Create a Domain

After you create a stack, use the Jenkins job to create a domain for Oracle WebLogic Server for OKE.

You can create a model in image within the container image using the create domain job.

When you create a domain with the create domain job, a new domain that has a basic configuration with no custom applications or libraries, called the primordial domain, is created. This domain contains the base WebLogic Server image that has the WebLogic installer, JDK installer, and WebLogic patches for Oracle WebLogic Server for OKE.

To know about the primordial domain, see Mutate the Domain Layer in WebLogic Kubernetes Operator documentation.

Configure WebLogic Server

Specify the parameters required to configure a WebLogic server on a container cluster.

  1. Sign in to the Jenkins console for your domain. See Access the Jenkins Console.
  2. On the Dashboard page, click create domain.
  3. Click Build with Parameters.
  4. For Domain_Name, specify a WebLogic name.
  5. For WebLogic_Version, select a version of Oracle WebLogic Server.
    The available versions are, running on JDK 8, and running on JDK 11.
  6. Optional: Select the required base image from the Base_Image list.

    The images are displayed based on the Weblogic Server version. For example, if you select, images are displayed, and if you select, and images are displayed.


    For, make sure that the base image you select should have the same WebLogic Server and JDK version as in step 5.

    The custom base images and uploaded images are also listed in the Base_Image list. See Create a Custom Base Image.

  7. Enter a user name for the WebLogic Server administrator.
  8. Enter the password for the WebLogic Server administrator.
  9. Select the number of running managed servers in the domain you want to create. You can specify up to 9 manged servers.

    The number of running managed servers is also the number of WebLogic Server pods in the Kubernetes cluster. Each managed server runs in a separate pod in the Kubernetes cluster.

    Managed servers are members of a WebLogic Server cluster.

  10. Select Patch_Automatically, if you want the domain to be subscribed for automatic patching.

    Once subscribed, the domain is patched periodically with the latest patches available in the patching repository. See Automatic Patching.

  11. If your previous create domain job failed, then select Cleanup_Domain_Resources to cleanup any existing domain resources.

Configure the Registry

Specify the credentials to access container images in the Oracle Cloud Infrastructure Registry (OCIR).


If you want to use another user credentials, other than the one specified when creating a stack, then specify the credentials that Oracle WebLogic Server for OKE must use to access container images in the Oracle Cloud Infrastructure Registry (OCIR).
  1. In the Registry User Name field, enter a user name that Kubernetes uses to access the image in the registry.
  2. In the OCIR Auth Token Compartment field, select the compartment where you have the OCIR auth token.

For information about how to create a container registry, see Overview of Registry in the Oracle Cloud Infrastructure documentation.

Configure the Container Cluster

Specify the parameters required to either create a node pool or select an existing node pool for the WebLogic nodes..

Use an Existing Node Pool

  1. From WebLogic_Node_Pool_Type, select Existing_Node_Pool.
  2. From Existing_Node_Pool, select the required node pool.


    In the Existing_Node_Pool list, the node pools, if any, created during stack creation, and the node pools that are idle, that is, do not have any domains running in them and which are created using the create domain job are listed.

Create a Node Pool

  1. From WebLogic_Node_Pool_Type, select Create_Node_Pool.
  2. For Node_Count, specify the number of nodes your want for the WebLogic node pool.
  3. For Node_Pool_Name, specify the name of the node pool.
  4. From WebLogic_Node_Pool_Shape, select a shape for each node in the Kubernetes cluster node pool, for the WebLogic node pools.

    For 2 or more running managed servers, select a shape with 2 or more OCPUs. For example, VM.Standard2.2 instead of VM.Standard2.1.

    If you select a flexible shape, specify the OCPU count and the amount of memory for the WebLogic node pool shape. The amount of memory is based on the number of OCPUs.


    If you specify the amount of memory that is not allowed for the number of OCPUs, the node pool creation fails. See Flexible Shapes.
  5. Optional: SSH public key to access the nodes in the WebLogic server node pool in this domain.

    If you want to use another SSH public key for this domain, other than the one specified when creating a stack, then enter the SSH public key by copy-pasting the SSH key information.


    If you use another SSH public key, the new SSH public key is used to access the nodes in the WebLogic server node pool. The SSH key for accessing the Administrator node is not changed, which you specified when creating a stack.
  6. Optional: For NodePool_Subnet_ID, if you want the node pool to be created in a specific private subnet, then specify the Oracle Cloud Identifier (OCID) of that private subnet.


    • Ensure that the private subnet exists in the same VCN as the Kubernetes cluster.
    • If you want the nodepool in another subnet, then you must to set following additional security rules:
      • In the oke_endpoint security list, allow access on ports 6443 and 12550 for the subnets where you want the nodepool created.
      • In the workers_subnet security list, allow access for all protocols for the destination subnet. This must be an ingress rule with the destination subnet CIDR being the source CIDR.

Configure the Load Balancer

Specify the parameters required to create a public load balancer for the application. The public load balancer is used to access applications on the WebLogic managed servers.

  1. For External_Lb_Shape_Min and External_Lb_Shape_Max, specify the minimum and maximum flexible shape for a public load balancer.

    By default, the minimum bandwidth size is set to 10 Mbps and maximum to 400 Mbps.


    You can update the shape to a maximum of 8000 Mbps. Before you select the maximum bandwidth, ensure to check the available service limit for the flexible public load balancer bandwidth.
  2. Optional: Enter the OCID of the load balancer subnet.


    Ensure that the subnet exists in the same VCN as the Kubernetes cluster. If you do not specify the OCID, the load balancer is created in the same subnet as the load balancer subnet you specified during stack creation.
  3. Select Private_Load_Balancer, if you want to create a private load balancer for your applications.
  4. If you want to use a public load balancer with a reserved public IP, then in Reserved_Public_IP, specify the public IP for the load balancer.


    If you create a load balancer in a private subnet, you must not specify the reserved public IP address, else the domain creation fails.


    By default, the reserved public IP address that you specify as the loadBalancerIP property of the LoadBalancer service in the manifest file is expected to be a resource in the same compartment as the cluster. If you want to specify a reserved public IP address in a different compartment, add the following policy to the tenancy:
    Allow any-user to read public-ips in tenancy where request.principal.type = 'cluster'
    Allow any-user to manage floating-ips in tenancy where request.principal.type = 'cluster'

    See Specifying Load Balancer Reserved Public IP Addresses.

Configure the Domain

In the Provision with JRF section, keep the default selection for Domain_Type as Non_JRF.

Configure Identity Cloud Service Integration

You have the option to use IDCS to authenticate application users for your domain. To enable IDCS, specify the parameters required to configure WebLogic Authentication with Oracle Identity Cloud Service (IDCS).

To use Oracle Identity Cloud Service for authentication:

  1. From IDCS_Enabled, select YES.
  2. For IDCS_Host_Name, specify the required host name.

    The default value of the port name is displayed. If required, you can override the port that you use to access Oracle Identity Cloud Service.

  3. For IDCS_Tenant, specify your IDCS tenant name, which is also referred to as the instance ID.

    This ID is usually found in the URL that you use to access IDCS, and has the format idcs-<GUID>

  4. For IDCS_Client_ID and IDCS_Client_Secret, specify the client ID and the password.
    The client ID and secret are from the confidential application that you created as a prerequisite to create a domain. See Create a Confidential Application.
  5. In IDCS_Redirect_Port, the default port used for the IDCS App Gateway is displayed. If required, you can override the default port.

Create the Domain

Click Build to run the job.

After the job is successful, you can access the WebLogic Console. See Access the WebLogic Console.