WebLogic Operator初试

时隔几个月，重拾WebLogic

为什么是WebLogic

简单说一句就是，因为WebLogic在中间件里面够复杂。

Server不同的角色
AdminServer和Managed Server之间的通讯
NodeManager负责AdminServer和Managed Server的启停
ManagedServer连上去的认证
状态的保存
域内容的共享

总而言之一句话，就是需要保存状态，需要Persistance,而operator基于一系列脚本将他自动化和脚本化，降低了创建的开销，

但有一点避免不了，就是你必须仍然对WebLogic架构工作原理比较了解，否则任何地方出现问题你都难以定位。

目前Oracle官方出的WebLogic Operator处于Techinical Preview版本阶段，按照官方说法，他提供了创建域，自动的启动，集群扩展，以及和Prometheus集成，web应用的负载均衡器(使用Traefik1.4.5版本),同时提供了ELK的集成功能。

（It provides a mechanism to create domains, automates domain startup, allows scaling WebLogic clusters up and down either manually (on-demand) or through integration with the WebLogic Diagnostics Framework or Prometheus, manages load balancing for web applications deployed in WebLogic clusters, and provides integration with ElasticSearch, logstash and Kibana.）

WebLogic Operator使用标准的WebLogic Server 12.2.1.3的镜像，可以从store/oracle下载获取，当然也可以自己构建，鉴于墙的原因，我就是自己构建的。

架构

总的来说和传统架构类似，重要的是需要有个PV保存共享状态，相当于传统架构中大家mount同一个存储吧。

前序条件

这个比较重要，特别是docker的版本，之前用12的版本，发现死活不work!

Kubernetes 1.7.5+, 1.8.0+

kubectl version

Flannel networking v0.9.1-amd64

Docker 17.03.1.ce

docker version

构建Operator

git clone https://github.com/oracle/weblogic-kubernetes-operator.git

构建weblogic-operator镜像,最后也是以一个pod模式运行在weblogic-operator的命名空间中。

mvn clean install
docker login
docker build -t weblogic-kubernetes-operator:some-tag --no-cache=true .

首先需要有store/oracle/serverjre:8的镜像环境，然后生成weblogic-kubernetes-operator后将镜像save再load到各个需要的节点。

Dockerfile如下

# Copyright , , Oracle Corporation and/or its affiliates. All rights reserved.
 
# using JRE  with support for container heap management
#FROM store/oracle/serverjre:
FROM linux7-jre:8u151
 
RUN mkdir /operator
RUN mkdir /operator/lib
ENV PATH=$PATH:/operator
 
COPY src/scripts/* /operator/
COPY operator/target/weblogic-kubernetes-operator-0.2.jar /operator/weblogic-kubernetes-operator.jar
COPY operator/target/lib/*.jar /operator/lib/
 
HEALTHCHECK --interval=1m --timeout=10s \
  CMD /operator/livenessProbe.sh
 
WORKDIR /operator/
 
CMD ["/operator/operator.sh"]

