Merge pull request #1873 from edburns/edburns-msft-180-02-wls-aks (#1894)

Add sample running Oracle WLS Kubernetes Operator on Azure Kubernetes Service

Co-authored-by: Monica Riccelli <[email protected]>

Author: rjeberhard

docs-source/content/samples/simple/azure-kubernetes-service/_index.md

@@ -16,6 +16,7 @@ While these samples may be useful and usable as is, it is intended that you woul
 * [Sample for configuring the Elasticsearch and Kibana](scripts/elasticsearch-and-kibana/README.md) deployments and services for the operator's logs.
 * [Sample for generating a self-signed certificate and private key](scripts/rest/README.md) that can be used for the operator's external REST API.
 * [Sample for creating an OKE cluster using Terraform](scripts/terraform/README.md).
+* [Sample for running a WebLogic cluster on the Azure Kubernetes Service](scripts/create-weblogic-domain-on-azure-kubernetes-service/README.md), and the YAML file for deploying the Azure resources and generated WebLogic domain.
 
 ## Sample Helm charts
 

docs-source/content/samples/simple/azure-kubernetes-service/screenshot-deploy-test-app.png

@@ -0,0 +1,92 @@
+#!/usr/bin/env bash
+# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+#
+# Description
+#  This sample script creates a Kubernetes secret for Azure Storage to use Azure file share on AKS.
+#
+#  The following pre-requisites must be handled prior to running this script:
+#    * The kubernetes namespace must already be created
+#
+
+script="${BASH_SOURCE[0]}"
+
+#
+# Function to exit and print an error message
+# $1 - text of message
+function fail {
+  echo [ERROR] $*
+  exit 1
+}
+
+# Try to execute kubectl to see whether kubectl is available
+function validateKubectlAvailable {
+  if ! [ -x "$(command -v kubectl)" ]; then
+    fail "kubectl is not installed"
+  fi
+}
+
+function usage {
+  echo usage: ${script} -c storageAccountName -k storageAccountKey [-s secretName] [-n namespace] [-h]
+  echo "  -a storage account name, must be specified."
+  echo "  -k storage account key, must be specified."
+  echo "  -s secret name, optional. Use azure-secret if not specified."
+  echo "  -n namespace, optional. Use the default namespace if not specified."
+  echo "  -h Help"
+  exit $1
+}
+
+#
+# Parse the command line options
+#
+secretName=azure-secret
+namespace=default
+while getopts "ha:k:s:n:" opt; do
+  case $opt in
+    a) storageAccountName="${OPTARG}"
+    ;;
+    k) storageAccountKey="${OPTARG}"
+    ;;
+    s) secretName="${OPTARG}"
+    ;;
+    n) namespace="${OPTARG}"
+    ;;
+    h) usage 0
+    ;;
+    *) usage 1
+    ;;
+  esac
+done
+
+if [ -z ${storageAccountName} ]; then
+  echo "${script}: -e must be specified."
+  missingRequiredOption="true"
+fi
+
+if [ -z ${storageAccountKey} ]; then
+  echo "${script}: -p must be specified."
+  missingRequiredOption="true"
+fi
+
+if [ "${missingRequiredOption}" == "true" ]; then
+  usage 1
+fi
+
+# check and see if the secret already exists
+result=`kubectl get secret ${secretName} -n ${namespace} --ignore-not-found=true | grep ${secretName} | wc | awk ' { print $1; }'`
+if [ "${result:=Error}" != "0" ]; then
+  fail "The secret ${secretName} already exists in namespace ${namespace}."
+fi
+
+# create the secret
+kubectl -n $namespace create secret generic $secretName \
+    --from-literal=azurestorageaccountname=$storageAccountName \
+    --from-literal=azurestorageaccountkey=$storageAccountKey
+
+# Verify the secret exists
+SECRET=`kubectl get secret ${secretName} -n ${namespace} | grep ${secretName} | wc | awk ' { print $1; }'`
+if [ "${SECRET}" != "1" ]; then
+  fail "The secret ${secretName} was not found in namespace ${namespace}"
+fi
+
+echo "The secret ${secretName} has been successfully created in the ${namespace} namespace."

