Installing the WebLogic Kubernetes Operator Add-on
You can enable the WebLogic Kubernetes Operator add-on when you create a cluster or for an existing cluster.
Note:
To bring the WebLogic Server to the running state, create additional rules in separate WebLogic Server security lists for the control plane and worker subnets, and for the pod subnet if you are using VCN-Native Pod Networking. See Ports Required by WebLogic Server.
Add-on installation remains in Accepted state and waits until the cluster is in the Active state.
After the cluster is in the Active state, the WebLogic Kubernetes Operator is in Needs Attention state until a node pool is created for the cluster.
When a node-pool has been created for the cluster, the add-on is reconciled, and the add-on is in Ready state unless some other problem exists. See Add-on Reconciliation.
Note:
Enabling the WebLogic Kubernetes Operator add-on on a VCN-Native Pod Networking cluster requires an entry for 169.254.169.254 in crio-noproxy node metadata for the nodepools where the add-on pods might be scheduled. See "Proxy settings" in the OCI CLI procedure in Creating an OKE Worker Node Pool.
Install the Add-on When You Create a Cluster
To install an add-on when you create a cluster, you must use the Compute Web UI.
Using the Compute Web UI
-
On the dashboard, select Containers / View Kubernetes Clusters (OKE).
-
Above the clusters list, select the Create Cluster button.
-
On the bottom of the first page of the Create Cluster dialog, the Add-ons section shows the available cluster add-ons. In the Create Cluster dialog, all add-ons are Disabled.
-
Select the WLS Operator (WebLogic Kubernetes Operator) add-on.
-
Enable: Select the checkbox for "Enable Add-On WLS Operator" to deploy and enable the add-on for this cluster.
-
Add-on version updates: Select how you want the version of the add-on to be updated as newer versions of the add-on become available and as newer versions of Kubernetes are supported for OKE. Select either Automatic Updates or Choose a Version. See descriptions of these options in Version Updates for Add-ons.
If you select Choose a Version, then you must select a version from the list.
-
Configurations: Select the Add configuration button to select a configuration option and specify a value. See the descriptions in Configuration Parameters for the WebLogic Kubernetes Operator Add-on.
Select the Add configuration button to set another configuration parameter.
-
Install the Add-on for an Existing Cluster
Outside Certificates
If you want to install the WebLogic Kubernetes Operator add-on on an existing cluster that is using a certificate that is not the certificate that is specific to the Private Cloud Appliance, perform the following steps on the cluster where you want to install the add-on:
-
Perform certificate rotation as described in Updating the Certificate Authority Bundle.
-
Perform any updates to node pool configuration that are required, such as boot volume size change or shape changes, for example.
-
Cycle worker nodes as described in Node Cycling an OKE Node Pool.
-
Enable or install the WebLogic Kubernetes Operator add-on as described in this procedure.
Using the Compute Web UI
-
On the dashboard, select Containers / View Kubernetes Clusters (OKE).
-
In the clusters list, select the name of the cluster in which you want to install the add-on.
-
On the cluster details page, scroll to the Resources section, and select Add-ons.
-
In the add-ons list, for the WLS Operator add-on, select the Actions menu, and select Edit. On the WLS Operator dialog, select the Enable Add-on WLS Operator checkbox to do one of the following:
-
Deploy and enable the WebLogic Kubernetes Operator add-on if the add-on has not been enabled on this cluster before.
-
Enable the WebLogic Kubernetes Operator add-on if the add-on was previously deployed for this cluster but is currently disabled.
-
-
Configure the add-on.
-
Add-on version updates: Select the method you want to use to update the version of the add-on as newer versions of the add-on become available and as newer versions of Kubernetes are supported for OKE: either Automatic Updates or Choose a Version. See descriptions of these options in Version Updates for Add-ons.
If you select Choose a Version, then you must select a version from the list.
-
Add-on configuration: Select the Add configuration button to select a configuration option and specify a value. See the descriptions in Configuration Parameters for the WebLogic Kubernetes Operator Add-on.
