From 2fb80ae6ad709bce4471c300f2f8ae0b7eb99442 Mon Sep 17 00:00:00 2001 From: Manjunath Hegde Date: Tue, 26 Nov 2024 11:16:48 +0530 Subject: [PATCH] ohs_24.4.1_minorDocFixes (#229) --- .../ohs/create-ohs-container/_index.md | 90 +++++++------- .../ohs/create-or-update-image/_index.md | 63 +++++----- .../delete-ohs-container.md | 8 +- .../manage-ohs-containers/domain-lifecycle.md | 15 ++- .../manage-ohs-containers/modfy-ohs-config.md | 35 +++--- .../content/ohs/patch-and-upgrade/_index.md | 64 +++++----- .../ohs/prepare-your-environment/_index.md | 110 +++++++++--------- .../content/ohs/prerequisites/_index.md | 6 +- 8 files changed, 194 insertions(+), 197 deletions(-) diff --git a/docs-source/content/ohs/create-ohs-container/_index.md b/docs-source/content/ohs/create-ohs-container/_index.md index a0eab678..b24c8552 100644 --- a/docs-source/content/ohs/create-ohs-container/_index.md +++ b/docs-source/content/ohs/create-ohs-container/_index.md @@ -30,9 +30,9 @@ The nodeport is the entry point for OHS. For example `http://ohs.example.com:317 1. Edit the `$MYOHSFILES/ohs_service.yaml` and make the following changes: + `` to your namespace, for example `ohsns`. - + If you want your OHS node port to listen on something other that 31777 and 31443, change accordingly - + If you are using your own `httpd.conf` file and have changed the port to anything other than `7777`, you must change the `targetPort` and `port` to match. - + If you are using your own `ssl.conf` file and have changed the port to anything other than `4443`, you must change the `targetPort` and `port` to match. + + If you want your OHS node port to listen on something other that 31777 and 31443, change accordingly + + If you are using your own `httpd.conf` file and have changed the port to anything other than `7777`, you must change the `targetPort` and `port` to match. + + If you are using your own `ssl.conf` file and have changed the port to anything other than `4443`, you must change the `targetPort` and `port` to match. ``` @@ -63,15 +63,15 @@ The nodeport is the entry point for OHS. For example `http://ohs.example.com:317 **Note**: Administrators should be aware of the following: - + As this is a Kubernetes service the port is accessible on all the worker nodes in the cluster. - + If you create another OHS container on a different port, you will need to create another nodeport service for that OHS. + + As this is a Kubernetes service the port is accessible on all the worker nodes in the cluster. + + If you create another OHS container on a different port, you will need to create another nodeport service for that OHS. ``` - $ kubectl create -f $MYOHSFILES/ohs_service.yaml + $ kubectl create -f $MYOHSFILES/ohs_service.yaml ``` - The output will look similar to the following: + The output will look similar to the following: ``` service/ohs-domain-nodeport created @@ -79,17 +79,17 @@ The nodeport is the entry point for OHS. For example `http://ohs.example.com:317 1. Validate the service has been created using the command: - ``` + ``` $ kubectl get service -n - ``` + ``` - For example: + For example: ``` $ kubectl get service -n ohsns - ``` + ``` - The output will look similar to the following: + The output will look similar to the following: ``` NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE @@ -117,50 +117,50 @@ In this section you create the OHS container using the `ohs.yaml` file created i deployment.apps/ohs-domain created ``` - Run the following command to view the status of the pods: + Run the following command to view the status of the pods: - ```bash + ```bash $ kubectl get pods -n -w ``` - For example: + For example: ```bash $ kubectl get pods -n ohsns -w ``` - Whilst the OHS container is creating you, may see: + Whilst the OHS container is creating you, may see: - ``` + ``` NAME READY STATUS RESTARTS AGE ohs-domain-d5b648bc5-vkp4s 0/1 ContainerCreating 0 2m13s ``` - To check what is happening while the pod is in `ContainerCreating` status, you can run: + To check what is happening while the pod is in `ContainerCreating` status, you can run: - ``` - kubectl describe pod -n - ``` + ``` + kubectl describe pod -n + ``` - For example: + For