1. Edit the $WORKDIR/yaml/domain.yaml and update the %DOMAIN_CREATION_IMAGE% with the previously generated image name:

   Note:

   %DOMAIN_CREATION_IMAGE% takes the format of <REPOSITORY>:<TAG>.

   domain:
            # Domain | DomainAndRCU
            createIfNotExists: DomainAndRCU
            # Image containing WDT installer and Model files.
            domainCreationImages:
                - image: '%DOMAIN_CREATION_IMAGE%'
            domainType: OIG
   

   For example:

   domain:
           # Domain | DomainAndRCU
           createIfNotExists: DomainAndRCU
           # Image containing WDT installer and Model files.
           domainCreationImages:
               - image: 'container-registry.example.com/mytenancy/idm:oig-aux-generic-v1'
           domainType: OIG
   

2. In circumstances where you may be pulling the OIG product container image from Oracle Container Registry, and then the domain image from a private registry, you must first create a secret (privatecred) for the private registry. For example:

   kubectl create secret docker-registry "privatecred" --docker-server=container-registry.example.com \
   --docker-username="user@example.com" \
   --docker-password=password --docker-email=user@example.com \
   --namespace=oigns
   

   Then specify both secrets for imagePullSecrets in the domain.yaml. For example:

    ...
   spec:
     # The WebLogic Domain Home
     domainHome: /u01/oracle/user_projects/domains/governancedomain
   
     # The domain home source type
     # Set to PersistentVolume for domain-in-pv, Image for domain-in-image, or FromModel for model-in-image
     domainHomeSourceType: PersistentVolume
   
     # The WebLogic Server image that the Operator uses to start the domain
     image: "container-registry.oracle.com/middleware/oig_cpu:14.1.2.1.0-jdk17-ol8-<YYMMDD>"
   
     # imagePullPolicy defaults to "Always" if image version is :latest
     imagePullPolicy: IfNotPresent
   
     imagePullSecrets:
     - name: orclcred
     - name: privatecred
     # Identify which Secret contains the WebLogic Admin credentials
   ...
   

   For more information about the configuration parameters in domain.yaml, see Domain Resources.

 # Copyright (c) 2024, Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 #
 # This is an example of how to define an OIG Domain. For details about the fields in domain specification, refer https://oracle.github.io/weblogic-kubernetes-operator/managing-domains/domain-resource/
 #
 apiVersion: "weblogic.oracle/v9"
 kind: Domain
 metadata:
   name: governancedomain
   namespace: oigns
   labels:
      weblogic.domainUID: governancedomain
 spec:
   # The WebLogic Domain Home
   domainHome: /u01/oracle/user_projects/domains/governancedomain

   # The domain home source type
   # Set to PersistentVolume for domain-in-pv, Image for domain-in-image, or FromModel for model-in-image
   domainHomeSourceType: PersistentVolume

   # The WebLogic Server image that the Operator uses to start the domain
   image: "container-registry.oracle.com/middleware/oig_cpu:14.1.2.1.0-jdk17-ol8-<YYMMDD>"

   # imagePullPolicy defaults to "Always" if image version is :latest
   imagePullPolicy: IfNotPresent

   # Add additional secret name if you are using a different registry for domain creation image.
   # Identify which Secret contains the credentials for pulling an image
   imagePullSecrets:
   - name: orclcred
   - name: privatecred
   # Identify which Secret contains the WebLogic Admin credentials
   webLogicCredentialsSecret:
      name: governancedomain-weblogic-credentials

   # Whether to include the server out file into the pod's stdout, default is true
   includeServerOutInPodLog: true

   # Whether to enable log home
   logHomeEnabled: true

   # Whether to write HTTP access log file to log home
   httpAccessLogInLogHome: true

   # The in-pod location for domain log, server logs, server out, introspector out, and Node Manager log files
   logHome: /u01/oracle/user_projects/domains/logs/governancedomain
   # An (optional) in-pod location for data storage of default and custom file stores.
   # If not specified or the value is either not set or empty (e.g. dataHome: "") then the
   # data storage directories are determined from the WebLogic domain home configuration.
   dataHome: ""

