Publishing recent fixes WCC (#155)

oracle · Feb 8, 2023 · b5751b1 · b5751b1
1 parent 00fe2b1
commit b5751b1
Show file tree

Hide file tree

Showing 8 changed files with 211 additions and 13 deletions.
diff --git a/OracleWebCenterContent/kubernetes/create-wcc-domain/domain-home-on-pv/autoinstall.cfg.cs b/OracleWebCenterContent/kubernetes/create-wcc-domain/domain-home-on-pv/autoinstall.cfg.cs
@@ -1,4 +1,4 @@
-# Copyright (c) 2021, 2022, Oracle and/or its affiliates.
+# Copyright (c) 2021, 2023, Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 #
 
@@ -14,6 +14,7 @@
 InstanceMenuLabel=@INSTALL_HOST_NAME@@UCM_PORT@
 InstanceDescription=Instance @INSTALL_HOST_NAME@@UCM_PORT@
 HttpServerAddress=@INSTALL_HOST_FQDN@:@UCM_PORT@
+UseSSL=@SSL_ENABLED@
 MailServer=mail.oracle.com
 SysAdminAddress=[email protected]
 

diff --git a/OracleWebCenterContent/kubernetes/create-wcc-domain/domain-home-on-pv/autoinstall.cfg.ibr b/OracleWebCenterContent/kubernetes/create-wcc-domain/domain-home-on-pv/autoinstall.cfg.ibr
@@ -1,4 +1,4 @@
-# Copyright (c) 2021, Oracle and/or its affiliates.
+# Copyright (c) 2021, 2023, Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 #
 
@@ -15,6 +15,7 @@ InstanceMenuLabel=@INSTALL_HOST_NAME@@IBR_PORT@
 InstanceDescription=Instance @INSTALL_HOST_NAME@@IBR_PORT@
 SocketHostAddressSecurityFilter=127.0.0.1|0:0:0:0:0:0:0:1|*.*.*.*
 HttpServerAddress=@INSTALL_HOST_FQDN@:@IBR_PORT@
+UseSSL=@SSL_ENABLED@
 
 # Intradoc port
 IntradocServerPort.ibr_server1=@IBR_INTRADOC_PORT@

diff --git a/...ntent/kubernetes/create-wcc-domain/domain-home-on-pv/oke-start-managed-servers-wrapper.sh b/...ntent/kubernetes/create-wcc-domain/domain-home-on-pv/oke-start-managed-servers-wrapper.sh
@@ -1,20 +1,21 @@
 #!/bin/bash
-# Copyright (c) 2021, 2022, Oracle and/or its affiliates.
+# Copyright (c) 2021, 2023, Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 #
 
 function  usage {
-  echo usage: ${script} -o path_to_output_dir -l load_balancer_external_ip -p load_balancer_port [-u ucm_intradocport] [-i ibr_intradocport] [-h]
+  echo usage: ${script} -o path_to_output_dir -l load_balancer_external_ip -p load_balancer_port [-u ucm_intradocport] [-i ibr_intradocport] [-s ssl_termination] [-h]
   echo "  -o output directory which was used during domain creation to generate yaml files, must be specified."
   echo "  -l load balancer external ip, must be specified."
   echo "  -p load balancer port, must be specified."
   echo "  -u ucm intradocport, optional"
   echo "  -i ibr intradocport, optional"
+  echo "  -s provide if ssl termination at loadbalancer is used (acceptable value is either true or false) - optional"
   echo "  -h Help"
   exit $1
 }
 
-while getopts "ho:l:p:u:i:" opt; do
+while getopts "ho:l:p:u:i:s:" opt; do
   case $opt in
 	o) outputDir="${OPTARG}"
 	;;
@@ -26,6 +27,8 @@ while getopts "ho:l:p:u:i:" opt; do
 	;;
 	i) IBRIntradocPort="${OPTARG}"
 	;;
+	s) SSLTermination="${OPTARG}"
+	;;
 	h) usage 0
 	;;
 	*) usage 1
@@ -56,6 +59,10 @@ if [ -z ${IBRIntradocPort} ]; then
      IBRIntradocPort=5555
 fi
 
