Oracle by Example brandingGet Started with Oracle WebLogic Server for OKE

section 0Before You Begin

This 45-minute tutorial shows you how to create a stack using Oracle Cloud Infrastructure Container Engine for Kubernetes, Marketplace and Resource Manager, and how to create a domain using the Jenkins CI/CD pipleine job.

Background

Oracle WebLogic Server for Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) is available as a set of applications in the Oracle Cloud Infrastructure Marketplace. You use an Oracle WebLogic Server for OKE to create a stack with the WebLogic administration server running in different pods in Kubernetes cluster. The application also provisions a private load balancer to provide access to the WebLogic Server administration console and the Jenkins console. Marketplace uses Resource Manager to provision the network, compute instances, load balancers, and Kubernetes components as a single unit called a stack.

Oracle Cloud Infrastructure Marketplace offers separate applications for:

  • Oracle WebLogic Server Enterprise Edition
  • Oracle WebLogic Suite

This tutorial uses Oracle WebLogic Server for OKE resource manager to create a virtual cloud network (VCN) and subnets in Oracle Cloud Infrastructure to support WebLogic Server, Kubernetes, and the load balancers. But you can also use an existing VCN and existing subnets if desired. Note that Oracle WebLogic Server for OKE creates administration host compute instance, public subnets for the load balancers and the bastion compute instance, and private subnets for the Kubernetes components and file storage. We recommend you follow the same architecture when using existing subnets.

This tutorial uses the Jenkins job to create a WebLogic domain that does not require a database. The job also creates a public load balancer to distribute traffic across the managed servers in your domain.

Provisioning a stack in Oracle WebLogic Server for OKE requires a secret in Oracle Cloud Infrastructure Vault. This secret contains the auth token to access the Oracle Cloud Infrastructure Registry. This tutorial uses a standard vault, which is hosted on a hardware security module (HSM) partition with multiple tenants, and uses a more cost-efficient, key-based metric for billing purposes. A virtual private vault provides greater isolation and performance by allocating a dedicated partition on an HSM. Each type of vault has a separate service limit in your Oracle Cloud Infrastructure tenancy. The limit for secrets spans all vaults. See Service Limits and Oracle Cloud Infrastructure Vault FAQ.

You can estimate the cost of the resources and services that you want to use to provision your instance. See Oracle Cloud Cost Estimator.

What Do You Need?

section 1Create a Vault

  1. Sign in to the Oracle Cloud Infrastructure console.
  2. Click the navigation menu Menu icon, select Identity & Security, and then click Vault.
  3. Select your Compartment, if not already selected.
  4. Click Create Vault.
  5. Enter WebLogicOKEVault in the Name field.
  6. Click Create.

    Wait for the vault to be created.

section 2Create Secrets for Registry User

  1. In the vault, click the vault name.
  2. Click Secrets, and then click Create Secret.
  3. Enter TokenSecret in the Name field.
  4. For Secret Contents, enter your authentication token.
  5. Click Create Secret.

    Wait for the secret to be created.

  6. Click the secret name.
  7. Copy the OCID of the secret for the authentication token associated with your Oracle Cloud Infrastructure user name.

section 3Create the Stack

  1. Click the navigation menu Menu icon, select Marketplace and click All Applications.
  2. Click one of the following Oracle WebLogic applications:
    • Oracle WebLogic Server Enterprise Edition for OKE BYOL
    • Oracle WebLogic Server Enterprise Edition for OKE UCM
    • Oracle WebLogic Suite for OKE BYOL
    • Oracle WebLogic Suite for OKE UCM
  3. Select the Oracle WebLogic Server for OKE release version from the list.
  4. Select the Compartment in which to create the stack.
  5. Select the Oracle Standard Terms and Restrictions check box, and then click Launch Stack.

    The Create Stack page displays.

  6. Enter mylwlsokestack in the Name field.
  7. Click Next.

    The Configure Variables page displays.

  8. Enter mywlsoke in the Resource Name Prefix field.

    You must use lowercase characters for the resource name prefix.

  9. For SSH Public Key, browse to select the SSH public key file and upload the file, or paste the contents of the SSH public key file.

    After creating the stack, you can connect to the administration instance and the virtual machines (VMs) of the non-WebLogic node pools using the SSH key.

  10. For Virtual Cloud Network Strategy, select Create New VCN.

    Oracle WebLogic Server for OKE can create a new network and subnets to support this stack.