example: - ``` - $ kubectl describe pod ohs-domain-d5b648bc5-vkp4s -n ohsns - ``` + ``` + $ kubectl describe pod ohs-domain-d5b648bc5-vkp4s -n ohsns + ``` - Once the container is created, it will go to a `READY` status of `0/1` with `STATUS` of `Running`. For example: + Once the container is created, it will go to a `READY` status of `0/1` with `STATUS` of `Running`. For example: ``` NAME READY STATUS RESTARTS AGE ohs-domain-d5b648bc5-vkp4s 1/1 Running 0 3m10s ``` - To check what is happening while the pod is in this status, you can run: + To check what is happening while the pod is in this status, you can run: - ``` - $ kubectl logs -f -n - ``` + ``` + $ kubectl logs -f -n + ``` Once everything is started you should see the OHS is running (`READY 1/1`): @@ -169,7 +169,7 @@ In this section you create the OHS container using the `ohs.yaml` file created i ohs-domain-d5b648bc5-vkp4s 1/1 Running 0 4m10s ``` - If there are any failures, follow [Troubleshooting](../troubleshooting). + If there are any failures, follow [Troubleshooting](../troubleshooting). @@ -186,20 +186,20 @@ To validate the OHS container file system: 1. Run the following command to get the name of the OHS container: - ```bash + ```bash $ kubectl get pods -n ``` - For example: + For example: ```bash $ kubectl get pods -n ohsns ``` - The output will look similar to the following: + The output will look similar to the following: - ``` + ``` NAME READY STATUS RESTARTS AGE ohs-domain-d5b648bc5-vkp4s 1/1 Running 0 5m34s ``` @@ -207,20 +207,20 @@ To validate the OHS container file system: 1. Run the following command to create a bash shell inside the container: ``` - kubectl exec -n -ti -- /bin/bash - ``` + $ kubectl exec -n -ti -- /bin/bash + ``` - For example: + For example: - ``` - kubectl exec -n ohsns -ti ohs-domain-79f8f99575-8qwfh -- /bin/bash + ``` + $ kubectl exec -n ohsns -ti ohs-domain-79f8f99575-8qwfh -- /bin/bash ``` - This will take you to a bash shell inside the container: + This will take you to a bash shell inside the container: - ``` - [oracle@ohs-domain-75fbd9b597-z77d8 oracle]$ - ``` + ``` + [oracle@ohs-domain-75fbd9b597-z77d8 oracle]$ + ``` 1. Inside the bash shell navigate to the `/u01/oracle/user_projects/domains/ohsDomain/config/fmwconfig/components/OHS/ohs1/` directory: @@ -228,7 +228,7 @@ To validate the OHS container file system: cd /u01/oracle/user_projects/domains/ohsDomain/config/fmwconfig/components/OHS/ohs1/ ``` - From within this directory, you can navigate around and list (`ls`) or `cat` any files you configured using the configmaps. + From within this directory, you can navigate around and list (`ls`) or `cat` any files you configured using the configmaps. diff --git a/docs-source/content/ohs/create-or-update-image/_index.md b/docs-source/content/ohs/create-or-update-image/_index.md index 81d24eda..6d2b5104 100644 --- a/docs-source/content/ohs/create-or-update-image/_index.md +++ b/docs-source/content/ohs/create-or-update-image/_index.md @@ -69,33 +69,33 @@ To set up the WebLogic Image Tool: 1. Execute the following commands to set up the WebLogic Image Tool: - ```bash - $ cd /imagetool-setup/imagetool/bin - $ source setup.sh - ``` + ```bash + $ cd /imagetool-setup/imagetool/bin + $ source setup.sh + ``` - For example: + For example: - ```bash - $ cd /scratch/imagetool-setup/imagetool/bin - $ source setup.sh - ``` + ```bash + $ cd /scratch/imagetool-setup/imagetool/bin + $ source setup.sh + ``` ##### Validate setup To validate the setup of the WebLogic Image Tool: 1. Enter the following command to retrieve the version of the WebLogic Image Tool: - ``` bash - $ imagetool --version - ``` + ``` bash + $ imagetool --version + ``` 1. Enter `imagetool` then press the Tab key to display the available `imagetool` commands: - ``` bash - $ imagetool - cache create help rebase update - ``` + ``` bash + $ imagetool + cache create help rebase update + ``` ##### WebLogic Image Tool build directory @@ -155,14 +155,13 @@ You must download the required Oracle HTTP Server installation binaries and patc The installation binaries and patches required are: * Oracle Web Tier 12.2.1.4.0 - * V983369-01.zip + * V983369-01.zip * Oracle JDK v8 - * jdk-8uXXX-linux-x64.tar.gz + * jdk-8uXXX-linux-x64.tar.gz * Oracle Database 19c Upgrade for FMW 12.2.1.4.0 (OID/OHS/OTD homes only) - - * Patch 34761383 DB Client 19c Upgrade for FMW 12.2.1.4.0 (OID/OHS/OTD homes only) + * Patch 34761383 DB Client 19c Upgrade for FMW 12.2.1.4.0 (OID/OHS/OTD homes only) ##### Update required build files @@ -190,17 +189,17 @@ The following files are used for creating the image: COPY --chown=oracle:root files/create-sa-ohs-domain.py files/configureWLSProxyPlugin.sh files/mod_wl_ohs.conf.sample files/provisionOHS.sh files/start-ohs.py files/stop-ohs.py files/helloWorld.html /u01/oracle/ WORKDIR ${ORACLE_HOME} CMD ["/u01/oracle/provisionOHS.sh"] - ``` + ``` - **Note:** `oracle:root` is used for OpenShift which has more stringent policies. Users who do not want those permissions can change to the permissions they require. + **Note:** `oracle:root` is used for OpenShift which has more stringent policies. Users who do not want those permissions can change to the permissions they require. 1. Create the `/imagetool-setup/docker-images/OracleHTTPServer/buildArgs` file as follows and change the following: + `` to your working directory, for example `/scratch/` - + `%BUILDTAG%` to the tag you want create for the image, for example `oracle/ohs:12.2.1.4-db19` - + `%JDK_VERSION%` to the version of your JDK, for example `8uXXX` - + `` to your [My Oracle Support](https://support.oracle.com) username + + `%BUILDTAG%` to the tag you want create for the image, for example `oracle/ohs:12.2.1.4-db19` + + `%JDK_VERSION%` to the version of your JDK, for example `8uXXX` + + `` to your [My Oracle Support](https://support.oracle.com) username ``` create @@ -235,7 +234,7 @@ The following files are used for creating the image: ``` - Refer to [this page](https://oracle.github.io/weblogic-image-tool/userguide/tools/create-image/) for the complete list of options available with the WebLogic Image Tool `create` command. + Refer to [this page](https://oracle.github.io/weblogic-image-tool/userguide/tools/create-image/) for the complete list of options available with the WebLogic Image Tool `create` command. ##### Create the image @@ -284,14 +283,14 @@ The following files are used for creating the image: 1. If you want to see what patches were installed, you can run: ``` - imagetool inspect --image=: --patches - ``` + $ imagetool inspect --image=: --patches + ``` - For example: + For example: - ``` - imagetool inspect --image=oracle/ohs:12.2.1.4-db19 --patches - ``` + ``` + $ imagetool inspect --image=oracle/ohs:12.2.1.4-db19 --patches + ``` 1. Run the following command to save the container image to a tar file: diff --git a/docs-source/content/ohs/manage-ohs-containers/delete-ohs-container.md b/docs-source/content/ohs/manage-ohs-containers/delete-ohs-container.md index c1b4b638..676386d1 100644 --- a/docs-source/content/ohs/manage-ohs-containers/delete-ohs-container.md +++ b/docs-source/content/ohs/manage-ohs-containers/delete-ohs-container.md @@ -28,14 +28,14 @@ The following commands show how to remove the OHS container, OHS nodeport servic $ kubectl delete cm -n ohsns webgate-config $ kubectl delete cm -n ohsns webgate-wallet $ kubectl delete cm -n ohsns ohs-wallet - ``` + ``` 1. Run the following command to delete the secrets: ``` - $ kubectl delete secret regcred -n ohsns - $ kubectl delete secret ohs-secret -n ohsns - ``` + $ kubectl delete secret regcred -n ohsns + $ kubectl delete secret ohs-secret -n ohsns + ``` 1. Run the following command to delete the namespace: diff --git a/docs-source/content/ohs/manage-ohs-containers/domain-lifecycle.md b/docs-source/content/ohs/manage-ohs-containers/domain-lifecycle.md index eb2ae101..b5c1ed0e 100644 --- a/docs-source/content/ohs/manage-ohs-containers/domain-lifecycle.md +++ b/docs-source/content/ohs/manage-ohs-containers/domain-lifecycle.md @@ -45,7 +45,7 @@ The number of OHS Servers running is dependent on the `replicas` parameter confi $ kubectl -n patch deployment ohs-domain -p '{"spec": {"replicas": }}' ``` - where `` is the number of OHS servers to start. + where `` is the number of OHS servers to start. In the example below, two additional OHS servers are started: @@ -66,7 +66,7 @@ The number of OHS Servers running is dependent on the `replicas` parameter confi $ kubectl get pods -n -w ``` - For example: + For example: ```bash $ kubectl get pods -n ohsns -w @@ -81,7 +81,7 @@ The number of OHS Servers running is dependent on the `replicas` parameter confi ohs-domain-d5b648bc5-vkp4s 1/1 Running 0 5h21m ``` - Two new OHS pods have now been created, in this example `ohs-domain-d5b648bc5-2q8bw` and `ohs-domain-d5b648bc5-qvdjn`. + Two new OHS pods have now been created, in this example `ohs-domain-d5b648bc5-2q8bw` and `ohs-domain-d5b648bc5-qvdjn`. 