From 91dc809c7a3df96fa0d0f3e3e113a4151ccc5515 Mon Sep 17 00:00:00 2001 From: "work@jacobthomas.net" Date: Mon, 16 Aug 2021 13:04:07 -0700 Subject: [PATCH 01/42] creating gh-pages branch From a2217d8b556115c3007b6ed1caeb0df35f2e6547 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Sat, 14 Aug 2021 08:37:27 -0400 Subject: [PATCH 02/42] Bring over gh-pages from wls-eng --- Gemfile | 10 + LICENSE | 201 +++++ Makefile | 25 + README.md | 91 +++ _config.yml | 2 + _data/var.yml | 13 + _includes/head.html | 3 + _includes/sub-template-01.md | 3 + _includes/toc.html | 5 + _includes/variables.md | 41 + _layouts/default.html | 35 + admin/aadNestedTemplate.md | 302 +++++++ admin/customDNSTemplate.md | 164 ++++ admin/dbTemplate.md | 332 ++++++++ admin/elkNestedTemplate.md | 285 +++++++ admin/index.md | 13 + .../src/main/scripts/create_datasource.py | 33 + assets/css/style.scss | 5 + cluster/aadNestedTemplate.md | 308 ++++++++ cluster/addnode-coherence.md | 570 ++++++++++++++ cluster/addnode.md | 734 ++++++++++++++++++ cluster/appGatewayNestedTemplate.md | 364 +++++++++ cluster/coherenceTemplate.md | 526 +++++++++++++ cluster/customDNSTemplate.md | 174 +++++ cluster/dbTemplate.md | 332 ++++++++ cluster/deletenode.md | 535 +++++++++++++ cluster/elkNestedTemplate.md | 399 ++++++++++ cluster/index.md | 25 + cluster/nsgRulesTemplate.md | 81 ++ dynamic-cluster/aadNestedTemplate.md | 308 ++++++++ dynamic-cluster/addnode-coherence.md | 570 ++++++++++++++ dynamic-cluster/addnode.md | 684 ++++++++++++++++ dynamic-cluster/coherenceTemplate.md | 526 +++++++++++++ dynamic-cluster/customDNSTemplate.md | 177 +++++ dynamic-cluster/dbTemplate.md | 332 ++++++++ dynamic-cluster/deletenode.md | 482 ++++++++++++ dynamic-cluster/elkNestedTemplate.md | 406 ++++++++++ dynamic-cluster/index.md | 26 + dynamic-cluster/nsgRulesTemplate.md | 81 ++ dynamic-cluster/ohsNestedTemplate.md | 210 +++++ index.html | 5 + release-notes/index.md | 100 +++ resources/basicauth.war | Bin 0 -> 3226 bytes resources/coherence-sample.war | Bin 0 -> 93815 bytes resources/webtestapp.war | Bin 0 -> 2618 bytes subtemplate-src/addnode-coherence.md | 570 ++++++++++++++ subtemplate-src/admin-aadNestedTemplate.md | 302 +++++++ subtemplate-src/admin-customDNSTemplate.md | 164 ++++ subtemplate-src/admin-elkNestedTemplate.md | 285 +++++++ subtemplate-src/appGatewayNestedTemplate.md | 364 +++++++++ subtemplate-src/cluster-aadNestedTemplate.md | 308 ++++++++ subtemplate-src/cluster-addnode.md | 734 ++++++++++++++++++ subtemplate-src/cluster-customDNSTemplate.md | 174 +++++ subtemplate-src/cluster-deletenode.md | 535 +++++++++++++ subtemplate-src/cluster-elkNestedTemplate.md | 399 ++++++++++ subtemplate-src/cluster-nsgRulesTemplate.md | 81 ++ subtemplate-src/coherenceTemplate.md | 526 +++++++++++++ subtemplate-src/dbTemplate.md | 332 ++++++++ .../dynamic-cluster-aadNestedTemplate.md | 308 ++++++++ subtemplate-src/dynamic-cluster-addnode.md | 684 ++++++++++++++++ .../dynamic-cluster-customDNSTemplate.md | 177 +++++ subtemplate-src/dynamic-cluster-deletenode.md | 482 ++++++++++++ .../dynamic-cluster-elkNestedTemplate.md | 406 ++++++++++ .../dynamic-cluster-nsgRulesTemplate.md | 81 ++ .../dynamic-cluster-ohsNestedTemplate.md | 210 +++++ subtemplate-src/dynamic-customDNSTemplate.md | 177 +++++ 66 files changed, 16817 insertions(+) create mode 100755 Gemfile create mode 100644 LICENSE create mode 100644 Makefile create mode 100644 README.md create mode 100644 _config.yml create mode 100644 _data/var.yml create mode 100644 _includes/head.html create mode 100644 _includes/sub-template-01.md create mode 100644 _includes/toc.html create mode 100644 _includes/variables.md create mode 100644 _layouts/default.html create mode 100644 admin/aadNestedTemplate.md create mode 100644 admin/customDNSTemplate.md create mode 100644 admin/dbTemplate.md create mode 100644 admin/elkNestedTemplate.md create mode 100644 admin/index.md create mode 100644 arm-oraclelinux-wls/src/main/scripts/create_datasource.py create mode 100644 assets/css/style.scss create mode 100644 cluster/aadNestedTemplate.md create mode 100644 cluster/addnode-coherence.md create mode 100644 cluster/addnode.md create mode 100644 cluster/appGatewayNestedTemplate.md create mode 100644 cluster/coherenceTemplate.md create mode 100644 cluster/customDNSTemplate.md create mode 100644 cluster/dbTemplate.md create mode 100644 cluster/deletenode.md create mode 100644 cluster/elkNestedTemplate.md create mode 100644 cluster/index.md create mode 100644 cluster/nsgRulesTemplate.md create mode 100644 dynamic-cluster/aadNestedTemplate.md create mode 100644 dynamic-cluster/addnode-coherence.md create mode 100644 dynamic-cluster/addnode.md create mode 100644 dynamic-cluster/coherenceTemplate.md create mode 100644 dynamic-cluster/customDNSTemplate.md create mode 100644 dynamic-cluster/dbTemplate.md create mode 100644 dynamic-cluster/deletenode.md create mode 100644 dynamic-cluster/elkNestedTemplate.md create mode 100644 dynamic-cluster/index.md create mode 100644 dynamic-cluster/nsgRulesTemplate.md create mode 100644 dynamic-cluster/ohsNestedTemplate.md create mode 100644 index.html create mode 100644 release-notes/index.md create mode 100644 resources/basicauth.war create mode 100644 resources/coherence-sample.war create mode 100644 resources/webtestapp.war create mode 100644 subtemplate-src/addnode-coherence.md create mode 100644 subtemplate-src/admin-aadNestedTemplate.md create mode 100644 subtemplate-src/admin-customDNSTemplate.md create mode 100644 subtemplate-src/admin-elkNestedTemplate.md create mode 100644 subtemplate-src/appGatewayNestedTemplate.md create mode 100644 subtemplate-src/cluster-aadNestedTemplate.md create mode 100644 subtemplate-src/cluster-addnode.md create mode 100644 subtemplate-src/cluster-customDNSTemplate.md create mode 100644 subtemplate-src/cluster-deletenode.md create mode 100644 subtemplate-src/cluster-elkNestedTemplate.md create mode 100644 subtemplate-src/cluster-nsgRulesTemplate.md create mode 100644 subtemplate-src/coherenceTemplate.md create mode 100644 subtemplate-src/dbTemplate.md create mode 100644 subtemplate-src/dynamic-cluster-aadNestedTemplate.md create mode 100644 subtemplate-src/dynamic-cluster-addnode.md create mode 100644 subtemplate-src/dynamic-cluster-customDNSTemplate.md create mode 100644 subtemplate-src/dynamic-cluster-deletenode.md create mode 100644 subtemplate-src/dynamic-cluster-elkNestedTemplate.md create mode 100644 subtemplate-src/dynamic-cluster-nsgRulesTemplate.md create mode 100644 subtemplate-src/dynamic-cluster-ohsNestedTemplate.md create mode 100644 subtemplate-src/dynamic-customDNSTemplate.md diff --git a/Gemfile b/Gemfile new file mode 100755 index 000000000..9863f8b55 --- /dev/null +++ b/Gemfile @@ -0,0 +1,10 @@ +source "https://rubygems.org" +ruby RUBY_VERSION + +# This is the default theme for new Jekyll sites. You may change this to anything you like. +gem "minima", "~> 2.0" + +# If you want to use GitHub Pages, remove the "gem "jekyll"" above and +# uncomment the line below. To upgrade, run `bundle update github-pages`. +gem "github-pages", group: :jekyll_plugins + diff --git a/LICENSE b/LICENSE new file mode 100644 index 000000000..261eeb9e9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/Makefile b/Makefile new file mode 100644 index 000000000..742d7d7dd --- /dev/null +++ b/Makefile @@ -0,0 +1,25 @@ +all: + cp subtemplate-src/addnode-coherence.md cluster/addnode-coherence.md + cp subtemplate-src/addnode-coherence.md dynamic-cluster/addnode-coherence.md + cp subtemplate-src/admin-aadNestedTemplate.md admin/aadNestedTemplate.md + cp subtemplate-src/admin-customDNSTemplate.md admin/customDNSTemplate.md + cp subtemplate-src/admin-elkNestedTemplate.md admin/elkNestedTemplate.md + cp subtemplate-src/appGatewayNestedTemplate.md cluster + cp subtemplate-src/cluster-aadNestedTemplate.md cluster/aadNestedTemplate.md + cp subtemplate-src/cluster-addnode.md cluster/addnode.md + cp subtemplate-src/cluster-customDNSTemplate.md cluster/customDNSTemplate.md + cp subtemplate-src/cluster-deletenode.md cluster/deletenode.md + cp subtemplate-src/cluster-elkNestedTemplate.md cluster/elkNestedTemplate.md + cp subtemplate-src/cluster-nsgRulesTemplate.md cluster/nsgRulesTemplate.md + cp subtemplate-src/coherenceTemplate.md cluster/coherenceTemplate.md + cp subtemplate-src/coherenceTemplate.md dynamic-cluster/coherenceTemplate.md + cp subtemplate-src/dbTemplate.md admin + cp subtemplate-src/dbTemplate.md cluster + cp subtemplate-src/dbTemplate.md dynamic-cluster + cp subtemplate-src/dynamic-cluster-aadNestedTemplate.md dynamic-cluster/aadNestedTemplate.md + cp subtemplate-src/dynamic-cluster-addnode.md dynamic-cluster/addnode.md + cp subtemplate-src/dynamic-cluster-deletenode.md dynamic-cluster/deletenode.md + cp subtemplate-src/dynamic-cluster-elkNestedTemplate.md dynamic-cluster/elkNestedTemplate.md + cp subtemplate-src/dynamic-cluster-nsgRulesTemplate.md dynamic-cluster/nsgRulesTemplate.md + cp subtemplate-src/dynamic-cluster-ohsNestedTemplate.md dynamic-cluster/ohsNestedTemplate.md + cp subtemplate-src/dynamic-cluster-customDNSTemplate.md dynamic-cluster/customDNSTemplate.md diff --git a/README.md b/README.md new file mode 100644 index 000000000..2d8f99918 --- /dev/null +++ b/README.md @@ -0,0 +1,91 @@ +# arm-oraclelinux-wls +# Simple deployment of a Oracle Linux VM with Weblogic Server pre-installed + +This template allows us to deploy a simple Oracle Linux VM with Weblogic Server (12.2.1.3.0) pre-installed. +This template deploy by default, an A3 size VM in the resource group location and return the fully qualified domain name of the VM. + +To install Weblogic Server, requires Oracle Weblogic Install kit and Oracle JDK to be downloaded, from OTN Site (https://www.oracle.com/technical-resources/). The OTN site requires the user to accept OTN Free Developer License Agreement before downloading any resources. +So, when this template is run, user will be required to accept the OTN Free Developer License Agreement and also provide OTN credentials (username and password), to download the Oracle Weblogic Install Kit and Oracle JDK. + + +

Using the template

+ +

Perform string substitution to generate the necessary artifacts for deployment or uploading to the Azure Cloud Partner Portal

+ +* Install Apache Maven. This project uses Apache Maven to do simple + string substitution for several required parameters in the templates. + +* From the top level run `mvn clean install`. + +* The templates end up in `arm-oraclelinux-wls/arm-oraclelinux-wls/target/arm`. Change to that directory to run the templates. + +

Once you have performed the string substitution, you can deploy the template via the command line

+ +**PowerShell** + +*#use this command when you need to create a new resource group for your deployment* + +*New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> + +*New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateFile mainTemplate.json* + +**Command line** + +``` +az group create --name <resource-group-name> --location <resource-group-location> + +az group deployment create --resource-group <resource-group-name> --template-file mainTemplate.json --parameters @parametersFile.json +``` + +For example: + +``` +az group deployment create --resource-group 20191001-01-my-rg --parameters @my-parameters.json --template-file arm-oraclelinux-wls/target/arm/mainTemplate.json +``` + +If you are new to Azure virtual machines, see: + +- [Azure Virtual Machines](https://azure.microsoft.com/services/virtual-machines/). +- [Azure Linux Virtual Machines documentation](https://docs.microsoft.com/azure/virtual-machines/linux/) +- [Azure Windows Virtual Machines documentation](https://docs.microsoft.com/azure/virtual-machines/windows/) +- [Template reference](https://docs.microsoft.com/azure/templates/microsoft.compute/allversions) +- [Quickstart templates](https://azure.microsoft.com/resources/templates/?resourceType=Microsoft.Compute&pageNumber=1&sort=Popular) + +If you are new to template deployment, see: + +[Azure Resource Manager documentation](https://docs.microsoft.com/azure/azure-resource-manager/) + +## Considerations for CI/CD + +

Running the tests

+ +Microsoft provides template validation tests in the Git repo for [azure-quickstart-templates](https://github.com/Azure/azure-quickstart-templates/tree/master/test/template-tests). This project has maven configuration to run those tests against the ARM template. This is useful when building the template as part of a CI/CD pipeline. + +

Preconditions

+ +The environment running the tests must have the git repo for +[Azure Quickstart Templates)[https://github.com/Azure/azure-quickstart-templates] checked +out in the expected place, and the necessary powershell software installed + +1. Make it so the environment that runs `mvn` is able to execute the powershell command. + +2. Git clone the [Azure Quickstart Templates)[https://github.com/Azure/azure-quickstart-templates] into the top level `target` directory. + +

Running the tests

+ +1. run `mvn install` in the top level directory. **Do not run `mvn + clean` as this will delete the directory from step 3 above** + +2. Change to `arm-oraclelinux-wls` and run `mvn -Dgit.repo=edburns -Ptemplate-validation-tests install` + +3. The template validation tests should run. You must see no failures, signified by lines that start with `[-]` + tests and some large number of passing tests: `[+]`. + +4. The zip file to upload to the Cloud Partner Portal is located in the + target directory. + +## Updating the Versions + +``` +mvn versions:set -DnewVersion=1.0.1 -DoldVersion=* -DgroupId=com.oracle.weblogic.azure -DartifactId=* +``` diff --git a/_config.yml b/_config.yml new file mode 100644 index 000000000..6bd888f58 --- /dev/null +++ b/_config.yml @@ -0,0 +1,2 @@ +theme: jekyll-theme-primer +repository: "wls-eng/arm-oraclelinux-wls" diff --git a/_data/var.yml b/_data/var.yml new file mode 100644 index 000000000..6ac046797 --- /dev/null +++ b/_data/var.yml @@ -0,0 +1,13 @@ +azureFullBrandName: Microsoft Azure IaaS +wlsFullBrandName: Oracle WebLogic Server +brandNameNumber: 12c +partNumber: E48696-01 +publicationDate: March 2021 +versionOr: 12.1.2.3 +# versionOr: 12.1.2.3 or 12.1.2.4 # edburns: only support 12.2.1.3 now. +oracleLinuxVersion: 7.4 +jdkVersion: Oracle JDK 8u131 +jdkVersionNumber: jdk1.8.0_131 +repoPrefix: /arm-oraclelinux-wls- +artifactsLocationBase: https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls- +artifactsLocationTag: 2021-03-23-01-Q1 diff --git a/_includes/head.html b/_includes/head.html new file mode 100644 index 000000000..9983823a4 --- /dev/null +++ b/_includes/head.html @@ -0,0 +1,3 @@ + + + diff --git a/_includes/sub-template-01.md b/_includes/sub-template-01.md new file mode 100644 index 000000000..f44a916e0 --- /dev/null +++ b/_includes/sub-template-01.md @@ -0,0 +1,3 @@ +This page lists the available templates for working with existing +deployments. These templates perform various operations on an existing +deployment after it has initially been deployed from the Azure portal. diff --git a/_includes/toc.html b/_includes/toc.html new file mode 100644 index 000000000..fad7e7998 --- /dev/null +++ b/_includes/toc.html @@ -0,0 +1,5 @@ + diff --git a/_includes/variables.md b/_includes/variables.md new file mode 100644 index 000000000..822fee0db --- /dev/null +++ b/_includes/variables.md @@ -0,0 +1,41 @@ +{% comment %} +Account for variability in the repo paths. +{% endcomment %} + +{% assign pageDirName = page.dir | replace: "/", "" %} +{% capture pageDir %}{{ pageDirName }}{% endcapture %} + +{% if pageDir contains "admin" %} + {% capture armTemplateBasePath %}{{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/src/main/arm/{% endcapture %} + + {% comment %} + something like https://raw.githubusercontent.com/edburns/arm-oraclelinux-wls-admin/2020-06-24-01-Q2/src/main/arm/ + {% endcomment %} + +{% else %} + {% assign repoPrefix = site.data.var.repoPrefix %} + {% capture armTemplateBasePath %}{{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}{{ repoPrefix }}{{ pageDir }}/src/main/arm/{% endcapture %} + + {% comment %} + something like https://raw.githubusercontent.com/edburns/arm-oraclelinux-wls-cluster/2020-06-24-01-Q2/arm-oraclelinux-wls-cluster/src/main/arm/ + {% endcomment %} + + {% capture armTemplateDeleteNodeBasePath %}{{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/deletenode/src/main/{% endcapture %} + + {% comment %} + something like https://raw.githubusercontent.com/edburns/arm-oraclelinux-wls-cluster/2020-06-24-01-Q2/deletenode/src/main/ + {% endcomment %} + + {% capture armTemplateAddNodeBasePath %}{{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/addnode/src/main/{% endcapture %} + + {% comment %} + something like https://raw.githubusercontent.com/edburns/arm-oraclelinux-wls-cluster/2020-06-24-01-Q2/addnode/src/main/ + {% endcomment %} + + {% capture armTemplateAddCacheNodeBasePath %}{{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/addnode-coherence/src/main/{% endcapture %} + + {% comment %} + something like https://raw.githubusercontent.com/edburns/arm-oraclelinux-wls-cluster/2020-06-24-01-Q2/addnode=-coherence/src/main/ + {% endcomment %} + +{% endif %} diff --git a/_layouts/default.html b/_layouts/default.html new file mode 100644 index 000000000..059e9fda8 --- /dev/null +++ b/_layouts/default.html @@ -0,0 +1,35 @@ + + + + + + + + {% seo title=false %} + {{ site.data.var.wlsFullBrandName }} on Azure + + + +
+ + {{ content }} + + {% if site.github.private != true and site.github.license %} +
+
+ {% endif %} +
+ + + {% if site.google_analytics %} + + {% endif %} + + diff --git a/admin/aadNestedTemplate.md b/admin/aadNestedTemplate.md new file mode 100644 index 000000000..d50d4998a --- /dev/null +++ b/admin/aadNestedTemplate.md @@ -0,0 +1,302 @@ +{% include variables.md %} + +# Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure Active Directory Domain Service (AAD DS) using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The AAD ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Active Directory LDAP Instance + +To apply AAD to {{ site.data.var.wlsFullBrandName }}, you must have an existing Azure Active Directory LDAP instance to use. If you don't have AAD LADP instance, please follow the steps in the tutorial [Configure secure LDAP for an Azure Active Directory Domain Services managed domain](https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the AAD ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and AAD instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `aadsPortNumber` | (optional) The LDAP port number, defaults to 636. | +| `aadsPublicIP` | The IP address of the LDAP server | +| `aadsServerHost` | The hostname of the Active Directory Domain Services server. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `location` | Must be the same region into which the server was initially deployed. | +| `wlsDomainName` | The name of the {{ site.data.var.wlsFullBrandName }} domain. | +| `wlsLDAPGroupBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains groups. | +| `wlsLDAPPrincipalPassword` | The credential (usually a password) used to connect to the LDAP server. | +| `wlsLDAPPrincipal` | The Distinguished Name (DN) of the LDAP user that {{ site.data.var.wlsFullBrandName }} should use to connect to the LDAP server. | +| `wlsLDAPProviderName` | (optional) The value used for creating authentication provider name of WebLogic Server. | +| `wlsLDAPSSLCertificate` | Client certificate that will be imported to trust store of SSL. | +| `wlsLDAPSSLCertificate` | See below for details. | +| `wlsLDAPUserBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains users. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### `wlsLDAPSSLCertificate` + +Use base64 to encode your existing SSL certificate. + +```bash +base64 your-certificate.cer -w 0 >temp.txt +``` + +Use the content as this file as the value of the `wlsLDAPSSLCertificate` parameter. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "aadsPublicIP": { + "value": "1.2.3.4" + }, + "aadsServerHost": { + "value": "ladps.fabrikam.com" + }, + "location": { + "value": "eastus" + }, + "wlsDomainName": { + "value": "adminDomain" + }, + "wlsLDAPGroupBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipal": { + "value": "CN=WLSTest,OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "value": "Secret123!" + }, + "wlsLDAPSSLCertificate": { + "value": "MIIKQQIBAz....EkAgIIAA==" + }, + "wlsLDAPUserBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified AAD. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/cli", + "location": null, + "name": "cli", + "properties": { + "correlationId": "6d98e1c8-0778-4fa5-a30a-8f10bbbb6818", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT2M59.6052694S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationAADTemplate": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "aadsPortNumber": { + "type": "String", + "value": "636" + }, + "aadsPublicIP": { + "type": "String", + "value": "40.76.11.111" + }, + "aadsServerHost": { + "type": "String", + "value": "ladps.wls-security.com" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsDomainName": { + "type": "String", + "value": "adminDomain" + }, + "wlsLDAPGroupBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipal": { + "type": "String", + "value": "CN=WLSTest,OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "type": "SecureString" + }, + "wlsLDAPProviderName": { + "type": "String", + "value": "AzureActiveDirectoryProvider" + }, + "wlsLDAPSSLCertificate": { + "type": "String", + "value": "LS0tLS1...LQ0K" + }, + "wlsLDAPUserBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "2818584196763146470", + "templateLink": null, + "timestamp": "2020-06-09T07:07:03.444046+00:00" + }, + "resourceGroup": "oraclevm-admin-06082", + "type": "Microsoft.Resources/deployments" +} + +``` + +## Verify AAD Integration + +Follow the steps to check if AAD is enabled. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Providers**. +* If the integration was successful, you will find the AAD provider for example `AzureActiveDirectoryProvider`. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Users and Groups**. +* If the integration was successful, you will find users from the AAD provider. diff --git a/admin/customDNSTemplate.md b/admin/customDNSTemplate.md new file mode 100644 index 000000000..746b9e506 --- /dev/null +++ b/admin/customDNSTemplate.md @@ -0,0 +1,164 @@ +{% include variables.md %} + +# Configure DNS alias to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a custom DNS alias. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Registered Domain Name + +You need to buy a domain name to create a custom DNS alias. + +### Azure DNS Zone + +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. + +```bash +$ nslookup -type=SOA contoso.com +Server: 172.29.80.1 +Address: 172.29.80.1#53 + +Non-authoritative answer: +contoso.com + origin = ns1-01.azure-dns.com + mail addr = azuredns-hostmaster.microsoft.com + serial = 1 + refresh = 3600 + retry = 300 + expire = 2419200 + minimum = 300 +Name: ns1-01.azure-dns.com +Address: 40.90.4.1 +Name: ns1-01.azure-dns.com +Address: 2603:1061::1 +``` + +We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. + +### Azure Managed Indentify + +If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + + +## Prepare the Parameters + +We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. + +| Parameter Name             | Explanation | +|----------------|-------------| +| `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| +| `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | +| `--artifact-location`| Required. See below for details. | +| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--location ` | Required. Must be the same region into which the server was initially deployed. | +| `--zone-name ` | Required. Azure DNS Zone name. | +| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| +| `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | +| `--help` | Help. | + +### Artifacts location + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +## Invoke the Automation Script + +We provide an automation script to configure a custom DNS alias. The script lets you do the following: + + * If you have an Azure DNS Zone, it will create a DNS alias for the admin console on the existing DNS Zone. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console. + +### Configure DNS Alias on an Existing Azure DNS Zone + +To configure a DNS alias on an existing Azure DNS Zone, in addition to the required parameters, you must also specify an Azure user-assigned managed identity ID and the resource group name in which your DNS Zone is deployed. + +This is an example to create a DNS alias `admin.contoso.com` for the admin console in an existing Azure DNS Zone. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --identity-id `yourIndentityID` \ + --zone-resource-group `yourDNSZoneResourceGroup` +``` + +An example output: + +```text +Done! + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + +``` + + +### Configure DNS Alias on a New Azure DNS Zone + +To configure a DNS alias on a new Azure DNS Zone, you must specify the required parameters. + +This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com +``` + +An example output: + +```text +DONE! + + +Action required: + Complete Azure DNS delegation to make the alias accessible. + Reference: https://aka.ms/dns-domain-delegation + Name servers: + [ + "ns1-02.azure-dns.com.", + "ns2-02.azure-dns.net.", + "ns3-02.azure-dns.org.", + "ns4-02.azure-dns.info." + ] + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console +``` + +**Note:** The DNS aliases are not accessible now, you must perform Azure DNS delegation after the deployment. Follow [Delegation of DNS zones with Azure DNS](https://aka.ms/dns-domain-delegation) to complete the Azure DNS delegation. + + +## Verify the Custom Alias + +Access the URL from output to verify if the custom alias works. diff --git a/admin/dbTemplate.md b/admin/dbTemplate.md new file mode 100644 index 000000000..ac4ab4faf --- /dev/null +++ b/admin/dbTemplate.md @@ -0,0 +1,332 @@ +{% include variables.md %} + +# Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure database using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Database Instance + +To apply configure a database with {{ site.data.var.wlsFullBrandName }}, +you must have an existing database instance to use. This template +supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +create one from the Azure portal. + +### Apply multiple databases + +You can deploy different databases using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. + +To apply multiple databases, you have to remove the previous virtual machine extension. Last ARM parameters file is cached, it will block you from configuring the new database. + +Use the following command to remove virtual machine extension: + +```bash +# remove existing vm extension +az vm extension delete -g ${yourResourceGroup} --vm-name ${adminVMName} --name newuserscript +``` + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the database ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and database instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `dbPassword`| See below for details. | +| `dbUser` | See below for details. | +| `dsConnectionURL`| See below for details. | +| `jdbcDataSourceName`| Must be the JNDI name for the JDBC DataSource. | +| `location` | Must be the same region into which the server was initially deployed. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Obtain the JDBC Connection String, Database User, and Database Password + +The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. + +#### Oracle Database: + +The following is the format of the JDBC connection string for Oracle Database: + +```bash +jdbc:oracle:thin:@HOSTNAME:1521/DATABASENAME +``` + +For example: + +```bash +jdbc:oracle:thin:@benqoiz.southeastasia.cloudapp.azure.com:1521/pdb1 +``` + +#### Azure Database for PostgreSQL: + +Deploy an Azure Database PostgreSQL as described in [Create an Azure Database for PostgreSQL server in the Azure portal](https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-portal). + +1. Access the [Azure portal](https://portal.azure.com), and go to the service instance. + +2. Click **Connection Strings** under **Settings**. + +3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: + +```bash +jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?user=jroybtvp@20191015cbfgterfdy&password={your_password}&sslmode=require +``` + +When passing this value to the ARM template, remove the database user and password values from the connection string, and let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: + +```bash +jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?sslmode=require +``` + +Finally, replace `{your_database}` with the name of your database, typically `postgres`. + +#### Azure SQL Server + +Deploy Azure SQL Server as described in [Create a single database in Azure SQL Database using the Azure portal, PowerShell, and Azure CLI](https://docs.microsoft.com/en-us/azure/sql-database/sql-database-single-database-get-started?tabs=azure-portal). + +1. Access the [Azure portal](https://portal.azure.com) and go to the service instance. + +2. Click **Connection Strings** under **Settings**. + +3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: + +```bash +jdbc:sqlserver://rwo102804.database.windows.net:1433;database=rwo102804;user=jroybtvp@rwo102804;password={your_password_here};encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30; +``` + +When passing this value to the ARM template, remove the database user and password values, let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: + +```bash +jdbc:sqlserver://rwo102804.database.windows.net:1433;database={your_database};encrypt=true;tr +``` + +Finally, replace `{your_database}` with the name of your database. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include `adminVMName`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation":{ + "value": "{{ armTemplateBasePath }}" + }, + "location": { + "value": "eastus" + }, + "databaseType": { + "value": "postgresql" + }, + "dsConnectionURL": { + "value": "jdbc:postgresql://ejb060801p.postgres.database.azure.com:5432/postgres?sslmode=require" + }, + "dbPassword": { + "value": "Secret123!" + }, + "dbUser": { + "value": "postgres@ejb060801p" + }, + "jdbcDataSourceName": { + "value": "jdbc/ejb060801p" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Resources/deployments/db", + "location": null, + "name": "db", + "properties": { + "correlationId": "6fc805b9-1c47-4b32-b9b0-59745a21e559", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-0602", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Resources/deployments/3b35b279-0e94-5264-85f5-0d9d662f8a38", + "resourceGroup": "oraclevm-admin-0602", + "resourceName": "3b35b279-0e94-5264-85f5-0d9d662f8a38", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT17.4377546S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-0602" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationDbTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "databaseType": { + "type": "String", + "value": "postgresql" + }, + "dbPassword": { + "type": "SecureString" + }, + "dbUser": { + "type": "String", + "value": "weblogic@oraclevm" + }, + "dsConnectionURL": { + "type": "String", + "value": "jdbc:postgresql://oraclevm.postgres.database.azure.com:5432/postgres" + }, + "jdbcDataSourceName": { + "type": "String", + "value": "jdbc/WebLogicCafeDB" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "6381424766408193665", + "templateLink": null, + "timestamp": "2020-06-02T06:05:03.141828+00:00" + }, + "resourceGroup": "oraclevm-admin-0602", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify Database Connection + +Follow the steps to check if the database has successfully been connected. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigation pane, expand the **Services** tree node and the **DataSources** child node. +* Select the row for the JDBC database name, for example `jdbc/WebLogicDB`. +* Select the **Monitoring** tab and the **Testing** sub-tab. +* Select `admin` and select **Test Data Source** +* If the database is enabled, you will see a message similar to "Test of jdbc/WebLogicDB on server admin was successful." diff --git a/admin/elkNestedTemplate.md b/admin/elkNestedTemplate.md new file mode 100644 index 000000000..4368d7225 --- /dev/null +++ b/admin/elkNestedTemplate.md @@ -0,0 +1,285 @@ +{% include variables.md %} + +# Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to land logs to Elasticsearch and Kibana using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The ELK ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Virtual machine size requirement +Ensure the virtual machines that have been deployed have at least **2.5GB** of memory. The default virtual machine size for WLS does not have enough memory. Use at least `Standard_A2_v2`. + +### Elasticsearch instance + +Refer to [Create an an Elastic on Azure instance](https://aka.ms/arm-oraclelinux-wls-elk#create-an-an-elastic-on-azure-instance) + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the ELK ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. + +We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and Elasticsearch instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| Virtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server. | +| `elasticsearchEndpoint` | The Elasticsearch endpoint. | +| `elasticsearchPassword` | Password of the Elasticsearch account. Used to distibute message with REST API to Elasticsearch instance. | +| `elasticsearchUserName` | User name of the Elasticsearch account. | +| `location` | Must be the same region into which the server was initially deployed. | +| `logsToIntegrate` | Specify the WebLogic logs to export to Elasticsearch, you must select at least one log. | +| `wlsDomainName` | Must be the same value provided at initial deployment time. | +| `wlsPassword` | Must be the same value provided at initial deployment time. | +| `wlsUserName` | Must be the same value provided at initial deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminVMName": { + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "value": "wlkpsw" + }, + "elasticsearchUserName": { + "value": "elastic" + }, + "location": { + "value": "eastus" + }, + "wlsDomainName": { + "value": "adminDomain" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to connect to Elasticsearch and Kinaba intance. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-admin-elk/providers/Microsoft.Resources/deployments/elkNestedTemplate", + "location": null, + "name": "elkNestedTemplate", + "properties": { + "correlationId": "61a46b43-27d0-4478-baba-c288059892d5", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-admin-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-admin-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-admin-elk/providers/Microsoft.Resources/deployments/pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceGroup": "haiche-admin-elk", + "resourceName": "pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceType": "Microsoft.Resources/deployments" + }, + ], + "duration": "PT8M54.4785762S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-admin-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-admin-elk" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "logIndex": { + "type": "String", + "value": "azure-weblogic-admin-b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationELKTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "type": "String", + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "type": "SecureString" + }, + "elasticsearchUserName": { + "type": "String", + "value": "elastic" + }, + "guidValue": { + "type": "String", + "value": "b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "logsToIntegrate": { + "type": "Array", + "value": [ + "HTTPAccessLog", + "ServerLog", + "DomainLog", + "DataSourceLog", + "StandardErrorAndOutput", + "NodeManagerLog" + ] + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "10060935779116645392", + "templateLink": null, + "timestamp": "2020-11-11T07:29:42.336797+00:00" + }, + "resourceGroup": "haiche-admin-elk", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify ELK connection + +Follow the steps to check if WebLogic Server logs are exported to Elasticsearch. + +* Go to Azure portal +* Copy log index from your resource group -> deployments -> elkNestedTemplate -> output -> logIndex . +* Go to Elasticsearch cloud and launch Kibana. +* Create index + * Go to Kibana -> Management -> Kibana -> Index Patterns + * Click `Create index Patterns` + * Input the log index you copy from output in Index pattern + * There should be an index you can select, otherwise, the ELK deployment failed + * Next step + * Select `@timestamp` in Time Filter and hit `Create index pattern` +* View logs + * Go to Kibana -> Discover + * Select the index you just created + * You will find the WebLogic Server logs listed diff --git a/admin/index.md b/admin/index.md new file mode 100644 index 000000000..79686ab2d --- /dev/null +++ b/admin/index.md @@ -0,0 +1,13 @@ +# Single Node {{ site.data.var.wlsFullBrandName }} with Admin Server + +{% include sub-template-01.md %} + +Templates available for working with [{{ site.data.var.wlsFullBrandName }} with Admin Server](https://portal.azure.com/#create/oracle.20191009-arm-oraclelinux-wls-admin20191009-arm-oraclelinux-wls-admin): + +* [Configure a database connection](dbTemplate.md) + +* [Configure Azure Active Directory](aadNestedTemplate.md) + +* [Configure custom DNS alias](customDNSTemplate.md) + +* [Configure Elasticsearch and Kibana](elkNestedTemplate.md) diff --git a/arm-oraclelinux-wls/src/main/scripts/create_datasource.py b/arm-oraclelinux-wls/src/main/scripts/create_datasource.py new file mode 100644 index 000000000..5ddbd937b --- /dev/null +++ b/arm-oraclelinux-wls/src/main/scripts/create_datasource.py @@ -0,0 +1,33 @@ +connect('weblogic','gumby1234','t3://ejb1024010-ejb102401rg-ejb102401.eastus.cloudapp.azure.com:7001') +edit("Edwards-MacBook-Pro.local") +startEdit() +cd('/') +try: + cmo.createJDBCSystemResource('postgreSQL-0') + cd('/JDBCSystemResources/postgreSQL-0/JDBCResource/postgreSQL-0') + cmo.setName('postgreSQL-0') + cd('/JDBCSystemResources/postgreSQL-0/JDBCResource/postgreSQL-0/JDBCDataSourceParams/postgreSQL-0') + set('JNDINames',jarray.array([String('jndi/postgreSQL-0')], String)) + cd('/JDBCSystemResources/postgreSQL-0/JDBCResource/postgreSQL-0') + cmo.setDatasourceType('GENERIC') + cd('/JDBCSystemResources/postgreSQL-0/JDBCResource/postgreSQL-0/JDBCDriverParams/postgreSQL-0') + cmo.setUrl('jdbc:postgresql://20191015postgresql.postgres.database.azure.com:5432/wls20191015?sslmode=require') + cmo.setDriverName('org.postgresql.Driver') + cmo.setPassword('wlsEng@2019') + cd('/JDBCSystemResources/postgreSQL-0/JDBCResource/postgreSQL-0/JDBCConnectionPoolParams/postgreSQL-0') + cmo.setTestTableName('SQL ISVALID\r\n\r\n\r\n\r\n') + cd('/JDBCSystemResources/postgreSQL-0/JDBCResource/postgreSQL-0/JDBCDriverParams/postgreSQL-0/Properties/postgreSQL-0') + cmo.createProperty('user') + cd('/JDBCSystemResources/postgreSQL-0/JDBCResource/postgreSQL-0/JDBCDriverParams/postgreSQL-0/Properties/postgreSQL-0/Properties/user') + cmo.setValue('weblogic@20191015postgresql') + cd('/JDBCSystemResources/postgreSQL-0/JDBCResource/postgreSQL-0/JDBCDataSourceParams/postgreSQL-0') + cmo.setGlobalTransactionsProtocol('EmulateTwoPhaseCommit') + cd('/JDBCSystemResources/postgreSQL-0') + set('Targets',jarray.array([ObjectName('com.bea:Name=cluster1,Type=Cluster')], ObjectName)) + save() + resolve() + activate() +except Exception, e: + print "Already datasource with name postgreSQL-0 exists" +destroyEditSession("Edwards-MacBook-Pro.local",force = true) +disconnect() diff --git a/assets/css/style.scss b/assets/css/style.scss new file mode 100644 index 000000000..480ee1d3e --- /dev/null +++ b/assets/css/style.scss @@ -0,0 +1,5 @@ +--- +--- + +@import "{{ site.theme }}"; + diff --git a/cluster/aadNestedTemplate.md b/cluster/aadNestedTemplate.md new file mode 100644 index 000000000..871e44cad --- /dev/null +++ b/cluster/aadNestedTemplate.md @@ -0,0 +1,308 @@ +{% include variables.md %} + +# Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure Active Directory Domain Service (AAD DS) using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The AAD ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Active Directory LDAP Instance + +To apply AAD to {{ site.data.var.wlsFullBrandName }}, you must have an existing Azure Active Directory LDAP instance to use. If you don't have AAD LADP instance, please follow the steps in the tutorial [Configure secure LDAP for an Azure Active Directory Domain Services managed domain](https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the AAD ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and AAD instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `aadsPortNumber` | (optional) The LDAP port number, defaults to 636. | +| `aadsPublicIP` | The IP address of the LDAP server | +| `aadsServerHost` | The hostname of the Active Directory Domain Services server. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `location` | Must be the same region into which the server was initially deployed. | +| `managedServerPrefix` | Must be the same managed server prefix with that in initial deployed. | +| `numberOfInstances` | Numbers of Virtual Machines that have been deployed, including Virtual Machine that hosts Administration Server. | +| `wlsDomainName` | The name of the {{ site.data.var.wlsFullBrandName }} domain. | +| `wlsLDAPGroupBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains groups. | +| `wlsLDAPPrincipalPassword` | The credential (usually a password) used to connect to the LDAP server. | +| `wlsLDAPPrincipal` | The Distinguished Name (DN) of the LDAP user that {{ site.data.var.wlsFullBrandName }} should use to connect to the LDAP server. | +| `wlsLDAPProviderName` | (optional) The value used for creating authentication provider name of WebLogic Server. | +| `wlsLDAPSSLCertificate` | Client certificate that will be imported to trust store of SSL. | +| `wlsLDAPSSLCertificate` | See below for details. | +| `wlsLDAPUserBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains users. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### `wlsLDAPSSLCertificate` + +Use base64 to encode your existing SSL certificate. + +```bash +base64 your-certificate.cer -w 0 >temp.txt +``` + +Use the content as this file as the value of the `wlsLDAPSSLCertificate` parameter. + +### `numberOfInstances` + +The number of existing nodes, includeing Administration Server node. It should equal to existing Virtual Machine number. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. Pay attention to the value of `numberOfInstances`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "aadsPublicIP": { + "value": "1.2.3.4" + }, + "aadsServerHost": { + "value": "ladps.fabrikam.com" + }, + "location": { + "value": "eastus" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsLDAPGroupBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipal": { + "value": "CN=WLSTest,OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "value": "Secret123!" + }, + "wlsLDAPSSLCertificate": { + "value": "MIIKQQIBAz....EkAgIIAA==" + }, + "wlsLDAPUserBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified AAD. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/cli", + "location": null, + "name": "cli", + "properties": { + "correlationId": "6d98e1c8-0778-4fa5-a30a-8f10bbbb6818", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT2M59.6052694S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationAADTemplate": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "aadsPortNumber": { + "type": "String", + "value": "636" + }, + "aadsPublicIP": { + "type": "String", + "value": "40.76.11.111" + }, + "aadsServerHost": { + "type": "String", + "value": "ladps.wls-security.com" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsDomainName": { + "type": "String", + "value": "adminDomain" + }, + "wlsLDAPGroupBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipal": { + "type": "String", + "value": "CN=WLSTest,OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "type": "SecureString" + }, + "wlsLDAPProviderName": { + "type": "String", + "value": "AzureActiveDirectoryProvider" + }, + "wlsLDAPSSLCertificate": { + "type": "String", + "value": "LS0tLS1...LQ0K" + }, + "wlsLDAPUserBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "2818584196763146470", + "templateLink": null, + "timestamp": "2020-06-09T07:07:03.444046+00:00" + }, + "resourceGroup": "oraclevm-admin-06082", + "type": "Microsoft.Resources/deployments" +} + +``` + +## Verify AAD Integration + +Follow the steps to check if AAD is enabled. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Providers**. +* If the integration was successful, you will find the AAD provider for example `AzureActiveDirectoryProvider`. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Users and Groups**. +* If the integration was successful, you will find users from the AAD provider. diff --git a/cluster/addnode-coherence.md b/cluster/addnode-coherence.md new file mode 100644 index 000000000..8f5716664 --- /dev/null +++ b/cluster/addnode-coherence.md @@ -0,0 +1,570 @@ +{% include variables.md %} + +# Add cache managed server to {{ site.data.var.wlsFullBrandName }} Coherence cluster + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to add new managed cache server using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The `addnode-coherence.json` template will be applied to an existing {{ site.data.var.wlsFullBrandName }} **Coherence** cluster. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Coherence cluster + +You can configure Coherence cluster from Azure portal or running Coherence sub template. + +* Configure Coherence cluster from Azure portal + + Select `yes` in Coherence section and input required settings, the Azure WebLogic IaaS offer will configure a Coherence cluster automatically. + +* Configure Coherence cluster via Coherence sub template + + Refer to [Configure Coherence cluster](coherenceTemplate.html). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to `addnode-coherence.json` template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. You must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and nodes that to be added. This section shows how to obtain the values for the following required properties. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Parameter NameExplanation
_artifactsLocationSee below for details.
elkSettingsOptional. JSON object type. You can specify this parameters for Elasticsearch and Kibana(ELK) connection. If enable is true, must specify other properties. See the page WebLogic with Elastic on Azure for further information.
enableIf enable is true, must specify all properties of the elkSettings.
elasticsearchEndpointEndpoint of the Elasticsearch instance.
elasticsearchPasswordPassword for Elasticsearch account.
elasticsearchUserNameUser name for Elasticsearch account.
logIndexMust be the same value output at ELK deployment time.
logsToIntegrateArray with string value. Specify the expeted logs to integrate, you must input at least one log.
adminPasswordOrKeyPassword of administration account for the new Virtual Machine that host new nodes.
adminVMNameVirtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server, for example: adminVM.
enableCoherenceWebLocalStorageSpecifies whether Local Storage is enabled for the Coherence*Web cluster tier.
locationMust be the same region into which the server was initially deployed.
managedServerPrefixMust be the same prefix with which the cluster was initially deployed.
numberOfExistingCacheNodesNumber of existing Coherence cache servers, used to name new virtual machines and new managed server.
numberOfNewCacheNodesNumber of new Coherence cahce servers, used to create Virtual Machines and Managed Server.
skuUrnVersionMust be the same urn with which the cluster was initially deployed.
storageAccountNameThe name of an existing storage account.
vmSizeSelectForCoherenceSelect appropriate VM Size for Coherence cache servers.
wlsDomainNameMust be the same value provided at deployment time.
wlsPasswordMust be the same value provided at deployment time.
wlsUserNameMust be the same value provided at deployment time.