    This tutorial uses the same compartment for Network Compartment
  11. For WebLogic Server Network CIDR, enter the network address to assign to the new VCN for the Kubernetes cluster, compute instances, and load balancers.
  12. For Bastion Host Subnet CIDR, enter the network address of the public subnet for the bastion host.
  13. For Administration Host Subnet CIDR, enter the network address of the private subnet for the administration host.
  14. For File System and Mount Target Subnet CIDR, enter the network address of the private subnet for file system and mount target.
  15. For Kubernetes Cluster Subnet CIDR, enter the network address of the private subnet for the Kubernetes cluster and node pool.
  16. For Kubernetes API Endpoint Cluster Subnet CIDR, enter the network address of the private subnet.
  17. For Minimum Bandwidth for Jenkins Load Balancer and for Maximum Bandwidth for Jenkins Load Balancer, retain the default values.
  18. For Kubernetes Version, enter the version to use.

    The latest Kubernetes version is displayed by default.

  19. For Non-WebLogic Node Pool Shape, select the shape of the compute instances.

    20. If you select a flexible shape, move the slider to specify the OCPU count and the amount of memory to be allocated to each node in the Non-WebLogic node pool.

  20. For Nodes in the Node Pool for Non-WebLogic Pods, select 2.
  21. For WebLogic Node Pool Shape, select the shape of the compute instances.

    22. If you select a flexible shape, move the slider to specify the OCPU count and the amount of memory to be allocated to each node in the WebLogic node pool.

  22. For Nodes in the Node Pool for WebLogic Pods, select 2.
  23. For network configuration of Kubernetes:
    • Enter the network address to be used for the Kubernetes pods in Pods CIDR field.
    • Enter the network address to be used for the Kubernetes services in Services CIDR field.

      • Ensure that the CIDR blocks for pods and services do not overlap with the VCN CIDR block.

  24. For Availability Domain for Compute Instances, select the availability domain in which to create the compute instances.
  25. For Administration Instance Compute Shape and Bastion Instance Shape, select the shape of each instance type.

    If you select a flexible shape, move the slider to specify the OCPU count and the amount of memory to be allocated to the compute instances. See Compute Shapes.

  26. For Availability Domain for File System, select the availability domain in which to create the file system and mount target.
  27. For Registry User Name, enter your user name, which is used to access repositories in the Oracle Cloud Infrastructure Registry.

    The registry user name format is tenancy_namespace/<username>. If your tenancy is federated with Oracle Identity Cloud Service, then the registry user name format is tenancy_namespace/oracleidentitycloudservice/<username>.

    You can choose either to include the tenancy_namespace or remove the tenancy_namespace in the user name format. For example, you can either use tenancy_namespace/<username> or <username>.

    Note: If you choose to include tenancy_namespace in the user format, ensure that you use the correct namespace for your tenancy..

  28. For OCIR Auth Token Compartment, select the compartment where you have the OCI Secret that contains the auth token.
  29. For Validated Secret for OCIR Auth Token, select the secret that contains the authentication token for your user name in Oracle Cloud Infrastructure.
  30. Click Next.
  31. Click Create.

    The Job Details page in Oracle Resource Manager is displayed.

    An Apply job is started to provision your stack.
    To return to this page at a later time, click the navigation menu Menu icon, select Developer Services. Under the Resource Manager group, click Jobs.

  32. Periodically monitor the progress of the Apply job until it is finished.

    If an email address is associated with your user profile, you will receive an email notification.

  33. If the job fails, click the job name to view the logs.

section 4Access the Administration Compute Instance

  1. From the stack's Job Details page of the successful apply job, under Resources, click Outputs.
  2. Copy the values of admin_instance_private_ip and bastion_instance_public_ip.
  3. From your computer, open an SSH connection to the administration instance's private IP address by specifying the bastion instance's public IP address as a proxy. Connect as the opc user and provide the path to the private key that corresponds to the public key that you specified when you created the stack.

    The SSH command format is:

    ssh -i path_to_private_key -o ProxyCommand="ssh -W %h:%p –i path_to_private_key opc@bastion_public_ip" opc@admin_private_ip

    For example:

    ssh -i ~/.ssh/mykey.openssh -o ProxyCommand="ssh -W %h:%p -i ~/.ssh/mykey.openssh opc@198.51.100.1" opc@10.0.2.3

    On a Windows platform, you can use Windows PowerShell to run the SSH command.
  4. If prompted, enter the passphrase for the private key.
  5. When connected, you'll see the following:

    [opc@mywlsoke-admin ~]$

section 5Access the Jenkins Console

  1. Return to the top of your stack's apply Job Details page in the Oracle Cloud Infrastructure console, and under Resources, click Outputs.
  2. Copy the value of bastion_instance_public_ip.
  3. Click Logs, then find and copy the URL value of jenkins_console_url.
  4. From your computer, open an SSH tunnel to use dynamic port forwarding to an unused port on the bastion compute instance. Connect as the opc user and provide the path to the private key that corresponds to the public key that you specified when you created the stack.