基本就是将一大堆脚本和jar包移入镜像，然后再启动operator.sh文件

Operator的源码

[root@k8s-master src]# tree main
main
├── java
│   └── oracle
│       └── kubernetes
│           └── operator
│               ├── authentication
│               │   ├── Authenticator.java
│               │   ├── Helpers.java
│               │   └── package-info.java
│               ├── builders
│               │   ├── CallParamsImpl.java
│               │   ├── CallParams.java
│               │   ├── package-info.java
│               │   ├── UncheckedApiException.java
│               │   ├── WatchBuilder.java
│               │   ├── WatchI.java
│               │   └── WatchImpl.java
│               ├── ConfigMapWatcher.java
│               ├── DomainStatusUpdater.java
│               ├── DomainWatcher.java
│               ├── EventWatcher.java
│               ├── helpers
│               │   ├── AnnotationHelper.java
│               │   ├── AuthenticationProxy.java
│               │   ├── AuthorizationProxy.java
│               │   ├── CallBuilderFactory.java
│               │   ├── CallBuilder.java
│               │   ├── ClientPool.java
│               │   ├── ConfigMapConsumer.java
│               │   ├── ConfigMapHelper.java
│               │   ├── CRDHelper.java
│               │   ├── DomainPresenceInfo.java
│               │   ├── HealthCheckHelper.java
│               │   ├── IngressHelper.java
│               │   ├── package-info.java
│               │   ├── PodHelper.java
│               │   ├── Pool.java
│               │   ├── ResponseStep.java
│               │   ├── RollingHelper.java
│               │   ├── SecretHelper.java
│               │   ├── ServerKubernetesObjectsFactory.java
│               │   ├── ServerKubernetesObjects.java
│               │   └── ServiceHelper.java
│               ├── http
│               │   ├── HttpClient.java
│               │   ├── HTTPException.java
│               │   ├── package-info.java
│               │   └── Result.java
│               ├── IngressWatcher.java
│               ├── KubernetesConstants.java
│               ├── LabelConstants.java
│               ├── logging
│               │   ├── LoggingFacade.java
│               │   ├── LoggingFactory.java
│               │   ├── LoggingFormatter.java
│               │   ├── MessageKeys.java
│               │   └── package-info.java
│               ├── Main.java
│               ├── OperatorLiveness.java
│               ├── package-info.java
│               ├── PodWatcher.java
│               ├── ProcessingConstants.java
│               ├── rest
│               │   ├── AuthenticationFilter.java
│               │   ├── backend
│               │   │   ├── package-info.java
│               │   │   ├── RestBackend.java
│               │   │   └── VersionUtils.java
│               │   ├── BaseDebugLoggingFilter.java
│               │   ├── ErrorFilter.java
│               │   ├── ExceptionMapper.java
│               │   ├── FilterPriorities.java
│               │   ├── model
│               │   │   ├── BaseModel.java
│               │   │   ├── ClusterModel.java
│               │   │   ├── CollectionModel.java
│               │   │   ├── DomainModel.java
│               │   │   ├── ErrorModel.java
│               │   │   ├── ItemModel.java
│               │   │   ├── LinkContainerModel.java
│               │   │   ├── LinkModel.java
│               │   │   ├── package-info.java
│               │   │   ├── ScaleClusterParamsModel.java
│               │   │   └── VersionModel.java
│               │   ├── package-info.java
│               │   ├── RequestDebugLoggingFilter.java
│               │   ├── resource
│               │   │   ├── BaseResource.java
│               │   │   ├── ClusterResource.java
│               │   │   ├── ClustersResource.java
│               │   │   ├── DomainResource.java
│               │   │   ├── DomainsResource.java
│               │   │   ├── package-info.java
│               │   │   ├── ScaleClusterResource.java
│               │   │   ├── SwaggerResource.java
│               │   │   ├── VersionResource.java
│               │   │   └── VersionsResource.java
│               │   ├── ResponseDebugLoggingFilter.java
│               │   ├── RestBackendImpl.java
│               │   ├── RestConfigImpl.java
│               │   ├── RestConfig.java
│               │   └── RestServer.java
│               ├── ServerStatusReader.java
│               ├── ServiceWatcher.java
│               ├── StartupControlConstants.java
│               ├── TuningParametersImpl.java
│               ├── TuningParameters.java
│               ├── utils
│               │   └── ConcurrentWeakHashMap.java
│               ├── watcher
│               │   ├── package-info.java
│               │   └── WatchListener.java
│               ├── Watcher.java
│               ├── WebLogicConstants.java
│               ├── wlsconfig
│               │   ├── NetworkAccessPoint.java
│               │   ├── package-info.java
│               │   ├── WlsClusterConfig.java
│               │   ├── WlsDomainConfig.java
│               │   ├── WlsRetriever.java
│               │   └── WlsServerConfig.java
│               └── work
│                   ├── ComponentEx.java
│                   ├── Component.java
│                   ├── ComponentRegistry.java
│                   ├── Container.java
│                   ├── ContainerResolver.java
│                   ├── Engine.java
│                   ├── FiberGate.java
│                   ├── Fiber.java
│                   ├── NextAction.java
│                   ├── package-info.java
│                   ├── Packet.java
│                   ├── Step.java
│                   └── ThreadLocalContainerResolver.java
├── javadoc
│   └── overview.html
└── resources
    └── Operator.properties
 
 directories,  files

安装指导

详情参考

https://github.com/oracle/weblogic-kubernetes-operator

https://github.com/oracle/weblogic-kubernetes-operator/blob/master/site/installation.md

git clone https://github.com/oracle/weblogic-kubernetes-operator.git

修改create-weblogic-operator-input.yaml文件,主要是 targetNamespaces，

同时修改了镜像 weblogicOperatorImage: weblogic-kubernetes-operator:developer

[root@k8s-master kubernetes]# cat create-weblogic-operator-inputs.yaml
# Copyright ,  Oracle Corporation and/or its affiliates.  All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 
# The name of the service account that the operator will use to
# make requests to the Kubernetes API server.
# The name must be lowercase
serviceAccount: weblogic-operator
 
# The Kubernetes namespace that the operator will be deployed in.
# It is recommended that a namespace be created for the operator rather
# than using the default namespace.
# The name must be lowercase
namespace: weblogic-operator
 
# A comma-separated list of target namespaces the operator manages
# The names must be lowercase
targetNamespaces: domain1
 
# The docker image containing the operator code.
#weblogicOperatorImage: container-registry.oracle.com/middleware/weblogic-kubernetes-operator:latest
weblogicOperatorImage: weblogic-kubernetes-operator:developer
 
# The image pull policy for the operator docker image.
weblogicOperatorImagePullPolicy: IfNotPresent
 
# Name of the Kubernetes secret to access the registry containing the operator Docker image
# The presence of the secret will be validated when this parameter is enabled.
#weblogicOperatorImagePullSecretName:
 
# Options for externally exposing the operator REST https interface
# (i.e. outside of the Kubernetes cluster). Valid values are:
#
# "NONE"
#    The REST interface is not exposed outside the Kubernetes cluster.
#
# "SELF_SIGNED_CERT"
#    The REST interface is exposed outside of the Kubernetes cluster on the
#    port specified by the 'externalRestHttpsPort' property.
#    A self-signed certificate and private key are generated for the REST interface.
#    The certificate's subject alternative names are specified by the 'externalSans'
#    property.
#
# "CUSTOM_CERT"
#    The REST interface is exposed outside of the Kubernetes cluster on the
#    port specified by the 'externalRestHttpsPort' property.
#    The customer supplied certificate and private key are used for the REST
#    interface.  They are specified by the 'externalOperatorCert' and
#    'eternalOperatorKey' properties.
externalRestOption: NONE
 