To set another configuration parameter, select the Add configuration button.
-
-
Select the Save Changes button in the dialog.
Using the OCI CLI
-
Get the OCID of the cluster for which you want to install an add-on:
oci ce cluster list -
Construct an argument for the
--configurationsoption.Use the
--configurationsoption to specify one or more key/value pairs in JSON format to pass as arguments to the cluster add-on.For descriptions of the configuration parameters, see Configuration Parameters for the WebLogic Kubernetes Operator Add-on.
The inline syntax is shown in the example in the next step of this procedure. You might find it easier to use a file:
--configurations file://./weblogic-cfg.json
The format and content of the configuration file is given by the following command:
$ oci ce cluster install-addon --generate-param-json-input configurations [ { "key": "string", "value": "string" }, { "key": "string", "value": "string" } ]In the following example, both
requestsandlimitsare specified because the memory limit is lower than the default memory request. If a limit is less than the corresponding request, the deployment will fail.Double quotation marks within a value must be escaped with a single backslash.
[ { "key": "weblogic-operator.ContainerResources", "value": "{ \"requests\": { \"cpu\": \"250m\", \"memory\": \"150Mi\" }, \"limits\": { \"cpu\": \"500m\", \"memory\": \"200Mi\" } }" }, { "key": "weblogic-operator-webhook.ContainerResources", "value": "{ \"limits\": { \"cpu\": \"150m\", \"memory\": \"200Mi\" } }" }, { "key": "numOfReplicas", "value": "1" } ] -
Run the install add-on command.
Syntax:
$ oci ce cluster install-addon --cluster-id cluster_OCID \ --addon-name addon_name
Example:
If you specify a version, you are selecting the "Stay on the specific version" option for updating the add-on version, described in Version Updates for Add-ons. If you set the version to null, or you omit the
--version-parameterconflictoption, you are selecting the default behavior "Automatically update the add-on."Note that the version string must begin with a "v".
Enclose the configurations argument in single quotation marks so that you do not need to escape every double quotation mark in the argument value.
$ oci ce cluster install-addon --cluster-id ocid1.cluster.unique_ID \ --addon-name WeblogicKubernetesOperator --version-parameterconflict "v4.2.13" \ --configurations '[{"key": "weblogic-operator.ContainerResources", "value": "{\"limits\": {\"cpu\": \"500m\", \"memory\": \"512Mi\"}}"}, \ {"key": "weblogic-operator-webhook.ContainerResources", "value": "{\"limits\": {\"cpu\": \"150m\", \"memory\": \"200Mi\"}}"}]' { "opc-work-request-id": "ocid1.cccworkrequest.unique_ID" }
Version Updates for Add-ons
When you enable a cluster add-on, you can choose one of the following options for updating the add-on version:
-
(Default) Automatically update the add-on when new versions become available.
The newest version of the add-on that supports the Kubernetes version that is specified for the cluster is deployed when you install the add-on. When a newer version of the add-on is released, the add-on is automatically updated if the new add-on version is compatible with the versions of Kubernetes that are supported by OKE at that time and the version of Kubernetes that the cluster is running.
Best practice is to keep your clusters upgraded so that they are always running versions of Kubernetes that are listed as currently supported by OKE. See Supported Versions of Kubernetes and Updating an OKE Cluster.
-
Stay on the specific version of the add-on that you select until you change it.
If you specify that you want to choose the version of the add-on to deploy, the version you choose is enabled. Ensure that the add-on version is compatible with the Kubernetes version that you have selected for the cluster or that is already running on the cluster.
When you use the Compute Web UI, you select the version from a list. All versions on the list are compatible with the Kubernetes version that you have selected for the cluster or that is already running on the cluster.
When you use the OCI CLI, use the following
addon-option listcommands to get the information you need before you run thecluster install-addoncommand.List available versions of all cluster add-ons that are supported on the specified Kubernetes version.
$ oci ce addon-option list --kubernetes-version v1.29.9
List available versions of the specified cluster add-on that are supported on the specified Kubernetes version.