    The SSH command format is:

    ssh -C -D port_for_socks_proxy -fCqN -i path_to_private_key opc@bastion_public_ip

    The following example uses port 1088 for SOCKS proxy:

    ssh -C -D 1088 -fCqN -i ~/.ssh/mykey.openssh opc@198.51.100.1

    On a Windows platform, you can use Windows PowerShell to run the SSH command.
  5. In your browser settings, set up the SOCKS (version 5) proxy configuration. Specify your local computer and the same SOCKS port that you used in your SSH command.
  6. Browse to the Jenkins console URL.

    If you are a first time user, you are prompted to create a new administration user.

section 6Create a Domain

  1. Sign in to the Jenkins console for your domain. See Access the Jenkins Console.
  2. On the Dashboard page, click create domain.
  3. Click Build with Parameters.

    4. Note: To view the parameters, you need to approve the scripts. See Approve Scripts.

  4. For Domain_Name, enter mylwlsokedomain.
  5. For Administration_Username, enter the administrator user name for the new WebLogic Server domain
  6. For Administration_Password, enter the password for the WebLogic Server administrator.
  7. For Managed_Server_Count, select 2.
  8. Select Patch_Automatically to subscribe the domain for automatic patching.

    9. This tutorial uses the same registry credentials specified when creating a stack to access the container images in the Oracle Cloud Infrastructure Registry (OCIR).

  9. For WebLogic_Node_Pool_Type, select Create_Node_Pool.
  10. For Node_Count, select 2.
  11. For WebLogic_Node_Pool_Shape, select the shape of the compute instances with 2 or more OPCUs.

    12. If you select a flexible shape, specify the OCPU count and the amount of memory to be allocated to each node in the WebLogic node pool. The amount of memory allowed is based on the number of OCPUs selected. See Flexible Shapes

    This tutorial uses the same key specified when creating a stack to connect to the virtual machines (VMs) of the WebLogic node pools.

  12. For External_Lb_Shape_Min and for External_Lb_Shape_Max, retain the default values.
  13. Click Build to run the job.

    14. If the job fails, you can view the details in the Console Output.   

section 4Access the WebLogic Server Console

  1. From the stack's Job Details page of the successful apply job, click Application Information.
  2. Copy the IP value of Bastion Instance Public IP. For example:

    Bastion Instance Public IP: 198.51.100.1

  3. From your computer, open an SSH tunnel to use dynamic port forwarding to an unused port on the bastion compute instance. Connect as the opc user and provide the path to the private key that corresponds to the public key that you specified when you created the stack.

    The SSH command format is:

    ssh -C -D port_for_socks_proxy -i path_to_private_key opc@bastion_public_ip

    The following example uses port 1088 for SOCKS proxy:

    ssh -C -D 1088 -i ~/.ssh/mykey.openssh opc@198.51.100.1

    On a Windows platform, you can use Windows PowerShell to run the SSH command.
  4. If prompted, enter the passphrase for the private key.
  5. When connected, you'll see the following:

    [opc@mywlsoke-bastion-admin ~]$

  6. In your browser settings, set up the SOCKS (version 5) proxy configuration. Specify your local computer and the same SOCKS port that you used in your SSH command.
  7. Browse to the WebLogic Console URL.

    8. The URL format is: http://<jenkins_lb_IP>/<domainname>/console

    For example: http://10.0.2.3/mylwlsokedomain/console

    The WebLogic Server Administration Console login page is displayed.

section 6Delete the Stack (Optional)

    Make sure you have deleted the resources before you delete the stack. See Terminate a Domain.

  1. In the Oracle Cloud Infrastructure console, click the navigation menu Menu icon, select Developer Services. Under the Resource Manager group, click Stacks.
  2. Click MyWLStack.
  3. Click Terraform Actions, and then select Destroy.
  4. When prompted for confirmation, click Destroy.
  5. Periodically monitor the progress of the Destroy job until it is finished. Ensure that all resources of the stack are deleted successfully.

    If an email address is associated with your user profile, you will receive an email notification.

  6. Click Delete Stack.

more informationWant to Learn More?