+ +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateAddCacheNodeBasePath }} +``` + +### Existing cache nodes +To differentiate functionality of managed cache servers, we use **managed application server** to represent managed servers that host Java EE application, and use **managed cache server** to represent managed servers that used for cache. + +You can get the existing managed cache servers with the following command: + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfExistingCacheNodes=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}StorageVM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfExistingCacheNodes} +``` + +### Log index + +If you configured ELK in your cluster to export WebLogic Server logs to ELK, please input the value of Kibana log index, this template will set up ELK connection and export logs to specified index. + +You can get the value from Azure portal with the following steps: + +* Go to Azure portal. +* Open you resource group and click **Deployments**. +* Open the ELK deployment, and click **Output**. +* Copy the value of `logIndex`. + +Alternatively, use Azure CLI command to list log index inside the resource group deployments: + +```shell +$ az deployment group list -g 'yourResourceGroup' --query [*].properties.outputs.logIndex.value +[ + "azure-weblogic-cluster-f984df74-ab4d-4c17-a532-7f248659fb28" +] +``` + +### Storage account + +Each Storage Account handles up to 20,000 IOPS, and 500TB of data. If you use a storage account for Standard Virtual Machines, you can store until 40 virtual disks. + +We have two disks for one Virtual Machine, it's suggested no more than 20 Virtual Machines share the same storage account. Number of virtual machines that hosting managed servers should be less than or equal to 20. + +You can get the name of storage account from Azure portal with steps: + + * Go to Azure portal + * Go to the your resource group + * Find storage account resource and copy its name + +Alternatively, use Azure CLI command to list storage account inside a resource group: + +```shell +$ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/storageAccounts --query [*].name +[ + "219846olvm" +] +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSizeSelectForCoherence` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateAddCacheNodeBasePath }}" + }, + "adminPasswordOrKey": { + "value": "jyfRat@nht2019" + }, + "adminVMName": { + "value": "adminVM" + }, + "elkSettings": { + "value": { + "enable": true, + "elasticsearchEndpoint":"https://example.eastus2.azure.elastic-cloud.com:9243", + "elasticsearchPassword": "Secret123!", + "elasticsearchUserName":"elastic", + "logIndex": "azure-weblogic-dynamic-cluster-11122020", + "logsToIntegrate": ["HTTPAccessLog", "ServerLog", "DomainLog", "DataSourceLog", "StandardErrorAndOutput", "NodeManagerLog"] + } + }, + "enableCoherenceWebLocalStorage": { + "value": true + }, + "location": { + "value": "eastus" + }, + "managedServerPrefix": { + "value": "msp" + }, + "numberOfExistingCacheNodes": { + "value": 1 + }, + "numberOfNewCacheNodes": { + "value": 1 + }, + "skuUrnVersion": { + "value": "owls-122140-8u251-ol76;Oracle:weblogic-122140-jdk8u251-ol76:owls-122140-8u251-ol7;latest" + }, + "storageAccountName": { + "value": "d40140olvm" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to add new nodes. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az deployment group validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddCacheNodeBasePath }}arm/mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddCacheNodeBasePath }}arm/mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```bash +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/mainTemplate", + "location": null, + "name": "mainTemplate", + "properties": { + "correlationId": "19040fc8-2b74-4e64-9dd9-59a5a3ce401a", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/pid-157ea8ac-12ae-11eb-adc1-0242ac120002", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "pid-157ea8ac-12ae-11eb-adc1-0242ac120002", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM2_PublicIP", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2_PublicIP", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM2_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM2_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-04-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT10M24.4018847S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM2_NIC", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM2_PublicIP", + "resourceGroup": "haiche-cluster-1106" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateAddCacheNodeBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateAddCacheNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminUsername": { + "type": "String", + "value": "weblogic" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "wls" + }, + "enableCoherenceWebLocalStorage": { + "type": "Bool", + "value": true + }, + "guidValue": { + "type": "String", + "value": "d5dde421-44b0-48df-9d12-db02374654d3" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfExistingCacheNodes": { + "type": "Int", + "value": 1 + }, + "numberOfNewCacheNodes": { + "type": "Int", + "value": 1 + }, + "skuUrnVersion": { + "type": "String", + "value": "owls-122130-8u131-ol74;Oracle:weblogic-122130-jdk8u131-ol74:owls-122130-8u131-ol7;latest" + }, + "storageAccountName": { + "type": "String", + "value": "33f2e3olvm" + }, + "usePreviewImage": { + "type": "Bool", + "value": false + }, + "vmSizeSelectForCoherence": { + "type": "String", + "value": "Standard_A1" + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "networkInterfaces" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "16596437850900945013", + "templateLink": null, + "timestamp": "2020-11-09T06:28:40.936524+00:00" + }, + "resourceGroup": "haiche-cluster-1106", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify + +### Verify if new cache nodes are added to the WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment** -> **Machines**. + + You should see logical machines with name parttern `^{managedServerPrefix}StorageVM[0-9]+$`, machine names with number suffix from `numberOfExistingCacheNodes` to `numberOfExistingCacheNodes + numberOfNewCacheNodes` are added. +* Go to **Environment** -> **Servers** + + You should see servers with name parttern `^{managedServerPrefix}Storage[0-9]+$`, server names with number suffix from `numberOfExistingCacheNodes` to `numberOfExistingCacheNodes + numberOfNewNodes` are added to `storage1`. + +### Verify if Azure resources are added + +* Go to [Azure Portal](https://ms.portal.azure.com/). +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been added. diff --git a/cluster/addnode.md b/cluster/addnode.md new file mode 100644 index 000000000..0e74f565e --- /dev/null +++ b/cluster/addnode.md @@ -0,0 +1,734 @@ +{% include variables.md %} + +# Add nodes to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to add new managed application server using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Active Directory LDAP Instance + +Refer to [Azure Active Directory(AAD) LDAP Instance](aadNestedTemplate.html#azure-active-directory-ldap-instance). + +### Certificate for SSL Termination +Refer to [Configure Azure Application Gateway#Certificate for SSL Termination](appGatewayNestedTemplate.html#certificate-for-ssl-termination). + +### Administering Security for Oracle WebLogic Server & Configuring KeyStores +Refer to [Configuring Keystores](https://docs.oracle.com/en/middleware/fusion-middleware/weblogic-server/12.2.1.4/secmg/identity_trust.html). + +### Generate Base64 string for a given ssl certificate/keystore file + +Use the following command to generate a Base64 string for a given ssl certificate/keystore file, to be used as input in the parameters JSON file + +
base64 /my/path/your-certificate.cer -w 0 >temp.txt
+ + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the add-node ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. You must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and nodes that to be added. This section shows how to obtain the values for the following required properties. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Parameter NameExplanation
_artifactsLocationSee below for details.
aadsSettingsOptional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. See the page WebLogic to Azure with AAD via LDAP for further information.
enableIf enable is true, must specify all properties of the aadSettings.
publicIPThe public IP address of Azure Active Directory LDAP server.
serverHostThe server host of Azure Active Directory LDAP server.
certificateBase64StringThe based64 string of LADP client certificate that will be imported to trust store of WebLogic Server to enable SSL connection of AD provider.
adminPasswordOrKeyPassword of administration account for the new Virtual Machine that host new nodes.
adminURLThe URL of WebLogic Administration Server, usually made up with Virtual Machine name and port, for example: adminVM:7001.
appGatewaySettingsOptional. JSON object type. You can specify these parameters for application gateway configuration. If enable is true, you must specify other properties. If enable is false, the other properties are ignored. See the page Migrate a WebLogic Server cluster to Azure with Azure Application Gateway as a load balancer for further information.
enableIf enable is true, must specify all properties of the appGatewaySettings.
publicIPNameAzure resource name of application gateway public IP, default value is gwip
certificateBase64StringBase64 string of server certificate for application gateway.
certificatePasswordPassword of server certificate.
elkSettingsOptional. JSON object type. You can specify this parameters for Elasticsearch and Kibana(ELK) connection. If enable is true, must specify other properties. See the page WebLogic with Elastic on Azure for further information.
enableIf enable is true, must specify all properties of the elkSettings.
elasticsearchEndpointEndpoint of the Elasticsearch instance.
elasticsearchPasswordPassword for Elasticsearch account.
elasticsearchUserNameUser name for Elasticsearch account.
logIndexMust be the same value output at ELK deployment time.
logsToIntegrateArray with string value. Specify the expeted logs to integrate, you must input at least one log.
enableCoherenceIf true, create application managed server and add to the Coherence cluster application tier.
numberOfExistingNodesThe number of existing managed application servers, used to generate new virtual machine name.
numberOfNewNodesThe number of application managed server to add.
storageAccountNameThe name of an existing storage account.
wlsDomainNameMust be the same value provided at deployment time.
wlsUserNameMust be the same value provided at deployment time.
wlsPasswordMust be the same value provided at deployment time.
customSSLSettingsOptional. JSON object type. You can specify this parameters for configuring Custom SSL Settings for WebLogic Administration Server. If enable is true, must specify other properties. See the page Administering Security for Oracle WebLogic Server and Configuring Keystores for further information.
enableIf enable is true, must specify all properties of the customSSLSettings. +   Set to false by default.
customIdentityKeyStoreBase64StringThe based64 string of the custom identity keystore file that will be configured in the WebLogic Administration Server to enable SSL connection.
customIdentityKeyStorePassPhraseThe identity keystore pass phrase
customIdentityKeyStoreTypeIdentity Key Store Type. This can be either JKS or PKCS12
customTrustKeyStoreBase64StringThe based64 string of the custom trust keystore file that will be configured in the WebLogic Administration Server to enable SSL connection.
customTrustKeyStorePassPhraseThe trust keystore pass phrase
customTrustKeyStoreTypeTrust Key Store Type. This can be either JKS or PKCS12
privateKeyAliasThe private key alias
privateKeyPassPhraseThe private Key Pass phrase.
+ +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateAddNodeBasePath }} +``` + +### Enable SSH Authentication to VMs +If the cluster was deployed with SSH Authentication to VMs enabled, add this variable to your parameter file and fill in the base64 decoded public SSH key string to the `adminPasswordOrKey` field: +``` + "authenticationType": { + "value": "sshPublicKey" + }, + "adminPasswordOrKey": { + "value": "ssh-rsa ...." + }, +``` + +### Enable coherence +If `enableCoherence` is `true`, the template will create Azure resources to host new managed servers, and configure new application nodes to Coherence cluster. If your cluster is not Coherence cluster, please do not set this parameter `true`. + +### Existing managed application servers +To differentiate functionality of managed servers, we use **managed application server** to represent managed servers that host Java EE application, and use **managed cache server** to represent managed servers that used for cache. + +You can get the existing managed application servers with the following command: + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfExistingNodes=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}VM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfExistingNodes} +``` + +### Log index + +If you configured ELK in your cluster to export WebLogic Server logs to ELK, please input the value of Kibana log index, this template will set up ELK connection and export logs to specified index. + +You can get the value from Azure portal with the following steps: + +* Go to Azure portal. +* Open you resource group and click **Deployments**. +* Open the ELK deployment, and click **Output**. +* Copy the value of `logIndex`. + +Alternatively, use Azure CLI command to list log index inside the resource group deployments: + +```shell +$ az deployment group list -g 'yourResourceGroup' --query [*].properties.outputs.logIndex.value +[ + "azure-weblogic-cluster-f984df74-ab4d-4c17-a532-7f248659fb28" +] +``` + +### Storage account + +Each Storage Account handles up to 20,000 IOPS, and 500TB of data. If you use a storage account for Standard Virtual Machines, you can store until 40 virtual disks. + +We have two disks for one Virtual Machine, it's suggested no more than 20 Virtual Machines share the same storage account. Number of virtual machines that hosting managed servers should be less than or equal to 20. + +You can get the name of storage account from Azure portal with steps: + + * Go to Azure portal + * Go to the your resource group + * Find storage account resource and copy its name + +Alternatively, use Azure CLI command to list storage account inside a resource group: + +```shell +$ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/storageAccounts --query [*].name +[ + "219846olvm" +] +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateAddNodeBasePath }}" + }, + "aadsSettings": { + "value": { + "enable": true, + "publicIP":"13.68.244.90", + "serverHost": "ladps.wls-security.com", + "certificateBase64String":"LS0tLS1C...tLS0tLQ0K" + } + }, + "adminPasswordOrKey": { + "value": "Secret123!" + }, + "adminURL":{ + "value": "adminVM:7001" + }, + "appGatewaySettings": { + "value": { + "enable": true, + "publicIPName": "gwip", + "certificateBase64String": "MIIKQQI...gIIAA==", + "certificatePassword": "Secret123!" + } + }, + "elkSettings": { + "value": { + "enable": true, + "elasticsearchEndpoint":"https://example.eastus2.azure.elastic-cloud.com:9243", + "elasticsearchPassword": "Secret123!", + "elasticsearchUserName":"elastic", + "logIndex": "azure-weblogic-dynamic-cluster-11122020", + "logsToIntegrate": ["HTTPAccessLog", "ServerLog", "DomainLog", "DataSourceLog", "StandardErrorAndOutput", "NodeManagerLog"] + } + }, + "location": { + "value": "eastus" + }, + "numberOfExistingNodes": { + "value": 4 + }, + "numberOfNewNodes": { + "value": 3 + }, + "storageAccountName": { + "value": "496dfdolvm" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsUserName": { + "value": "weblogic" + }, + "wlsPassword": { + "value": "welcome1" + }, + "customSSLSettings": { + "value": { + "enable": true, + "customIdentityKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAQAKc2VydmV....QZL24ljJLq", + "customIdentityKeyStorePassPhrase": "mypassword", + "customIdentityKeyStoreType": "JKS", + "customTrustKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAgAJdHJ1c3R....Td4bYVnONyS0PC7k=", + "customTrustKeyStorePassPhrase": "mypassword", + "customTrustKeyStoreType": "JKS", + "privateKeyAlias": "servercert", + "privateKeyPassPhrase": "mypassword" + } + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to add new nodes. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddNodeBasePath }}arm/mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddNodeBasePath }}arm/mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```bash +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Resources/deployments/mainTemplate", + "location": null, + "name": "mainTemplate", + "properties": { + "correlationId": "54517529-a1c4-422f-a539-23b9a5129e80", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Resources/deployments/pid-c7671c10-ae59-5ec5-bff3-c60db22d7ea4", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "pid-c7671c10-ae59-5ec5-bff3-c60db22d7ea4", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/publicIPAddresses/mspVM7_PublicIP", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_PublicIP", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "2019-06-01", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Storage/storageAccounts/09b943olvm", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "09b943olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-04-01", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Storage/storageAccounts/09b943olvm", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "09b943olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT9M6.8098765S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/publicIPAddresses/mspVM7_PublicIP", + "resourceGroup": "oraclevm-dcluster-0727" + } + ], + "outputs": { + "wlsDomainLocation": { + "type": "String", + "value": "/u01/domains/wlsd" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateAddNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "aadsSettings": { + "type": "Object", + "value": { + "certificateBase64String": "LS0tLS1C...S0tLQ0K", + "enable": true, + "publicIP": "40.76.11.111", + "serverHost": "ladps.wls-security.com" + } + }, + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminURL": { + "type": "String", + "value": "adminVM:7001" + }, + "adminUsername": { + "type": "String", + "value": "weblogic" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "wls" + }, + "guidValue": { + "type": "String", + "value": "67657ba3-6248-46e5-bedc-53e16ac82571" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfExistingNodes": { + "type": "Int", + "value": 7 + }, + "numberOfNewNodes": { + "type": "Int", + "value": 1 + }, + "skuUrnVersion": { + "type": "String", + "value": "owls-122130-8u131-ol74;Oracle:weblogic-122130-jdk8u131-ol74:owls-122130-8u131-ol7;1.1.1" + }, + "storageAccountName": { + "type": "String", + "value": "09b943olvm" + }, + "usePreviewImage": { + "type": "Bool", + "value": false + }, + "vmSizeSelect": { + "type": "String", + "value": "Standard_A3" + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + }, + "customSSLSettings": { + "type": "Object", + "value": { + "enable": true, + "customIdentityKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAQAKc2VydmV....QZL24ljJLq", + "customIdentityKeyStorePassPhrase": "mypassword", + "customIdentityKeyStoreType": "JKS", + "customTrustKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAgAJdHJ1c3R....Td4bYVnONyS0PC7k=", + "customTrustKeyStorePassPhrase": "mypassword", + "customTrustKeyStoreType": "JKS", + "privateKeyAliasSecret": "servercert", + "privateKeyPassPhraseSecret": "mypassword" + } + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "networkInterfaces" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "15879952829017360289", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateAddNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-27T12:37:03.733682+00:00" + }, + "resourceGroup": "oraclevm-dcluster-0727", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify + +### Verify if new nodes are added to the WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment** -> **Machines**. + + You should see logical machines with name parttern `^{managedServerPrefix}VM[0-9]+`, machine names with number suffix from `numberOfExistingNodes` to `numberOfExistingNodes + numberOfNewNodes` are added. +* Go to **Environment** -> **Servers** + + You should see servers with name parttern `^{managedServerPrefix}[0-9]+$`, server names with number suffix from `numberOfExistingNodes` to `numberOfExistingNodes + numberOfNewNodes` are added to `cluster1`. + + +### Verify if the newly added server has SSL configured successfully +* If the input parameter customSSLSettings.enable is set to true and the required custom SSL configuration values have been provided, then you should see the SSL configuration for the newly added server under **Environment** -> **Servers** -> **New Server** -> **Keystores** + +### Verify if Azure resources are added + +* Go to [Azure Portal](https://ms.portal.azure.com/). +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been added. + +### Verify AAD Integration + +Verify AAD integration by delpoying a simple Java EE applciation with basic authentication. + +* Go to Administration Server Console and deploy [testing application](../resources/basicauth.war). + * Select **Deployments**. + * Select **Install**. + * Select file `basicauth.war`. + * Select **Next**. Choose "Install this deployment as an application". + * Select **Next**. Select "cluster-1" and "All servers in the cluster". + * Keep configuration as default and select **Finish**. + * Select **Activate Changes** + * In the left navigation pane, select **Deployments**. + * Select **Control** + * Select `basicauth` + * Select **Start** + * Select **Servicing all requests** + +* Access the sample application + * Go to Administration Server Console + * Go to **Environment -> Machines**. Click one of the new machines, make sure there are servers running on that machine. Click **Node Manager** and make note of the machine host in **Listen Address**, here named it as `machineName`. Click **Servers** and make note of **Listen Port**, here named it as `port`. + * Go to [Azure Portal](https://ms.portal.azure.com/), and get DNS name from Virtual Machine has the same name of `machineName`, named it `machineDNS` + * Go to `http://${machineDNS}:${port}/basicauth`, the browser will prompt up to ask for credentials, input one of AAD users from group **AAD DC Administrators**, note that use name should be **sAMAccountName**, for example `wlstest` for user `wlstest@javaeehotmailcom.onmicrosoft.com`. + * Expected result, you can access the sample application without error. \ No newline at end of file diff --git a/cluster/appGatewayNestedTemplate.md b/cluster/appGatewayNestedTemplate.md new file mode 100644 index 000000000..039b015c6 --- /dev/null +++ b/cluster/appGatewayNestedTemplate.md @@ -0,0 +1,364 @@ +{% include variables.md %} + +# Apply Azure App Gateway ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with Azure Application Gateway using the Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The Application Gateway ARM tempate will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Certificate for SSL Termination + +Because the Application Gateway serves as the front end load balancer for the {{ site.data.var.wlsFullBrandName }} cluster, it must be provided with a certificate to allow browsers to connect via SSL. + +When deploying the {{ site.data.var.wlsFullBrandName }} offer from the Azure Portal, you can configure the deployment to fetch the SSL certificate and its password from a pre-existing Azure Key Vault. For a high-level introduction to SSL Certificates with Azure Key Vault see [Get started with Key Vault certificates](https://docs.microsoft.com/en-us/azure/key-vault/certificates/certificate-scenarios). For an overview of TLS termination with Application Gateway see [Overview of TLS termination and end to end TLS with Application Gateway](https://docs.microsoft.com/en-us/azure/application-gateway/ssl-overview). When configuring the Application Gateway after deployment, you must base64 encode the certificate and also know the password for the certificate. + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the database ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing SSL certificate. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `customDomainName`| Specify a custome domain name if want to override application gateway hostname. You are required to input the value if you use a pre-assigned SSL for application gateway. | +| `appGatewaySSLCertificateData`| See below for details. | +| `appGatewaySSLCertificatePassword`| See below for details. | +| `dnsNameforApplicationGateway`| (optional) A prefix value for the dns name of the Application Gateway. | +| `gatewayPublicIPAddressName` | (optional) A prefix value for the public IP address of the Application Gateway. | +| `location` | Must be the same region into which the server was initially deployed. | +| `managedServerPrefix` | At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `numberOfInstances` | The number of instances in the cluster. Must be the same as the value used at deployment time. | +| `overrideHostName` | If `true` the template will override the application gateway hostname with value of `customDomainName`. The vaule should be `true` if you use a pre-assigned SSL for application gateway. | +| `wlsDomainName` | At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### SSL Certificate Data and Password + +Use base64 to encode your existing PFX format certificate. + +```bash +base64 your-certificate.pfx -w 0 >temp.txt +``` + +Use the content as this file as the value of the `appGatewaySSLCertificateData` parameter. + +It is assumed that you have the password for the certificate. Use this as the value of the `appGatewaySSLCertificatePassword` parameter. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include any optional parameters, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation":{ + "value": "{{ armTemplateBasePath }}" + }, + "appGatewaySSLCertificateData": { + "value": "MIIKCQIB...sOr3QICCAA=" + }, + "appGatewaySSLCertificatePassword": { + "value": "myPasswordInClearText" + }, + "numberOfInstances": { + "value": 3 + }, + "location": { + "value": "eastus" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/appGatewayNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/appGatewayNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Resources/deployments/cli", + "location": null, + "name": "cli", + "properties": { + "correlationId": "4cc63f27-0f43-4244-9d89-a09bf417e943", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/publicIPAddresses/gwip", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "gwip", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/applicationGateways/myAppGateway", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "myAppGateway", + "resourceType": "Microsoft.Network/applicationGateways" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/applicationGateways/myAppGateway", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "myAppGateway", + "resourceType": "Microsoft.Network/applicationGateways" + }, + { + "apiVersion": "2019-11-01", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/publicIPAddresses/gwip", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "gwip", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Resources/deployments/pid-36deb858-08fe-5c07-bc77-ba957a59a080", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "pid-36deb858-08fe-5c07-bc77-ba957a59a080", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT8M41.2104793S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-0604" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/applicationGateways/myAppGateway", + "resourceGroup": "oraclevm-cluster-0604" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/publicIPAddresses/gwip", + "resourceGroup": "oraclevm-cluster-0604" + } + ], + "outputs": { + "appGatewayURL": { + "type": "String", + "value": "http://wlsgw9e6ed1-oraclevm-cluster-0604-wlsd.eastus.cloudapp.azure.com" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationAGWTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "appGatewaySSLCertificateData": { + "type": "String", + "value": "MIIKQQIBAz....EkAgIIAA==" + }, + "appGatewaySSLCertificatePassword": { + "type": "String", + "value": "myRedactedPassword" + }, + "dnsNameforApplicationGateway": { + "type": "String", + "value": "wlsgw" + }, + "gatewayPublicIPAddressName": { + "type": "String", + "value": "gwip" + }, + "guidValue": { + "type": "String", + "value": "9e6ed15b-d386-4cb9-a617-3cb6f785f6a0" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfInstances": { + "type": "Int", + "value": 4 + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "applicationGateways" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "12239709219097081949", + "templateLink": null, + "timestamp": "2020-06-04T03:17:01.168329+00:00" + }, + "resourceGroup": "oraclevm-cluster-0604", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify Application Gateway + +We will deploy a testing application to verify if the appliaction gateway is enabled. + +Go to Admin Server Console and deploy [webtestapp.war](../resources/webtestapp.war). + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* Select **Deployments**. +* Select **Install**. +* Select file `webtestapp.war`. +* Select **Next**. Choose "Install this deployment as an application". +* Select **Next**. Select "cluster-1" and "All servers in the cluster". +* Keep configuration as default and select **Finish**. +* Select **Activate Changes** +* In the left navigation pane, select **Deployments**. +* Select **Control** +* Select `webtestapp` +* Select **Start** +* Select **Servicing all requests** + +Then access the application with `/webtestapp`, you will get a page with server host information if application gateway was successfully enabled. diff --git a/cluster/coherenceTemplate.md b/cluster/coherenceTemplate.md new file mode 100644 index 000000000..632ba5a98 --- /dev/null +++ b/cluster/coherenceTemplate.md @@ -0,0 +1,526 @@ +{% include variables.md %} + +# Configure Coherence cluster to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a Coherence cluster using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The Coherence ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +**Note:** if you have enabled Coherence in the initial offer deployment from Azure portal, the Coherence cluster has been set up, you don't need to run Coherence tempalte. + +### Elasticsearch instance + +Optional. + +Refer to [Create an an Elastic on Azure instance](https://aka.ms/arm-oraclelinux-wls-elk#create-an-an-elastic-on-azure-instance) + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the Coherence ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. + +The deployment of coherenceTemplate.json will: + * Provision Azure resources, including virtual machine, network interface, disk, public IP to host new Coherence cache servers. + * Configure WebLogic Coherence cluster, including: + * Create Coherence cluster `myCoherence` + * Create data tier `storage1` cluster. + * Associate `cluster1` and `storage1` to `myCoherence` cluster. + * Create cache servers and assign them to `storage1` cluster. + +We must specify the information of the existing {{ site.data.var.wlsFullBrandName }}. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminPasswordOrKey` | SSH Key or password for the Virtual Machine. SSH key is recommended. | +| `adminVMName`| Virtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server. | +| `elasticsearchEndpoint` | The Elasticsearch endpoint. | +| `elasticsearchPassword` | Password for the Elasticsearch account. | +| `elasticsearchUserName` | User name for the Elasticsearch account. | +| `enableCoherenceWebLocalStorage` | Specifies whether Local Storage is enabled for the Coherence*Web cluster tier. | +| `enableELK` | If true, use the supplied parameters to distribute WebLogic Server logs to the Elasticsearch instance. | +| `location` | Must be the same region into which the server was initially deployed. | +| `logIndex` | Elasticsearch index you expect to export the logs to. Must be the same value with output from initial ELK deployment. | +| `logsToIntegrate` | Specify the WebLogic logs to export to Elasticsearch, you must select at least one log. | +| `managedServerPrefix` | Must be the same prefix with which the cluster was initially deployed. | +| `numberOfCoherenceCacheInstances` | Number of Coherence cache servers, used to create Virtual Machines and Managed Server. | +| `skuUrnVersion` | Must be the same urn with which the cluster was initially deployed. | +| `storageAccountName` | The name of an existing storage account. | +| `vmSizeSelectForCoherence` | Select appropriate VM Size for Coherence cache servers. | +| `wlsDomainName` | Must be the same value provided at initial deployment time. | +| `wlsPassword` | Must be the same value provided at initial deployment time. | +| `wlsUserName` | Must be the same value provided at initial deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Log index + +If you configured ELK in your cluster to export WebLogic Server logs to ELK, please input the value of Kibana log index, this template will set up ELK connection and export logs to specified index. + +You can get the value from Azure portal with the following steps: + +* Go to Azure portal. +* Open you resource group and click **Deployments**. +* Open the ELK deployment, and click **Output**. +* Copy the value of `logIndex`. + +Alternatively, use Azure CLI command to list log index inside the resource group deployments: + +```shell +$ az deployment group list -g 'yourResourceGroup' --query [*].properties.outputs.logIndex.value +[ + "azure-weblogic-cluster-f984df74-ab4d-4c17-a532-7f248659fb28" +] +``` + +### Storage account + +Each Storage Account handles up to 20,000 IOPS, and 500TB of data. If you use a storage account for Standard Virtual Machines, you can store until 40 virtual disks. + +We have two disks for one Virtual Machine, it's suggested no more than 20 Virtual Machines share the same storage account. Number of virtual machines that hosting managed servers should be less than or equal to 20. + +You can get the name of storage account from Azure portal with steps: + + * Go to Azure portal + * Go to the your resource group + * Find storage account resource and copy its name + +Alternatively, use Azure CLI command to list storage account inside a resource group: + +```shell +$ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/storageAccounts --query [*].name +[ + "219846olvm" +] +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. This is an example to set up Coherence*Web. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminPasswordOrKey": { + "value": "jyfRat@nht2019" + }, + "adminVMName": { + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "value": "Secret123!" + }, + "elasticsearchUserName": { + "value": "elastic" + }, + "enableCoherenceWebLocalStorage": { + "value": true + }, + "enableELK": { + "value": true + }, + "managedServerPrefix": { + "value": "msp" + }, + "location": { + "value": "eastus" + }, + "logIndex": { + "value": "azure-weblogic-cluster-11122020" + }, + "logsToIntegrate": { + "value": ["HTTPAccessLog", "ServerLog", "DomainLog", "DataSourceLog", "StandardErrorAndOutput","NodeManagerLog"] + }, + "numberOfCoherenceCacheInstances": { + "value": 1 + }, + "skuUrnVersion": { + "value": "owls-122140-8u251-ol76;Oracle:weblogic-122140-jdk8u251-ol76:owls-122140-8u251-ol7;latest" + }, + "storageAccountName": { + "value": "d40140olvm" + }, + "vmSizeSelectForCoherence": { + "value": "Standard_A1" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with a Coherence cluster. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az deployment group validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/coherenceTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/coherenceTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/coherenceTemplate", + "location": null, + "name": "coherenceTemplate", + "properties": { + "correlationId": "07555c54-2384-4ca3-b427-6cf7d8b53052", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/pid-157eaa6e-12ae-11eb-adc1-0242ac120002", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "pid-157eaa6e-12ae-11eb-adc1-0242ac120002", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM1_PublicIP", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1_PublicIP", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM1_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM1_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT9M26.6278882S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM1_NIC", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM1_PublicIP", + "resourceGroup": "haiche-cluster-1106" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationCoherenceTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminUsername": { + "type": "String", + "value": "weblogic" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "wls" + }, + "enableCoherenceWebLocalStorage": { + "type": "Bool", + "value": true + }, + "guidValue": { + "type": "String", + "value": "b4c17707-b932-43f0-a4cc-6d6990bb850f" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfCoherenceCacheInstances": { + "type": "Int", + "value": 1 + }, + "skuUrnVersion": { + "type": "String", + "value": "owls-122130-8u131-ol74;Oracle:weblogic-122130-jdk8u131-ol74:owls-122130-8u131-ol7;latest" + }, + "storageAccountName": { + "type": "String", + "value": "33f2e3olvm" + }, + "usePreviewImage": { + "type": "Bool", + "value": false + }, + "vmSizeSelectForCoherence": { + "type": "String", + "value": "Standard_A1" + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "networkInterfaces" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "7840329080326569798", + "templateLink": null, + "timestamp": "2020-11-06T08:48:57.229200+00:00" + }, + "resourceGroup": "haiche-cluster-1106", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify Coherence cluster + +Follow the steps to check if Coherence*Web is enabled. + +* Follow the example parameters to set up Coherence*Web. +* Go to admin console portal. +* Deploy [coherence-sample.war](../resources/coherence-sample.war) to `cluster1`. + Please select `cluster1` in the Targets page. +* Start `coherence-sample`. +* Open the sample with browser, click "add session" to add session infomation. Click "test session" to verify. + +If the Coherence cluster does not set up successfully, the application deployment will fail. + +If the cache server does not work correctly, session can not be saved, as we disabled local storage in application servers. diff --git a/cluster/customDNSTemplate.md b/cluster/customDNSTemplate.md new file mode 100644 index 000000000..944709c37 --- /dev/null +++ b/cluster/customDNSTemplate.md @@ -0,0 +1,174 @@ +{% include variables.md %} + +# Configure DNS alias to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a custom DNS alias. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Registered Domain Name + +You need to buy a domain name to create a custom DNS alias. + +### Azure DNS Zone + +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. + +```bash +$ nslookup -type=SOA contoso.com +Server: 172.29.80.1 +Address: 172.29.80.1#53 + +Non-authoritative answer: +contoso.com + origin = ns1-01.azure-dns.com + mail addr = azuredns-hostmaster.microsoft.com + serial = 1 + refresh = 3600 + retry = 300 + expire = 2419200 + minimum = 300 +Name: ns1-01.azure-dns.com +Address: 40.90.4.1 +Name: ns1-01.azure-dns.com +Address: 2603:1061::1 +``` + +We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. + +### Azure Managed Indentify + +If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + + +## Prepare the Parameters + +We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. + +| Parameter Name             | Explanation | +|----------------|-------------| +| `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| +| `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | +| `--artifact-location`| Required. See below for details. | +| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--location ` | Required. Must be the same region into which the server was initially deployed. | +| `--zone-name ` | Required. Azure DNS Zone name. | +| `--gateway-label` | Optional. Label for applciation gateway. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| +| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| +| `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | +| `--help` | Help. | + +### Artifacts location + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +## Invoke the Automation Script + +We provide an automation script to configure a custom DNS alias. The script lets you do the following: + + * If you have an Azure DNS Zone, it will create a DNS alias for the admin console and application gateway on the existing DNS Zone. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console and application gateway. + +### Configure DNS Alias on an Existing Azure DNS Zone + +To configure a DNS alias on an existing Azure DNS Zone, in addition to the required parameters, you must also specify an Azure user-assigned managed identity ID and the resource group name in which your DNS Zone is deployed. + +This is an example to create a DNS alias `admin.contoso.com` for the admin console and `applciations.contoso.com` for the application gateway on an existing Azure DNS Zone. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --gateway-label applications \ + --identity-id `yourIndentityID` \ + --zone-resource-group `yourDNSZoneResourceGroup` +``` + +An example output: + +```text +Done! + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + + + Application Gateway URL: http://applications.contoso.com + Application Gateway secured URL: https://applications.contoso.com +``` + + +### Configure DNS Alias on a New Azure DNS Zone + +To configure a DNS alias on a new Azure DNS Zone, you must specify the required parameters. + +This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console and `applications.contoso.com` for application gateway. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --gateway-label applications +``` + +An example output: + +```text +DONE! + + +Action required: + Complete Azure DNS delegation to make the alias accessible. + Reference: https://aka.ms/dns-domain-delegation + Name servers: + [ + "ns1-02.azure-dns.com.", + "ns2-02.azure-dns.net.", + "ns3-02.azure-dns.org.", + "ns4-02.azure-dns.info." + ] + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + + + Application Gateway URL: http://applications.contoso.com + Application Gateway secured URL: https://applications.contoso.com +``` + +**Note:** The DNS aliases are not accessible now, you must perform Azure DNS delegation after the deployment. Follow [Delegation of DNS zones with Azure DNS](https://aka.ms/dns-domain-delegation) to complete the Azure DNS delegation. + + +## Verify the Custom Alias + +Access the URL from output to verify if the custom alias works. diff --git a/cluster/dbTemplate.md b/cluster/dbTemplate.md new file mode 100644 index 000000000..ac4ab4faf --- /dev/null +++ b/cluster/dbTemplate.md @@ -0,0 +1,332 @@ +{% include variables.md %} + +# Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure database using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Database Instance + +To apply configure a database with {{ site.data.var.wlsFullBrandName }}, +you must have an existing database instance to use. This template +supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +create one from the Azure portal. + +### Apply multiple databases + +You can deploy different databases using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. + +To apply multiple databases, you have to remove the previous virtual machine extension. Last ARM parameters file is cached, it will block you from configuring the new database. + +Use the following command to remove virtual machine extension: + +```bash +# remove existing vm extension +az vm extension delete -g ${yourResourceGroup} --vm-name ${adminVMName} --name newuserscript +``` + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the database ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and database instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `dbPassword`| See below for details. | +| `dbUser` | See below for details. | +| `dsConnectionURL`| See below for details. | +| `jdbcDataSourceName`| Must be the JNDI name for the JDBC DataSource. | +| `location` | Must be the same region into which the server was initially deployed. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Obtain the JDBC Connection String, Database User, and Database Password + +The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. + +#### Oracle Database: + +The following is the format of the JDBC connection string for Oracle Database: + +```bash +jdbc:oracle:thin:@HOSTNAME:1521/DATABASENAME +``` + +For example: + +```bash +jdbc:oracle:thin:@benqoiz.southeastasia.cloudapp.azure.com:1521/pdb1 +``` + +#### Azure Database for PostgreSQL: + +Deploy an Azure Database PostgreSQL as described in [Create an Azure Database for PostgreSQL server in the Azure portal](https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-portal). + +1. Access the [Azure portal](https://portal.azure.com), and go to the service instance. + +2. Click **Connection Strings** under **Settings**. + +3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: + +```bash +jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?user=jroybtvp@20191015cbfgterfdy&password={your_password}&sslmode=require +``` + +When passing this value to the ARM template, remove the database user and password values from the connection string, and let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: + +```bash +jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?sslmode=require +``` + +Finally, replace `{your_database}` with the name of your database, typically `postgres`. + +#### Azure SQL Server + +Deploy Azure SQL Server as described in [Create a single database in Azure SQL Database using the Azure portal, PowerShell, and Azure CLI](https://docs.microsoft.com/en-us/azure/sql-database/sql-database-single-database-get-started?tabs=azure-portal). + +1. Access the [Azure portal](https://portal.azure.com) and go to the service instance. + +2. Click **Connection Strings** under **Settings**. + +3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: + +```bash +jdbc:sqlserver://rwo102804.database.windows.net:1433;database=rwo102804;user=jroybtvp@rwo102804;password={your_password_here};encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30; +``` + +When passing this value to the ARM template, remove the database user and password values, let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: + +```bash +jdbc:sqlserver://rwo102804.database.windows.net:1433;database={your_database};encrypt=true;tr +``` + +Finally, replace `{your_database}` with the name of your database. