Tagged WEBLOGIC

WebLogic Kubernetes Operator: Deploying a Java App in a WebLogic Domain on Oracle Kubernetes Engine (OKE) in 30 Minutes


WebLogic Kubernetes Operator provides a way of running WLS domains in a k8s cluster.

For this post we are depicting the steps of the tutorial you can find in the documentation here. So let’s get started!

What you need:

  • a k8s cluster
  • kubectl
  • maven
  • git
  • docker
  • 60 minutes
git clone https://github.com/oracle/weblogic-kubernetes-operator

docker login

docker pull oracle/weblogic-kubernetes-operator:2.2.0

docker pull traefik:1.7.6

For the next step, if you don’t have a user, goto https://container-registry.oracle.com and register yourself

docker login container-registry.oracle.com 

docker pull container-registry.oracle.com/middleware/weblogic:12.2.1.3

K8s uses role based access control (RBAC):

cat <<EOF | kubectl apply -f -
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: helm-user-cluster-admin-role
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: cluster-admin
 subjects:
 kind: ServiceAccount
 name: default
 namespace: kube-system
 EOF

Traefik is a router:

helm install stable/traefik \
   --name traefik-operator \
   --namespace traefik \
   --values kubernetes/samples/charts/traefik/values.yaml  \
   --set "kubernetes.namespaces={traefik}" \
   --wait
cat <<EOF < values.yaml
 serviceType: NodePort
 service:
   nodePorts:
     http: "30305"
     https: "30443"
 dashboard:
   enabled: true
   domain: traefik.example.com
 rbac:
   enabled: true
 ssl:
   enabled: true
   #enforced: true 
   #upstream: true
   #insecureSkipVerify: false
   tlsMinVersion: VersionTLS12
 EOF
helm install stable/traefik --name traefik-operator --namespace traefik --values values.yaml  --set "kubernetes.namespaces={traefik}" --wait

Namespace for the operator:

kubectl create namespace sample-weblogic-operator-ns

kubectl create serviceaccount -n sample-weblogic-operator-ns sample-weblogic-operator-sa
cd weblogic-kubernetes-operator/

helm install kubernetes/charts/weblogic-operator \
   --name sample-weblogic-operator \
   --namespace sample-weblogic-operator-ns \
   --set image=oracle/weblogic-kubernetes-operator:2.2.0 \
   --set serviceAccount=sample-weblogic-operator-sa \
   --set "domainNamespaces={}" \
   --wait
kubectl create namespace sample-domain1-ns

helm upgrade \
   --reuse-values \
   --set "domainNamespaces={sample-domain1-ns}" \
   --wait \
   sample-weblogic-operator \
   kubernetes/charts/weblogic-operator
 
helm upgrade \
   --reuse-values \
   --set "kubernetes.namespaces={traefik,sample-domain1-ns}" \
   --wait \
   traefik-operator \
   stable/traefik

Creating the WLS domain image:

kubernetes/samples/scripts/create-weblogic-domain-credentials/create-weblogic-credentials.sh \
   -u weblogic -p welcome1 -n sample-domain1-ns -d sample-domain1

Tag the docker image created and push to a registry:

docker images

docker tag container-registry.oracle.com/middleware/weblogic:12.2.1.3 javiermugueta/weblogic:12.2.1.3

docker push javiermugueta/weblogic:12.2.1.3

NOTE: Remember to make private this image in the registry!!! As a recommended option, please follow the steps here to push to the private registry offered by Oracle.