1. To check what is happening while the pods are in `ContainerCreating` status, you can run: @@ -91,9 +91,9 @@ The number of OHS Servers running is dependent on the `replicas` parameter confi 1. To check what is happening while the pods are in `0/1 Running` status, you can run: - ``` - $ kubectl logs -f -n - ``` + ``` + $ kubectl logs -f -n + ``` 1. Once everything is started you should see all the additional OHS containers are running (`READY 1/1`): @@ -116,7 +116,7 @@ As mentioned in the previous section, the number of OHS servers running is depen $ kubectl -n patch deployment ohs-domain -p '{"spec": {"replicas": }}' ``` - where `` is the number of OHS servers you want to run. + where `` is the number of OHS servers you want to run. In the example below, replicas is dropped to `1` so only one OHS is running: @@ -149,7 +149,6 @@ As mentioned in the previous section, the number of OHS servers running is depen ohs-domain-d5b648bc5-2q8bw 0/1 Terminating 0 12m ohs-domain-d5b648bc5-qvdjn 0/1 Terminating 0 12m ohs-domain-d5b648bc5-vkp4s 1/1 Running 0 5h31m - ``` Two pods now have a `STATUS` of `Terminating`. Keep executing the command until the pods have disappeared and you are left with the one OHS pod: diff --git a/docs-source/content/ohs/manage-ohs-containers/modfy-ohs-config.md b/docs-source/content/ohs/manage-ohs-containers/modfy-ohs-config.md index eea76979..bcca00f3 100644 --- a/docs-source/content/ohs/manage-ohs-containers/modfy-ohs-config.md +++ b/docs-source/content/ohs/manage-ohs-containers/modfy-ohs-config.md @@ -23,7 +23,7 @@ To edit the configuration files: ``` $ kubectl delete cm ohs-httpd -n ohsns $ kubectl delete cm ohs-config -n ohsns - ``` + ``` 1. Recreate the required configmaps: @@ -46,6 +46,7 @@ To edit the configuration files: ``` The output will look similar to the following: + ``` NAME READY STATUS RESTARTS AGE ohs-domain-d5b648bc5-vkp4s 1/1 Running 0 55s @@ -55,19 +56,19 @@ To edit the configuration files: ``` $ kubectl delete pod -n - ``` + ``` - For example: + For example: - ``` + ``` $ kubectl delete pod ohs-domain-d5b648bc5-vkp4s -n ohsns - ``` + ``` - The output will look similar to the following: + The output will look similar to the following: - ``` - pod "ohs-domain-d5b648bc5-vkp4s" deleted - ``` + ``` + pod "ohs-domain-d5b648bc5-vkp4s" deleted + ``` 1. Run the following command to make sure the pod has restarted: @@ -113,7 +114,7 @@ To edit the configuration files: $ kubectl get pods -n ``` - For example: + For example: ```bash $ kubectl get pods -n ohsns @@ -130,19 +131,19 @@ To edit the configuration files: ``` $ kubectl delete pod -n - ``` + ``` - For example: + For example: ``` $ kubectl delete pod ohs-domain-d5b648bc5-vkp4s -n ohsns - ``` + ``` - The output will look similar to the following: + The output will look similar to the following: - ``` - pod "ohs-domain-d5b648bc5-vkp4s" deleted - ``` + ``` + pod "ohs-domain-d5b648bc5-vkp4s" deleted + ``` 1. Run the following command to make sure the pod has restarted: diff --git a/docs-source/content/ohs/patch-and-upgrade/_index.md b/docs-source/content/ohs/patch-and-upgrade/_index.md index 464c8eef..70746f6b 100644 --- a/docs-source/content/ohs/patch-and-upgrade/_index.md +++ b/docs-source/content/ohs/patch-and-upgrade/_index.md @@ -11,18 +11,18 @@ This section shows you how to patch or upgrade the the OHS image used by an OHS 1. To show the version of the image the OHS container is currently running, run the following command: ``` - $ kubectl describe pod -n | grep Image - ``` + $ kubectl describe pod -n | grep Image + ``` - For example: + For example: ``` - $ kubectl describe pod ohs-domain-d5b648bc5-qsgts -n ohsns | grep Image - ``` + $ kubectl describe pod ohs-domain-d5b648bc5-qsgts -n ohsns | grep Image + ``` - The output will look similar to the following: + The output will look similar to the following: - ``` + ``` Image: container-registry.oracle.com/middleware/ohs_cpu:12.2.1.4-jdk8-ol8- Image ID: 9a7199ac903114793d6ad1f320010c3dbd59a39ad9bc987d926d3422a68603e7 ``` @@ -31,22 +31,22 @@ This section shows you how to patch or upgrade the the OHS image used by an OHS 1. Run the following command to update the container with the new image: ``` - $ kubectl set image deployment/ohs-domain -n ohs= - ``` + $ kubectl set image deployment/ohs-domain -n ohs= + ``` - For example: + For example: - ``` - $ kubectl set image deployment/ohs-domain -n ohsns ohs=container-registry.oracle.com/middleware/ohs_cpu:12.2.1.4-jdk8-ol8- - ``` + ``` + $ kubectl set image deployment/ohs-domain -n ohsns ohs=container-registry.oracle.com/middleware/ohs_cpu:12.2.1.4-jdk8-ol8- + ``` The output will look similar to the following: - ``` + ``` deployment.apps/ohs-domain image updated ``` - This command will perform a rolling restart of the OHS container by shutting down the existing OHS container and starting a new one. + This command will perform a rolling restart of the OHS container by shutting down the existing OHS container and starting a new one. 1. Run the following kubectl command to view the pods: @@ -68,22 +68,22 @@ This section shows you how to patch or upgrade the the OHS image used by an OHS ohs-domain-d5b648bc5-qsgts 1/1 Terminating 0 17h ``` - The existing OHS pod will move to a `STATUS` of `Terminating` and a new OHS pod will be started. + The existing OHS pod will move to a `STATUS` of `Terminating` and a new OHS pod will be started. - To check what is happening while the pods are in `ContainerCreating` status, you can run: + To check what is happening while the pods are in `ContainerCreating` status, you can run: - ``` - $ kubectl describe pod -n - ``` + ``` + $ kubectl describe pod -n + ``` - To check what is happening while the pods are in `0/1 Running` status, you can run: + To check what is happening while the pods are in `0/1 Running` status, you can run: - ``` - $ kubectl logs -f -n - ``` + ``` + $ kubectl logs -f -n + ``` - Keep running the `kubectl get pods -n ` command until the pod is `Running` and at `READY 1\1`: + Keep running the `kubectl get pods -n ` command until the pod is `Running` and at `READY 1\1`: ``` @@ -95,18 +95,18 @@ This section shows you how to patch or upgrade the the OHS image used by an OHS ``` - $ kubectl describe pod -n | grep Image - ``` + $ kubectl describe pod -n | grep Image + ``` - For example: + For example: ``` - $ kubectl describe pod ohs-domain-5c9c9879d-kpt9j -n ohsns | grep Image - ``` + $ kubectl describe pod ohs-domain-5c9c9879d-kpt9j -n ohsns | grep Image + ``` - The output will look similar to the following: + The output will look similar to the following: - ``` + ``` Image: container-registry.oracle.com/middleware/ohs_cpu:12.2.1.4-jdk8-ol8- Image ID: 118c5c3713ddd6804cb699ecd0c7bd4a26ebf7e1427c5351c63244b5eb74ca94 ``` diff --git a/docs-source/content/ohs/prepare-your-environment/_index.md b/docs-source/content/ohs/prepare-your-environment/_index.md index 5a03d24e..b7a8a57c 100644 --- a/docs-source/content/ohs/prepare-your-environment/_index.md +++ b/docs-source/content/ohs/prepare-your-environment/_index.md @@ -24,13 +24,13 @@ Check that all the nodes in the Kubernetes cluster are running. 1. Run the following command on the master node to check the cluster and worker nodes are running: - ```bash - $ kubectl get nodes,pods -n kube-system - ``` + ```bash + $ kubectl get nodes,pods -n kube-system + ``` The output will look similar to the following: - ``` + ``` NAME STATUS ROLES AGE VERSION node/worker-node1 Ready 17h v1.28.3+3.el8 node/worker-node2 Ready 17h v1.28.3+3.el8 @@ -49,7 +49,7 @@ Check that all the nodes in the Kubernetes cluster are running. pod/kube-proxy-82vvj 1/1 Running 0 17h pod/kube-proxy-nrgw9 1/1 Running 0 23h pod/kube-scheduler-master 1/1 Running 0 21h - ``` + ``` ## Obtain the OHS container image @@ -118,7 +118,6 @@ To deploy OHS you need to set up the code repository which provides sample deplo ```bash $ export SCRIPTDIR=/fmw-kubernetes/OracleHTTPServer/kubernetes - ``` For example: @@ -143,15 +142,15 @@ The steps below assume familiarity with on premises Oracle HTTP Server in terms 1. Make a directory to store your OHS configuration files: - ``` - mkdir -p - ``` + ``` + mkdir -p + ``` - For example: + For example: - ``` - mkdir -p /OHSK8S/myOHSfiles - ``` + ``` + mkdir -p /OHSK8S/myOHSfiles + ``` 1. Set the `$MYOHSFILES` environment variable as follows: @@ -159,7 +158,7 @@ The steps below assume familiarity with on premises Oracle HTTP Server in terms $ export MYOHSFILES= ``` - For example: + For example: ```bash $ export MYOHSFILES=/OHSK8S/myOHSfiles @@ -181,21 +180,21 @@ The steps below assume familiarity with on premises Oracle HTTP Server in terms + `httpconf` - contains any configuration files you want to configure that are usually found in the `$OHS_DOMAIN_HOME/config/fmwconfig/components/OHS/ohs1` directory. For example `httpd.conf`, `ssl.conf` and `mod_wl_ohs.conf`. The `webgate.conf` does not need to be copied as this will get generated automatically if deploying with WebGate. + `moduleconf` - contains any additional config files, for example virtual host configuration files that you want to copy to the `$OHS_DOMAIN_HOME/config/fmwconfig/components/OHS/ohs1/moduleconf` folder in the container. + `htdocs` - contains any html files, or similar, that you want to copy to the `$OHS_DOMAIN_HOME/config/fmwconfig/components/OHS/ohs1/htdocs` folder in the container. - + `htdocs/myapp` - `myapp` is an example directory name that exists under `htdocs`. If you need to copy any directories under `htdocs` above, then create the directories you require. + + `htdocs/myapp` - `myapp` is an example directory name that exists under `htdocs`. If you need to copy any directories under `htdocs` above, then create the directories you require. + `webgate/config` - contains the extracted WebGate configuration. For example, when you download the `.zip` file from Oracle Access Management Console, you extract the zip file into this directory. If you are accessing OAM URL's via SSL, this directory must also contain the Certificate Authority `cacert.pem` file that signed the certificate of the OAM entry point. For example, if you will access OAM via a HTTPS Load Balancer URL, then `cacert.pem` is the CA certificate that signed the load balancer certificate. + `webgate/config/wallet` - contains the contents of the wallet directory extracted from the `` file. - + `wallet/mywallet` - If OHS is to be configured to use SSL, this directory contains the preconfigured OHS Wallet file `cwallet.sso`. + + `wallet/mywallet` - If OHS is to be configured to use SSL, this directory contains the preconfigured OHS Wallet file `cwallet.sso`. - **Note**: Administrators should be aware of the following if configuring OHS for SSL: + **Note**: Administrators should be aware of the following if configuring OHS for SSL: - + The wallet must contain a valid certificate. - + Only auto-login-only wallets (`cwallet.sso` only) are supported. For example, wallets created with `orapki` using the `-auto-login-only` option. Password protected wallets (`ewallet.p12`) are not supported. - + You must configure `ssl.conf` in `$WORKDIR/ohsConfig/httpconf` and set the directory for `SSLWallet` to: `SSLWallet "${ORACLE_INSTANCE}/config/fmwconfig/components/${COMPONENT_TYPE}/instances/${COMPONENT_NAME}/keystores/wallet/mywallet"`. + + The wallet must contain a valid certificate. + + Only auto-login-only wallets (`cwallet.sso` only) are supported. For example, wallets created with `orapki` using the `-auto-login-only` option. Password protected wallets (`ewallet.p12`) are not supported. + + You must configure `ssl.conf` in `$WORKDIR/ohsConfig/httpconf` and set the directory for `SSLWallet` to: `SSLWallet "${ORACLE_INSTANCE}/config/fmwconfig/components/${COMPONENT_TYPE}/instances/${COMPONENT_NAME}/keystores/wallet/mywallet"`. An example file system may contain the following: - ``` + ``` ls -R $MYOHSFILES/ohsConfig /OHSK8S/myOHSfiles/ohsConfig: htdocs httpconf moduleconf