Tagged ORACLE CLOUD INFRASTRUCTURE

Containerizing​ Oracle Cloud Infrastructure (OCI) Command Line Interface (CLI)


Oracle Cloud Infrastructure (OCI) command line interface (CLI) is one of several methods provided for managing the Oracle cloud infra generation 2.

The CLI can be installed and configured in your local machine just following the instructions in the documentation.

In this post, we are explaining an alternate method for using the CLI by means of creating a container. Main advantage: portability and encapsulation of configurations just in case you are managing more than one tenant.

STEP 1

Install and configure OCI CLI. Please notice that a hidden folder called .oci gets created in your home directory:

ocloudshell1

STEP 2

Create a directory for creating the container, let’s call it ocloudshell for instance:

mkdir ocloudshell

STEP 3

copy ./oci directory in your home directory to ocloudshell dir

STEP 4

Edit the ./oci/config file and change the absolute paths to be relative to the home directory. For instance, in my mac is as follows:

ocloudshell2

ocloudshell3

STEP 5

Download the OPC CLI and put it in the ocloudshell dir

STEP 6

Create Dockerfile as follows:

FROM store/oracle/serverjre:8
ENV LC_ALL=en_US.utf8 \
LANG=en_US.utf8
ARG OPC_CLI_VERSION=18.1.2
ENV OPC_CLI_PKG=opc-cli-$OPC_CLI_VERSION.zip
WORKDIR /ocloudshell/
RUN curl -o /etc/yum.repos.d/public-yum-ol7.repo http://yum.oracle.com/public-yum-ol7.repo \
&& yum-config-manager --enable ol7_developer_EPEL \
&& yum-config-manager --enable ol7_developer \
&& yum -y install unzip python-oci-cli \
&& rm -rf /var/cache/yum/*
WORKDIR /root
ADD .oci/ .oci/
RUN chmod 400 .oci/config
RUN chmod 400 .oci/oci_api_key.pem
CMD ["/bin/bash"]

STEP 7

Create the container and push it to a private repository!*
docker build -t myrepo/ocloudshell .

docker push myrepo/ocloudshell
(*) Don’t push the image to a public repo for obvious security reasons

 

TEST IT

So far, so good. Let’s test the container executing a command, here is the command reference documentation. For instance, let’s execute a command for starting a VM:

docker run -it javiermugueta/ocloudshell oci compute instance action --instance-id ocid1.instance.oc1.eu-frankfurt-1.abtheljtbocj2w4qywieacalgsortabg4kep77lplqfwfmlup77725rvsjxa --action start

That’s all folks!

Enjoy 🙂

 

Creating a Java Microservice with Helidon/Microservice Archetype Deployed in Kubernetes


helidon

With Helidon you can create Java microservices easily. In this blog, we are creating/exposing a REST service that gets a JSON document stored in an Oracle database and retrieves it to the requestor. For retrieving the JSON document from the database we are using ORDS and SODA but you can use JDBC as well, we’ll show it shortly in another post.

First, let’s create the project with the available archetype:

mvn archetype:generate -DinteractiveMode=false -DarchetypeGroupId=io.helidon.archetypes -DarchetypeArtifactId=helidon-quickstart-se -DarchetypeVersion=0.10.5 -DgroupId=io.helidon.examples -DartifactId=quickstart-se -Dpackage=io.helidon.examples.quickstart.se

Modify the GreetService class for calling a backend service and the MainTest class removing the tests, you can find how it looks like here on GitHub.

Package the app:

mvn clean package

Now, start the app

java -jar target/quickstart-se.jar

And test the app locally, the app starts listening in 0.0.0.0:8080:

http://localhost:8080/greet

Now, let’s containerize the app with the Dockerfile included in the project:

docker build -t quickstart-se target

Run the container and test again:

docker run --rm -p 8080:8080 quickstart-se:latest

http://localhost:8080/greet

Now let’s deploy to Kubernetes:

First, we tag the container and then push it to the registry:

docker tag quickstart-se javiermugueta/quickstart-se

docker push javiermugueta/quickstart-se

Now let’s modify the deployment yaml to create a LoadBalancer and for pulling the image previously pushed in the registry:

... 
labels:

app: ${project.artifactId}

spec:

type: LoadBalancer

selector:
...

spec:

containers:

- name: ${proje
ct.artifactId}

image: javiermugueta/quickstart-se

imagePullPolicy: IfNotPresent

ports:

...