+if [ -z ${SSLTermination} ]; then
+     SSLTermination=false
+fi
+
 function wait_admin_pod {
 echo "Waiting for $adminPod Pod startup to kick in."
 sleep 50s
@@ -114,6 +121,12 @@ adminServerName=${adminServerName//*adminServerName: /};
 managedServerNameBase=$(grep  'managedServerNameBase:' create-domain-inputs.yaml);
 managedServerNameBase=${managedServerNameBase//*managedServerNameBase: /};
 
+sslEnabled=$(grep  'sslEnabled:' create-domain-inputs.yaml);
+sslEnabled=${sslEnabled//*sslEnabled: /};
+
+loadBalancerType=$(grep  'loadBalancerType:' create-domain-inputs.yaml);
+loadBalancerType=${loadBalancerType//*loadBalancerType: /};
+
 adminPod=$domainUID-$adminServerName
 ucmPod=$domainUID-$managedServerNameBase
 
@@ -140,18 +153,31 @@ then
     truncatedhostname=${truncatedhostname:0:14}
 fi
 
-sed -i "s/@UCM_PORT@/$UCM_PORT/g" autoinstall.cfg.cs
+if [ $loadBalancerType == "nginx" ]; then
+	sed -i "s/:@UCM_PORT@//g" autoinstall.cfg.cs
+	sed -i "s/@UCM_PORT@/$UCM_PORT/g" autoinstall.cfg.cs
+else
+	sed -i "s/@UCM_PORT@/$UCM_PORT/g" autoinstall.cfg.cs
+fi
+
 sed -i "s/@INSTALL_HOST_FQDN@/$hostname/g" autoinstall.cfg.cs
 sed -i "s/@INSTALL_HOST_NAME@/$hostalias/g" autoinstall.cfg.cs
 sed -i "s/@HOST_NAME_PREFIX@/$truncatedhostname/g" autoinstall.cfg.cs
 sed -i "s/@UCM_INTRADOC_PORT@/$UCM_INTRADOC_PORT/g" autoinstall.cfg.cs
 
+if [ "${SSLTermination}" == "true" ]; then
+	sed -i "s/@SSL_ENABLED@/$SSLTermination/g" autoinstall.cfg.cs
+else
+	sed -i "s/@SSL_ENABLED@/$sslEnabled/g" autoinstall.cfg.cs
+fi
+
 kubectl cp  autoinstall.cfg.cs $domainNS/$domainUID-ucm-server1:/u01/oracle/user_projects/domains/$domainUID/ucm/cs/bin/autoinstall.cfg
 
 sed -i "s/@IBR_PORT@/$IBR_PORT/g" autoinstall.cfg.ibr
 sed -i "s/@INSTALL_HOST_FQDN@/$hostname/g" autoinstall.cfg.ibr
 sed -i "s/@INSTALL_HOST_NAME@/$hostalias/g" autoinstall.cfg.ibr
 sed -i "s/@IBR_INTRADOC_PORT@/$IBR_INTRADOC_PORT/g" autoinstall.cfg.ibr
+sed -i "s/@SSL_ENABLED@/$sslEnabled/g" autoinstall.cfg.ibr
 
 kubectl cp  autoinstall.cfg.ibr $domainNS/$domainUID-ibr-server1:/u01/oracle/user_projects/domains/$domainUID/ucm/ibr/bin/autoinstall.cfg
 

diff --git a/...erContent/kubernetes/create-wcc-domain/domain-home-on-pv/start-managed-servers-wrapper.sh b/...erContent/kubernetes/create-wcc-domain/domain-home-on-pv/start-managed-servers-wrapper.sh
@@ -1,21 +1,22 @@
 #!/bin/bash
-# Copyright (c) 2021, 2022, Oracle and/or its affiliates.
+# Copyright (c) 2021, 2023, Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 #
 
