TheKoguryo's Tech Blog

Version 2023.10.13

Warning

This content has been generated by machine translation. The translations are automated and have not undergone human review or validation.

6.5 Deploying WebLogic Server to OKE via Verrazzano

When installing Verrazzano, WebLogic Operator is installed together. This content follows and organizes the contents in the document below, and describes how to use it if you want to migrate the application that is deployed and used from the existing on-premise to the WebLogic Server to the Kubernetes environment without modifying the WebLogic Server as a whole. content.

The procedure to perform is as follows.

  • Step #1. Prepare the same environment and apps assuming that WebLogic & MySQL-based applications are migrated
  • Step #2. Convert to metadata after analyzing existing WebLogic Server through WDT (WebLogic Deploy Tooling)
  • Step #3. Create container image and distribution file through WIT (WebLogic Image Tool)
  • Step #4. Create a WebLogic container in Verrazzano with the container image and deployment file you created.

Step #1. Prepare the same environment and apps assuming that WebLogic & MySQL-based applications are migrated

Prepare MySQL

  • In an actual on-premise environment, MySQL will be installed and used on a bare metal or VM, but here we use a Docker container for demonstration purposes.
  1. Download the MySQL image

    docker pull mysql:latest
    
  2. Start docker container

    Change the username and password to be used

    export MYSQL_USER=<your-mysql-username>
    export MYSQL_PASSWORD=<your-mysql-password>
    export MYSQL_ROOT_PASSWORD=<your-mysql-rootpassword>
    docker run --name tododb \
      -p 3306:3306 \
      -e MYSQL_USER=$MYSQL_USER \
      -e MYSQL_PASSWORD=$MYSQL_PASSWORD \
      -e MYSQL_DATABASE=tododb \
      -e MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD \
      -d mysql:latest
    
  3. Change password policy

    Default authentication method changed after MySQL 8.0 upgrade, set to previous authentication method for existing clients

    • Connect as root with the MySQL CLI client and enter the root password (your-mysql-rootpassword>)

      docker exec \
         -it tododb mysql \
         -uroot \
         -p
      
    • Change to basic authentication method

      ALTER USER '<your-mysql-username>'@'%' identified with mysql_native_password by '<your-mysql-password>';
      

Install WebLogic Server

  1. [Oracle WebLogic Server 12.2.1.4](https://docs.oracle.com/en/middleware/fusion-middleware/12.2.1.4/sysrs/system-requirements-and-specifications.html#GUID-E3CECEA2-348A -4493-A4A1-DF164A763687) Download and install 64-bit jdk1.8.0_211 or higher as per the requirements

  2. Installation

    unzip fmw_12.2.1.4.0_wls_lite_Disk1_1of1.zip
    java -jar fmw_12.2.1.4.0_wls_lite_generic.jar
    
  3. Set the installed ORACLE_HOME environment variable

    export ORACLE_HOME=/home/opc/fmw/wls12c
    

Create WebLogic domain

  1. Run the configuration wizard

    $ORACLE_HOME/oracle_common/common/bin/config.sh
    
  2. Create a tododomain domain in $ORACLE_HOME/user_projects/domains/tododomain based on default settings

    export DOMAIN_HOME=$ORACLE_HOME/user_projects/domains/tododomain
    
  3. Launch WebLogic Server

    $ORACLE_HOME/user_projects/domains/tododomain/bin/startWebLogic.sh
    

Create DataSource for MySQL Docker container

  1. Connect to WebLogic Admin Console, http://localhost:7001/console

  2. Select Services > Data Sources from the menu on the left side of the management console

  3. On the JDBC Data Sources page, select New > Generic Data Source

  4. On the Create Data Source page, enter the following information

    Name: tododb
    JNDI Name: jdbc/ToDoDB
    Database Type: MySQ
    
  5. Click next 3 times

  6. On the Create Data Source page, enter the following information

    Database Name: tododb
    Host name: localhost
    Database Port: 3306
    Database User Name: <your-mysql-username>
    Password: <your-mysql-password>
    Confirm Password: <your-mysql-password>
    Click Next.
    