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include `adminVMName`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation":{ + "value": "{{ armTemplateBasePath }}" + }, + "location": { + "value": "eastus" + }, + "databaseType": { + "value": "postgresql" + }, + "dsConnectionURL": { + "value": "jdbc:postgresql://ejb060801p.postgres.database.azure.com:5432/postgres?sslmode=require" + }, + "dbPassword": { + "value": "Secret123!" + }, + "dbUser": { + "value": "postgres@ejb060801p" + }, + "jdbcDataSourceName": { + "value": "jdbc/ejb060801p" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Resources/deployments/db", + "location": null, + "name": "db", + "properties": { + "correlationId": "6fc805b9-1c47-4b32-b9b0-59745a21e559", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-0602", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Resources/deployments/3b35b279-0e94-5264-85f5-0d9d662f8a38", + "resourceGroup": "oraclevm-admin-0602", + "resourceName": "3b35b279-0e94-5264-85f5-0d9d662f8a38", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT17.4377546S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-0602" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationDbTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "databaseType": { + "type": "String", + "value": "postgresql" + }, + "dbPassword": { + "type": "SecureString" + }, + "dbUser": { + "type": "String", + "value": "weblogic@oraclevm" + }, + "dsConnectionURL": { + "type": "String", + "value": "jdbc:postgresql://oraclevm.postgres.database.azure.com:5432/postgres" + }, + "jdbcDataSourceName": { + "type": "String", + "value": "jdbc/WebLogicCafeDB" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "6381424766408193665", + "templateLink": null, + "timestamp": "2020-06-02T06:05:03.141828+00:00" + }, + "resourceGroup": "oraclevm-admin-0602", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify Database Connection + +Follow the steps to check if the database has successfully been connected. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigation pane, expand the **Services** tree node and the **DataSources** child node. +* Select the row for the JDBC database name, for example `jdbc/WebLogicDB`. +* Select the **Monitoring** tab and the **Testing** sub-tab. +* Select `admin` and select **Test Data Source** +* If the database is enabled, you will see a message similar to "Test of jdbc/WebLogicDB on server admin was successful." diff --git a/cluster/deletenode.md b/cluster/deletenode.md new file mode 100644 index 000000000..2b3c3ceba --- /dev/null +++ b/cluster/deletenode.md @@ -0,0 +1,535 @@ +{% include variables.md %} + +# Delete nodes from {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to delete nodes using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the delete-node ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. You must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and nodes to be deleted. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `deletingManagedServerNames` | The names of managed server that you want to delete. | +| `deletingManagedServerMachineNames`| The resource names of Azure Virtual Machine hosting managed servers that you want to delete. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateDeleteNodeBasePath }} +``` + +### `deletingManagedServerNames` + +This value must be an array of strings, for example: `["msp1", "msp2"]`. + +You can get the server names from WebLogic Server Administration Console, following the steps: + +* Go to WebLogic Server Administration Console, http://admin-host:7001/console. + +* Go to **Environment** -> **Servers**. + + You will find all available servers. Server names are listed in **Name** column. + + Make note of the machine for the deleting servers, you need to find out corresponding Azure Virtual Machine names of those machines. + +### `deletingManagedServerMachineNames` + +This value must be an array of strings, for example: `["mspVM1", "mspVM2"]`. + +You can get the server names from WebLogic Server Administration Console, following the steps: + +* Go to WebLogic Server Administration Console, http://admin-host:7001/console. + +* Go to **Environment** -> **Machines**. + + Open the machine you noted down in step `deletingManagedServerNames`. + + Click **Configuration** -> **Node Manager**, you will get compute name from **Listen Address**. + + The Azure Virtual Machine name was set with the same value of compute name during {{ site.data.var.wlsFullBrandName }} deployment. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that here we do not include `adminVMName`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "deletingManagedServerNames": { + "value": [ + "msp4", + "mspStorage2" + ] + }, + "deletingManagedServerMachineNames": { + "value": [ + "mspVM4", + "mspStorageVM2" + ] + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the delete-node script + +To delete managed nodes completely, you have to delete managed servers logically from the WebLogic Server instance, and physically release Azure resources that host the managed servers. We realize the two purposes in different ways: + * Delete managed servers and machines logically from WebLogic Server instance by deploying delete-node ARM template with Azure CLI. You have to specify the parameters file. + * Release corresponding Azure resources by running Azure CLI commands. The following resources will be removed: + * Virtual Machines that host managed servers that will be deleted. + * Data disks attached to the Virtual Machines + * OS disks attached to the Virtual Machines + * Network Interfaces added to the Virtual Machines + * Public IPs attached to the Virtual Machines + * If the Application Gateway is deployed, will remove the manged server hosts from gateway. + +We have provided an automation script for above two purposes, you can delete managed nodes easily with the following instructions. + +### Invoke the script + +Assume your parameters file is available in the current directory and is named `parameters.json`. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +The following command runs the script in silent mode with option `-s`, this mode will delete managed nodes logically and physically. + +If you want to keep Azure resources, refer to [advanced usage](#advanced-usage) for further information. + +```bash +$ curl -fsSL {{ armTemplateDeleteNodeBasePath }}scripts/deletenode-cli.sh | /bin/bash -s -- -s -g `yourResourceGroup` -u {{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json -p parameters.json +``` + +The script will validate the template with your parameters file; deploy the template to delete managed servers from WebLogic Server cluster; run Azure CLI commands to delete corresponding Azure resources. + +This is an example output of successful deployment, the {{ site.data.var.wlsFullBrandName }} is deployed with Application Gateway. Look for `Completed!` in your output. + +```bash +{ + "error": null, + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/mainTemplate", + "name": "mainTemplate", + "properties": { + "correlationId": "cbfaa443-3a72-4217-83e1-cc91485597fa", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-07232", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceGroup": "oraclevm-cluster-07232", + "resourceName": "pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT0S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputs": null, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "deletingManagedServerMachineNames": { + "type": "Array", + "value": [ + "mspVM2" + ] + }, + "deletingManagedServerNames": { + "type": "Array", + "value": [ + "msp2" + ] + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsForceShutDown": { + "type": "String", + "value": "true" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "3171958496378517565", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-23T07:44:38.977624+00:00", + "validatedResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-7d4ae6d6-17c5-5168-b7d2-e0bf33a1e878", + "resourceGroup": "oraclevm-cluster-07232" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-07232" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceGroup": "oraclevm-cluster-07232" + } + ] + }, + "resourceGroup": "oraclevm-cluster-07232", + "type": "Microsoft.Resources/deployments" +} +Accepted: newuserscript (Microsoft.Compute/virtualMachines/extensions) +Accepted: deletenode-1595490274 (Microsoft.Resources/deployments) +Command ran in 102.719 seconds (init: 0.061, invoke: 102.658) +Extension 'resource-graph' is already installed. +List resource Ids to be deleted: +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/mspVM2 +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/networkInterfaces/mspVM2_NIC +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/publicIPAddresses/mspVM2_PublicIP +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/ORACLEVM-CLUSTER-07232/providers/Microsoft.Compute/disks/mspVM2_OsDisk_1_e6d8ffb0e73649a4a713acf5e6ca7099 +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/ORACLEVM-CLUSTER-07232/providers/Microsoft.Compute/disks/mspVM2_lun_0_2_942609646fdc4e1dab06b23ffeee650f +Are you sure to delete these resources (y/n)?Deleting managed resources...Please do not stop. +[ + null, + null, + null, + null, + null +] +Command ran in 112.375 seconds (init: 0.062, invoke: 112.313) +Check if application gateway has deployed... +Removing mspVM2 from application gateway, please do not stop. +{ + "backendAddresses": [ + { + "fqdn": "mspVM1", + "ipAddress": null + }, + { + "fqdn": "mspVM3", + "ipAddress": null + } + ], + "backendIpConfigurations": null, + "etag": "W/\"23399346-e17b-4f56-bda4-5e77c1d82195\"", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/applicationGateways/myAppGateway/backendAddressPools/myGatewayBackendPool", + "name": "myGatewayBackendPool", + "provisioningState": "Succeeded", + "resourceGroup": "oraclevm-cluster-07232", + "type": "Microsoft.Network/applicationGateways/backendAddressPools" +} + +Complete! +``` + +### Advanced usage + +If you want to learn more about the script and run it manually, follow the advanced instructions to interact with the ternimal. + + * Download the script + + ```bash + $ curl -fsSL {{ armTemplateDeleteNodeBasePath }}scripts/deletenode-cli.sh + ``` + + You will get a shell script named `deletenode-cli.sh` in your current directory. Usage of the script: + + ```bash + ./deletenode-cli.sh -h + usage: deletenode-cli.sh -g resource-group [-f template-file] [-u template-url] -p paramter-file [-h] + -g Azure Resource Group of the Vitural Machines that host deleting manages servers, must be specified. + -f Path of ARM template to delete nodes, must be specified -f option or -u option. + -u URL of ARM template, must be specified -f option or -u option. + -p Path of ARM parameter, must be specified. + -s Execute the script in silent mode. The script will input y automatically for the prompt. + -h Help + ``` + + You can not only run the script with a local template file by specifying `-f` option, but also with a templatle URL using `-u` option. + + * Run the script + + Run the script with your parameters file in your current directory. The following command runs with a template URL: + + ```bash + ./deletenode-cli.sh -g yourResourceGroup -u {{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json -p parameters.json + ``` + + Before deleting any Azure resource, the script will prompt up message **Are you sure to delete these resources (y/n)?** to comfirm if you want to delete Azure resources. If you input `Y/y`, the Azure resources will be deleted. Otherwise, keep the resource and exit. + + This is an example output of deployment that will not delete Azure resources from your resource group, the {{ site.data.var.wlsFullBrandName }} is deployed with Application Gateway. Look for `Completed!` in your output. + + ```bash + { + "error": null, + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/mainTemplate", + "name": "mainTemplate", + "properties": { + "correlationId": "4b15b45b-fb1f-4def-ad32-d96201000ac1", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-07232", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceGroup": "oraclevm-cluster-07232", + "resourceName": "pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT0S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputs": null, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "deletingManagedServerMachineNames": { + "type": "Array", + "value": [ + "mspVM3" + ] + }, + "deletingManagedServerNames": { + "type": "Array", + "value": [ + "msp3" + ] + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsForceShutDown": { + "type": "String", + "value": "true" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "3171958496378517565", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-24T04:17:38.500948+00:00", + "validatedResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-7d4ae6d6-17c5-5168-b7d2-e0bf33a1e878", + "resourceGroup": "oraclevm-cluster-07232" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-07232" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceGroup": "oraclevm-cluster-07232" + } + ] + }, + "resourceGroup": "oraclevm-cluster-07232", + "type": "Microsoft.Resources/deployments" +} +Succeeded: pid-7d4ae6d6-17c5-5168-b7d2-e0bf33a1e878 (Microsoft.Resources/deployments) +Accepted: deletenode-1595564252 (Microsoft.Resources/deployments) +Accepted: newuserscript (Microsoft.Compute/virtualMachines/extensions) +Command ran in 102.182 seconds (init: 0.089, invoke: 102.092) +Extension 'resource-graph' is already installed. +List resource Ids to be deleted: +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/mspVM3 +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/networkInterfaces/mspVM3_NIC +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/publicIPAddresses/mspVM3_PublicIP +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/ORACLEVM-CLUSTER-07232/providers/Microsoft.Compute/disks/mspVM3_OsDisk_1_d5e69682dbff491e97b7a04eea3896eb +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/ORACLEVM-CLUSTER-07232/providers/Microsoft.Compute/disks/mspVM3_lun_0_2_f5bfbf93870f4ed3b1d90a8b953818e7 +Are you sure to delete these resources (y/n)?n +Check if application gateway has deployed... +Removing mspVM3 from application gateway, please do not stop. +{ + "backendAddresses": [ + { + "fqdn": "mspVM1", + "ipAddress": null + } + ], + "backendIpConfigurations": null, + "etag": "W/\"b6f76f57-be98-406d-ac9c-d11035fd3b5b\"", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/applicationGateways/myAppGateway/backendAddressPools/myGatewayBackendPool", + "name": "myGatewayBackendPool", + "provisioningState": "Succeeded", + "resourceGroup": "oraclevm-cluster-07232", + "type": "Microsoft.Network/applicationGateways/backendAddressPools" +} + +Complete! + ``` + +## Verify + +### Verify if the managed servers are deleted from WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment** -> **Servers**. + You should see no server names that have been deleted listed in **Name** column. +* Go to **Environment -> Machines**. + You should see logical machines that host the servers that have been deleted are removed. + +### Verify if the Azure resources are deleted + +* Go to [Azure Portal](https://ms.portal.azure.com/). +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been removed. + + For example, I want to delete managed server `msp1`, corresponding Virtual Machine name is `mspVM1`, Azure resource names are: + * Virtual Machine: `mspVM1` + * Data Disk: `mspVM1_lun_0_2_9d41e2c965744665adb6965625c20d9a` + * OS Disk: `mspVM1_OsDisk_1_05a8d81f5d01419a97ee17a45f974dca` + * Network Interface: `mspVM1_NIC` + * Public IP: `mspVM1_PublicIP` + + All of these resource should be deleted after the script finishes, unless you don't expect to delete them without specifying "Y/y" to the prompt. \ No newline at end of file diff --git a/cluster/elkNestedTemplate.md b/cluster/elkNestedTemplate.md new file mode 100644 index 000000000..22052c79f --- /dev/null +++ b/cluster/elkNestedTemplate.md @@ -0,0 +1,399 @@ +{% include variables.md %} + +# Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to land logs to Elasticsearch and Kibana using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The ELK ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Virtual machine size requirement +Ensure the virtual machines that have been deployed have at least **2.5GB** of memory. The default virtual machine size for WLS does not have enough memory. Use at least `Standard_A2_v2`. + +### Elasticsearch instance + +Refer to [Create an an Elastic on Azure instance](https://aka.ms/arm-oraclelinux-wls-elk#create-an-an-elastic-on-azure-instance) + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the ELK ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. + +We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and Elasticsearch instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| Virtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server. | +| `elasticsearchEndpoint` | The Elasticsearch endpoint. | +| `elasticsearchPassword` | Password of the Elasticsearch account. Used to distibute message with REST API to Elasticsearch instance. | +| `elasticsearchUserName` | User name of the Elasticsearch account. | +| `location` | Must be the same region into which the server was initially deployed. | +| `logsToIntegrate` | Specify the WebLogic logs to export to Elasticsearch, you must select at least one log. | +| `managedServerPrefix` | Must be the same prefix with which the cluster was initially deployed. | +| `numberOfManagedApplicationInstances` | Number of VMs that have been deployed to host managed application server. | +| `numberOfManagedCacheInstances` | Number of VMs that have been deployed to host managed cache server, please set the value if your cluster is Coherence cluster. | +| `wlsDomainName` | Must be the same value provided at initial deployment time. | +| `wlsPassword` | Must be the same value provided at initial deployment time. | +| `wlsUserName` | Must be the same value provided at initial deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Number of Managed application instances + +You can get the existing Managed application instances number with the following command using Azure CLI. + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfManagedApplicationInstances=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}VM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfManagedApplicationInstances} +``` + +### Number of Managed cache instances + +This parameter works for Coherence cluster. If your cluster is not Coherence cluter, keep it with default value `0`. + +You can get the existing Managed cache instances number with the following command using Azure CLI. It should be `0` if no value returned. + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfManagedCacheInstances=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}StorageVM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfManagedCacheInstances} +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminVMName": { + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "value": "wlkpsw" + }, + "elasticsearchUserName": { + "value": "elastic" + }, + "location": { + "value": "eastus" + }, + "managedServerPrefix": { + "value": "msp" + }, + "numberOfManagedApplicationInstances": { + "value": 2 + }, + "numberOfManagedCacheInstances": { + "value": 0 + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to connect to Elasticsearch and Kinaba intance. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Resources/deployments/elkNestedTemplate", + "location": null, + "name": "elkNestedTemplate", + "properties": { + "correlationId": "61a46b43-27d0-4478-baba-c288059892d5", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Resources/deployments/pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT8M54.4785762S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "logIndex": { + "type": "String", + "value": "azure-weblogic-cluster-b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationELKTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "type": "String", + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "type": "SecureString" + }, + "elasticsearchUserName": { + "type": "String", + "value": "elastic" + }, + "guidValue": { + "type": "String", + "value": "b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "logsToIntegrate": { + "type": "Array", + "value": [ + "HTTPAccessLog", + "ServerLog", + "DomainLog", + "DataSourceLog", + "StandardErrorAndOutput", + "NodeManagerLog" + ] + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfManagedApplicationInstances": { + "type": "Int", + "value": 2 + }, + "numberOfManagedCacheInstances": { + "type": "Int", + "value": 1 + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "10060935779116645392", + "templateLink": null, + "timestamp": "2020-11-11T07:29:42.336797+00:00" + }, + "resourceGroup": "haiche-cluster-elk", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify ELK connection + +Follow the steps to check if WebLogic Server logs are exported to Elasticsearch. + +* Go to Azure portal +* Copy log index from your resource group -> deployments -> elkNestedTemplate -> output -> logIndex . +* Go to Elasticsearch cloud and launch Kibana. +* Create index + * Go to Kibana -> Management -> Kibana -> Index Patterns + * Click `Create index Patterns` + * Input the log index you copy from output in Index pattern + * There should be an index you can select, otherwise, the ELK deployment failed + * Next step + * Select `@timestamp` in Time Filter and hit `Create index pattern` +* View logs + * Go to Kibana -> Discover + * Select the index you just created + * You will find the WebLogic Server logs listed diff --git a/cluster/index.md b/cluster/index.md new file mode 100644 index 000000000..4f20c5bda --- /dev/null +++ b/cluster/index.md @@ -0,0 +1,25 @@ +# {{ site.data.var.wlsFullBrandName }} Cluster + +{% include sub-template-01.md %} + +Templates available for working with [{{ site.data.var.wlsFullBrandName }} Cluster](https://portal.azure.com/#create/oracle.20191007-arm-oraclelinux-wls-cluster20191007-arm-oraclelinux-wls-cluster): + +* [Add Managed application servers](addnode.md) + +* [Add Managed Coherence cache servers](addnode-coherence.md) + +* [Configure a database connection](dbTemplate.md) + +* [Configure Azure Active Directory](aadNestedTemplate.md) + +* [Configure Azure Application Gateway](appGatewayNestedTemplate.md) + +* [Configure Coherence cluster](coherenceTemplate.md) + +* [Configure custom DNS alias](customDNSTemplate.md) + +* [Configure Elasticsearch and Kibana](elkNestedTemplate.md) + +* [Configure Azure Network Security Group rules](nsgRulesTemplate.md) + +* [Delete nodes](deletenode.md) \ No newline at end of file diff --git a/cluster/nsgRulesTemplate.md b/cluster/nsgRulesTemplate.md new file mode 100644 index 000000000..510330b3b --- /dev/null +++ b/cluster/nsgRulesTemplate.md @@ -0,0 +1,81 @@ +{% include variables.md %} + +# Apply Azure Network Security Rule ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to append addtional security rules to an existing Azure Network Security Group deployed with {{ site.data.var.wlsFullBrandName }} using the Azure CLI. + +## Prerequisies + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### Azure Network Security Group + +The Azure Network Security Rule ARM template will be applied to an existing Azure Network Security Group (NSG) instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Prepare the Parameters JSON file + +You must construct a parameter JSON file containing the parameters to the NSG template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. The options to this template declare the desired configuration of the NSG. + +| Parameter Name | Description | +| `denyPublicTrafficForAdminServer` | Deny public tranffic for the admin server on port 7001, 7002. | +| `denyPublicTrafficForManagedServer` | Deny public tranffic for the managed servers on port 8001. | +| `enableAppGateway` | We deal with the configuration for managed servers when the Application Gateway is enabled. | +| `networkSecurityGroupName` | The name of the NSG. | + +#### Example Parameters JSON file + +Here is a fully filled out parameters file, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "denyPublicTrafficForManagedServer": { + "value": true + }, + "denyPublicTrafficForAdminServer": { + "value": false + }, + "enableAppGateway": { + "value": true + }, + "networkSecurityGroupName": { + "value": "wls-nsg" + } + } +} +``` + +## Invoke the ARM template + +This section shows how to kick off the deployment step-by-step. After the deployment, your existing NSG will append two additional Inbound Rules for admin and managed servers. Here we assume you have the parameter file in the current directory, the file is named `parameters.json`, and your NSG is named `wls-nsg`. Don't forget to replace `yourResourceGroup` with the Azure resource group in which the NSG is created. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/nsgNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template with it + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/nsgNestedTemplate.json +``` + +## Verify the rules have been appended to the Azure Network Security Group successfully + +When the deployment is completed, you can verify the appended rules via Azure Portal +* Visit the Azure Network Security Group under your resource group used above. +* Go to `Settings -> Inbound security rules`. +* Verify there is a rule named `WebLogicAdminPortsAllowed` with **Priority = '210'; Port = '7001, 7002'; Protocol = 'TCP'; Source = '10.0.0.0/24'; Aciton = 'Allow'**. +* Verify there is a rule named `WebLogicManagedPortsDenied` with **Priority = '221'; Port = '8001'; Protocol = '*'; Aciton = 'Deny'**. + diff --git a/dynamic-cluster/aadNestedTemplate.md b/dynamic-cluster/aadNestedTemplate.md new file mode 100644 index 000000000..aec3d8344 --- /dev/null +++ b/dynamic-cluster/aadNestedTemplate.md @@ -0,0 +1,308 @@ +{% include variables.md %} + +# Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure Active Directory Domain Service (AAD DS) using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The AAD ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Active Directory LDAP Instance + +To apply AAD to {{ site.data.var.wlsFullBrandName }}, you must have an existing Azure Active Directory LDAP instance to use. If you don't have AAD LADP instance, please follow the steps in the tutorial [Configure secure LDAP for an Azure Active Directory Domain Services managed domain](https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the AAD ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and AAD instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `aadsPortNumber` | (optional) The LDAP port number, defaults to 636. | +| `aadsPublicIP` | The IP address of the LDAP server | +| `aadsServerHost` | The hostname of the Active Directory Domain Services server. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `dynamicClusterSize` | Size of the dynamic cluster. | +| `location` | Must be the same region into which the server was initially deployed. | +| `managedServerPrefix` | Must be the same managed server prefix with that in initial deployed. | +| `wlsDomainName` | The name of the {{ site.data.var.wlsFullBrandName }} domain. | +| `wlsLDAPGroupBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains groups. | +| `wlsLDAPPrincipalPassword` | The credential (usually a password) used to connect to the LDAP server. | +| `wlsLDAPPrincipal` | The Distinguished Name (DN) of the LDAP user that {{ site.data.var.wlsFullBrandName }} should use to connect to the LDAP server. | +| `wlsLDAPProviderName` | (optional) The value used for creating authentication provider name of WebLogic Server. | +| `wlsLDAPSSLCertificate` | Client certificate that will be imported to trust store of SSL. | +| `wlsLDAPSSLCertificate` | See below for details. | +| `wlsLDAPUserBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains users. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### `wlsLDAPSSLCertificate` + +Use base64 to encode your existing SSL certificate. + +```bash +base64 your-certificate.cer -w 0 >temp.txt +``` + +Use the content as this file as the value of the `wlsLDAPSSLCertificate` parameter. + +### `dynamicClusterSize` + +Size of the dynamic cluster, it should equal to numbers of Virtual Machines that have names starting with `msp`. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. Pay attention to the value of `dynamicClusterSize`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "aadsPublicIP": { + "value": "1.2.3.4" + }, + "aadsServerHost": { + "value": "ladps.fabrikam.com" + }, + "location": { + "value": "eastus" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsLDAPGroupBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipal": { + "value": "CN=WLSTest,OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "value": "Secret123!" + }, + "wlsLDAPSSLCertificate": { + "value": "MIIKQQIBAz....EkAgIIAA==" + }, + "wlsLDAPUserBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified AAD. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/cli", + "location": null, + "name": "cli", + "properties": { + "correlationId": "6d98e1c8-0778-4fa5-a30a-8f10bbbb6818", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT2M59.6052694S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationAADTemplate": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "aadsPortNumber": { + "type": "String", + "value": "636" + }, + "aadsPublicIP": { + "type": "String", + "value": "40.76.11.111" + }, + "aadsServerHost": { + "type": "String", + "value": "ladps.wls-security.com" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsDomainName": { + "type": "String", + "value": "adminDomain" + }, + "wlsLDAPGroupBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipal": { + "type": "String", + "value": "CN=WLSTest,OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "type": "SecureString" + }, + "wlsLDAPProviderName": { + "type": "String", + "value": "AzureActiveDirectoryProvider" + }, + "wlsLDAPSSLCertificate": { + "type": "String", + "value": "LS0tLS1...LQ0K" + }, + "wlsLDAPUserBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "2818584196763146470", + "templateLink": null, + "timestamp": "2020-06-09T07:07:03.444046+00:00" + }, + "resourceGroup": "oraclevm-admin-06082", + "type": "Microsoft.Resources/deployments" +} + +``` + +## Verify AAD Integration + +Follow the steps to check if AAD is enabled. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Providers**. +* If the integration was successful, you will find the AAD provider for example `AzureActiveDirectoryProvider`. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Users and Groups**. +* If the integration was successful, you will find users from the AAD provider. diff --git a/dynamic-cluster/addnode-coherence.md b/dynamic-cluster/addnode-coherence.md new file mode 100644 index 000000000..8f5716664 --- /dev/null +++ b/dynamic-cluster/addnode-coherence.md @@ -0,0 +1,570 @@ +{% include variables.md %} + +# Add cache managed server to {{ site.data.var.wlsFullBrandName }} Coherence cluster + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to add new managed cache server using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The `addnode-coherence.json` template will be applied to an existing {{ site.data.var.wlsFullBrandName }} **Coherence** cluster. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Coherence cluster + +You can configure Coherence cluster from Azure portal or running Coherence sub template. + +* Configure Coherence cluster from Azure portal + + Select `yes` in Coherence section and input required settings, the Azure WebLogic IaaS offer will configure a Coherence cluster automatically. + +* Configure Coherence cluster via Coherence sub template + + Refer to [Configure Coherence cluster](coherenceTemplate.html). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to `addnode-coherence.json` template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. You must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and nodes that to be added. This section shows how to obtain the values for the following required properties. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Parameter NameExplanation
_artifactsLocationSee below for details.
elkSettingsOptional. JSON object type. You can specify this parameters for Elasticsearch and Kibana(ELK) connection. If enable is true, must specify other properties. See the page WebLogic with Elastic on Azure for further information.
enableIf enable is true, must specify all properties of the elkSettings.
elasticsearchEndpointEndpoint of the Elasticsearch instance.
elasticsearchPasswordPassword for Elasticsearch account.
elasticsearchUserNameUser name for Elasticsearch account.
logIndexMust be the same value output at ELK deployment time.
logsToIntegrateArray with string value. Specify the expeted logs to integrate, you must input at least one log.
adminPasswordOrKeyPassword of administration account for the new Virtual Machine that host new nodes.
adminVMNameVirtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server, for example: adminVM.
enableCoherenceWebLocalStorageSpecifies whether Local Storage is enabled for the Coherence*Web cluster tier.
locationMust be the same region into which the server was initially deployed.
managedServerPrefixMust be the same prefix with which the cluster was initially deployed.
numberOfExistingCacheNodesNumber of existing Coherence cache servers, used to name new virtual machines and new managed server.
numberOfNewCacheNodesNumber of new Coherence cahce servers, used to create Virtual Machines and Managed Server.
skuUrnVersionMust be the same urn with which the cluster was initially deployed.
storageAccountNameThe name of an existing storage account.
vmSizeSelectForCoherenceSelect appropriate VM Size for Coherence cache servers.
wlsDomainNameMust be the same value provided at deployment time.
wlsPasswordMust be the same value provided at deployment time.
wlsUserNameMust be the same value provided at deployment time.
+ +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateAddCacheNodeBasePath }} +``` + +### Existing cache nodes +To differentiate functionality of managed cache servers, we use **managed application server** to represent managed servers that host Java EE application, and use **managed cache server** to represent managed servers that used for cache. + +You can get the existing managed cache servers with the following command: + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfExistingCacheNodes=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}StorageVM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfExistingCacheNodes} +``` + +### Log index + +If you configured ELK in your cluster to export WebLogic Server logs to ELK, please input the value of Kibana log index, this template will set up ELK connection and export logs to specified index. + +You can get the value from Azure portal with the following steps: + +* Go to Azure portal. +* Open you resource group and click **Deployments**. +* Open the ELK deployment, and click **Output**. +* Copy the value of `logIndex`. + +Alternatively, use Azure CLI command to list log index inside the resource group deployments: + +```shell +$ az deployment group list -g 'yourResourceGroup' --query [*].properties.outputs.logIndex.value +[ + "azure-weblogic-cluster-f984df74-ab4d-4c17-a532-7f248659fb28" +] +``` + +### Storage account + +Each Storage Account handles up to 20,000 IOPS, and 500TB of data. If you use a storage account for Standard Virtual Machines, you can store until 40 virtual disks. + +We have two disks for one Virtual Machine, it's suggested no more than 20 Virtual Machines share the same storage account. Number of virtual machines that hosting managed servers should be less than or equal to 20. + +You can get the name of storage account from Azure portal with steps: + + * Go to Azure portal + * Go to the your resource group + * Find storage account resource and copy its name + +Alternatively, use Azure CLI command to list storage account inside a resource group: + +```shell +$ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/storageAccounts --query [*].name +[ + "219846olvm" +] +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSizeSelectForCoherence` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateAddCacheNodeBasePath }}" + }, + "adminPasswordOrKey": { + "value": "jyfRat@nht2019" + }, + "adminVMName": { + "value": "adminVM" + }, + "elkSettings": { + "value": { + "enable": true, + "elasticsearchEndpoint":"https://example.eastus2.azure.elastic-cloud.com:9243", + "elasticsearchPassword": "Secret123!", + "elasticsearchUserName":"elastic", + "logIndex": "azure-weblogic-dynamic-cluster-11122020", + "logsToIntegrate": ["HTTPAccessLog", "ServerLog", "DomainLog", "DataSourceLog", "StandardErrorAndOutput", "NodeManagerLog"] + } + }, + "enableCoherenceWebLocalStorage": { + "value": true + }, + "location": { + "value": "eastus" + }, + "managedServerPrefix": { + "value": "msp" + }, + "numberOfExistingCacheNodes": { + "value": 1 + }, + "numberOfNewCacheNodes": { + "value": 1 + }, + "skuUrnVersion": { + "value": "owls-122140-8u251-ol76;Oracle:weblogic-122140-jdk8u251-ol76:owls-122140-8u251-ol7;latest" + }, + "storageAccountName": { + "value": "d40140olvm" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to add new nodes. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az deployment group validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddCacheNodeBasePath }}arm/mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddCacheNodeBasePath }}arm/mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```bash +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/mainTemplate", + "location": null, + "name": "mainTemplate", + "properties": { + "correlationId": "19040fc8-2b74-4e64-9dd9-59a5a3ce401a", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/pid-157ea8ac-12ae-11eb-adc1-0242ac120002", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "pid-157ea8ac-12ae-11eb-adc1-0242ac120002", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM2_PublicIP", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2_PublicIP", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM2_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM2_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-04-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT10M24.4018847S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM2_NIC", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM2_PublicIP", + "resourceGroup": "haiche-cluster-1106" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateAddCacheNodeBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateAddCacheNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminUsername": { + "type": "String", + "value": "weblogic" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "wls" + }, + "enableCoherenceWebLocalStorage": { + "type": "Bool", + "value": true + }, + "guidValue": { + "type": "String", + "value": "d5dde421-44b0-48df-9d12-db02374654d3" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfExistingCacheNodes": { + "type": "Int", + "value": 1 + }, + "numberOfNewCacheNodes": { + "type": "Int", + "value": 1 + }, + "skuUrnVersion": { + "type": "String", + "value": "owls-122130-8u131-ol74;Oracle:weblogic-122130-jdk8u131-ol74:owls-122130-8u131-ol7;latest" + }, + "storageAccountName": { + "type": "String", + "value": "33f2e3olvm" + }, + "usePreviewImage": { + "type": "Bool", + "value": false + }, + "vmSizeSelectForCoherence": { + "type": "String", + "value": "Standard_A1" + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "networkInterfaces" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "16596437850900945013", + "templateLink": null, + "timestamp": "2020-11-09T06:28:40.936524+00:00" + }, + "resourceGroup": "haiche-cluster-1106", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify + +### Verify if new cache nodes are added to the WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment** -> **Machines**. + + You should see logical machines with name parttern `^{managedServerPrefix}StorageVM[0-9]+$`, machine names with number suffix from `numberOfExistingCacheNodes` to `numberOfExistingCacheNodes + numberOfNewCacheNodes` are added. +* Go to **Environment** -> **Servers** + + You should see servers with name parttern `^{managedServerPrefix}Storage[0-9]+$`, server names with number suffix from `numberOfExistingCacheNodes` to `numberOfExistingCacheNodes + numberOfNewNodes` are added to `storage1`. + +### Verify if Azure resources are added + +* Go to [Azure Portal](https://ms.portal.azure.com/). +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been added. diff --git a/dynamic-cluster/addnode.md b/dynamic-cluster/addnode.md new file mode 100644 index 000000000..a7fcb016e --- /dev/null +++ b/dynamic-cluster/addnode.md @@ -0,0 +1,684 @@ +{% include variables.md %} + +# Add nodes to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to add add new managed application nodes using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Active Directory LDAP Instance + +Refer to [Azure Active Directory(AAD) LDAP Instance](aadNestedTemplate.html#azure-active-directory-ldap-instance). + +### Administering Security for Oracle WebLogic Server & Configuring KeyStores + +Refer to [Configuring Keystores](https://docs.oracle.com/en/middleware/fusion-middleware/weblogic-server/12.2.1.4/secmg/identity_trust.html). + +### Generate Base64 string for a given ssl certificate/keystore file + +Use the following command to generate a Base64 string for a given ssl certificate/keystore file, to be used as input in the parameters JSON file + +
base64 /my/path/your-certificate.cer -w 0 >temp.txt
+ + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the add-node ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. You must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and nodes that to be added. This section shows how to obtain the values for the following required properties. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Parameter NameExplanation
_artifactsLocationSee below for details.
aadsSettingsOptional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. See the page WebLogic to Azure with AAD via LDAP for further information.
enableIf enable is true, must specify all properties of the aadSettings.
publicIPThe public IP address of Azure Active Directory LDAP server.
serverHostThe server host of Azure Active Directory LDAP server.
certificateBase64StringThe based64 string of LADP client certificate that will be imported to trust store of WebLogic Server to enable SSL connection of AD provider.
adminPasswordOrKeyPassword of administration account for the new Virtual Machine that host new nodes.
adminURLThe URL of WebLogic Administration Server, usually made up with Virtual Machine name and port, for example: adminVM:7001.
elkSettingsOptional. JSON object type. You can specify this parameters for Elasticsearch and Kibana(ELK) connection. If enable is true, must specify other properties. See the page WebLogic with Elastic on Azure for further information.
enableIf enable is true, must specify all properties of the elkSettings.
elasticsearchEndpointEndpoint of the Elasticsearch instance.
elasticsearchPasswordPassword for Elasticsearch account.
elasticsearchUserNameUser name for Elasticsearch account.
logIndexMust be the same value output at ELK deployment time.
logsToIntegrateArray with string value. Specify the expeted logs to integrate, you must input at least one log.
numberOfExistingNodesThe number of existing managed application nodes, used to generate new virtual machine name,.
numberOfNewNodesThe number of nodes to add.
storageAccountNameThe name of an existing storage account.
wlsDomainNameMust be the same value provided at deployment time.
wlsUserNameMust be the same value provided at deployment time.
wlsPasswordMust be the same value provided at deployment time.
customSSLSettingsOptional. JSON object type. You can specify this parameters for configuring Custom SSL Settings for WebLogic Administration Server. If enable is true, must specify other properties. See the page Administering Security for Oracle WebLogic Server and Configuring Keystores for further information.
enableIf enable is true, must specify all properties of the customSSLSettings. +  Set to false by default.
customIdentityKeyStoreBase64StringThe based64 string of the custom identity keystore file that will be configured in the WebLogic Administration Server to enable SSL connection.
customIdentityKeyStorePassPhraseThe identity keystore pass phrase
customIdentityKeyStoreTypeIdentity Key Store Type. This can be either JKS or PKCS12
customTrustKeyStoreBase64StringThe based64 string of the custom trust keystore file that will be configured in the WebLogic Administration Server to enable SSL connection.
customTrustKeyStorePassPhraseThe trust keystore pass phrase
customTrustKeyStoreTypeTrust Key Store Type. This can be either JKS or PKCS12
privateKeyAliasThe private key alias
privateKeyPassPhraseThe private Key Pass phrase.