   # serverStartPolicy legal values are "Never, "IfNeeded", or "AdminOnly"
   # This determines which WebLogic Servers the Operator will start up when it discovers this Domain
   # - "Never" will not start any server in the domain
   # - "AdminOnly" will start up only the administration server (no managed servers will be started)
   # - "IfNeeded" will start all non-clustered servers, including the administration server and clustered servers up to the replica count
   serverStartPolicy: IfNeeded

   serverPod:
      initContainers:
         #DO NOT CHANGE THE NAME OF THIS INIT CONTAINER
         - name: compat-connector-init
           # OIG Product image, same as spec.image mentioned above
           image: "container-registry.oracle.com/middleware/oig_cpu:14.1.2.1.0-jdk17-ol8-<YYMMDD>"
           imagePullPolicy: IfNotPresent
           command: [ "/bin/bash", "-c", "mkdir -p  /u01/oracle/user_projects/domains/ConnectorDefaultDirectory", "mkdir -p  /u01/oracle/user_projects/domains/wdt-logs"]
           volumeMounts:
              - mountPath: /u01/oracle/user_projects
                 name: weblogic-domain-storage-volume
      # a mandatory list of environment variable to be set on the servers
      env:
      - name: JAVA_OPTIONS
         value: -Dweblogic.StdoutDebugEnabled=false
      - name: USER_MEM_ARGS
         value: "-Djava.security.egd=file:/dev/./urandom -Xms256m -Xmx1024m "
      - name: WLSDEPLOY_LOG_DIRECTORY
         value: "/u01/oracle/user_projects/domains/wdt-logs"
      - name: FRONTENDHOST
         value: example.com
      - name: FRONTENDPORT
         value: "14000"
      - name: WLSDEPLOY_PROPERTIES
         value: "-Dwdt.config.disable.rcu.drop.schema=true"
      envFrom:
      - secretRef:
           name: governancedomain-rcu-credentials
      volumes:
      - name: weblogic-domain-storage-volume
         persistentVolumeClaim:
           claimName: governancedomain-domain-pvc
      volumeMounts:
      - mountPath: /u01/oracle/user_projects
         name: weblogic-domain-storage-volume

   # adminServer is used to configure the desired behavior for starting the administration server.
   adminServer:
      # adminService:
      #   channels:
      # The Admin Server's NodePort
      #    - channelName: default
      #      nodePort: 30701
      # Uncomment to export the T3Channel as a service
      #    - channelName: T3Channel
      serverPod:
         # an (optional) list of environment variable to be set on the admin servers
         env:
         - name: USER_MEM_ARGS
           value: "-Djava.security.egd=file:/dev/./urandom -Xms512m -Xmx1024m "

   configuration:
         secrets: [ governancedomain-rcu-credentials ]
         initializeDomainOnPV:
           persistentVolume:
              metadata:
                   name: governancedomain-domain-pv
              spec:
                 storageClassName: governancedomain-domain-storage-class
                 capacity:
              # Total storage allocated to the persistent storage.
                      storage: 10Gi
              # Reclaim policy of the persistent storage
              # # The valid values are: 'Retain', 'Delete', and 'Recycle'
                 persistentVolumeReclaimPolicy: Retain
              # Persistent volume type for the persistent storage.
              # # The value must be 'hostPath' or 'nfs'.
              # # If using 'nfs', server must be specified.
                 nfs:
                   server: mynfsserver
                 # hostPath:
                   path: "/scratch/shared/governancedomain"
           persistentVolumeClaim:
              metadata:
                   name: governancedomain-domain-pvc
              spec:
                 storageClassName: governancedomain-domain-storage-class
                 resources:
                      requests:
                           storage: 10Gi
                 volumeName: governancedomain-domain-pv
           domain:
                 # Domain | DomainAndRCU
                 createIfNotExists: DomainAndRCU
                 # Image containing WDT installer and Model files.
                 domainCreationImages:
                      - image: 'container-registry.example.com/mytenancy/idm:oig-aux-generic-v1'
                 domainType: OIG
   # References to Cluster resources that describe the lifecycle options for all
   # the Managed Server members of a WebLogic cluster, including Java
   # options, environment variables, additional Pod content, and the ability to
   # explicitly start, stop, or restart cluster members. The Cluster resource
   # must describe a cluster that already exists in the WebLogic domain
   # configuration.
   clusters:
   - name: governancedomain-oim-cluster
   - name: governancedomain-soa-cluster

