1. Using Oracle WebLogic Server for OKE (Release 21.3.2 or earlier)
  2. Update a Domain in Oracle WebLogic Server for OKE
  3. Update the Domain Configuration

Update the Domain Configuration

Use the Jenkins job to update a domain that you created with Oracle WebLogic Server for OKE for Model in Image and Domain in Image.

To identify whether a version uses the Model in Image or the Domain in Image source type, see the Supported Image column in Patches Included in Oracle WebLogic Server for OKE.

Important:

From Oracle WebLogic Server for OKE release 21.2.2 onwards, Domain in Image is deprecated.
You can use one of the following sources to specify the location of the archive zip file, domain model Yaml file, and variables properties file:

  • File Upload - Uploads the file from the local system.

  • Object Storage - Uses the pre-authenticated URL on the Object Storage.

  • Shared File System - Uses the path of the shared file storage.

    The NFS shared file system path is mounted on /u01/shared location on the administration host.

You can provide one of the files to update the domain:

  • Model Yaml file

  • Model Yaml file with variable properties file

  • Archive file containing the model Yaml file

  • Archive file containing the model Yaml file and the variable properties file

  • Archive file containing the model Yaml file, overriding model Yaml file, and the variable properties file

  • Archive file and the model Yaml file.

    This archive file should not contain the model Yaml file.

  • Archive file, model Yaml file, and the variable properties file

    This archive file should not contain the model Yaml file.

If you are using Model in Image:

  • The model Yaml file must contain the required secrets like WebLogic Admin Password, runtime encryption secret, and Repository Schema Utility (RCU) schema user password.
  • In case of Oracle Cloud Infrastructure Database (DB system), the model Yaml file must include the datasource secret and in case of Oracle Autonomous Database, the model Yaml file must include the datasource secret and wallet with the keystore passwords. See About Data Sources.

If you are using Domain in Image:

  • The model Yaml file and the variable properties can be encrypted using the encryptModel command. See Encrypt Model Tool in WebLogic Deploy Tooling documentation.
  • You must specify a passphrase if the model Yaml file or the variable properties is encrypted with the Encrypt Model Tool.
  • You can also update the Repository Schema Utiity (RCU) password for the model Yaml file; all schema passwords are updated to the same password. See step 10 to update the schema password.

    Before you update the schema password, follow the prerequisites in Prerequisites to Update the Repository Schema Utility Password.

    An example of model Yaml with RCU schema password:

    domainInfo:
          RCUDbInfo:
            rcu_prefix:<schema_prefix>
              rcu_schema_password:'<new_password>'

See RCU Connection Information in WebLogic Deploy Tooling documentation.

To update a domain and deploy applications, shared libraries and resources to the new domain:

  1. Sign in to the Jenkins console for your domain. See Access the Jenkins Console.
  2. On the Dashboard page, click update-domain.
  3. Click Build with Parameters.
  4. Select the source of the archive zip file from the Archive_Source list.

    Note:

    In case of files larger than one MB, use the Object Storage or Shared File System option.
  5. For Archive_File_Location, either browse to select the zip file, specify the http pre-authenticated URL, or specify the path of the zip file on the shared file system.

    To know about the structure of the archive file, see archive file in WebLogic Deploy Tooling documentation.

  6. Select the source of the domain model Yaml file from the Domain_Model_Source list.

    If the archive zip file contains the domain model Yaml file, you can skip this step.

    This step is optional if you are using Domain in Image.

  7. For Model_File_Location, either browse to select the Yaml file, specify the http pre-authenticated URL, or specify the path of the Yaml on the shared file system.

    See model YAML file in WebLogic Deploy Tooling documentation.

    This step is optional if you are using Domain in Image.

  8. Select the source of the variable properties file from the Variable_Source list.
  9. For Variable_File_Location, either browse to select the file, specify the http pre-authenticated URL, or specify the path of the properties file on the shared file system.
  10. Deselect the Rollback_On_Failure check box if you do not want to rollback to the previous working domain image (optional).

    If you deselected this check box, you can rollback to the previous image later from the backup.

    The Rollback_On_Failure check box is selected by default.

    Note:

    If you are using Domain in Image:

    • Enter the Encryption_Passphrase to encrypt the passwords in the model Yaml or the variable properties file.

