Skip to content

WLS on AKS: Support T3 tunneling #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 14 commits into from
Sep 16, 2021
Merged

WLS on AKS: Support T3 tunneling #22

merged 14 commits into from
Sep 16, 2021

Conversation

galiacheng
Copy link
Contributor

@galiacheng galiacheng commented Sep 10, 2021
edited
Loading

Issue: #14

Description: enable T3 tunneling in admin server and cluster.

Item Default Port HTTP Enabled UI Change Azure Load Balancer Service for L4 traffic Azure Application Gateway for L7 traffic TLS/SSL Custom DNS Alias
Admin Server T3 channel 7005 True Basics -> Optional configuration -> Enable T3 tunneling for Admin server Support, optional to create No support Support, share the same identity and trust with server Support
Cluster T3 channel 8011 True Basics -> Optional configuration -> Enable T3 tunneling for cluster Support, optional to create No support Support, share the same identity and trust with server Support

Notes for TLS/SSL enable: if the customer expose admin server T3 channel and cluster T3 channel in the same time, he has to create different subdomain for the two channel, and the identity certificate must include the subdomains, the best practice is to use wildcard certificate.

Changes:

  • Support T3 tunneling for admin server and cluster
  • Fix file share mounting issue that caused by deployment script
  • Fail the deployment if the service principal is invalid to create azure ingress
  • [UI] move custom DNS controls to an independent blade
  • Sample EJB applications for t3/t3s testing

@galiacheng
On branch t3tunneling: support custom t3
8b22b53 
Upgrade wit and wdt to latest version.

Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/createUiDefinition.json
	modified:   weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/invokeSetupNetworking.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/invokeSetupWLSDomain.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupNetworking.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/updateDomainConfig.sh
	modified:   weblogic-azure-aks/src/main/bicep/mainTemplate.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/networking.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: support t3s
2928df4 
Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/createUiDefinition.json
	modified:   weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/common.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/invokeSetupWLSDomain.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupNetworking.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/updateDomainConfig.sh
	modified:   weblogic-azure-aks/src/main/bicep/mainTemplate.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: enhance UI
0d755c6 
Checkbox for "admin server T3 tunneling"
Checkbox for "cluster T3 tunneling"
InputText for "Java options"

Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/createUiDefinition.json
	modified:   weblogic-azure-aks/src/main/bicep/mainTemplate.bicep

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: fix mount permission issue
199968f 
Use `az storage` commands to upload files instead of mounting the file share.

Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/utility.sh

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: check ingress-azure status
1845742 
Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupNetworking.sh

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: support t3s
5426fab 
Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupNetworking.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: make sure azure-ingress is running.
4cd67ac 
Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupNetworking.sh

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: expose t3 internal and external endpoints
349f4a2 
Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupNetworking.sh
	modified:   weblogic-azure-aks/src/main/bicep/mainTemplate.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/networking.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: refactoring
d25908a 
Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/scripts/common.sh
	new file:   weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh
	new file:   weblogic-azure-aks/src/main/arm/scripts/createDnsRecord.sh
	new file:   weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/setupNetworking.sh
	modified:   weblogic-azure-aks/src/main/arm/scripts/utility.sh
	modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/networking.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: fix dnszone location
6d51421 
Changes to be committed:
	modified:   weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/networking.bicep

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: increase pom version
f0468dd 
Changes to be committed:
	modified:   weblogic-azure-aks/pom.xml

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>

On branch t3tunneling: pom version

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: add ejb application to test t3 tunneling
84a2b02 
Changes to be committed:
	new file:   weblogic-azure-aks/src/resources/ejb-client-stateless-1.0.0.war
	new file:   weblogic-azure-aks/src/resources/ejb-server-stateless-1.0.0.jar

Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng
On branch t3tunneling: initialize the output vaules of lb endpoints
843e229 
 Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh
Signed-off-by: galiacheng <haixia.cheng@microsoft.com>
@galiacheng galiacheng marked this pull request as draft September 10, 2021 10:16
@galiacheng galiacheng marked this pull request as ready for review September 12, 2021 02:44
@galiacheng
Copy link
Contributor Author

Hello @edburns @rjeberhard @mriccell the PR is for t3 tunneling and some bug fix.

@galiacheng
On branch t3tunneling: override the existing dns record.
983a16b 
Signed-off-by: galiacheng <haixia.cheng@microsoft.com>

 Changes to be committed:
	modified:   createDnsRecord.sh
rosemarymarano
rosemarymarano reviewed Sep 16, 2021
View reviewed changes
Copy link

@rosemarymarano rosemarymarano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see any *.md files for me to review. If I've missed them, please tell me which ones they are.