 

Let’s deploy the app to k8s:
kubectl create -f target/app.yaml
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
quickstart-se LoadBalancer 10.96.56.43 1xy.x1.x5.x24 8080:32243/TCP 2m
Take note of the public IP and test again:
javamicroservice
That’s all folks!!
Enjoy;-)

Install Oracle Data Integration Platform Cloud (aka ODIPC) ODI Agent in an Oracle Cloud DB System


Let’s go ahead:

  • From the ODICP portal download the agent:

odipc

  • ssh to the database node
  • sudo su – oracle
  • unzip agent-linux.64.bit.zip
  • Issue the following command (what we are doing now is downloading the SSL certificate of the ODIPC cloud service and importing in cacerts):
openssl s_client -showcerts -connect <odipcservernameurl>:443 </dev/null 2>/dev/null|openssl x509 -outform PEM > adipcocporaclecloudcom.crt

such as:

openssl s_client -showcerts -connect testadi-txlxfxnxcxclxxd2.adipc.ocp.oraclecloud.com:443 </dev/null 2>/dev/null|openssl x509 -outform PEM >mycertfile.pem
  • And now this command:
/u01/app/12.2.0.1/grid/jdk/bin/keytool -import -alias adipcocporaclecloudcom -keystore /u01/app/12.2.0.1/grid/jdk/jre/lib/security/cacerts -file adipcocporaclecloudcom.crt

[you’ll be prompted for a password, it is changeit]

  • Now go to the Cloud Dashboard and grab the url of the IDCS service, such as:

https://idcs-e6f40c2&#8230;..qtden….cd69ee.identity.oraclecloud.com

odipc6odipc5

So far, so good…

Now we need to create an IDCS application, so go to IDCS Console/Applications section:

odipc6

Add a new application of type Confidential Application, and give it a name:

odipc7

Now configure the following in the Client Configuration section:

odipc8

Then in Allowed Scopes click [Add] and select from the pop-up dialog the name of the ODIPC instance service you created:

odipc9

Grab the value of the Allowed Scope for later and finish the wizard:

odipc10

You’ll be shown a pop-up dialog with the clientid and secret of the Application. If you miss it don´t worry, you can get it again going to the General Information section, gain grab both values for later:

odip11.png

Now is time to execute the installer providing all the values gathered before, this is what we have so far:

