1. Using Oracle WebLogic Server for OKE
  2. Manage WebLogic Domains
  3. Create a WebLogic Domain
  4. Create a Domain

Create a Domain

After you create a stack, use the Jenkins job to create a domain for Oracle WebLogic Server for OKE.

You can locate a WebLogic domain either on a persistent volume (Domain on PV) or inside the container (Model in Image). For a comparison between the two types, see Choose a Domain Home Source Type.

  • Model in Image:

    With Model in Image, you do not need to create your WebLogic domain home beforehand. This tool uses a WebLogic Deploy Tooling (WDT) model to define the WebLogic configuration. It supports standard WebLogic Server domains. For more information, see Model in Image.

    You can create a Model in Image within the container image using the create mii domain job.

    When you create a domain with the create mii domain job, a new non-Java Required Files (JRF) domain that has a basic configuration with no custom applications or libraries, called the primordial domain, is created. This domain contains:

    • Base WebLogic Server image that has the WebLogic installer, JDK installer, and WebLogic patches for Oracle WebLogic Server for OKE.
    • Primordial Auxiliary image that has WebLogic domain resources (server, cluster, JDBC, and other resources).

    To know about the primordial domain and auxiliary images, see Mutate the Domain Layer and Auxiliary Images in WebLogic Kubernetes Operator documentation.

  • Domain on Persistent Volume (PV):

    Domain on PV creates the domain on a persistent volume. Domain on PV is applicable for two types of domains: a standard Oracle WebLogic Server (WLS) domain and an Oracle Fusion Middleware Infrastructure, Java Required Files (JRF) domain. For more information, see Domain on Persistent Volume (PV).

    You can create and deploy a domain on persistent volume (Domain on PV) using the create pv domain job. With this job, you can create both a non-Java Required Files (JRF) domain or a Java Required Files (JRF) domain, depending on your requirement.

Topics:

Before you create a domain, ensure that all the prerequisites are completed. See Prerequisites to Create a Domain.

Provision a Non-JRF Domain

You can use the Jenkins pipeline job create mii domain or create domain on pv to automate the deployment of a non-JRF WebLogic Server doamin. The job you choose will depend on whether you want to use Model in Image domain home source type or the Domain on Persistent Volume domain home source type for deploying a domain.

Complete the following steps to create a non-JRF domain using create mii domain or create domain on pv, based on your requirement.

Topics:

Configure WebLogic Server

Specify the parameters required to configure a WebLogic server on a container cluster.

  1. Sign in to the Jenkins console for your domain. See Access the Jenkins Console.
  2. On the Dashboard page, click create domain.
  3. Click Build with Parameters.
  4. For Domain_Name, specify a WebLogic name.
  5. For WebLogic_Version, select a version of Oracle WebLogic Server.
    The available versions are 12.2.1.4.0, 14.1.1.0.0 running on JDK 8, and 14.1.1.0.0 running on JDK 11.
  6. Optional: Select the required base image from the Base_Image list.

    The images are displayed based on the Weblogic Server version. For example, if you select 12.2.1.4.0, 12.2.1.4.0 images are displayed, and if you select 14.1.1.0.0, 14.1.1.0.0_jdk8 and 14.1.1.0.0_jdk11 images are displayed.

    Note:

    For 14.1.1.0.0., make sure that the base image you select should have the same WebLogic Server and JDK version as in step 5.

    The custom base images and uploaded images are also listed in the Base_Image list. See Create a Custom Base Image.

  7. Enter a user name for the WebLogic Server administrator.
  8. Enter the password for the WebLogic Server administrator.
  9. Select the number of running managed servers in the domain you want to create. You can specify up to 9 manged servers.

    The number of running managed servers is also the number of WebLogic Server pods in the Kubernetes cluster. Each managed server runs in a separate pod in the Kubernetes cluster.

    Managed servers are members of a WebLogic Server cluster.

  10. Specify the time in minutes to wait for the WebLogic Domain Server pods to start in the running state. The default wait time is 40 minutes.
  11. Select Patch_Automatically, if you want the domain to be subscribed for automatic patching.

    Once subscribed, the domain is patched periodically with the latest patches available in the patching repository. See Automatic Patching.

  12. If your previous create domain job failed, then select Cleanup_Domain_Resources to cleanup any existing domain resources.

Configure the Registry

Specify the credentials to access container images in the Oracle Cloud Infrastructure Registry (OCIR).