@mriccell mriccell merged commit 4f297cf into oracle:main Sep 16, 2021
@galiacheng galiacheng deleted the t3tunneling branch September 18, 2021 02:18
edburns pushed a commit to azure-javaee/weblogic-azure that referenced this pull request Aug 13, 2025
@galiacheng @edburns
# This is a combination of 24 commits.
ce78bdf 
# This is the 1st commit message:

single node: modify UI and template

increase pom

upgrade Microsoft.Resources/deployments API version

add toolTip for tag control.

fix artifact version

# This is the commit message #2:

admin offer: modify UI and templates

# This is the commit message #3:

guidance for tagging resource

# This is the commit message oracle#4:

fix function error in admin/mainTemplate.json

# This is the commit message oracle#5:

use aka link for maven download url

# This is the commit message oracle#6:

fix mavn installation path

# This is the commit message oracle#7:

use actions/upload-artifact: v4

# This is the commit message oracle#8:

modify UI and templates in cluster offer

# This is the commit message oracle#9:

fix tag issue in _pswlessDbTemplate.json

# This is the commit message oracle#10:

use download-artifact@v4

# This is the commit message oracle#11:

format mainTemplate.json in cluster offer

# This is the commit message oracle#12:

fix variable reference issue

# This is the commit message oracle#13:

fix template error in cluster offer

# This is the commit message oracle#14:

On branch tags-for-resources Include a little text about Tags.
modified:   resources/doc/guidance-for-tagging-resource.md

Signed-off-by: Ed Burns <edburns@microsoft.com>

# This is the commit message oracle#15:

On branch tags-for-resources Reference the PR.
modified:   resources/doc/guidance-for-tagging-resource.md

Signed-off-by: Ed Burns <edburns@microsoft.com>

# This is the commit message oracle#16:

On branch tags-for-resources Explain why only some occurrences of the resource type identifiers are filtered.
modified:   resources/azure-common.properties

Signed-off-by: Ed Burns <edburns@microsoft.com>

# This is the commit message oracle#17:

On branch tags-for-resources Comment copy/pasted behavior.
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/mainTemplate.json

Signed-off-by: Ed Burns <edburns@microsoft.com>

# This is the commit message oracle#18:

On branch tags-for-resources Fix DRY violation: define label in one place.
modified:   resources/azure-common.properties
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_dbTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_dnszones/_createDNSZonesTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_dnszones/_uamiAndRoleAssignment.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_dnszones/_updateDNSZonesTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_keyVaultNestedTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/aadNestedTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/dbTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/dnszonesTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/elkNestedTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_dbTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_dnszones/_createDNSZonesTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_dnszones/_uamiAndRoleAssignment.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_dnszones/_updateDNSZonesTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_keyvault/_keyvaultWithExistingCertTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_keyvault/_keyvaultWithNewCertTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_keyvaultAdapterTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_keyvaultAppGatewayConnectorTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_keyvaultSSLConfigTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/aadNestedTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/appGatewayNestedTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/clusterCustomSSLTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/clusterTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/coherenceTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dbTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dnszonesTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/elkNestedTemplate.json
modified:   weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/mainTemplate.json

Signed-off-by: Ed Burns <edburns@microsoft.com>

# This is the commit message oracle#19:

Support tagging resource in WLS AKS offer (oracle#328)

* modify aks offer to support tag

* debug template

* specify download path

* add identifier.workspaces

* tag vm and vm extension that are created with cli

* test bicep 0.26.54

* fix empty vm tags

* fix file share name

* apply tags to agent pool

* Tag for Microsoft.Monitor/accounts

* doc for aks tag

* clean up source code for tagging resources in aks offer.

* increase pom version

* add comment for bicep user defined function.
# This is the commit message oracle#20:

modify ui definition to show the java option element (oracle#332)

increase pom
# This is the commit message oracle#21:

On branch edburns-msft-dd-2321245-empty-resource-group apply the "allowExisting" property.
modified:   pom.xml
modified:   weblogic-azure-aks/src/main/arm/createUiDefinition.json

Signed-off-by: Ed Burns <edburns@microsoft.com>

# This is the commit message oracle#22:

use the properties Zhihao provided.

# This is the commit message oracle#23:

On branch edburns-msft-dd-2321245-empty-resource-group @backwind1233 pointed out the property was in the incorrect place.
modified:   pom.xml
modified:   weblogic-azure-aks/src/main/arm/createUiDefinition.json

Signed-off-by: Ed Burns <edburns@microsoft.com>

# This is the commit message oracle#24:

enable deployment to non-empty resource groups
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mriccell mriccell mriccell approved these changes

@rjeberhard rjeberhard rjeberhard approved these changes

+1 more reviewer

@rosemarymarano rosemarymarano rosemarymarano left review comments

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@galiacheng @mriccell @rjeberhard @rosemarymarano