# The node port that should be allocated for the external operator REST https interface.
# This parameter is required if 'externalRestOption' is not 'NONE'.
# Otherwise, it is ignored.
externalRestHttpsPort: 
 
# The subject alternative names to put into the generated self-signed certificate
# for the external WebLogic Operator REST https interface, for example:
#   DNS:myhost,DNS:localhost,IP:127.0.0.1
# This parameter is required if 'externalRestOption' is 'SELF_SIGNED_CERT'.
# Otherwise, it is ignored.
externalSans:
 
# The customer supplied certificate to use for the external operator REST
# https interface.  The value must be a string containing a base64 encoded PEM certificate.
# This parameter is required if 'externalRestOption' is 'CUSTOM_CERT'.
# Otherwise, it is ignored.
externalOperatorCert:
 
# The customer supplied private key to use for the external operator REST
# https interface.  The value must be a string containing a base64 encoded PEM key.
# This parameter is required if 'externalRestOption' is 'CUSTOM_CERT'.
# Otherwise, it is ignored.
externalOperatorKey:
 
# Controls whether or not the operator will start a Java remote debug server on the
# provided port and suspend execution until a remote debugger has attached.
# The 'internalDebugHttpPort' property controls the port number inside the Kubernetes
# cluster and the 'externalDebugHttpPort' property controls the port number outside
# the Kubernetes cluster.
remoteDebugNodePortEnabled: false
 
# The port number inside the Kubernetes cluster for the operator's Java
# remote debug server.
# This parameter is required if 'remoteDebugNodePortEnabled' is true.
# Otherwise, it is ignored.
internalDebugHttpPort: 
 
# The node port that should be allocated for the Kubernetes cluster for the operator's
# Java remote debug server.
# This parameter is required if 'remoteDebugNodePortEnabled' is true.
# Otherwise, it is ignored.
externalDebugHttpPort: 
 
# The level of Java logging that should be enabled in the operator.
# Valid values are: "SEVERE", "WARNING", "INFO", "CONFIG", "FINE", "FINER", and "FINEST".
javaLoggingLevel: INFO
 
# Controls whether or not ELK integration is enabled.
elkIntegrationEnabled: false

./create-weblogic-operator.sh \
  -i create-weblogic-operator-inputs.yaml \
  -o weblogic-operator-output-directory/

创建日志如下：

[root@k8s-master kubernetes]# ./create-weblogic-operator.sh \
>   -i create-weblogic-operator-inputs.yaml \
>   -o weblogic-operator-output-directory/
Input parameters being used
export serviceAccount="weblogic-operator"
export namespace="weblogic-operator"
export targetNamespaces="domain1"
export weblogicOperatorImage="weblogic-kubernetes-operator:developer"
export weblogicOperatorImagePullPolicy="IfNotPresent"
export externalRestOption="NONE"
export externalRestHttpsPort=""
export remoteDebugNodePortEnabled="false"
export internalDebugHttpPort=""
export externalDebugHttpPort=""
export javaLoggingLevel="INFO"
export elkIntegrationEnabled="true"
 
The WebLogic Operator REST interface will not be externally exposed
/root/weblogic-kubernetes-operator/kubernetes/internal
Generating a self-signed certificate for the operator's internal https port with the subject alternative names DNS:internal-weblogic-operator-svc,DNS:internal-weblogic-operator-svc.weblogic-operator,DNS:internal-weblogic-operator-svc.weblogic-operator.svc,DNS:internal-weblogic-operator-svc.weblogic-operator.svc.cluster.local
Generating weblogic-operator-output-directory//weblogic-operators/weblogic-operator/weblogic-operator.yaml
Running the weblogic operator security customization script
...
Generating YAML script weblogic-operator-output-directory//weblogic-operators/weblogic-operator/weblogic-operator-security.yaml to create WebLogic Operator security configuration...
Create the WebLogic Operator Security configuration using kubectl as follows: kubectl create -f weblogic-operator-output-directory//weblogic-operators/weblogic-operator/weblogic-operator-security.yaml
Ensure you start the API server with the --authorization-mode=RBAC option.
Checking to see if the namespace weblogic-operator already exists
The namespace weblogic-operator already exists
Checking the target namespace domain1
Checking to see if the namespace domain1 already exists
The namespace domain1 already exists
Checking to see if the service account weblogic-operator already exists
The service account weblogic-operator already exists
Applying the generated file weblogic-operator-output-directory//weblogic-operators/weblogic-operator/weblogic-operator-security.yaml
namespace "weblogic-operator" configured
serviceaccount "weblogic-operator" configured
clusterrole "weblogic-operator-cluster-role" configured
clusterrole "weblogic-operator-cluster-role-nonresource" configured
clusterrolebinding "weblogic-operator-operator-rolebinding" configured
clusterrolebinding "weblogic-operator-operator-rolebinding-nonresource" configured
clusterrolebinding "weblogic-operator-operator-rolebinding-discovery" configured
clusterrolebinding "weblogic-operator-operator-rolebinding-auth-delegator" configured
clusterrole "weblogic-operator-namespace-role" configured
rolebinding "weblogic-operator-rolebinding" configured
Checking the cluster role weblogic-operator-namespace-role was created
Checking role binding weblogic-operator-rolebinding was created for each target namespace
Checking role binding weblogic-operator-rolebinding for namespace domain1
Checking the cluster role weblogic-operator-cluster-role was created
Checking the cluster role bindings weblogic-operator-operator-rolebinding were created
Deploy ELK...
deployment "elasticsearch" configured
service "elasticsearch" configured
deployment "kibana" configured
service "kibana" configured
Applying the file weblogic-operator-output-directory//weblogic-operators/weblogic-operator/weblogic-operator.yaml
configmap "weblogic-operator-cm" configured
secret "weblogic-operator-secrets" configured
deployment "weblogic-operator" created
service "internal-weblogic-operator-svc" created
Waiting for operator deployment to be ready...
status is , iteration  of
Checking the operator labels
Checking the operator pods
Checking the operator Pod status
 