[oracle@db dicloud]$ pwd
/home/oracle/dicloud
[oracle@db dicloud]$ ll
total 16
-rw-r--r-- 1 oracle oinstall 2264 Nov 23 00:21 adipcocporaclecloudcom.crt
drwxr-xr-x 3 oracle oinstall 4096 Aug 31 00:56 agent
-rwxr-x--- 1 oracle oinstall 1001 Aug 31 00:45 dicloudConfigureAgent.sh
-rwxr-x--- 1 oracle oinstall  358 Aug 31 00:45 dicloudUpgradeAgent.sh
[oracle@db dicloud]$ export JAVA_HOME=/u01/app/12.2.0.1/grid/jdk
[oracle@db dicloud]$ 
[oracle@db dicloud]$ ./dicloudConfigureAgent.sh 
2018-11-23 01:04:07.066 INFO [oracle.dicloud.agent.core.GGCCAgentInstallation] (oracle.dicloud.agent.core.GGCCAgentInstallation handleCreateInstance) Creating agent instance home at :/home/oracle/dicloud/agent/dipcagent001 
2018-11-23 01:04:07.094 INFO [oracle.dicloud.agent.core.GGCCAgentInstallation] (oracle.dicloud.agent.core.GGCCAgentInstallation handleCreateInstance) Agent instance home created successfully at :/home/oracle/dicloud/agent/dipcagent001 
Enter DICLOUD Service Host :testadi-txlxfxnxcxcloxx2.adipc.ocp.oraclecloud.com
Enter DICLOUD Service Port :443
Enter IDCS server URL :https://idcs-e6f40c2d9qtden0cd69ee.identity.oraclecloud.com 
Enter agent IDCS Client scope :https://8123QTDEN5B4BF861.adipc.ocp.oraclecloud.com:443urn:opc:resource:consumer::all
2018-11-23 01:04:40.187 INFO [oracle.jps.common] (oracle.security.jps.JpsStartup start) Jps initializing. 
2018-11-23 01:04:44.212 INFO [oracle.jps.common] (oracle.security.jps.JpsStartup start) Jps started. 
Enter agent IDCS Client Id : 712e73eqtden6c4849004
Enter agent IDCS Client Secret : 
2018-11-23 01:05:05.790 INFO [global] (oracle.dicloud.agent.deployment.AgentDeployer buildAgentPropertiesFromTemplate) SSL is configured with default JDK Trust store here : /u01/app/12.2.0.1/grid/jdk/jre/lib/security/cacerts 
2018-11-23 01:05:05.794 INFO [global] (oracle.dicloud.agent.deployment.AgentDeployer buildAgentPropertiesFromTemplate) Default Trust-store was configured using default trust store unlock password. 
2018-11-23 01:05:05.797 INFO [global] (oracle.dicloud.agent.deployment.AgentDeployer buildAgentPropertiesFromTemplate) Need to change 'agentTrustStorePath' property in agent.properties for using a different Trust-store 
2018-11-23 01:05:05.799 INFO [global] (oracle.dicloud.agent.deployment.AgentDeployer buildAgentPropertiesFromTemplate) Use updateTrustStoreUnlockPassword.sh/bat utility to add the Trust-store unlock password to agent wallet. 
Enter Username:jvr.mgt@rcl.cm
Confirm Username:jvr.mgt@rcl.com
Enter password:
Confirm password:
2018-11-23 01:05:34.289 INFO [global] (oracle.dicloud.agent.deployment.AgentDeployer captureOdiCredentailsIfRequired) captureOdiCredentials ... Completed. 
2018-11-23 01:05:34.683 INFO [global] (oracle.dicloud.agent.deployment.AgentDeployer captureOdiCredentailsIfRequired) captureOdiCredentials ... Completed. 
2018-11-23 01:05:34.688 INFO [global] (oracle.dicloud.agent.deployment.DICloudAgentLifeCycleManager main) Agent Instance successfully created at : /home/oracle/dicloud/agent/dipcagent001 
2018-11-23 01:05:34.689 INFO [global] (oracle.dicloud.agent.deployment.DICloudAgentLifeCycleManager main) Start the agent using this startAgentInstance(.sh/.bat) script in : /home/oracle/dicloud/agent/dipcagent001/bin 
2018-11-23 01:05:34.690 INFO [global] (oracle.dicloud.agent.deployment.DICloudAgentLifeCycleManager main) Stop the agent using this stopAgentInstance (.sh/.bat) script in : /home/oracle/dicloud/agent/dipcagent001/bin 
2018-11-23 01:05:34.692 INFO [global] (oracle.dicloud.agent.deployment.DICloudAgentLifeCycleManager main) Agent configuration properties file is available at : /home/oracle/dicloud/agent/dipcagent001/conf/agent.properties 
2018-11-23 01:05:34.693 INFO [global] (oracle.dicloud.agent.deployment.DICloudAgentLifeCycleManager main) Refer the configuration file for more information on agent configuration. 
2018-11-23 01:05:34.694 INFO [global] (oracle.dicloud.agent.deployment.DICloudAgentLifeCycleManager main) If agent properties are edited then restart the agent for changes to take affect. 
checking if this is odiRemote setup or not...
Local DIPC agent setup mode. Hence, ignoring ODI set-up
[oracle@db dicloud]$ 


Let's start the agen for the first time:


[oracle@db dicloud]$ agent/dipcagent001/bin/startAgentInstance.sh 
AGENT_HOME : /home/oracle/dicloud/agent/dipcagent001/bin/../../oracle
2018-11-23 01:09:05.650:INFO::main: Logging initialized @1773ms
2018-11-23 01:09:06.078:INFO:oejs.Server:main: jetty-9.3.12.v20160915
2018-11-23 01:09:06.272:INFO:oejsh.ContextHandler:main: Started o.e.j.s.ServletContextHandler@6ca8564a{/dicloud,null,AVAILABLE}
2018-11-23 01:09:06.317:INFO:oejs.AbstractConnector:main: Started ServerConnector@718b8b0e{HTTP/1.1,[http/1.1]}{localhost:7005}
2018-11-23 01:09:06.321:INFO:oejs.Server:main: Started @2447ms
log4j:WARN No appenders could be found for logger (org.apache.http.client.protocol.RequestAddCookies).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
2018-11-23 01:09:16.190 NOTIFICATION GGCC-20071: Successfully verified basic connectivity to server.
2018-11-23 01:09:16.197 NOTIFICATION ID file NOT found in : /home/oracle/dicloud/agent/dipcagent001/conf/diaid Registering the agent...
2018-11-23 01:09:16.197 NOTIFICATION Building agent registration data ... 
2018-11-23 01:09:16.206 NOTIFICATION Building agent registration data ... ... AgentRegData [hostname=db.sub11130848550.atnetwork.oraclevcn.com, port=7005, agentVersion=18.3.5-SNAPSHOT, instanceName=dipcagent001, agentId=null, properties={goldenGateHost=localhost, goldenGatePort=7809, serverConnCheckIntervalSecs=10, ggCoreVersion=V_12_3_0, agentManagedBy=ONPREMISE, agentPlatform=Linux, agentUseSSL=true, agentTrustStorePath=/u01/app/12.2.0.1/grid/jdk/jre/lib/security/cacerts, agentInstanceInstallLocation=/home/oracle/dicloud/agent/dipcagent001, agentUserName=javier.mugueta@oracle.com, agentConnectors=CONN,ODI}]
2018-11-23 01:09:17.079 NOTIFICATION Registration post response : InboundJaxrsResponse{context=ClientResponse{method=POST, uri=https://testadi-telefonicacloud2.adipc.ocp.oraclecloud.com:443/dicloud/api/v1/registered/agents, status=200, reason=OK}}
2018-11-23 01:09:17.120 NOTIFICATION Agent Registration status : REGISTERED
2018-11-23 01:09:17.122 NOTIFICATION AgentIdentification ... Done. agentID: ec55e634-4ac1-4556-a877-7186a1c78149
2018-11-23 01:09:17.256 NOTIFICATION Successfully registered this agent for message subscription
ODIPlugin was not started as it was not configured
If this is Remote/On-Prem agent requires ODI, Run config script first