$ oci ce addon-option list --kubernetes-version v1.29.9 --addon-name WeblogicKubernetesOperator
Configuration Parameters for the WebLogic Kubernetes Operator Add-on
The following configuration parameters are available for the WebLogic Kubernetes Operator cluster add-on.
Note:
For weblogic-operator container resources and weblogic-operator-webhook container resources, if you set a limit without specifying a request, and the limit is less than the default request, the deployment will fail.
Use the values of the weblogic-operator container resources parameter and the weblogic-operator-webhook container resources parameter to determine the maximum number of replicas you can specify. The values of these parameters could be the default values shown in the following table or different values that you requested when you enabled the WebLogic Kubernetes Operator.
Example:
A worker node with 6 Gb RAM and 2 OCPUs could accommodate 12 pods if you don't count other cluster-related or custom pods. Each WebLogic Server pod could require 250m/768Mi (cpu/memory), and Flannel Overlay pods could require 100m/50Mi. Best practice is not to exceed 70% of CPU/memory usage per node. Considering only weblogic-operator pods, 8 would be ideal to leave room for system daemons or fluctuating workloads.
Since you also must allocate weblogic-operator-webhook pods, it would be better to schedule a maximum of 6 replicas per weblogic-operator pod per node, leaving room for a maximum of 8 weblogic-operator-webhook pods,
In this example (a worker node with 6 Gb RAM and 2 OCPUs), 6 replicas per node (12 for a 2 worker node cluster) is the best configuration.
This calculation of maximum number of replicas varies for each case, depending on the WebLogic requirements, the size of the node pools, and the shape configuration (CPU and memory) for each node pool.
| Parameter Name Compute Web UI OCI CLI | Description |
|---|---|
|
numOfReplicas
|
(Required) The integer number of replicas of the add-on deployment. |
|
weblogic-operator container resources
|
(Optional) These are resource values for the main WebLogic Operator container. The resource quantities that the add-on containers request, and the resource usage limits that the add-on containers cannot exceed. See Resource Management for Pods and Containers in the Kubernetes documentation. If you do not specify a request, the default request values are:
If you set a usage limit, you must set a limit equal to or greater than these default resource request values or the request values that you specified. |
|
weblogic-operator-webhook container resources
|
(Optional) These are resource values for the webhook container used by the operator. The resource quantities that the add-on containers request, and the resource usage limits that the add-on containers cannot exceed. If you do not specify a request, the default request values are:
If you set a usage limit, you must set a limit equal to or greater than these default resource request values or the request values that you specified. |
Ports Required by WebLogic Server
This section describes additional security rules needed to specify ports that are required to bring the WebLogic Server to the running state. Create additional rules in separate WebLogic Server security lists for the control plane and worker subnets, and for the pod subnet if you are using VCN-Native Pod Networking.
The following rules are for the control plane subnet. These rules are used for both Flannel Overlay networking and VCN-Native Pod Networking.
Table 6-1 WebLogic Server Security Rules for the Control Plane Subnet
| Compute Web UI property | OCI CLI property |
|---|---|
|
Ingress Rule 1
|
Ingress Rule 1
|
|
Ingress Rule 2
|
Ingress Rule 2
|
The following rules are for the worker subnet. These rules are used for both Flannel Overlay networking and VCN-Native Pod Networking.
Table 6-2 WebLogic Server Security Rules for the Worker Subnet
| Compute Web UI property | OCI CLI property |
|---|---|
|
Ingress Rule 1
|
Ingress Rule 1
|
|
Ingress Rule 2
|
Ingress Rule 2
|
|
Ingress Rule 3
|
Ingress Rule 3
|
The following rules are for the pod subnet. These rules are used for VCN-Native Pod Networking.
Table 6-3 WebLogic Server Security Rules for the Pod Subnet
| Compute Web UI property | OCI CLI property |
|---|---|
|
Ingress Rule 1
|
Ingress Rule 1
|
|
Ingress Rule 2
|
Ingress Rule 2
|