ${additionalParamForKubePrometheusStack} \ --set prometheus.service.type=NodePort --set prometheus.service.nodePort=${prometheusNodePort} \ --set alertmanager.service.type=NodePort --set alertmanager.service.nodePort=${alertmanagerNodePort} \ --set grafana.adminPassword=admin --set grafana.service.type=NodePort --set grafana.service.nodePort=${grafanaNodePort} \ - --version "16.5.0" ${additionalParamForKubePrometheusStack} \ + --version "16.5.0" \ --atomic --wait else helm install ${monitoringNamespace} prometheus-community/kube-prometheus-stack \ - --namespace ${monitoringNamespace} \ + --namespace ${monitoringNamespace} ${additionalParamForKubePrometheusStack} \ --set grafana.adminPassword=admin \ - --version "16.5.0" ${additionalParamForKubePrometheusStack} \ + --version "16.5.0" \ --atomic --wait fi exitIfError $? "ERROR: prometheus-community/kube-prometheus-stack install failed." } + #Parse the inputs while getopts "hi:" opt; do case $opt in @@ -130,10 +131,10 @@ rm ${exportValuesFile} if [ "${setupKubePrometheusStack}" = "true" ]; then if test "$(kubectl get namespace ${monitoringNamespace} --ignore-not-found | wc -l)" = 0; then - echo "The namespace ${monitoringNamespace} for install prometheus-community/kube-prometheus-stack does not exist. Creating the namespace ${monitoringNamespace}" + echo "The namespace ${monitoringNamespace} for install prometheus-community/kube-promethues-stack does not exist. Creating the namespace ${monitoringNamespace}" kubectl create namespace ${monitoringNamespace} fi - echo -e "Monitoring setup in ${monitoringNamespace} in progress\n" + echo -e "Monitoring setup in ${monitoringNamespace} in progress.......\n" # Create the namespace and CRDs, and then wait for them to be availble before creating the remaining resources kubectl label nodes --all kubernetes.io/os=linux --overwrite=true @@ -145,8 +146,8 @@ if [ "${setupKubePrometheusStack}" = "true" ]; then echo "Setup prometheus-community/kube-prometheus-stack completed" fi -username=`kubectl get secrets ${weblogicCredentialsSecretName} -n ${domainNamespace} -o=jsonpath='{.data.username}'|base64 --decode` -password=`kubectl get secrets ${weblogicCredentialsSecretName} -n ${domainNamespace} -o=jsonpath='{.data.password}'|base64 --decode` +export username=`kubectl get secrets ${weblogicCredentialsSecretName} -n ${domainNamespace} -o=jsonpath='{.data.username}'|base64 --decode` +export password=`kubectl get secrets ${weblogicCredentialsSecretName} -n ${domainNamespace} -o=jsonpath='{.data.password}'|base64 --decode` # Setting up the WebLogic Monitoring Exporter echo "Deploy WebLogic Monitoring Exporter started" @@ -168,6 +169,7 @@ sed -i -e "$!N;s/matchNames:\n -.*/matchNames:\n - ${domainNamespace}/g;P; kubectl apply -f ${serviceMonitor} + if [ "${setupKubePrometheusStack}" = "true" ]; then # Deploying WebLogic Server Grafana Dashboard echo "Deploying WebLogic Server Grafana Dashboard...." diff --git a/OracleSOASuite/kubernetes/scaling/scalingAction.sh b/OracleSOASuite/kubernetes/scaling/scalingAction.sh index 0da098e68..462031314 100755 --- a/OracleSOASuite/kubernetes/scaling/scalingAction.sh +++ b/OracleSOASuite/kubernetes/scaling/scalingAction.sh @@ -98,7 +98,7 @@ cat > cmds-$$.py << INPUT import sys, json for i in json.load(sys.stdin)["spec"]["ports"]: if i["name"] == "rest": - print(i["port"]) + print((i["port"])) INPUT port=$(echo "${STATUS}" | python cmds-$$.py 2>> ${log_file_name}) fi @@ -131,7 +131,7 @@ cat > cmds-$$.py << INPUT import sys, json for i in json.load(sys.stdin)["groups"]: if i["name"] == "weblogic.oracle": - print(i["preferredVersion"]["version"]) + print((i["preferredVersion"]["version"])) INPUT domain_api_version=`echo ${APIS} | python cmds-$$.py 2>> ${log_file_name}` fi @@ -196,7 +196,7 @@ cat > cmds-$$.py << INPUT import sys, json for j in json.load(sys.stdin)["spec"]["clusters"]: if j["clusterName"] == "$wls_cluster_name": - print (j["replicas"]) + print((j["replicas"])) INPUT num_ms=`echo ${DOMAIN} | python cmds-$$.py 2>> ${log_file_name}` fi @@ -219,7 +219,7 @@ function get_num_ms_domain_scope() { else cat > cmds-$$.py << INPUT import sys, json -print (json.load(sys.stdin)["spec"]["replicas"]) +print((json.load(sys.stdin)["spec"]["replicas"])) INPUT num_ms=`echo ${DOMAIN} | python cmds-$$.py 2>> ${log_file_name}` fi @@ -253,7 +253,7 @@ cat > cmds-$$.py << INPUT import sys, json for j in json.load(sys.stdin)["status"]["clusters"]: if j["clusterName"] == "$clusterName": - print (j["minimumReplicas"]) + print((j["minimumReplicas"])) INPUT minReplicas=`echo ${DOMAIN} | python cmds-$$.py 2>> ${log_file_name}` fi diff --git a/docs-source/content/soa-domains/_index.md b/docs-source/content/soa-domains/_index.md index a5981c742..93c55710f 100644 --- a/docs-source/content/soa-domains/_index.md +++ b/docs-source/content/soa-domains/_index.md @@ -25,7 +25,7 @@ The operator has several key features to assist you with deploying and managing #### Current production release -The current production release for the Oracle SOA Suite domains deployment on Kubernetes is [22.1.2](https://github.com/oracle/fmw-kubernetes/releases). This release uses the WebLogic Kubernetes Operator version [3.3.0](https://github.com/oracle/weblogic-kubernetes-operator/releases/tag/v3.3.0). +The current production release for the Oracle SOA Suite domains deployment on Kubernetes is [22.2.2](https://github.com/oracle/fmw-kubernetes/releases). This release uses the WebLogic Kubernetes Operator version [3.4.0](https://github.com/oracle/weblogic-kubernetes-operator/releases/tag/v3.4.0). #### Recent changes and known issues @@ -58,6 +58,7 @@ please consult this table of contents: To view documentation for an earlier release, see: +* [Version 22.1.2](https://oracle.github.io/fmw-kubernetes/22.1.2/soa-domains/) * [Version 21.4.2](https://oracle.github.io/fmw-kubernetes/21.4.2/soa-domains/) * [Version 21.3.2](https://oracle.github.io/fmw-kubernetes/21.3.2/soa-domains/) * [Version 21.2.2](https://oracle.github.io/fmw-kubernetes/21.2.2/soa-domains/) diff --git a/docs-source/content/soa-domains/adminguide/configure-load-balancer/apache.md b/docs-source/content/soa-domains/adminguide/configure-load-balancer/apache.md index 87597f650..a177dd9c2 100644 --- a/docs-source/content/soa-domains/adminguide/configure-load-balancer/apache.md +++ b/docs-source/content/soa-domains/adminguide/configure-load-balancer/apache.md @@ -133,7 +133,7 @@ Refer to the [sample](https://github.com/oracle/docker-images/tree/main/OracleWe {{% /expand %}} -1. Create a PV and PVC (pv-claim-name) that can be used to store the custom_mod_wl_apache.conf. Refer to the [Sample](https://github.com/oracle/weblogic-kubernetes-operator/blob/v3.3.0/kubernetes/samples/scripts/create-weblogic-domain-pv-pvc/README.md) for creating a PV or PVC. +1. Create a PV and PVC (pv-claim-name) that can be used to store the custom_mod_wl_apache.conf. Refer to the [Sample](https://github.com/oracle/weblogic-kubernetes-operator/blob/v3.4.0/kubernetes/samples/scripts/create-weblogic-domain-pv-pvc/README.md) for creating a PV or PVC. #### Prepare the certificate and private key diff --git a/docs-source/content/soa-domains/adminguide/configure-load-balancer/nginx.md b/docs-source/content/soa-domains/adminguide/configure-load-balancer/nginx.md index b3b0323a5..ebe06c7d8 100644 --- a/docs-source/content/soa-domains/adminguide/configure-load-balancer/nginx.md +++ b/docs-source/content/soa-domains/adminguide/configure-load-balancer/nginx.md @@ -33,16 +33,6 @@ Follow these steps to set up NGINX as a load balancer for an Oracle SOA Suite do 1. Deploy the `ingress-nginx` controller by using Helm on the domain namespace: - For Kubernetes versions up to v1.18.x: - ```bash - $ helm install nginx-ingress -n soans \ - --version=3.34.0 \ - --set controller.service.type=NodePort \ - --set controller.admissionWebhooks.enabled=false \ - ingress-nginx/ingress-nginx - ``` - - For Kubernetes versions v1.19.x+ onwards (NGINX version 4.0.6+): ```bash $ helm install nginx-ingress -n soans \ --set controller.service.type=NodePort \ @@ -52,7 +42,7 @@ Follow these steps to set up NGINX as a load balancer for an Oracle SOA Suite do {{%expand "Click here to see the sample output." %}} NAME: nginx-ingress - LAST DEPLOYED: Tue Sep 15 08:40:47 2020 + LAST DEPLOYED: Thu May 5 13:27:30 2022 NAMESPACE: soans STATUS: deployed REVISION: 1 @@ -69,21 +59,23 @@ Follow these steps to set up NGINX as a load balancer for an Oracle SOA Suite do An example ingress that makes use of the controller: - apiVersion: networking.k8s.io/v1beta1 + apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - annotations: - kubernetes.io/ingress.class: nginx name: example namespace: foo spec: + ingressClassName: nginx rules: - host: www.example.com http: paths: - - backend: - serviceName: exampleService - servicePort: 80 + - pathType: Prefix + backend: + service: + name: exampleService + port: + number: 80 path: / # This section is only required if TLS is to be enabled for the ingress tls: @@ -109,29 +101,18 @@ Follow these steps to set up NGINX as a load balancer for an Oracle SOA Suite do ```bash $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/tls1.key -out /tmp/tls1.crt -subj "/CN=domain1.org" - $ kubectl -n soans create secret tls domain1-tls-cert --key /tmp/tls1.key --cert /tmp/tls1.crt + $ kubectl -n soans create secret tls soainfra-tls-cert --key /tmp/tls1.key --cert /tmp/tls1.crt ``` - > Note: The value of `CN` is the host on which this ingress is to be deployed. + > Note: The value of `CN` is the host on which this ingress is to be deployed and secret name should be \-tls-cert. #### Install NGINX load balancer for end-to-end SSL configuration 1. Deploy the ingress-nginx controller by using Helm on the domain namespace: - For Kubernetes versions up to v1.18.x: - ```bash - $ helm install nginx-ingress -n soans \ - --version=3.34.0 \ - --set controller.extraArgs.default-ssl-certificate=soans/domain1-tls-cert \ - --set controller.service.type=NodePort \ - --set controller.admissionWebhooks.enabled=false \ - --set controller.extraArgs.enable-ssl-passthrough=true \ - ingress-nginx/ingress-nginx - ``` - For Kubernetes versions v1.19.x+ onwards (NGINX version 4.0.6+): ```bash $ helm install nginx-ingress -n soans \ - --set controller.extraArgs.default-ssl-certificate=soans/domain1-tls-cert \ + --set controller.extraArgs.default-ssl-certificate=soans/soainfra-tls-cert \ --set controller.service.type=NodePort \ --set controller.admissionWebhooks.enabled=false \ --set controller.extraArgs.enable-ssl-passthrough=true \ @@ -140,7 +121,7 @@ Follow these steps to set up NGINX as a load balancer for an Oracle SOA Suite do {{%expand "Click here to see the sample output." %}} ```bash NAME: nginx-ingress - LAST DEPLOYED: Tue Sep 15 08:40:47 2020 + LAST DEPLOYED: Thu May 5 12:21:50 2022 NAMESPACE: soans STATUS: deployed REVISION: 1 @@ -157,21 +138,23 @@ Follow these steps to set up NGINX as a load balancer for an Oracle SOA Suite do An example Ingress that makes use of the controller: - apiVersion: networking.k8s.io/v1beta1 + apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - annotations: - kubernetes.io/ingress.class: nginx name: example namespace: foo spec: + ingressClassName: nginx rules: - host: www.example.com http: paths: - - backend: - serviceName: exampleService - servicePort: 80 + - pathType: Prefix + backend: + service: + name: exampleService + port: + number: 80 path: / # This section is only required if TLS is to be enabled for the Ingress tls: @@ -204,17 +187,29 @@ Follow these steps to set up NGINX as a load balancer for an Oracle SOA Suite do #### Configure NGINX to manage ingresses +1. Choose an appropriate `LOADBALANCER_HOSTNAME` for accessing the Oracle SOA Suite domain application URLs. + + ```bash + $ export LOADBALANCER_HOSTNAME= + ``` + + For example, if you are executing the commands from a master node terminal, where the master hostname is `LOADBALANCER_HOSTNAME`: + + ```bash + $ export LOADBALANCER_HOSTNAME=$(hostname -f) + ``` + 1. Create an ingress for the domain in the domain namespace by using the sample Helm chart. Here path-based routing is used for ingress. Sample values for default configuration are shown in the file `${WORKDIR}/charts/ingress-per-domain/values.yaml`. By default, `type` is `TRAEFIK` , `sslType` is `NONSSL`, and `domainType` is `soa`. These values can be overridden by passing values through the command line or can be edited in the sample file `values.yaml`. If needed, you can update the ingress YAML file to define more path rules (in section `spec.rules.host.http.paths`) based on the domain application URLs that need to be accessed. Update the template YAML file for the NGINX load balancer located at `${WORKDIR}/charts/ingress-per-domain/templates/nginx-ingress.yaml`. - > Note: See [here](https://github.com/oracle/fmw-kubernetes/blob/v22.1.2/OracleSOASuite/kubernetes/ingress-per-domain/README.md#configuration) for all the configuration parameters. + > Note: See [here](https://github.com/oracle/fmw-kubernetes/blob/v22.2.2/OracleSOASuite/kubernetes/ingress-per-domain/README.md#configuration) for all the configuration parameters. ```bash $ cd ${WORKDIR} $ helm install soa-nginx-ingress charts/ingress-per-domain \ --namespace soans \ --values charts/ingress-per-domain/values.yaml \ - --set "nginx.hostname=$(hostname -f)" \ + --set "nginx.hostname=${LOADBALANCER_HOSTNAME}" \ --set type=NGINX ``` @@ -234,7 +229,7 @@ If needed, you can update the ingress YAML file to define more path rules (in se $ helm install soa-nginx-ingress charts/ingress-per-domain \ --namespace soans \ --values charts/ingress-per-domain/values.yaml \ - --set "nginx.hostname=$(hostname -f)" \ + --set "nginx.hostname=${LOADBALANCER_HOSTNAME}" \ --set type=NGINX --set sslType=SSL ``` Sample output: @@ -311,7 +306,7 @@ If needed, you can update the ingress YAML file to define more path rules (in se Address: 100.111.150.225 Default backend: default-http-backend:80 () TLS: - domain1-tls-cert terminates domain1.org + soainfra-tls-cert terminates domain1.org Rules: Host Path Backends ---- ---- -------- @@ -347,7 +342,7 @@ If needed, you can update the ingress YAML file to define more path rules (in se Address: Default backend: default-http-backend:80 () TLS: - domain1-tls-cert terminates admin.org + soainfra-tls-cert terminates admin.org Rules: Host Path Backends ---- ---- -------- @@ -367,7 +362,7 @@ If needed, you can update the ingress YAML file to define more path rules (in se Address: Default backend: default-http-backend:80 () TLS: - domain1-tls-cert terminates soa.org + soainfra-tls-cert terminates soa.org Rules: Host Path Backends ---- ---- -------- @@ -387,58 +382,77 @@ If needed, you can update the ingress YAML file to define more path rules (in se ##### NONSSL configuration -Verify that the Oracle SOA Suite domain application URLs are accessible through the `LOADBALANCER-Non-SSLPORT` `32125`: +* Get the `LOADBALANCER_NON_SSLPORT` NodePort of NGINX using the command: -```bash - http://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/weblogic/ready - http://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/console - http://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/em - http://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/soa-infra - http://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/soa/composer - http://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/integration/worklistapp -``` + ```bash + $ LOADBALANCER_NON_SSLPORT=$(kubectl --namespace soans get services -o jsonpath="{.spec.ports[0].nodePort}" nginx-ingress-ingress-nginx-controller) + $ echo ${LOADBALANCER_NON_SSLPORT} + ``` + +* Verify that the Oracle SOA Suite domain application URLs are accessible through the `LOADBALANCER_NON_SSLPORT`: + + ```bash + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/weblogic/ready + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/console + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/em + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/soa-infra + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/soa/composer + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/integration/worklistapp + ``` ##### SSL configuration -Verify that the Oracle SOA Suite domain application URLs are accessible through the `LOADBALANCER-SSLPORT` `30233`: +* Get the `LOADBALANCER_SSLPORT` NodePort of NGINX using the command: -```bash - https://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-SSLPORT}/weblogic/ready - https://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-SSLPORT}/console - https://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-SSLPORT}/em - https://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-SSLPORT}/soa-infra - https://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-SSLPORT}/soa/composer - https://${LOADBALANCER-HOSTNAME}:${LOADBALANCER-SSLPORT}/integration/worklistapp -``` + ```bash + $ LOADBALANCER_SSLPORT=$(kubectl --namespace soans get services -o jsonpath="{.spec.ports[1].nodePort}" nginx-ingress-ingress-nginx-controller) + $ echo ${LOADBALANCER_SSLPORT} + ``` -##### E2ESSL configuration +* Verify that the Oracle SOA Suite domain application URLs are accessible through the `LOADBALANCER_SSLPORT`: + + ```bash + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/weblogic/ready + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/console + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/em + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/soa-infra + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/soa/composer + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/integration/worklistapp + ``` -Before accessing the SOA Suite domain application URLs, update the system host config file with the IP address of the host on which the ingress is deployed. +##### E2ESSL configuration - * To access the application URLs from the browser, update `/etc/hosts` on the browser host (in Windows, `C:\Windows\System32\Drivers\etc\hosts`) with the entries below +* To access the SOA Suite domain application URLs from a remote browser, update the browser host config file `/etc/hosts` (In Windows, `C:\Windows\System32\Drivers\etc\hosts`) with the IP address of the host on which the ingress is deployed with below entries: ``` X.X.X.X admin.org X.X.X.X soa.org X.X.X.X osb.org ``` - > Note: The value of X.X.X.X is the host IP address on which this ingress is deployed. - > Note: If you are behind any corporate proxy, make sure to update the browser proxy settings appropriately to access the host names updated `/etc/hosts` file. + > Note: + > * The value of X.X.X.X is the host IP address on which this ingress is deployed. + > * If you are behind any corporate proxy, make sure to update the browser proxy settings appropriately to access the host names updated `/etc/hosts` file. + +* Get the `LOADBALANCER_SSLPORT` NodePort of NGINX using the command: -Verify that the Oracle SOA Suite domain application URLs are accessible through `LOADBALANCER-E2ESSLPORT` `30233`: + ```bash + $ LOADBALANCER_SSLPORT=$(kubectl --namespace soans get services -o jsonpath="{.spec.ports[1].nodePort}" nginx-ingress-ingress-nginx-controller) + $ echo ${LOADBALANCER_SSLPORT} + ``` +* Verify that the Oracle SOA Suite domain application URLs are accessible through `LOADBALANCER_SSLPORT`: ```bash - https://admin.org:${LOADBALANCER-SSLPORT}/weblogic/ready - https://admin.org:${LOADBALANCER-SSLPORT}/console - https://admin.org:${LOADBALANCER-SSLPORT}/em - https://soa.org:${LOADBALANCER-SSLPORT}/soa-infra - https://soa.org:${LOADBALANCER-SSLPORT}/soa/composer - https://soa.org:${LOADBALANCER-SSLPORT}/integration/worklistapp + https://admin.org:${LOADBALANCER_SSLPORT}/weblogic/ready + https://admin.org:${LOADBALANCER_SSLPORT}/console + https://admin.org:${LOADBALANCER_SSLPORT}/em + https://soa.org:${LOADBALANCER_SSLPORT}/soa-infra + https://soa.org:${LOADBALANCER_SSLPORT}/soa/composer + https://soa.org:${LOADBALANCER_SSLPORT}/integration/worklistapp ``` -> Note: This is the default host name. If you have updated the host name in `value.yaml`, then use the updated values. +> Note: This is the default host name. If you have updated the host name in `values.yaml`, then use the updated values. #### Uninstall NGINX ingress Uninstall and delete the `ingress-nginx` deployment: diff --git a/docs-source/content/soa-domains/adminguide/configure-load-balancer/traefik.md b/docs-source/content/soa-domains/adminguide/configure-load-balancer/traefik.md index c098dbb21..27eca0be5 100644 --- a/docs-source/content/soa-domains/adminguide/configure-load-balancer/traefik.md +++ b/docs-source/content/soa-domains/adminguide/configure-load-balancer/traefik.md @@ -27,7 +27,7 @@ Use the `values.yaml` file in the sample but set `kubernetes.namespaces` specifi ```bash $ cd ${WORKDIR} $ kubectl create namespace traefik - $ helm repo add traefik https://containous.github.io/traefik-helm-chart + $ helm repo add traefik https://helm.traefik.io/traefik --force-update ``` Sample output: ```bash @@ -52,11 +52,11 @@ Use the `values.yaml` file in the sample but set `kubernetes.namespaces` specifi ``` {{% /expand %}} - A sample `values.yaml` for deployment of Traefik 2.2.x: + A sample `values.yaml` for deployment of Traefik 2.6.x: ```yaml image: name: traefik - tag: 2.2.8 + tag: 2.6.0 pullPolicy: IfNotPresent ingressRoute: dashboard: @@ -126,12 +126,12 @@ Use the `values.yaml` file in the sample but set `kubernetes.namespaces` specifi ``` {{% /expand %}} -4. Access the Traefik dashboard through the URL `http://$(hostname -f):31288`, with the HTTP host `traefik.example.com`: +4. Access the Traefik dashboard through the URL `http://:31288`, with the HTTP host `traefik.example.com`: ```bash - $ curl -H "host: $(hostname -f)" http://$(hostname -f):31288/dashboard/ + $ curl -H "host: " http://:31288/dashboard/ ``` - > Note: Make sure that you specify a fully qualified node name for `$(hostname -f)` + > Note: Make sure that you specify a fully qualified node name for `` 5. Configure Traefik to manage ingresses created in this namespace, where `traefik` is the Traefik namespace and `soans` is the namespace of the domain: ```bash @@ -157,7 +157,20 @@ Sample values for default configuration are shown in the file `${WORKDIR}/charts By default, `type` is `TRAEFIK`, `sslType` is `NONSSL`, and `domainType` is `soa`. These values can be overridden by passing values through the command line or can be edited in the sample file `values.yaml` based on the type of configuration (NONSSL, SSL, and E2ESSL). If needed, you can update the ingress YAML file to define more path rules (in section `spec.rules.host.http.paths`) based on the domain application URLs that need to be accessed. The template YAML file for the Traefik (ingress-based) load balancer is located at `${WORKDIR}/charts/ingress-per-domain/templates/traefik-ingress.yaml`. -> Note: See [here](https://github.com/oracle/fmw-kubernetes/blob/v22.1.2/OracleSOASuite/kubernetes/ingress-per-domain/README.md#configuration) for all the configuration parameters. +> Note: See [here](https://github.com/oracle/fmw-kubernetes/blob/v22.2.2/OracleSOASuite/kubernetes/ingress-per-domain/README.md#configuration) for all the configuration parameters. + +1. Choose an appropriate `LOADBALANCER_HOSTNAME` for accessing the Oracle SOA Suite domain application URLs. + + ```bash + $ export LOADBALANCER_HOSTNAME= + ``` + + For example, if you are executing the commands from a master node terminal, where the master hostname is `LOADBALANCER_HOSTNAME`: + + ```bash + $ export LOADBALANCER_HOSTNAME=$(hostname -f) + ``` + 1. Install `ingress-per-domain` using Helm for `NONSSL` configuration: @@ -167,7 +180,7 @@ If needed, you can update the ingress YAML file to define more path rules (in se charts/ingress-per-domain \ --namespace soans \ --values charts/ingress-per-domain/values.yaml \ - --set "traefik.hostname=$(hostname -f)" + --set "traefik.hostname=${LOADBALANCER_HOSTNAME}" ``` Sample output: ```bash @@ -223,7 +236,7 @@ If needed, you can update the ingress YAML file to define more path rules (in se charts/ingress-per-domain \ --namespace soans \ --values charts/ingress-per-domain/values.yaml \ - --set "traefik.hostname=$(hostname -f)" \ + --set "traefik.hostname=${LOADBALANCER_HOSTNAME}" \ --set sslType=SSL ``` Sample output: @@ -385,7 +398,7 @@ If needed, you can update the ingress YAML file to define more path rules (in se > User-Agent: curl/7.29.0 > Accept: */* > Proxy-Connection: Keep-Alive - > host: $(hostname -f) + > host: ${LOADBALANCER_HOSTNAME} > < HTTP/1.1 200 OK < Date: Sat, 14 Mar 2020 08:35:03 GMT @@ -402,12 +415,12 @@ If