Advanced actions with Oracle WebLogic Server cluster on Azure Kubernetes Service

This document describes how to create an Oracle WebLogic Server cluster on Azure Kubernetes Service using the Azure CLI.

Introduction

Oracle and Microsoft maintain an Azure Marketplace offer that makes it easy to get started with Oracle WebLogic Server on Azure. For complete documentation on the offer, see the user guide.

If you need to go beyond the capabilities of the Azure Marketplace offer, this guidance enables several advanced features. The following features and more are possible.

Customize Azure Container Insights with specified retention days, workspace SKU and resource permissions.
Customize Azure Kubernetes Service version and Agent Pool name.
Create custom T3 channel for Oracle WebLogic Server Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer
Customize the CPU and memory resources for server pod. This enables you to go beyond the default values of 200m and 1.5Gi.

This document will guide you to create a WebLogic Server cluster in ways that supplement and enhance the capabilities offered by the Azure Marketplace offer. The techniques described in this document go beyond what you can configure using the Azure Marketplace offer.

Prerequisites

This section lists several prerequisites for activating the features as described in the guidance. Optional prerequisites are marked as (optional)

Environment for Setup

Azure CLI, use az --version to test if az works.

Azure Storage account

If you are deploying a Java EE application or using your own JDBC data source driver, you are required to have application packages and JDBC libraries uploaded to a blob storage container in an Azure Storage Account.

To create Azure Storage Account and blobs, follow the steps in Quickstart: Upload, download, and list blobs with the Azure portal.

Upload your application packages (.jar, .war, .ear files) to the blob.

Upload your JDBC drivers (.jar files) to the blob.

Database Instance (optional)

If you are going to apply a database with Oracle WebLogic Server, you must have an existing database instance to use.

This template builds with data source driver for three popular Azure databases: Oracle, Azure SQL Server, Azure Database for PostgreSQL. If you do not have an instance, please create one from the Azure portal.

If you want to use any other databse, you must provide a running database instance. Make sure the database is accessible from Azure. Specify a data source driver url via dbDriverLibrariesUrls , data source driver name via dbDriverName and test table name dbTestTableName, see Database for more information.

Custom DNS (optional)

Registered Domain Name

You need to buy a domain name to create a custom DNS alias.

Azure DNS Zone

If you create the DNS alias on an existing Azure DNS Zone, make sure you have perfomed the Azure DNS Delegation. After you have completed the delegation, you can verify it with nslookup. For example, assuming your domain name is contoso.com, this output shows a correct delegation.

$ nslookup -type=SOA contoso.com
Server:         172.29.80.1
Address:        172.29.80.1#53

Non-authoritative answer:
contoso.com
        origin = ns1-01.azure-dns.com
        mail addr = azuredns-hostmaster.microsoft.com
        serial = 1
        refresh = 3600
        retry = 300
        expire = 2419200
        minimum = 300
Name:   ns1-01.azure-dns.com
Address: 40.90.4.1
Name:   ns1-01.azure-dns.com
Address: 2603:1061::1

We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. To create an Azure DNS Zone, follow the steps in Quickstart: Create an Azure DNS zone and record using the Azure portal.

Prepare the Parameters

You must construct a parameters JSON file containing the parameters to be passed to the ARM template. For background information about parameter files, see Create Resource Manager parameter file. This section shows how to obtain the values for the required properties.

Obtain parameter values from Azure portal

The following steps use the Azure Create UI Definition Sandbox to obtain the values. If you prefer to edit a JSON file, you can also create the objects in your parameters file directly. The Azure UI Definition Sandbox provides controls to select resources and input your values easily. More importantly, this approach generates syntactically valid JSON, eliminating an important class of data entry error.

Use your favourite browser and open the Azure UI Definition Sandbox.
Clear the content of Azure UI Definition Sandbox, and replace with the contents of this file: createUiDefinition.json.
Select Preview.
Fill in the appropriate values. For guidance, see running Oracle WebLogic Server on Azure Kuberneters Service document.
- In the Basics blade, configure the credentials for Oracle WebLogic Server.
  - If you are updating an Oracle WebLogic Server cluster, make sure you have right domain UID and domain name.
- In the Configure AKS cluter blade, configure the AKS cluster, image selection and Java EE application selection.
  - If you are updating an Oracle WebLogic Server cluster, make sure you have selected the right AKS cluster and ACR.
- In the TLS/SSL configuration blade, configure TLS/SSL certificates for Identity Key Store and Trust Key Store, which will be applied to the Oracle WebLogic Server cluster.
- In the Networking blade, configure Standard Load Balancer service and Application Gateway Ingress Controller.
- In the DNS configuration blade, configure custom DNS alias for Oracle WebLogic Server Administration Console portal and cluster.
- In the Database blade, configure data source connection. If you want to enable other database, select Other in Choose database type and finish the required inputs.
Select Review+create, the Azure UI Definition Sandbox will validate the inputs, you must resolve any errors before proceeding.

You will find a message “Validation Passed”. You are now done with the Sandbox.
Select View outputs payload, copy the payload and save it to a file named parameters.json

Configure advanced parameters

Now that you have a syntactically and semantically correct parameters.json, you must add some additional parameters, depending on the features you want to configure.