 function  usage {
-  echo usage: ${script} -o path_to_output_dir -p load_balancer_port -n node_port [-m ucm_node_port] [-u ucm_intradocport] [-i ibr_intradocport] [-h]
+  echo usage: ${script} -o path_to_output_dir -p load_balancer_port -n node_port [-m ucm_node_port] [-u ucm_intradocport] [-i ibr_intradocport] [-s ssl_termination] [-h]
   echo "  -o output directory which was used during domain creation to generate yaml files, must be specified."
   echo "  -p load balancer port, must be specified."
   echo "  -n node port, to be used for exposing IBR intradoc-port (suggested value should be within a range of 30000-32767) - must be specified."
   echo "  -m ucm node port, to be used for exposing UCM intradoc-port (suggested value should be within a range of 30000-32767) - optional."
   echo "  -u ucm intradocport, optional"
   echo "  -i ibr intradocport, optional"
+  echo "  -s provide if ssl termination at loadbalancer is used (acceptable value is either true or false) - optional"
   echo "  -h Help"
   exit $1
 }
 
-while getopts "ho:p:n:m:u:i:" opt; do
+while getopts "ho:p:n:m:u:i:s:" opt; do
   case $opt in
 	o) outputDir="${OPTARG}"
 	;;
@@ -29,6 +30,8 @@ while getopts "ho:p:n:m:u:i:" opt; do
 	;;
 	i) IBRIntradocPort="${OPTARG}"
 	;;
+	s) SSLTermination="${OPTARG}"
+	;;
 	h) usage 0
 	;;
 	*) usage 1
@@ -59,6 +62,11 @@ if [ -z ${IBRIntradocPort} ]; then
      IBRIntradocPort=5555
 fi
 
+if [ -z ${SSLTermination} ]; then
+     SSLTermination=false
+fi
+
+
 function wait_admin_pod {
 echo "Waiting for $adminPod Pod startup to kick in."
 sleep 50s
@@ -119,6 +127,9 @@ adminServerName=${adminServerName//*adminServerName: /};
 managedServerNameBase=$(grep  'managedServerNameBase:' create-domain-inputs.yaml);
 managedServerNameBase=${managedServerNameBase//*managedServerNameBase: /};
 
+sslEnabled=$(grep  'sslEnabled:' create-domain-inputs.yaml);
+sslEnabled=${sslEnabled//*sslEnabled: /};
+
 adminPod=$domainUID-$adminServerName
 ucmPod=$domainUID-$managedServerNameBase
 
@@ -151,12 +162,20 @@ sed -i "s/@INSTALL_HOST_NAME@/$hostalias/g" autoinstall.cfg.cs
 sed -i "s/@HOST_NAME_PREFIX@/$truncatedhostname/g" autoinstall.cfg.cs
 sed -i "s/@UCM_INTRADOC_PORT@/$UCM_INTRADOC_PORT/g" autoinstall.cfg.cs
 
+if [ "${SSLTermination}" == "true" ]; then
+	sed -i "s/@SSL_ENABLED@/$SSLTermination/g" autoinstall.cfg.cs
+else
+	sed -i "s/@SSL_ENABLED@/$sslEnabled/g" autoinstall.cfg.cs
+fi
+
+
 kubectl cp  autoinstall.cfg.cs $domainNS/$domainUID-ucm-server1:/u01/oracle/user_projects/domains/$domainUID/ucm/cs/bin/autoinstall.cfg
 
 sed -i "s/@IBR_PORT@/$IBR_PORT/g" autoinstall.cfg.ibr
 sed -i "s/@INSTALL_HOST_FQDN@/$hostname/g" autoinstall.cfg.ibr
 sed -i "s/@INSTALL_HOST_NAME@/$hostalias/g" autoinstall.cfg.ibr
 sed -i "s/@IBR_INTRADOC_PORT@/$IBR_INTRADOC_PORT/g" autoinstall.cfg.ibr
+sed -i "s/@SSL_ENABLED@/$sslEnabled/g" autoinstall.cfg.ibr
 
