Preparing the ohs.yaml File

4.9 Preparing the ohs.yaml File

Prepare the ohs.yaml file ready for Oracle HTTP Server (OHS) deployment.

Perform the following steps to prepare the ohs.yaml file:

Copy the sample yaml files to $MYOHSFILES:
```
cd $MYOHSFILES
cp $SCRIPTDIR/*.yaml .
```
Edit the $MYOHSFILES/ohs.yaml and change the following parameters to match your installation:
- <NAMESPACE> to your namespace, for example ohsns.
- <IMAGE_NAME> to the correct image tag on Oracle Container Registry. If you are using your own container registry for the image, you will need to change the image location appropriately. If your own container registry is open, you do not need the imagePullSecrets.
- During the earlier creation of the ConfigMaps, and secret, if you changed the names from the given examples, then you will need to update the values accordingly.
- All ConfigMaps are shown for completeness. Remove any ConfigMaps that you are not using, for example if you don’t require htdocs then remove the ohs-htdocs ConfigMap. If you are not deploying Oracle WebGate then remove the webgate-config and webgate-wallet ConfigMaps, and so forth.
- If you have created any additional directories under htdocs, then add the additional entries in that match the ConfigMap and directory names.
- All ConfigMaps used must mount to the directories stated.
- Ports can be changed if required.
- Set DEPLOY_WG to true or false depending on whether Oracle WebGate is to be deployed.
- If using SSL change <WALLET_NAME> to the wallet directory created under ohsConfig/webgate/config/wallet, for example mywallet.
- initialDelaySeconds may need to be changed to 10 on slower systems. See, Issues with Liveness Probe in Troubleshooting and Common Problems.

An example ohs.yaml is shown below:

apiVersion: v1
kind: ConfigMap
metadata:
  name: ohs-script-configmap
  namespace: ohsns
data:
  ohs-script.sh: |
    #!/bin/bash
    mkdir -p /u01/oracle/bootdir /u01/oracle/config /u01/oracle/config/moduleconf /u01/oracle/config/webgate/config
    { echo -en "username=" && cat /ohs-config/username && echo -en "\npassword=" && cat /ohs-config/password; } > /u01/oracle/bootdir/domain.properties
    /u01/oracle/provisionOHS.sh
 
 
---
 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ohs-domain
  namespace: ohsns
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  selector:
    matchLabels:
      oracle: ohs
  template:
    metadata:
      labels:
        oracle: ohs
    spec:
      containers:
      - name: ohs
        image: container-registry.oracle.com/middleware/ohs_cpu:14.1.2.0-jdk17-ol8-<YYMMDD>
        env:
          - name: DEPLOY_WG
            value: "true"
        ports:
        - name: clear
          containerPort: 7777
        - name: https
          containerPort: 4443
        resources:
          requests:
            cpu: 1000m
            memory: 1Gi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
            - ALL
          privileged: false
          runAsNonRoot: true
          runAsUser: 1000
        livenessProbe:
          exec:
            command:
            - /bin/bash
            - -c
            - pgrep httpd
          initialDelaySeconds: 10 
          periodSeconds: 5
        readinessProbe:
          httpGet:
            port: 7777
            path: /helloWorld.html
        volumeMounts:
          - name: ohs-secret
            mountPath: /ohs-config
          - name: ohs-config
            mountPath: /u01/oracle/config/moduleconf
          - name: ohs-htdocs
            mountPath: /u01/oracle/config/htdocs
          - name: ohs-myapp
            mountPath: /u01/oracle/config/htdocs/myapp
          - name: ohs-httpd
            mountPath: /u01/oracle/config/httpd
          - name: webgate-config
            mountPath: /u01/oracle/config/webgate/config
          - name: webgate-wallet
            mountPath: /u01/oracle/config/webgate/config/wallet
          - name: ohs-wallet
            mountPath: /u01/oracle/config/wallet/mywallet
          - name: script-volume
            mountPath: /ohs-bin
            readOnly: true
        command: ["/ohs-bin/ohs-script.sh"]
      imagePullSecrets:
      - name: regcred		  
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            podAffinityTerm:
              labelSelector:
                matchExpressions:
                - key: oracle
                  operator: In
                  values:
                  - ohs
              topologyKey: "kubernetes.io/hostname"
      restartPolicy: Always
      securityContext:
        seccompProfile:
          type: RuntimeDefault
      terminationGracePeriodSeconds: 30
      volumes:
      - name: ohs-secret
        secret:
          defaultMode: 0444
          secretName: ohs-secret
      - name: script-volume
        configMap:
           defaultMode: 0555
           name: ohs-script-configmap
      - name: ohs-config
        configMap:
          defaultMode: 0555
          name: ohs-config
      - name: ohs-httpd
           configMap:
          defaultMode: 0555
          name: ohs-httpd
      - name: ohs-htdocs
        configMap:
          defaultMode: 0555
          name: ohs-htdocs
      - name: ohs-myapp
        configMap:
          defaultMode: 0555
          name: ohs-myapp
      - name: webgate-config
        configMap:
          defaultMode: 0555
          name: webgate-config
      - name: webgate-wallet
        configMap:
          defaultMode: 0555
          name: webgate-wallet
      - name: ohs-wallet
        configMap:
          defaultMode: 0555
          name: ohs-wallet
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1