The Oracle WebLogic Server Kubernetes Operator is deployed, the following namespaces are being managed: domain1
 
The following files were generated:
  weblogic-operator-output-directory//weblogic-operators/weblogic-operator/create-weblogic-operator-inputs.yaml
  weblogic-operator-output-directory//weblogic-operators/weblogic-operator/weblogic-operator.yaml
  weblogic-operator-output-directory//weblogic-operators/weblogic-operator/weblogic-operator-security.yaml
 
Completed

创建完成后

创建了domain1和weblogic-operator的命名空间

[root@k8s-master weblogic-operator]# kubectl get namespaces
NAME                STATUS    AGE
default             Active    168d
domain1             Active    17h
kube-public         Active    168d
kube-system         Active    168d
monitoring          Active    112d
weblogic-operator   Active    17h

在weblogic-operator下创建的对象

[root@k8s-master weblogic-operator]# kubectl get all -n weblogic-operator
NAME                                    READY     STATUS    RESTARTS   AGE
po/weblogic-operator--dvqv6   /       Running             17h
 
NAME                                 CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
svc/internal-weblogic-operator-svc   10.254.229.199   <none>        /TCP   17h
 
NAME                       DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
deploy/weblogic-operator                                            17h
 
NAME                              DESIRED   CURRENT   READY     AGE
rs/weblogic-operator-                              17h

pod的日志信息

[root@k8s-master weblogic-operator]# kubectl logs weblogic-operator--dvqv6 -n weblogic-operator
Launching Oracle WebLogic Server Kubernetes Operator...
{"timestamp":"05-15-2018T00:54:01.857+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.TuningParametersImpl","method":"update","timeInMillis":,"message":"Reloading tuning parameters from Operator's config map","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T00:54:03.431+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.Main","method":"main","timeInMillis":,"message":"Oracle WebLogic Server Kubernetes Operator, version: 0.2, implementation: master.3934b2c, build time: 2018-04-18T17:05:04+0800","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T00:54:03.481+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.Main","method":"startLivenessThread","timeInMillis":,"message":"Starting Operator Liveness Thread","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T00:54:03.601+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.Main","method":"begin","timeInMillis":,"message":"Operator namespace is: weblogic-operator","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T00:54:03.675+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.Main","method":"begin","timeInMillis":,"message":"Operator target namespaces are: domain1","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T00:54:03.680+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.Main","method":"begin","timeInMillis":,"message":"Operator service account is: weblogic-operator","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T00:54:13.180+0000","thread":,"level":"WARNING","class":"oracle.kubernetes.operator.helpers.HealthCheckHelper","method":"logHealthCheckEvent","timeInMillis":,"message":"Access denied for service account system:serviceaccount:weblogic-operator:weblogic-operator for operation get on resource networkpolicies","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T00:54:13.198+0000","thread":,"level":"WARNING","class":"oracle.kubernetes.operator.helpers.HealthCheckHelper","method":"logHealthCheckEvent","timeInMillis":,"message":"Access denied for service account system:serviceaccount:weblogic-operator:weblogic-operator for operation list on resource networkpolicies","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T06:25:48.416+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.helpers.ClientPool","method":"getApiClient","timeInMillis":,"message":"The Kuberenetes Master URL is set to https://10.254.0.1:443","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T06:29:53.941+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.helpers.ClientPool","method":"getApiClient","timeInMillis":,"message":"The Kuberenetes Master URL is set to https://10.254.0.1:443","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T06:42:51.519+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.helpers.ClientPool","method":"getApiClient","timeInMillis":,"message":"The Kuberenetes Master URL is set to https://10.254.0.1:443","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T06:47:45.681+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.helpers.ClientPool","method":"getApiClient","timeInMillis":,"message":"The Kuberenetes Master URL is set to https://10.254.0.1:443","exception":"","code":"","headers":{},"body":""}
{"timestamp":"05-15-2018T06:52:35.717+0000","thread":,"level":"INFO","class":"oracle.kubernetes.operator.helpers.ClientPool","method":"getApiClient","timeInMillis":,"message":"The Kuberenetes Master URL is set to https://10.254.0.1:443","exception":"","code":"","headers":{},"body":""}

