About the Management Container

5.2 About the Management Container

The Management Container is a container that includes all the required scripts and tools needed to install OAA, OARM, and OUA on a new or existing Kubernetes cluster.

This container runs as a pod in the Kubernetes cluster. It is not part of the deployment itself, but facilitates deploying OAA, OARM, and OUA to the Kubernetes cluster.

The Management Container pod has the following binaries installed based on oraclelinux, along with the standard linux utilities such as zip, iputils, net-tools, and vim:

kubectl
helm
sqlplus: instantclient_19_10
openssl

For more information about the Management Container, see the following topics:

5.2.1 Components of the Management Container

This section provides an overview of important files and folders in the management container pod.

Table 5-1 Management Container Files and Folder Reference

Files and Folders	Description
`OAA.sh`	This script file is used to install OAA, OARM, and OUA. The `installOAA.properties` file must be given as an argument to the script for installing OAA, OAA-OARM, OARM, and OAA-OARM-OUA.
`installsettings`	This folder contains the `oaaoverride.yaml` that can be customized to set the `replicaCount` for some of the services in OAA, OARM, and OUA. To enable this you must set the `common.deployment.overridefile` property in the `installOAA.properties`.
`helmcharts`	This folder contains helm charts and values.yaml for all OAA, OARM, and OUA services.
`libs`	This folder contains the following files: `OAAAuthnPlugin.jar`: this plugin is used for integrating OAM with OAA. `messagingprovider-interface-install-oaa-<release-version>.jar`: This file can be used to customize the SMS and email factors in OAA. For more information, see Customizing Email and SMS Messaging Provider
`logs`	This folder maps to the NFS volume <NFS_LOG_PATH> and stores logs and status of the OAA, OARM, and OUA installation.
`oaa_cli`	This folder contains files that can be customized and used to install geo-location data for OARM. For more information, see Loading Geo-Location Data
`scripts/creds`	This folder maps to the NFS volume <NFS_CREDS_PATH> and contains the following files that get copied, created, and used during installation: `trust.p12` `cert.p12` `k8sconfig` `helmconfig` `OAMOUAKeyStore.jks` `OAMOAAKeyStore.jks`
`scripts/settings`	This folder maps to the NFS volume <NFS_CONFIG_PATH> and stores `installOAA.properties`, and `oaaoverride.yaml` configuration files required for installation.
`service/store/oaa`	This folder maps to the NFS volume <NFS_VAULT_PATH> that is shared between management container and the OAA, OARM, and OUA deployment. It stores the file based vault (if not using OCI based vault).

5.2.2 Preset Environment Variables in Management Container

The Management Container pod is configured with a predefined set of environment variables.

Preset Environment Variables

Environment Variable	Description
`HELM_CONFIG`	This is set to `/u01/oracle/scripts/creds/helmconfig`.
`KUBECONFIG`	This is set to `/u01/oracle/scripts/creds/k8sconfig`.
`SCRIPT_PATH`	This is set to `/u01/oracle/scripts`. This contains the installation scripts.
`CONFIG_DIR`	This is a NFS volume <NFS_CONFIG_PATH> used to store the configuration externally. It is mounted to the path `/u01/oracle/scripts/settings` in the container.
`CREDS_DIR`	This is a NFS volume <NFS_CREDS_PATH> used to store credentials, such as helmconfig, kubeconfig, tap partner keystores, and login private keys. It is mounted to the path `/u01/oracle/scripts/creds` in the container.
`LOGS_DIR`	This is a NFS volume <NFS_LOGS_PATH> used to store installation logs and status. It is mounted to path `/u01/oracle/logs` in the container.
`HELM_CHARTS_PATH`	This is the path where all the helm charts related to the installation exist.
`LD_LIBRARY_PATH`	Sets the instantclient folder. The variable is required to run the `sqlplus` and DB-related commands from instantclient present in the container.
`LIBS_DIR`	This exists in the path `/u01/oracle/libs`. It contains the jar file required for customizing email and SMS providers and the OAM Authentication plugin. It also contains jars that are required for file based vault deployment.
`JARPATH`	This contains the jars required for file based vault to run properly.

5.2.3 Mounted Volumes in the Management Container

This section provides details about the mounted volumes in the Management Container pod.

Mounted Volumes in Management Container

The information in this section releates to the NFS volumes you created in Configuring NFS Volumes.

Mount Folder	Description	Permissions to be Set
`/u01/oracle/logs`	Path not configurable. This is used to store installation logs and status. This maps to NFS volume <NFS_LOG_PATH>.	Read-Write-Execute The NFS volume <NFS_LOG_PATH> must have Read-Write-Execute permissions for all.
`/u01/oracle/scripts/settings`	Path not configurable. This is used to store the customized configuration file for installing OAA and OARM. This maps to NFS volume <NFS_CONFIG_PATH>.	Read-Write-Execute The NFS volume <NFS_CONFIG_PATH> must have Read-Write-Execute permissions for all.
`/u01/oracle/scripts/creds`	Path not configurable. This is used to store credential files such as Kubernetes and Helm configuration files, SSH keys, PKCS12 files, and the OAA and OUA TAP partner keystores. This maps to NFS volume <NFS_CREDS_PATH>.	Read-Write-Execute The NFS volume <NFS_CREDS_PATH> must have Read-Write-Execute permissions for all.
`/u01/oracle/service/store/oaa`	Path is configurable. This is used to store the vault artifacts for file-based vault. This maps to NFS volume <NFS_VAULT_PATH>	Read-Write-Execute The NFS volume <NFS_VAULT_PATH> must have Read-Write-Execute permissions for all.