    • Select the Update_RCU_Schema_Password check box to update the schema password for the model Yaml file.

    This option updates the password for all schemas.

    Select this check box only if you want to update the RCU schema password. Before you update the schema password, follow the prerequisites in Prerequisites to Update the Repository Schema Utility Password.

  11. Click Build to run the Pipeline job.

    You can see the different stages of the Pipeline for the update-domain job. See Pipeline Job Stages in Domain in Image.

  12. Access the deployed application using the external load balancer.
    https://<external-LB-IP>/sample-app

    You can use the kubectl command to get the external load balancer IP address.

    For example:
    kubectl get service <resourceprefix>-external -n <resourceprefix>-domain-ns

    Note:

    To get the external load balancer IP address, when you provision an Oracle WebLogic Server for OKE domain without a bastion instance, see Access the Load Balancer IP for No Bastion Host.

You can use the WebLogic Server Administration Console to verify that the domain is updated with all the specified parameters. See Access the WebLogic Console.

Prerequisites to Update the Repository Schema Utility Password

If you are using Domain In Image, perform the following prerequisite tasks before you update the Repository Schema Utility (RCU) password with the update-domain job.

After the password is updated on the database, WebLogic connection pool periodically tries connecting to the schema using the old password and fails to connect until the RCU password is updated. So, you must change the SQL profile associated with the RCU schema users.

Before you update the RCU schema password:

  1. From your computer, open an SSH connection to the database as the opc user, then change to the oracle user, and start a connectionless command-line session.
    ssh -i <privKey> opc@<DB IP>
sudo su oracle
sqlplus /nolog

    where, DB IP is the public IP address of the database instance, and privKey is the full path and name of the file that contains the private key corresponding to the public key associated with the database instance that you want to access.

  2. Connect to the database as sysdba user using sqlplus.
    connect sys/<password>@//dbhost.subnet1.vcn1.oraclevcn.com:1521/pdbName.subnet1.vcn1.oraclevcn.com as sysdba

    Example:

    connect sys/<password>@//sidb19-scan.admin.existingnetwork.oraclevcn.com:1521/sipdb.admin.existingnetwork.oraclevcn.com as sysdba
  3. Set the login attempts for the DEFAULT profile to UNLIMITED and then check the limit for the DEFAULT profile.
    ALTER PROFILE DEFAULT LIMIT FAILED_LOGIN_ATTEMPTS UNLIMITED;
select limit from dba_profiles where profile='DEFAULT' /
and resource_name='FAILED_LOGIN_ATTEMPTS';
LIMIT
–-------------------------------------------------------------------
UNLIMITED
  4. List all the dba users where username like <schema_prefix>__%.
    select username from dba_users where username like '<schema_prefix>__%';


    USERNAME
-------------------------------
<schema_prefix>_STB
<schema_prefix>_IAU_APPEND
<schema_prefix>_OPSS
<schema_prefix>_WLS
<schema_prefix>_IAU
<schema_prefix>_WLS_RUNTIME
<schema_prefix>_IAU_VIEWER
<schema_prefix>_UMS
<schema_prefix>_MDS

    For example:

    select username from dba_users where username like 'SP1601029287_%';

    All user names are prefixed with SP1601029287 as in SP1601029287_STB.

  5. Change the password for the following users.
    alter user <schema_prefix>_STB identified by <new_password>;
alter user <schema_prefix>_IAU_APPEND identified by <new_password>;
alter user <schema_prefix>_OPSS identified by <new_password>;
alter user <schema_prefix>_WLS identified by <new_password>;
alter user <schema_prefix>_IAU identified by <new_password>;
alter user <schema_prefix>_WLS_RUNTIME identified by <new_password>;
alter user <schema_prefix>_IAU_VIEWER identified by <new_password>;
alter user <schema_prefix>_UMS identified by <new_password>;
alter user <schema_prefix>_MDS identified by <new_password>;

    For example:

    alter user SP1601029287_STB identified by <new_password>;
  6. Connect to the database for the MDS user.
    connect <schema_prefix>_MDS/<password>//dbhost.example.com:1521
Connected
  7. List the table names in the database for the current user.
    select table_name from user_tables;
  8. Exit SQL.
    exit