  7. On the next page, click Test Configuration to run a connection test

  8. Go to the next page, select the destination as AdminServer and click Done

Deploy the sample application

  1. Assuming a typical Java application previously deployed in WAS, build it using the sample example.

  2. Build after copying the source code

    • git client, maven client installation required
    git clone https://github.com/verrazzano/examples.git
    cd examples/todo-list/
    mvn clean package
    
  3. After building, sub-target/todo.war is created

  4. Connect to WebLogic Admin Console, http://localhost:7001/console

  5. Select Deployment from the menu on the left side of the admin console

  6. Click Install to specify todo.war if present

  7. Click Next and deploy the app using default values thereafter

data initialization

  1. Access http://localhost:7001/todo/rest/items/init with a browser
  2. If data initialization succeeds after being connected to the MySQL Docker container, ToDos table initialized. Response message confirmed

application access

  1. If you access the application with the address http://localhost:7001/todo/index.html, you can see that the data is displayed normally.

    image-20220107155645958

Step #2. Convert to metadata after analyzing the existing WebLogic Server through WDT

This is a method of transferring the following contents through WDT Model through WebLogic Operator.

Create WebLogic Deploy Tooling (WDT) model

  1. Download and install WebLogic Deploy Tooling (WDT) with the command below.

    curl -OL https://github.com/oracle/weblogic-deploy-tooling/releases/latest/download/weblogic-deploy.zip
    unzip  weblogic-deploy.zip
    cd weblogic-deploy
    export WDT_HOME=$(pwd)
    
  2. Through discoverDomain.sh provided by WDT, DOMAIN_HOME where the app was previously deployed is analyzed and a metadata model is created as a result.

    • Before execution, jdk home must be set with export JAVA_HOME.
    mkdir v8o
    $WDT_HOME/bin/discoverDomain.sh \
      -oracle_home $ORACLE_HOME \
      -domain_home $DOMAIN_HOME \
      -model_file ./v8o/wdt-model.yaml \
      -archive_file ./v8o/wdt-archive.zip \
      -target vz \
      -output_dir v8o
    
  3. Execution result

    $ ls -la v8o/
    total 32
    drwxrwxr-x. 2 opc opc  4096 Jan  7 08:00 .
    drwxrwxr-x. 4 opc opc    67 Jan  7 08:00 ..
    -rwxr-x---. 1 opc opc  1944 Jan  7 08:00 create_k8s_secrets.sh
    -rw-r-----. 1 opc opc  3156 Jan  7 08:00 vz-application.yaml
    -rw-r-----. 1 opc opc    51 Jan  7 08:00 vz_variable.properties
    -rw-r-----. 1 opc opc 10671 Jan  7 08:00 wdt-archive.zip
    -rw-r-----. 1 opc opc  1179 Jan  7 08:00 wdt-model.yaml
    
    • create_k8s_secrets.sh - Help script to create kubernes secrets such as WebLogic manager information
    • vz-application.yaml - automatically generated YAML for deployment as a Verrazzano application
    • vz_variable.properties - variable values for deployment as a Verrazzano application
    • wdt-archive.zip - WDT archive file containing the previously distributed ToDO List application
    • wdt-model.yaml - WDT model for WebLogic Server domain

Step #3. Create container image and distribution file through WebLogic Image Tool

  1. Download and install WebLogic Image Tool with the command below.

    curl -OL https://github.com/oracle/weblogic-image-tool/releases/latest/download/imagetool.zip
    unzip imagetool.zip
    cd imagetool
    export WIT_HOME=$(pwd)
    
  2. Create a container image via WIT. To use the tool, the WebLogic installation zip file and JDK installation file downloaded earlier are required.