   # The number of managed servers to start for unlisted clusters
   # replicas: 1

 ---
 # This is an example of how to define a Cluster resource.
 apiVersion: weblogic.oracle/v1
 kind: Cluster
 metadata:
   name: governancedomain-oim-cluster
   namespace: oigns
 spec:
   clusterName: oim_cluster
   serverService:
      precreateService: true
   replicas: 0
   serverPod:
      env:
      - name: USER_MEM_ARGS
         value: "-Djava.security.egd=file:/dev/./urandom -Xms8192m -Xmx8192m  "
      resources:
         limits:
           cpu: "2"
           memory: "8Gi"
         requests:
           cpu: "1000m"
           memory: "4Gi"


 ---
 # This is an example of how to define a Cluster resource.
 apiVersion: weblogic.oracle/v1
 kind: Cluster
 metadata:
   name: governancedomain-soa-cluster
   namespace: oigns
 spec:
   clusterName: soa_cluster
   serverService:
      precreateService: true
   replicas: 1
   serverPod:
      env:
      - name: USER_MEM_ARGS
         value: "-Xms8192m -Xmx8192m "
      resources:
         limits:
           cpu: "1"
           memory: "10Gi"
         requests:
           cpu: "1000m"
           memory:  "4Gi"
 

      domain:
          ...
          domainCreationImages:
              ...
          domainCreationConfigMap: mymodel-domain-configmap

cd $WORKDIR/kubernetes/create-oim-domain/domain-home-on-pv/wdt-utils

./create-configmap.sh -n oigns -d governancedomain -c mymodel-domain-configmap -f wdt_models/mymodel.yaml

1. Run the following command to create OIG domain resources:

   kubectl create -f $WORKDIR/yaml/domain.yaml

   The following steps will be performed by WebLogic Kubernetes Operator:
   • Run the introspector job.
   • The introspection job will create the RCU Schemas.
   • The introspector job pod will create the domain on PV using the model provided in the domain creation image.
   • The introspector job pod will execute OIG offline configuration actions post successful creation of domain via WDT.
   • Brings up the Administration Server, and the SOA Managed Server (soa_server1).
   The output will look similar to the following:

   domain.weblogic.oracle/governancedomain created
   cluster.weblogic.oracle/governancedomain-oim-cluster created
   cluster.weblogic.oracle/governancedomain-soa-cluster created
   

   Whilst the domain creation is running, you can run the following command to monitor the progress:

   kubectl get pods -n <domain_namespace> -w
   

   Note:

   The -w flag allows you watch the status of the pods as they change.

   For example:

   kubectl get pods -n oigns -w
   

   You can also tail the logs for the pods by running:

   kubectl logs -f <pod> -n oigns
   

   Note:

   WDT specific logs can be found in <persistent_volume>/domains/wdt-logs.
2. Once everything is started you should see the Administration Server and SOA server are running:

   NAME                           READY   STATUS    RESTARTS   AGE
   governancedomain-adminserver   1/1     Running   0          13m
   governancedomain-soa-server1   1/1     Running   0          10m
   

   Note:

   Depending on the speed of your cluster, it can take around 25 minutes for all the pods to be in READY 1/1 state.

   If there are any failures, follow Domain creation failure with WDT models in Known Issues.

3. Start the OIM server by running the following command:

   kubectl patch cluster -n <domain_namespace> <domainUID>-oim-cluster --type=merge -p '{"spec":{"replicas":1}}'
   

   For example:

   kubectl patch cluster -n oigns governancedomain-oim-cluster --type=merge -p '{"spec":{"replicas":1}}'
   

   The output will look similar to the following:

    cluster.weblogic.oracle/governancedomain-oim-cluster patched
   

4. Run the following command to view the status of the OIM server:

   kubectl get pods -n <domain_namespace> -w
   

   For example:

   kubectl get pods -n oigns -w
   

   Once the OIM server is running, the output will look similar to the following:

   NAME                           READY   STATUS    RESTARTS   AGE
   governancedomain-adminserver   1/1     Running   0          16m
   governancedomain-soa-server1   1/1     Running   0          13m
   governancedomain-oim-server1   1/1     Running   0          5m22s