客户化资源定义

[root@k8s-master weblogic-operator]# kubectl get crd
NAME                      KIND
domains.weblogic.oracle   CustomResourceDefinition.v1beta1.apiextensions.k8s.io

创建WebLogic Domain

创建secret

kubectl -n domain1 create secret generic domain1-weblogic-credentials  --from-literal=username=weblogic  --from-literal=password=welcome1

创建pv,域会建立在这个pv下面，持久化在这里，如果你只有一个node,需要在node上建立，当然如果是nfs这种方式就不用

mkdir -m  -p /weblogic/domain1PersistentVolume

拉取镜像

docker login
docker pull store/oracle/weblogic:12.2.1.3

这个具体的镜像名是在template文件中定义，我因为拉去不到镜像所以自己build了一个retag了一下。

input文件

[root@k8s-master kubernetes]# cat create-weblogic-domain-inputs.yaml
# Copyright , Oracle Corporation and/or its affiliates.  All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 
# Port number for admin server
adminPort: 
 
# Name of the Admin Server
adminServerName: admin-server
 
# Name of the WebLogic domain to create
domainName: base_domain
 
# Unique id identifying a domain.
# This id must be lowercase and unique across all domains in a Kubernetes cluster.
domainUID: domain1
 
# Determines which WebLogic Servers the Operator will start up
# Legal values are "NONE", "ALL", "ADMIN", "SPECIFIED", or "AUTO"
startupControl: AUTO
 
# Cluster name
clusterName: cluster-
 
# Number of managed servers to generate for the domain
configuredManagedServerCount: 
 
# Number of managed servers to initially start for the domain
initialManagedServerReplicas: 
 
# Base string used to generate managed server names
managedServerNameBase: managed-server
 
# Port number for each managed server
managedServerPort: 
 
# Persistent volume type for the domain's storage.
# The value must be 'HOST_PATH' or 'NFS'.
# If using 'NFS', weblogicDomainStorageNFSServer must be specified.
weblogicDomainStorageType: HOST_PATH
 
# The server name or ip address of the NFS server to use for the domain's storage.
# The following line must be uncomment and customized if weblogicDomainStorateType is NFS:
#weblogicDomainStorageNFSServer: nfsServer
 
# Physical path of the domain's persistent storage.
# The following line must be uncomment and customized:
weblogicDomainStoragePath: /weblogic/domain1PersistentVolume
 
# Reclaim policy of the domain's persistent storage
# The valid values are: 'Retain', 'Delete', and 'Recycle'
weblogicDomainStorageReclaimPolicy: Retain
 
# Total storage allocated to the domain's persistent storage.
weblogicDomainStorageSize: 10Gi
 
# Boolean indicating if production mode is enabled for the domain
productionModeEnabled: true
 
# Name of the Kubernetes secret for the Admin Server's username and password
# The name must be lowercase
weblogicCredentialsSecretName: domain1-weblogic-credentials
 
# Name of the Kubernetes secret to access the Docker Store to pull the WebLogic Server Docker image
# The presence of the secret will be validated when this parameter is enabled.
#weblogicImagePullSecretName:
 
# Port for the T3Channel of the NetworkAccessPoint
t3ChannelPort: 
 
# Public address for T3Channel of the NetworkAccessPoint.  This value should be set to the
# kubernetes server address, which you can get by running "kubectl cluster-info".  If this
# value is not set to that address, WLST will not be able to connect from outside the
# kubernetes cluster.
t3PublicAddress: kubernetes
 
# Boolean to indicate if the channel should be exposed as a service
exposeAdminT3Channel: false
 
# NodePort to expose for the admin server
adminNodePort: 
 
# Boolean to indicate if the adminNodePort will be exposed
exposeAdminNodePort: false
 
# Name of the domain namespace
namespace: domain1
 
# Load balancer to deploy.  Supported values are:TRAEFIK, NONE
#loadBalancer: TRAEFIK
loadBalancer: NONE
 
# Load balancer web port
loadBalancerWebPort: 
 
# Load balancer dashboard port
loadBalancerDashboardPort: 
 
#Java Option for Weblogic Server
javaOptions: -Dweblogic.StdoutDebugEnabled=false

运行脚本

./create-weblogic-domain.sh -i create-weblogic-domain-input.yaml -o  weblogic-domain-output/

会先运行一个job pod（domain1-create-weblogic-domain-job-j4bsp）,进行域的建立等工作，然后再通过NodeManager将AdminServer和Managed Server一个一个启动起来。