+ +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateAddNodeBasePath }} +``` + +### Existing managed application servers +To differentiate functionality of managed servers, we use **managed application server** to represent managed servers that host Java EE application, and use **managed cache server** to represent managed servers that used for cache. + +You can get the existing managed application nodes with the following command: + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfExistingNodes=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}VM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfExistingNodes} +``` + +### Log index + +If you configured ELK in your cluster to export WebLogic Server logs to ELK, please input the value of Kibana log index, this template will set up ELK connection and export logs to specified index. + +You can get the value from Azure portal with the following steps: + +* Go to Azure portal. +* Open you resource group and click **Deployments**. +* Open the ELK deployment, and click **Output**. +* Copy the value of `logIndex`. + +Alternatively, use Azure CLI command to list log index inside the resource group deployments: + +```shell +$ az deployment group list -g 'yourResourceGroup' --query [*].properties.outputs.logIndex.value +[ + "azure-weblogic-cluster-f984df74-ab4d-4c17-a532-7f248659fb28" +] +``` + +### Storage account + +Each Storage Account handles up to 20,000 IOPS, and 500TB of data. If you use a storage account for Standard Virtual Machines, you can store until 40 virtual disks. + +We have two disks for one Virtual Machine, it's suggested no more than 20 Virtual Machines share the same storage account. Number of virtual machines that hosting managed servers should be less than or equal to 20. + +You can get the name of storage account from Azure portal with steps: + + * Go to Azure portal + * Go to the your resource group + * Find storage account resource and copy its name + +Alternatively, use Azure CLI command to list storage account inside a resource group: + +```shell +$ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/storageAccounts --query [*].name +[ + "219846olvm" +] +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateAddNodeBasePath }}" + }, + "aadsSettings": { + "value": { + "enable": true, + "publicIP":"13.68.244.90", + "serverHost": "ladps.wls-security.com", + "certificateBase64String":"LS0tLS1C...tLS0tLQ0K" + } + }, + "adminPasswordOrKey": { + "value": "Secret123!" + }, + "adminURL":{ + "value": "adminVM:7001" + }, + "elkSettings": { + "value": { + "enable": true, + "elasticsearchEndpoint":"https://example.eastus2.azure.elastic-cloud.com:9243", + "elasticsearchPassword": "Secret123!", + "elasticsearchUserName":"elastic", + "logIndex": "azure-weblogic-dynamic-cluster-11122020", + "logsToIntegrate": ["HTTPAccessLog", "ServerLog", "DomainLog", "DataSourceLog", "StandardErrorAndOutput", "NodeManagerLog"] + } + }, + "location": { + "value": "eastus" + }, + "numberOfExistingNodes": { + "value": 4 + }, + "numberOfNewNodes": { + "value": 3 + }, + "storageAccountName": { + "value": "496dfdolvm" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsUserName": { + "value": "weblogic" + }, + "wlsPassword": { + "value": "welcome1" + }, + "customSSLSettings": { + "value": { + "enable": true, + "customIdentityKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAQAKc2VydmV....QZL24ljJLq", + "customIdentityKeyStorePassPhrase": "mypassword", + "customIdentityKeyStoreType": "JKS", + "customTrustKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAgAJdHJ1c3R....Td4bYVnONyS0PC7k=", + "customTrustKeyStorePassPhrase": "mypassword", + "customTrustKeyStoreType": "JKS", + "privateKeyAliasSecret": "servercert", + "privateKeyPassPhraseSecret": "mypassword" + } + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to add new nodes. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddNodeBasePath }}arm/mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddNodeBasePath }}arm/mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```bash +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Resources/deployments/mainTemplate", + "location": null, + "name": "mainTemplate", + "properties": { + "correlationId": "54517529-a1c4-422f-a539-23b9a5129e80", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Resources/deployments/pid-c7671c10-ae59-5ec5-bff3-c60db22d7ea4", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "pid-c7671c10-ae59-5ec5-bff3-c60db22d7ea4", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/publicIPAddresses/mspVM7_PublicIP", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_PublicIP", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "2019-06-01", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Storage/storageAccounts/09b943olvm", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "09b943olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-04-01", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Storage/storageAccounts/09b943olvm", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "09b943olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT9M6.8098765S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/publicIPAddresses/mspVM7_PublicIP", + "resourceGroup": "oraclevm-dcluster-0727" + } + ], + "outputs": { + "wlsDomainLocation": { + "type": "String", + "value": "/u01/domains/wlsd" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateAddNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "aadsSettings": { + "type": "Object", + "value": { + "certificateBase64String": "LS0tLS1C...S0tLQ0K", + "enable": true, + "publicIP": "40.76.11.111", + "serverHost": "ladps.wls-security.com" + } + }, + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminURL": { + "type": "String", + "value": "adminVM:7001" + }, + "adminUsername": { + "type": "String", + "value": "weblogic" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "wls" + }, + "guidValue": { + "type": "String", + "value": "67657ba3-6248-46e5-bedc-53e16ac82571" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfExistingNodes": { + "type": "Int", + "value": 7 + }, + "numberOfNewNodes": { + "type": "Int", + "value": 1 + }, + "skuUrnVersion": { + "type": "String", + "value": "owls-122130-8u131-ol74;Oracle:weblogic-122130-jdk8u131-ol74:owls-122130-8u131-ol7;1.1.1" + }, + "storageAccountName": { + "type": "String", + "value": "09b943olvm" + }, + "usePreviewImage": { + "type": "Bool", + "value": false + }, + "vmSizeSelect": { + "type": "String", + "value": "Standard_A3" + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + }, + "customSSLSettings": { + "type": "Object", + "value": { + "enable": true, + "customIdentityKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAQAKc2VydmV....QZL24ljJLq", + "customIdentityKeyStorePassPhrase": "mypassword", + "customIdentityKeyStoreType": "JKS", + "customTrustKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAgAJdHJ1c3R....Td4bYVnONyS0PC7k=", + "customTrustKeyStorePassPhrase": "mypassword", + "customTrustKeyStoreType": "JKS", + "privateKeyAliasSecret": "servercert", + "privateKeyPassPhraseSecret": "mypassword" + } + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "networkInterfaces" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "15879952829017360289", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateAddNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-27T12:37:03.733682+00:00" + }, + "resourceGroup": "oraclevm-dcluster-0727", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify + +### Verify if new nodes are added to the WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment -> Machines**. + You should see logical machines with suffix from `numberOfExistingNodes` to `numberOfExistingNodes + numberOfNewNodes` are added. + Make note of the total number of machines. + +* Scale up to check if the machines work + * Go to **Environment** -> **Cluster** -> `cluster1` -> **Control** -> **Scaling**. + + Input value to **Desired Number of Running Servers** with the total number of machines, saved in last step. + * Save and activate. + * Go to **Environment** -> **Servers**. + + Expected result: the running managed server number is the same as machine total number. And there are servers running on the new managed nodes. + +### Verify if Azure resources are added + +* Go to [Azure Portal](https://ms.portal.azure.com/). +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been added. + +### Verify AAD Integration + +Verify AAD integration by delpoying a simple Java EE applciation with basic authentication. + +* Go to Administration Server Console and deploy [testing application](../resources/basicauth.war). + * Select **Deployments**. + * Select **Install**. + * Select file `basicauth.war`. + * Select **Next**. Choose "Install this deployment as an application". + * Select **Next**. Select "cluster-1" and "All servers in the cluster". + * Keep configuration as default and select **Finish**. + * Select **Activate Changes** + * In the left navigation pane, select **Deployments**. + * Select **Control** + * Select `basicauth` + * Select **Start** + * Select **Servicing all requests** + +* Access the sample application + * Go to Administration Server Console + * Go to **Environment -> Machines**. Click one of the new machines, make sure there are servers running on that machine. Click **Node Manager** and make note of the machine host in **Listen Address**, here named it as `machineName`. Click **Servers** and make note of **Listen Port**, here named it as `port`. + * Go to [Azure Portal](https://ms.portal.azure.com/), and get DNS name from Virtual Machine has the same name of `machineName`, named it `machineDNS` + * Go to `http://${machineDNS}:${port}/basicauth`, the browser will prompt up to ask for credentials, input one of AAD users from group **AAD DC Administrators**, note that use name should be **sAMAccountName**, for example `wlstest` for user `wlstest@javaeehotmailcom.onmicrosoft.com`. + * Expected result, you can access the sample application without error. diff --git a/dynamic-cluster/coherenceTemplate.md b/dynamic-cluster/coherenceTemplate.md new file mode 100644 index 000000000..632ba5a98 --- /dev/null +++ b/dynamic-cluster/coherenceTemplate.md @@ -0,0 +1,526 @@ +{% include variables.md %} + +# Configure Coherence cluster to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a Coherence cluster using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The Coherence ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +**Note:** if you have enabled Coherence in the initial offer deployment from Azure portal, the Coherence cluster has been set up, you don't need to run Coherence tempalte. + +### Elasticsearch instance + +Optional. + +Refer to [Create an an Elastic on Azure instance](https://aka.ms/arm-oraclelinux-wls-elk#create-an-an-elastic-on-azure-instance) + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the Coherence ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. + +The deployment of coherenceTemplate.json will: + * Provision Azure resources, including virtual machine, network interface, disk, public IP to host new Coherence cache servers. + * Configure WebLogic Coherence cluster, including: + * Create Coherence cluster `myCoherence` + * Create data tier `storage1` cluster. + * Associate `cluster1` and `storage1` to `myCoherence` cluster. + * Create cache servers and assign them to `storage1` cluster. + +We must specify the information of the existing {{ site.data.var.wlsFullBrandName }}. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminPasswordOrKey` | SSH Key or password for the Virtual Machine. SSH key is recommended. | +| `adminVMName`| Virtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server. | +| `elasticsearchEndpoint` | The Elasticsearch endpoint. | +| `elasticsearchPassword` | Password for the Elasticsearch account. | +| `elasticsearchUserName` | User name for the Elasticsearch account. | +| `enableCoherenceWebLocalStorage` | Specifies whether Local Storage is enabled for the Coherence*Web cluster tier. | +| `enableELK` | If true, use the supplied parameters to distribute WebLogic Server logs to the Elasticsearch instance. | +| `location` | Must be the same region into which the server was initially deployed. | +| `logIndex` | Elasticsearch index you expect to export the logs to. Must be the same value with output from initial ELK deployment. | +| `logsToIntegrate` | Specify the WebLogic logs to export to Elasticsearch, you must select at least one log. | +| `managedServerPrefix` | Must be the same prefix with which the cluster was initially deployed. | +| `numberOfCoherenceCacheInstances` | Number of Coherence cache servers, used to create Virtual Machines and Managed Server. | +| `skuUrnVersion` | Must be the same urn with which the cluster was initially deployed. | +| `storageAccountName` | The name of an existing storage account. | +| `vmSizeSelectForCoherence` | Select appropriate VM Size for Coherence cache servers. | +| `wlsDomainName` | Must be the same value provided at initial deployment time. | +| `wlsPassword` | Must be the same value provided at initial deployment time. | +| `wlsUserName` | Must be the same value provided at initial deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Log index + +If you configured ELK in your cluster to export WebLogic Server logs to ELK, please input the value of Kibana log index, this template will set up ELK connection and export logs to specified index. + +You can get the value from Azure portal with the following steps: + +* Go to Azure portal. +* Open you resource group and click **Deployments**. +* Open the ELK deployment, and click **Output**. +* Copy the value of `logIndex`. + +Alternatively, use Azure CLI command to list log index inside the resource group deployments: + +```shell +$ az deployment group list -g 'yourResourceGroup' --query [*].properties.outputs.logIndex.value +[ + "azure-weblogic-cluster-f984df74-ab4d-4c17-a532-7f248659fb28" +] +``` + +### Storage account + +Each Storage Account handles up to 20,000 IOPS, and 500TB of data. If you use a storage account for Standard Virtual Machines, you can store until 40 virtual disks. + +We have two disks for one Virtual Machine, it's suggested no more than 20 Virtual Machines share the same storage account. Number of virtual machines that hosting managed servers should be less than or equal to 20. + +You can get the name of storage account from Azure portal with steps: + + * Go to Azure portal + * Go to the your resource group + * Find storage account resource and copy its name + +Alternatively, use Azure CLI command to list storage account inside a resource group: + +```shell +$ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/storageAccounts --query [*].name +[ + "219846olvm" +] +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. This is an example to set up Coherence*Web. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminPasswordOrKey": { + "value": "jyfRat@nht2019" + }, + "adminVMName": { + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "value": "Secret123!" + }, + "elasticsearchUserName": { + "value": "elastic" + }, + "enableCoherenceWebLocalStorage": { + "value": true + }, + "enableELK": { + "value": true + }, + "managedServerPrefix": { + "value": "msp" + }, + "location": { + "value": "eastus" + }, + "logIndex": { + "value": "azure-weblogic-cluster-11122020" + }, + "logsToIntegrate": { + "value": ["HTTPAccessLog", "ServerLog", "DomainLog", "DataSourceLog", "StandardErrorAndOutput","NodeManagerLog"] + }, + "numberOfCoherenceCacheInstances": { + "value": 1 + }, + "skuUrnVersion": { + "value": "owls-122140-8u251-ol76;Oracle:weblogic-122140-jdk8u251-ol76:owls-122140-8u251-ol7;latest" + }, + "storageAccountName": { + "value": "d40140olvm" + }, + "vmSizeSelectForCoherence": { + "value": "Standard_A1" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with a Coherence cluster. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az deployment group validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/coherenceTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/coherenceTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/coherenceTemplate", + "location": null, + "name": "coherenceTemplate", + "properties": { + "correlationId": "07555c54-2384-4ca3-b427-6cf7d8b53052", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/pid-157eaa6e-12ae-11eb-adc1-0242ac120002", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "pid-157eaa6e-12ae-11eb-adc1-0242ac120002", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM1_PublicIP", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1_PublicIP", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM1_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM1_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT9M26.6278882S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM1_NIC", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM1_PublicIP", + "resourceGroup": "haiche-cluster-1106" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationCoherenceTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminUsername": { + "type": "String", + "value": "weblogic" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "wls" + }, + "enableCoherenceWebLocalStorage": { + "type": "Bool", + "value": true + }, + "guidValue": { + "type": "String", + "value": "b4c17707-b932-43f0-a4cc-6d6990bb850f" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfCoherenceCacheInstances": { + "type": "Int", + "value": 1 + }, + "skuUrnVersion": { + "type": "String", + "value": "owls-122130-8u131-ol74;Oracle:weblogic-122130-jdk8u131-ol74:owls-122130-8u131-ol7;latest" + }, + "storageAccountName": { + "type": "String", + "value": "33f2e3olvm" + }, + "usePreviewImage": { + "type": "Bool", + "value": false + }, + "vmSizeSelectForCoherence": { + "type": "String", + "value": "Standard_A1" + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "networkInterfaces" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "7840329080326569798", + "templateLink": null, + "timestamp": "2020-11-06T08:48:57.229200+00:00" + }, + "resourceGroup": "haiche-cluster-1106", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify Coherence cluster + +Follow the steps to check if Coherence*Web is enabled. + +* Follow the example parameters to set up Coherence*Web. +* Go to admin console portal. +* Deploy [coherence-sample.war](../resources/coherence-sample.war) to `cluster1`. + Please select `cluster1` in the Targets page. +* Start `coherence-sample`. +* Open the sample with browser, click "add session" to add session infomation. Click "test session" to verify. + +If the Coherence cluster does not set up successfully, the application deployment will fail. + +If the cache server does not work correctly, session can not be saved, as we disabled local storage in application servers. diff --git a/dynamic-cluster/customDNSTemplate.md b/dynamic-cluster/customDNSTemplate.md new file mode 100644 index 000000000..5e6921581 --- /dev/null +++ b/dynamic-cluster/customDNSTemplate.md @@ -0,0 +1,177 @@ +{% include variables.md %} + +# Configure DNS alias to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a custom DNS alias. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Registered Domain Name + +You need to buy a domain name to create a custom DNS alias. + +### Azure DNS Zone + +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. + +```bash +$ nslookup -type=SOA contoso.com +Server: 172.29.80.1 +Address: 172.29.80.1#53 + +Non-authoritative answer: +contoso.com + origin = ns1-01.azure-dns.com + mail addr = azuredns-hostmaster.microsoft.com + serial = 1 + refresh = 3600 + retry = 300 + expire = 2419200 + minimum = 300 +Name: ns1-01.azure-dns.com +Address: 40.90.4.1 +Name: ns1-01.azure-dns.com +Address: 2603:1061::1 +``` + +We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. + +### Azure Managed Indentify + +If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + + +## Prepare the Parameters + +We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. + +| Parameter Name             | Explanation | +|----------------|-------------| +| `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| +| `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | +| `--artifact-location`| Required. See below for details. | +| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--location` | Required. Must be the same region into which the server was initially deployed. | +| `--zone-name` | Required. Azure DNS Zone name. | +| `--ohs-vm-name` | Optional. Specify name of the VM that hosts the Oracle HTTP Server Load Balancer. | +| `--loadbalancer-label` | Optional. Label for Load Balancer. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| +| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| +| `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | +| `--help` | Help. | + +### Artifacts location + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +## Invoke the Automation Script + +We provide an automation script to configure a custom DNS alias. The script lets you do the following: + + * If you have an Azure DNS Zone, it will create a DNS alias for the admin console and application gateway on the existing DNS Zone. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console and application gateway. + +### Configure DNS Alias on an Existing Azure DNS Zone + +To configure a DNS alias on an existing Azure DNS Zone, in addition to the required parameters, you must also specify an Azure user-assigned managed identity ID and the resource group name in which your DNS Zone is deployed. + +This is an example to create a DNS alias `admin.contoso.com` for the admin console and `applciations.contoso.com` for the application gateway on an existing Azure DNS Zone. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --ohs-vm-name ohsVM \ + --loadbalancer-label applications \ + --identity-id `yourIndentityID` \ + --zone-resource-group `yourDNSZoneResourceGroup` +``` + +An example output: + +```text +Done! + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + + + Application Gateway URL: http://applications.contoso.com:7777 + Application Gateway secured URL: https://applications.contoso.com:4444 +``` + + +### Configure DNS Alias on a New Azure DNS Zone + +To configure a DNS alias on a new Azure DNS Zone, you must specify the required parameters. + +This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console and `applications.contoso.com` for application gateway. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --ohs-vm-name ohsVM \ + --loadbalancer-label applications +``` + +An example output: + +```text +DONE! + + +Action required: + Complete Azure DNS delegation to make the alias accessible. + Reference: https://aka.ms/dns-domain-delegation + Name servers: + [ + "ns1-02.azure-dns.com.", + "ns2-02.azure-dns.net.", + "ns3-02.azure-dns.org.", + "ns4-02.azure-dns.info." + ] + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + + + Application Gateway URL: http://applications.contoso.com:7777 + Application Gateway secured URL: https://applications.contoso.com:4444 +``` + +**Note:** The DNS aliases are not accessible now, you must perform Azure DNS delegation after the deployment. Follow [Delegation of DNS zones with Azure DNS](https://aka.ms/dns-domain-delegation) to complete the Azure DNS delegation. + + +## Verify the Custom Alias + +Access the URL from output to verify if the custom alias works. diff --git a/dynamic-cluster/dbTemplate.md b/dynamic-cluster/dbTemplate.md new file mode 100644 index 000000000..ac4ab4faf --- /dev/null +++ b/dynamic-cluster/dbTemplate.md @@ -0,0 +1,332 @@ +{% include variables.md %} + +# Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure database using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Database Instance + +To apply configure a database with {{ site.data.var.wlsFullBrandName }}, +you must have an existing database instance to use. This template +supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +create one from the Azure portal. + +### Apply multiple databases + +You can deploy different databases using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. + +To apply multiple databases, you have to remove the previous virtual machine extension. Last ARM parameters file is cached, it will block you from configuring the new database. + +Use the following command to remove virtual machine extension: + +```bash +# remove existing vm extension +az vm extension delete -g ${yourResourceGroup} --vm-name ${adminVMName} --name newuserscript +``` + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the database ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and database instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `dbPassword`| See below for details. | +| `dbUser` | See below for details. | +| `dsConnectionURL`| See below for details. | +| `jdbcDataSourceName`| Must be the JNDI name for the JDBC DataSource. | +| `location` | Must be the same region into which the server was initially deployed. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Obtain the JDBC Connection String, Database User, and Database Password + +The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. + +#### Oracle Database: + +The following is the format of the JDBC connection string for Oracle Database: + +```bash +jdbc:oracle:thin:@HOSTNAME:1521/DATABASENAME +``` + +For example: + +```bash +jdbc:oracle:thin:@benqoiz.southeastasia.cloudapp.azure.com:1521/pdb1 +``` + +#### Azure Database for PostgreSQL: + +Deploy an Azure Database PostgreSQL as described in [Create an Azure Database for PostgreSQL server in the Azure portal](https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-portal). + +1. Access the [Azure portal](https://portal.azure.com), and go to the service instance. + +2. Click **Connection Strings** under **Settings**. + +3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: + +```bash +jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?user=jroybtvp@20191015cbfgterfdy&password={your_password}&sslmode=require +``` + +When passing this value to the ARM template, remove the database user and password values from the connection string, and let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: + +```bash +jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?sslmode=require +``` + +Finally, replace `{your_database}` with the name of your database, typically `postgres`. + +#### Azure SQL Server + +Deploy Azure SQL Server as described in [Create a single database in Azure SQL Database using the Azure portal, PowerShell, and Azure CLI](https://docs.microsoft.com/en-us/azure/sql-database/sql-database-single-database-get-started?tabs=azure-portal). + +1. Access the [Azure portal](https://portal.azure.com) and go to the service instance. + +2. Click **Connection Strings** under **Settings**. + +3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: + +```bash +jdbc:sqlserver://rwo102804.database.windows.net:1433;database=rwo102804;user=jroybtvp@rwo102804;password={your_password_here};encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30; +``` + +When passing this value to the ARM template, remove the database user and password values, let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: + +```bash +jdbc:sqlserver://rwo102804.database.windows.net:1433;database={your_database};encrypt=true;tr +``` + +Finally, replace `{your_database}` with the name of your database. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include `adminVMName`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation":{ + "value": "{{ armTemplateBasePath }}" + }, + "location": { + "value": "eastus" + }, + "databaseType": { + "value": "postgresql" + }, + "dsConnectionURL": { + "value": "jdbc:postgresql://ejb060801p.postgres.database.azure.com:5432/postgres?sslmode=require" + }, + "dbPassword": { + "value": "Secret123!" + }, + "dbUser": { + "value": "postgres@ejb060801p" + }, + "jdbcDataSourceName": { + "value": "jdbc/ejb060801p" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Resources/deployments/db", + "location": null, + "name": "db", + "properties": { + "correlationId": "6fc805b9-1c47-4b32-b9b0-59745a21e559", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-0602", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Resources/deployments/3b35b279-0e94-5264-85f5-0d9d662f8a38", + "resourceGroup": "oraclevm-admin-0602", + "resourceName": "3b35b279-0e94-5264-85f5-0d9d662f8a38", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT17.4377546S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-0602" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationDbTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "databaseType": { + "type": "String", + "value": "postgresql" + }, + "dbPassword": { + "type": "SecureString" + }, + "dbUser": { + "type": "String", + "value": "weblogic@oraclevm" + }, + "dsConnectionURL": { + "type": "String", + "value": "jdbc:postgresql://oraclevm.postgres.database.azure.com:5432/postgres" + }, + "jdbcDataSourceName": { + "type": "String", + "value": "jdbc/WebLogicCafeDB" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "6381424766408193665", + "templateLink": null, + "timestamp": "2020-06-02T06:05:03.141828+00:00" + }, + "resourceGroup": "oraclevm-admin-0602", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify Database Connection + +Follow the steps to check if the database has successfully been connected. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigation pane, expand the **Services** tree node and the **DataSources** child node. +* Select the row for the JDBC database name, for example `jdbc/WebLogicDB`. +* Select the **Monitoring** tab and the **Testing** sub-tab. +* Select `admin` and select **Test Data Source** +* If the database is enabled, you will see a message similar to "Test of jdbc/WebLogicDB on server admin was successful." diff --git a/dynamic-cluster/deletenode.md b/dynamic-cluster/deletenode.md new file mode 100644 index 000000000..a87dc0cd4 --- /dev/null +++ b/dynamic-cluster/deletenode.md @@ -0,0 +1,482 @@ +{% include variables.md %} + +# Delete nodes from {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to delete nodes using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters that to the delete-node ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. You must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and nodes that to be deleted. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `deletingCacheServerNames`| (Optional) Names of cache servers to be deleted, comma delimited. Please ignore this parameter if you are not deleting cache servers. | +| `deletingManagedServerMachineNames`| The resource names of Azure Virtual Machine hosting managed nodes that you want to delete. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateDeleteNodeBasePath }} +``` + +### Server names + +This value must be an array of strings, with pattern `^${managedServerPrefix}Storage[0-9]+$`, for example: `["mspStorage1", "mspStorage2"]`. + +You can get the server names from WebLogic Server Administration Console, following the steps: + +* Go to WebLogic Server Administration Console, http://admin-host:7001/console. + +* Go to **Environment** -> **Servers**. + + Server names are listed in the first column. + + If you want to remove coresponding virtual machine, please go to [Machine names](#machine-names) to obtain machine names. + +### Machine names + +This value must be an array of strings, for example: `["mspVM1", "mspVM2", "mspStorageVM2"]`. + +You can get the machine names from WebLogic Server Administration Console, following the steps: + +* Go to WebLogic Server Administration Console, http://admin-host:7001/console. + +* Go to **Environment** -> **Machines**. + + Open the machine you want to delete. + + Click **Configuration** -> **Node Manager**, you will get compute name from **Listen Address**. + + The Azure Virtual Machine name was set with the same value of compute name during {{ site.data.var.wlsFullBrandName }} deployment. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we do not include `adminVMName`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "deletingCacheServerNames": { + "value": [ + "mspStorage2" + ] + }, + "deletingManagedServerMachineNames": { + "value": [ + "mspVM4", + "mspStorageVM2" + ] + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the delete-node script + +To delete managed nodes completely, you have to delete managed nodes logically from the WebLogic Server instance, and physically release Azure resources that host the managed nodes. We realize the two purposes in different ways: + * Delete machines logically from WebLogic Server instance by deploying delete-node ARM template with Azure CLI. You have to specify the parameters file. + The cluster will restart after deleting the machines, and manages servers may be reallocated to another existing machine. + * Release corresponding Azure resources by running Azure CLI commands. The following resources will be removed: + * Virtual Machines that host managed nodes that will be deleted. + * Data disks attached to the Virtual Machines + * OS disks attached to the Virtual Machines + * Network Interfaces added to the Virtual Machines + * Public IPs attached to the Virtual Machines + +We have provided an automation script for above two purposes, you can delete managed nodes easily with the following instructions. + +### Invoke the script + +Assume your parameters file is available in the current directory and is named `parameters.json`. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +The following command runs the script in silent mode with option `-s`, this mode will delete managed nodes logically and physically. + +If you want to keep Azure resources, refer to [advanced usage](#advanced-usage) for further information. + +```bash +$ curl -fsSL {{ armTemplateDeleteNodeBasePath }}scripts/deletenode-cli.sh | /bin/bash -s -- -s -g `yourResourceGroup` -u {{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json -p parameters.json +``` + +The script will validate the template with your parameters file; deploy the template to delete managed servers from WebLogic Server cluster; run Azure CLI commands to delete corresponding Azure resources. + +This is an example output of successful deployment, the {{ site.data.var.wlsFullBrandName }} is deployed with Application Gateway. Look for `Completed!` in your output. + +```bash +{ + "error": null, + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/mainTemplate", + "name": "mainTemplate", + "properties": { + "correlationId": "be24f5de-1fdf-4fc6-be97-ac53af3ccd3c", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-07222", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceGroup": "oraclevm-dcluster-07222", + "resourceName": "pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT0S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputs": null, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "deletingManagedServerMachineNames": { + "type": "Array", + "value": [ + "mspVM1" + ] + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsForceShutDown": { + "type": "String", + "value": "true" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "17905048512558945100", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-23T08:36:10.953240+00:00", + "validatedResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-a816a607-eb8a-5aa1-9475-c3fba6994679", + "resourceGroup": "oraclevm-dcluster-07222" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-07222" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceGroup": "oraclevm-dcluster-07222" + } + ] + }, + "resourceGroup": "oraclevm-dcluster-07222", + "type": "Microsoft.Resources/deployments" +} +Command ran in 46.180 seconds (init: 0.064, invoke: 46.116) +Extension 'resource-graph' is already installed. +List resource Ids to be deleted: +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/mspVM1 +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Network/networkInterfaces/mspVM1NIC +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Network/publicIPAddresses/mspVM1PublicIP +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/ORACLEVM-DCLUSTER-07222/providers/Microsoft.Compute/disks/mspVM1_OsDisk_1_e490d8e72ef14081aea596eab709efef +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/ORACLEVM-DCLUSTER-07222/providers/Microsoft.Compute/disks/mspVM1_lun_0_2_bb9f86a391c34e2d8dbe3b1b408d4952 +Are you sure to delete these resources (y/n)?Deleting managed resources...Please do not stop. +Deleting managed resources...Please do not stop. +[ + null, + null, + null, + null, + null +] +Command ran in 99.764 seconds (init: 0.068, invoke: 99.696) + +Complete! +``` + +### Advanced usage + +If you want to learn more about the script and run it manually, follow the advanced instructions to interact with the ternimal. + + * Download the script + + ```bash + $ curl -fsSL {{ armTemplateDeleteNodeBasePath }}scripts/deletenode-cli.sh + ``` + + You will get a shell script named `deletenode-cli.sh` in your current directory. Usage of the script: + + ```bash + ./deletenode-cli.sh -h + usage: deletenode-cli.sh -g resource-group [-f template-file] [-u template-url] -p paramter-file [-h] + -g Azure Resource Group of the Vitural Machines that host deleting manages servers, must be specified. + -f Path of ARM template to delete nodes, must be specified -f option or -u option. + -u URL of ARM template, must be specified -f option or -u option. + -p Path of ARM parameter, must be specified. + -s Execute the script in silent mode. The script will input y automatically for the prompt. + -h Help + ``` + + You can not only run the script with a local template file by specifying `-f` option, but also with a templatle URL using `-u` option. + + * Run the script + + Run the script with your parameters file in your current directory. The following command runs with a template URL: + + ```bash + ./deletenode-cli.sh -g yourResourceGroup -u {{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json -p parameters.json + ``` + + Before deleting any Azure resource, the script will prompt up message **Are you sure to delete these resources (y/n)?** to comfirm if you want to delete Azure resources. If you input `Y/y`, the Azure resources will be deleted. Otherwise, keep the resource and exit. + + This is an example output of deployment that will not delete Azure resources from your resource group, the {{ site.data.var.wlsFullBrandName }} is deployed with Application Gateway. Look for `Completed!` in your output. + + ```bash + { + "error": null, + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/mainTemplate", + "name": "mainTemplate", + "properties": { + "correlationId": "be24f5de-1fdf-4fc6-be97-ac53af3ccd3c", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-07222", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceGroup": "oraclevm-dcluster-07222", + "resourceName": "pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT0S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputs": null, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "deletingManagedServerMachineNames": { + "type": "Array", + "value": [ + "mspVM1" + ] + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsForceShutDown": { + "type": "String", + "value": "true" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "17905048512558945100", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-23T08:36:10.953240+00:00", + "validatedResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-a816a607-eb8a-5aa1-9475-c3fba6994679", + "resourceGroup": "oraclevm-dcluster-07222" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-07222" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceGroup": "oraclevm-dcluster-07222" + } + ] + }, + "resourceGroup": "oraclevm-dcluster-07222", + "type": "Microsoft.Resources/deployments" +} +Command ran in 46.180 seconds (init: 0.064, invoke: 46.116) +Extension 'resource-graph' is already installed. +List resource Ids to be deleted: +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/mspVM1 +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Network/networkInterfaces/mspVM1NIC +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Network/publicIPAddresses/mspVM1PublicIP +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/ORACLEVM-DCLUSTER-07222/providers/Microsoft.Compute/disks/mspVM1_OsDisk_1_e490d8e72ef14081aea596eab709efef +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/ORACLEVM-DCLUSTER-07222/providers/Microsoft.Compute/disks/mspVM1_lun_0_2_bb9f86a391c34e2d8dbe3b1b408d4952 +Are you sure to delete these resources (y/n)?n + +Complete! + ``` + +## Verify + +### Verify if the managed servers are deleted from WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment** -> **Machines**. + + You should see the logical machine names (e.g. `machine-mspVM1`) that have been deleted is not listed in **Name** column. + +### Verify if the Azure resources are deleted + +* Go to Azure Portal, https://ms.portal.azure.com/. +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been removed. + + For example, I want to delete managed server `msp1`, corresponding Virtual Machine name is `mspVM1`, Azure resource names are: + * Virtual Machine: `mspVM1` + * Data Disk: `mspVM1_lun_0_2_9d41e2c965744665adb6965625c20d9a` + * OS Disk: `mspVM1_OsDisk_1_05a8d81f5d01419a97ee17a45f974dca` + * Network Interface: `mspVM1_NIC` + * Public IP: `mspVM1_PublicIP` + + All of these resource should be deleted after the script finishes, unless you don't expect to delete them without specifying "Y/y" to the prompt. + + diff --git a/dynamic-cluster/elkNestedTemplate.md b/dynamic-cluster/elkNestedTemplate.md new file mode 100644 index 000000000..08fa9b092 --- /dev/null +++ b/dynamic-cluster/elkNestedTemplate.md @@ -0,0 +1,406 @@ +{% include variables.md %} + +# Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to land logs to Elasticsearch and Kibana using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The ELK ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Virtual machine size requirement +Ensure the virtual machines that have been deployed have at least **2.5GB** of memory. The default virtual machine size for WLS does not have enough memory. Use at least `Standard_A2_v2`. + +### Elasticsearch instance + +Refer to [Create an an Elastic on Azure instance](https://aka.ms/arm-oraclelinux-wls-elk#create-an-an-elastic-on-azure-instance) + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the ELK ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. + +We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and Elasticsearch instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| Virtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server. | +| `elasticsearchEndpoint` | The Elasticsearch endpoint. | +| `elasticsearchPassword` | Password for the Elasticsearch account. | +| `elasticsearchUserName` | User name for the Elasticsearch account. | +| `location` | Must be the same region into which the server was initially deployed. | +| `logsToIntegrate` | Specify the WebLogic logs to export to Elasticsearch, you must select at least one log. | +| `managedServerPrefix` | Must be the same prefix with which the cluster was initially deployed. | +| `maxDynamicClusterSize` | Must be the same value with which the cluster was initially deployed. | +| `numberOfManagedApplicationInstances` | Number of VMs that have been deployed to host managed application server. | +| `numberOfManagedCacheInstances` | Number of VMs that have been deployed to host managed cache server, please set the value if your cluster is Coherence cluster. | +| `wlsDomainName` | Must be the same value provided at initial deployment time. | +| `wlsPassword` | Must be the same value provided at initial deployment time. | +| `wlsUserName` | Must be the same value provided at initial deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Number of Managed application instances + +You can get the existing Managed application instances number with the following command using Azure CLI. + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfManagedApplicationInstances=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}VM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfManagedApplicationInstances} +``` + +### Number of Managed cache instances + +This parameter works for Coherence cluster. If your cluster is not Coherence cluter, keep it with default value `0`. + +You can get the existing Managed cache instances number with the following command using Azure CLI. It should be `0` if no value returned. + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfManagedCacheInstances=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}StorageVM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfManagedCacheInstances} +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminVMName": { + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "value": "wlkpsw" + }, + "elasticsearchUserName": { + "value": "elastic" + }, + "location": { + "value": "eastus" + }, + "managedServerPrefix": { + "value": "msp" + }, + "maxDynamicClusterSize": { + "value": 8 + }, + "numberOfManagedApplicationInstances": { + "value": 3 + }, + "numberOfManagedCacheInstances": { + "value": 0 + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to connect to Elasticsearch and Kinaba intance. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Resources/deployments/elkNestedTemplate", + "location": null, + "name": "elkNestedTemplate", + "properties": { + "correlationId": "61a46b43-27d0-4478-baba-c288059892d5", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Resources/deployments/pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT8M54.4785762S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "logIndex": { + "type": "String", + "value": "azure-weblogic-cluster-b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationELKTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "type": "String", + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "type": "SecureString" + }, + "elasticsearchUserName": { + "type": "String", + "value": "elastic" + }, + "guidValue": { + "type": "String", + "value": "b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "logsToIntegrate": { + "type": "Array", + "value": [ + "HTTPAccessLog", + "ServerLog", + "DomainLog", + "DataSourceLog", + "StandardErrorAndOutput", + "NodeManagerLog" + ] + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "maxDynamicClusterSize": { + "value": 8 + }, + "numberOfManagedApplicationInstances": { + "type": "Int", + "value": 2 + }, + "numberOfManagedCacheInstances": { + "type": "Int", + "value": 1 + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "10060935779116645392", + "templateLink": null, + "timestamp": "2020-11-11T07:29:42.336797+00:00" + }, + "resourceGroup": "haiche-cluster-elk", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify ELK connection + +Follow the steps to check if WebLogic Server logs are exported to Elasticsearch. + +* Go to Azure portal +* Copy log index from your resource group -> deployments -> elkNestedTemplate -> output -> logIndex . +* Go to Elasticsearch cloud and launch Kibana. +* Create index + * Go to Kibana -> Management -> Kibana -> Index Patterns + * Click `Create index Patterns` + * Input the log index you copy from output in Index pattern + * There should be an index you can select, otherwise, the ELK deployment failed + * Next step + * Select `@timestamp` in Time Filter and hit `Create index pattern` +* View logs + * Go to Kibana -> Discover + * Select the index you just created + * You will find the WebLogic Server logs listed diff --git a/dynamic-cluster/index.md b/dynamic-cluster/index.md new file mode 100644 index 000000000..4835215f2 --- /dev/null +++ b/dynamic-cluster/index.md @@ -0,0 +1,26 @@ +# {{ site.data.var.wlsFullBrandName }} Dynamic Cluster + +{% include sub-template-01.md %} + +Templates available for working with [{{ site.data.var.wlsFullBrandName }} Dynamic Cluster](https://portal.azure.com/#create/oracle.20191021-arm-oraclelinux-wls-dynamic-cluster20191021-arm-oraclelinux-wls-dynamic-cluster): + +* [Add Managed application nodes](addnode.md) + +* [Add Managed Coherence cache nodes](addnode-coherence.md) + +* [Configure a database connection](dbTemplate.md) + +* [Configure Azure Active Directory](aadNestedTemplate.md) + +* [Configure Coherence cluster](coherenceTemplate.md) + +* [Configure custom DNS alias](customDNSTemplate.md) + +* [Configure Elasticsearch and Kibana](elkNestedTemplate.md) + +* [Configure Azure Network Security Group rules](nsgRulesTemplate.md) + +* [Configure Oracle HTTP Server load balancer](ohsNestedTemplate.md) + +* [Delete nodes](deletenode.md) + diff --git a/dynamic-cluster/nsgRulesTemplate.md b/dynamic-cluster/nsgRulesTemplate.md new file mode 100644 index 000000000..c7d63674d --- /dev/null +++ b/dynamic-cluster/nsgRulesTemplate.md @@ -0,0 +1,81 @@ +{% include variables.md %} + +# Apply Azure Network Security Rule ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to append addtional security rules to an existing Azure Network Security Group deployed with {{ site.data.var.wlsFullBrandName }} using the Azure CLI. + +## Prerequisies + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### Azure Network Security Group + +The Azure Network Security Rule ARM template will be applied to an existing Azure Network Security Group (NSG) instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Prepare the Parameters JSON file + +You must construct a parameter JSON file containing the parameters to the NSG template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. The options to this template declare the desired configuration of the NSG. + +| Parameter Name | Description | +| `denyPublicTrafficForAdminServer` | Deny public tranffic for the admin server on port 7001, 7002. | +| `denyPublicTrafficForManagedServer` | Deny public tranffic for the managed servers on port 8001. | +| `enableOHS` | We deal with the configuration for managed servers when the OHS load balancer is enabled. | +| `networkSecurityGroupName` | The name of the NSG. | + +#### Example Parameters JSON file + +Here is a fully filled out parameters file, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "denyPublicTrafficForManagedServer": { + "value": true + }, + "denyPublicTrafficForAdminServer": { + "value": false + }, + "enableOHS": { + "value": true + }, + "networkSecurityGroupName": { + "value": "wls-nsg" + } + } +} +``` + +## Invoke the ARM template + +This section shows how to kick off the deployment step-by-step. After the deployment, your existing NSG will append two additional Inbound Rules for admin and managed servers. Here we assume you have the parameter file in the current directory, the file is named `parameters.json`, and your NSG is named `wls-nsg`. Don't forget to replace `yourResourceGroup` with the Azure resource group in which the NSG is created. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/nsgNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template with it + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/nsgNestedTemplate.json +``` + +## Verify the rules have been appended to the Azure Network Security Group successfully + +When the deployment is completed, you can verify the appended rules via Azure Portal +* Visit the Azure Network Security Group under your resource group used above. +* Go to `Settings -> Inbound security rules`. +* Verify there is a rule named `WebLogicAdminPortsAllowed` with **Priority = '210'; Port = '7001, 7002'; Protocol = 'TCP'; Source = '10.0.0.0/24'; Aciton = 'Allow'**. +* Verify there is a rule named `WebLogicManagedPortsDenied` with **Priority = '221'; Port = '8001'; Protocol = '*'; Aciton = 'Deny'**. + diff --git a/dynamic-cluster/ohsNestedTemplate.md b/dynamic-cluster/ohsNestedTemplate.md new file mode 100644 index 000000000..f7c8680cb --- /dev/null +++ b/dynamic-cluster/ohsNestedTemplate.md @@ -0,0 +1,210 @@ + +{% include variables.md %} + +# Apply OHS ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a Oracle HTTP Server using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Certificate for SSL Termination + +Oracle HTTP Server serves as the front end load balancer for the {{ site.data.var.wlsFullBrandName }} dynamic cluster, hence it must be provided with a certificate to allow browsers to connect via SSL. + +#### Creating Self-signed certificate + +This section describes how to create a self-signed certificate in the format expected by Oracle HTTP server. The example provided below is one of the ways to create self-signed certificates. Note that such self-signed certificates created should only be used for testing purpose and it is not recommended for production purpose. + +* JKS format certificate + + ```bash + keytool -genkey -keyalg RSA -alias selfsigned -keystore keyStore.jks -storepass password -validity 360 -keysize 2048 + ``` + + Provide all information prompted and store in a file. + +* PKCS12 format certificate + + ```bash + openssl req -newkey rsa:2048 -x509 -keyout key.pem -out out.pem -days 3650 + ``` + + Provide all information prompted and store in a file. + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the OHS ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing SSL certificate. