Prepare the environment for Oracle SOA Suite domains
Create a namespace for an Oracle SOA Suite domain
Create a Kubernetes namespace (for example, soans) for the domain unless you intend to use the default namespace. Label the namespace with weblogic-operator=enabled to manage the domain. Use the new namespace in the remaining steps in this section. For details, see Prepare to run a domain.
$ kubectl create namespace soans
$ kubectl label namespace soans weblogic-operator=enabled
Oracle SOA Suite image prebuilt by Oracle have an oracle user with UID 1000 with the default group set to root. To ensure that `weblogicDomainStoragePath` path is having this ownership of `1000:0`, you can refer the utility script, pv-pvc-helper.sh provided as part of the lifecycle scripts to change the ownership and permissions of the shared directory on the persistent storage.
For example, you can change the ownership and permissions of weblogicDomainStoragePath for the created PVC soainfra-domain-pvc in soans domain namespace with below steps:
Launch the helper pod with the PVC `soainfra-domain-pvc` in `soans` namespace and mount path `/shared`:
$ pv-pvc-helper.sh -n soans -c soainfra-domain-pvc -m /shared -r $ kubectl -n soans exec -it pvhelper -- /bin/shAfter you get a shell to the running Pod container, change the directory to /shared, and you can change the ownership or permissions using the appropriate chown or chmod commands. For example,
$ chown 1000:0 /shared/. && find /shared/. -maxdepth 1 ! -name '.snapshot' ! -name '.' -print0 | xargs -r -0 chown -R 1000:0Create a persistent storage for an Oracle SOA Suite domain
In the Kubernetes namespace you created, create the PV and PVC for the domain by running the create-pv-pvc.sh script. Follow the instructions for using the script to create a dedicated PV and PVC for the Oracle SOA Suite domain.
-
Review the configuration parameters for PV creation here. Based on your requirements, update the values in the create-pv-pvc-inputs.yaml file located at ${WORKDIR}/create-weblogic-domain-pv-pvc/. Sample configuration parameter values for an Oracle SOA Suite domain are:
-
baseName:
domain -
domainUID:
soainfra -
namespace:
soans -
weblogicDomainStorageType:
HOST_PATH -
weblogicDomainStoragePath:
/scratch/k8s_dir/SOA
-
-
Ensure that the path for the weblogicDomainStoragePath property exists and have the ownership for 1000:0. If not, you need to create it as follows:
$ sudo mkdir /scratch/k8s_dir/SOA $ sudo chown -R 1000:0 /scratch/k8s_dir/SOA -
Run the create-pv-pvc.sh script:
$ cd ${WORKDIR}/create-weblogic-domain-pv-pvc $ ./create-pv-pvc.sh -i create-pv-pvc-inputs.yaml -o output_soainfra -
The create-pv-pvc.sh script will create a subdirectory pv-pvcs under the given /path/to/output-directory directory and creates two YAML configuration files for PV and PVC. Apply these two YAML files to create the PV and PVC Kubernetes resources using the kubectl create -f command:
$ kubectl create -f output_soainfra/pv-pvcs/soainfra-domain-pv.yaml $ kubectl create -f output_soainfra/pv-pvcs/soainfra-domain-pvc.yaml
Create a Kubernetes secret with domain credentials
Create the Kubernetes secrets username and
password of the administrative account in the same Kubernetes
namespace as the domain:
$ cd ${WORKDIR}/create-weblogic-domain-credentials
$ ./create-weblogic-credentials.sh -u weblogic -p Welcome1 -n soans -d soainfra -s soainfra-domain-credentials
For more details, see this document..
kubectl get secretFor example:
$ kubectl get secret soainfra-domain-credentials -o yaml -n soans
apiVersion: v1
data:
password: T3JhZG9jX2RiMQ==
sys_password: T3JhZG9jX2RiMQ==
sys_username: c3lz
username: U09BMQ==
kind: Secret
metadata:
creationTimestamp: "2020-06-25T14:08:16Z"
labels:
weblogic.domainName: soainfra
weblogic.domainUID: soainfra
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:password: {}
f:sys_password: {}
f:sys_username: {}
f:username: {}
f:metadata:
f:labels:
.: {}
f:weblogic.domainName: {}
f:weblogic.domainUID: {}
f:type: {}
manager: kubectl
operation: Update
time: "2020-06-25T14:08:16Z"
name: soainfra-rcu-credentials
namespace: soans
resourceVersion: "265386"
selfLink: /api/v1/namespaces/soans/secrets/soainfra-rcu-credentials
uid: 2d93941c-656b-43a4-8af2-78ca8be0f293
type: OpaqueCreate a Kubernetes secret with the RCU credentials
You also need to create a Kubernetes secret containing the credentials for the database schemas. When you create your domain, it will obtain the RCU credentials from this secret. Use the provided sample script to create the secret:
$ cd ${WORKDIR}/create-rcu-credentials
$ ./create-rcu-credentials.sh \
-u SOA1 \
-p Oradoc_db1 \
-a sys \
-q Oradoc_db1 \
-d soainfra \
-n soans \
-s soainfra-rcu-credentials
The parameter values are:
- -u username for schema owner (regular user), required.