Note:

If you want to use another user credentials, other than the one specified when creating a stack, then specify the credentials that Oracle WebLogic Server for OKE must use to access container images in the Oracle Cloud Infrastructure Registry (OCIR).
  1. In the Registry_Username field, enter a user name that Kubernetes uses to access the image in the registry.

    The registry user name format is tenancy_namespace/<username>. If your tenancy is federated with Oracle Identity Cloud Service, then the registry user name format is tenancy_namespace/oracleidentitycloudservice/<username>.

    You can choose either to include the tenancy_namespace or remove the tenancy_namespace in the user name format. For example, you can either use tenancy_namespace/<username> or <username>.

    Note:

    If you choose to include tenancy_namespace in the user format, ensure that you use the correct namespace for your tenancy.
  2. In the Registry_Authentication_Token field, select the compartment where you have the OCI Secret that contains the auth token.

For information about how to create a container registry, see Overview of Registry in the Oracle Cloud Infrastructure documentation.

Configure the Container Cluster

Specify the parameters required to either create a node pool or select an existing node pool for the WebLogic nodes.

Use an Existing Node Pool
To use an existing node pool:
  1. From WebLogic_Node_Pool_Type, select Existing_Node_Pool.
  2. From Existing_Node_Pool, select the required node pool.

    Note:

    In the Existing_Node_Pool list, the node pools, if any, created during stack creation, and the node pools that are idle, that is, do not have any domains running in them and which are created using the create mii domain or the create domain on pv job are listed.
Create a Node Pool
To create a node pool:
  1. From WebLogic_Node_Pool_Type, select Create_Node_Pool.
  2. For Node_Count, specify the number of nodes your want for the WebLogic node pool.
  3. For Node_Pool_Name, specify the name of the node pool.
  4. From WebLogic_Node_Pool_Shape, select a shape for each node in the Kubernetes cluster node pool, for the WebLogic node pools.

    For 2 or more running managed servers, select a shape with 2 or more OCPUs. For example, VM.Standard2.2 instead of VM.Standard2.1.

    If you select a flexible shape, specify the OCPU count and the amount of memory for the WebLogic node pool shape. The amount of memory is based on the number of OCPUs.

    Note:

    If you specify the amount of memory that is not allowed for the number of OCPUs, the node pool creation fails. See Flexible Shapes.
  5. Optional: For SSH_Public_Key, specify the contents of the SSH public key to access the nodes in the WebLogic server node pool in this domain.

    If you want to use another SSH public key for this domain, other than the one specified when creating a stack, then enter the SSH public key by copy-pasting the SSH key information.

    Note:

    If you use another SSH public key, the new SSH public key is used to access the nodes in the WebLogic server node pool. The SSH key for accessing the Administrator node is not changed, which you specified when creating a stack.
  6. Optional: For NodePool_Subnet_ID, if you want the node pool to be created in a specific private subnet, then specify the Oracle Cloud Identifier (OCID) of that private subnet.

    Note:

    • Ensure that the private subnet exists in the same VCN as the Kubernetes cluster.
    • If you want the node pool in another subnet, then you must to set following additional security rules:
      • In the oke_endpoint security list, allow access on ports 6443 and 12550 for the subnets where you want the nodepool created.
      • In the workers_subnet security list, allow access for all protocols for the destination subnet. This must be an ingress rule with the destination subnet CIDR being the source CIDR.

Configure the Load Balancer

Specify the parameters required to create a public load balancer for the application. The public load balancer is used to access applications on the WebLogic managed servers.

  1. For External_Lb_Shape_Min and External_Lb_Shape_Max, specify the minimum and maximum flexible shape for a public load balancer.

    By default, the minimum bandwidth size is set to 10 Mbps and maximum to 400 Mbps.

    Note:

    You can update the shape to a maximum of 8000 Mbps. Before you select the maximum bandwidth, ensure to check the available service limit for the flexible public load balancer bandwidth.
  2. Optional: Enter the LB_Subnet_ID of the load balancer subnet.

    Note:

    Ensure that the subnet exists in the same VCN as the Kubernetes cluster. If you do not specify the OCID, the load balancer is created in the same subnet as the load balancer subnet you specified during stack creation.
  3. Select Private_Load_Balancer, if you want to create a private load balancer for your applications.
  4. If you want to use a public load balancer with a reserved public IP, then in Reserved_Public_IP, specify the public IP for the load balancer.

    WARNING:

    If you create a load balancer in a private subnet, you must not specify the reserved public IP address, else the domain creation fails.