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +|`adminPasswordOrKey`|Password of administration account for the new Virtual Machine that hosts Oracle HTTP Server.| +|`adminUsername`| Username of administration account for the new Virtual Machine that hosts Oracle HTTP Server.| +|`adminRestMgmtURL`| WebLogic Server admin REST management URL. It should be in the format `http://admincomputername:adminport/management/weblogic/latest`.Example `http://adminVM:7001/management/weblogic/latest` or `http://adminVM:7005/management/weblogic/latest` | +|`dnsLabelPrefix`| Must be the same `dnsLabelPrefix` value with which WebLogic Dynamic cluster deployment is made. This value is used for fetching existing deployment `dnsLabelPrefix-nsg` NSG value. | +|`location`| Must be the same region into which the WebLogic dynamic cluster deployment is made.| +|`ohsComponentName` | Oracle HTTP Server component name to be configured as part of domain. At deployment, if this value is changed from its default value, the value used at deployment time must be used.| +|`ohsDomainName`| Oracle HTTP Server standalone domain name. At deployment, if this value is changed from its default value, the value used at deployment time must be used. | +|`ohsNMPassword`| Oracle HTTP Server NodeManager password configured as part of the domain. | +|`ohsNMUser`| Oracle HTTP Server NodeManager user name configured as part of the domain.| +|`keyType` | Certificate format supported for configuring Oracle HTTP Server SSL configuration. Supported format is `JKS` and `PKCS12`. Default value is `PKCS12`| +|`ohsSSLKeystoreData`| base64 bit encoded value of JKS/PKCS12 certificate contents. See below for details| +|`ohsSSLKeystorePassword`|The keystore stored password | +|`ohsSkuUrnVersion`| Oracle HTTP Server base images provided by publisher Oracle. Refer [Azure Marketplace OHS Base Images](https://azuremarketplace.microsoft.com/en-us/marketplace/apps?search=oracle%20ohs%20base%20image) | +|`ohsVMName`|At deployment time, if this value is changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted.| +|`ohshttpPort` | Http server port configured using which application can be accessed via Oracle HTTP Server.At deployment, if this value is changed from its default value, the value used at deployment time must be used.| +|`ohshttpsPort`| Https server port configured using which application can be accessed via Oracle HTTP Server.At deployment, if this value is changed from its default value, the value used at deployment time must be used.| +|`oracleVaultPswd` | Password for Oracle wallet/vault, to add certificates supplied for OHS.| +|`storageAccountName`| The name of an existing storage account. Must be the same storage account name avilable in existing deployed WebLogic dynamic cluster| +|`virtualNetworkName`| The name of an existing virtual network name. Must be the same virtual network name available in existing deployed WebLogic dynamic cluster| +|`wlsUserName` |Must be the same value provided at deployment time for WebLogic dynamic cluster deployment time.| +|`wlsPassword` |Must be the same value provided at deployment time WebLogic dynamic cluster deployment time.| + + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### `ohsSSLKeystoreData` +Use base64 to encode your existing SSL certificate. + + base64 your-JKS/PKCS12-certificate-contents -w 0 > temp.txt + +Use temp.txt contents to set the value for ohsSSLKeystoreData + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include any optional parameters, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. + + +```json +{ + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminPasswordOrKey": { + "value": "Azure123456!" + }, + "adminRestMgmtURL": { + "value": "http://adminVM:7001/management/weblogic/latest" + }, + "adminUsername": { + "value": "azureuser" + }, + "dnsLabelPrefix": { + "value": "wls" + }, + "keyType": { + "value": "JKS" + }, + "location": { + "value": "eastus" + }, + "ohsComponentName": { + "value": "ohs_component" + }, + "ohsDomainName": { + "value": "ohsStandaloneDomain" + }, + "ohsNMPassword": { + "value": "Nmpswd1234567" + }, + "ohsNMUser": { + "value": "weblogic" + }, + "ohsSSLKeystoreData": { + "value": "/u3+7QAAAAIAAAABAAAAAQAKc2VsZnNpZ25lZAAAAX ...." + }, + "ohsSSLKeystorePassword": { + "value": "azure123!" + }, + "ohsSkuUrnVersion": { + "value": "ohs-122140-jdk8-ol76;ohs-122140-jdk8-ol76;latest" + }, + "ohsVMName": { + "value": "ohsVM" + }, + "ohshttpPort": { + "value": "7777" + }, + "ohshttpsPort": { + "value": "4444" + }, + "oracleVaultPswd": { + "value": "Welcome1234567" + }, + "storageAccountName": { + "value": "6be282olvm" + }, + "virtualNetworkName": { + "value": "wlsd_VNET" + }, + "wlsPassword": { + "value": "Welcome1234567" + }, + "wlsUserName": { + "value": "weblogic" + } +} +``` + +### Invoke the ARM template +Assume your parameters file is available in the current directory and is named parameters.json. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with a Oracle HTTP Server. Replace yourResourceGroup with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file +The `az deployment group validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/ohsNestedTemplate.json +``` +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/ohsNestedTemplate.json +``` +As with the validate command, if the command returns with an exit status other than 0, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```bash + "provisioningState": "Succeeded", + "template": null, + "templateHash": "13760326614657528322", +``` + +## Verify Oracle HTTP Server setup + +Successful deployment provides Oracle HTTP Server access url in your output, similar to below. + +```json + "ohsAccessURL": { + "type": "String", + "value": "http://wls-5ff4cab395-loadbalancer.eastus.cloudapp.azure.com:7777" + }, + "ohsSecureAccessURL": { + "type": "String", + "value": "https://wls-5ff4cab395-loadbalancer.eastus.cloudapp.azure.com:4444" + } +``` + +Follow the steps to verify Oracle HTTP Server. +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigator, expand the tree to select **Deployments**, install some sample application targeted to WebLogic Cluster and start the service. +* Access your application using ohsAccessURL/application +* Access your application using ohsSecureAccessURL/application + diff --git a/index.html b/index.html new file mode 100644 index 000000000..a21e7ef4f --- /dev/null +++ b/index.html @@ -0,0 +1,5 @@ + + +Redirecting to https://docs.oracle.com/en/middleware/standalone/weblogic-server/wlazu/ + + diff --git a/release-notes/index.md b/release-notes/index.md new file mode 100644 index 000000000..1084f6b50 --- /dev/null +++ b/release-notes/index.md @@ -0,0 +1,100 @@ +# Release Notes + +## 2020-Q2 + +### Features that apply to all offers + +* Choice of five different base images. + + | WebLogic Server Version | Oracle JDK Version | Oracle Linux Version | + |-------------------------|--------------------|----------------------| + | 12.2.1.3.0 | 8u131 | 7.4 | + | 12.2.1.3.0 | 8u131 | 7.3 | + | 12.2.1.4.0 | 8u251 | 7.6 | + | 14.1.1.0.0 | 8u251 | 7.6 | + | 14.1.1.0.0 | 11_07 | 7.6 | + +### arm-oraclelinux-wls + +* No additional new features. + +### arm-oraclelinux-wls-admin + +* Database integration from portal. + +* Azure Active Directory Domain Services LDAP integration from portal. + +### arm-oraclelinux-wls-cluster + +* Database integration from portal. + +* Azure Active Directory Domain Services LDAP integration from portal. + +* Azure App Gateway integration from portal. + +### arm-oraclelinux-wls-dynamic-cluster + +* Database integration from portal. + +* Azure Active Directory Domain Services (Azure AD DS) LDAP integration from portal. + +### Known Issues + +* Azure AD DS integration does not work for WebLogic Server 14. + +* For cluster offers, the maximum recommended number of VMs per deployment is 20. This is due to the default limits for storage accounts. For more information see [Azure subscription and service limits, quotas, and constraints](https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/azure-subscription-service-limits#storage-limits). + * Customers may experience Azure IaaS VM performance issues if too many OS and/or data disk VHD files are stored in each Storage Account + * Storage Accounts are limited to **20,000 IOPS** + * We expect each disk to experience up to **500 IOPS** + * We can determine approximately how many OS and data disk VHD files, as a maximum number, should reside in each storage account + * 20,000 IOPS / 500 per-disk IOPS = 40 VHDs max per Storage Account + * Each VM uses two VHDs, therefore 20 VMs. + +### Source Tags and Marketplace Bundle Versions + +| Repository Name | GitHub Tag Link | Corresponding Marketplace Bundle Version | +|-----------------|-----------------|------------------------------------------| +| arm-oracle-linux-wls | [v1.0.0](https://github.com/wls-eng/arm-oraclelinux-wls/releases/tag/v1.0.0) | 1.0.17 | +| arm-oraclelinux-wls-admin | [v1.0.0](https://github.com/wls-eng/arm-oraclelinux-wls-admin/releases/tag/v1.0.0) | 1.0.21 | +| arm-oraclelinux-wls-cluster | [v1.0.0](https://github.com/wls-eng/arm-oraclelinux-wls-cluster/releases/tag/v1.0.0) | 1.0.290000 | +| arm-oraclelinux-wls-dynamic-cluster | [v1.0.0](https://github.com/wls-eng/arm-oraclelinux-wls-dynamic-cluster/releases/tag/v1.0.0) | 1.0.19 | + +----------------------------------------------------------------- + +## 2019-Q4 + +### Features that apply to all offers + +* Network Security Group pre-created with correct ports for WebLogic Server. + +### arm-oraclelinux-wls + +* Single node with no domain pre-created. + +### arm-oraclelinux-wls-admin + +* Single node with domain pre-created with admin server running. + +* Database integration via script execution on admin server. + +### arm-oraclelinux-wls-cluster + +* Configured cluster with arbitrary number of nodes. + +* Database integration via script execution on admin server. + +### arm-oraclelinux-wls-dynamic-cluster + +* Dynamic cluster with arbitrary number of nodes. + +* Database integration via script execution on admin server. + +### Source Tags and Marketplace Bundle Versions + +| Repository Name | GitHub Tag Link | Corresponding Marketplace Bundle Version | +|-----------------|-----------------|------------------------------------------| +| arm-oracle-linux-wls | [v0.6.0](https://github.com/wls-eng/arm-oraclelinux-wls/releases/tag/v0.6.0) | 1.0.16 | +| arm-oraclelinux-wls-admin | [v0.6.0](https://github.com/wls-eng/arm-oraclelinux-wls-admin/releases/tag/v0.6.0) | 1.0.14 | +| arm-oraclelinux-wls-cluster | [v0.6.0](https://github.com/wls-eng/arm-oraclelinux-wls-cluster/releases/tag/v0.6.0) | 1.0.17 | +| arm-oraclelinux-wls-dynamic-cluster | [v0.6.0](https://github.com/wls-eng/arm-oraclelinux-wls-dynamic-cluster/releases/tag/v0.6.0) | 1.0.11 | + diff --git a/resources/basicauth.war b/resources/basicauth.war new file mode 100644 index 0000000000000000000000000000000000000000..8583b11acbdea4262c2d49135e608df1b9e834e7 GIT binary patch literal 3226 zcmbtW2{@E%8~!ZAWS#6g`4K~dlPIz;6=G~jf6^F(VNi^0S;PNV=Q@-vW8Wr6CA*9> z*^W3Q(y>!QWo;}+DwXp|lh0Akf1UrE>z!xbx!(7_pY3|?4{gT8%m)Af9C%6eKvS}K zRefDdbQbMGWBL7GvI9T$*`)S>fsh<+5_^+e!yg3-qe6jVo%> zE>XN;XLXOHq_F!rE=-@ajjvXI5F;1uf`7xJ7S$aldObeD|L5Ia@)3-p3!xw9Zjmh6 zd>z#yNgNy%&PTYTMB=R~#Y596ZF5t)=&xaLB6lgF7VfJV_W@w$1F^g zzkf^sdJJW6?u7Ry;(Wa^gdOgPefJI)gLTL4a8vGYZaQQ9@K}sL(H(-ZZ0flsupj21t@$hcnBpwcIx?QX>t5u4NXvk1BU%KNd)38}Fu3 z!|Lij`s<1n!b%9%MWU=MT$gr@WaQNHk7RU@)DSz7{Y3&vLB6q?R6Pf$cWWO8r#>k~ zjyGxY3cV8&$vIWxYRx}mThiK=H@;ARvGQPAL3zMD{D2nYW^bigZEZm~m|1&cgDo8h z2Ue3k(A^qc182b8mootXH{?_R&KVWxMM$zaZrP}ZpeD>qilEY~*aKBv6s+`i})iXG91}R^bGo!!WC&H zZ{#NzHIebV)qOV#q!h;5G>e2da;d!`Y-HK&1A-CE)y3XKl9gk$Xxi?JgEd8?9ghg292D91pas)Ptc(ummk&Io2mJyev$bs@zw>MgaN{Bn*LJhb0o8R@X_O?W(rC%t%vMI^N@2H zdOUki4fn#*I{Q!Z)(!Js^jq|QfmJS^4&L)LQzC2m(ZOa01%=R11~cLVW`-TK0XPEI#|yVU$Gzek zJepJxMzqKeO*|_7DL01g40BTSxMd3xCA@IX?6dNYcX@}q!)a~4Y@9W>T`?~?6`vgK z6KHSt#fT(^*cq9mSIAc#(eEgTkf>wn#W!c@TmFP;mNcOp#7~O%l;6!Lu%8#c9pV|v z8m!=XQ+n448=ZN9yx8RHE6w{Ko(Y0l!(jP9wkRVW3-AHumf| za1X`au9Q&h77%|^H=)>y(a*XDK`gp`a($^}U<>xQ#E_1S0CDxef_{}oD0Ea&NNNHI zMYrN98~aVSw?hj6P-r(O^cFeYiHFX&6OY&yp0w}sY)J6`%OxF>s!+MkB|B(-y zuLnDMlR2@yzqX4g-JA8+Z2|?8KB1w=v>|J^NU(G17PlZ`y1s|Txm|ea$m?-VL6E=5 zFqB|LQ9rN^1f<&~*-`Xg3AW1#lz<4^bR8-#P?qHCLhT-qg>G3al(2tg**=<~EI+Yq m8Prg4n=3|wbwDoz-P*P@^KF2`z)JwY0e%*k0U&{OefKAxOMH!l!+%~N|K4Rplm%%eWJT%a|5FA5;Ph9vS6n$@{r7dy-xK9u zWio=Y5~3nX%5*ZKe`Ka6rKM=;=3%91sb;2T8xqyXe4LGXryR`Ai$4`RFlxC z`$*i{vm}`vC7rUVs!^Dbm=l>5-P^Mw6_KSBmHG^0K*I$XL3f85mUuvoc$s;P!eUT# zYLl$uNYOmN?nTK$y0p8r0sgCd|2qnZzui+45&9oN{BIS)zo?9?3>+Oz9RC^e|5pDa zwjZ`_5WgF;Nk3G@^9>j|E-;?iJ_IPnYq!waX|b3&4H2aZxaU-8>4^M z7nc9Ot{e@l?X3QtN0@){Xk~8r&oCeWVw98=`fT(J>45+MmOuai;QlHNjE$8{939PV zZRji`UzI4lf_Dv}jscGF*xXUd8tfk_xC@m{V=bK{bwt%SDrnD18m3}^E z02LRUu<`HqJ#TM#9iKh%^Od24swkq11wNIjkIhMJYw(*iE-jT59x;q0(&vFZ_V43= z)MnE3aubFORl5C7Bo7& z`eG}Q&eurNbwLUecUs(;J8)-uc189o`nEs+81sP4r#@`H$xqB%fvh&tBe&h{WcN=| z>6pyKOcY1ifP^KLbtO1->v~=~&aMS#d2d5?#I-Y`dO(s6JlT78bwH>ftt@;3N%&XJ zkLpcYp@tb;*W6xRcYV*AX+<+lFydsO&|Y8|R75a|>8*ThX|i>5cCn9_96wz+OQys^ zD1O^&qQ0V0HBmQB+hQ)|u|WeuG_9!5lRWoVyJh=fbW#^8Egj%}ci==m}jE z9RzVx3JFcCP5P|Qe zd~jMKXLBCRx-{EZcX%E#%fGg|1g+QaUOi50aO$S^v@=oXgYUIMM3h4c?P$|XN|i03 zTt*XmUzQ$-KZ2HLXhw^$n_0q(up;0nP3V2Od3Xlph zv_MN_EJ(mTrP{}zc1937#p~7FMbDH1qLW0Qo%>vv`P)#BEmhx>dF$&F_`d)F0g&a# ztuW%9+SdpO0I&rN0PqjYncEnfxc%d=a!%N^*kV8kxdnC)4eyH+uoSG7G|WtLl7h~s zU28upR?S(HwHhC5Jf|bQ-MKfXE!7Hi#`xO3#dI&&L(^0tP?oX89X^ogE}J6=hCf+f z+dZkg{@u8`rf3rFN5IJ+`90}%xUZDMebpf%Sy5I=+XRPS=}pt*mtAS7fYiLI2xryG zoZk}db)o4~p0dHk!v(Xuu!4X!0Y^I$U?LVQ~BHSk1&5Kegd~vfp8(B;&KzKXhPtrS)UwA6tjS2%y#}!B|}BO>s-F4 zAiIhO^W=$Rm|&jcO8DVC6o%wj0$LicjTjqlcRa;V$6 zilsOG*9$!SZ9Qtl7ve}CD3WG3{q zIT$oh0D#ZGIZf(c@ba&i{y)(DCp`a~eg6q8!GD5A$;83M%EXE8KdiG=Ewzx<5PaZC z)=6oo6aZt3l<*Yn9WY7y8h&(uSm8WBbY zz7}A=)Ri3?vfmu~$B@FpH?9R|a^X?FsgEL)_9~z1IUibj6&eYRwsQ4M4u~oQ7Uq-G zktg|Es-+ksbo9LF+lUHmA)Tc^cQZ6}{~oVdGQo=GCyb+P%fXg`ayki30a0A^k$}3& zapiR{)uo-->(Qx_Pt1J59oPUlbu5q;F=0n(W4L`)ne@?sFM85OqyCP#RFBb1@qffI z4|Zu*jbBkNZ=w($wom|@rDDn;@Pne$KRH#qHhYGqw#rfu2bG}jq(+WV9|?Z}3f;A& zitGL!h;I%v5Q04_OE$&;{pKQ+{0_ip+UmaEpHNV4G;Jr*e>qy@>L%m+jkbazIs($1 zw@+ec5qbvX5k~;wm8OU!HQ3PS&+q`uc}fbI{U90b$R<##M;`jcn05TVBDCi*KiC&- z+!uD+2If7+- zjzxZy*ON?e^9-?FKS;2E^4tHmpCbK}**T z&i5wvi8s3>RmZX!ZfjxlEJ zd3!N6aY{=^8ucGx8-QFz9ky-to%R$hNLCluipNjbuRK1nIvqXP=D6by5+=)Wnb$l0 zyN$ULJOaI0W?+oJ`{w zfg(N9mwN~F64mUn7u|v|Ioe`aEpiO$dhV?Po&Sso{%sCMKHzm+xs0Op$X@ZUltlc- zQBqe;8fYbb9GKDzrw~KCEUPTq^L8qONgf;zv{m|CG zq!6?|Sfpddm&T>J90L~k=X2*zpZn?F=Z=-|-*Y#XdC?W=pi-JSPN&#+TVMEgO&(VH zdw&4+;dW6O!rJ+^`n>SipWCOHCi?2PU@?PYZh18{&=B;XU})ZS%V^}R)osL{3Eq%_x=Ri@D~RH7bJq~YXy2SE z?HVrJ9GVw5lKMNE&li}KpR5No|KinRs=NdlYD(3**F>G)1<1TBDYItR&T8;ElPNBT zHhRvYS;t)YD`Z!J71OF+F&PsF5&G$&G8vJ~Hfkv_AeTGZfuv$JW)_H8tOE+= zrl-L~>;51gY)7+lQXcfXML=%5mwvp(C9b+$dDE?rbXYTy-w8vRZ-v$>QDo%3i2xF* z?IGt3=#4-GfkRhuLZn1KL_sIL#T9%Q&uNBf8>rMsZ16sM)c>%&)W6WUuN9cpWSt&Q z^SUhst7k!e`7TbP>Mgr3%Co|SHh}5?CWN&LjWJjZs4zS<2WtMhY(5~S`cuGc zw5_3L-yTuVNG7idUWUH94p`Dds-i?sE*o?Nj)Rt*mFLLSrdLmUkItw%%$aAtPGLyN zYj6|wo;IYMO(ymxsN>LDqeiJUsS5jQJ*4W=e#D0+d`qL5cVuztC@ zD@0)vF4+p#;yMGWXqgH>NMB5Q0o-(a~^KB-od-cvi2usoV*3SNOedxZ? z?d?lcJ1=&vGaLgi*KPC;?fX*LXH!?yH0prFm-|&=l+(+P@TT-NsXuh=ek%R=9g)`c zH}V!ZnQ!1LYI^>a<&jUg&a4BkKh0_^CQASj9RkeOAwX6sFA+vQFLEHQ!>rwHq@Tw# zAnE~nYTT$gj02gyv|zy^`5YwMgkw?N&`+dJGP_bTqus5RUoDcGMQn%89uDQGqO)zA zSg*4wNCD!Jg$wu_jB2UN9C=+_<~QC>7l~~==?rO3Y5Aw7 zSLW1i+M@pN*CuvZS^93NG=s+{4)Dewp#MpcB?<~{>c2(Y*WV&e`u~z5$|jC~8S)>) z#s7hlY}HLyWD%TiGMR==Cu)o{SU}>e6f_EID$qssb6AKFAX-}V`v!@UX`uwzPVBre zx8A)-dcOCI`*Cp2P(u|SzPG)fqETBmbGb~giF)4j?Cdw6-CM5S?B1WRCwPF`{Y(tq zUmd8W_bD;bFlG$JhgC6-Tr;f(Sj^UKej2!98w{b5Sajzc6(y<5C&?H)Bg+^&{hbzW za-$!N>SGpT!*l*kFAG3 zORwHk*K->qR4@gv{o;r7_XpMRxiUnrLD!gbpP4= zV1Ighxjt#sPepr@Wao!S;_`w0cvepF5^1`ksf`>=08A5Ly>bjE)(fo4jo~gQP>&UR zRZ-J)V-@r9ApctXT$KzaYS=EIY*@v_ir^sdmyj&wIDnZPqMxe4*6=j###H#KEA~e;1MEPX$U_Z0j^J9 zaWpw@3g&DuNO1Nt6_ERUa3D}{h6v^(tdeFCa;qaK8e%BWtR96*O+^+ofLA1zt`MXX zx~JM3?ihS)t2Eu4Y)k}jtcASdh5{|Cvs)0=*f4^lV9H`cUE7z`u>XIa zC^HIcEIb=wyc%K%j60aX#@P488nw?ElfpP3OVdm7a$t4olW)m*_)b8^GjToO>n5BC`IdseQh>aeK^o4<}` zBrWWofHU9sPJS>bWc+vBCB=NGeZT^FU{cOI{C`8)S=C(LWXO*{Ndgdn&jk>G{9mB_ zkBK`A0~Z4~I>-MrTBbFyGpA*yW29rCvoLT->I9A}mRe!e*3ntkX|dk?XInPeY?&YK zz2RrR<$js*V%~KnVmdeq=dsVx_B`IPyv-I9{p3c#=)8Uu8xG4fdl|4u*L9R0dc%V8Z--qn^S4JD{w!<-ic1bS`9#8}+9bwM znI)l<^%EXU&Lq{h2TLTG~UEW`J!>;4@d_}X3kcOA2A|Qn07}B>rd+u35O!U z;V(#QjViu84j+um8mL1(bO0x%crm*z2;2Cbjow$EJFO7+TSL}ffn>$}QKf*i49df> zTVrhPOD(e~Lw=N2F7k3sW9wpF>2x|S(Q_``ZD8jxczSd&m&Jh#;}6e|Tb?GWG5B8^ zUply#_4l5qoO(9m(1R^Vg+yMFsEl?>8vOxc=ii0}>f2YpUgHD$ib2sI(ab>c)3nZp zXp)LkCj>P6uTR^{FHb=HG|vg)W7|$i?qT7_4F6J z046`-or%7Mvhno>rB@|ZgWr8ue|?+4F8x&1vo|?5FgU%!TPpmRRM#XYHwV@PmN%n5 z{k$=LKUso>Jioh?u)(dk{Oqsp{Ty48!NIZlastVFKz5AjiRm9&#{HCzBF{H7)iE@w z*)=mZl`gc-HMhb?C8OP*`eSZsX6gBq>)t^__A8aYn)~Vi1%yI;ruTucagTx&bDsqD z5@{6j?#FHe%TNs0M}dZ+9$|iY0`Z=G9Uo$jkeS>2zRuNM6aP5!XV(Y(w@3aZ2%RE3PbLX>|NR&j?sLLv%??TfTMm3$k zb2SDet|tM`8*+H-mlAgXTYDi0H@$XS{%Fx3xBEdnkY#)cT+CG9(XX%`7$7+mG|Oel z`a2}*acb?@5Ui+G!Lw4*&7lNW|C-v0+A-mIm$0Sz{qP|WYdDUay0S+AMJql#0yx;u z*;{4E>ffGXS~=-JUYj=oOTYap_}-Ufk*xl{HrMtOMK7XwEk2LlLca?LK=DJ|qt~+E z+S1@!x5(P;@QOVU{E+Z)*Ts#*sM-4{6>kX zBtlOXe3QbF)7v{vCde*CaXhw0pQ}x!)!NOa>)yrx4fbMi1kgQlehwZcO7N!%1h{%U zzTU~&=!*t<#nNmgJRPSOPv~rBL8|YOKT3^%-<;d}4?3)T}bn3~y0u*Cdvw)?udS-XaXX{;2Ia_n(wv zsXz8hF%H+dyG_QX+u?Pc$xC|ZrpZ$EHGLk){Q`|iH(G3T$3xEKj!4p261lZ+-3MK7 zOG%6h6AQ2P0TtPi!C{0IQ!0BGriOink|xdtjOO^}%erSt`On)|*oTgInOMpjUh}vHu5=SyAfHiirnKwHRCNn^DnWEYySJrp#NQ9t# zHju6hvCV;TWHza|Y1%7dzU`jO0+F>in%R9Zv!19+=6=`%rLeft)UiJ!*AGXJ_S_Kz z_yWOG_iW|lU4biWvL&hfEm+wx3t@!hs zS>~_FJZ-bu#ZvF&LPCd_tMNb~-)095%LkBIrb&?x#ap*OEVKc5-`;sDV4idKyU~Z*Zce4! zEi@@})Hb$N+n7>_K;S08JAclFg_Fa4^yvs}N1vB{T_XLSj{VA)XzS`z@d{!9Featsyw-%%#d1>oyEL0xCf~4dny?99n`^ zeN>49Dj>17gp2Ctb!#79-^}m;s7H3peeVUp5di!y`0oW4<_G$hL|13_Bf&&VMtonY znT!zebodlnpT8360= zg(;C{;o_3wc6W1i1FCy80x|Zh^lt)+&|^RwH;x&J*0W;67RO`ZFujrG_;N}D&SI%$ z7dzm-70*vY0|M+Ae78`WsHcg6-?5M>F#46%?2>ALxn!g-|unvx~ohO4T+Y z8rLF_nOe^1mt~hhNPx0BS^8M}bpDZi-|ir!G1|0y;Ceu$eUA|u3Ne>X9x#gopUL4T z2ioU$^Mcn^M1Vh27g5@U8>*TB{Idq5$>hx@S}AaGXK$hk<7X_ zLzjX{6{ogR`$~RvcaB544&L^q>-#yOFI(>mTb>rb1dA%((mDr;$qX$FoP}9RXsmxB z?f$sb9d2?;L__%H@<^CJEPFV68(mj6jGE72gn|TnEZ^Fzs-?X_dY8tzRstG|*uI465{`LZk5J`|NxGZoo#pG~Ak8u2`p)&BbYxcwgI0+% zQ7yPU1X1%2GazXco`)&m!2_)Y^S-(N{2%W%D?+k0?V<8QTRyO$B%dx8&Rtx9hQo{dZF;dE!~nKhUI|z zT9ekR4mAffwq2$@7j3xt-2}>&fLA>bXap0aP}wCm?l56oOdE*azfuxFlKnJe!nt^~ zvJit(aXb3k4?Z7HZr_stgy(?}?gomSFRi=DlgqF&d7qPo=4q0KPRQ5rI}3~OjD7*S zFjlrLqeoF(lgo6nad~Tg%DTa~(#|jm7e!X8gVFW-iJw)aJ3!U~YK^|Ed)AZEUn`vK z-EAuyO16-bj37eB>C{`q)pD!lAdi@sFYZe``Br_Cl#o&A;al{dR~5_XAAf91Jv0qn z?a`x2Dwyyph${0V$1Pys>z>mZk0^%UHL~zEvFsvOJgnK%%u?&6D_+GG4yMj`-l+r%u17NCs(KX`unrJ4#XQi^P%D_JZNxZwjGi`6jH&c`8 z)xt}Xm-1xHBs;z!Lf+qa-;rv(cU5lPVuTs`uKiIKZNW;=%&_}7C?b9d^&#HBZ1(;x zot|akheF+&gvzLC!V&z)RU{yb@*o9i1oCI)?z&6a)436{Jqy@9m5*^u+$N`QQdr5I z`&9Ep5=z^tE1&gUuT<8Gs;hLLeyk+R$cT`}~X6}o+a-e-Vl zTkO$=-u=U2m^disr}4*(H7_n(yfjP&89EQO#=1LGyXMG*v}Al5-rGO z{qo_I0F*(lsFeP z2j36z9r@k)nWg?@fw_f|ewCSx0r{Od#np*^sn%}25DVuHtxl*#JRnFL=i)&b)x$?VYxrv zeoF930@Y=-G}touEJidZWW_FS#csr++Ujg);P*eB5u_E=&qZOkY8wzU*^N8^4{&{# z58}|HnDSxlSD+GItyU{`0NPMDb6!oA8csQ!-NGM(AiF4dN`7*}n3XVff2KCM~g@O-Qqr>u-(Y_}rL>dB%Y~(Kw zg!o!Cyk=Fdkrk0A0e5Z^;cy3(1g3x)ge34ygPmiSw*@AmP}&iQ*7|Ov@ATpjcmNMY zJ(@2_7=XTyp8-WsZXIe*Y)fu%1F`MeR=ALmAE`x7Ob~i1N$>|?VJD`n8l1Q1t%o=@ zFd(m#`?di)MJnB!Bo`H za$3KLtf;&?)|Sbfw=~XlcOBgMIv2(8!!I~PFGj_{0J0Egqx483nJ>gjf#{EE{Eiop z(3i7nMpceO$L@j`sf`r$#8OLH0u+XuV(g z?+{5>Su@=HF(@VICaa1)Wd2mqi^#}qmY+zI=R+6h5G5y= zC59%v zEYO4IzJB#my!OUD*-lAEtu}>xNFKC^x2g>$nC1^7>N(nDl0ZskAt_*>364CX!Zy?! zuH*tB1hOZ!@=+OHV$S91L~2rTy%?YDz0QbWbd{8 zsa~B&-A?R{5Ggm&mGg00t??Eys;@q_)|GSga} zUzB$FK0l7pvs{PTL97AVp=x`Qf|p)x+#EIu+lhc503B^p)9o$%ntj#Q6xkoIfK^;1 zrSWg=wi~!Z)>G2=?bNcoqy(yd&t$@PYGX5G0QFac! zfhB2qybbqwgU}m5y&;^Aefzv?{PGya$rZ$&>$DW!dqrgUt zgU+K^*PXlUHGZP+SJ33%m8^eKo<>ZuR=SoU8*L*7|XTXwHDTc4jmY*x_^0GoOhLWu50Y&>)Q3R z8T<+o3iKG_0GA8%LzqtAznJ-4_So$Mu(d9*6)%Euo8yw>S`n8T(=sR`p;%fR|D`M@ zHsc~kVhb5X97t&#!HCP**)zzhW|(EiSb`LkwXxP1I9P__rUx*}vH5oz4W(E)`Rdx0 zMT% zRTSd4(}V;Fgg$sv{+%+wi zDN3HZMTYDNj0WSKmyGRonF&{L1KN#R4Be0hoY1i{@Hg0<8StlF+T`E|Q{Uh!!3RB9 z97D4!L(_XMG8Q-KbMTLRYq8gNpv&7Jn=NJz!PEY;^d}3(u25DSLFjRfWFn|zR&Xvk zF-s~uOFjy!LY-V)zWqcB_}As|;u2y5{HyzAgY~rr-u+|kfJ8iw8GA_;BP@G!lk&-k ze20hq?&PnHjbFur#E6z1oTLDK(2Fnw{1eN`=|lR1#?fFTRZB1evA2g*(VPR}CQJ`S z_WBr5p~TxhW5i%W5(DZ|QUm7VU}&s(LxPx_HBNRks3SR@AqIqn-CM*Uk;WEIqx5q# z-N;GD>d?~&o+L+-oD(7o`X65hMTJq+#*!`H*+t>0UsVBU8{3k&uw)#QoBR#oU5QpX z)G}6?@5<-Eqfn^%b1JWkwQY~HELlx<0&}V0NrncQrf%`M{y$Mo7m>}bFX$7RdO2~A zy#!w`5U;LzCZyG;Zu&f{P?{vM@z_9s(9Kdq>Md`D%!W%4L#4r1fTm1oWCk?Y%}cX5 zpnP)y{9b&L@0wI1^D55L@QUfx?A%P;n|wHet%6mYGdiicR(8f|=V4y>NxG*%j6==C z=eBRr$O_!?D!R@jF3?B98j*G9DMbJPw~tcS^lCC#dZ@JID{_T61yrK`2{?BF(cw6z zn;ZyISZeO{Y2AQ?u*fsN#-8B0Dbc%h<<%_0V@5h&cB(N2hRzC95>&xJoEjs9a51@z zIV)}PQrMs3hN!QR+U2R=>2PrXOZx>y%RQC6|j0C(0{Hk5+wtYI|?y0V`6SFh7IC3v1A3&o*$S zw8!B05-wAv@KUW#R-n(Q=Q;Z4&6R_C0KVdtXCQM)Llh!kSgQ9M$mgp;vbZDfX=&5< z{=UL4uW)>+Ca2y^A$|Sr{(^k5-1$Nf2mL!#UaHj_q^P4A@bj9!nNi^z0D73-4E&{d z&Hg(WwClM>_5E{2&tvNte?(0^QS;D$90o=py_u05)_B3r(FvKg9hoRz7{ZtcQArD# zB8j;u%UDPvnWZwt+vcd_=bNaK!wPS=fH^WMyIn|*U)uKj&E7Q>CN3^>zcT8As9Z@i zWZO!$=4l+*yylq7q2Y{U~fmY4Cej=StPMgfP&H&qd!!7%a zd2{Uz*1jHP0I;Ya$Q{E+e`-pWgIMQO>PTin#p@GHUb`e_%dv}5c_+|#ti^S+m@qr5 z*@DgarIGiuf44*3vBKQdr9$v1UN(M$@dZ*)X~23L3vlFd4dAE9M9-l}U8K7bcE{n9 zsrp4n%@?cyIJd+rT8Zk;Le2OORC71(_sw{QK{nq(s#<=m(=cfD&4a@5a!$x+`3;+8 zq$Ho@GA~T;W(sq0A{_THbIxvT`Y?m8Rv)uG36K76zvk|!!jeY@*g~iv;x*82%^`uO z=xlL5u+Tz8M!+2Tn1wT)0!Nf`$?WuvkiS1qn>kg~ z*Kedx{fghz5QiK}z_dPi(!yelBk#8ItyqXkpUVE*`cwiuSUw^7Gu#@$VYF-9rhs!G zDgo>FQs1)Ot)YgFoUoVDf}ODaIsx>mQrBxQPr{#EJvx zq@BJ10Qz5^l2BZj--YQ5Welb-#ekh#wTduB@Od=eml-fA{BE;K$fSgp*RU$|I{VeQ&4LC0_+ z!y;*5_CpLhYjgc51dvn%C&eyG;W}+l2Ksba5UmkezQ-;p2W6h;27Vjv?$kY03@&9c zz9{t{mE>MZx}2s)+~id_mhfs6X^t+4K%Evv=W7=8%o0?8teA_j{;2>WcW!?b*@Q|j za8jb2-(-P3qP~jCx4(D=k`y{7L8CQbHs*OzX>FHzE0?iH{s_|QRAe5S4n|!!T8;XC z%#>vN1#O;5-QD$7XgV^b)-aoV^E3kPS(D5K*G^j&oqvw(b7NNpOb}%+Os!<(r zzOFzU1iv>H8L=tI%Au4vYEND;kX(Az=_$vQr=cJ7+AOr}{eqXHhvyg-2}--Tit$&i zhzdfXR%i7lB!)hI+I}l;J{53$#n+rjf)UB)nhu^A~sZb((R9KaV23U0OmLhUQg z9)s30*ZieHGEk(h9_}1t?ma-jt3S(qYa7BZR_|82^p8(gZ9|KIDJc+k@C{?iz%Kn< zdq87d#mz(zz)X!7-F?SjYPJ)Cq*L(#r)%Q zj9q}P_w8->23iXWeI9vUc@DTp@VcYQ4&EPB zQo)WsR$yYql}%jcgI2tg zh-zjXLLjx{AZsu|s9)p8lD>3?_v7Vv^^u1zrHn-Gk9HMtS z`(BiRVD!xFZJq=9K5gtRJy1l}n}8=R+~{-}xg~F+MyR7@L2FOJGF)THEv+@dPWDI` zZU|nh#7qf=R~uk9$ipHykSbA_vn4Jp?F1jQR`-oFUZaZBEXMU=b|lf?T9I|Vo)-lX z#wrer5@i}A6!zh>r3NSZMjpxz^ovv^J>kKmmlDCS9}bxQ(p}xKK)Le6^*EHtEDb_>uj@?9&go-os%+EB$ z^>LugYudwJXSIo{u5yaY`e#xVOdrynfLeSJ_4?tyE9McwG@6yb3vBl`ZzJ>}dQ9V* z+_-}%A>}eB2By47cL1aO-XA${mnMg179a%a1-B3i)n;DJ!xm{2dlb9mUBleiJSwh< zg^va(Z)eiF9J`Ecs*^NXL-sYSpd@j*vdsIaTM zLZN~8FVD9^==g#!2hlGD{BM23kRbi;We5P*Nz#>GFbpp|HwqNNLI2cCoDU~jO1)M6qM z@^)za8Md_Z&Y&EELJors|d5vGVb-G=m*Z{l&cW+dYuL;G)<4a^-7wGtJKgk=voB7*E zfDRc|y1g_ZB$rt{eUVBG20Kzi>_$5YE#6MFg~93N9_$? z%$dQCKV_rBLSye}8Q=5DoNNt*j8>0j)oG1%IJE{r3X_q)l&q}0ew+u7Uw4V|wQ?TpAEvhN%T@e{}Af-F^^Eqq$zM8)NfT($(Uk7miNOvUx|V=ELS z1Osyp9J@y@AB2kFG$tcu?k@xyelO_uW-mR8N-J~PXPeYa5f(aObJXR*)!iEt5+fwO zBR(Zh+*d%38EyXk0SksxplK=Bl+_ly%$8jv z0!K0?(&xre4C25l=>>HbZt3Pclvx-=Qx9n%lS+n*f4rDPWSN1KQ5VO>&=ogqjyhvj zu70pB(CrCSUEj&0pi2b8^U5sNB|Jc)W(|aB2YVP8DOSp@VXghtrhYNQh|Lgtfus#6 z4LlL&pB_l3hC=bA7pLtU__2XLv zSo~K3RT%kmGg#6by8BU{HRf<7mUgEeY57rGxIP$rw=;-LFcpj(xqFe)rE6Bd{X~GR zA+5eWx1fWzM{b;H^a>VazAunVP-5#P!62jN)m^1Kxs1PqdJI*i#WHs_PL26-gT;xP z@Y%Gau`UzwYc@u+`e6HsICFdKw@yZ|f`j_i)xJYY@L^4eOd_%1bUUe8gnqbUVi_@@ zM?3{o4P<>_lgQ3c(9fhJ{6dK-3gdviBrL(ipK>C^=8q25o*uQ-h!@&hu0}HHF8KF7 zv5|_yuGghBp0Y?Tttb22hU2mXwVMD>N51ng{DMJ+!$UBHC+JcLeE6@&rr$zk={CLe zn+OSFjzi3jOR+@jMwKKl;|DfzDORFQvb(1KVcBx%I+$B0qGRwOqLd5Eqq@w*vt8f{wmtAZ5ZS#kOD%cwSE46l|Cps6#3 z{+nVmWPB7M(u=X`aJapCGOcefcvDjlH7>S`mM1KU&P8mWWNJET#n(VlOd0prW&~MeS3RI^JSI+Ms+6Sa&$k{LWy;p*=n4Oz^SYCVH@))#%6bEtE$(hD zQ7zPp8*R!8BWXOC-aJBLF{8QT9Rku_M&F7$0M3Gjo;+%gT+qvVGg8B)PxpPL9x>ug z#W8$Xvi-1@{UjbL&at*IEPq&{EJPiFUKaWzerD;hHcn65*9g|Oaw-5#3@hv(2_B+@ zM$?oz8wibD?865i0kiciu6rHU_-p_#hm&9sVM^u`(i->1Q|~^hhyI;vqj1HP;&sAl zW>#Hl0xJI@D10$uXE}_Nk`rs9wjsznb0891)lnC)?k$E%+s*vNtWr8;)jR9)1Ig6d z{E|F=y$5*kZhVL!&<9`$W@Zx7W3c`C`9~MJ14g#_oAwp_Xmx z&7zx%K*ivGh3;iXY7d5Fxu)_Z(1(YQK=nONi~jg$Nm>Mon^iEWl*w>0vPk_wm?)!% ziIRtWX*;mU0&d_w12piZ5|b)*vgVRtviex5&*czDve5_i0;q;R*Ku7mcgdDDqa~f9 z$D(4Wl+B+TUgfrjN>Ky-UagM=b1W_-&mgkoi5Ao%9`GcJBb3|0ET-~wahq_u1toB4 zUnvBNBwA%2FdRvy=uxQflEW<2PJcQvQ%jk%i;~-j!1IaCJihY``NsD@s)w00CZNYr zesSiZz3rcz46-Av)5o%c3}b?> zCJWp$6YKp8w(-CmN;yKC2u^?ZdPN;F{Yf+;>$!GY7#6AzlGq#`V+su&UZ}&-anI<^ ziB;hL6GnijFc?$RR#KcJ!wbABJjQn<6(%UKpWr7f_~7R+zYn7>E-GaAFlhHEm;S`p zBXMzOw1311>=Vinz6I9jdMLIWzxV9y=BX0SEN)i<%ixtBWi8^=NgVDx#pV*!0X+2m zDrI&l7N;{fze;l_MP2X(t@hJiy-%@ivpfo%2*|?|1wT!Wo;#F>h%H90N`QntNIYW8 z0f(X8uM14OCqg-PjEt+g3Ics4W;3iltE>03kzEZdU@g=m+X4q&hA%O-KbFli*yMr4 zXtrLuoXw~IIfctv9h>Ai5M6r;h5!rBSR zh0EE}B5OiUT`ErBGo4YZuno|xf>f;=K&OT}RgLO(N(RizZXZMYs12MU&U2yf>mXu~ zhJ(Uo7j~STQVh4M7V=U!}*nRjWh((Qfa6;N*>!~T@HOyU?^=*mEWL45KBk~WZ-NpM6B^;IV`PVc&IQPb~T zFR(E#r>0Yn&~A-ic}_Tm1;DSd0nUi_NX1Kio&t$B}yu)>)N*uMujq~hyvn! zPv07oetI`P_{sO}JOw2__pJw*_05D)`&sqzZ_$7bT4bS4zhSp)(B}dOLR@6r5M#Jje@JQDN&cncN4J4UjK~ zY8u7__H^w{M^CFP0@M?F*r-3WZc?P!j#KhL7LEv5D%Q|`d|5EN^=7x?Kx+`_Ms6Z; z(c&<*A&D|q-9aFAUbJDe5QDw%TDy`boyJYt)0_Pn6AUCEZi|kLq$uF@?gt2`yH@Oz z8SnACQSV#+u*lc09lpXH(f`HH{}JxQrN4HZH7Euwd-E-i7#eFD#r;~P513%) zIZP4SO>L}zO0{XiNqql!