- -p password for schema owner (regular user), required.
- -a username for SYSDBA user, required.
- -q password for SYSDBA user, required.
- -d domainUID. Example: soainfra
- -n namespace. Example: soans
- -s secretName. Example: soainfra-rcu-credentials
kubectl get secretFor example:
$ kubectl get secret soainfra-rcu-credentials -o yaml -n soans
apiVersion: v1
data:
password: T3JhZG9jX2RiMQ==
sys_password: T3JhZG9jX2RiMQ==
sys_username: c3lz
username: U09BMQ==
kind: Secret
metadata:
creationTimestamp: "2020-06-25T14:08:16Z"
labels:
weblogic.domainName: soainfra
weblogic.domainUID: soainfra
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:password: {}
f:sys_password: {}
f:sys_username: {}
f:username: {}
f:metadata:
f:labels:
.: {}
f:weblogic.domainName: {}
f:weblogic.domainUID: {}
f:type: {}
manager: kubectl
operation: Update
time: "2020-06-25T14:08:16Z"
name: soainfra-rcu-credentials
namespace: soans
resourceVersion: "265386"
selfLink: /api/v1/namespaces/soans/secrets/soainfra-rcu-credentials
uid: 2d93941c-656b-43a4-8af2-78ca8be0f293
type: Opaque
Create Oracle database
Oracle SOA Suite domains require a database with the necessary schemas installed in them. The Repository Creation Utility (RCU) allows you to create those schemas. You must set up the database before you create your domain. There are no additional requirements added by running Oracle SOA Suite in Kubernetes; the same existing requirements apply.
Refer here to create Single Instance Container Database managed by Oracle Database Operator.
Once you have the required database created or have the access details, continue with next steps to set up the necessary schemas in your database.
Run the Repository Creation Utility to set up your database schemas
Create schemas
The RCU pod requires that you create a secret in the same namespace as the RCU pod that contains the database’s SYSDBA username and password in its sys_username and sys_password fields, and also contains a password of your choice for RCU schemas in its password field.
For example:
kubectl -n default create secret generic oracle-rcu-secret \
--from-literal='sys_username=sys' \
--from-literal='sys_password=MY_SYS_PASSWORD' \
--from-literal='password=MY_RCU_SCHEMA_PASSWORD'
To create the database schemas for Oracle SOA Suite, run the create-rcu-schema.sh script.
For example:
cd ${WORKDIR}/create-rcu-schema
./create-rcu-schema.sh -h
usage: ./create-rcu-schema.sh -s <schemaPrefix> [-t <schemaType>] [-d <dburl>] [-n <namespace>] [-c <credentialsSecretName>] [-p <docker-store>] [-i <image>] [-u <imagePullPolicy>] [-o <rcuOutputDir>] [-r <customVariables>] [-l <timeoutLimit>] [-b <databaseType>] [-e <edition>] [-h]
-s RCU Schema Prefix (required)
-t RCU Schema Type (optional)
(supported values: osb,soa,soaosb, default: soa)
-d RCU Oracle Database URL (optional)
(default: oracle-db.default.svc.cluster.local:1521/devpdb.k8s)
-n Namespace for RCU pod (optional)
(default: default)
-c Name of credentials secret (optional).
(default: oracle-rcu-secret)
Must contain SYSDBA username at key 'sys_username',
SYSDBA password at key 'sys_password',
and RCU schema owner password at key 'password'.
-p OracleSOASuite ImagePullSecret (optional)
(default: none)
-i OracleSOASuite Image (optional)
(default: soasuite:release-version)
-u OracleSOASuite ImagePullPolicy (optional)
(default: IfNotPresent)
-o Output directory for the generated YAML file. (optional)
(default: rcuoutput)
-r Comma-separated custom variables in the format variablename=value. (optional).
