Building the Domain Creation Image

7.2.5 Building the Domain Creation Image

You must build a domain creation image to host the WebLogic Deploy Tooling (WDT) model files and (WDT) installer.

Domain creation images are used for supplying WDT model files, WDT variables files, WDT application archive files (collectively known as WDT model files), and the directory where the WebLogic Deploy Tooling software is installed (known as the WDT Home), when deploying a domain using a Domain on PV model. You distribute WDT model files and the WDT executable using these images, and the WebLogic Kubernetes Operator uses them to manage the domain.

Note:

These images are only used for creating the domain and will not be used to update the domain. The domain creation image is used for domain creation only, it is not the product container image used for Oracle Identity Governance (OIG).

The steps to build the domain creation image are shown in the sections below.

Prerequisites

Verify that your environment meets the following prerequisites:

You have created the domain YAML files are per Creating the WDT YAML files.
A container image client on the build machine, such as Docker or Podman:
- For Docker, a minimum version of 18.03.1.ce is required.
- For Podman, a minimum version of 3.0.1 is required.
An installed version of JDK to run Image Tool, version 8+.
Proxies are set accordingly at the OS level if required.

Preparing the Build Domain Image Script

Navigate to the $WORKDIR/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/properties directory:
```
cd $WORKDIR/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/properties
```

Make a copy of the build-domain-creation-image.properties:

cp build-domain-creation-image.properties build-domain-creation-image.properties.orig

Edit the build-domain-creation-image.properties and modify the following parameters. Save the file when complete:

JAVA_HOME=<Java home location>
IMAGE_TAG=<Image tag name>
REPOSITORY= <Container image repository to push the image>
REG_USER= <Container registry username>
IMAGE_PUSH_REQUIRES_AUTH=<Whether image push requires authentication to the registry>
WDT_MODEL_FILE=<Full Path to WDT Model file oig.yaml> 
WDT_VARIABLE_FILE=<Full path to WDT variable file oig.properties>
WDT_ARCHIVE_FILE=<Full Path to WDT Archive file> 
WDT_VERSION="Version of WebLogic Deploy Tool version to use"
WIT_VERSION="Version of WebLogic Image Tool to use"

For example:

JAVA_HOME=/scratch/jdk
IMAGE_TAG=oig-aux-generic-v1
BASE_IMAGE=ghcr.io/oracle/oraclelinux:8-slim
REPOSITORY=container-registry.example.com/mytenancy/idm
REG_USER=mytenancy/myemail@example.com
IMAGE_PUSH_REQUIRES_AUTH=true
WDT_MODEL_FILE="/OIGK8S/fmw-kubernetes/OracleIdentityGovernance/yaml/oig.yaml"
WDT_VARIABLE_FILE="/OIGK8S/fmw-kubernetes/OracleIdentityGovernance/yaml/oig.properties"
WDT_ARCHIVE_FILE=""
WDT_VERSION="4.2.0"
WIT_VERSION="1.14.3"

A full list of parameters and descriptions in the build-domain-creation-image.properties file are shown below:

Parameter	Definition	Default
JAVA_HOME	Path to the JAVA_HOME for the JDK8+.	/scratch/jdk/jdk1.8.0_351
IMAGE_TAG	Image tag for the final domain creation image.	oig-aux-generic-v1
BASE_IMAGE	The Oracle Linux product container image to use as a base image.	ghcr.io/oracle/oraclelinux:8-slim
REPOSITORY	Container image repository that will host the domain creation image.	iad.ocir.io/mytenancy/idm
REG_USER	Username to authenticate to the `<REGISTRY>` and push the domain creation image.	mytenancy/oracleidentitycloudservice/myemail@example.com
IMAGE_PUSH_REQUIRES_AUTH	If authentication to `<REGISTRY>` is required then set to true, else set to false. If set to false, `<REG_USER>` is not required.	true
WDT_MODEL_FILE	Absolute path to WDT model file oig.yaml. For example `$WORKDIR/yaml/oig.yaml`.	/scratch/model/oig.yaml
WDT_MODEL_FILE	Absolute path to WDT variable file `oig.properties`. For example `$WORKDIR/yaml/oig.properties`.	/scratch/model/oig.properties
WDT_ARCHIVE_FILE	Absolute path to WDT archive file.
WDT_VERSION	WebLogic Deploy Tool version. If not specified the latest available version will be downloaded. It is recommended to use the default value.	4.2.0
WIT_VERSION	WebLogic Image Tool Version. If not specified the latest available version will be downloaded. It is recommended to use the default value.	1.14.3
TARGET	Select the target environment in which the created image will be used. Supported values: Default or OpenShift. See Additional Information.	Default
CHOWN	userid:groupid to be used for creating files within the image, such as the WDT installer, WDT model, and WDT archive. If the user or group does not exist in the image, they will be added with useradd/groupadd.	oracle:oracle

