rh-sso-oracledb

Deploy RH SSO with a template backed by external Oracle database

Prerequisites

Have the external Openshift service configured to the Oracle DB. Extend the current Red Hat SSO image by adding the Oracle JDBC to the /extensions folder. If necessary, create the truststore to trust your own certificates (in this repository, this is stored in a secret named sso-truststore).

Description

This repository contains the template to deploy RH SSO for accessing external Oracle database. To do so, it calls a script which is mounted under /extensions/scripts. This script will configure properly the standalone-openshift.xml file contained in the image to add the datasource. It also adds your own truststore.

Commands

$ export ns=ocp-sso

$ oc create -f template.yaml -n ${ns}

Create truststore as secret

$ oc create secret sso-truststore --from-file=truststore.jks -n ${ns}

Create objects

$ oc process sso74-oracle \
-p APPLICATION_NAME=sso \
-p IMAGE=quay.io/xyz:latest \
-p ORACLE_SERVICE_NAME=XXXXX  \
-p ORACLE_USERNAME=XXXXX \
-p ORACLE_PASSWORD=XXXXX \
-p ORACLE_SERVICE_HOST=service-db.ocp-sso.svc \
-p ORACLE_SERVICE_PORT=1901 \
-p ORACLE_SERVICE_HOST_2=service-db2.ocp-sso.svc  \
-p ORACLE_SERVICE_PORT_2=1901 \
-p HOSTNAME_HTTPS=sso.example.com \
-p HOSTNAME_HTTP=nonsecure-sso.example.com \
-p KUBERNETES_NAMESPACE=${ns} \
-p SSO_TRUSTSTORE=truststore.jks \
-p SSO_TRUSTSTORE_PASSWORD=XXXXX \
-p SSO_ADMIN_PASSWORD=XXXXX \
-p SSO_ADMIN_USERNAME=XXXXX | oc create -f - -n ${ns}

References

External Database Access for Extended Openshift template on RH-SSO

Running JBoss CLI commands on extended JBoss EAP 7 OpenShift Image

Red Hat Single Sign-On Continuous Delivery 7.4 OpenShift container image

Service Discovery