docs-source/content/samples/simple/azure-kubernetes-service/screenshot-logs.png

@@ -0,0 +1,106 @@
+#!/usr/bin/env bash
+# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+#
+# Description
+#  This sample script creates a Kubernetes secret for Docker credentials for use with the WLS Operator on AKS.
+#
+#  The following pre-requisites must be handled prior to running this script:
+#    * The kubernetes namespace must already be created
+#
+
+script="${BASH_SOURCE[0]}"
+
+#
+# Function to exit and print an error message
+# $1 - text of message
+function fail {
+  echo [ERROR] $*
+  exit 1
+}
+
+# Try to execute kubectl to see whether kubectl is available
+function validateKubectlAvailable {
+  if ! [ -x "$(command -v kubectl)" ]; then
+    fail "kubectl is not installed"
+  fi
+}
+
+function usage {
+  echo usage: ${script} -e email -p password -u username [-s secretName] [-d dockerServer] [-n namespace] [-h]
+  echo "  -e email, must be specified."
+  echo "  -p password, must be specified."
+  echo "  -u username, must be specified."
+  echo "  -s secret name, optional, Use regcred if not specified."
+  echo "  -d docker server, optional, Use docker.io if not specified."
+  echo "  -n namespace, optional. Use the default namespace if not specified"
+  echo "  -h Help"
+  exit $1
+}
+
+#
+# Parse the command line options
+#
+secretName=regcred
+namespace=default
+dockerServer=container-registry.oracle.com
+while getopts "he:p:u:n:d:s:d:" opt; do
+  case $opt in
+    e) email="${OPTARG}"
+    ;;
+    p) password="${OPTARG}"
+    ;;
+    u) username="${OPTARG}"
+    ;;
+    s) secretName="${OPTARG}"
+    ;;
+    d) dockerServer="${OPTARG}"
+    ;;
+    n) namespace="${OPTARG}"
+    ;;
+    h) usage 0
+    ;;
+    *) usage 1
+    ;;
+  esac
+done
+
+if [ -z ${email} ]; then
+  echo "${script}: -e must be specified."
+  missingRequiredOption="true"
+fi
+
+if [ -z ${password} ]; then
+  echo "${script}: -p must be specified."
+  missingRequiredOption="true"
+fi
+
+if [ -z ${username} ]; then
+  echo "${script}: -u must be specified."
+  missingRequiredOption="true"
+fi
+
+if [ "${missingRequiredOption}" == "true" ]; then
+  usage 1
+fi
+
+# check and see if the secret already exists
+result=`kubectl get secret ${secretName} -n ${namespace} --ignore-not-found=true | grep ${secretName} | wc | awk ' { print $1; }'`
+if [ "${result:=Error}" != "0" ]; then
+  fail "The secret ${secretName} already exists in namespace ${namespace}."
+fi
+
+# create the secret
+kubectl -n $namespace create secret docker-registry $secretName \
+  --docker-email=$email \
+  --docker-password=$password \
+  --docker-server=$dockerServer \
+  --docker-username=$username 
+
+# Verify the secret exists
+SECRET=`kubectl get secret ${secretName} -n ${namespace} | grep ${secretName} | wc | awk ' { print $1; }'`
+if [ "${SECRET}" != "1" ]; then
+  fail "The secret ${secretName} was not found in namespace ${namespace}"
+fi
+
+echo "The secret ${secretName} has been successfully created in the ${namespace} namespace."

kubernetes/samples/README.md

@@ -0,0 +1 @@
+Please see the documentation for this sample [in the documentation for the Operator](https://oracle.github.io/weblogic-kubernetes-operator/samples/simple/azure-kubernetes-service/).

kubernetes/samples/scripts/create-kuberetes-secrets/create-azure-storage-credentials-secret.sh

@@ -0,0 +1,26 @@
+# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: %PERSISTENT_VOLUME_NAME%
+  labels:
+    usage: %PERSISTENT_VOLUME_NAME%
+spec:
+  capacity:
+    storage: 10Gi
+  accessModes:
+    - ReadWriteMany
+  storageClassName: %STORAGE_CLASS_NAME%
+  persistentVolumeReclaimPolicy: Retain
+  azureFile:
+    secretName: %AZURE_FILE_SHARE_SECRET_NAME%
+    shareName: %AZURE_FILE_SHARE_NAME%
+    readOnly: false
+  mountOptions:
+  - dir_mode=0777
+  - file_mode=0777
+  - uid=1000
+  - gid=1000
+  - mfsymlinks

kubernetes/samples/scripts/create-kuberetes-secrets/create-docker-credentials-secret.sh

@@ -0,0 +1,17 @@
+# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: %PERSISTENT_VOLUME_CLAIM_NAME%
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: %STORAGE_CLASS_NAME%
+  resources:
+    requests:
+      storage: 10Gi
+  selector:
+    matchLabels:
+      usage: %PERSISTENT_VOLUME_CLAIM_NAME%

kubernetes/samples/scripts/create-weblogic-domain-on-azure-kubernetes-service/README.md