Note:

If IMAGE_PUSH_REQUIRES_AUTH=true, you must edit the $WORKDIR/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/properties/.regpassword and change <REGISTRY_PASSWORD> to your registry password:

REG_PASSWORD="<REGISTRY_PASSWORD>"

Running the build-domain-creation-image Script

Navigate to the $WORKDIR/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image directory:
```
cd $WORKDIR/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image
```

Execute the build-domain-creation-image.sh by specifying the input properties parameter files. Executing this command will build the image and push it to the container registry :

./build-domain-creation-image.sh -i properties/build-domain-creation-image.properties

Note:

Administrators should be aware of the following:

If using a password file, you must add the following to the end of the command:
```
-p properties/.regpassword
```
You can use the same domain creation image to create a domain in multiple environments, based on your need. You do not need to rebuild it every time during domain creation. This is a one time activity.

The output will look similar to the following:

using WDT_DIR: /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/workdir
Using WDT_VERSION 4.2.0
Using WIT_DIR /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/workdir
Using WIT_VERSION 1.14.3
Using Image tag: oig-aux-generic-v1
using Base Image: ghcr.io/oracle/oraclelinux:8-slim
using IMAGE_BUILDER_EXE /usr/bin/podman
JAVA_HOME is set to /scratch/jdk
@@  Info: WIT_INSTALL_ZIP_URL is ''
@@ WIT_INSTALL_ZIP_URL is not set
@@ imagetool.sh not found in /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/workdir/imagetool/bin. Installing imagetool...
@@ Info:  Downloading https://github.com/oracle/weblogic-image-tool/releases/download/release-1.14.3/imagetool.zip
@@ Info:  Downloading https://github.com/oracle/weblogic-image-tool/releases/download/release-1.14.3/imagetool.zip with https_proxy="http://proxy.example.com:80"
@@ Info: Archive downloaded to /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/workdir/imagetool.zip, about to unzip via '/home/opc/jdk/bin/jar xf'.
@@ Info: imageTool cache does not contain a valid entry for wdt_4.2.0. Installing WDT
@@  Info: WDT_INSTALL_ZIP_URL is ''
@@ WDT_INSTALL_ZIP_URL is not set
@@ Info:  Downloading https://github.com/oracle/weblogic-deploy-tooling/releases/download/release-4.2.0/weblogic-deploy.zip
@@ Info:  Downloading https://github.com/oracle/weblogic-deploy-tooling/releases/download/release-4.2.0/weblogic-deploy.zip with https_proxy="http://proxy.example.com:80"
@@ Info: Archive downloaded to /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/workdir/weblogic-deploy.zip
[INFO   ] Successfully added to cache. wdt_4.2.0=/OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/workdir/weblogic-deploy.zip
@@ Info: Install succeeded, imagetool install is in the /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/workdir/imagetool directory.
Starting Building Image registry.example.com/mytenancy/idm:oig-aux-generic-v1
 Login Succeeded!
WDT_MODEL_FILE is set to /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/yaml/oig.yaml
WDT_VARIABLE_FILE is set to /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/yaml/oig.properties
Additional Build Commands file is set to /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/additonal-build-files/build-files.txt
Additonal Build file is set to /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/additonal-build-files/OIG.json