Now let’s make a copy of the yaml file with properties to change and put the appropriate values:

cp kubernetes/samples/scripts/create-weblogic-domain/domain-home-in-image/create-domain-inputs.yaml .

mv create-domain-inputs.yaml mycreate-domain-inputs.yaml

vi mycreate-domain-inputs.yaml

(change values in lines #16, #57, #65, #70, #104, #107 appropriately) Here the one I utilised just in case it helps

And now let’s create the domain with the image:

cd kubernetes/samples/scripts/create-weblogic-domain/domain-home-in-image

./create-domain.sh -i ~/Downloads/weblogic-kubernetes-operator/mycreate-domain-inputs.yaml -o ~/Downloads/weblogic-kubernetes-operator/output -u weblogic -p welcome1 -e

Verify that everything ig working!

kubectl get po -ns sample-domain1-ns

kubectl get svc -ns sample-domain1-ns

Change the type of the cluster and adminserver services to LoadBalancer:

kubectl edit svc/sample-domain1-cluster-cluster-1 -n sample-domain1-ns

kubectl edit svc/sample-domain1-admin-server-external -n sample-domain1-ns
Use vi commands

Verify and write down the public IP’s of the AdminServer external service and the cluster:

kubectl get svc -ns sample-domain1-ns

Create a simple java app and package it:

mvn archetype:generate -DgroupId=javiermugueta.blog -DartifactId=java-web-project -DarchetypeArtifactId=maven-archetype-webapp -DinteractiveMode=false

mnv package

Open a browser, log in WLS AdminServer console and deploy your app (use the public IP of the AdminsServer service):

Open a new browser tab and test the app (use the public IP of the WLS cluster service):

That’s all folks, hope it helps!! 🙂

Weblogic Kubernetes operator or how to run WebLogic​ clusters in k8s


There are lots of WebLogic clusters running around the globe every day. When you withdraw money in the ATM, buy lettuces in the supermarket or make a phone call there is a WebLogic server (and probably an Oracle database too) is executing some logic for you.

Computing paradigms today tend to new standards and Kubernetes seems to be a big player for running workloads that need scalability, high availability, fault tolerant and resilience to disasters.

WebLogic was born in the 2000s with concepts such clusters, managed servers or nodemanager. Those entities were engineered for building robust software designed to run in the infrastructure utilized in the last years.

With the advent of the cloud, new paradigms and technologies arise, but things can’t be constantly rebuilt every time a new technology appears because of the cost of renewing it. The number of lines of  Java code written and compiled to run in WebLogic out there is huge, so is good for you to have the confidence that your current software will keep running and will allow you to modernize your applications progressively. The importance of having providers that guarantee the continuity of businesses goes beyond the technology trends or the latest fashioned cool software product launched yesterday.

For that reason, Oracle provides WebLogic-Kubernetes-Operator, a collection of artifacts that transparently translates the WebLogic architectural design concepts (AdminServer, managed server, NodeManager, …) to the Kunernetes concepts (pods, deployments, persistent volumes, replicasets,…) allowing to run WebLogic topologies in k8s transparently.

domain-architecture

With WebLogic-Kubernetes-Operator, Oracle provides a way for keeping safe the investments you have done so far and gives you time to face the future with tranquility.

Enjoy 😉

Q: Where does the 5000ms timeout come from when I get “process(Lweblogic.cluster.messaging.internal.ClusterMessage;) timed out after: 5000ms..”?


And we said:

The 5000ms is the currently default value for DatabaseLessLeasingBasisMBean.MessageDeliveryTimeout mbean propety.

This is the stack trace generated by a weblogic managed server leader in a cluster defined with consensus migration in wich another cluster node probably died (or was very busy):