wallet webgate @@ -227,7 +226,7 @@ The steps below assume familiarity with on premises Oracle HTTP Server in terms /OHSK8S/myOHSfiles/ohsConfig/webgate/config/wallet: cwallet.sso cwallet.sso.lck - ``` + ``` ### Set WLDNSRefreshInterval and WebLogicCluster directives @@ -263,8 +262,7 @@ For example, if you were connecting to the WebLogic Server Administration Server WLProxySSLPassThrough ON WLCookieName OAMJSESSIONID WebLogicCluster APPHOST1.example.com:7001,APPHOST2.example.com:7001 - - + ``` @@ -367,18 +365,18 @@ namespace/ohsns created 1. Run the following commands to create the required configmaps for the OHS directories and files created in [Prepare your OHS configuration files](#prepare-your-ohs-configuration-files). - ``` - cd $MYOHSFILES + ``` + cd $MYOHSFILES kubectl create cm -n ohsns ohs-config --from-file=ohsConfig/moduleconf kubectl create cm -n ohsns ohs-httpd --from-file=ohsConfig/httpconf kubectl create cm -n ohsns ohs-htdocs --from-file=ohsConfig/htdocs - kubectl create cm -n ohsns ohs-myapp --from-file=ohsConfig/htdocs/myapp + kubectl create cm -n ohsns ohs-myapp --from-file=ohsConfig/htdocs/myapp kubectl create cm -n ohsns webgate-config --from-file=ohsConfig/webgate/config kubectl create cm -n ohsns webgate-wallet --from-file=ohsConfig/webgate/config/wallet kubectl create cm -n ohsns ohs-wallet --from-file=ohsConfig/wallet/mywallet - ``` + ``` - **Note**: Only create the configmaps for directories that you want to copy to OHS. + **Note**: Only create the configmaps for directories that you want to copy to OHS. ### Create a Kubernetes secret for the container registry @@ -389,22 +387,22 @@ If you are not using a container registry and have loaded the images on each of 1. Run the following command to create the secret: ``` - $ kubectl create secret docker-registry "regcred" --docker-server= \ + $ kubectl create secret docker-registry "regcred" --docker-server= \ --docker-username="" \ --docker-password= --docker-email= \ --namespace= - ``` + ``` - For example, if using Oracle Container Registry: + For example, if using Oracle Container Registry: - ``` - $ kubectl create secret docker-registry "regcred" --docker-server=container-registry.oracle.com \ + ``` + $ kubectl create secret docker-registry "regcred" --docker-server=container-registry.oracle.com \ --docker-username="user@example.com" \ --docker-password=password --docker-email=user@example.com \ --namespace=ohsns - ``` + ``` - Replace `` and `` with the credentials for the registry with the following caveats: + Replace `` and `` with the credentials for the registry with the following caveats: If using Oracle Container Registry to pull the OHS container image, this is the username and password used to login to Oracle Container Registry. Before you can use this image you must login to [Oracle Container Registry](https://container-registry.oracle.com/) , navigate to `Middleware` > `ohs_cpu` and accept the license agreement. @@ -413,8 +411,8 @@ If you are not using a container registry and have loaded the images on each of The output will look similar to the following: ``` - secret/regcred created - ``` + secret/regcred created + ``` ### Create a Kubernetes secret for the OHS domain credentials @@ -423,22 +421,22 @@ In this section you create a secret that stores the credentials for the OHS doma 1. Run the following command to create the secret: ``` - $ kubectl create secret generic ohs-secret -n --from-literal=username=weblogic --from-literal=password='' + $ kubectl create secret generic ohs-secret -n --from-literal=username=weblogic --from-literal=password='' ``` For example: - ``` - $ kubectl create secret generic ohs-secret -n ohsns --from-literal=username=weblogic --from-literal=password='` - ``` + ``` + $ kubectl create secret generic ohs-secret -n ohsns --from-literal=username=weblogic --from-literal=password='` + ``` Replace `` with a password of your choice. The output will look similar to the following: - ``` - secret/ohs-secret created - ``` + ``` + secret/ohs-secret created + ``` @@ -449,24 +447,24 @@ In this section you prepare the `ohs.yaml` file ready for OHS deployment. 