 kubectl cp  autoinstall.cfg.ibr $domainNS/$domainUID-ibr-server1:/u01/oracle/user_projects/domains/$domainUID/ucm/ibr/bin/autoinstall.cfg
 

diff --git a/...ntent-domains/installguide/additional-steps-to-launch-native-binaries/_index.md b/...ntent-domains/installguide/additional-steps-to-launch-native-binaries/_index.md
@@ -10,8 +10,9 @@ This section provides the steps required to use product native binaries with use
 
 ### Issue with Launching Headful User Interfaces for Oracle WebCenter Content Native Binaries
 
-Oracle WebCenter Content (UCM) provide a set of native binaries with headful UIs, which are located inside the persistent volume, as part of the domain. 
-WebCenter Content container images are, by default, created with Oracle slim linux image, which doesn't come with all the packages pre-installed to support headful applications with UIs to be launched. With current Oracle WebCenter Content container images, running native applications fails, being unable to launch UIs.
+Oracle WebCenter Content (UCM) provide a set of native binaries with headful UIs, which are delivered as part of the product container image. 
+WebCenter Content container images are, by default, created with Oracle slim linux image, which doesn't come with all the packages pre-installed to support headful applications with UIs to be launched. UCM provides many such native binaries which uses JAVA AWT for UI support.
+With current Oracle WebCenter Content container images, running native applications fails, being unable to launch UIs.
 
 The following sections document the solution, by providing a set of instructions, enabling users to run UCM native applications with UIs.
 

diff --git a/...ource/content/wccontent-domains/installguide/create-wccontent-domains/_index.md b/...ource/content/wccontent-domains/installguide/create-wccontent-domains/_index.md
@@ -138,12 +138,14 @@ Run `managed-server-wrapper` script, which internally applies the domain YAML. T
 ```    
 $ cd ${WORKDIR}/create-wcc-domain/domain-home-on-pv/
 
-$ ./start-managed-servers-wrapper.sh -o <path_to_output_directory> -p <load_balancer_port> -n <ibr_node_port> -m <ucm_node_port>
+$ ./start-managed-servers-wrapper.sh -o <path_to_output_directory> -p <load_balancer_port> -n <ibr_node_port> -m <ucm_node_port> -s <ssl_termination>
 ```    
 
 > Note: In the above command, parameters `-n` and `-m` refers to the node-ports to be used for exposing `IBR intradoc port` and `UCM intradoc port` respectively.
   Suggested values for both these node-ports should be within a range of 30000-32767.
   Please keep in mind that `<ibr_node_port>` value must be specified at all time, whereas `<ucm_node_port>` value is only required when IPM and ADFUI Managed Servers are enabled.
+  A value for parameter `-s` needs to be provided only if SSL termination at loadbalancer is being used - acceptable value is either `true` or `false`. 
+  If this parameter value is not supplied, the script assumes that ssl termination at loadbalancer is not being used and by default the value will be taken as `false`. 
 