    • Modify the path where the installation file is located and modify the tag of the container image to be finally created to the desired value.
    # The directory created previously to hold the generated scripts and models.
    cd v8o
    
    $WIT_HOME/bin/imagetool.sh cache addInstaller \
      --path ~/stage/jdk-8u301-linux-x64.tar.gz \
      --type jdk \
      --version 8u301
    
    # The installer file name may be slightly different depending on
    # which version of the 12.2.1.4.0 installer that you downloaded, slim or generic.
    $WIT_HOME/bin/imagetool.sh cache addInstaller \
      --path ~/stage/fmw_12.2.1.4.0_wls_lite_Disk1_1of1.zip \
      --type wls \
      --version 12.2.1.4.0
    
    $WIT_HOME/bin/imagetool.sh cache addInstaller \
      --path $WDT_HOME/../weblogic-deploy.zip \
      --type wdt \
      --version latest
    
    # Paths for the files in this command assume that you are running it from the
    # v8o directory created during the `discoverDomain` step.
    $WIT_HOME/bin/imagetool.sh create \
      --tag <region-key>.ocir.io/<tenancy-namespace>/<username>/todo:1 \
      --version 12.2.1.4.0 \
      --jdkVersion 8u301 \
      --wdtModel ./wdt-model.yaml \
      --wdtArchive ./wdt-archive.zip \
      --wdtVariables ./vz_variable.properties \
      --resourceTemplates=./vz-application.yaml \
      --wdtModelOnly
    
  3. Push the created container image to the OCIR registry.

    docker push <region-key>.ocir.io/<tenancy-namespace>/<username>/todo:1
    

Step #4. Create a WebLogic container in Verrazzano with the container image and deployment file you created.

Creating and labeling namespaces

  1. On a single cluster basis:

    kubectl create namespace tododomain
    kubectl label namespace tododomain verrazzano-managed=true istio-injection=enabled
    

Create Secret

  1. Create a secret with the help script (v8o/create_k8s_secrets.sh) created by running WDT.

  2. Change the username and password below to the desired values.

    • weblogic administrator name, password
    • MySQL DB username and password to be used by the ToDo application
      • With the secret created here, you need to look at the MySQL that will be deployed to OKE. Examples that will be distributed later are set that way in advance.
    # Update <user> and <password> for weblogic-credentials
    create_paired_k8s_secret weblogic-credentials <user> <password>
    
    # Update <user> and <password> for jdbc-tododb
    create_paired_k8s_secret jdbc-tododb tododb <password>
    
    # Update <password> used to encrypt model and domain hashes
    # This secret is only required for model-in-image deployments
    create_k8s_secret runtime-encryption-secret <password>
    
  3. Run the script.

    • By default, it is created in the namespace of the domain name (tododomain). Note the create_k8s_secrets.sh setting
    $ ./create_k8s_secrets.sh
    secret/tododomain-weblogic-credentials created
    secret/tododomain-weblogic-credentials labeled
    secret/tododomain-jdbc-tododb created
    secret/tododomain-jdbc-tododb labeled
    secret/tododomain-runtime-encryption-secret created
    secret/tododomain-runtime-encryption-secret labeled
    $ kubectl get secret -n tododomain
    NAME                                   TYPE                                  DATA   AGE
    default-token-snckl                    kubernetes.io/service-account-token   3      7m58s
    tododomain-jdbc-tododb                 Opaque                                2      93s
    tododomain-runtime-encryption-secret   Opaque                                1      83s
    tododomain-weblogic-credentials        Opaque                                2      103s
    
  4. Create an imagePullSecret to pull images from OCIR. If you look at v8o/vz-application.yaml, you are using it as tododomain-registry-credentials. Create a secret with the same name.

    kubectl create secret docker-registry tododomain-registry-credentials \
      --docker-server=<region-key>.ocir.io \
      --docker-email=your.name@example.com \
      --docker-username=<tenancy-namespace>/<username> \
      --docker-password='<AUTH_TOKEN>' \
      --namespace=tododomain
    

Deploy the application to Verrazzano

The deployed example application is using MySQL DB as storage. MySQL DB is required to run applications on WebLogic Server transferred to OKE. In the document example, MySQL DB is deployed as a Verrazzano component, and the Data Source address is changed in v8o/vz-application.yaml to use the component. This deployed MySQL DB Component uses the jdbc-tododb secret that will be created prior to deployment.

