Thursday, November 10, 2022

Apex Ords Operator for Kubernetes

Requirement:

We often need to provision Apex and Ords for Dev , Stage, Prod. 
This is operator to automate Apex Oracle Application Express 19.1 and Ords oracle rest data service via kubernetes CRD ,it create a brand new Oracle 19c database statefulset,apex, ords deployment plus load balancer in the kubernetes cluster

Solution:

Full details and source codes are on github repository

Tuesday, November 08, 2022

OKE Admission Control Webhook Sample

Requirement:

We need implement a policy requested by security team that kubernetes service should have an annotation : service.beta.kubernetes.io/oci-load-balancer-security-list-management-mode: None Thus no security list will be updated by kuerbnetes. This is an example that how we build our own admission controller which implements various policies from security or other teams. ie we can add only internal loadbalancer is allowed for internal service.....etc

Solution:

  • Please refer github repo
  • git clone https://github.com/HenryXie1/oke-admission-webhook
  • go build -o oke-admission-webhook
  • docker build --no-cache -t repo-url/oke-admission-webhook:v1 .
  • rm -rf oke-admission-webhook
  • docker push repo-url/oke-admission-webhook:v1
  • ./deployment/webhook-create-signed-cert.sh --service oke-admission-webhook-svc --namespace kube-system --secret oke-admission-webhook-secret
  • kubectl replace --force -f deployment/validatingwebhook.yaml
  • kubectl replace --force -f deployment/deployment.yaml
  • kubectl replace --force -f deployment/service.yaml