 #### Run the startup configuration scripts for IPM and WCCADF applications as applicable
 

diff --git a/...omains/oracle-cloud/additional-steps-to-launch-native-binaries-in-oci/_index.md b/...omains/oracle-cloud/additional-steps-to-launch-native-binaries-in-oci/_index.md
@@ -0,0 +1,145 @@
+---
+title: "Launch Oracle Webcenter Content Native Applications in Containers deployed in Oracle Cloud Infrastructure"
+date: 2020-12-3T07:32:31-05:00
+weight: 7
+pre : "<b>7. </b>"
+description: "How to launch Oracle WebCenter Content native binaries from inside containerized environment in OCI."
+---
+
+This section provides the steps required to use Oracle WebCenter Content native binaries with user interfaces, from containerized Managed Servers deployed in OCI. 
+
+### Issue with Launching Headful User Interfaces for Oracle WebCenter Content Native Binaries
+
+Oracle WebCenter Content (UCM) provide a set of native binaries with headful UIs, which are delivered as part of the product container image. 
+WebCenter Content container images are, by default, created with Oracle slim linux image, which doesn't come with all the packages pre-installed to support headful applications with UIs to be launched. UCM provides many such native binaries which uses JAVA AWT for UI support. 
+With current Oracle WebCenter Content container images, native applications fails to run, being unable to launch UIs.
+
+The following sections document the solution, by providing a set of instructions, enabling users to run UCM native applications with UIs.
+
+
+These instructions are divided in two parts -
+1. [Steps to update the existing container image](#steps-to-update-out-of-the-box-oracle-webcenter-content-container-image-using-weblogic-image-tool)
+1. [Steps to launch native apps using VNC sessions](#steps-to-launch-oracle-webcenter-content-native-applications-using-vnc-sessions)
+
+
+### Steps to Update out-of-the-box Oracle WebCenter Content Container Image Using WebLogic Image Tool
+
+This section describes the method to update image with a OS package using WebLogic Image Tool. Please refer [this](https://oracle.github.io/weblogic-image-tool/) for setting up the WebLogic Image Tool.
+#### Additional Build Commands
+
+The installation of required OS packages in the image, can be done using yum command in additional build command option available in WebLogic Image Tool. Here is the sample `additionalBuildCmds.txt` file, to be used, to install required Linux packages (libXext.x86_64, libXrender.x86_64 and libXtst.x86_64).
+
+```
+[final-build-commands]
+USER root
+RUN yum -y --downloaddir=/tmp/imagetool install libXext libXrender libXtst  \
+        && yum -y --downloaddir=/tmp/imagetool clean all \
+    && rm -rf /var/cache/yum/* \
+    && rm -rf /tmp/imagetool
+USER oracle
+
+```
+
+>Note: It is important to change the user to `oracle`, otherwise the user during the container execution will be `root`.
+#### Build arguments
+
+The arguments required for updating the image can be passed as file to the WebLogic Image Tool.
+
+    'update' is the sub command to Image Tool for updating an existing docker image.
+    '--fromImage' option provides the existing docker image that has to be updated.
+    '--tag' option should be provided with the new tag for the updated image.
+    '--additionalBuildCommands' option should be provided with the above created additional build commands file.
+	'--chown oracle:root' option should be provided to update file permissions.
+
+Below is a sample build argument (buildArgs) file, to be used for updating the image,
+
+
+```
+  update
+  --fromImage <existing_WCContent_image_without_dependent_packages>
+  --tag <name_of_updated_WCContent_image_to_be_built>
+  --additionalBuildCommands ./additionalBuildCmds.txt
+  --chown oracle:root 
+```
+
+#### Update Oracle WebCenter Content Container Image
+
+Now we can execute the WebLogic Image Tool to update the out-of-the-box image, using the build-argument file described above -
+
+```
+$ imagetool @buildArgs
+```
+
+
+WebLogic Image Tool provides multiple options for updating the image. For detailed information on the update options, please refer to [this](https://oracle.github.io/weblogic-image-tool/userguide/tools/update-image/) document.