needed, you can update the ingress YAML file to define more path rules (in se After setting up the Traefik (ingress-based) load balancer, verify that the domain application URLs are accessible through the non-SSL load balancer port `30305` for HTTP access. The sample URLs for Oracle SOA Suite domain of type `soa` are: ```bash - http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/weblogic/ready - http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/console - http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/em - http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/soa-infra - http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/soa/composer - http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-Non-SSLPORT}/integration/worklistapp + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/weblogic/ready + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/console + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/em + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/soa-infra + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/soa/composer + http://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_NON_SSLPORT}/integration/worklistapp ``` ##### For SSL configuration @@ -415,12 +428,12 @@ After setting up the Traefik (ingress-based) load balancer, verify that the doma After setting up the Traefik (ingress-based) load balancer, verify that the domain applications are accessible through the SSL load balancer port `30443` for HTTPS access. The sample URLs for Oracle SOA Suite domain of type `soa` are: ```bash - https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-SSLPORT}/weblogic/ready - https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-SSLPORT}/console - https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-SSLPORT}/em - https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-SSLPORT}/soa-infra - https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-SSLPORT}/soa/composer - https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER-SSLPORT}/integration/worklistapp + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/weblogic/ready + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/console + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/em + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/soa-infra + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/soa/composer + https://${LOADBALANCER_HOSTNAME}:${LOADBALANCER_SSLPORT}/integration/worklistapp ``` ##### For E2ESSL configuration @@ -440,12 +453,12 @@ After setting up the Traefik (ingress-based) load balancer, verify that the doma The sample URLs for Oracle SOA Suite domain of type `soa` are: ```bash - https://admin.org:${LOADBALANCER-SSLPORT}/weblogic/ready - https://admin.org:${LOADBALANCER-SSLPORT}/console - https://admin.org:${LOADBALANCER-SSLPORT}/em - https://soa.org:${LOADBALANCER-SSLPORT}/soa-infra - https://soa.org:${LOADBALANCER-SSLPORT}/soa/composer - https://soa.org:${LOADBALANCER-SSLPORT}/integration/worklistapp + https://admin.org:${LOADBALANCER_SSLPORT}/weblogic/ready + https://admin.org:${LOADBALANCER_SSLPORT}/console + https://admin.org:${LOADBALANCER_SSLPORT}/em + https://soa.org:${LOADBALANCER_SSLPORT}/soa-infra + https://soa.org:${LOADBALANCER_SSLPORT}/soa/composer + https://soa.org:${LOADBALANCER_SSLPORT}/integration/worklistapp ``` #### Uninstall the Traefik ingress diff --git a/docs-source/content/soa-domains/adminguide/enable-additional-url-access.md b/docs-source/content/soa-domains/adminguide/enable-additional-url-access.md index 97b068908..7a96224a5 100644 --- a/docs-source/content/soa-domains/adminguide/enable-additional-url-access.md +++ b/docs-source/content/soa-domains/adminguide/enable-additional-url-access.md @@ -15,15 +15,15 @@ To extend an existing ingress with additional application URL access: 1. Update the template YAML file at `${WORKDIR}/charts/ingress-per-domain/templates/` to define additional path rules. - For example, to extend an existing NGINX-based ingress with additional paths `/path1` and `/path2` of an Oracle SOA Suite cluster, update `nginx-ingress.yaml` (for the supported Kubernetes versions up to 1.18.x) with additional paths: - > Note: For Kubernetes versions, 1.19+, you need to update the `nginx-ingress-k8s1.19.yaml` file. + For example, to extend an existing NGINX-based ingress with additional paths `/path1` and `/path2` of an Oracle SOA Suite cluster, update `nginx-ingress-nonssl.yaml`, `nginx-ingress-ssl.yaml`, or `nginx-ingress-e2essl.yaml` accordingly with additional paths: ``` - # Copyright (c) 2020, 2021, Oracle and/or its affiliates. + # Copyright (c) 2020, 2022, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. {{- if eq .Values.type "NGINX" }} + {{- if (eq .Values.sslType "NONSSL") }} --- - apiVersion: extensions/v1beta1 + apiVersion: networking.k8s.io/v1 kind: Ingress . . @@ -32,20 +32,22 @@ To extend an existing ingress with additional application URL access: - host: '{{ .Values.nginx.hostname }}' http: paths: - # Add new paths -- start + # Add new paths -- start - path: /path1 backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} - path: /path2 backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.soaManagedServerPort }} + service: + name: '{{ .Values.wlsDomain.domainUID }}-cluster-{{ .Values.wlsDomain.soaClusterName | lower | replace "_" "-" }}' + port: + number: {{ .Values.wlsDomain.soaManagedServerPort }} # Add new paths -- end - path: /console backend: - serviceName: '{{ .Values.wlsDomain.domainUID }}-{{ .Values.wlsDomain.adminServerName | lower | replace "_" "-" }}' - servicePort: {{ .Values.wlsDomain.adminServerPort }} . . {{- end }} diff --git a/docs-source/content/soa-domains/adminguide/monitoring-soa-domains.md b/docs-source/content/soa-domains/adminguide/monitoring-soa-domains.md index 28854a061..ebdedaaec 100644 --- a/docs-source/content/soa-domains/adminguide/monitoring-soa-domains.md +++ b/docs-source/content/soa-domains/adminguide/monitoring-soa-domains.md @@ -18,48 +18,7 @@ After the Oracle SOA Suite domain is set up, you can: Using the `WebLogic Monitoring Exporter` you can scrape runtime information from a running Oracle SOA Suite instance and monitor them using Prometheus and Grafana. #### Set up monitoring -Follow these [steps](https://github.com/oracle/fmw-kubernetes/blob/v22.1.2/OracleSOASuite/kubernetes/monitoring-service/README.md) to set up monitoring for an Oracle SOA Suite instance. For more details on WebLogic Monitoring Exporter, see [here](https://github.com/oracle/weblogic-monitoring-exporter). - -#### Deploy Prometheus and Grafana - ->NOTE: Follow the steps in this section, if you intend to manually set up the monitoring for an Oracle SOA Suite instance. Otherwise, you can skip it. - -Refer to the compatibility matrix of [Kube Prometheus](https://github.com/coreos/kube-prometheus#kubernetes-compatibility-matrix) and clone the [release](https://github.com/coreos/kube-prometheus/releases) version of the `kube-prometheus` repository according to the Kubernetes version of your cluster. - -1. Clone the `kube-prometheus` repository: - ``` - $ git clone https://github.com/coreos/kube-prometheus.git - ``` - -1. Change to folder `kube-prometheus` and enter the following commands to create the namespace and CRDs, and then wait for their availability before creating the remaining resources: - - ``` - $ cd kube-prometheus - $ kubectl create -f manifests/setup - $ until kubectl get servicemonitors --all-namespaces ; do date; sleep 1; echo ""; done - $ kubectl create -f manifests/ - ``` - -1. `kube-prometheus` requires all nodes in the Kubernetes cluster to be labeled with `kubernetes.io/os=linux`. If any node is not labeled with this, then you need to label it using the following command: - - ``` - $ kubectl label nodes --all kubernetes.io/os=linux - ``` - -1. Enter the following commands to provide external access for Grafana, Prometheus, and Alertmanager: - - ``` - $ kubectl patch svc grafana -n monitoring --type=json -p '[{"op": "replace", "path": "/spec/type", "value": "NodePort" },{"op": "replace", "path": "/spec/ports/0/nodePort", "value": 32100 }]' - - $ kubectl patch svc prometheus-k8s -n monitoring --type=json -p '[{"op": "replace", "path": "/spec/type", "value": "NodePort" },{"op": "replace", "path": "/spec/ports/0/nodePort", "value": 32101 }]' - - $ kubectl patch svc alertmanager-main -n monitoring --type=json -p '[{"op": "replace", "path": "/spec/type", "value": "NodePort" },{"op": "replace", "path": "/spec/ports/0/nodePort", "value": 32102 }]' - ``` - - Note: - * `32100` is the external port for Grafana - * `32101` is the external port for Prometheus - * `32102` is the external port for Alertmanager +Follow these [steps](https://github.com/oracle/fmw-kubernetes/blob/v22.2.2/OracleSOASuite/kubernetes/monitoring-service/README.md) to set up monitoring for an Oracle SOA Suite instance. For more details on WebLogic Monitoring Exporter, see [here](https://github.com/oracle/weblogic-monitoring-exporter). ### Publish WebLogic Server logs into Elasticsearch diff --git a/docs-source/content/soa-domains/appendix/quickstart-deployment-on-prem.md b/docs-source/content/soa-domains/appendix/quickstart-deployment-on-prem.md index 09d8f4215..aa033ca4f 100644 --- a/docs-source/content/soa-domains/appendix/quickstart-deployment-on-prem.md +++ b/docs-source/content/soa-domains/appendix/quickstart-deployment-on-prem.md @@ -110,7 +110,7 @@ Any time you see `YOUR_USERID` in a command, you should replace it with your act #### 1.2 Install and configure Docker -> Note: If you have already installed Docker with version 18.03+ and configured the Docker daemon root to sufficient disk space along with proxy settings, continue to [Install and configure Kubernetes](#13-install-and-configure-kubernetes). +> Note: If you have already installed Docker with version 19.03.1+ and configured the Docker daemon root to sufficient disk space along with proxy settings, continue to [Install and configure Kubernetes](#13-install-and-configure-kubernetes). 1. Make sure that you have the right operating system version: ```shell @@ -277,11 +277,11 @@ Any time you see `YOUR_USERID` in a command, you should replace it with your act $ export HTTPS_PROXY=http://REPLACE-WITH-YOUR-COMPANY-PROXY-HOST:PORT $ export HTTP_PROXY=http://REPLACE-WITH-YOUR-COMPANY-PROXY-HOST:PORT - ### install kubernetes 1.18.4-1 - $ VERSION=1.18.4-1 + ### Install Kubernetes + $ VERSION=1.23.6-0 $ yum install -y kubelet-$VERSION kubeadm-$VERSION kubectl-$VERSION --disableexcludes=kubernetes - ### enable kubelet service so that it auto-restart on reboot + ### Enable kubelet service so that it automatically restarts on reboot $ systemctl enable --now kubelet ``` @@ -303,6 +303,15 @@ Any time you see `YOUR_USERID` in a command, you should replace it with your act $ systemctl restart kubelet ``` +1. From Kubernetes version v1.22 onward, `kubeadm` will default `cgroup-driver` to `systemd`. If your Docker is using cgroup driver as `cgroupfs`, set `--cgroup-driver=cgroupfs` for kubelet. + ```shell + $ sed -i 's/^KUBELET_EXTRA_ARGS=.*/KUBELET_EXTRA_ARGS="--fail-swap-on=false --cgroup-driver=cgroupfs"/' /etc/sysconfig/kubelet + $ cat /etc/sysconfig/kubelet + ### Reload and restart kubelet + $ systemctl daemon-reload + $ systemctl restart kubelet + ``` + #### 1.4 Set up Helm 1. Install Helm v3.3.4+. @@ -349,8 +358,8 @@ Any time you see `YOUR_USERID` in a command, you should replace it with your act export PATH=$PATH:/sbin:/usr/sbin ### Set the proxies - export NO_PROXY=localhost,127.0.0.0/8,ADD-YOUR-INTERNAL-NO-PROXY-LIST,/var/run/docker.sock,$ip_addr,$pod_network_cidr,$service_cidr - export no_proxy=localhost,127.0.0.0/8,ADD-YOUR-INTERNAL-NO-PROXY-LIST,/var/run/docker.sock,$ip_addr,$pod_network_cidr,$service_cidr + export NO_PROXY=localhost,.svc,127.0.0.0/8,ADD-YOUR-INTERNAL-NO-PROXY-LIST,/var/run/docker.sock,$ip_addr,$pod_network_cidr,$service_cidr + export no_proxy=localhost,.svc,127.0.0.0/8,ADD-YOUR-INTERNAL-NO-PROXY-LIST,/var/run/docker.sock,$ip_addr,$pod_network_cidr,$service_cidr export http_proxy=http://REPLACE-WITH-YOUR-COMPANY-PROXY-HOST:PORT export https_proxy=http://REPLACE-WITH-YOUR-COMPANY-PROXY-HOST:PORT export HTTPS_PROXY=http://REPLACE-WITH-YOUR-COMPANY-PROXY-HOST:PORT @@ -396,7 +405,9 @@ Any time you see `YOUR_USERID` in a command, you should replace it with your act > Note: If you are using a different CIDR block than `10.244.0.0/16`, then download and update `kube-flannel.yml` with the correct CIDR address before deploying into the cluster: ```shell - $ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.12.0/Documentation/kube-flannel.yml + $ wget https://raw.githubusercontent.com/flannel-io/flannel/v0.17.0/Documentation/kube-flannel.yml + $ ### Update the CIDR address if you are using a CIDR block other than the default 10.244.0.0/16 + $ kubectl apply -f kube-flannel.yml ``` 1. Verify that the master node is in Ready status: @@ -405,8 +416,8 @@ Any time you see `YOUR_USERID` in a command, you should replace it with your act ``` Sample output: ```shell - NAME STATUS ROLES AGE VERSION - mymasternode Ready master 8m26s v1.18.4 + NAME STATUS ROLES AGE VERSION + mymasternode Ready control-plane,master 12h v1.23.6 ``` or: ```shell @@ -420,7 +431,7 @@ Any time you see `YOUR_USERID` in a command, you should replace it with your act pod/etcd-mymasternode 1/1 Running 0 3m4s pod/kube-apiserver-node 1/1 Running 0 3m21s pod/kube-controller-manager-mymasternode 1/1 Running 0 3m25s - pod/kube-flannel-ds-amd64-6npx4 1/1 Running 0 49s + pod/kube-flannel-ds-6npx4 1/1 Running 0 49s pod/kube-proxy-4vsgm 1/1 Running 0 3m59s pod/kube-scheduler-mymasternode 1/1 Running 0 2m58s ``` @@ -432,7 +443,7 @@ Any time you see `YOUR_USERID` in a command, you should replace it with your act Congratulations! Your Kubernetes cluster environment is ready to deploy your Oracle SOA Suite domain. -For additional references on Kubernetes cluster setup, check the [cheat sheet](https://oracle.github.io/weblogic-kubernetes-operator/userguide/kubernetes/k8s-setup/). +Refer to the official [documentation](https://kubernetes.io/docs/setup/#production-environment) to set up a Kubernetes cluster. ### 3. Get scripts and images @@ -445,8 +456,8 @@ Follow [these steps]({{< relref "/soa-domains/installguide/prepare-your-environm 1. Pull the WebLogic Kubernetes Operator image: ```shell - $ docker pull ghcr.io/oracle/weblogic-kubernetes-operator:3.3.0 - $ docker tag ghcr.io/oracle/weblogic-kubernetes-operator:3.3.0 oracle/weblogic-kubernetes-operator:3.3.0 + $ docker pull ghcr.io/oracle/weblogic-kubernetes-operator:3.4.0 + $ docker tag ghcr.io/oracle/weblogic-kubernetes-operator:3.4.0 oracle/weblogic-kubernetes-operator:3.4.0 ``` 1. Obtain the Oracle Database image and Oracle SOA Suite Docker image from the [Oracle Container Registry](https://container-registry.oracle.com): @@ -494,7 +505,7 @@ Use Helm to install and start the operator from the directory you just cloned: $ cd ${WORKDIR} $ helm install weblogic-kubernetes-operator charts/weblogic-operator \ --namespace opns \ - --set image=oracle/weblogic-kubernetes-operator:3.3.0 \ + --set image=oracle/weblogic-kubernetes-operator:3.4.0 \ --set serviceAccount=op-sa \ --set "domainNamespaces={}" \ --wait @@ -511,7 +522,7 @@ Use Helm to install and start the operator from the directory you just cloned: $ kubectl logs -n opns -c weblogic-operator deployments/weblogic-operator ``` -The WebLogic Kubernetes Operator v3.3.0 has been installed. Continue with the load balancer and Oracle SOA Suite domain setup. +The WebLogic Kubernetes Operator v3.4.0 has been installed. Continue with the load balancer and Oracle SOA Suite domain setup. ### 5. Install the Traefik (ingress-based) load balancer @@ -526,7 +537,7 @@ This Quick Start demonstrates how to install the Traefik ingress controller to p 1. Set up Helm for 3rd party services: ```shell - $ helm repo add traefik https://containous.github.io/traefik-helm-chart + $ helm repo add traefik https://helm.traefik.io/traefik --force-update ``` 1. Install the Traefik operator in the `traefik` namespace with the provided sample values: @@ -689,7 +700,7 @@ Now the environment is ready to start the Oracle SOA Suite domain creation. #### 6.2 Create an Oracle SOA Suite domain -1. The sample scripts for Oracle SOA Suite domain deployment are available at `OracleSOASuite/create-soa-domain`. You must edit `create-domain-inputs.yaml` (or a copy of