当然在PV下面（node上）看到如下目录

[root@node1 /]# tree weblogic -L
weblogic
└── domain1PersistentVolume
    ├── applications
    ├── domain
    │   └── base_domain
    │       ├── autodeploy
    │       ├── backup_config
    │       ├── bin
    │       ├── config
    │       ├── console-ext
    │       ├── edit.lok
    │       ├── fileRealm.properties
    │       ├── init-info
    │       ├── lib
    │       ├── nodemanager
    │       ├── orchestration
    │       ├── resources
    │       ├── security
    │       ├── servers
    │       ├── startManagedWebLogic_readme.txt
    │       └── startWebLogic.sh
    ├── logs
    │   ├── admin-server.log
    │   ├── base_domain.log
    │   ├── nodemanager-admin-server.log
    │   ├── nodemanager-admin-server.log.lck
    │   ├── nodemanager-managed-server1.log
    │   ├── nodemanager-managed-server1.log.lck
    │   ├── nodemanager-managed-server2.log
    │   └── nodemanager-managed-server2.log.lck
    └── stores

日志如下：

[root@k8s-master kubernetes]# ./create-weblogic-domain.sh -i create-weblogic-domain-inputs.yaml -o  weblogic-domain-output/
Input parameters being used
export adminPort=""
export adminServerName="admin-server"
export domainName="base_domain"
export domainUID="domain1"
export startupControl="AUTO"
export clusterName="cluster-1"
export configuredManagedServerCount=""
export initialManagedServerReplicas=""
export managedServerNameBase="managed-server"
export managedServerPort=""
export weblogicDomainStorageType="HOST_PATH"
export weblogicDomainStoragePath="/weblogic/domain1PersistentVolume"
export weblogicDomainStorageReclaimPolicy="Retain"
export weblogicDomainStorageSize="10Gi"
export productionModeEnabled="true"
export weblogicCredentialsSecretName="domain1-weblogic-credentials"
export t3ChannelPort=""
export t3PublicAddress="kubernetes"
export exposeAdminT3Channel="false"
export adminNodePort=""
export exposeAdminNodePort="false"
export namespace="domain1"
export loadBalancer="NONE"
export loadBalancerWebPort=""
export loadBalancerDashboardPort=""
export javaOptions="-Dweblogic.StdoutDebugEnabled=false"
 
Generating weblogic-domain-output//weblogic-domains/domain1/weblogic-domain-pv.yaml
Generating weblogic-domain-output//weblogic-domains/domain1/weblogic-domain-pvc.yaml
Generating weblogic-domain-output//weblogic-domains/domain1/create-weblogic-domain-job.yaml
Generating weblogic-domain-output//weblogic-domains/domain1/domain-custom-resource.yaml
Generating weblogic-domain-output//weblogic-domains/domain1/weblogic-domain-traefik-cluster-1.yaml
Generating weblogic-domain-output//weblogic-domains/domain1/weblogic-domain-traefik-security-cluster-1.yaml
Checking to see if the secret domain1-weblogic-credentials exists in namespace domain1
Checking if the persistent volume domain1-weblogic-domain-pv exists
The persistent volume domain1-weblogic-domain-pv does not exist
Creating the persistent volume domain1-weblogic-domain-pv
persistentvolume "domain1-weblogic-domain-pv" created
Checking if the persistent volume domain1-weblogic-domain-pv is Available
Checking if the persistent volume claim domain1-weblogic-domain-pvc in namespace domain1 exists
No resources found.
The persistent volume claim domain1-weblogic-domain-pvc does not exist in namespace domain1
Creating the persistent volume claim domain1-weblogic-domain-pvc
persistentvolumeclaim "domain1-weblogic-domain-pvc" created
Checking if the persistent volume domain1-weblogic-domain-pv is Bound
Checking if object type job with name domain1-create-weblogic-domain-job exists
No resources found.
Creating the domain by creating the job weblogic-domain-output//weblogic-domains/domain1/create-weblogic-domain-job.yaml
configmap "domain1-create-weblogic-domain-job-cm" created
job "domain1-create-weblogic-domain-job" created
Waiting for the job to complete...
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Running
status on iteration  of
pod domain1-create-weblogic-domain-job- status is Completed
Creating the domain custom resource using weblogic-domain-output//weblogic-domains/domain1/domain-custom-resource.yaml
domain "domain1" created
Checking the domain custom resource was created
 
Domain base_domain was created and will be started by the WebLogic Kubernetes Operator
 
The following files were generated:
  weblogic-domain-output//weblogic-domains/domain1/create-weblogic-domain-inputs.yaml
  weblogic-domain-output//weblogic-domains/domain1/weblogic-domain-pv.yaml
  weblogic-domain-output//weblogic-domains/domain1/weblogic-domain-pvc.yaml
  weblogic-domain-output//weblogic-domains/domain1/create-weblogic-domain-job.yaml
  weblogic-domain-output//weblogic-domains/domain1/domain-custom-resource.yaml
 
Completed

完成后看到，在domain1下会生成AdminServer和一个受管实例，处于运行状态中..