    Note:

    By default, the reserved public IP address that you specify as the loadBalancerIP property of the LoadBalancer service in the manifest file is expected to be a resource in the same compartment as the cluster. If you want to specify a reserved public IP address in a different compartment, add the following policy to the tenancy: 
    Allow any-user to read public-ips in tenancy where request.principal.type = 'cluster'
Allow any-user to manage floating-ips in tenancy where request.principal.type = 'cluster'

    See Specifying Load Balancer Reserved Public IP Addresses.

Configure Identity Cloud Service Integration

You have the option to use IDCS to authenticate application users for your domain. To enable IDCS, specify the parameters required to configure WebLogic Authentication with Oracle Identity Cloud Service (IDCS).

To use Oracle Identity Cloud Service for authentication:

  1. From IDCS_Enabled, select YES.
  2. For IDCS_Host_Name, specify the required host name.

    The default value of the port name is displayed. If required, you can override the port that you use to access Oracle Identity Cloud Service.

  3. For IDCS_Tenant, specify your IDCS tenant name, which is also referred to as the instance ID.

    This ID is usually found in the URL that you use to access IDCS, and has the format idcs-<GUID>

  4. For IDCS_Client_ID and IDCS_Client_Secret, specify the client ID and the password.
    The client ID and secret are from the confidential application that you created as a prerequisite to create a domain. See Create a Confidential Application.
  5. In IDCS_Redirect_Port, the default port used for the IDCS App Gateway is displayed. If required, you can override the default port.

Configure the Domain

If you are using the create domain on pv job to deploy a non-JRF domain, in the Provision with JRF section of the page, keep the default selection for Domain_Type as Non_JRF.

Create the Domain

Click Build to run the job.

After the job is successful, you can access the WebLogic Console. See Access the WebLogic Console.

Provision a JRF Domain

You can use the create domain on pv job to provision a JRF domain. The Oracle WebLogic Server domain includes the Java Required Files (JRF) components, network resources, Kubernetes cluster, compute instances, and load balancers. For more information about JRF domains, see JRF Domain.

Creating a JRF-enabled domain is similar to creating a basic domain; however, a database in Oracle Cloud Infrastructure is required. You can specify a database in Oracle Autonomous Database or Oracle Cloud Infrastructure Database (DB System). If you plan to use a DB System database, note that the DB System and the Oracle WebLogic Server for OKE compute instances must be in the same virtual cloud network (VCN).

Note:

  • For each schema that is created in the database, a data source is created in WebLogic Server. These data sources should not be used by applications deployed to the WebLogic domain after provisioning is complete. Instead, you must create independent data sources. See About Data Sources.
  • Oracle WebLogic Server 14c does not support JRF, so you cannot create a JRF domain using Oracle WebLogic Server 14.1.1.0.0.

The steps to provision a JRF domain is the same as those used for provisioning a non-JRF domain. See Provision a Non-JRF Domain.

Additionally, you should specify a database. See:

Provision a JRF Domain with an Autonomous Database

To create a JRF domain with an autonomous database:
  1. From Domain_Type, select JRF_with_ATP.
  2. For Database_OCID, specify the OCID of the autonomous database.
  3. For Database_Password, enter the database administrator password.
  4. For ATP_DB_LEVEL, specify the service level that the domain should use to connect to the selected autonomous database.

Provision a JRF Domain with an OCI Database

To create a JRF domain with an OCI database:
  1. From Domain_Type, select JRF_with_OCIDB.
  2. For Database_OCID, specify the OCID of the OCI database.
  3. For Database_Password, enter the database administrator password.
  4. For Database_Connection_String, enter the connect string to connect to the database:
    If you use Database_Connection_String, then you can skip specifying Database_OCID.

    WARNING:

    Do not use the database connect string example provided in the Oracle Database Connection String field , instead use the format specified in the following table.

    Table 3-1 Database Connect String for Database Version and Type

    Database Version Database Type Database Connection String

    12c and above

    VM

    //<db_hostname>-scan.<db_domain>:<db_port>/<pdb_name>.<db_domain>

    12c and above

    Bare Metal

    //<db_hostname>.<db_domain>:<db_port>/<pdb_name>.<db_domain>

    Note:

    If you use database connect string, then Oracle WebLogic Server for OKE creates a single instance datasource. However, you can update the data source for Oracle WebLogic Suite with Active GridLink data source and data source for Oracle WebLogic Server Enterprise Edition with multi data source. See Configuring Active GridLink Connection Pool Features and Configuring JDBC Multi Data Sources.

    If using Database System with connect string, security list is not created to access the database. You must ensure that the ports are open to access the database.