Use OCI File Storage (FSS) for persistent volumes

Oracle recommends using Oracle Cloud Infrastructure File Storage (FSS) for persistent volumes to store the WebLogic domain home or log files when running the Kubernetes cluster on Oracle Container Engine for Kubernetes (OKE). When using the FSS with OKE for domain home or log files, the file system handling will require an update to properly initialize the file ownership on the persistent volume when the domain is initially created.

File permission handling on persistent volumes can differ between cloud providers and even with the underlying storage handling on Linux-based systems. The operator requires permission to create directories on the persistent volume under the shared mount path. The following instructions provide an option to update the file ownership and permissions.

Updating the permissions of shared directory on persistent storage

The operator provides a utility script, pv-pvc-helper.sh, as part of the lifecycle scripts to change the ownership and permissions of the shared directory on the persistent storage.

This script launches a Pod and mounts the specified PVC in the Pod containers at the specified mount path. You can then exec in the Pod and manually change the permissions or ownership.

See the pv-pvc-helper.sh in “Examine, change permissions or delete PV contents” section in the README file for the script details.

For example, run the following command to create the Pod.

$ pv-pvc-helper.sh -n sample-domain1-ns -r -c sample-domain1-weblogic-sample-pvc -m /shared

The script will create a Pod with the following specifications.

apiVersion: v1
kind: Pod
metadata:
  name: pvhelper
  namespace: sample-domain1-ns
spec:
  containers:
  - args:
    - sleep
    - infinity
    image: ghcr.io/oracle/oraclelinux:8
    name: pvhelper
    volumeMounts:
    - name: pv-volume
      mountPath: /shared
  volumes:
  - name: pv-volume
    persistentVolumeClaim:
      claimName: wko-domain-on-pv-pvc

Run the following command to exec into the Pod.

$ kubectl -n sample-domain1-ns exec -it pvhelper -- /bin/sh

After you get a shell to the running Pod container, change the directory to /shared, and you can change the ownership or permissions using the appropriate chown or chmod commands. For example,

$ chown 1000:0 /shared/. && find /shared/. -maxdepth 1 ! -name '.snapshot' ! -name '.' -print0 | xargs -r -0 chown -R 1000:0

References