[INFO   ] WebLogic Image Tool version 1.14.3
[INFO   ] Image Tool build ID: 0c9aa58f-808b-4707-a11a-7766fb301cbb
[INFO   ] Temporary directory used for image build context: /home/oracle/wlsimgbuilder_temp1198331326550546381
[INFO   ] Copying /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/additonal-build-files/OIG.json to build context folder.
[INFO   ] User specified fromImage ghcr.io/oracle/oraclelinux:8-slim
[INFO   ] Inspecting ghcr.io/oracle/oraclelinux:8-slim, this may take a few minutes if the image is not available locally.
[INFO   ] Copying /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/yaml/oig.yaml to build context folder.
[INFO   ] Copying /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/yaml/oig.properties to build context folder.
[INFO   ] Copying /OIGK8S/fmw-kubernetes/OracleIdentityGovernance/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils/build-domain-creation-image/workdir/weblogic-deploy.zip to build context folder.
[INFO   ] Starting build: /usr/bin/podman build --no-cache --force-rm --tag registry.example.com/mytenancy/idm:oig-aux-generic-v1 --pull --build-arg http_proxy=http://proxy.example.com:80 --build-arg https_proxy=http://proxy.example.com:80 --build-arg no_proxy=localhost,127.0.0.0/8,.example.com,,/var/run/crio/crio.sock,X.X.X.X /home/oracle/wlsimgbuilder_temp1198331326550546381
[1/3] STEP 1/5: FROM ghcr.io/oracle/oraclelinux:8-slim AS os_update
[1/3] STEP 2/5: LABEL com.oracle.weblogic.imagetool.buildid="0c9aa58f-808b-4707-a11a-7766fb301cbb"
--> ba91c351bf94
[1/3] STEP 3/5: USER root
--> d8f89c65892a
[1/3] STEP 4/5: RUN microdnf update     && microdnf install gzip tar unzip libaio libnsl jq findutils diffutils shadow-utils     && microdnf clean all
Downloading metadata...
Downloading metadata...
Package                                         Repository            Size
Upgrading:
 libgcc-8.5.0-20.0.3.el8.x86_64                 ol8_baseos_latest  93.4 kB
  replacing libgcc-8.5.0-20.0.2.el8.x86_64
 libstdc++-8.5.0-20.0.3.el8.x86_64              ol8_baseos_latest 474.6 kB
  replacing libstdc++-8.5.0-20.0.2.el8.x86_64
 systemd-libs-239-78.0.4.el8.x86_64             ol8_baseos_latest   1.2 MB
   replacing systemd-libs-239-78.0.3.el8.x86_64
Transaction Summary:
 Installing:        0 packages
 Reinstalling:      0 packages
 Upgrading:         3 packages
 Obsoleting:        0 packages
 Removing:          0 packages
 Downgrading:       0 packages
Downloading packages...
Running transaction test...
Updating: libgcc;8.5.0-20.0.3.el8;x86_64;ol8_baseos_latest
Updating: libstdc++;8.5.0-20.0.3.el8;x86_64;ol8_baseos_latest
Updating: systemd-libs;239-78.0.4.el8;x86_64;ol8_baseos_latest
Cleanup: libstdc++;8.5.0-20.0.2.el8;x86_64;installed
Cleanup: systemd-libs;239-78.0.3.el8;x86_64;installed
Cleanup: libgcc;8.5.0-20.0.2.el8;x86_64;installed
Complete.
Package                           Repository            Size
Installing:
 diffutils-3.6-6.el8.x86_64       ol8_baseos_latest 369.3 kB
 findutils-1:4.6.0-21.el8.x86_64  ol8_baseos_latest 539.8 kB
 gzip-1.9-13.el8_5.x86_64         ol8_baseos_latest 170.7 kB
 jq-1.6-7.0.3.el8.x86_64          ol8_appstream     206.5 kB
 libaio-0.3.112-1.el8.x86_64      ol8_baseos_latest  33.4 kB
 libnsl-2.28-236.0.1.el8.7.x86_64 ol8_baseos_latest 111.4 kB
 oniguruma-6.8.2-2.1.el8_9.x86_64 ol8_appstream     191.5 kB
 unzip-6.0-46.0.1.el8.x86_64      ol8_baseos_latest 201.0 kB
Transaction Summary:
Installing:        8 packages
 Reinstalling:      0 packages