Deploy MySQL Component

  1. Download the mysql-oam.yaml file.

  2. Deploy the downloaded YAML file as shown below.

    [opc@bastion-host v8o (|managed-cluster-1:default)]$ kubectl apply -f mysql-oam.yaml
    component.core.oam.dev/todo-mysql-service created
    component.core.oam.dev/todo-mysql-deployment created
    component.core.oam.dev/todo-mysql-configmap created
    [opc@bastion-host v8o (|managed-cluster-1:default)]$ kubectl get component -n tododomain
    NAME                    WORKLOAD-KIND   AGE
    todo-mysql-configmap    ConfigMap       13s
    todo-mysql-deployment   Deployment      13s
    todo-mysql-service      Service         13s
    

Update application configuration settings for Verrazzano deployment

  1. Add 3 components to v8o/vz-application.yaml

    apiVersion: core.oam.dev/v1alpha2
    kind: ApplicationConfiguration
    metadata:
      name: tododomain-appconf
      ...
    spec:
      components:
        - componentName: tododomain-domain
          ...
        - componentName: tododomain-configmap
        - componentName: todo-mysql-service
        - componentName: todo-mysql-deployment
        - componentName: todo-mysql-configmap
    
  2. Update URL of Data Source in v8o/vz-application.yaml

    apiVersion: core.oam.dev/v1alpha2
    kind: Component
    metadata:
      name: tododomain-configmap
      ...
    spec:
      workload:
        ...
        data:
          wdt_jdbc.yaml: |
            resources:
              JDBCSystemResource:
                'tododb':
                  JdbcResource:
                    JDBCDriverParams:
                      # This is the URL of the database used by the WebLogic Server application
                      URL: "jdbc:mysql://mysql.tododomain.svc.cluster.local:3306/tododb"        
    

Application (ToDo Application + MySQL) Deployment

  1. Deploy the application to OKE where Verrazzano is installed.

    $ kubectl apply -f vz-application.yaml
    applicationconfiguration.core.oam.dev/tododomain-appconf created
    component.core.oam.dev/tododomain-domain created
    component.core.oam.dev/tododomain-configmap created
    
  2. The tododomain-appconf application is deployed and a tododomain-domain of type VerrazzanoWebLogicWorkload is deployed.

    See #v8o/vz-application.yaml
    ...
    ---
    apiVersion: core.oam.dev/v1alpha2
    kind: Component
    metadata:
      name: tododomain-domain
      namespace: tododomain
    spec:
      workload:
        apiVersion: oam.verrazzano.io/v1alpha1
        kind: VerrazzanoWebLogicWorkload
    ...
    
  3. Distribution is complete and POD is started.

    $ kubectl get pod -n tododomain
    NAME                     READY   STATUS    RESTARTS   AGE
    mysql-7bfb67d9f8-gn4qc   2/2     Running   0          5m35s
    tododomain-adminserver   4/4     Running   0          3m16s
    
  4. Check the application address on istio.

    kubectl get gateway tododomain-tododomain-appconf-gw \
        -n tododomain \
        -o jsonpath={.spec.servers[0].hosts[0]}; echo
    
    • example result
    $ kubectl get gateway tododomain-tododomain-appconf-gw \
    >     -n tododomain \
    >     -o jsonpath={.spec.servers[0].hosts[0]}; echo
    tododomain-appconf.tododomain.thekoguryo.ml
    
  5. You can access the application by adding /todo.

    https://tododomain-appconf.tododomain.thekoguryo.ml/todo

  6. Initialize data the same as on-premise, and connect with MySQL DB Component to confirm that data is normally entered.

    https://tododomain-appconf.tododomain.thekoguryo.ml/todo/rest/items/init

Connect to WebLogic Admin Console

  1. In the default deployment, only the application is registered to the istio ingress, so the WebLogic Admin Console accesses it through port forwarding.

    kubectl port-forward pods/tododomain-adminserver 7001:7001 -n tododomain
    
  2. However, if there is a port forwarding error, you can add it for external access by exposing it to the ingress as shown below. Public IP access is not recommended for operation.