it) to provide the details for your domain. +1. The sample scripts for Oracle SOA Suite domain deployment are available at `${WORKDIR}/create-soa-domain/domain-home-on-pv`. You must edit `create-domain-inputs.yaml` (or a copy of it) to provide the details for your domain. Update `create-domain-inputs.yaml` with the following values for domain creation: @@ -753,10 +764,11 @@ Watch the `soans` namespace for the status of domain creation: 1. Create an ingress for the domain in the domain namespace by using the sample Helm chart: ```shell $ cd ${WORKDIR} + $ export LOADBALANCER_HOSTNAME=$(hostname -f) $ helm install soa-traefik-ingress charts/ingress-per-domain \ --namespace soans \ --values charts/ingress-per-domain/values.yaml \ - --set "traefik.hostname=$(hostname -f)" \ + --set "traefik.hostname=${LOADBALANCER_HOSTNAME}" \ --set domainType=soaosb ``` 1. Verify the created ingress per domain details: @@ -768,7 +780,7 @@ Watch the `soans` namespace for the status of domain creation: 1. Get the `LOADBALANCER_HOSTNAME` for your environment: ```shell - export LOADBALANCER_HOSTNAME=$(hostname -f) + $ export LOADBALANCER_HOSTNAME=$(hostname -f) ``` 1. Verify the following URLs are available for Oracle SOA Suite domains of domain type `soaosb`: diff --git a/docs-source/content/soa-domains/create-or-update-image/_index.md b/docs-source/content/soa-domains/create-or-update-image/_index.md index b41062a7b..c37dd1ecb 100644 --- a/docs-source/content/soa-domains/create-or-update-image/_index.md +++ b/docs-source/content/soa-domains/create-or-update-image/_index.md @@ -121,10 +121,10 @@ After [setting up the WebLogic Image Tool]({{< relref "/soa-domains/create-or-up You must download the required Oracle SOA Suite installation binaries and patches as listed below from the [Oracle Software Delivery Cloud](https://edelivery.oracle.com/) and save them in a directory of your choice. In these steps, this directory is `download location`. -The installation binaries and patches required for release 22.1.2 are: +The installation binaries and patches required for release 22.2.2 are: * JDK: - * jdk-8u321-linux-x64.tar.gz + * jdk-8u331-linux-x64.tar.gz * Fusion Middleware Infrastructure installer: * fmw_12.2.1.4.0_infrastructure.jar @@ -140,23 +140,24 @@ In this release, Oracle B2B is not supported to be configured, but the installer * Fusion Middleware Infrastructure patches: * p28186730_139428_Generic.zip (OPATCH 13.9.4.2.8 FOR EM 13.4, 13.5 AND FMW/WLS 12.2.1.3.0, 12.2.1.4.0 AND 14.1.1.0.0) - * p33727616_122140_Generic.zip (WLS PATCH SET UPDATE 12.2.1.4.220105) - * p33723124_122140_Generic.zip (FMW Thirdparty Bundle Patch 12.2.1.4.220104) - * p32784652_122140_Generic.zip (OPSS BUNDLE PATCH 12.2.1.4.210418) - * p32905339_122140_Generic.zip (OWSM BUNDLE PATCH 12.2.1.4.210520) - * p33697227_122140_Generic.zip (ADF BUNDLE PATCH 12.2.1.4.211221) - * p33591019_122140_Generic.zip (Coherence 12.2.1.4 Cumulative Patch 12 (12.2.1.4.12)) + * p34012040_122140_Generic.zip (WLS PATCH SET UPDATE 12.2.1.4.220329) + * p34044738_122140_Generic.zip (FMW Thirdparty Bundle Patch 12.2.1.4.220406) + * p33950717_122140_Generic.zip (OPSS BUNDLE PATCH 12.2.1.4.220311) + * p33618954_122140_Generic.zip (OWSM BUNDLE PATCH 12.2.1.4.211129) + * p33958532_122140_Generic.zip (ADF BUNDLE PATCH 12.2.1.4.220314) + * p33902201_122140_Generic.zip (Coherence 12.2.1.4 Cumulative Patch 12 (12.2.1.4.13)) * p33093748_122140_Generic.zip (FMW PLATFORM 12.2.1.4.0 SPU FOR APRCPU2021) * p31544353_122140_Linux-x86-64.zip (ADR FOR WEBLOGIC SERVER 12.2.1.4.0 JULY CPU 2020) - * p33735326_12214220105_Generic.zip (WLS One Off) * p32720458_122140_Generic.zip (JDBC One Off) * p33678607_204070122_Generic.zip (FMW Thirdparty One Off) + * p33546536_12214211129_Generic.zip (OWSM One Off) + * p34077658_122140_Generic.zip (RDA release 22.2-20220307 for FMW 12.2.1.4.0) + * p34065178_122140_Generic.zip (OVD One Off) * Oracle SOA Suite and Oracle Service Bus patches - * p33696548_122140_Generic.zip (SOA BUNDLE PATCH 12.2.1.4.211221) + * p33965482_122140_Generic.zip (SOA BUNDLE PATCH 12.2.1.4.220315) * p32121987_122140_Generic.zip (Oracle Service Bus BUNDLE PATCH 12.2.1.4.201105) * p33404495_122140_Generic.zip (SOA One-off) - * p31192457_12214211221_Generic.zip (SOA One-off) * p31857456_122140_Generic.zip (Oracle Service Bus One-off) * p30741105_122140_Generic.zip (Oracle Service Bus One-off) * p31713053_122140_Linux-x86-64.zip (One-off patch) @@ -189,7 +190,7 @@ The following files in the code repository location `/ 1. Add a JDK package to the WebLogic Image Tool cache: ``` bash - $ imagetool cache addInstaller --type jdk --version 8u321 --path /jdk-8u321-linux-x64.tar.gz + $ imagetool cache addInstaller --type jdk --version 8u331 --path /jdk-8u331-linux-x64.tar.gz ``` 1. Add the downloaded installation binaries to the WebLogic Image Tool cache: @@ -233,29 +234,31 @@ The following files in the code repository location `/ $ imagetool cache addEntry --key 32720458_12.2.1.4.0 --value /p32720458_122140_Generic.zip - $ imagetool cache addEntry --key 32784652_12.2.1.4.0 --value /p32784652_122140_Generic.zip - - $ imagetool cache addEntry --key 32905339_12.2.1.4.0 --value /p32905339_122140_Generic.zip - $ imagetool cache addEntry --key 33093748_12.2.1.4.0 --value /p33093748_122140_Generic.zip $ imagetool cache addEntry --key 33404495_12.2.1.4.0 --value /p33404495_122140_Generic.zip + + $ imagetool cache addEntry --key 33678607_20.4.0.7.0 --value /p33678607_204070122_Generic.zip - $ imagetool cache addEntry --key 33591019_12.2.1.4.0 --value /p33591019_122140_Generic.zip + $ imagetool cache addEntry --key 33546536_12.2.1.4.0 --value /p33546536_122140_Generic.zip - $ imagetool cache addEntry --key 33678607_20.4.0.7.0 --value /p33678607_204070122_Generic.zip + $ imagetool cache addEntry --key 33618954_12.2.1.4.0 --value /p33618954_122140_Generic.zip - $ imagetool cache addEntry --key 33696548_12.2.1.4.0 --value /p33696548_122140_Generic.zip + $ imagetool cache addEntry --key 33902201_12.2.1.4.0 --value /p33902201_122140_Generic.zip - $ imagetool cache addEntry --key 33697227_12.2.1.4.0 --value /p33697227_122140_Generic.zip + $ imagetool cache addEntry --key 33950717_12.2.1.4.0 --value /p33950717_122140_Generic.zip - $ imagetool cache addEntry --key 33723124_12.2.1.4.0 --value /p33723124_122140_Generic.zip + $ imagetool cache addEntry --key 33958532_12.2.1.4.0 --value /p33958532_122140_Generic.zip - $ imagetool cache addEntry --key 33727616_12.2.1.4.0 --value /p33727616_122140_Generic.zip + $ imagetool cache addEntry --key 33965482_12.2.1.4.0 --value /p33965482_122140_Generic.zip - $ imagetool cache addEntry --key 33735326_12.2.1.4.0 --value /p33735326_12214220105_Generic.zip + $ imagetool cache addEntry --key 34012040_12.2.1.4.0 --value /p34012040_122140_Generic.zip + + $ imagetool cache addEntry --key 34044738_12.2.1.4.0 --value /p34044738_122140_Generic.zip + + $ imagetool cache addEntry --key 34065178_12.2.1.4.0 --value /p34065178_122140_Generic.zip - $ imagetool cache addEntry --key 31192457_12.2.1.4.0 --value /p31192457_12214211221_Generic.zip + $ imagetool cache addEntry --key 34077658_12.2.1.4.0 --value /p34077658_122140_Generic.zip ``` @@ -264,23 +267,24 @@ The following files in the code repository location `/ Sample `--patches` list for the product patches added in to the cache: ``` - --patches 30741105_12.2.1.4.0,31544353_12.2.1.4.0,31713053_12.2.1.4.0,31857456_12.2.1.4.0,32121987_12.2.1.4.0,32720458_12.2.1.4.0,32784652_12.2.1.4.0,32905339_12.2.1.4.0,33093748_12.2.1.4.0,33404495_12.2.1.4.0,33591019_12.2.1.4.0,33678607_20.4.0.7.0,33696548_12.2.1.4.0,33697227_12.2.1.4.0,33723124_12.2.1.4.0,33727616_12.2.1.4.0,33735326_12.2.1.4.0,31192457_12.2.1.4.0 + --patches 30741105_12.2.1.4.0,31544353_12.2.1.4.0,31713053_12.2.1.4.0,31857456_12.2.1.4.0,32121987_12.2.1.4.0,32720458_12.2.1.4.0,33093748_12.2.1.4.0,33404495_12.2.1.4.0,33546536_12.2.1.4.0,33618954_12.2.1.4.0,33678607_20.4.0.7.0,33902201_12.2.1.4.0,33950717_12.2.1.4.0,33958532_12.2.1.4.0,33965482_12.2.1.4.0,34012040_12.2.1.4.0,34044738_12.2.1.4.0,34065178_12.2.1.4.0,34077658_12.2.1.4.0 ``` Example `buildArgs` file after appending the OPatch patch and product patches: ``` create - --jdkVersion 8u321 + --jdkVersion 8u331 --type soa_osb_b2b --version 12.2.1.4.0 --tag oracle/soasuite:12.2.1.4.0 --pull + --fromImage ghcr.io/oracle/oraclelinux:7-slim --chown oracle:root --additionalBuildCommands /docker-images/OracleSOASuite/imagetool/12.2.1.4.0/additionalBuildCmds.txt --additionalBuildFiles /docker-images/OracleSOASuite/dockerfiles/12.2.1.4/container-scripts --installerResponseFile /docker-images/OracleFMWInfrastructure/dockerfiles/12.2.1.4/install.file,/docker-images/OracleSOASuite/dockerfiles/12.2.1.4/install/soasuite.response,/docker-images/OracleSOASuite/dockerfiles/12.2.1.4/install/osb.response,/docker-images/OracleSOASuite/dockerfiles/12.2.1.4/install/b2b.response - --patches 30741105_12.2.1.4.0,31544353_12.2.1.4.0,31713053_12.2.1.4.0,31857456_12.2.1.4.0,32121987_12.2.1.4.0,32720458_12.2.1.4.0,32784652_12.2.1.4.0,32905339_12.2.1.4.0,33093748_12.2.1.4.0,33404495_12.2.1.4.0,33591019_12.2.1.4.0,33678607_20.4.0.7.0,33696548_12.2.1.4.0,33697227_12.2.1.4.0,33723124_12.2.1.4.0,33727616_12.2.1.4.0,33735326_12.2.1.4.0,31192457_12.2.1.4.0 + --patches 30741105_12.2.1.4.0,31544353_12.2.1.4.0,31713053_12.2.1.4.0,31857456_12.2.1.4.0,32121987_12.2.1.4.0,32720458_12.2.1.4.0,33093748_12.2.1.4.0,33404495_12.2.1.4.0,33546536_12.2.1.4.0,33618954_12.2.1.4.0,33678607_20.4.0.7.0,33902201_12.2.1.4.0,33950717_12.2.1.4.0,33958532_12.2.1.4.0,33965482_12.2.1.4.0,34012040_12.2.1.4.0,34044738_12.2.1.4.0,34065178_12.2.1.4.0,34077658_12.2.1.4.0 ``` >Note: In the `buildArgs` file: > * `--jdkVersion` value must match the `--version` value used in the `imagetool cache addInstaller` command for `--type jdk`. diff --git a/docs-source/content/soa-domains/installguide/prepare-your-environment/_index.md b/docs-source/content/soa-domains/installguide/prepare-your-environment/_index.md index eaaf64cbe..9dac9d516 100644 --- a/docs-source/content/soa-domains/installguide/prepare-your-environment/_index.md +++ b/docs-source/content/soa-domains/installguide/prepare-your-environment/_index.md @@ -60,8 +60,8 @@ Obtain dependent images and add them to your local registry. 1. Pull the operator image: ```bash - $ docker pull ghcr.io/oracle/weblogic-kubernetes-operator:3.3.0 - $ docker tag ghcr.io/oracle/weblogic-kubernetes-operator:3.3.0 oracle/weblogic-kubernetes-operator:3.3.0 + $ docker pull ghcr.io/oracle/weblogic-kubernetes-operator:3.4.0 + $ docker tag ghcr.io/oracle/weblogic-kubernetes-operator:3.4.0 oracle/weblogic-kubernetes-operator:3.4.0 ``` ### Set up the code repository to deploy Oracle SOA Suite domains @@ -70,36 +70,36 @@ Oracle SOA Suite domain deployment on Kubernetes leverages the WebLogic Kubernet 1. Create a working directory to set up the source code: ```bash - $ mkdir $HOME/soa_22.1.2 - $ cd $HOME/soa_22.1.2 + $ mkdir $HOME/soa_22.2.2 + $ cd $HOME/soa_22.2.2 ``` 1. Download the WebLogic Kubernetes Operator source code and Oracle SOA Suite Kubernetes deployment scripts from the SOA [repository](https://github.com/oracle/fmw-kubernetes.git). Required artifacts are available at `OracleSOASuite/kubernetes`. ``` bash $ git clone https://github.com/oracle/fmw-kubernetes.git - $ export WORKDIR=$HOME/soa_22.1.2/fmw-kubernetes/OracleSOASuite/kubernetes + $ export WORKDIR=$HOME/soa_22.2.2/fmw-kubernetes/OracleSOASuite/kubernetes ``` ### Obtain the Oracle SOA Suite Docker image The Oracle SOA Suite image with latest bundle patch and required interim patches can be obtained from My Oracle Support (MOS). This is the only image supported for production deployments. Follow the below steps to download the Oracle SOA Suite image from My Oracle Support. -1. Download patch [33749496](https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?patchId=33749496) from My Oracle Support (MOS). +1. Download patch [34077593](https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?patchId=34077593) from My Oracle Support (MOS). 1. Unzip the downloaded patch zip file. 1. Load the image archive using the `docker load` command. For example: ```bash - $ docker load < soasuite-12.2.1.4-jdk8-ol7-220216.1814.tar - Loaded image: oracle/soasuite:12.2.1.4-jdk8-ol7-220216.1814 + $ docker load < soasuite-12.2.1.4-jdk8-ol7-220420.2140.tar + Loaded image: oracle/soasuite:12.2.1.4-jdk8-ol7-220420.2140 $ ``` -1. Run the `docker inspect` command to verify that the downloaded image is the latest released image. The value of label `com.oracle.weblogic.imagetool.buildid` must match to `689e9d04-8b02-4421-8f1f-12266de62f46`. +1. Run the `docker inspect` command to verify that the downloaded image is the latest released image. The value of label `com.oracle.weblogic.imagetool.buildid` must match to `43e56369-4b97-4c40-93b7-60b17912f31b`. For example: ```bash - $ docker inspect --format='{{ index .Config.Labels "com.oracle.weblogic.imagetool.buildid" }}' oracle/soasuite:12.2.1.4-jdk8-ol7-220216.1814 - 689e9d04-8b02-4421-8f1f-12266de62f46 + $ docker inspect --format='{{ index .Config.Labels "com.oracle.weblogic.imagetool.buildid" }}' oracle/soasuite:12.2.1.4-jdk8-ol7-220420.2140 + 43e56369-4b97-4c40-93b7-60b17912f31b $ ``` @@ -111,7 +111,7 @@ If you want to build and use an Oracle SOA Suite Docker image with any additiona ### Install the WebLogic Kubernetes Operator -The WebLogic Kubernetes Operator supports the deployment of Oracle SOA Suite domains in the Kubernetes environment. Follow the steps in [this document](https://github.com/oracle/weblogic-kubernetes-operator/blob/v3.3.0/documentation/3.3/content/quickstart/install.md#install-the-operator) to install the operator. +The WebLogic Kubernetes Operator supports the deployment of Oracle SOA Suite domains in the Kubernetes environment. Follow the steps in [this document](https://github.com/oracle/weblogic-kubernetes-operator/blob/v3.4.0/documentation/3.4/content/quickstart/install.md#install-the-operator) to install the operator. > Note: Optionally, you can execute these [steps](https://oracle.github.io/weblogic-kubernetes-operator/samples/elastic-stack/operator/) to send the contents of the operator’s logs to Elasticsearch. In the following example commands to install the WebLogic Kubernetes Operator, `opns` is the namespace and `op-sa` is the service account created for the Operator: @@ -119,7 +119,7 @@ In the following example commands to install the WebLogic Kubernetes Operator, ` $ kubectl create namespace opns $ kubectl create serviceaccount -n opns op-sa $ cd ${WORKDIR} - $ helm install weblogic-kubernetes-operator charts/weblogic-operator --namespace opns --set image=oracle/weblogic-kubernetes-operator:3.3.0 --set serviceAccount=op-sa --set "domainNamespaces={}" --set "javaLoggingLevel=FINE" --wait + $ helm install weblogic-kubernetes-operator charts/weblogic-operator --namespace opns --set image=oracle/weblogic-kubernetes-operator:3.4.0 --set serviceAccount=op-sa --set "domainNamespaces={}" --set "javaLoggingLevel=FINE" --wait ``` ### Prepare the environment for Oracle SOA Suite domains @@ -170,7 +170,7 @@ For details, see [Prepare to run a domain](https://oracle.github.io/weblogic-kub $ ./create-weblogic-credentials.sh -u weblogic -p Welcome1 -n soans -d soainfra -s soainfra-domain-credentials ``` - For more details, see [this document](https://github.com/oracle/weblogic-kubernetes-operator/blob/v3.3.0/kubernetes/samples/scripts/create-weblogic-domain-credentials/README.md). + For more details, see [this document](https://github.com/oracle/weblogic-kubernetes-operator/blob/v3.4.0/kubernetes/samples/scripts/create-weblogic-domain-credentials/README.md). You can check the secret with the `kubectl get secret` command. diff --git a/docs-source/content/soa-domains/installguide/prerequisites/_index.md b/docs-source/content/soa-domains/installguide/prerequisites/_index.md index 077b9959b..d89767e3b 100644 --- a/docs-source/content/soa-domains/installguide/prerequisites/_index.md +++ b/docs-source/content/soa-domains/installguide/prerequisites/_index.md @@ -10,18 +10,18 @@ This section provides information about the system requirements and limitations ### System requirements for Oracle SOA Suite domains -For the current production release 22.1.2: +For the current production release 22.2.2: * Operating systems supported: * Oracle Linux 7 (UL6+) * Red Hat Enterprise Linux 7 (UL3+ only with standalone