Requirement:
We have many workloads running on top of weblogic cluster domain. It is not an easy task to setup weblogic cluster with just only
oracle weblogic docker images. Oracle is providing an open source new tool (Weblogic Kubernetes Operator) to make things easier. More details of this operator please refer
github link. This note is to follow the quickstart guide to create a stage weblogic cluster with domain in image (which is recommended)and use Traefik as load balancer and proxy server. Another useful blog is
weblogic-kubernetes-support-with-operator-20-v2
Solution:
Part1: Create Weblogic Cluster
- git clone https://github.com/oracle/weblogic-kubernetes-operator
- docker pull oracle/weblogic-kubernetes-operator:2.0
- test "docker login " as official weblogic docker images in docker hub need an account to access. We can get free account from docker website
- docker pull store/oracle/weblogic:12.2.1.3
- kubectl create namespace stage-weblogic-operator-ns
- kubectl create serviceaccount -n stage-weblogic-operator-ns stage-weblogic-operator-sa
- Install helm . Our tiller version is 2.8.2 . Please download correct helm version . Helm github link
- cd directory of git clone ie /home/k8suser/yaml/weblogic-kubernetes-operator/
- Run helm to install weblogic operator
helm install kubernetes/charts/weblogic-operator \
--name stage-weblogic-operator \
--namespace stage-weblogic-operator-ns \
--set serviceAccount=stage-weblogic-operator-sa \
--set "domainNamespaces={}" \
--wait
- kubectl create namespace stage-domain1-ns
- Update the namespace in helm
helm upgrade \
--reuse-values \
--set "domainNamespaces={stage-domain1-ns}" \
--wait \
stage-weblogic-operator \
kubernetes/charts/weblogic-operator
- Create weblogic credentials
./kubernetes/samples/scripts/create-weblogic-domain-credentials/create-weblogic-credentials.sh \ -u weblogic -p ***** -n stage-domain1-ns -d stage-domain1
- Create ocir secret in OCI to access images of private repository .Please refer my other note
kubectl create secret docker-registry iad-ocir-secret --docker-server=iad.ocir.io --docker-username='testenacy/henry.xie@test.com' --docker-password='*****' --docker-email='henry.xie@test.com' -n stage-domain1-ns
- cd kubernetes/samples/scripts/create-weblogic-domain/domain-home-in-image
- cp create-domain-inputs.yaml myinputs.yaml
- Modify myinputs.yaml to add this entry "imagePullSecretName: iad-ocir-secret"
- Modify myinputs.yaml to set exposeAdminNodePort to be true. "exposeAdminNodePort: true"
- Next step is to create domain.yaml file
- Check root user can access internet as it needs clone of docker files from github
- run as root as scripts connects to docker daemon to create new a docker image
- #cd kubernetes/samples/scripts/create-weblogic-domain/domain-home-in-image
- Create a new docker image and domain yaml file
#./create-domain.sh -i myinputs.yaml -o . -u weblogic -p ****
- A new domain.yaml will be created in ./weblogic-domains/stage-domain1
- Modify the domain.yaml to update the image details from "domain-home-in-image:12.2.1.3" to "iad.ocir.io/test/test/domain-home-in-image:12.2.1.3"
- #docker tag domain-home-in-image:12.2.1.3 iad.ocir.io/test/test/domain-home-in-image:12.2.1.3
- #docker push iad.ocir.io/test/test/domain-home-in-image:12.2.1.3 Please refer my other note
- kubectl apply -f ./weblogic-domains/stage-domain1/domain.yaml
- The weblogic console url would be like below. However as domain is in docker image, it is not recommended to start/stop managed server via console. Plus no configuration updates will be saved after pod is recreated. Modify domain configuration ,please refer this guide
http://<ip or hostname >:30701/console/login/LoginForm.jsp
- The output of pod status would like
$ kubectl get po -n stage-domain1-ns
NAME READY STATUS RESTARTS AGE
stage-domain1-admin-server 1/1 Running 0 1h
stage-domain1-managed-server1 1/1 Running 0 1h
stage-domain1-managed-server2 1/1 Running 0 1h
$ kubectl get po -n stage-weblogic-operator-ns
NAME READY STATUS RESTARTS AGE
weblogic-operator-6c44c764b5-4ssmf 1/1 Running 0 19h
$ kubectl get svc -n stage-domain1-ns
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
stage-domain1-admin-server ClusterIP None <none> 30012/TCP,7001/TCP 3m
stage-domain1-admin-server-external NodePort 10.96.123.243 <none> 7001:30701/TCP 16m
stage-domain1-cluster-cluster-1 ClusterIP 10.96.107.9 <none> 8001/TCP 3m
stage-domain1-managed-server1 ClusterIP None <none> 8001/TCP 5h
stage-domain1-managed-server2 ClusterIP None <none> 8001/TCP 5h
- We can deploy testwebapp via WLS console to all cluster nodes. The sample web application is located in the kubernetes/samples/charts/application directory. test the url via curl
curl http://<pod ip address>:8001/testwebapp/index.jsp
Part2: Create Load Balancer
- Weblogic Operator supports quite a few load balancer. Full list can be accessed via github link
- We choose traefik . Details in guide
- cd kubernetes/samples/charts/traefik
- helm init --client-only
- To install traefik in the same namespace of WLS domain
- helm install --name traefik-operator --namespace stage-domain1-ns --values values.yaml stable/traefik
- Once traefik is installed, Add one entry into local laptop hosts file to spoof hostname. "<Host IP address> traefik.example.com"
- We can access its dashboard http://traefik.example.com:30305/dashboard/
- Or use below curl test traefik dashboard
curl -H 'host: traefik.example.com' http://${HOSTNAME}:30305/
- Add host routing rule for testwebapp
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: traefik
name: traefik-hostrouting-1
namespace: stage-domain1-ns
spec:
rules:
- host: livesqlstg.test.com
http:
paths:
- path:
backend:
serviceName: stage-domain1-cluster-cluster-1
servicePort: 8001
- Add one entry into local laptop hosts file to spoof hostname. "<Host IP address> livesqlstg.test.com"
- We can access its dashboard http://livesqlstg.test.com:30305/testwebapp/
- Or use below curl test traefik dashboard
curl -H 'host: livesqlstg.test.com' http://${HOSTNAME}:30305/test/webapp
- Also you can see rule details on traefik dashboard
No comments:
Post a Comment