[root@k8s-master kubernetes]# kubectl get pod -n domain1

[root@k8s-master kubernetes]# kubectl get pods -n domain1 -w
NAME READY STATUS RESTARTS AGE
domain1-admin-server 0/1 Running 0 44s
domain1-create-weblogic-domain-job-j4bsp 0/1 Completed 0 4m
domain1-admin-server 1/1 Running 0 6m
domain1-managed-server1 0/1 Pending 0 0s
domain1-managed-server1 0/1 Pending 0 0s
domain1-managed-server1 0/1 ContainerCreating 0 0s
domain1-managed-server1 0/1 Running 0 2s
domain1-managed-server1 1/1 Running 0 9m

从这个日志来看，实例的启动有一定的顺序，先AdminServer后Managed Server

[root@k8s-master kubernetes]# kubectl get svc -n domain1
NAME                        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
domain1-admin-server        10.254.161.135   <none>        /TCP   21m
domain1-cluster-cluster-   10.254.135.246   <none>        /TCP   13m
domain1-managed-server1     10.254.68.132    <none>        /TCP   13m

看服务，除了admin的7001和managedserver的8001,还多出一个domain1-cluster-cluster-1的服务。

[root@k8s-master kubernetes]# kubectl describe svc domain1-cluster-cluster- -n domain1
Name:            domain1-cluster-cluster-
Namespace:        domain1
Labels:            weblogic.clusterName=cluster-
            weblogic.createdByOperator=true
            weblogic.domainName=base_domain
            weblogic.domainUID=domain1
Annotations:        weblogic.oracle/operator-formatVersion=
Selector:        weblogic.clusterName=cluster-,weblogic.createdByOperator=true,weblogic.domainUID=domain1
Type:            ClusterIP
IP:            10.254.135.246
Port:            <unset>    /TCP
Endpoints:        10.1.70.9:
Session Affinity:    None
Events:            <none>

describe 一下，发现这个服务直接指向了守管服务器的地址。

启动完成后，可以describe一下，看到这些实例的参数。

[root@k8s-master ~]# kubectl describe domain domain1 -n domain1
Name:        domain1
Namespace:    domain1
Labels:        weblogic.domainName=base_domain
        weblogic.domainUID=domain1
Annotations:    kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"weblogic.oracle/v1","kind":"Domain","metadata":{"annotations":{},"labels":{"weblogic.domainName":"base_domain","weblogic.domainUID":"dom...
API Version:    weblogic.oracle/v1
Kind:        Domain
Metadata:
  Cluster Name:
  Creation Timestamp:    --16T01::36Z
  Generation:
  Resource Version:
  Self Link:        /apis/weblogic.oracle/v1/namespaces/domain1/domains/domain1
  UID:            8551c004-58a5-11e8-98e4-080027e2ae0a
Spec:
  Admin Secret:
    Name:    domain1-weblogic-credentials
  As Name:    admin-server
  As Port:
  Cluster Startup:
    Cluster Name:    cluster-
    Desired State:    RUNNING
    Env:
      Name:    JAVA_OPTIONS
      Value:    -Dweblogic.StdoutDebugEnabled=false
      Name:    USER_MEM_ARGS
      Value:    -Xms64m -Xmx256m
    Replicas:
  Domain Name:    base_domain
  Domain UID:    domain1
  Export T  Channels:
  Image:        store/oracle/weblogic:12.2.1.3
  Image Pull Policy:    IfNotPresent
  Replicas:
  Server Startup:
    Desired State:    RUNNING
    Env:
      Name:        JAVA_OPTIONS
      Value:        -Dweblogic.StdoutDebugEnabled=false
      Name:        USER_MEM_ARGS
      Value:        -Xms64m -Xmx256m
    Server Name:    admin-server
  Startup Control:    AUTO
Status:
  Conditions:
    Last Transition Time:    --16T01::.928Z
    Reason:            ServersReady
    Status:            True
    Type:            Available
  Servers:
    Health:
      Activation Time:    --16T01::.214Z
      Overall Health:    ok
      Subsystems:
    Node Name:        node1
    Server Name:    admin-server
    State:        RUNNING
    Cluster Name:    cluster-
    Health:
      Activation Time:    --16T01::.561Z
      Overall Health:    ok
      Subsystems:
    Node Name:        node1
    Server Name:    managed-server1
    State:        RUNNING
  Start Time:        --16T01::.502Z
Events:            <none>

扩展Scale实例

前提是在建立集群的时候需要指定多少个受管服务器，比如5个，但启动时候只启动一个，就可以通过编辑下面的domain1的配置，让operator进行实例的启动。

kubectl edit domain domain1 -n domain1

spec:
  adminSecret:
    name: domain1-weblogic-credentials
  asName: admin-server
  asPort:
  clusterStartup:
  - clusterName: cluster-
    desiredState: RUNNING
    env:
    - name: JAVA_OPTIONS
      value: -Dweblogic.StdoutDebugEnabled=false
    - name: USER_MEM_ARGS
      value: '-Xms64m -Xmx256m '
    replicas:
  domainName: base_domain
  domainUID: domain1
  exportT3Channels: []

[root@k8s-master kubernetes]# kubectl get pods -n domain1 -w
NAME                                       READY     STATUS      RESTARTS   AGE
domain1-admin-server                       /       Running               25m
domain1-create-weblogic-domain-job-99qjv   /       Completed             30m
domain1-managed-server1                    /       Running               17m
domain1-managed-server2                    /       Running               27s

集群又会启动ms2.