Apr 25, 2016 10:47:42 AM CEST> <Warning> <RJVM> <BEA-000573> <RequestTimeout for 
message id 71,049 with message: RJVM response from 'weblogic.rjvm.RJVMImpl@4d7a17a8 
- id: '2862061204926831748S:172.16.78.135:[7003,-1,-1,-1,-1,-1,-1]:PRENOMAD:
prenomad2' connect time: 'Mon Apr 25 09:30:02 CEST 2016'' for 'process
(Lweblogic.cluster.messaging.internal.ClusterMessage;)' timed out after: 5000ms..> 
 weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception 
 at weblogic.cluster.messaging.internal.RMIClusterMessageEndPointImpl_12130_WLStub.
process(Unknown Source) 
 at weblogic.cluster.messaging.internal.RMIClusterMessageSenderImpl.send
(RMIClusterMessageSenderImpl.java:115) 
 at weblogic.cluster.messaging.internal.RMIClusterMessageSenderImpl.send
(RMIClusterMessageSenderImpl.java:93) 
 at weblogic.cluster.messaging.internal.RMIClusterMessageSenderImpl.send
(RMIClusterMessageSenderImpl.java:88) 
 at weblogic.cluster.messaging.internal.ClusterMessageSenderWrapper.send
(ClusterMessageSenderWrapper.java:56) 
 at weblogic.cluster.leasing.databaseless.ServerFailureDetectorImpl$PingTimer.
timerExpired(ServerFailureDetectorImpl.java:309) 
 at weblogic.timers.internal.TimerImpl.run(TimerImpl.java:304) 
 at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run
(SelfTuningWorkManagerImpl.java:548) 
 at weblogic.work.ExecuteThread.execute(ExecuteThread.java:311) 
 at weblogic.work.ExecuteThread.run(ExecuteThread.java:263) 
 Caused by: weblogic.rmi.extensions.RequestTimeoutException: RJVM response from 
'weblogic.rjvm.RJVMImpl@4d7a17a8 - id: '2862061204926831748S:172.16.78.135:
[7003,-1,-1,-1,-1,-1,-1]:PRENOMAD:prenomad2' connect time: 'Mon Apr 25 09:30:02 
CEST2016'' for 'process(Lweblogic.cluster.messaging.internal.ClusterMessage;)' 
timed out after: 5000ms. 
 at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:255) 
 at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:304) 
 ... 10 more

Enjoy 😉

ApacheDS, user groups membership and WebLogic


In ApacheDS, the ldap search for getting the group names a user (for instance cn=juan,ou=usuarios,0=acmecorp) belongs to is as follows:

(&
(objectClass=groupofuniquenames)
(uniqueMember=2.5.4.3=juan,2.5.4.11=usuarios,2.5.4.10=acmecorp)
)

In weblogic, for the supported ldap auth providers, the user membership configuration pattern setting is:

(&(<someattribute>=%M)(objectclass=<someobjectclass>))

Therefore a custom authenticator provider is needed in order to get it working.

Enjoy 😉

 

Cannot load /u01/wls_plugin/lib/mod_wl_24.so into server: libopmnsecure.so: cannot open shared object file: No such file or directory


I’ve configured weblogic proxy plugin 12c for linux according to documentation but I run into “Cannot load /u01/wls_plugin/lib/mod_wl_24.so into server: libopmnsecure.so: cannot open shared object file: No such file or directory”

The error:

[root@localhost ~]# apachectl restart
Job for httpd.service failed. See ‘systemctl status httpd.service’ and ‘journalctl -xn’ for details.

My settings:

[root@localhost ~]# vi /etc/httpd/conf.d/whatever.conf

LoadModule weblogic_module /u01/wls_plugin/lib/mod_wl_24.so
<Location /whatever>
WLSRequest On
SetHandler weblogic-handler
PathTrim /whatever
PathPrepend /whatever
WebLogicHost 192.168.1.39
WebLogicPort 8888
</Location>

LD_LIBRARY_PATH=/u01/wls_plugin/lib

This solution worked for me:

[root@localhost ~]# vi /etc/ld.so.conf

include ld.so.conf.d/*.conf
/u01/wls_plugin/lib

[root@localhost ~]# ldconfig

[root@localhost ~]# apachectl restart

😉

 

WLS WorkManager


This WLS WorkManager has been configured in a 6-node WLS cluster serving the first  travel & tourism technology provider company website in the world.

In weblogic.xml:

<wl-dispatch-policy>
 RSSworker
 </wl-dispatch-policy>

The following can be done in weblogic.xml or you can configure it with WLS console at runtime (better because is decoupled):

<work-manager>
 <name>RSSworker</name>
 <capacity>
 <name>DELmaxcap</name>
 <count>10</count>
 </capacity>
 <fair-share-request-class>
 <name>FSRC</name>
 <fair-share>1000</fair-share>
 </fair-share-request-class>
 </work-manager>

😉