 Upgrading:         0 packages
 Obsoleting:        0 packages
 Removing:          0 packages
 Downgrading:       0 packages
Downloading packages...
Running transaction test...
Installing: oniguruma;6.8.2-2.1.el8_9;x86_64;ol8_appstream
Installing: jq;1.6-7.0.3.el8;x86_64;ol8_appstream
Installing: unzip;6.0-46.0.1.el8;x86_64;ol8_baseos_latest
Installing: libnsl;2.28-236.0.1.el8.7;x86_64;ol8_baseos_latest
Installing: libaio;0.3.112-1.el8;x86_64;ol8_baseos_latest
Installing: gzip;1.9-13.el8_5;x86_64;ol8_baseos_latest
Installing: findutils;1:4.6.0-21.el8;x86_64;ol8_baseos_latest
Installing: diffutils;3.6-6.el8;x86_64;ol8_baseos_latest
Complete.
Complete.
--> 73fb79fa40b2
[1/3] STEP 5/5: RUN if [ -z "$(getent group oracle)" ]; then groupadd oracle || exit 1 ; fi  && if [ -z "$(getent group oracle)" ]; then groupadd oracle || exit 1 ; fi  && if [ -z "$(getent passwd oracle)" ]; then useradd -g oracle oracle || exit 1; fi  && mkdir -p /u01  && chown oracle:oracle /u01  && chmod 775 /u01
--> ff6cf74351d1
[2/3] STEP 1/4: FROM ff6cf74351d1e0124121321174eaa64ebefa0bc3eef80ec88caec12feb9e8fb3 AS wdt_build
[2/3] STEP 2/4: RUN mkdir -p /auxiliary  && mkdir -p /auxiliary/models  && chown oracle:oracle /auxiliary
--> a061b678fa0a
[2/3] STEP 3/4: COPY --chown=oracle:oracle ["weblogic-deploy.zip", "/tmp/imagetool/"]
--> 3daccfef2f06
[2/3] STEP 4/4: RUN test -d /auxiliary/weblogic-deploy && rm -rf /auxiliary/weblogic-deploy || echo Initial WDT install         && unzip -q "/tmp/imagetool/weblogic-deploy.zip" -d /auxiliary
Initial WDT install
--> b77b02f66a83
[3/3] STEP 1/12: FROM ff6cf74351d1e0124121321174eaa64ebefa0bc3eef80ec88caec12feb9e8fb3 AS final
[3/3] STEP 2/12: ENV AUXILIARY_IMAGE_PATH=/auxiliary     WDT_HOME=/auxiliary     WDT_MODEL_HOME=/auxiliary/models
--> 10dc1832266f
[3/3] STEP 3/12: RUN mkdir -p /auxiliary && chown oracle:oracle /auxiliary
--> 0b85f8e7399a
[3/3] STEP 4/12: COPY --from=wdt_build --chown=oracle:oracle /auxiliary /auxiliary/
--> c64bf2bef430
[3/3] STEP 5/12: RUN mkdir -p /auxiliary/models && chown oracle:oracle /auxiliary/models
--> d8817f84ab58
[3/3] STEP 6/12: COPY --chown=oracle:oracle ["oig.yaml", "/auxiliary/models/"]
--> 45b1d25264b9
[3/3] STEP 7/12: COPY --chown=oracle:oracle ["oig.properties", "/auxiliary/models/"]
--> 2ceba77ee226
[3/3] STEP 8/12: RUN chmod -R 640 /auxiliary/models/*
--> 34385bac7974
[3/3] STEP 9/12: USER oracle
--> 409f6e3ccce4
[3/3] STEP 10/12: WORKDIR /auxiliary
--> aaa2f154f512
[3/3] STEP 11/12: COPY --chown=oracle:oracle files/OIG.json /auxiliary/weblogic-deploy/lib/typedefs
--> c8a9d29106d3
[3/3] STEP 12/12: RUN chmod -R 755 /auxiliary
[3/3] COMMIT registry.example.com/mytenancy/idm:oig-aux-generic-v1
--> 0797418499a1
Successfully tagged registry.example.com/mytenancy/idm:oig-aux-generic-v1
0797418499a1dfd6d2a28672948c17ed747291ad069cebca5fac1b0410978d75
[INFO   ] Build successful. Build time=72s. Image tag=registry.example.com/mytenancy/idm:oig-aux-generic-v1
Getting image source signatures
 Copying blob 462ffb36555c done
Copying blob 3db4d3748983 done
Copying blob 7e9f3f6c7a0a done
Copying blob 32aa5f13e19b done
Copying blob d979da323f64 done
Copying blob f18b9e5f415f done
Copying blob aaaea7c1392f done
Copying blob 5504fa641a87 done
Copying blob 5aa81493c602 done
Copying blob f56f992ba90d done
Copying blob 2b1e0644fbd3 done
Copying config a39dc6ae7f done
Writing manifest to image destination
Pushed image registry.example.com/mytenancy/idm/oig-aux-generic-v1 to image registry Docker Hub