删除weblogic domain

删除所有的域，删除一个域的命令是 -d domainname

./delete-weblogic-domain-resources.sh -d all
 
@@ Warning!  WebLogic Server pods remaining but wait time exceeds half of max wait seconds. About to directly delete all remaining resources, including the leftover pods.
pod "domain1-create-weblogic-domain-job-phm1n" deleted
job "domain1-create-weblogic-domain-job" deleted
persistentvolumeclaim "domain1-weblogic-domain-pvc" deleted
configmap "domain1-create-weblogic-domain-job-cm" deleted
persistentvolume "domain1-weblogic-domain-pv" deleted
@@  resources remaining after  seconds, including  WebLogic Server pods. Max wait is  seconds.

删除WebLogic Operator

kubectl delete deploy weblogic-operator -n weblogic-operator
kubectl delete service external-weblogic-operator-svc -n weblogic-operator
kubectl delete service internal-weblogic-operator-svc -n weblogic-operator

WebLogic Operator初试的更多相关文章

采用Operator-sdk轻松将helm chart转为Operator
去年就接触Operator,从Oracle发布的WebLogic Operator到mySQL Operator,构建的源码一大堆,但感觉一直缺少合适的开发框架能够避免复杂性快速生成, 随着技术的日益 ...
WebLogic SSRF 漏洞 (简要翻译）
[Ref]http://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cv ...
WebLogic SSRF
本文主要记录一下Weblogic SSRF 利用的操作过程. 一.WebLogic SSRF漏洞简介漏洞编号:CVE-2014-4210 漏洞影响: 版本10.0.2,10.3.6 Oracle W ...
weblogic系列漏洞整理 -- 5. weblogic SSRF 漏洞 UDDI Explorer对外开放 (CVE-2014-4210)
目录五. weblogic SSRF 漏洞 UDDI Explorer对外开放 (CVE-2014-4210) 1. 利用过程 2. 修复建议一.weblogic安装 http://www.cnb ...
WebLogic远程命令执行
靶机说明目标ip:172.16.53.28(window 2003) 本靶机所针对的序列化漏洞系列以及常见安全问题如下: 弱口令登陆控制台部署war包webshell CVE-2018-2893 C ...
针对Weblogic测试的一些小总结(转）
1. 管理员登录页面弱密码 Weblogic的端口一般为7001,弱密码一般为weblogic/Oracle@123 or weblogic,或者根据具体情况进行猜测,公司名,人名等等,再有就可以用b ...
[WEB安全]Weblogic漏洞总结
0x01 Weblogic简介 1.1 叙述 Weblogic是美国Oracle公司出品的一个应用服务器(application server),确切的说是一个基于Java EE架构的中间件,是用于开 ...
SSRF——weblogic vulhub 漏洞复现及攻击内网redis（一）（附批量检测脚本）
0X01 概述 SSRF(Server-Side Request Forgery, 服务端请求伪造)利用漏洞可以发起网络请求来攻击内网服务.利用SSRF能实现以下效果:1) 扫描内网(主 ...
应用安全 - 工具 | 平台 - Weblogic - 漏洞 - 汇总
控制台路径 | 弱口令前置条件 /console CVE-2016-0638 Date 类型远程代码执行影响范围10.3.6, 12.1.2, 12.1.3, 12.2.1 CVE-2016 ...

随机推荐

js判断文件格式及大小
//判断照片大小 function getPhotoSize(obj){ photoExt=obj.value.substr(obj.value.lastIndexOf(".&q ...
android studio 入门比较好的书籍
http://blog.csdn.NET/aqi00/article/details/50012511 http://blog.csdn.net/aqi00/article/details/73065 ...
php详解和优化
nginx结合php使用FastCGI方式 apache结合php,php是作为一个模块加载到apache中 (1)FastCGI工作原理 1.用户发送http请求报文给nginx服务器 2.ngin ...
AttributeError: 'ForeignKey' object has no attribute 're' 解决办法
使用 field_object.rel.model.objects.filter(**db_condition) 报错 forekey中存在rel,为什么不能调用? 通过以下语句观察 print(fi ...
VS2013下实现移动端的跨平台开发
http://www.th7.cn/Program/Android/201412/336394.shtml 前一天准备下载VS2015预览版,到VisualStudio官网一看,发现微软发布了Visu ...
CF #502
#include<cstdio> #include<string> #include<cstdlib> #include<cmath> #include ...
Flume学习应用：Java写日志数据到MongoDB
概述 Windows平台:Java写日志到Flume,Flume最终把日志写到MongoDB. 系统环境操作系统:win7 64 JDK:1.6.0_43 资源下载 Maven:3.3.3下载.安装 ...
Oracle常用常考集合
登陆远程服务器 sqlplus scott/tiger@192.168.2.1[:port]/sid [as sysdba] 简单查询 select table_name from user_tab ...
【BZOJ 1053】 1053: [HAOI2007]反素数ant （反素数）
1053: [HAOI2007]反素数ant Description 对于任何正整数x,其约数的个数记作g(x).例如g(1)=1.g(6)=4.如果某个正整数x满足:g(x)>g(i) 0&l ...
【树形dp】vijos P1180 选课
题解: http://www.cppblog.com/rakerichard/articles/105004.html 惊了,讨论子树大小能否dp真鸡儿麻烦,按照上面那份题解,可以不用分这么多类,可以 ...

WebLogic Operator初试

WebLogic Operator初试的更多相关文章

随机推荐

热门专题