@@ -0,0 +1,87 @@
+# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+# The version of this inputs file. Do not modify.
+version: create-domain-on-aks-inputs-v1
+
+#
+# Parameters that must be changed from these values!
+#
+
+# The service principal is used to login to azure and create an azure kubernetes cluster.
+# If you don't have a service principal, please follow README.md
+# Application id of the service principal.
+azureServicePrincipalAppId: azure-service-principal-app-id
+
+# A client secret of the service principal.
+azureServicePrincipalClientSecret: azure-service-principal-client-secret
+
+# Tenant (Directory) id of the service principal.
+azureServicePrincipalTenantId: azure-service-principal-tenant-id
+
+# Oracle Single Sign-On (SSO) account email, used to pull the WebLogic Server Docker image
+dockerEmail: docker-email
+
+# Password for Oracle SSO account password, used to pull the WebLogic Server Docker image
+dockerPassword: docker-password
+
+# The same value as dockerEmail
+dockerUserName: docker-user-name
+
+# Specify where to create azure resource.
+azureLocation: eastus
+
+# Specify a prefix to name resources, only allow lowercase letters and numbers, between 1 and 7 characters.
+# Resource group is named with ${namePrefix}resourcegroup<timestamp>, e.g. wlsresourcegroup1592469388
+# Kubernetes cluster is named with ${namePrefix}akscluster<timestamp>, e.g. wlsakscluster1592469388
+# Storage account is named with ${namePrefix}storage<timestamp>, e.g. wlsstorage1592469388
+namePrefix: wls
+
+#
+# Parameters that may optionally be changed.
+#
+
+# The suffix of file share secret name, the complete value is ${namePrefix}${azureFileShareSecretNameSuffix}.
+azureFileShareSecretNameSuffix: azure-secret
+
+# Number of azure kubernetes nodes, used to create azure kubernetes cluster.
+azureKubernetesNodeCount: 2
+
+# VM size of azure kubernetes node.
+azureKubernetesNodeVMSize: Standard_DS2_v2
+
+# The suffix of azure kubernetes node pool name, the azure kubernetes node pool name will be${azureKubernetesNodepoolNamePrefix} ${namePrefix}.
+azureKubernetesNodepoolNamePrefix: pool1
+
+# SKU of azure storage account, used to create storage account.
+azureStorageAccountSku: Standard_LRS
+
+# Name of Azure Storage Class. We will use initial StorageClasses azurefile.
+# If you want to create new class, follow the document: https://docs.microsoft.com/en-us/azure/aks/azure-files-dynamic-pv#create-a-storage-class.
+# Go to this page for more details:  https://docs.microsoft.com/en-us/azure/aks/concepts-storage#storage-classes
+azureStorageClassName: azurefile
+
+# The suffix of azure storage file share name, the complete value is ${namePrefix}-${azureStorageShareNameSuffix}-<timestamp>, used to create file share, and mount file share. 
+azureStorageShareNameSuffix: weblogic
+
+# The suffix of the Kubernetes secret name, the complete value is ${namePrefix}${imagePullSecretNameSuffix}. The secret name is used to access the Docker Store to pull the WebLogic Server Docker image
+# Used to create kubenetes secret for docker hub account.
+# Parameter "imagePullSecretName" will be overwritten with this field in kubernetes/samples/scripts/create-weblogic-domain/domain-home-on-pv/create-domain-inputs.yaml
+imagePullSecretNameSuffix: regcred
+
+# The suffix of the persistent volume claim name, the complete value is ${namePrefix}-${persistentVolumeClaimNameSuffix}-<timestamp>.
+# Parameter "persistentVolumeClaimName" will be overwritten with this field in kubernetes/samples/scripts/create-weblogic-domain/domain-home-on-pv/create-domain-inputs.yaml
+persistentVolumeClaimNameSuffix: azurefile
+
+# Password for weblogic account.
+weblogicAccountPassword: welcome1
+
+# WebLogic Server Docker image.
+# Parameter "image" will be overwritten with this field in kubernetes/samples/scripts/create-weblogic-domain/domain-home-on-pv/create-domain-inputs.yaml
+weblogicDockerImage: container-registry.oracle.com/middleware/weblogic:12.2.1.3
+
+# Name of weblogic user.
+weblogicUserName: weblogic
+
+
+