+
+Updating the image does not modify the 'CMD' from the source image unless it is modified in the additional build commands.
+
+```
+$ docker inspect -f '{{.Config.Cmd}}' <name_of_updated_Wccontent_image>
+[/u01/oracle/container-scripts/createDomainandStartAdmin.sh]
+```
+
+### Steps to launch Oracle WebCenter Content native applications using VNC sessions.
+
+Once updated image is successfully built and available on all required nodes, do the following:
+
+a.  Update the domain.yaml file with updated image name and apply the domain.yaml file.  
+```
+$ kubectl apply -f domain.yaml
+```
+
+b.  After applying the modified domain.yaml, pods will get restarted and start running with updated image with required packages.
+
+```
+$ kubectl get pods -n <namespace_being_used_for_wccontent_domain>
+```
+c.  Install VNC SERVER on any one worker node, on which there is an UCM server pod deployed.
+
+d.  After starting vncserver systemctl daemon in the Worker Node, execute the following command from Bastion Host to the Private Subnet Instance (Worker Node).
+
+```
+# The default VNC port is 5900, but that number is incremented according to the configured display number. Thus, display 1 corresponds to 5901, display 2 to 5902, and so on.
+$ ssh -i <Workernode_private.key> -L 590<display_number>:localhost:590<display_number> -p 22 -L 590<display number>:localhost:590<display number> -N -f <user>@<Workernode_privateIPAddress>
+
+# Sample command 
+$ ssh -i <Workernode_private.key> -L 5901:localhost:5901 -p 22 -L 5901:localhost:5901 -N -f [email protected]
+```
+
+e.  From personal client execute the below command with the above session opened.
+
+```
+# Use any Linux emulator (like, Windows Power Shell for Windows) to run the following command
+$ ssh -i <Bastionnode_private.key> -L 590<display_number>:localhost:590<display_number> -p 22 -L 590<display_number>:localhost:590<display_number> -N -f <user>@<BastionHost_publicIPAddress>
+
+#  Sample command
+$ ssh -i <Bastionnode_private.key> -L 5901:localhost:5901 -p 22 -L 5901:localhost:5901 -N -f [email protected]
+```
+
+f.  Open VNC Client software in personal client and connect to Worker Node VNC Server using `localhost:590<display_number>`.
+
+g.  Open a terminal once the VNC session to the Worker Node is connected -
+
+```
+$ xhost +
+```
+h.  Run the following commands from Bastion Host terminal –
+
+```
+# Get into the pod's (for example, wccinfra-ucm-server1) shell:
+$ kubectl exec -n wccns -it wccinfra-ucm-server1 -- /bin/bash
+
+# Traverse to the Native Binaries' location
+$ cd /u01/oracle/user_projects/domains/wccinfra/ucm/cs/bin
+
+# Set DISPLAY variable within the container
+$ export DISPLAY=<Workernode_privateIPAddress, where VNC session was created>:<dispay_number>
+# Sample command 
+$ export DISPLAY=10.0.10.xx:1
+
+# Launch any native UCM application, from within the container, like this:
+$ ./SystemProperties 
+```
+i. If the application has an UI, it'll get launched now in the VNC session connected from personal client.
+
+
diff --git a/...ource/content/wccontent-domains/oracle-cloud/create-wccontent-domains/_index.md b/...ource/content/wccontent-domains/oracle-cloud/create-wccontent-domains/_index.md
@@ -44,8 +44,11 @@ Run `oke-start-managed-server-wrapper.sh` script, which intrenally applies the d
 ```
 $ cd ${WORKDIR}/create-wcc-domain/domain-home-on-pv/
 
-$ ./oke-start-managed-servers-wrapper.sh -o <path_to_output_directory> -l <load_balancer_external_ip> -p <load_balancer_port>
+$ ./oke-start-managed-servers-wrapper.sh -o <path_to_output_directory> -l <load_balancer_external_ip> -p <load_balancer_port> -s <ssl_termination>
 ```
+> Note: A value for parameter `-s` needs to be provided only if SSL termination at loadbalancer is being used - acceptable value is either `true` or `false`. 
+  If this parameter value is not supplied, the script assumes that ssl termination at loadbalancer is not being used and by default the value will be taken as `false`.
+
 #### Run the startup configuration scripts for IPM and WCCADF applications as applicable
 
 Run the script `configure-ipm-connection.sh` to do startup configurations if IPM is enabled.