Advanced parameter Name	Explanation
`_artifactsLocation`	Required. See below for details.
`aciResourcePermissions`	Optinal. Boolean value. The parameter activates when Azure Container Insights is enabled. If `false`: Set the workspace to workspace-context permissions. This is the default setting if the flag isn’t set. If `true`: Set the workspace to resource-context permissions. See Azure Monitor access control mode
`aciRetentionInDays`	Optinal. Integer value. Number of days to retain data in Azure Monitor workspace.
`aciWorkspaceSku`	Optinal. Enum value. For the set of valid values for this parameter, see the sku property in Resource Manager template samples for Log Analytics workspaces in Azure Monitor
`aksAgentPoolName`	Optinal. String value. The name for this node pool. Node pool must contain only lowercase letters and numbers. For Linux node pools the name cannot be longer than 12 characters.
`aksVersion`	Optinal. String value. Version of Azure Kubernetes Service. Use default version if no specified value.
`enableAdminT3Tunneling`	Optinal. Boolean value. Configure a custom channel in Admin Server for the T3 protocol that enables HTTP tunneling.
`enableClusterT3Tunneling`	Optinal. Boolean value. Configure a custom channel in the Oracle WebLogic Server cluster for the T3 protocol that enables HTTP tunneling.
`t3ChannelAdminPort`	Optinal. Integer value, 1-65535. Sepcify cublic port of the custom T3 channel in admin server.
`t3ChannelClusterPort`	Optinal. Integer value, 1-65535. Specify public port of the custom T3 channel in the Oracle WebLogic Server cluster.
`wlsCPU`	Optinal. String value. Sepcify CPU requests for admin server and managed server pods. See Managing Resources for Containers
`wlsMemory`	Optinal. String value. Specify memory requests for admin server and managed server pods. See Managing Resources for Containers

`_artifactsLocation`

This value must be the following.

https://raw.githubusercontent.com/oracle/weblogic-azure/2024-02-29-1-Q1/weblogic-azure-aks/src/main/arm/

Append the expected advanced parameter to parameters.json. And make sure _artifactsLocation is present with the value shown above in parameters.json.

Example Parameters JSON

This is a sample to create an Oracle WebLogic Server cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. The parameters using default value haven’t been shown for brevity.

{
    "_artifactsLocation": {
        "value": "https://raw.githubusercontent.com/oracle/weblogic-azure/2024-02-29-1-Q1/weblogic-azure-aks/src/main/arm/"
    },
    "acrName": {
      "value": "sampleacr"
    },
    "aksClusterName": {
      "value": "sampleaks"
    },
    "aksClusterRGName": {
      "value": "sampleaksgroup"
    },
    "createACR": {
      "value": false
    },
    "createAKSCluster": {
      "value": false
    },
    "enableAdminT3Tunneling": {
      "value": true
    },
    "enableClusterT3Tunneling": {
      "value": true
    },
    "lbSvcValues": {
      "value": [
        {
          "colName": "domain1-admin-t3",
          "colTarget": "adminServerT3",
          "colPort": "7005"
        },
        {
          "colName": "domain-cluster-t3",
          "colTarget": "cluster1T3",
          "colPort": "8011"
        }
      ]
    },
    "location": {
      "value": "eastus"
    },
    "ocrSSOPSW": {
      "value": "Secret123!"
    },
    "ocrSSOUser": {
      "value": "sample@foo.com"
    },
    "wdtRuntimePassword": {
      "value": "Secret123!"
    },
    "wlsPassword": {
      "value": "Secret123!"
    },
    "wlsUserName": {
      "value": "weblogic"
    }
  }

Invoke the ARM template

Assume your parameters file is available in the current directory and is named parameters.json. This section shows the commands to create an Oracle WebLogic Server cluster on AKS.

Use the command to create a resoruce group.

resourceGroupName="hello-wls-aks"
az group create --name ${resourceGroupName} -l eastus

Validate your parameters file

The az group deployment validate command is very useful to validate your parameters file is syntactically correct.

az deployment group validate --verbose \
  --resource-group ${resourceGroupName} \
  --parameters @parameters.json \
  --template-uri https://raw.githubusercontent.com/oracle/weblogic-azure/2024-02-29-1-Q1/weblogic-azure-aks/src/main/arm/mainTemplate.json

If the command returns with an exit status other than 0, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad echo $? immediately after the az command.

Execute the template

After successfully validating the template invocation, change validate to create to invoke the template.

az deployment group create --verbose \
  --resource-group ${resourceGroupName} \
  --name advanced-deployment \
  --parameters @parameters.json \
  --template-uri https://raw.githubusercontent.com/oracle/weblogic-azure/2024-02-29-1-Q1/weblogic-azure-aks/src/main/arm/mainTemplate.json

As with the validate command, if the command returns with an exit status other than 0, inspect the output and resolve the problem.

After a successful deployment, you should find "provisioningState": "Succeeded" in your output.

Verify deployment

The sample has set up custom T3 channel for Administration Server and cluster, you should be able to access Administration Console portal using the public address of T3 channel.

Obtain the address from deployment output:

Open your resource group from Azure portal.
Click Settings -> Deployments -> the deployment with name advanced-deployment, listed in the bottom.
Click Outputs of the deployment, copy the value of adminServerT3ExternalUrl

Get public IP and port from adminServerT3ExternalUrl, access http://<public-ip>:<port>/console from browser, you should find the login page.