>-LZK7izF@K-fUPfzx4n>Q(y2`yaInA9#|r8r}XPNOh(J zl;w%8UCkYOk_^(oHe6Q>{c)Y(=Cx#wumCW%+((%wf;93?Or79`aHuO=Vp=}7VzLuA zll9?ZSvfmImaLiiV=NAu5m!8!bpkZhjL#Vr^dhZH7l9oHK@8iy?wqbO;p4?4D5{?( zMGldJaUEh0I$=eyVxe8Ixpt@+6TW8k2##dc1ynm)W9U{8W`YESdf5a-`>xay4bhai zrdyVFKwEk^dilS7PF#2fbf`P;EinCe1!f=YgB|FWC7lb;%0DC5vAZ3UzWGC}0KS8a zxqU}ZBKako;M*~%g9^rd1GZD%ecfo9QNhAd$)Dtr1ru&ToBsNjel=4_ z8ICjw22bO09B8W<@d6uAT5808)KaY*Ay|;mAXtzs%jwXW+zi~xS?E%+qK8k>1nj22 zRADhXlEX{3MClq1p-f7wDJ?EgItwz}XW*I~M%O`P{(fa$qRAKMFh9yb$o{2j8XvFe z`KxI$5~5$w)tox*V6tj-!vv38dQ9KecD)9|Ij)zRp`#BbrD+am4uhGZD`rh=Z?dk- z$gX!%>f|u&5@ol$8P$dvLeH)gNIyz_omLJD!I#7|%MtUHtA7Q;Ss%zn-1*+}(k@t6 zr-b8rM@$Wff=>6^P`*ICZ$V!D?j_2AFO04su}v!{blDLC5}A}y|DdTgzdgt@b}T3$ zw$_39C}yjC;W9EgJ{4mu*p5#!Xe=xI)GnJ{cmI|%Ikz|{v4z)2a@dI0e8b2Dvy38E zr07~DK1ig2tv-2|9j~Lp&r+=0R35-G(T=zIeNB}Ov(!edp}u2h`ALASAe3*{_yGcR zEJRj)(A`0thC$BZtdcAv`FR6FaZ06e?i?x*2M1AwI6y6C0S-etRV%O@bOpaYh-4!v zUJwm-lMzBkrvJ>vU(R)$*(i-8Uw-d|in^p|2P{j!r4N&M*H-M%oyv5@N{$Du&D7)9 z9GC?pdkEOo92%b91D)2)bg&oX5)T`=RG5u8h&Xq)kc3eYR8f*Kcu?=By^bQLoRAiDTBQ=9v z2{@lh8f7L5)A4k62FU6ZtCrP|BeHj48e=dgsB_LvEs02)9%)MhbBP7eZI7|hmuiwJ z!R&rf3c{uLSU=rP@Mi?G6RlowH1b;ElV`pMX}uu*o`zCXfUo3+7v!~v&y=N{WfAzy zV~~%{vDybXk7YnDs@1Zx(gn)%*#{1w6{8=Op@ACvBw-#$M6L7F703hae+7Y&&v7=u z?)p7bY~l*|dFl)jaQZ0g4RDY=bB*iA#Ze&cb;2S*)N?ej2hOl9?y&6(bTZ0*%QJB5 zit2?4dJ71A-XGq84)ltQ3FeuRY67#0$Ut#>0?!2$>CyrSsW;Q}OT|NQvzrKM3ntu} zF#OJy8!MbmETqSXaJgD6RV&}q?dLDJYn0P|I81D134n)2V~;Wbw6X8ci5>4k-#7{Z zK3swTP=;uCbhRHsUisBXFSx@^UcnoPZ;FavDJB4=FhM_g`ne`CkY(b>kF*7Ltnr?u zVObkv^c9onI?o!Qrad&>u!^FNA|C#dcVP#Q=pOvk+&w?B*%lms?KkW{`^y0;!x{$=000x%f2ZyK|3Ap_ zTU(o({yj&FR5EpdUqbv4ieuDw?GYN<4)js&1R>yymjOhvSn=sW@r&qJbEb$s=+%#; zqo*S>O>2-uPb(mmTx*DFG8I9e4I-epnT6q71u%`j^mX_>^Kl;isO>H_b&|CCWJGZm za>L4+w6*TM<@x00?E2K{{Q2~f4!{+}9V8Pul?e9$g3dJ+L>+KV5*7Z8m(D@7a|4sr zlgtOQI|^glMX>`E{~Q)jOyHr|w?yEf**6E*g}ajuCsj8n50?ddQwh@*c}2rGRkzb_ z;ZlWAe8Um{8!O!_8tqy(GhG#Fw<9B(qrg*5=tg)ra;2kDMt&|yZv9UN7F z4QzEFO^_{u=)9x( zIOO~Ar?=8GYHBc&3#rS?5MnjTRZHM>+V%|c7x2)YU|5>(wspb%1h7nO-+K)?5)nmof0 z6eS_`xdtKv5sva@|AG2>g-L^s?+wNSwtPGy^-U{IPRc^uLUia25k}1*CMF$-SCtt> zShHBnFQTTd#YwX5cKx1ZE0y;rWOvIVvNZ@`s1uq-GK>?MN@)NvGiG$kIycXse|Ltxj2`WBaj%t2d=F3a%`D zI^ioBsf-kU2x7<~Q(-Dw=E zNpsC8^$MWi3Z^YsLX@VW`Uw;TAiNKsWcR!{5~;?`Mn$V7 zOj}>49Ry4UF+&N9%Dpq^G$BT6#C_mihBN?`j0QE>XL3+ zMirE!+SwGJ6t)Wz-a@vARyDR90ZFH}G93how;6jQ|0Xfi?jkLeQQKUjOWrj4%<6@! z&zb%K*BxgI@dU2&C@UwRX`*H!O{H(%Z^jGY9mx-fbhC%*7;T(@IYq+#WJMf*gZ`$( zGfp!%(@>?d=wk#a6kX;iYmd`-__%Q92CmWUwlMC)3wmXIv^72x>ZLsdxsGt-8?m+X zMEBu?dx}y!R0K(xu3XjqIvwX9%xvkg-TNX(mYR5W20TB$Ol_hayCfx^HrAR3D}H-f zwQ*HL9wrS`7#qctc2MtDba{zAVgWeuu)}VW3#zCr*&pjhw^~yJD}S@f@a5 z$0VAr*hmvnVze}4!u~X2&PYbLFLJdE$}I9)LNzVs?py}d$m zmYVSOhNtpo&sL7T#5^vrCC0%J0w5f~w9fLGK1cVjUg7@1jSd)l1|m2lYX_E?472Y2 zO-}_)_ymYgISn74ggx|9L`;&z@xl1~izpmIkhB zUqF$7BN^U~K!Y*Lm3XEnVw@OX(|4?-i(Ll(S~#xU3^2arL=Q!Yb!b>-t-}t&@d&gP zTa%$FCu1miG<}a`a4$tNx=XCXFVF>1RwL(W2c5-t%q5K~#@Hq>E5Uk)@O0|PCQ-|8 zsV3ZMi#L|Vm+idh`L}2t*pm*lX~8j0sFja=x~mh);O%z5R^Ac*HE!x{_%W<4^}Ell zxBiwK+cBTExgK5&JIBFi3=&f> zNbt!6MPSyuDUHZ;kQOr_jLGk)Yxt*mz6nj`ghP>>M&f3yF(js|40!-DGeYWXeg z(x<8b6zrvC<90KuzAGnupbR8XA`~h^&#!?%W?|F z$W2Fwx>q)fi0(HeuC^XOsOhX&Af<5}2YIq?f#M!0z`SiivYysGvYj1Y!aH*=NhHR% z14ql}hP9HbszlRjjoOnO7a~8B){ruWet~565IO^w0U|z3>0)_eu|?j3tEeHO4AX7Z zliXx`4p3+OzBcmVb#B|>3o&@Jr1L_ovw=+PbF6^d_FS0zNk35Gq@#dGY< z2O60gKjN)A;Ecd}SMirsb8K6|0Qvxzh57J5=Fr?sKas`Ea z9nBsBWzgJ_H9-CahJ0*cB-6snV~t1R5fiNtgZBZzHF(fZmC-3B#U{WZ@+R$`9mHe% z<3p_NlZpRFQ+u&)`;jRKLUJEBrxINsQb0N}Y^wh2Y-{mOuVU{HGMJQ5oDreZlq9TUfbmY4!pC7GDXD-A>NWQq_si5B_|6DD+~v zw|bdKHAh^g0$o@kDZ)WeWVH$ij8c7VCeBH`Pi0tbeTELHZ3RWhr%o=*aD&e^V0Nal zLb}b$QaNt=oLyNt>^y{k+lw25^~vMN8q%Ay}0%VMY-p(oth z)MYl(dXE%Ry1f={%7rGtIJ5YI8*!?2r}xgv=shZWG+^V`R&|7Y*#uN`JGuksydyPHpj zH!UnTbtvL}o7qTt7valy-ZCdO{3auMSa^aIUktmVkzUfD$ruW(CUzv#Bb9N(l5B`( z3IxyyW4Qu_u4Jx?WD6zZk-8m(tz(R3I@PltiDaOGo|*U?-!a+Q*xcEL*+4fp&H0yt z)ADkcRpx3^Lk5P_Qcd|ek{I}D?Zrvb=u}u=Wt@%OfA(6+qq7Tx2r|*qu*}j=b9)3i z+vvFLLtJeqN*puM(#?1IR%a0pIzn9>pPZr}qg%Sxw8wNFm6Wt%&_xTw(MNPOblmB z&xIC!Yq&Q`3-wlmiuP`!ZPIrOR7@jWa~CA5-xqNWo9J=gPuqVENjTBv!cs@B7XbQz zZ04~+1SP?;X&LaGkW}-4Lowmp#ofh)wV9qzk&O{SEID@KPx@iD;}YEaMv7v+RjM@xeDb2%&&C5MlfdGjrEwJ-?P!do@6!$B)Me<>?{Ra}x6<@J zr#yvIa&0+|Xm(rIzNi+TbE+qaSaMZFE~TgrW#52%_zA|t*mvzkfdGvOuJTQ1StoQ! zwbjOh02b~4W9*%xEM1pv(X?$lv(mP0+qSJr+qP}n9%;MMw#}+D*WPE}d**EG+;tzL z{ZD}}dc+tJJt5H|+4wVoFD$ zA6aZdco}fR+kkhewI2P<~5lW^bQzl?=3Y|{ikJ6i7Y)jJa^~Nt`ypSvXoJ=*! z=)*~wI)!yzyj|6MyJAF(6x6#XlV3tc78ken5UzUCOlWB6@mb_+@8@@NNAI?V96Agu zev#eVZtK3dn3(WO*6_E3!Lt0y0h}TO%6=?LV2Q29iC?!5@!9f`=pk!`l5@GUN;`48 zlNK$JR4q2bUiDF1*_&)g@L&bFj~txDnOYl@;v$cqpmp%at z&v-4w)fYv(jxZH2F*|~*o$9jte$>ZmiVjReri_y>hd;#8|S`8c~JX^BXaJlxi?6Rf=5*`Q>U`(WS@Br>kVk z6PCE)J$7z124I}nrW-Af#hNm+nrr4QSoNl~#;~6)3*}O~owq2}xlTR3LGe!_3eD9S zmZ=A+vt7W2WV=r95$D$JCBI=oVsT6w_2bzm4dXj^Kz=1KOvh%zshj$cSjXTp(dd%9 zz^a$(=YCY=8%d>Ez1ZhMm|nmynh%L#J}IK6>1pcar?S5IwV4soMgdF)ZxR!Q`t_WC zdk*D~pS&Ymof*qW7Sok1FmHO}UF$296Ca$>XZfy)lbVx}6u+d#7^R7j+?VAA=6pt< z^15x&9EoZ8DR+cGHh(K>+3EGoc06o*%lp;7`B2!Tt>pP~*7MFpgeL2dJ~&a$d4%nb z1(7|vQlL1|Cq-@K@yf!*1j2?HPv|AF%G%${$(K$qogAEn6iskhuPX$q4o{urt{AAT zN%6ifS zTKmBIozN|eih3m~d>3?(WQFo(xa^MjCuWaAoaHbR%0+ehX=#qmo1pT2IE7=h&CdN^ zk81=IJ=Uy526P?6V04|gSM2^qv56s%k$Y(`p{3xCu+7N z)K&u9!-j5dDovnW!U(T1G`Bvrl8XT~_yw$cP}XMAf&*`n5TAHy+%j#=A$w72FQ3+& zI@3#Awk`8AYWVoSyia=ox`TPXa*U8ks@OV$j}tDvF54`op{*K?<3HCj(?r z8C~0DM|udCb>Kd@j&RiaBfLKG=jrQP8Vx98wVxWLw+*-H&6f!cuG*nwva4cZNL1{r zgQw{S-g#8(CRX%2LbXx2Z~h!F+V0SBCWN;xu!h}+@b%DETG%i**@uCaeqF(v zY2i-U;=*zQeuEL7>X>gj9dZ>beeDzp@f0pnp8V_IZ$Y|PBXY5wG0Q7~a&+?Bg{WX# z0CC#^qmI)L9Vbkk`_k8isO(uQK+mfsK*biYWD8)i1vJ|N9&G`zx7p~zzp*5Bgq~>) zR!?4l+H2uU@8k=gkh*Zn6i35&Bhd$oJqn4}51yzbd}oW-c!M7N@(-Z6GyIUy`O8T& zc8rWs=<^rnBu-!D^70ObtsPOSg5$q})sz-@Fd%-+Grg=wE1r>~Elg1sYbc7<4=Icx z7u*(S`USv0L3EvkpA`}o=kJV|e?%U~v#+ksx$gw&XgxBgy-MXxOm5^oFSz@_v^U0s zfga{R$lm={dt*6qVcapZ)^qlyn0nUweIqq?h)+rVTNiL$K0jN`39Pm~fa)__bwAhK z!o#dZQDLKL7p_>Vf_EncT z6r8S0;gvpTs3>?o)m+TVUEY|BK}}1>XM_z}U}*(gJ69BXDVlDhl+`BxZvN=}lOW80 zlhs~sd9{q^kGY^9ZV$XO4QKG^*5clg2_$BrV2U8-qatn3U6gW4G_z`yGc6i=1x9KG zI)4ok>;g4Lp`2==h-$F`?P$cENq2>iCasVxEx>KMTVnZ89C?7Q2sj@(_N~Wqh`15Y zBU;9>UNiI)P?~`;*RuAy*q2rDa#q1mrr$*UU zC1zJ@Ju59OiU%pmSC101Mju|L6R&CcrY--5sTl^QSHNdm4`SGhhI`H7%xpQ%)Z5@~ zCIr(C?{8R4^Cv!Ja7s|A&(L;^u#oq(VncYG4t3TJbme_bf9aW;>wILodhz zd9%sud?)t8F&Nst>t$YHkT|ze7t?TRkLp*uH=A{8`V*j{IW(Z8>jUxu&8bkR3(%Nc zX8AKS2>8j2F7#7VFZLC|Gg})iGjHd3Npq0M3p%j)T5m!GhuLfK;OLxMIC|d?wY|9TR*>(3`W0sW zh~0rohsc&W_>;)hI)W-woxzN~g-!FB3sLkuiw1qe*6Ja(Lc9*t(r0+| zNmh1KPFKIFw7G`n_1`~(P}DVdKy>u!9Zt#Y;iXLzIW1~k<%Zy-IVb9Db4F$hMiQ>1 zU&$bXQE;1R_>wJQr78dVkR=-I<6Pg6r+bY2^neSfUuaOc=OPp}h#unp{ZjMlPFVGe z+#rx(<{8ptmgvKB$mT#B6c zwjhp0gew&1*v``Up7&jYryMe4P{iHC_CfCfTo3K;WzJAgGKcGcfzuI-yZ+6BvEsdLpVa{3yM&Qa{SfQkvTS2o423+2l4OyG}vtRt0O27P&w4U+u;0XKdo%$O`F45=zhpBq-xxoaga34&{FUCH!Y zlyQnmg|{w*O4GFigd4Oh0M!8OT-vG9#Y(wM6}y^>KX5GU$}V?- zc4carm=Vw6C377Rkmxa-iFgnadVp(08NIJgz#>a-=Y_evkZGi2xuL~Koi@u0iMrj< zZ`PFA8Mi~Q4Ek%0!BcPaU|)kFG&hva)2`zy-1^uqIV{8}s5s0#$0H&u zNoh$A1eF82yXA-rqFenUJY%P!~!&twU^b{%vGUhbR!(ANz zS3;0Lf}b~2A<``L^r!-gkV-ayK}wjA<^E@aw~Sg(9{UKNdB@E8o;i-^D$Xf+7L2he z-sjLR4y`7Z5E+5rg<+$~X3NQZ((bW6etV|&^q#Y?7zip#6tA1jn}M*{50mq1l-m12 z*W!eD;XuJ`D-Af>Jz>E|(9!)2K_2aO0@TXlbz<=aqYjed_EjRYYzn#wcr9oyX^7Cd z?MS{z>0O`UAq?(u47y%zz~D7W!-i!hv)dXx`w<(>hq%@@b++-Dd(y_m1>dhrIZSdk z_$A3bjXxL2kpRJ@yEuE}$7S6~m#giD~(?S3N9ijfaJ&^y)!_{y$a&-KkVYbvXEk`sltg-$bJY4o+`29sFp>YaebzpQ6 zC}GKQV<;|mpAek?ILw`g=Xn-GGgD`MRk4OhqacU z!JMg0^ESS*-HQLuuKwT8YX+}t+x_34hjTy;uzgX3>Yh1Ak(9jH!E}y|1XX(|6Dnj1 z$+{F?VMkg?r;>R;I)xuVCZfq05_@DHU?!@`>JxRzJH;QkCveFel6u4**e7_%Zj*W> zoO6$SlMp5O$=)N54k>+5LKU!=-8I{eJ(w+HUvrt}vQ?ntyH6jt6pnoQ6VAl25var7 zI!Ru?dg+Scs=9OFEE-zon!Nm-9#}n8PR@B(YtCF2&Ha{L={^u>s=srNnbsQ{faAK& z3kSA);fm}PhYP#{`9J& zhQ*f~7!lOB0vN}opx|xyrJD6&J{TZ z3(4(FXk)#Y17?-3$a$kKqd1ivEtk<{=eqYguo|?FIK>P^<6=f`+rBVM_h2ci zL=zL3HiZstAKJ2kj(@(hwyt2kkt`jlLGUQq*u*>&EKDKC zZ3;nwX6?Ix_60Ct+iK0*nGNVUwgdARr2}{G6M)`?e!^LX_d>W1@PiTrfI_$q5`%V4 zl!PBKN-;izdB?RL@@ED~!fvo$K4K5Cpsn?qqT#j?El_n%mf(d9aAi23V?P!F zM>~W%X5v?;CoC2PbX%oiwCQ@Pmr?GJw?G=>xv-_!fU)yH9Tf;h0)jEVd7XLPGxA#* zh}$=Y%k}Ctn27sjm^1!Q*AM{nz76?)LtKL>#a98@(*=}_*^q*?u(E_E1*)GKO57RL zl-ba&G)P{1R;V5^!xdpxC?5_zZQiD}hx+8rSEZ|kAV;AZ^F9N)k)nhq9qMm&l)Ek^ zR2Ujy*;( zY_P9jKtLw2KtQzrKd{He(ZSy3e?~}Bt$w1ap^eR%(a@#jDvKg16^aoN-4Jo-c1qF9 znulddNjqVSu%rn}S~CN>iu^!ceZO(~?phBXtaNwZ-uhoDuI;iv-k#1~Zf~znw~~)u z1a^HDM9a^wfxS%v?BVCLW7x&qjX(8idzdXoz>1B!SFTJ~%+)K|PZnG6DwuErwOFZ) zyD58wQ9}H#Hv4d;>?SSwT7H8=3ozm&A&b}pwi1&F-4LeQyynrj&0Ud5=3Y^%@i4y? zN7QMld6D&Z5M??(^IATk0hByy#IMFwUzrQ+P$C5P>nVSREFq5q(MN}zx~$ z-=VIlSlDmcGR8<1E_~@*Pqbpdv{7A#p9;#0td8~Q6p}ik68P{ZYoSogzd~e+#*wWY zN+jZ;h@-;c$@9Gw=+=g=`bkH;SP`bi?#w8VltA4x@uTX~zg7!Ac;*Xm5Q%Ncp5+SNt&lL9{H zSZfywOtWimmy_u?Gf}zhrCM!m1U>Qa&tElYMs%$z8LJo9uG}iKy@J;eeTg})7*W<~ ztLiv1!GrP}HTUk_p_AgHqWLXnMiFxg<;`07yK$gT7{zWT!ciPDyZS9^IKjUhf6U;i z&f^Y95_UgMBDt`^E9tCu6P_O~3*`Fb=3!D#i?V#yPj{idVYxFqrKmM`BHXYiNJbP#Mk|{cG2n$thHoiq>4di;J{k3$b#A&Mali#jkD0e$rEXygEjM9!KISM z#@AuHZ&XvQ4k3urcDX)hHE<}HUm$7YSj|?w-lsAw)jVDI7mEzu6t=-V%fWl;8MX_+UKN7v&pMFd<|<(;Mv@ zbnskYKI($>X#?a7Ji-7bJi=h&AXA5}W2k$* z39D3kgrod|nH#^{T*c$Bn|C~UacEvLzW$IZS8!H3U<)~^MYAMKOY_Vl>Xp>j)*G)} zoQs|XzU*b?Q`=V`WTs~?!1#7q9Cx#Qu8S+`M!KrS<6ioCD!3nd``YsL^FKKo6mh;( zO8-irQV9Q!75o2|K>ty_&w2bSkM=Xj`ICb}Nk*3m3x%{$iNgLKNF! z-{Z9J^X4)>p1==wkCtDKDAYr92Y=)zG;i!{^4YLm8lt9a8e1B(OsH6s&$zOgmIagM zO@nPi25mMihD>bf>;rQ2%mLgGzNmD$K_6T7pMb z3v%Vs^P$&GHQf-$Zb&*$cIUi0Rx#Ftq|8F*A{1(9Jg`?zB|Hj^tw|gx2TdiD&BE$v zLn!a_^zI+?kR7%6l}LZ?h(6j~n~8g~EWK2|?01|!U`9XXAI=*Nfu!qh*zx3-DdbfD zWS_|>9Q9_Vc@^=wcleQdbnoL(tYlg#GgE2lQjiy0Bd?ZqxbX4JLcqJ|c3d+?sb-)} z?zgHgMgz=JSZfZ# z2G0Mi9D~X8+7p_&E0WJum_2H2o=WX`dYHgmu1;86pz>l^25s|mihC%*sK&V}#4ftP z%_R^N8gPxAA!21r^9FP%6l29DQ7m7{XEbm51;K=27X~G_Q78de0 zohF=zE^OpWt0P^LMjV89qU7}=;G8+$(l$J};VQ1-a?(3g{An%_@%m%5Tr|Lo>Ij!_ zar3X{I@bOh_8+$Zz#@|Yz(7DXp#NcZ$HnFUS(EWqp0ZyOMC(;aqL5QroG()(C{?t) z2KO992~oXA5-+6<>Y}W!bUBtk=3JOwKibs11NK2X@H}9JmYNuncy*f1b#d_f^Zp(k zp`WNxJdA@6Z4I#9wMtWmUv#LN3$pk6Z6Ty~G@MspHz&}U)Cq@@IV!YfojO_%Zdd3- z63Z7y!XEb1#2WV({UvYU2~jI=Q_zb{ppxNes$n0fF;CbvCKrqfwpOZ3M9-`lNyS0v zZ|sYEcsE|Q99cF9gu3z%SQUm^e2DzJOb5W*=uZOcxDvBBJK?MKp%XFl{j+%;SAp(? zdQ1&GbP~6_S<|FcosKllRA2TW_a8RXHPS(dR;w1*?g$s!8i2}{Oo&&2oUa4M?mfm< z?8LgW{MchZL$}7#^e=90W19uF#?KGN>^Ezx8${>4#BI~u3A_CO3-85+q zxof#>=evd}>^OVm=Fc30vwQ~Qjy{W&mzVJLdtnouY zK$t)fxI@UhL(scJ*o#9X9xNXmOn>#lB#JF#>5OIBm*AbcyS6d%RnbB?>03J?3|MDB$NuI z#h(cvuk@-E^CpVM!iKxs46lq&6ap#{6ZpZzptmbPMZ?w^k|=~ntE!!pS&ZmTEX#yT z3Q7u!io^mc5)c`h7#JFu8VD@e9B5g<$s?H)2>K5qzfWr#`uV>kzQ2sZ_MeU7>gsG| z?B;6rcboVo2-yq?B8Bc+v)b8~=JCFoGu#Xom!r`VfE5bg+Axp6Us8}I?>YPzonq=u z6h`6v@N_T-OME<+KcNDUxhDd0C{~Ck3KsQ=v;%G#ryLb}Lb6(&wp#+5S}k!J&xta< z-ln47|2TN!bieFt{P6NC&LEXUwub7JK3E#Cf2UIMwfY$ zsvKVc>3ja+Tqfx~<|1YG#4~$&2>2*wwUOOX=v&(sCem5QMOV5jXdn>ZfYqO>LJbao z$KK$ve~kWJ%V&N;f&c-f{#7_J{znrDTiKgh*<1V{)K|Ixol5vne>mZ8t->FFOA`tj z!|1El1ZgVnR7EKc{QQAUj&OtZD;es3z2OuzfWZ(FMU5Q82Z(U6oaiQITU8E3h?bY- zb;sqV6YabketumOMPy3%8Lh4)kJ-HJ!VLcXDZ|-Fxx-|+dp~a2n6o43)7;t zmje}i6LPs8n{dhCE>&9W!HeWTJRo!{NM^{~SX9f}Ocfq1HH%eM$){Gr-obey% z{sMJb^+^0I8k9KCSu3Ph0+C)GM$t+|i!ao`F#;YKex~=^ko1c3-wMkv1T)XnkZt~KhmFBP{Gm+sx>N&JZ3&^Ax3gs zG^rIjz5qLr!u|4d1ADL#Ai4pQZsECb^!QoazuRFL^MPRJFUj=Z9=`gg9sb5~=o>dE z55j~L_6K+iT=a0}4T!>Xp5Q2KKL|@!lJg36*{mt8MsG2foEI08a3Gwyt(zy}~Y4^<>vEFFg znjW1$5E%MP>qmrL?6A>kZhyiDrwm|^R^Ge@={{&$cdV?Nv8eZ47*EK8B*(M zXsI&qfFpuFeraa9nmc&{5V4MLftNwqjt{*i9~~EJ&xUXQaZJWF%+ z?H)jzloUvVIfN(ZN9eSanx^9&TTHIagZOI=wU>u{5bi?>Rhwxvt}?8yONWW&xoz)` zZ(rj`+ibKV%UG+@+8Vd#uhhWa6qwc$5j@WkL*yR5>aAObP;1w?vk9wk(fMBOayPo? za>*$*=Is@=@-tM3BMoO*^ur%W4}S4FMbZvVc5_xrdQR&qSSWV%K`}^L#SA#0ibKcCM z*BEhQU8Y0RKrIPCVm(9%7qWHV57QtnSEIT}Dsz)JL8yW;q}^T-_rjqm-}ih76z8;(B?&)|=USdH~eWwg)$u>pPx8E0Z$G7pISnIXu# z!Vwmd#-?>6tv(}j!nsZS0TdHVP)rd_(jn32)h5+X(_As?UrH2aNI;} z7YrVn{qXJOnwVX|q6P}&Ea|G{d_w5rh8|TW2eZMDU-4G?V9L1ax^z3@L9YTO$95C! z7mkx$>>*YzU07NXWwV$!s8IMkdY{x>V3579VSOtITbO@W|K#|rukBwF@PGK#_P^Bs zr}BI-|5aIt%6*AkJ%JU)>S$_z1cw?DuS?*wqM-c357wU<0`;VH;=pNW%E0#YaoCxD zbn^$oD#R|pC?F^hvczVmkWP*~QS?+edrdEAgsq=!m^H?5L*uFrwYx;*n&M2nHx#k- z?^R(hTFQ1=TRRuK^&|kup8f7fOGK8}MBH{3zV#Ou+Ju9w;*>?OZsog|hsxFMl0>Wi zN&|U;2Afl#@HD< z!MH}4Ax1PYhn6;NOpboRifC*+eDHH3&Is=E>*BJIl9I-=dagHMzm$yWkF>GwEsq;t z|2zgD8(CCYloGha!Y%Q|6ATUIlBatG8FAY zSZSb*Dz=CuBwQJ6!dAvA5JBjiyw?uI3dP=D6IrZ$8j@M5%%y`V^QWtP`@RWqZT$?_ z!VDKj?o#E?>g=0Zm&fwe+pQ8sBK++So7qGE-|;See-3j#m%|Zx;r3j=Hp96(^a1jO zcuoC-kYX6DQ`sd{)EnJH*)YABjV@on5O_K6-5X3W}rv z1YBQ5i0wx8>AVIHd+vmNG4+z925R?ggw*q=gKMQ%_{vips$1v7k!Q)~w@F71lMC%W zZ|pCX9XbHMB+q)Xogdk^72_XB1J7dX@t{qe2JDEE+WnA-lM^BYytJhR_j^iGf9h=e zP6th#8Fn@9JE91oEMx7abcSb6YxVH#b;%SLJM?!;AP>EZc-GA`8%1C70+nEsBU?&; z)TDaznm~CTbe6UVdc_Ht01gJ#Npq(&kc)|v&th;>T;^iQjaPkuE!<|Lfz6DXk{3;I zOrVRomYQc7(=RU%!dSCn&hAsYu#+Eol^Tnfa57AB&*018T~xLjf|RDD!P6VGgp#dr zsN~PhH#F0jre`|!pqEt%e@0~yx!z zl0~}&H)dW_@W~s^^5M}j%H@hmETh~ZnoK9^|4?*~`3RGx-LcAG2Q8%ulRU*r`@w+~ zxej2LIZrgSlZOXkZ%9f!d1=?lpCf5T3xnf5*MQ*mQi2VVmtkthiV`zqs-dw# zR5!$Vl&Q&#rQcP-VO&z9$t*-g_-&1y3qK+M;kZFuh92okkt&^~tDO=-#?yINs65-j zx);&Nb^gYKK{=`O%N9EZXY2w3oeEu{fvf=t>g>;Jr$k)q+Gv;7Eisk_rsHwLpq2_H z4Fw|ciL$rT;?+WJArVy>aWS`Jj1T96)f4@Urc5_Z5-s+5p)kqN?vU=eNq{S^dUYd{ zh!~AFE;xoNq6Ydyz;Pz5Z5Q#(Oky#OXM((YdNWs$WYaIfRR|C zV6?rM8lGvZx#Vo@$m8?;nmOhqfGM-R7*Va+yE41_6o+al;w%OY9(I0UkK2|NFCKTh zX~WgRJ7&bFK&u^QBy=Fe=xc(T)i#y*X{qG+2ODoFq4gVb-s+tRZ}I*QPxWC6AK_tz zdlvY)eJ^-{G1!_RiR^_t*q-tA)jJfw%6;1$QpQ!rnGek-etdF48|;}}YW>wa82!{$ zKQ_-0(qxt4`g_)eT(-;UUp5NKG5re-V6?wf#FI*K{GxZQ-uQkO?6dXM9l*o;kK}{N zbIKn*;9xrqNE_~?eC#gXS#)kL4k-;O&fj51o*0n(_$L>y-FZN0P+~3LAyQS1BQ4)4 z@G|Tr9kv{K>9F4(d2H+CBd&RO>N^-fz2j;P_uthC9{YE*#^0?jx?RRX6+e$0q7wvG zl1ihWEK5#K;=Pk#p|32-Ni8*yGT8N_(i=ufWA&!Vpb)$Z z{;bqe!piN@6e|=V&`$ltj|u)b?3sx3&NN}}=Q_Cq9S?M#2Jk{nw_7ytC8uVYa9H(t zuhSpVj_WsgtlWfmY?||N%z@PmkhE#X0Y^I#{H(8;KPqZCRP}>HPkc$StnmdA`*y6^ zKs+V=R$TAS`q($GXMY`Tu4)_UChSX4E;ChX!RiL4$8rM;ircmDk107Tws*G)9oZ8|6gokojsG2%2uf&M!q&PehV03|luU)&W6L2f(l$Q|mzBX#{OQSo)&e4CLY5 z499h3upa@w8WQP%jz2WV8=+&Lq$25rMZIInQP9v6!;Q5h*=VNPl$GeRJeQ_DuF7`r zvT`6$)wUUCj^kZ~wLF&ez9XuXd(x)58Fuzw7}VPhO|=Y9_I^D$)C8#LC%oFl*|2r4 zCNx3hy)tP7IuMl#4}{S%D>XlX%c{X(!GD}+wb<+AN8^|ZJ=ap5EcJ^qP&=h%sN9H`nu#eyeSxP} zNSoS{A!oALfBg)VB$`lgFUN;Epinjg0gR+nPgJIaLfkRhmm*r0o$z z>>bDRiuBemElWSo)Tp>-8(q9yeuMD+D!aa9|hip~m`lSDlt8S$ke{L_p}9MZ1jK|cpZjpjqp+pyS^@W+x%@m@*(oBS`R z7c09=7@FHSxb~rRgE|tZWQbB8cZeLVoTD5Kt*M@Fd>tE_W==1^mE1+k<+Nn;0IDzW zHyT8={0uwTa(Ji+1)uc-hwcA_W#a+lxf+nzwR^ARVCCA*OWELr5 zxGQO?nbU-$M-4#tlc}!mNcN|;7MuFhE`)ypX9_@8r$8SjXN4f4G=tjodV>t%|F&mA!=v zz2krLFk6|ql&Z@);Bp}Kermv_h}bPBUbR?eqw!ZH8N<4fi6r5I)e$RplSV#AZ6)c_ zSTFq9;n>pi<*ZyP>eG~QCa~D)$=r`F#$3i!Fpz> zr)b)|eHv}z=)8zOuUfl#5uYi>WV~7TIeaq4KI7ynd|a#V_kX{*`ohKGPBoRCETOxU zgjBHRU&~Yv^iAH-5?`21HkrFgTtcyLGL^1@wrwywMN8X2y$U$W@L~FlO%@z94yJ0* z0jSj6pC4=-?_n^e+pbr}*hguVp?0l8NBYM9Ek6&{Wr&$u0i*jjBgR-?0b ze~o9(XgC5(LIrefK$csGA#K83b}XE`1Kv0rwIIq_YuL+?E0l7ra#$nz*FhL*T8T|S z(eI2gQT=5(5li5W^^b|h$YgE6P>rZlP=Zm+0!%D~_B(=v`lz5c2*}707(~Xuv(;@9 zscug<7_zAZ*!@-FtE@O%9>yhQa{k~fD9n|g&X{SM1zl5WOayB;*qHSwYF*-35yt$S zxnmlLW_lcSdyL}9cPTpM1{N)wE&>9gyCUT&o(Xa$llob>Ey2vvyC@X;rkBwot%Gla zHuy=7E8SiKN~UjeY6Op-6I4$|vlunLkxiox!rlN3D@;{w3f-X0+u>=^iYdGWHwVDy z15sH<7Iq0edNSTX8pO3#6IS?j8H((dZht&Em`I{h*EJ%b=3oN54g|NB;mqvuqEw!< zXsdEaT0rT**`(5lxxK$uh;UIbjFMO>T2dMVq3ufBXeIW@lP$e5sVhnO%~grVEW1n# zIzuf-dW8qlZX-1e7uv{A)L{DU`eUQ>g!UN)>8!0U#wZMn01MsMBi?(CB{k&|SBJC7 zMg(dVjBj_Gd_z!^M(uI4qp?nPs%~Y=PP6l87mGCj#iwZ-7_0kJd?ib^lISw-TMC`1 zE~ME{Yv)^2$!p#!Az!O@Z*gv&&Ny1|SAl$q=0$06Oa!}1VT#NbS}L*!5C}JU&**lZ z!K-kJD+IcF;T{ zhoJS3jZp1c?Iw*kxmr81#@*wX^xnBQB{x%QxnBbg8(OUFqE99X!^N;>{gWQb^w^+n6dHdsQ%gJBOZ7~$zxARXmYf+T9)$~EFekz8d*8lFRXSkP{9;qC@>cyH; zz}dIxjMSy&?7^Jd5)+8N#ZIK=oVDzB@d-NR{5=JeGZW2-5TIkEr~MtXa5@r%sQ9Yj zhwur#_!4%VtI!xGx$PmlVR#4FRMoM)3cUf}oC7CidAjd(m& zxAh_xhk@-b=LDx`y4T~oR6g9jr`qFS+#c|Gu_{Q;fz_H+HIDG;K0+NFND<}PDz%elUJLYWK z|AjfeuYX|V*(bdU9PLuy79>sCs*n5dNW$%G}b&gOkFgRtnjd_v80ETDZg42nn5pCTS|Cv zGBH(tqcz5*V?tTkv?U!!$6Vg85^oSeQax$PJm2hS0@qgZVX5EBL+o9-EK0uFY~hP3oZ07KRH&hMJ?_DzI3J(;AlY1Ccgk8Z87 zI={4vkj$O<19w|KW7XXDR2|YtS4!fI25WU0sT)zUBe4N_Xg}kBZ^)GPaMtC8%#l7R zIim&^A$leT0i>PL+M<09UMiX7jOUISlv$DbFcf|(J0`XvZ4eB_Pgh#ziRl^;Vl%zv zP!L3YfKINZ3)W=nLI)lUA2S9Lt{PpoU|Nw8ftjEpir4&MQQ~xMsp%GxIk^$a>BEq zjh;{jcr91|T$oLjH6BAC-WomTpWYiT78TnSDA-vN6@C9$HBFlqN6lH$pK14rTtr%x zPPwn$!pg2T+qJ%FS6+wgS~Dj9^={b?%4kJMEoQUW85G0kW)T|PfnvJN-2YQA`rbrUd>t5SXyQig2GNtxv7qB8XWz5rTItr~ zv4Z^7b2R+Zwpr|px1pMp{XD5)nN9Xuv{k>Wbh`#_UnKDB9B z+ED0}EWMKBc4MM~D071;=IeLnFZF&>vm0^Kk17bx1UYBxB%GcTF1Ou$V$Q zy=-`HPS#52a;?!Z4<~4}+FUQGGkAh<-tjk{Eq9^&tqg<%q$;s4Wdv#l5ju{27-1}R z%J|_S53Ls3T8qvA_k-gTI}}mc6bq~{GonH`6BQE?|6f?2P&98D)sG$GudP6TfSPXm zc?0$)jx}69dlo$LPwZj!ko-qW?{;vH7?zD1D5d%N=k<*i7!I3ZwQ7aR$CB?jh#c8} z&k=!*=mFnf;f-kh-nWV{>iA`AO_ETH-CcnR?PgZ&4?Z+_r2b>^KKp1+7JXscLsYgM z{!*2;#x&P)aB-A6PjN-B7sSi}_r9Gp4nYPRQd2yOx|ZpA6#b)@?IyOG7xZWH<^FXD zf2(-$s^Q{PzQOf=!BX~97^qKg`RZQW?=yJrm8OBC^krs$KPM-w;p&TDo!^9I?C~$B zC+xF5SAg_ojzr1PI|YU*7%x@l$w%X= zt>tWq%3U|q9t?GssbSpbfgfkLqXG@V!61r}1AEj26(ktIQrNu37$m%}CHim2-F*wN z$ITfK?_C3DA}ocePZaDzL`|%2GH}h6fO(%a35ju_-O(scE~CO#!zR{yv}dN{FDbv^ z$&5(9@xhEd@oZQ9fG1t6P%+)~y+!6+k^>aHUI)@~2ftD~dm!I3AJo}H2HX~V?}RYD zAB#)(->~PPkm;qiE+c#1%$YsD%J?FpX+Gk&$a}ljYL~C&oUyOMA+sF65qX#BqJ;7{D+PxFG ztvcE@^Zh_0iqhqUT{(ShPq>;-{rcNk;O<~6JOh7*yZv954^xN#Ts~OgUF5}F{PV39 z4+I*GwSE#|#%K1_!1}G>N>r#FBo|iv6yaO(on_k4(TQi4mG2&ra)6tj$V}U#t-vgSP1(S71FI~H2K%xnO!W8=PtIqBH6YJ7|8G^6LO9UMD7 zrJfOZ&D8Dk`M8fz8>WjXJyuR&I03 zE~6hn!<9!rpREs0JbZw@&&LjnLd}{A)b7qbh?PTImE~Lw;5ZbVHFoO2Fy$hUFo$bU?)^K1E9xe{3u@kIa>0R6huxxo!vt#qSTiFvrWzqYF}7SpyfJpehv! zub6R+Uu4k88Obl}!9fk9!i1|}=Kc~;6m&xq+}*~(m2o`$5Ps7j+7B7RI}>1m2`L~HJrE!H0=O2V z6Qjefr=JF0SIC?5WHE6~yjMOHLl^gSov{gw0i*_-;98a`YkBck;+dtucQ7f22AEmk ztzlY|F6EDJNU3?ln9!bfmM8F`lU6ONd}ImV>5qgpInVvmwvZV>qT&$hT6B$+@h@3T zX+WwkgHel%YZNj4NZRWi#4e{n-!pwq-;P5h6d^;J5hUQaOl5Vu0n%uv)lO`#m zIcA)`5Sw2(RY;?xOD@8T-)kG=)&{eDb98?w$vb?ZYu$f4wS1=-i^CHc3$CF^(J!URc? z@{CDIbOivii}DnoL8I%6M1J~B*Jg9pndXV{UVWsgeWuvKhEi4##N3k7^=Cs}F;W@s zbj2z>c6c~9M(@6pX^}ZX&=}Y#crx&tAQ2O@60feQRG9yHI;<~Ad|XjW%jtCA;|;W8 zvaX>5=*fH08Sj3eH~%PcDVqHE^~U_65sbBkR-OC+p@cRkP2&#Fltli;wIFmM+Z*;H zzj``5EpQTXqqT6M3be;Y94C$7;FR0n1>}f4=Cbc8!bw#tMhdX{~rdIjbCd%eJ;3uH*ysrsBZvtD+#HHHsFyBz?x-j~{bS~OfsmP}x zu4qKrK|Rf-3L3hz*Ajsx&V26`@jEI+eAE{c1fac+05=D?z3QhimLUdh%6M?NG4_&7 zOj+P-+iW+$@3zIn;ZNJ*m{)#c!%0}YuIN-&94$hoSkvI7NxHDxrt4Q%8g+4xD7Ib{ z2~0>NB;m-PB_P<%0-n{IH_l)L^jzlQVB_1rkUaaju#ucXEVn=ipSZ4k_)6zS=5zJvq%h~9^>cu( z#-U*TbL$(|vUp|ZGI#tH@0<_H1y4pZIyp6$m{^fRhD}0u%vY;SD9?iN4d%2#FV9%S z9fP1ngxa+7;4)^0MQSH5Wz-W^+OUI)N51<&jK5xM{)>$t$2L&#AFuPCS?K~ z61~v=M}}^4`L|t$E%BF6pZmIiinfr<{;NeLxZBq;LE7yWCte)gIStR}?HLO2hx_u+ zK{#`R52c?eoxM-}wAsR)uQoF<7I5z%Hs#*4-5^ zdAeQ`gM?i=t))B*pt&}0d$+$`R_R`L`d=Y{^+P(*l64}&h|!;UWB6S3uHKxPF7S1y z-q?IqupM=diul5ycgi-im0fib?lUD-HD=OLUw~Kd-aIt?I{N9O9+HP95Q!gOQ_L)G z$uAriSyW?QHWOxKrwYc5wGe~h(J~4|ARjgu*rW{NLI4|!OJD(#Fv)AA-%Gj1U-L8N z3Ptj@baU-xCtZJvL4d}vWz4h|W=9b$6(ca_XOuD|j-TWn%Z1uhH7!-OfcrdCqxPIB zIv#`SX*@Xs5(j{eMMZM`M4feXqaMe(%c>inyuEZGu|_34jywsUlDiIQivngZ^&l3K z2>}sWk=!#$&w{`7$gzoJuLMvaD#yOQ14;~_pE!irWJT`2Kg?Vs{LB$P1ZhVND~qjV zqdRqESfPfpkXMBdT12KtEbNgtJDB;V4KXu;AM5dm|4OH4QeesUhzh zP`fx0y)^ZKc1ce__No-(bmE}k$aMuWgWU0l9@*<>u*Mp5> z?@`;~P(n~MoEc?#2M=27gI=w*v7m4Harc3Xmlj2W$Z^zYoZSOnm0M$AHG=f&`gfzs z%)>})9KYzJ3rIiHPwL>Q*Ic7K-5(YNqImjg)S(X6>?dM7Q)RBk) z24lnx_X^t2%A+`7OY$0680JWh!B7XMD-sHqY}q^07aJC6K4 zT=Xj#f-B*iShRne*w>gb#%2}KqODTB#IP#PxepYYipE_K*Xk@uerye*8`r)@XUyq` zNg{s{Q}AaCP`As_$1UJ=&*y=m8;_q{*6dHF)Q6AbFJ$h+f69XDoM}dBiylPI z;6rnHC(l9~7WprH`>{=L%E^T?aOtg0lVNAXTPAjwYXZK49a_uG1)-Mmca^WVDxi*) zLL;&jn{AWI8Xt!gmf9_s^OK47AOk=Qjvmv9oG2xqr5GH<(vu7e+KpyhQpa|;;ZqlK zw~=WLbtI@v6GxYnMqmZHD=zB>ZkvD{GAGOX7FnvO)l%~1^=O%K0=D-T^OO*c8H~*D zSj{M5O*dQ3C-PkBpo8t*xpw&qbP$bw2}G_@T=Qttx=q8s6m{}-e%eWzaGGEe_(B;y zUvV`15#|hgKYT{MO4RFUUpVf1TZ`;HSjJ??h^--hf75x=eOhK7lMcEf2Gc@s=2H7$ zw4eOR4B0<7Q}Px@&*f1vEa%QEcHY6JAt{sM-JL339lVd1;PeP|e2y3IAfDB;S6|WIIlfi+RDkez)1k9XLpd=B06;nT z|7cv2wH35Ac9(N@vU7I&U5iW%tpDqb7HcJJ6%-$vtKcA#4kdDN%^KU?L1D{sw3;M& z^8!C*f8~P!>RlwXWF6D`yc?oS`yqIrpFVYXWvaNEs6&(=Cy{(*`>ky2u`>&Cm{;Si z$J|fuQyi}M)AxMQ03A^xz}78GKU5>nFcR+Fc(&N=aM@t&yyRmbaV3BgS}gRT<~eOJ zL&e{$PZQ^E^P*!g2v0BGwZA_u9nY6Opa^+-^lvaAH=Q0JYi!qNzGDc@7oMYd&EKL+ zx07R>UCt@^jB8BQ(uMNskfBLu_ zsQCSnCq@z9_7h|t0~^GErH&i2a*3HvVIr^Tdap1HDG4mAAb}Vf5~c6M%~0-Z^X$74 zakx^b8lx3fp_y_kUPUcK2%3`d`tP`Gj6Ovh#fo z%#x=|sS$^Q#yZL3Rz$byM;8&EdGK0Y#4G1VJb14&RRNvL$3P@G%0x%1OD9c&N3#u$ zx^}s}Q53p-LS^E!pw0UtlBGA@j2vDq>uZbsLq0C9{z;(@#3a3OMkxym$t358QcV1? zWdjx&SHUUs71RQuTO!dAt0=I-(khu+xW}&%tYj_Aj%rhJPb2C(N`GMxqOz3@KBt;Lj z6DeShP(iuhd7SVV&}gRj_ltec`xOX3%U;GKVq7c6#Xrv^!v5+{uNFv`pm=jlZVx{*inqu8 z_09ehxatOvVG3`T^b3;d-HiH1uVwp*^I*Ss>QBG%U@#7&esW}2>r%MA(@VK(_7n5S>BJl_tV|oUw}LG zT@eOkHp2AiLcm8_^pP3d)Hili!I#gmY&OFu*SIb!{l9-2!*w2AOm6DC*f2uufPoJP zhsYX~Ak2PX?#Mi7G_B-<8X`M(Ry-lTZz4O4G6YaDJQ0W$!Z+&p-zPn)ERLaoK2E`h z!sDntijz7>p=D<$N0>yoEJyAAOxHQ~jrq`4N;*^%Ku@dG=cH)eb$Q(-taWKUUh>7< z=G2d3hpSE{)N)H;tT;!hgbydFm^hqFCNC-;NO9K_no^QornHa{nn9Y-pbJZ}Vs>QH zn@+QkFmNFg?6QMb>-+|eaoh2SpQa(1WjQq{X0lnW-Ah|K$T!c2@PIQm&$ zx^1ldA?tfHxi&J{?6}W3K8Y=vuxICR1O?N{w>?^|aE#7PEbq&2O{YEKiN0~%f?v*Y++V-Zh=jN*^zo&PSWw*of z;GUXSKB*1oKt$hl(4(Ig<=%bxm$A#(6uX9^(&3WRHYM6mcP;iLpGOSns5kGG~p&!F)j9f1vOv~Nozo79e@c2O`zT@E;mF@YX$F_xEuOYZz_ zOPwFZ22|q};<5`Vn2&kA2;Q|Wb7b{lyqd}-4c~WI6_{AU(o2mNxXVnld=@$XOPV2;!kGab`e%R#s%EKuYtZhV~9Z@Erbty znM?3mVMc$27vs_ME8Xjb-Zlh_XC4i)2rtj{DW~V36*=;A`G>loSg$cWn3K^LMo~z1 z!W=1mE72pu@-Q?mx_Y9RMkIl@jOx}QEFMxbFXI`e;2Z`qTstjuYydkpAN0f^qVKJi z04TF3_Jd0{hXCf0%2fj4)Iopn29>N%fcKaLU)(PMm*h^aDME7wn_L5J_-+xzsr(2p z@0>XVPD#c&H4~n|qXFJcgYpHnt4H!~nK4vy>_qg*4|$pQ>=?)=_squT$5(t)a=zml zxVKIE&K2nEn(z$!Zg6v3{gyPh)#~g7n?;8RORHL*Pd}4Sqex*|PTRzjYyLzLT~0nL zI*wvG5{7xD;H^5AbJlgv(uU?E>S{KPAy4F7>L->Ej~$w1v5 zm?kTr+u#J<$?+~I-|C3Qnk}mSY^wU}Z$suz%;gkPe`A>f=6@X2^RMHsi&U>|u{aPu zrt}z^^=M~7StaB+8&k@Ke}Fkr;Nw^3lb20g0ob5>PP1A)U)v6C;mxRCN(`gxcl!9; zA5BKu`dBn;(d5ec0_~3iwLL}j!jLkh!fwg&!sN20@lJ`l_JdYOdjxP)(*zfAz<_Ul z>MudIdvfw&v~IDpOHJ*b{W|AcTTW3+p=Tf*MF^BMvgYT6Hf)SfLxHmfZ_@ztNdXN& zoBTG9WLqmB-r(@lT&B9mx)5|tTpq0VDmjP2eutR`pPgCj3r+IX^1Z(OHUPX$C`i

IV4ChkTZ1@xiFS(Mf_ z+BL=8Ord)F_|hzFijk1iVtcnwNaT=f)*XCD;hK9!6^GvfoXc=dIG7Id2(B=Hq?yB_ z5Gl}K@Q$BEmfug9Jf<*3b_Ps9>rM!v%m-CCx6_`s*>=w@3(`_;&W4lXiYsSO*9oPK z{b_6fr_Z*qucTZ~Eh}o>6mXlLHlEHfige13rtUdgnm!wz^J)+=g=23tu3S+d!-!Cg z@fJT#{v21JNAr4?ymTp6X{_)NMV-!)w0REl`0H9(le9LR!)ykRc)h47A2p8vN)+2t3|?IeWpt-0WDR;W)TWEB%0J3ZzoDQMZeevXJOE2r6wKHZ~7BC20fqpR&0v9j9T^`&Q$! zg?c4b=7z4=Q1Zl9ta-${?hawHRK45hiH;a^NQ79G{09e2J;=(hV zP@@)Rl{55nicxuR6>JCdBBbl{Bf;<*gkadRE zHCAZjj=b9JX+b0*tH_b(pY2Nctkh7HN9+bBQVvxkz?_aLh{}m=WCs{-=uzi*89tRk z`6HhQcx;rUhkH=EGoZ$(&AS(4!7QRJ?v`kNoMEK{QP<|TBt#v3C!`tUIRJ?;FAYmN7_zD{Nz`dW(HY%a5(b1#SL(*o>j(XCh>>u-W56j76~r*5*mKf5_=Abi6NWd8c5e9(TQHG1KOB(RAg1cs!n=4KdR zw6>^>!v@+V#j5OMT)$*(I&bnkvY}v(2Hc#4;zc+^8++Rq%DQWYH=OzTSA$yyP#y-4 z^n8iCz5=&xSN79#N=o;e{brG_gx>vF*flfByqfun;$y(WNYr8Sn`DV*+Z0J=mh3bi z5184}7mOVIox1mvNKDFf!1ohB~4NxHrj9Gc*S z5Kym+DbvkcLzF7J&e0Y=%}7$C*C)8PeX(ax<|{pAlMuSrU5w|sA&0xc$X*}T>#zO_ zcs2i=i8q%w>vHFNDc?CQZdq`8?T+q{(|#HWSOu05oA zPV3DZrO$k9%H9T>y_@qRmpR|S_4cg;AI3K-O4d1o&Mm{IJLi+4e%Bcooe(D7NgrQ$ zk^%&G`S#2BmOJWQz^JAU{ux*&k^8Zxcj+Sc9C^*YOTxhI5 zBDspF3i3B^rr`{aJBa;3<_j1MrMF!@#k3UG_0otR7T?|hKgsv02fzOyy)rqP>|o>K zs?X88#sjc}69c=zw(H3~f$F&Jhrm_#hsRK^eAUT`X`umrlgsbz>A-On31z$q0mB)Z zQ{5@JxxHmUfuZD6jCre);XG|GWD0ei22bbDMs@~6Qh2B;B-^VYWxtE+ASw45$A8Kv zMp~;o8eh!8IPmO4#+Zjh6ZfHUlOqQkjv$UmXGETj?UiVw6g*w6?70_K>&{FB6>H-i z7FPhC^o6E73Y!$=?r(wRf%;x#TBPfh9xq8@%_&gWCK!{J?z00m%^bs8F}d;$iY1?6 zZ8|isavnyqJ7_J7SH(^~WS+GYo3Dl>#a7dSJP{)D4__JF@Nd-}10mDoD+1zh7wp{->d?fBiIS zCWb<`HZ~?k|9hybb8M|_KRrV57gb&`khKb!Dp;(3FE9~uS-5iPZ!k{CI#HJTmHZ7vO zJ@^(l?mZbHZvDjG$4uDd;A1`SRY0-3N9S=tJW)PVH@+W#f1SX%V)FVHPT)sB!#P8T zMH~nc!U^jv*?=t*ZMPxUAR0F~`nTc87dP|>L?8eFi;({*2Ky&h_WR2GnRjbp<0N8b zV*S5ju#KwQfA*t3ZCGoFspaPcL8UU9@JC4zP%Aab`2rh+3Gf9_yfx=6+nnk%R<+km zz3v9pwzF!PKFx8xzjHC#pM~0b-`F}VII^uX!@lvGc(w9PW#4BxcHeJqe%xOVg98-b zNPv*plY}FuM(vPHl%}R+1d+eqR(Uo3G%ST)C2zB15tOSMHPCoHI5_Jh-x>}NS3z|T z_R*~hT?;n41){@lqK}|l8qKt3V>0JhKf1~{Q7-Qoqpz>C++e&iF5Bodv5#Z0T1O0~ z$K_HoPlf7eIZn@K^?}b>1 zn6mcC+C3=wraQ!Vp;(NsJx?2_bR21sVVEo+LEMbd7cu25x!G*E#@(&9wR=@uYZOP) zw1)y~Ic_J@`V?hg-%qSKv<9VvmS1vL1d=UVXO{qV4ucn!VS|**~;P>0*^_XyARf@ zYO66zM;C>%36u8ARfb*~ui*OOQDfSs;)wNBCSGsc%tCYQsM+K?fMt8kwUW{;jh4cB z=BI=V{Yj-k6tL_ukTgeF68raEcDd~spI0afh|zB|l*H>hlM5i}?LEfR7TjX(QpRR; zWqd&8L=Q9fk@FZun5n?toe-!qSUxR3BABHj74V26YL3?nO1=pw_=vScN4w;j0FAiw z2f&))iB}Dc4BdbVbnOXMArulCnP`+c0c@cW7Ltac+q$vd=3|rqGubBP5`}Od6vn(G zyN6h0FPxtgdMv($%HV8>OxvEUMT?w;e&&@t&Q_K@<(<9?_-TtB`#iC)n^fUK_TOPprn%% zr=MiN`;h;dXaF?ARys78&g7^+_VsaeG41|(egN$uMkBPNN9m;(wTf&qp!P?YYTn17 zJxOX|g|v=eE3}GSZy7q!c-2)>D=(qS2&L9f=6 ztzc@Pe$7bSsNIvSRi&^A#UEzlCOSTDZJq*Fo3`vlYdlQGR1~!&(?RQPB2#|NRxDBp zs5=?2gKD8#j3)~hq%;gQMV;=}J|rPBTp`0K#sXl8twdi~hoRp{F?WPCm~h1HYJ;_QFLB8?ZghX6otP?Ov<>w?1WY2 zYzVWqq@Mj|lv5MdShyF7-Qtyb7LIp3Z&@~U3w6pn|7N9~LsD*kVqStKo>}T!ivKSl z<=Ozs@1b`c$1l|b#a%*SW>L}O=g$g{F2oaH++ohx_fFlPcwq*w5YjNWru7WMzU(2N zKVXu1?+$`SO0fBxB23$vo6WgXHo&F4g@_x$&uQ{=5Ixp5>tdFwM;F8bw=)K8>d0m! zUC?M!iPB)eYJSwK3&&_MDV~Vn>2vGEE8r;4yh=bOMt002ES007B<`+xk8(HfmU(HgI(YISn>Mg@_&05loxXMrT;fBMwuVFKE;B&1~z zk`5#kB0is{?yer1v(L7#gxuAWZ#UiqAWIixjdFju1>BD zxLdl?#?Errb4J!4OzHD7d`gz_nq_r&?3RzTO3=soOGYtuI^6Ha$JLI}kC`1PM^h6e z)|cYovKPFnm@0wZ(46Zc_bB9|dD>Y@NH&~C6V;Jd^hc*Cs2j;Lf#Z$t1}}ig{QL)j zl=Pd!+tv4H2VIx@J$tn44N4f>s7%vjPgKdQxaYZCbhU)4N7AjNN}|r&*M~4y@64C0 zRMjtT)0r}=`Ts;~JpPK-#MYxOSrn|FkM7P7m|}`sWUjFi$rr56vs)ta{1vSsF#<-_ zuZ;=gBgq7x17oOm2sJ_~hV>7lN0kf{2xIK2tJ57S4960VPR9QPyFM!;l zTa|A^#>KzI;)2I+$%X8UuMnpquw-Sc0I@O$)(tJJh$rchyx-aTC=Ec^GkjLvh(k=w zuYyRYA}+z34~C$vRmS8osYVyw(3u-c0{%y`#`kJ#2(AVYql&@A?CL`EPqId9pD5Sd z7Gbr0CF1&KyB7YR$(o8k$r|G1m4^72N*NMs6I$ZL-b`gUY|`(^0;WmDh%Rse>rsUU z!M__rNcFO#8Y!bH+L_Q{`$o zz-$+>LL|pt2t$$jI3p+8n^Yz~MB)=M89@EPFAG_H>(+BF5g329d$>fTx9md46oY_3 zG_0@C=!l}=#*>-B`g?d%QHr`UAgAwX8y&j=t~{ee89I4mzor6{F^u)ukj+f*u7nO4 z4J&V#lw|Jr%f5(RHesCmo>R4!OJT^lR5+*5#lEhl0NU}H8&X|?Sc9NDc4{v@;_=sq z3g(%qj=2tNut7ujAp>=2NHg^mE%dkXp|%+IAPgzjZ_6iLXb5=xj~{Aa2!yTgRyN(7 zd|wn(n{aLTpVHs=KWyT<)kAKDRqjsxp30D$8+o}#HIJPN_{se2-GGwGg>S)fzJe(UxVtas z!g>Uo?==rC*)C=B%H;#=*R7|e|4iiCrPI?UG!3c3J4K)}B_EEF)P zo^Q&-(+l5isF#o_PWJ63`*Or_sD5nPU3R%d>qb<0ZAKWlS)>E+ic6iUMsMW~R9C#- z;=Q&>cJZ;}5WiTihR@IRot{0F+V|A4OIfj|<g;3%c8%k^ddLJQmz}pQ)nzn9jDQ0gzE-%$Oax-FWi0UY=~2x;oRw&MVl`Ce|)I znRCB#*YTv+qR7}c>R+Z#4=HCf9As1I^giD&UIq_Aqp~C!NloUWoeKlV8r4sv%X_+H zHmM8T{v;Z0`Yj;Yv=~U1Kv>o5prNQPA&>t`G=63MNi_OV)MyRsRNS8IwU^Iw^=Q}r z!7k0wZ|sWx!LH{Y>`srSTZx%Xmak_Vas0;abk(x@#eMK^>HA_Z|tg+ z)K4TnL0_s}CbC^_FN!w8hRA+HJ%xC|L-^P~+&A$=T}spE8dJGbpjmZh)Ge!U3}}cc z4sdx!=`kGha@fqDn>@}u36cefqo}6_;FoGQFl*3Ij3&0At9v6iEnepQiI4-GplVTW z6h-=6V<>d0>-1y5@`BK6*B|XcvW~Dauwqra9;qe{){P*(PEr+sYBC@Kz9d>OG-6lF zUQARz+=I}(DmGI<8k^89sA%kj!n2ck?4(f8XE2we85`$e z;!!