odipc13

Yes, there it is!

Enjoy:-)

 

 

 

 

 

 

 

 

Install Zookeeper in Oracle Kubernetes Engine aka OKE ;-) in 20 minutes


blue white orange and brown container van
Photo by Pixabay on Pexels.com

If you don’t have one, first create a cluster. In the last version of the dashboard, you can find a new “QUICK CREATE” option that creates all the stuff from scratch easily.

oke2

oke1

Install helm following this link or in mac issue the following command:

brew install helm

Configure access to the cluster

 

Goto this page and follow instructions explained in there (helm chart), in short:

helm repo add bitnami https://charts.bitnami.com/bitnami 

helm install bitnami/zookeeper

Follow instructions for port forwardingInstall zkCli:, such as:

kubectl port-forward --namespace default svc/tufted-sheep-zookeeper 2181:2181

Install a client such as zkCli:

brew tap let-us-go/zkcli
brew install zkcli

Test it:

MacBook-Pro-de-javi:~ javiermugueta$ zkcli 

2018/11/08 00:03:40 Connected to 127.0.0.1:2181

>> create /FirstZnode “Myfirstzookeeper-app”
Created /FirstZnode
>>> get /FirstZnode 1
“Myfirstzookeeper-app”
cZxid = 0x6
ctime = Wed Nov 07 23:12:52 GMT 2018
mZxid = 0x6
mtime = Wed Nov 07 23:12:52 GMT 2018
pZxid = 0x6
cversion = 0
dataVersion = 0
aclVersion = 0
ephemeralOwner = 0x0
dataLength = 26
numChildren = 0
>>> 

That’s it!

Enjoy 😉

 

 

Deploy Hyperledger Composer on Oracle Cloud Container Native (Managed Kubernetes) in less than 30 Minutes


PART ONE: PREPARE YOUR ENVIRONMENT

Get a cloud account, log in with your IdCS credentials, go to the Compute (new OCI) dashboard and create a local user:

k8s-hyper-composer-01

Create a Policy:

k8s-hyper-composer-02

Add the following policy statements it they don’t exist:

k8s-hyper-composer-03

Create a Compartment:

k8s-hyper-composer-00

Create a Virtual Cloud Network (VCN) and 3 subnets on it in case you don’t have one already:

k8s-hyper-composer-05

k8s-hyper-composer-06

PART TWO: CREATE THE K8S CLUSTER

Go to Containers menu, click Create Cluster Button:

k8s-hyper-composer-10

Introduce the proper information and Click Create:

 

k8s-hyper-composer-11

Add compute resources to the cluster (Pools):

k8s-hyper-composer-12

k8s-hyper-composer-13

Obtain information for managing the K8s cluster from command line (kubectl):

k8s-hyper-composer-14

k8s-hyper-composer-15

Start k8s dashboard:

k8s-hyper-composer-20

PART THREE: DEPLOY HYPERLEDGER COMPOSER

Open dashboard in browser:

k8s-hyper-composer-21

Locate the kubeconfig file and Sing In:

k8s-hyper-composer-22

k8s-hyper-composer-23

In the dashboard click Create button in the upper right corner:

k8s-hyper-composer-24

Locate the Hyperledger container in docker hub:

k8s-hyper-composer-25

Provide the appropiate info in the dialog:

k8s-hyper-composer-26

Wait for the service to be created and ready:

k8s-hyper-composer-27

Click on the public url and test it!:

k8s-hyper-composer-28

That’s it!

Enjoy 😉