Kubernetes) * Oracle Linux Cloud Native Environment (OLCNE) version 1.3. -* Kubernetes 1.16.15+, 1.17.13+, 1.18.10+, 1.19.7+, and 1.20.6+ (check with `kubectl version`). -* Docker 18.9.1 or 19.03.1+ (check with `docker version`) or CRI-O 1.20.2+ (check with `crictl version | grep RuntimeVersion`). -* Flannel networking v0.9.1-amd64 or later (check with `docker images | grep flannel`), Calico networking v3.16.1 or later. +* Kubernetes 1.19.15+, 1.20.11+, 1.21.5+, 1.22.5+, and 1.23.4+ (check with `kubectl version`). +* Docker 19.03.1+ (check with `docker version`) or CRI-O 1.20.2+ (check with `crictl version | grep RuntimeVersion`). +* Flannel networking v0.13.0-amd64 or later (check with `docker images | grep flannel`), Calico networking v3.16.1 or later. * Helm 3.3.4+ (check with `helm version --client --short`). -* WebLogic Kubernetes Operator 3.3.0 (see the [operator releases](https://github.com/oracle/weblogic-kubernetes-operator/releases/tag/v3.3.0) page). -* Oracle SOA Suite 12.2.1.4 Docker image downloaded from My Oracle Support (MOS patch [33749496](https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?patchId=33749496)). This image contains the latest bundle patch and one-off patches for Oracle SOA Suite. +* WebLogic Kubernetes Operator 3.4.0 (see the [operator releases](https://github.com/oracle/weblogic-kubernetes-operator/releases/tag/v3.4.0) page). +* Oracle SOA Suite 12.2.1.4 Docker image downloaded from My Oracle Support (MOS patch [34077593](https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?patchId=34077593)). This image contains the latest bundle patch and one-off patches for Oracle SOA Suite. * You must have the `cluster-admin` role to install the operator. The operator does not need the `cluster-admin` role at runtime. For more information, see the role-based access control (RBAC) [documentation](https://oracle.github.io/weblogic-kubernetes-operator/security/rbac/). * We do not currently support running SOA in non-Linux containers. diff --git a/docs-source/content/soa-domains/patch_and_upgrade/patch-an-image/index.md b/docs-source/content/soa-domains/patch_and_upgrade/patch-an-image/index.md index 64fdfc743..cbb650771 100644 --- a/docs-source/content/soa-domains/patch_and_upgrade/patch-an-image/index.md +++ b/docs-source/content/soa-domains/patch_and_upgrade/patch-an-image/index.md @@ -43,7 +43,7 @@ Before applying the patch, stop all servers in the domain: #### Update user permissions of the domain PV storage -The Oracle SOA Suite image for release 22.1.2 has an oracle user with UID 1000, with the default group set to `root`. Before applying the patched image, update the user permissions of the domain persistent volume (PV) to set the group to `root`: +The Oracle SOA Suite image for release 22.2.2 has an oracle user with UID 1000, with the default group set to `root`. Before applying the patched image, update the user permissions of the domain persistent volume (PV) to set the group to `root`: ``` $ sudo chown -R 1000:0 /scratch/k8s_dir/SOA diff --git a/docs-source/content/soa-domains/patch_and_upgrade/upgrade-k8s-cluster.md b/docs-source/content/soa-domains/patch_and_upgrade/upgrade-k8s-cluster.md index 89421becf..5e3966920 100644 --- a/docs-source/content/soa-domains/patch_and_upgrade/upgrade-k8s-cluster.md +++ b/docs-source/content/soa-domains/patch_and_upgrade/upgrade-k8s-cluster.md @@ -23,6 +23,7 @@ It is expected that there will be a down time during the upgrade of the Kubernet For example, you can upgrade from 1.x to 1.x+1, but not from 1.x to 1.x+2. To upgrade a Kubernetes version, first all the master nodes of the Kubernetes cluster must be upgraded sequentially, followed by the sequential upgrade of each worker node. -* See [here](https://v1-17.docs.kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/) for Kubernetes official documentation to upgrade from v1.16.x to v1.17.x. -* See [here](https://v1-18.docs.kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/) for Kubernetes official documentation to upgrade from v1.17.x to v1.18.x. -* See [here](https://v1-19.docs.kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/) for Kubernetes official documentation to upgrade from v1.18.x to v1.19.x. +* See [here](https://v1-20.docs.kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/) for Kubernetes official documentation to upgrade from 1.19 to 1.20 +* See [here](https://v1-21.docs.kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/) for Kubernetes official documentation to upgrade from 1.20 to 1.21 +* See [here](https://v1-22.docs.kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/) for Kubernetes official documentation to upgrade from 1.21 to 1.22 +* See [here](https://v1-23.docs.kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/) for Kubernetes official documentation to upgrade from 1.22 to 1.23 diff --git a/docs-source/content/soa-domains/patch_and_upgrade/upgrade-operator-release.md b/docs-source/content/soa-domains/patch_and_upgrade/upgrade-operator-release.md index 4b4085b47..7e4e52e45 100644 --- a/docs-source/content/soa-domains/patch_and_upgrade/upgrade-operator-release.md +++ b/docs-source/content/soa-domains/patch_and_upgrade/upgrade-operator-release.md @@ -13,7 +13,7 @@ To upgrade the WebLogic Kubernetes operator, use the `helm upgrade` command with $ cd ${WORKDIR} $ helm upgrade \ --reuse-values \ - --set image=oracle/weblogic-kubernetes-operator:3.3.0 \ + --set image=oracle/weblogic-kubernetes-operator:3.4.0 \ --namespace weblogic-operator-namespace \ --wait \ weblogic-kubernetes-operator \ diff --git a/docs-source/content/soa-domains/release-notes.md b/docs-source/content/soa-domains/release-notes.md index a2c03ee04..9f9e7c92c 100644 --- a/docs-source/content/soa-domains/release-notes.md +++ b/docs-source/content/soa-domains/release-notes.md @@ -12,6 +12,7 @@ Review the latest changes and known issues for Oracle SOA Suite on Kubernetes. | Date | Version | Change | | --- | --- | --- | +|May 31, 2022 | 22.2.2 | Supports Oracle SOA Suite 12.2.1.4 domains deployment using April 2022 PSU and known bug fixes. Oracle SOA Suite 12.2.1.4 Docker image for this release can be downloaded from My Oracle Support (MOS patch [34077593](https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?patchId=34077593)). |February 25, 2022 | 22.1.2 | Supports Oracle SOA Suite 12.2.1.4 domains deployment using January 2022 PSU and known bug fixes. Oracle SOA Suite 12.2.1.4 Docker image for this release can be downloaded from My Oracle Support (MOS patch [33749496](https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?patchId=33749496)). |November 30, 2021 | 21.4.2 | Supports Oracle SOA Suite 12.2.1.4 domains deployment using October 2021 PSU and known bug fixes. Oracle SOA Suite 12.2.1.4 Docker image for this release can be downloaded from My Oracle Support (MOS patch [33467899](https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?patchId=33467899)). |August 6, 2021 | 21.3.2 | Supports Oracle SOA Suite 12.2.1.4 domains deployment using July 2021 PSU and known bug fixes. Oracle SOA Suite 12.2.1.4 Docker image for this release can be downloaded from My Oracle Support (MOS patch [33125465](https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?patchId=33125465)). diff --git a/docs-source/content/soa-domains/troubleshooting/_index.md b/docs-source/content/soa-domains/troubleshooting/_index.md index 94afb3cac..39a7abcc6 100644 --- a/docs-source/content/soa-domains/troubleshooting/_index.md +++ b/docs-source/content/soa-domains/troubleshooting/_index.md @@ -114,7 +114,7 @@ $ helm get values weblogic-kubernetes-operator -n opns USER-SUPPLIED VALUES: domainNamespaces: - soans -image: ghcr.io/oracle/weblogic-kubernetes-operator:3.3.0 +image: ghcr.io/oracle/weblogic-kubernetes-operator:3.4.0 javaLoggingLevel: FINE serviceAccount: op-sa $ @@ -132,7 +132,7 @@ To diagnose this issue: ``` $ helm list -n traefik NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION - traefik-operator traefik 2 2021-10-27 11:24:29.317003398 +0000 UTC deployed traefik-9.1.1 2.2.8 + traefik traefik 2 2022-05-06 09:40:53.205565811 +0000 UTC deployed traefik-10.19.5 2.6.6 $ ``` 1. Verify that the Ingress controller is setup to monitor the domain namespace.