1. Copy of the sample yaml files to `$MYOHSFILES`: ``` - $ cd $MYOHSFILES - $ cp $SCRIPTDIR/*.yaml . - ``` + $ cd $MYOHSFILES + $ cp $SCRIPTDIR/*.yaml . + ``` 1. Edit the `$MYOHSFILES/ohs.yaml` and change the following parameters to match your installation: **Note**: - + ` ` to your namespace, for example `ohsns`. - + `` to the correct image tag on Oracle Container Registry. If you are using your own container registry for the image, you will need to change the `image` location appropriately. If your own container registry is open, you do not need the `imagePullSecrets`. - + During the earlier creation of the configmaps, and secret, if you changed the names from the given examples, then you will need to update the values accordingly. - + All configMaps are shown for completeness. Remove any configMaps that you are not using, for example if you don't require `htdocs` then remove the `ohs-htdocs` configMap. If you are not deploying webgate then remove the `webgate-config` and `webgate-wallet` configMaps, and so forth. - + If you have created any additional directories under `htdocs`, then add the additional entries in that match the configmap and directory names. + + ` ` to your namespace, for example `ohsns`. + + `` to the correct image tag on Oracle Container Registry. If you are using your own container registry for the image, you will need to change the `image` location appropriately. If your own container registry is open, you do not need the `imagePullSecrets`. + + During the earlier creation of the configmaps, and secret, if you changed the names from the given examples, then you will need to update the values accordingly. + + All configMaps are shown for completeness. Remove any configMaps that you are not using, for example if you don't require `htdocs` then remove the `ohs-htdocs` configMap. If you are not deploying webgate then remove the `webgate-config` and `webgate-wallet` configMaps, and so forth. + + If you have created any additional directories under `htdocs`, then add the additional entries in that match the configmap and directory names. + All configMaps used must mount to the directories stated. - + Ports can be changed if required. - + Set `DEPLOY_WG` to `true` or `false` depending on whether webgate is to be deployed. - + If using SSL change `` to the wallet directory created under `ohsConfig/webgate/config/wallet`, for example `mywallet`. + + Ports can be changed if required. + + Set `DEPLOY_WG` to `true` or `false` depending on whether webgate is to be deployed. + + If using SSL change `` to the wallet directory created under `ohsConfig/webgate/config/wallet`, for example `mywallet`. + `initialDelaySeconds` may need to be changed to 10 on slower systems. See, [Issues with LivenessProbe](../troubleshooting/#issues-with-livenessprobe). diff --git a/docs-source/content/ohs/prerequisites/_index.md b/docs-source/content/ohs/prerequisites/_index.md index 1250d97b..0c4da9b5 100644 --- a/docs-source/content/ohs/prerequisites/_index.md +++ b/docs-source/content/ohs/prerequisites/_index.md @@ -13,10 +13,10 @@ This document provides information about the system requirements and limitations * A running Kubernetes cluster that meets the following requirements: - * The Kubernetes cluster must have sufficient nodes and resources. - * A supported container engine must be installed and running on the Kubernetes cluster. + * The Kubernetes cluster must have sufficient nodes and resources. + * A supported container engine must be installed and running on the Kubernetes cluster. * The Kubernetes cluster and container engine must meet the minimum version requirements outlined in document ID 3058838.1 on [My Oracle Support](https://support.oracle.com). - * The system clocks on node of the Kubernetes cluster must be synchronized. Run the `date` command simultaneously on all the nodes in each cluster and then syncrhonize accordingly. + * The system clocks on node of the Kubernetes cluster must be synchronized. Run the `date` command simultaneously on all the nodes in each cluster and then syncrhonize accordingly. **Note**: This documentation does not tell you how to install a Kubernetes cluster, the container engine, or how to push container images to a container registry.