(default: none)
-l Timeout limit in seconds. (optional).
(default: 300)
-b Type of database to which you are connecting (optional). Supported values: ORACLE,EBR
(default: ORACLE)
-e The edition name. This parameter is only valid if you specify type of database (-b) as EBR. (optional).
(default: 'ORA$BASE')
-h Help
NOTE: The c, p, i, u, and o arguments are ignored if an rcu pod is already running in the namespace.
./create-rcu-schema.sh \
-s SOA1 \
-t soaosb \
-d oracle-db.default.svc.cluster.local:1521/devpdb.k8s \
-n default \
-c oracle-rcu-secret \
-b EBR \
-i soasuite:release-version \
-r SOA_PROFILE_TYPE=SMALL,HEALTHCARE_INTEGRATION=NO
For Oracle SOA Suite domains, the create-rcu-schema.sh script supports:
- domain types:
soa,osb, andsoaosb. You must specify one of these using the-tflag. - Type of database to which you are connecting: ORACLE, EBR. You can specify one of these using -b flag. Default is ORACLE. Use EBR for 14.1.2.
- For Oracle SOA Suite you must specify the Oracle SOA schema
profile type using the
-rflag. For example,-r SOA_PROFILE_TYPE=SMALL. Supported values forSOA_PROFILE_TYPEareSMALL,MED, andLARGE.
Note:
To use theLARGE
schema profile type, make sure that the partitioning feature is enabled in the
Oracle Database.
Make sure that you maintain the association between the database schemas and the matching domain just like you did in a non-Kubernetes environment. There is no specific functionality provided to help with this.
Drop schemas
If you want to drop a schema, you can use the drop-rcu-schema.sh script.
For example:
cd ${WORKDIR}/create-rcu-schema
./drop-rcu-schema.sh -h
usage: ./drop-rcu-schema.sh -s <schemaPrefix> [-t <schemaType>] [-d <dburl>] [-n <namespace>] [-c <credentialsSecretName>] [-p <docker-store>] [-i <image>] [-u <imagePullPolicy>] [-o <rcuOutputDir>] [-r <customVariables>] [-b <databaseType>] [-e <edition>] [-h]
-s RCU Schema Prefix (required)
-t RCU Schema Type (optional)
(supported values: osb,soa,soaosb, default: soa)
-d RCU Oracle Database URL (optional)
(default: oracle-db.default.svc.cluster.local:1521/devpdb.k8s)
-n Namespace for RCU pod (optional)
(default: default)
-c Name of credentials secret (optional).
(default: oracle-rcu-secret)
Must contain SYSDBA username at key 'sys_username',
SYSDBA password at key 'sys_password',
and RCU schema owner password at key 'password'.
-p OracleSOASuite ImagePullSecret (optional)
(default: none)
-i OracleSOASuite Image (optional)
(default: soasuite:release-version)
-u OracleSOASuite ImagePullPolicy (optional)
(default: IfNotPresent)
-o Output directory for the generated YAML file. (optional)
(default: rcuoutput)
-r Comma-separated custom variables in the format variablename=value. (optional).
(default: none)
-b Type of database to which you are connecting (optional). Supported values: ORACLE,EBR
(default: ORACLE)
-e The edition name. This parameter is only valid if you specify type of database (-b) as EBR. (optional).
(default: 'ORA$BASE')
-h Help
NOTE: The c, p, i, u, and o arguments are ignored if an rcu pod is already running in the namespace.
./drop-rcu-schema.sh \
-s SOA1 \
-t soaosb \
-d oracle-db.default.svc.cluster.local:1521/devpdb.k8s \
-n default \
-c oracle-rcu-secret \
-b EBR \
-r SOA_PROFILE_TYPE=SMALL,HEALTHCARE_INTEGRATION=NO
For Oracle SOA Suite domains, the drop-rcu-schema.sh script supports:
- Domain types: soa, osb, and soaosb. You must specify one of these using the -t flag.
- Type of database to which you are connecting: ORACLE, EBR. You can specify one of these using -b flag. Default is ORACLE. Use EBR for 14.1.2.
- For Oracle SOA Suite, you must specify the Oracle SOA schema profile type using the -r flag. For example, -r SOA_PROFILE_TYPE=SMALL. Supported values for SOA_PROFILE_TYPE are SMALL, MED, and LARGE.