    • Add 2 lines including path: “/console” to vz-application.yaml as below and redeploy (kubectl apply -f vz-application.yaml).

      ...
      apiVersion: core.oam.dev/v1alpha2
      kind: ApplicationConfiguration
      metadata:
        name: tododomain-appconf
        ...
      spec:
        components:
          - componentName: tododomain-domain
            traits:
              - trait:
                  ...
              - trait:
                  apiVersion: oam.verrazzano.io/v1alpha1
                  kind: IngressTrait
                  spec:
                    rules:
                      - paths:
                          # application todo
                          - path: "/todo"
                            pathType: Prefix
                          - path: "/console"
                            pathType: Prefix
      ...
      
  3. Connect to /console instead of /todo from the previous address, and use the WebLogic administrator name and password entered in v8o/create_k8s_secrets.sh.

    https://tododomain-appconf.tododomain.thekoguryo.ml/console

    image-20220107184435029

monitoring

Log Monitoring (Elasticsearch / Kibana)

  1. Click the Kibana link in the Verrazzano console. SSO is configured, so additional login is not required.

  2. Create an index pattern with the verrazzano-namespace-hello-helidon namespace in the same way as for a single cluster and deployment.

  3. Container logs viewed with kubectl, logs collected for index patterns created by Kibana, and all collected logs on the target namespace are displayed.

    • Log lookup
    $ kubectl logs tododomain-adminserver -n tododomain -c weblogic-server -f
    ...
    <Jan 7, 2022 9:21:58,416 AM UTC> <Notice> <WebLogicServer> <BEA-000331> <Started the WebLogic Server Administration Server "AdminServer" for domain "tododomain" running in development mode.>
    <Jan 7, 2022 9:21:58,416 AM UTC> <Notice> <Server> <BEA-002613> <Channel "Default" is now listening on 10.244.1.15:7001 for protocols iiop, t3, ldap, snmp, http.>
    <Jan 7, 2022 9:21:58,416 AM UTC> <Notice> <Server> <BEA-002613> <Channel "http-probe" is now listening on 127.0.0.1:8888 for protocols http.>
    <Jan 7, 2022 9:21:58,416 AM UTC> <Notice> <Server> <BEA-002613> <Channel "http-probe-ext" is now listening on 10.244.1.15:8888 for protocols http.>
    <Jan 7, 2022 9:21:58,417 AM UTC> <Notice> <Server> <BEA-002613> <Channel "Default" is now listening on 10.244.1.15:7001 for protocols iiop, t3, ldap, snmp, http.>
    <Jan 7, 2022 9:21:58,417 AM UTC> <Notice> <Server> <BEA-002613> <Channel "http-probe" is now listening on 127.0.0.1:8888 for protocols http.>
    <Jan 7, 2022 9:21:58,417 AM UTC> <Notice> <Server> <BEA-002613> <Channel "http-probe-ext" is now listening on 10.244.1.15:8888 for protocols http.>
    <Jan 7, 2022 9:21:58,428 AM UTC> <Notice> <WebLogicServer> <BEA-000360> <The server started in RUNNING mode.>
    Successfully started server AdminServer ...
    ...
    

    -Kibana

    image-20220107213201264

Monitoring metrics (Prometheus / Grafana)

  1. Click the Grafana link in the Verrazzano console. SSO is configured, so additional login is not required.

  2. Select the WebLogic Server Dashboard among the default dashboards.

  3. You can monitor the status of WebLogic-based containers on all clusters managed by Verrazzano through the built-in WebLogic Server dashboard.

    image-20220107185037749



As an individual, this article was written with my personal time. There may be errors in the content of the article, and the opinions in the article are personal opinions.

Last updated on 7 Jan 2022