&m9-xS4z)0_)u2;yHthYQku4i6M;%^9*6_KylK9tu>_ul_NnO40@r%3cbQT z3}ZQSR1Gx7h7Ad)0 zdyVoJkzpd*786pWJX25-RRMrFNV-kF5$VDc{uOA zOmpuLk7=LDbGV}VV+{7Bg#Tjm1q%h-O)jdxtd z+5G(+zvsQ=eG?{1#35#g0S$4cfsT#N1)bJ8?;eUF^`^UKLCBvxBgeyEdB#OE$G4Zk z!5I51ms!wTGfnL4s6WQwA!L=&60xmv*^PzQ3ldAcnblL`chLVb2CE5pxxyJ%zmG5v z&~Ml@TceIPRcg8XWeny6-gP_38eJJ@8^sH%THtXKmTst<}B_9E6y)1XTRH$4M^XYJtWM1wMEzCN8i*n##Tor7Z<X>as&J0uT?tPkbX15h%)%2XSYMHP9ANzTiUYk{^;48wFeJ+zw5KI9e=M^8JGhtC49*}zz&0wGXVbIAVzPB>kXBuEThK#T&S9Y@{CTrD-x zZXQ(7szFRfiWIav7S0@xKm#OYn%Cf>7h9A6#yn-0Ceg{VzrK8z%fD4HN|n52(oAy5 zj>u>MZkI=sEGih8UbAwy#@^X;o*hWZ<}&>-9?i2w(4>w;0iPHOz+=vx%B=Oc6Lrbp zx17B_>R%xjDI~tsWCNBj@F=lI0o+K-)K4~qU2_`=8)PN*3TL>-XBq665XZqKLP3%K zQ7SJ96Bl>%g~3(^~izGZe*x0p_~t4+B{C~1f4jYNfL@lZ)kK4*B> zt@sc#95X!IM~7;pH6r}3F)`bOG8OcFQ+_QZ!RH`{yEYa73O7Zytrf;7Z7dZ(appb~ zK;K5yym7&Cgj`~-_JTIF^gz*Lx8J)efzsN!q89`Y?I*!%s4V_2M#8JV_6%{SVG>zV zEK7zZ3JfcA_P3fs@;y+$q@%om=5`lBh=@-ydvMW06eo=tX?cfN0&A3B5*igzxtY;c zQ`eLRMuRZ%s=!J(d%gDNT0koVn5EQrQ`1RF($pR+oqZ+#-YsF{bHm}T0=+lhp8=21 z;nD+EGpoX;)lxf@Pf%B?I{z90A_>6T1)TZIaXc9>JN{lTO?66Ffk%n@=!FsgR zP%50n4i|dBS`}#^%HSnhcJc;Z_9PwF;?>343aVtDtKXP%nhqbA9@&V}*cGK^B-L!C zHTi)R`8E$~?na)IxyRyYt2Lw@Lf&~82fY8g+WS6|%#Z$cubIs`f#Q;|s6c`)oJ z|7cIV(8i;g>H2$gQfmrE8PM4uw(bg_gA67Vdhi!DX;B%9VivGETSJ}g97t$@O|owB zMM(YDv=h*ywkY-^z@*!|O^AbzMr*SK%Fu0VaCOu|Q6lU>;=v?I!#2C^+`0?xW<`Fi zM~6q&C=_U8OfdbL;ts*JX|;LXC__HQIw(e`Qy*BHOF)BS`0JnJz@fiI?RT4;hIP9B zjZ1m-Lf?cnH(QuPx&?z3g(R=K{m$>hGL_S!bw6Q4-V$!u1b3|7a|FZ@Tu}$)j`2Ik zeYs&RFwjI0!}wVlUAD@Q&dx-?G9f}}t{Vi0w~6%}G)mhqLzy?B9!pcTjC1UI1r12# zejXL;LYin{k2Vv*xk#ny>SJ4&JCV|-GVeT18Pi+b!Qe<&i(MDrlePf7}76j2gje%kN z9nbUM_VI~FloL0A007{@{?q9kGR{^`7Ip>>PC~XerWR)Zwy_rVUmI)l>&c2^mH7VX z^06*brRW_*Scotn%(dc?DIrBLmwRaNHU9UUMHzEbZNCog+>Cbrsj;1L(#c3P{VNv90uO zr_d!)HE5D5O(ZiBLnAYqPNgB7ilSX*>7W8h$H$eoInCDYB&@9^RM8?yq!=LuG$KR? z4?59dI7sR#?IeD!jj5QJ%*V^xbeVD-wJF$>jz5NLWY!&|H{cT5j&h0aUUt-0oh^D_ zLp(g!OiWGD%d#%ctkqoB6%1Hp=HD2B9|OIPT1qVBI~|?1kttd59U><(`>Ma|Q_9>m zx9<|s#TKqS+=}G_c?7F>X_uoA=RiNajI)g0@1KB8ir`e5M-<@V+B?-rCdq^E0Qqq>$&>-KoEeWrgZ=ql{e07L1wGM z`rEjMTftxQ;)|30sPYXNc^B2bhPWVnMpWPtD$f=+M@Mv>eb}MR=SsvKu&6^vAmI{V zx=widal}(N6=R2{gfYN8=N73ucH%;o3vUK+$dH%IJ%hDU(Dx(Q5o?NxZ~m93lb(6J zsO1@-)5pY8O>cj~>d zck2D2gx5}^{j~1n#E-k++|TJ`*2%lSCg7PN>6zUb9`i3)>d_78rm~v~bi-|Dq#S>k ze5X7$QTu5UXQR>wF(FiDdVZk6*(qLdDl`xq6078iU*RisW7+8}49cdQ(UP&#nCDAL zJn3VftBdopA>VPSm3c?AgcY&v_c&mN8Yu^|7x)y!T{C;Is}QBuwEiX8M?lz_kh z0AT&M|H%Krbc6UWrW+K({~OayYm0f~58e+7>0;=UX!HO~X)}84jvOBhep`<(cI-`9 z^bXE5*rSdnjOZhJ9H+Mc4YG@?(|7#?kNq8Lj*#-@>aUiTu8y|AQbdVhd}S<4;5iM1 z@}!AEJ9Dm?NyeLYYK#W+$JAuE2w1`VBq0$?4^SH-ni)}lMhKVY_sB5d5(~iIyw%rc z`8mD)oK2Z;+%ve8%!C1Nn~VvNktY6QgkJncMXGkNnkL}v5m#5kvm7TittHJ`niu=u zn6hlc0*CX-bLlFX99kVa+J(6yJU)1B`J|kZ5g8=j;H=?Mldgr2aes()-t%kO0~Fz2 zgi0V|b`hs?#fB4Z9~H()B0xcn0w=Kpf+FQ{$Ln$mV1rnX!VCO-RYCB39BSR@3fp%k ztb zh#;bM97rHiEAnR@7Opbh6JX3+;`0B|xK*H_SV>TlC^1e^qq`(+Q-nPAwO!gEZHVf4 zGcXKGDQ@`zIha$ZR)w$BAn`Azn+)^+@0o5Iu*s^4O-o_z;~v(6<&#myez$|Z9>q4X zW`vN_@E&IT=uqUQhX-dp!{Q>c>*1njC%XT?GTm%^M)$TZo0q|+BlQMv-{d>P4+WHX z35&RC3mHnR7KpMgfI55DmBQrJ*UQQ6_x&6Oa1^S;7rA2cKXrXx++)Ae7W@8;B)Fa` z6pW;z{%rK)U`25erx~{Ji0nhHV#|6Ei8G|Kyu^wIg{R?dWcCTmQcKK9}=|7V`v*LAw>R`?;H37<@wbpG-GM|IKu>_Lu3# zi97296&3q5R@b)H^M&(aZkNkE_}9vln*1HaEm-3^Z5U|`V)mr@cssBTuNre%1zrga z)-OmCVr^X6u1XQJTRY>^b0R^UJf4k#ihix+!Se^Ye}{L8O_{}?W6fCr0RZs-8@v@w z4E}b=vx(eaXPJBVS1HSb>Hnkro&K;YN23B9*@6G(OgBzXSYCZqyFW zuuIS6ZoB1~#_@Rp50K4(ass&l@c`*K{q`%X#F)_&v^`&bYEG`kLIn!n1H*m zHUaf*%`Wx}HL#b$rD@F$6T%g?5q51P-xOPRZ{4&Y%PZqUXNwd;v$pQpB^lX4TX-Rw zJVr_Q=q~a!7aMVx@)51-@7;E8Io(O!?^l-q|Eb$nG%>UIb4T@$xrJER-NwM$!swqS zmly_kKmmlHZ9AJyf;^RQ{~=T#KZGzz!Tgy@mbip^vi9@6&-6a{n}PwwP*H|^-P_L5 zjNyA1aC%XxT-q4~b0p5>&4FaiO1fi58=Py%UVW|&ggs{;hVWyHp=_;Ng2pNFlp_zP z#315_Ee9Fu3__!nccc%E(nAUrkXz@;pe3u~w1#AwyboEjw1p7kR<1gSz^ktS0zdg% zrC)UNJ5u>aI-t8|&;zvA7{O|AmPpKO(Bh^ojGn6y2 zy2k0e_~Lg-7c}@(WP?NyG zq)~B@;#7+a%9922c6{W474Jp+w&@Yo2dpPovZp z@kEZ4hB+C9Q<{)zwlaRmF%g(u+!yEz>G8JBbDaZ5$O;4gbsuu*TZ@5#HIlJtT%!+M zC{@I12dyJoK7(3;)Gg`+Y+c4v@wI@xz%^)&98pMHNiA=yIYsvGmpnP{M$GZ|Xro?eK` zdpS^(NKaBK5q?;9B|AajwF7da_K2L z&Jg8OF2AXdTFI~9VT$W@*U(`H-a zF!Ws30}W)4XhBsWKUNOak%;6}rV^n{+!0U69_-TNBt(_yg1XX&2wh}V8((l23e_=$ zf(YU28?Y%NeD(MH<-yC4hZ076TwyKCG zp307_x(&dV7@p!U??6=hbik}YOlh}cU-tvG0R0+e73)$GFDers+D0o*S3#CSJgJu< z-Kg}{Kh>S^=o@9(ZKMZQvZS{=n;h1tBcG)gH_i%2SpD3$_a11a;yK|O7e46+dPg6I4 z;G~4`nt8NJ=HE|Qv8l+@Esz5OA-*q8_5f-7K^B&aBZd+V6RXBnOK^vI>Fi;TC?RbN zXD7Gl@X_8 z7vDArwcZ;&On*wqEc#uW=^-;8J-c1ew-rNLFm)UX7>KOOu-Y_D!S1I2hq-qMutZz7 zMboxz8qO~tFbwH9)avj=iFq)6E;(B z+yFZq4||3T0h>^L8cOIQ&ss=TPao2kixNQG@N+2H3xC+J(N^9T*8vn=0STK;1Ncwf z5paxfU;LITe(R3#f70E5;R^pds`QEj^T7mtEi{^!FDX9|Xmg2ipWtv&X$$fppgutk zAq7*etECuAWKa6T?+AphS{lu+wURJwCm(#hyL|!Jgz|-TqImL8*BauOu#d<8){3sn z6I&CrxgB=KD9Nv#DhU6ec3Qt1O$c%c2dkoR{QGp-%IY+n{Y4oUo`Q5X3Zxy^x z$8zA}fc$J|iQCpz=)-_~R2>jUj#TGfaZHxcSB@(;$Mwjz%?gVBkZaGXJ1^wJ$@Xw@ z0-S1z@(^RoBA)IjR}xF0+`uzZNIl@t?*UQ`=V|)oRk#j`>&j(;xR*}nRnM@0jyN%z zL9Va-mK*^8X~gOOsLDal?023bW@YAJre|U1_TTg~(Y-(aVix(TEiG+A%g%ABz>C;n z+!I290)+>>US|kMG$Kw94d79S=kb9jt)f&!44g9h^iFv-Huip51;p5A8L$sQ=cjHC zr64~HVsQJ?EUyd`pCuDl-CI+Z>$Ngh^(dXH-+)pJWD&=4ciQi5e#5s23L> z4j4qWx-*ZgQ~SnTMnUFp#`Q5BM?$YP25rgJ=scU#VDzllXlnGp+P(`Zbh1sV4Uf=v zoSvj(E**H|WdD9WOXfS%LrFovMR0R9+upOB4$=8@XY^dTa!uq}oDe1pyX);wjHIPLRvQZ^?dAH=$3%hc_Wc59L#pTsWYK4(|Ns20)8YSu=!IRrv znnP!rk58A+@IL@PWIZ|Bo7w4F+evQV`zNN}jg6mK(>uMt-rn#5Tp+xKd%}FA2;@bL zoa0Y%d`l+)E$33CBY)CN(@vHQK}J}n2ThjthAUdv5bl5oJKK#a(j|Iii~X2{=kxCw zq}o3jUPat4^vLd!bfAQ|=nKX71()j%M|MQ1PhDKVj6TFI)ko07L9Bb|X$YIBW0@yl zK+qDWZZ~$hNS=)=Q&bH#ms-M`>sml#A+r5hVWVjRVilaUGP?p2beLlKy#fiD)91~N znX9Rn1y=+41LnA~jL)^d&*Hq37|APovPHp>n%ft9mksRdG+k2|N9e3%;0!0diFk&D z;nH`djxlT&%eT;mVltvI(#@Z^{=WPF-daYw^64N&wOo3Rc?pA_K+wYq^3 zeF{O$9*A$^CnQRAk4S`cUE82|LVaDm$xl=nbDp!!(}dX)#_+JsQ0Tm%3R3$-9&@e>Jmw zeGW+(Y^@%+NfXJ{?Ck|obKRkQ!VE4TWm@r zC7VHu`4FI_P5K-9EcK&Ywe{q~Wpt#mz@*m6jTDLlxK4nXYLPfpizU7*_qB&IKM$Fv z`&TU*+_>e{)FLW}z*ERkgxuZG`?ey-xj>&g^*die5YmGR5ap7sS0&O^<~z5|quC4w zT-a)8+rq*U*Jqn?L|KD)or{IW6yf;9C{R5VRU>du*~y3&!d< zZ_V3;kGeljR z5x8rVsk`UVJa2eRj_zT(#%5*PhLCmwbB@RK(^u(;EKHl&sbo?6$Qv&sh@PZi5^b3T zK|q~+{ut1J1dk^~&xB;7ys=t=0ntNnnakhNMt^~Bzp^12y@)GZY&8qz;Sf`DQZWET zw0*QBK{Aw7NAsL$_QZBg8dynI6Dvj=PiFTA(JO-@ay} zDv@mNR!{~-z_V|Lr}3zF?DB`uOhhcF(r+x-VJlx8$9l5ocG+yGAq@gq?-xefsE(#t zq%I1ac6*1h&8{5lRY^KW@ZG*ex_B%80pyJk^5nkRq<#_<0lWxp6$9XF|6=P2cccd} zmH!mF045jh@<8a~fak5U3j{ERh>>UqLnqE&br292FD~8Nkig6kE^3c-igcEYnAuZY z5)PA{dkCeOm<4^)ny{SE0msTvbm)qV23YWcwjtcUfO3V~AndtB+CbMI7NHi@9x}_X z8ssitRfc6y*8C>^1ymaXehA2w@Fa4hI@TEV==dVPmR(|j4Mh*9L;V^Vr(w0Bu+U7n zx|CZV*OzE=QyJj`XU4h*dPYx3eM!HY7{___i|(wN5ZxzbI1#8L7EuU(&$+}K{)gzB zhRgAqx8Mi)%j)8G{-;E+v{E(7lcu}anURV~iAoNZ>?}`}sSN=l9G}Q5`a(}k8>JJx z=h@vg_=+HV;1}r*L>CrL5X?K(!PlR0>$Mb&wf%R@@&*1UKE6NylK-2q@ZTx1-(wCN0Skr?#_Vj`*h7ngR1 zdo8_n7EnR!@qsZ*P=g{tk*`_`HsAv7%s1mv5>HCb<|kz46S>O_Y1fErXD4~XDwlle z_o_GGBRv$0qu3sWp0k+qy}%#^jB=jJi1@k-2ZS|56&#Qn_c&%vz?Uat%pn?$gqdq) zuUIn(fm}9UxrDhSDRh|ivw^g%&18+n(<}{8t}VFyEe$}XF*ClbBk$mWzIxyH3&-%p zAChT)>6&%$qp{0oJ4ooIpeY$!P)!k>RLbUfMp(HYOwXv+ z&kl4eJmHTR1h=$fkVnrS>H)?3)D|&FsWld&Dh$n~so#QXKcQ%Gu#DN!#c;UCjA9jA z%dczk(zE0zX+IMdf041i#hJjIO>+O~2*?c0y~DpHo`2-f`yU+Pe`530{x2#|Conu= zu&#l)xV(vixj4n)goFhYVK7hF?23W90jQ6?g}l0q1*8vMh|7#@l{j^|JqU#>^`tZv z{YuQC5dr{KA_^APZWzN5f;d?|X?-Tq2x_+O1`75?T4wUZSU%9;(*Hx~$;!ZVf^>+I zLYAYzd-iCLbU*j_5nm@CFM)wM(92&)n#%r5m%JaPo{@=xi2;z2nL#o|4FgjZLlqOl z=Noo{G59R6D;&Y-Ko8{KI6cQ!;>R6->!b$gpH?aSsh5Ad7lCq85SQXN5P=`v{<=Nb zewzDvYI%B{)5jCVAcSB)&=FP*mL1lWe+(6PzGh8-CoRg;)k!kPoi3G= z5H61&M_182*$}e=^WTjUWvQ0mhDKWE)pQLZOPk*(BIP$m{l(J}s@RwPVk**`Oku1! z^?%pvG{R`-(#gSCTxsV3Fyq+sq!v;O+?bFWcs20Lm~d?yN+}lpF;|f6a7bZ?V+~EJ z60mG6+~%p?k{513wi5=#Q9$1zU&X>aYD&!!mARsL5{e3`3sz6VtAgK#muUO1PI*e; zxQ;K;aP-+%%pwAi`rd~D`O)M|GfY~c^rC*~-`hq(3YTdHvxzi2YxB{E)%P$K&48JI zi#=E_o92fy({jE2 zq|AS@LP7)nQ(yE?%l(}wtrZH04?(cJbBP)O8CU^PDx+s+1{kE5mqBM)*cj7TuUTtB zhWQ5gox*mAn1Rt0DojOd^Lh9YOgF;VN8QKG2P_wtRQZKOqFg9gSjR=?1YX%TC73+X zHVqrC(e?aca>~Am3DXL)QpRm4wP1AB&)7-nJz13DFLWx@l04H7yg^(vX04Wm7Df(iCTPCr#8yg{ zm9!=biAQc6d_JjfBy>lBN4XKlnrZqdlTy+$(;wN}uPt9XI-h_meQtmpNh>te9z6kldd#e(D=fM80AA&ljRW=(w2ck-g5{%W=oG=r4*x z6IT>M;O9881G6U)C9O2a|Gnd z;crEy!H^B1A3)P)Yy!mYB77l8B`GmjQUIL9M%OZw&WZ11cjTot5Rbsh0(!JDnakKF zQ)}R23k4P{){ODh%#|cdp7?uGU)F=D=6T9 zdi3}&yNg-r9SVo(}!etd<3}4^BxCu0u&bB}SB3RWzNaNM+-5EURkV z8X5;F72Gs}K>DNG^u{7&Fsur)zD}B!F-z2&pFCE@{3#^uT6$b#D(XTFHJX^PpVbIO zmsGD9ImHayk|@bbVT>dxl%gZwjvwRH{T4&oYUx#g3%@@$r<p8<#acJTU*`3^AXh2{ZT zcNc`%mS;lg?3UH)C(}}xwcbhaue_8mh|8_K+{=6i*S6wV%MP_`$RI{@d{7OP?XPz) zfK9aPnC3yi0H=}bN6GrQQtsW`EW2eqlW7~IX}JODgj*z)Td3t*j&k*@b2wx9SqR~J zc5{q=w&~(L$S8*@ogNYqKkF)+VcRGD`ws}1dk8GtTz&yoh~gCF4Fhom>3taTfO=rA z;L{0r#`T%MQ+!uUu-GsBuGXLbaf#5s9O?hPtt>EcT>;w>Ww`r?-KwD)RN$N)ZK0`z z0BKWWV__jGkXdg51wn)2ASq3agP4u8K&iUAdF69Eyc3S+O`$c%ndI0>Nk0A5OO?0( zC*;q@ta?b_n8}wL&hGK7kBsr_j7^=-k0W=0;G3+7O&1~`M$CP-;k^#6sdm6er22~o67{fr6a3QqmItDdW z8Vj^jfTWcrQpj;6I%ta8*x6m*`eO2Y;94)=vz3mvf*@EHc5J*_DQ8udU(v~H459Y=j&i@Bw)w0g**B&LFWzNMNx1J0dyO zF|p*fp4ivTusjbckQ4caNH?*T7EZ^dsmMXfXeRMk9W}yFlPXDB6m(VIiX>6Foa+$S zVj1jMiK5w5P#4(~IFbvTm?Zf)pJFve8}wuuptO5XL8)8Hbm5<%ED9~0$P}ImtO}#> zxIHZHd;-j&vqS!qI(-?g1wyX}$XY4bxdqLs^)ubf=7pW;?{ zeML@4#pBfANeFC{-y}oGSiE2v!)yL-bAFNb$lL|YqGwMjChZnnLUCT=VnE07a0Yk0 zvXpdbqghYms2pB20h;LXIDLRNthr%x%Aqptk=)|ZnonFcZB9veb?i?%l}|eLra8@? zXxPu4m14|SPwxP}Cn3`4 zU$D)d(dQK>t_%pD6K~whBBTCLche6XIz{L34&&{pRzVCb(|l}bKW~C@VLH|0KA>@4 z`Bb^V|3WPv!vx{*+ObWza#;QB{+lV2?A2`>SMeR8?9sU9Fi2#h z%Q;x-Vh#KV*s?`-0+!l7Y^y|$A*QE4ISj+^7H4|ZKM&nKF z9>8coBu(lYoLmg-NuL0lB<89ghMG%?g&bR}tgGX~Xs#b2PJXdb0lZ=#^#^b_g0rpo zd#D`~G(SX!P2GIvBwQ+;y$x+-v+U@tiv0WSx~z-V;Q7oaOjDIeOQr`f577dx;;zBM zKJvvtu`~!FM3;s~?)7G56_23qY4IW#8INO&gYg0XXNIAg%7q~KJF^S``VUz5|J-`clW<>BTHD6vTYgDh? zLV>>=vUc=-z2 z1No$B(YE3w=Uh83D;01#^qyM`JRT_}0wY~N-)2xEM~+}zQHM|@yaw5CR?oR(@OeNw zAH^EnBCk);@TkE)AyKIaQp+Pi854W-oyBkW$eYGwK7Wtn4#>P9>fPS^=fig;W-_2L;dA2Lqw2v&n1@%nF==Qpmx^3EoKfaZkk20W2${is*WC zl1`hZ>Yn`Z&?5m%rk47Oxmop;radttB)4Q4=*~A^2-^PM><&6CnBZ-_aK~qFa8yhT zsD`ASnP^*_AR`n?!e-T6?a(sNgwu{Nac!M`H|_P2XR0QOB?^N9IqIYk6Y}uuzb&}t zSp>oRYdGRR)u{i_6PNohLzpcOX{l7I7rG$3neuJ;qvsNd3L&86x<8;a>xqT_WeDzH z8vkVp%kn1E*?z-2vg=MsChKeZYJjNP;o8aC{@I-sqaAb^VXl$@!VV_kwJbDOI{P4A z7%*1-Z}MbDrj6HC!TK~rw31kZQ}T`LsYy`94k!}KMmGkDSi4Zvn9`qw>>s0S#OaNS zZL5n5qV?R>XGZGd1EmuPw>G1*NZTdFa*x6^Uc-&l5Q0XHQN_J_r4F*z7 zsbw2#a&7pDL_z*c+`_L32p{~0CEjn_TkxgqK_5b^MBVqrCg$I(v48~v^TZV@-KKX` zNe__A2yRZ05xsUD`>cmLI)rTsKDVCr0qqG>Hy7DFi|K)E zNzSnJ#C{t(TB741*&Id>VN#dr5#X=-WTJLiXtLKmeExi*eYi87vo^SgK%f z47M?5C_x4Nk$Yj+{nBFHV{?DI-Y7yUYu6E@M|Jb?<_7Y$wS2#m@yZ$HW;B)3_BiIKeo?jeki1 zztcX!qJ^Cd(ir9{eZJB|`1!+0G%4>qxN4f@IV6tCde$Mq=kTbhub%mAzRY7>qMumZ z8IxAAysPTE6_7(5lolOfIb#ZVC!KjOKUtz|^)6$qO3b3nve-0CkTKoRA8Eq_qK)!e zxf@lngwhIP`6_s0l=v5N@t9LZ4>3%7Flm*eR_f7{V@j!+?)HU1-!f0D0C#p;z--wT z%j&11VsM7EKq9wQNnD0J^AYVlnzdRj04JmS|Y5V@&Y^txNj0UN|hhn!q{DR0vCA{KoEVhl@$ zUoZ?g;4jOr0WS1odV<2biX8=dk|VZ*89ri> zuHdolHZmQOjjvfjZ$R0;;IJNOkL-tL+M~hZJo1S6{rnmMLW8REc9=~3#*F54**yw` z*=Cp(IbBffzCVJ|`MU-rVc$DJb32u9mlBp)#k-VVI69E;xDOgVzJuK5!mcXD@=(1( zTDH*ipw+>wps`=R|E)}NKo`nyN-yxDd>S`zg3|awQ|08H z!|PG6L3jA;!u-r5OleWywQG`2ien0NTD$p9Mz&=RlxEWloN@!e1$?c`#au~Jem*o1 zp2}`A^_+Q~!F>NQJj>`KG!fY|RH>(GdUolA>wMNS&X5&Gau7=&_buXZ9bE=&zmYSFWZB zXH2$|0py;n<2u$35Av`vJRT)+MMdHxzj{!cY>sIy|E*YcyqH5}|5A1%hfnJ$1$A+ENGq9PnYb%jA)DQk{FOtB*iy-79|q z#SOD_ghl$G`5DGB*q4N7+`~13Ei$r`Be~uI5<1|aHox)&6%BCzAOf2hm@DdLm^ompoE5QsP*)Rsp;Ygl?vunfEWG-`AR`0)od5ZN-!T(oy`tNS? z{}nuqo1m_mrmp$_H+cH5>vNRy<<5u%xuo$-zHrt&ceEx|lEgmX} zn3k&G7Oc-hec^Wg%SJjs(GSsFA4@=_M%`gL*VXVi=W|oV3Ry#=c491)Z4}8e*QIF*;73Dpd%| z#rRf-%mr+55|@F-X8{-LH(Cg7=2i4O1K_ZTUQSqe#GZ{gqgS|DzV|2-W8BG=(hZAR z){r`_-|~*~>))A0Pc~8Sc(P@)vRu!gu4d#bzc;MUhpqGBd>`agkz#)LxppPh%?*Hr zMr)(#7$VUt$fU`=J8(n*Q;NowSgvQetF5I^gObUbdBX8tmgfCn!2QWQF_q<4W>3!GWyVimO{(>4ATFJz zCXi=pOpNmvBfyC%!nCTS&>4XLJ|Rr;-S_LVr1H<8+k0WQ>fUPg8F4ImzCL@WteEYB z1O7*pRA$4k<3$KC$tU|n)i=HY0Ak zH^@$Jldg)&6NcP92lAwJZt|cRSGCqy@s2YOy=>l_i-e1O?NnJ|(3&&OMz0+Y#q2*% z-*w%Q9|ZvbaDnkptIYm9y^5Wljm>}0-KezqALPFRt@ZIOH!bh}==Z@+b3ds*vzT;J0Jv|xRS8c=76?vA>7@I-=i)c|C^=mUS> zk&x_~IG~p78aptT%+kO67GKT$3Knn8^oka*Aep6iXGylLXO}jLNw#ft$4xfPm`@f9#0pUKsCG+a_!|BfkMCFMP2G+NXD%{Vak@=0XKX4@P0d5qu5&7;HMWVL zl2VmZrik^A#dbT%97YhG?-bnx_2~1=HF5Rd{em^0z$Wi~it3V0KH=}4JZWeV(VYz( z{1^@s?m4LsBaMdp_5kTSzQ>OqdnUd6%r^rz5(eo%k@CY7^&UI_jUtjlv3^5}CT>lA zQlaIuh677#7PxPORm2tifj=}gxm;1%2kP66)9}+phE|SZ?y9WS#?FSuh{2t#jl2Vo zE~hpDr|F5S)9hHCR8i)p8Wt`K4l#a(BRDpAB;-1?)4{#8gIE6LatLR+uwvUdY2PdH z#VV?NX_j#C4tXR51@*Zz1aVx47XXlzv+Qy2KxVgeo(4P9V-cs}!8=mEM+dFwQVsM4 z(`MdPtjg$wF3sh038qg|WHLB2L@Uw+~wWS&YY7-NYf z@NN-9Q(#R<(a}%G+<@&fuFYGgmf@Bt6^Xk~el?E39}qZM#e>6@Z9->oK?kL3;IgCb z^)nRk8>;|7=11(lypqeoxcc)ewc+Ct^0lVmG;|Lqs|Paku-CEL>#ZT>5lkeG$=!t0 zkeFg&S$Mk1OCZ|lN1V{I3835==bZm0cKC4I> z00K^;I`#K0xeSgdPkd4oZmXIuV-@%1O>7JVIzKG z>@V7qk;M~tTuLLngUHa5eGkLZ1bdX7V;FTWwvp_2zvY3&*PUs1UFW9p$QbS9>V(Ii zyV2X2J^+M;zmF10;R<^LrRxk~4GD_g-3KZ^LXz5*!TO9qMwvX5uB$ghdv~hX)Ro3k zCL2baGJS#mEZeniNo_J*$#)x~jZ8^sohr#V1w~u~5Y06g^sFNu^faMu3A-yA3%!#Qckmi>L(+g#o`jsl1Hn%l>N85CbV`F{ zxjyaV>Q{^wJWc@b0TalJ0$bvNFHyEwei^9t5W*Vl&fQzJUr@i6oOr_5=D&%)m@K|d zWJFhj0ueU#z@lzmLpWMzDqI`SVNf7s_7G9Up`j3SG%Gt;MV@2?s0s>Dt=yEHi>3@> zt4>#8E|AJrUMhk#=K8JqaJwX1lc4fcGOn=X&YFRx^NEY94ihI83siJ=P4Mi=Jwq&( z@s}mX;wch9T5;#naVrJUitb2)5?#`JhIM5}FzFC;$_bf0elZA>RovUMT#4#?2^; zCeNI&QZ>I~#k^K6fmoY|4j+A7)OsQ{+JSEnV}%6!<%kO`YH+YhP5C@~Y$bA-uwew^ zOPMIe7NU}=&pQD^WUov&R1uV)0`bI7CD^32z+ZGa-WS>Si6*{QJz-7N7Gm5eKuH|L zEi(YZy|j}|txqNnmRU8n;)-1#7xm2zpB#BanMnwmIZ#Ao_XXDvkDJiRkyC@Rk-0XO zL(VCSqyRi&Z9~G)zL{b&GorjoiK*|gcF__2_5`wc>Cn=S>XFhh_gP2MvnuIK0cNP> z=p)zs1Q!!a8Ma9n3_Ai0=TA)KiZuOjRB zfoX&5l=9yr`jBu{Lc2MStFxgRN(_u-OHezJmvY_xrWG8E6Dzd$cW|5;%<$|N;g`C|#Bw!M2*=2{Ng7|j%VAhoeAqHA+rrBS8 zM5kk+b*qAwD)lr`a}d>POfcGCQDEDbQNfP|!(wQr!C2 z?85$r1fNj*$!G>Uv-8o!@bNmQ4>HbSO?JO8?<%?DmYu<}0*X$6_5+DPwpqKpyHk4= za!c;@H^qsIQeM9Dd|9~?D;*9JS;M@nGU+l^0V|Ciit-C~$iYpYg!z+w8O-Li))UtS zIVPxh95~RT)_G4FS18}a-g73qs@GGRUZul>ZQJCF?s?@a5b;r)Ev&$+x zG`_S=3G}zSHYklQ@8ron|6XPnU&Ze?dU~i1ZJcOPelPz zabNw5008bkX6gTB(mxYbB?$*)C5%riJgGEEY|(i%K7xc`Pk`89R8Tnzl(0e}KNOVm zd51JON#nkW0xnei7v+V_mia(vBSI0HVmr7q;VIi)WoIkLQVDL6kFU{hQq0I>qoZHj zuh-t)Zy(X_*D_yT?$|wO9w_}kDG((EW1|UuMui*rA`Kv=>(~bQ4dirl>lsv0)H00q z>S|P1XvArXR5SE!lLlKMriLM&`9aVPToCDnY$$^YW%FE8AE_-oSi+WH_L-R7GB>wF zcBFhuN>zmfno)cc{mBn0UoD2@Cn%+AnOEz0E;uaEO;>Wy$~qNt^6de)tMY+zc?>di zk^Rf6U=pDW!dwOM=11aizS-3|DSlV_bc!T&mv01F+QfAkNC+1iB%za1)0oQSpg_-j zOaKbgCdkUZM^#;1ZPb;tEq4-t4zq%gG_)~Yg%xnGurZc00xK5NLGJ-SAQnTbHm zepg6}6F=-bbJt}`nXDY??AH-2;Z$oFFBS_8WPW~I?UbKb+i7AiKC4U_1hIu=N>YHR zP$&huX2PlvIYGEKnwg^%&ZaETjJk=Z_|U;ECUk)ioeL?4<>?e#?|As z=fiuSF&t|zR2&oab82}deZ=5M9%nHj+ZxWvX}0SYveHm0=`t$PDZE@c zTaKcnsWO7I$poZtp)2FFCEw%&+w9^Yg-N9?uJUJUovk~&FtG}y#-ky-XZ<*JW7;)Q zY0`SwN02N1v2Tm;6dUyrW<%MhXPSjtl)#1~#j$zqut<*O=P2Qi=ZAuyna&Q^2cmU9 zwUaO7N^OW=UT?Z;E998$#kzR=bY*R zPBSXbgEH|H=G?^QF$~HBSX8NJLB;ZeYo+>#T@?EaRw#FExd?ON-ANwqFTApFb=TuD z5^N9zkb-PQ`xLl1CWyj`k%Vm|btgMFaFL??{j|MQwjs8XZs4S4aT>`Toy8W1TE`1K z&l2*A?K8$20-SHN0-kFllM2|i*)0=?PC6)$0x}flhCp65cTIVEf+u`y&?oiaqcaul z7Dj06O&oPws8U1I#%ARg*NoIOwaUD^&1NiTdv;G3w6Wi}Dy5p@3o*u$KX2D~jAd>gPBoc^!2)X0*2A_hqKoNL4aBJ?7`{bt z%j7-9X!X(9>@k30^AF**d`K?Oi&n}jW){`vfsmu`L&Xoce1MNN0{=Lrcr##etL4!K z2)6?1R-{emn@BH{5%X3iS8A_WClqLw0A&#Ufo^jMv&RR&gI>^G0o}3;cu}n(IXZr0 zKF4|naAhCf+O5r)-f`M~sWIW(CT9L5|10((lOqAHMJ)e(Ia{88M;*2>+mmv3^YUq+ z=@lY8Ab6JEbf6mg0hAl~GXl*W^W$hdWD5a3H%M-7{KQ%RA((z_*NuW!JK+c9A-xWY z+u+%Q?3hMPx7e3Lv98R1iGaVh;MYTgo0}+z2jwj1DG`d6I4)e_G$NeV{w%y{dl*P` zmx#vnx3y|e_FJXoHqp7uS-%ufLQ?fuv`eK5PO1vdlfLXu0s)8t^~_C~mP@-}%K{ON zngFNPYh=S0@vgwaVQYQ0yH7J3@_Q)x(L|Dw@^_ZVZ#rw-k~Uc7riY7e6P#lc0&w@J zAqe-618%@>gJc(o>9h1rJ25Nb)lSw*Ao+<9!l$Dcq)XE(cOyyY8!3GdPh{$ZoM!mM z22+@kUw@1F*h{auH(&q&aY+9mKqwd)INF&xxc;%rrBWr*8D$amt8-Jzcoind2U4&L z2t?Eg9Z9Z~41q^KW`V>HJKsk=c#{z`Wx~qDgwSUVo`SZKwxO|d8|vq2GWP=x=@8Cs z`SHqp_ej3T?Xxji`sM|g^I*Nnmb?9Nr~CEw*0$&Mlmesd*hs>3 zV#IGd!;UqviNA2!#};=nqQ;H+y|{CC3j7ohD~5U*vf@7G>s-nFlwLypvY{3t&!<#5 zSPCM~)qIP5iPsn_iH|XiMXcApJr)=gR9g9hLK-a0Wn@%B3yw>#9f?UzVqJ=|HR(k< zJ=^H{7k9H-8sTa%(*!HKS?B2H5tpwIOKzU7oU^6&vWLG(dTKV~sMueA?`O)u^VQXO z3*jwc&CIiZ1P&^MKOBNTf2wg>DKNa{K482K&E0kH&Ce@5<$*;sB zE8D^obO;O_LF43!1Vte)>X%l(O`vgM$KnjiIyW_qHxI`R*6HG(;n!&D_%s{rd#s9@ zb+k0%QKtn~xj~cni9H^wMD-fU6?aIS4NT7Wh#^XViaSd{>mN~8=F)4%VA9Y9-N{tt zWQMVV946$C+(9%ShlkE(lXit+Y~O86W?oHT_>FuWOUHEc3^)sNf6R5P2R8@MFbM}nP zXrokGQcGP>t4m#Q-xM_mNWruRv0W4fHD1cY#^sOKR#hLFee%;<$MGh`q&$(uxc3v6 z=UM?bGnpq6te`7eSd$qe3yw}`-GhUl8(jj-YDY?|&``bmx0T+3>BWLSDQDD2&G?oQ z#;K-b#LY7-=n6A=4cHrLGHQ6TY^52xCtT%FW& z)@Gpsdh_BTT-a0k5b~YbAy5&I|%^1LbbUWz8OzIC|2SO7m%`aGt$i@)5(+(lDEil<$@)6x$;(w_hu<}&1>FahO zi0qUbkF=-}wO$+8spuJ8%`w^v_;j9ETQ2(&@Jf>+c(6VRql-8_a<~%QxN@ClcBlAi zd~hPYAtW%jqwEzAMvoMpv3RB*>KPQ+l{*eGSWs*FfEz$2cdP+}s_NlaDU2cZQyNv( zVp7B6asS1i%ak(I)`4~S9I<5z1O#OxKL^_H!x3`KJNvYg#G&2F`hN4%r^x?;Q(_N= z-Vfmm4T2ra((fv};35G!cW^#Ec;*ybDvBh97cfN{U9txhIbK(p_=Kag6G6te1VcU= z+AKKPtriSgR^m0#)B>uk2L;V;{4uzB0`43%?6n6z90Y8C+09QwATl>Gc?R1W#`3f* zwx)R2Ca2XHDjc+^b^v#4?1$3@R%g|y5^HFof+|{1zX|`|-6Q-_5Y0)D1u9CDNouow zz$eWwS0VSb4>Rq8seN`<5AK1P>6lHiwq*uI;DUE6{mZ-t^k?~brwcxO5vF(aJH0O6 zQ%@fHq%m15kx1-{PN-j?{vYh?3`#63j?=&Mk=kR>u*k4fYCLtXufD_n88`LNV1xgf zfY}55=QfzVy_vO@fVH)`nbE($SGJ6qlm=o%36w#^^g@y2lT*10imbOe9gAR$D@l>u z^V1@2L^DxmR)FYAgU0U(X4--yO)*91e&+1_VcFgFg9k8UpQK05#~>&N;VH|+FBg4F z`ZYs@a+yioqNdwT^<8LoW$ zz{Fi>i!!C!hagHI6UX->rO=fV6VmC8dkpDJnmqo4d&QNLY{8(ZU*y6v3XHWZU_nqD zKUK_#$^cHueinjdoo8WZrDthmHFH_#Yn{Py6kfS)-FHM=m2%_E2nGqPQJ;MMt<(6u z?dpRL2mpW$63c- ze6xfgi=+r$jzjo?>$11FFM0*HH(mFwRyhCE#5=*(iB#M`=_xLCVv1{;r=GLbdi#eb zXifM}6r}H{D6$E$v2yY;J!q`Y#G+IQ9zE1e#G>{(QM~(JBEo@$8>Y?Kc;7LXG{}br zTvVPUo%Peb)L6NvvDihbX1&eX{Y~;!j3WtM-t&Z%mq*85r})lWN|_II=s@6PVB9U- zV6X%C^dU<5vItk}aPD7SR+u-5^G)WXXiCQH9a2wm(Kta|cGs44msr8#^y9Y=pwQe17Hl<}?402= zokj#df(~5Go`&&YwR_%&4jOH>sU3_gfTM0T|{Cwi=Rx^J?O&bA;tZ&FZgaWub zO||_pBi5V-VYJ) zASoo|6x^&~?p;=|zrDSxt@f98`7I>?{L{t}h2MT=VWenkXQXHNm%my3z0D8j1oqtt z%t;umYUh0}??AD6B12IatafLj;~`@qCL(WP0A>3$a%$2)LwSPmguwt~pguANIvhN|3Mv*3kiH9p34@V=LFnr1g2mIoR1nbp z?WZRg02sIbzAfdT|FoA!$?CUgW}&BVVf42bIEnI7GRSf$+}6e?ycz`rhxUTuC6}@% zeWXLMd4zlh@Q60D^Z0XD zLhOOKSy)w_J(iEDYxCU1mAosb*7JBT{Eppsg?v4pAV8Gp6mhyWDS~{DlaKAjfrdOB zCs9u{?mV8?hJKY{Z`dePSHRFHNk|*5LUOrAhY7ok6YnknhNbgVYYTO$tx&Z#&XoUB ztf*cdM>;{M<$aISfZm8hZZijBULE|J+t7f?oXaeimMWFUJCd4!D5%fG4&qoqKMW2~ z>F&BN%bJ{Bc3FiDpLC2cwilrznGCj!M^8T|fI&y1S7!B#b6<_`igdCwRR$uTg{Fo? z-V}Qv$Pxq+^Bwhmqh^?uQ(gCW7zPI_^*1Ky&t@FjRtzR9WSB3&LZu9u1@Rna+N;{O*+7t%OUN1lq(pFd_`ovM_2cPN=&nbS)Ct=_Zq8o#VeMnL+ zCHV_5Qwee5NGe4#Av3D@JckGd{D7x)f}l`2J^cw148*5Hb*{n<>WhRo{rl0SmRjMc$zi1;y`v_?KGt8~(g#urST}un;i+bRmXPlbDbQp%n5y zg8%aZRJOv$P5+iq|8aMS%J2I1Z{s;iGUGpi_z)_VA`SFCbm746fZc52*xj~#2q-9y zI_RXB>Lx}eT5i|5UI1T9Vz#&`@Y3?i%EPX{Q0wUGNd}4vu-%FFY1}*g^ar&j@H|=CGF}t8k|J3?}JO-f*h~= z0!ETP8paT|sMt<>x@g$WIHC1ysI{-2GDP}HlA>l&IA~Xg(q9X=Fp7`I&nszxatY@X zM6e+Vd;M#YY6N9N=Z5kbS{v}t)Z>#L#sld>;&Z?>-P^Jrr^YX?*<*rNK; zo%wzXUL82_A2_&~j``H};&TNB(P3A!awxOt52r>+ zNv=%WiE3Ms-^rxIM+U-+Da4XT?dvuM&nd=<F(~7Zjnw2>F#c% zyOEHR5T#2(kodOu+>~gowUr6B^R`Nv<3QR#6l8LsL$5gFN|q zZJ%xuNpUIR6EW?Nv)gBwCyDk}rnDaBCvhd2E?!)mCk3#|d8X&qifhYfDTrJ^9x=+) zvwHW_l``WusiePDh3Vs1JeOVc-Evn{WT+po7j18fy&n<4Bm`r?Qs zcCOBZX^rxM?86~P{7rsAkL9L#{4@x`a^dDSiT62bVsz~b+8LA0_?k6iPNs4H6UzYh zwVVO}6I4>Ea3tJoO8x4i@(wuj4vTs!umC=3>+4gSX7{t;ZA7jR=*zpJ@qW(v$@B3iqIG)mQRW980?(UD#jIp z;lP({_w!ys^pl%P9+@w&u;lSR++jbDNQu&OG(lL3gJU z0%QYjM9-@Ys_7=4Cqe>q=i)kC-n0UDKNAHUTkAvZfUJXNvxjQzK}RDO-zzI zMU0lqX2^A{3#EaZAw5f(WMbTN^&~`T>N$MC6y-Z5_^SQswW}dDoege?R3qqEmjZXX zqUlmm-uP)}CTk_CHWlM5+xUJ%NIJWa?`De^EYV^iMw=Rkn53JlD$?7&BkpUvA%uIg z@6L})^WEgVhh~=fW(Cz>WeCc3Nx{XbLqZXiOe1AzpD>JwZW?pfs`B6LrkleIDn6U( z7?Yig9^O0nq|q_QKfJ(|)%#Fu9yzhkIYXiK>Hw{doDetB-h&%fZQEgJ7L-OiuuE02 z&+aOyk}fYqI)qexoRlt|MyBsUA%6!uuju{m!X zsKiuMv1t?uhnBqCSbp~1#ioCjb`aV-EQ%~x#C%WE2O~>PP8vHGPy}Th zR!xkv;Z{|f83a#VWy1R}_#4g=eVp&#@$C_kCsBamar()IfF#2DlRLF3l{{Cc^*ww$ zGb=^Mj1@n63%xsL%{-DyuXZhVFgwl7B*RRpr<0x}(1_J&tB3w6sIwGufmq0>^W|d# zePoAMQ|#i-!#yo06e)$T!vk>>U4n(^Y>+gvCCz8>&C08R-Dob@=|maCJbr?cS=+6< z11tF$wv>t0hQ6~eVT1a|m=}teFh0x%wR%GrNZ!c31>oL$+HYQ71e8UBYws37LdFa2 zpee_LT4@Dmv0We`Lx;{eIl=TZo(f5owNj{y7ocrwaGw=GYlcAXogf}zRlxO&gzWfN zEh}*wOr8^^N)&E=pd%Tuv_7rbYD%%%wq%a%t;Nf|vJZ7?~j332#F(1iHgK^cT+IEj-8JZu$q_f5&6LbNH(3X6m#`h(?go$LE&ecLMNETbjii3Ok>-| zZCQlhDaJgw7&oXU=2v@4^d21uY_p%0>RBXc9K)Qj(?oGNC?>zeREKcLhT6(NdO_}{ zCj*^uj}gegx)aT7!@mR{Km4UKVIvy+(dOctpSZI<2JFL486zy#g*k)D+NBY~xjBN< z!x}D_<42pwS1?iV^VqW0tlGPNXByF)p;q(DdHL2jSLy?2{D&%Y;_TvYVvuRN5x_O z=8$712=gt9vy_nUs+k6^`^z>-2sT3b?%*$O)rEe~ZH9S#^|fHUa#qRI_KjfCl*Mev825Ts6*uM`ucO!2 zv4olVh(ZzenkyYPrI|i$b-5st+k5`-(d%%vQAs@uNCp^z~u< z)C8r^XK<1L>x!VIV=tF14&BlN7h&{ew5l|j4jzL#-JzT-2JLuiYIdo!wORBiz7KUN z3=>3V7il%$1sFTALlWf5sX4}02+%-x{K;8bDV}#{Fz{cx&A~sfQQsj>q7HhKv&Hc` zoVoVgu&ms(?`WIMxQvyQn4>V6Nrt;XQzKO8rXrw-vBlL#Kg^Y34Ai*x<%LD7=V*;e z9x9XmwmXh5;srcW=cXA-PK-;71n9pf4Ld3V|GT*)(`iZXk-+;$8~uApomQ;yN;a!B9jBgNqIg2&uSYtV3PWL@?LBt4rBL#gOG0)uG1jXk={-xRyO#6q zA3;DgUB<|2gWqY`&rTQ)C3`90SE7QeP251!M23;LEzoB{b+Y#;&sR=Tp+hzmNxT8kA**NUS{FCxT_3&yFcFm71 z9Z$K#}f(P0O2SM zeam;u88Fmul9=?BQQbV)kPsIHQjR%XazeT|gDQo-zC~KTmb@aW3Az>-P}2Xv&rdVx zDvhzlVGG?Q*ekMI{|JF+n_sar?|F}U0;xi|H^~LPQy%uB-1SzXpbM%QA8mJToxD_R z5i4xB!`6Z!V&Y2YIJg3|$iX9Mu9lDDD})6M&d87;=eKfWZ2#v>!UbXSGTb$b8%2;8 z81DDkq6@XLbKZ&osUv5yB%G6h)z~|29v%MhVj^I z!G4Y>)7*w#tIzG7WFKa=MW*~HuKK9+jTg1B<|-$%Y(_h9&bV{XgyFmJwiGr>R* zo3~EAe^qp0$a(ud1FP}=nr&&e zmUbe<+lw7TSMHZBxUcQ+sQY@>3>QQtY=&aEb``B~I&tn5-?@z}Ci)T8>t9xXPkpY9 zYIk*>vVQ1`d&N6*X^5#e*U-7!#rXz-ktnQF+VzpSmB>Uk(UOg@ljwC7RRiL!Lu&Ef zTm#!TQ|5acv6Zaoo4I%V7h&MbBnb{D-_dX{syN#|wIWp_e1FyTny76i>58+%c$SS2 zV&;3>1L(aC^VXLL)9VXqXmByA{MtA}X54Y8&Rluu!5)QgXDo@g&U^_K8)u)A76g1- z4i5HzIGj_YUs1h7V!VN&y#Kx)0NswSNU1sE`5ptx(t=cuJqy7c={XOH z@iY9>h*T&Mcy+#OWMUjiq`59VQM^WPq<+Z6p2wnCD>`4Jo`;W2->>WAi0+*uVqtkF zZxh>lB3cJW%CjjT3yr$CzV<*VWWtN&z}RErUtQcGDu~Ux({GDMh|wjq(06f#N;6P) zy-t80sc#7fxx>bubh!#B_1W7Fw}g!oVl}h3B)>wIZqY1w&9@$X9Owk`;!N+PBuN3r zbzle4I6j#uk|{0Fu>n@ zv3M;AYpAu^X-O|RiEe@0A^V$Q#R1f09zYz_mGf=DmO^c<8-H&BHFzs^0a>05g3A=c zF$PB9jTX~Py1(v{;87>ObdNq_@mZPGR(%QTBQz}G@M&FSi=A)>R;K^`vcTQWGc0kHe#xR8%^x^E-UmiXoS~t9T)6L`ydim-FC_ro_;MimXRxM2n^0+H+Sc z@9g1|hR7P86~vKBEb5wCC9f=`u*-myog5AUGSfW9=ck;F=t2{PQkT}u7`P3BryWzB z9UeV$q5>AuAh{k`z=X*wuIqG>KxGE25Re^kLaB(a55oj5P^UFU?zvFVuaxvYCZeC= zGuez$UkjHS88O54rgfJYeqtJ)_J~V|Ldrp>iP&YZrbC-}e|j3Ji_8&p2|7I$vPkrF zi^cYGPO&;DHlkFB&_b6e*|c__@W~tqh)@YRTx8Pnj-m67BWD&Uyc`aGOLf>io=SLu z-%uhGgr)uWiacrdsXVlBKPiHb&!9Pdz3&^yZrh28Wgd&|B)wX?jw^jvR-hjP!ms$pc_CUz z(8V=lHKhE{967ho=D+mBQQq^ty<<2I9yj}{?;3=Zkqdbp0H2_lecLzzldx0?KgLbVHjlkfOzCxS7Q2|;R-Sj z26t;SAp)F;8p+~INUF_u5W-cr{9tb{kht-+&kZk9!(mNE!#AJldhp|Xge*T&02gS8 zXnwrLd65xF!FV$s-Z@2l!BFYLk-T_M3cC{nYdzk9KLXVI~CzJXzNB|MReJLKlYh)d#;XO*~%%zhSEV$y1%#?O# z|MaGwX(U-;R+6?#x_mL6@TjJmjOp{f0iw(8?7XpKH;>uS{aZ)Otk;_qeBUn@vv-3M zQC>tO!n3mDx5OWQq{z7JroV{K-kF-YQ7pij^7nci3$G^{ndIl@#hAa{Kb=npSy$dD z*_jqs{y2>@;o?r1B{#A^&)_6L*7S)@X4{FLf_U_XY0Y3#F!PLg06}iZ36~<%W z(a0AQ(0Sqq(N#z(x&{vjrB~=43{nH~O&rBzjlB@i=u-<$bBlr^eIW|GG%6uksGCVm zN(Aw*B<|0GO}0S@T06jA7_{!#Y9oO~kYF`{F@jE$&m!b;a!9GeKG|GW%|W*nCXP0qbz}*gkT}AiRH+G)A!=*a3`OIt4f0D zjqrD4)~L92iTnn2-8`8WQ3E zd@GnA#n$ZgOL?WYfw@UV{qweP^m~C7nB+~CMcowVMk-#!7~m8V3&GJ7&tUXEgJIPU zcurh>mrr4U*M&((l;5OXdBtrqVQ8qY;VNf4n1=!t;%IP)6gv3bZ7b7ik)vvAs3aZV|9D$+Vr@1bGl$<4=Qr?wdX z@X4<*JAQm| z!7ksSrq|a)8Ur}9E!oWw_4#@>v5z#?<6oS!$LDg4|+^{L1 zk0i2f^{jGZI$umubj(PRt_>WTv3z_B`>~bcoxg)q)>sTRSa4MK&da1r?N5ZKT|r&o zbS9yU%DhD}oej2XahsaD3R9 zR!gpAP(v!c11Sw3;e&q9FXo&ON2%|wNYRIFhp3r5rjmBtrjOoYj^l(lWMY6_K48#V zE+ut`*o8`gwAk_rho4tka5=$HXg7V(-aviEuMfj|88{+R zCM1&ce#?#W}jkMxFq?-VWGxyc3hNguU2VP;WN!C7Inu)fkTu4Y z%Jk^gVrj&Cz9od$)0-P4f@?EiH6^r#FAa9yJ7V`<@n#=+z=VQji%Y}HQS330F@e;u z1?yC+ce9pe7c_01N;v;IlkRg66cMaycuIGEu4lw)d?dLX!`vnhW+b8`VWN#!ZjIyb zRG7vYAr?^dMi%sHHkVXLmr|A5!TY-<*a>fgx1p)1j95Gyql=_I<9 zKZua)BCphG2@`OeOh8lc#NmF?E>{^<^TMfMhl}Kuh3&JRpfR^Hqc8Vg?@6tv(}SFE zEFg-6r%jSV<@m&hGi)BV#Nu(a*|{RefQXnt{>@f1z3#o|B&x8#?69c3Fp1kvFlCdf z0vFLq_ceGRBpHUlyokV&3?qy%ZJ*8MEjS8bn!T(0p`xhmR&8k@MhJoE}JB2&zjRfCiNlBvpy=R2S)KM%5Szl^r zcSoBDorPt)4Z?*x@V!PCrqRSZUdX+AU9PRXlIwcqo=H5JvhAa_?j%XOzzfE|x?dSJ zZ4Vl?sLwmYa$-t22ARB65@YVOK#_j1*L8Nu<#mql!i^Yf%-gkepMZ0vW4eMYte&T@ zn-KzOm$Of{;;aV>S#`c5?61?SbudXr`rb;5YufYC*>GV+H0?a4(!zb)b@i)u>n6`N z8^7^_(@<^Dw&S@8SZt!)ih#KRbDOF;h*$Ing zTsy0zEW!&xz(We!&I^i7oOLTtupaTY8rCnvj%5WnenW;ZakaU6iFHIBkGQQ$TjPPJ2S zF`Pm?fG~v9zCg0k&^e?dcyss)z2vAcaM+!RfLCW};MHil6kWD^#U45L(dkhQL1((| zC~Kz%OLn+%OP+`=+~b=GA}ePKDtU+3G{G@O3FzhNT0F7+#e^f@^>q**q(90X_a%Rk zQ(q+R-+3wC?w~?Xa_@AITpT)WWvPI95=4)ARrF;sdxc@+HQ&M8^*2v7@qx5=l)_JM zy*IX(v@D-gH71o$j7{AVGg3q1MCCNuf}p=TNJK}V=gP%Ti+@+(GLp+yS)%u0Ip2_2 z!o3V~05*w9I{q^0zKKz? z38Z3%Dk{&DQ)=RvnGnWCT5?MNC*$%HJPF2=P?dWTh;Ux_B5j2DTMHdmp8(td6_~ z$8|P^F~`VCeZrR`Gf8(HTc~g!M&8J>jFyMrJI29n9=uZyK_~17kn)H zl-P~4!BPcbOBm8;ZRUn3T6FaT7OY{7@9QpV9QR6~7kH`q?^OCL44dMRJNm%5KIj(L zQacT?8myvK-NrX3XAE%}IGec!~k z!c>=xfgiA9Euz=3b@4tX%@g%DUOg#B-4^q)#y#ns1;K?@UWp(`6YRh}?lz0g&AWVW zIR*Yv5(`0z`{)8i?L6>9cmF5j`KEH+a9Mho!p$#6Mcg~x#uu5D9(d6{SY|0M$b8ku ziW$CKXV0f9JK#0GBxC8|FpM5-A859B1>P>_zNKxgnYp3iR8QW`ycEq?;MwMYP!qG5 zZIup~Cc$rbPdl_=J^~Tw4KH>W2$3*L6gu{xW!lQ+t~F=3tBnlfjfB7eHiL&;wcb(q zZeqowr}(z$ioQZ0LN3=%c?hiRbJ$CfdiPfww#K0SrkIIBj2{rp^ExA4Vxm1|i7gM_ zD?h6wrk)5|D1DVpk!cEg@9p3->I4=$P5WsA(MFTPEx5(#>)U;9wPD7zqeu8wtnhD= zZJ?3FFcqVP9528>^R8Q=uYXBT$7j9@ELf z#m_b~6`Ta%^ZEs4$(atPE__!SM0f2@N@k?{pKVHY$eki^y-?g0IAt zE!k!&glA!8xbq(1{``$DQ#a#zIpmrqrmup_pd^q-rxq68=6UN)np7c>;7{%%?)tzSc-KdmCS%bW<^CswKm4y!mz5maS~5Ixz7$ zf}tF_QLIZjV0U*p}dJLH`=Inlg^k(_YL?6NjRVR>ARlY09nuz zsxAw>dTt$_C`iRh9E4eUgW&e@XFAfUh5`HQV5gMvbnN=cpt$1}@z23!3FVyIuyvb+ z`(KfZp@S%4MfR$%yywN|)ai>x(@s(Px(?AFXAfu8NA5Jbgqhc6WLXR*SXR@``S~l2 zzk*G3!I5)StXEZ(T_U{tTwWfkX^T7kJqFZTS@C!<|bzh`~b3a^<2hTwW5#iuc#H9vJi0 z6n5S`sSN^GX;@E5RV-rDwRP1AgYDrQ_Z~CVPE-Q*FUy;%fw4vO`w)DDoouBPJu_xbh=%Ub$&2X4LaLnWHQtjjLyzU&h4&qwxWqB<}RBqGg++jvJ zQNvReF{M@J@a)aVtNU{s@(L{)+qnCRd(oD{h~4jt)3=;gI$<}UjT!m61`t_knfNZb zS~n6ZjJPactvgn$%F|msh=(tg#rxjd5)!?VHx<^!3 zRi{|fXT{PxKY3|@)^pil%$SK+p_bf-)k{E)$ry#hy;8-csU&Tv(=?9*-5FT{PBfXa zD+bn*AvSk**e+iCJXCF26Uww?OwE)LWII#MPXn}^v|tFkUtJ=Ed!Sh3IhitIWXh|L zYv>4zkkIWHn29j~HmF~DD0%J}eM;CuBlwj9U+}9|=n>z9YL-iJw6p6ek@euh5<}b{ zBYuK{ZnY0XOsJJOO|QhM%H9;%7zMvp0N+#Qe@9i-eCa#lZUbtcpr&QTNVt9gg0&>A zG(JMjxgC-+KG4iI=v0!YH5P4&H@Rls|8m+^x(2LrRK?@1)3&)AX=qzCQARyFxpJnc zGWQEaqBFWNtZ|K~HnmLYrW{J?fs!3UC*gb9X$q=uGj-w#Ozs&$1C21vUL99;Dc9Cz$J;K zSfc|4Q?K*8dlER*OOFntL=u({#VvfK*KER5Qxq(Af)0|wWJ&YE}`SD z6!Q?9Ap#gX=lPsXj@8OY+xl%vk6-K$f+{oPF8WwyLmy;S_+%9(OxLh66vtV+{nK@| z;|;5P>#vU7@}#h60x?p{azvDpbEJ&yLx&$e>=(kes^L+Y@kQCpUgvS-ax6Bo+aRb@ zz%^3i)xCk2W?xdj7Q4&g&S$rxa3fA{?%wfD|N0qDr-Fi~+VO$U(g-j8)2%2+*R=zG zAT(BVw3W@oU=8i<*_0(=~{WPcOB>3&S8>eJlt#p{(HF zsKNaX_iW}w^L0`!!b^>g5)}^yY$CP<0j{rdA@&rhdfRr%89Ko;RqWQ`Cn=@0kQqLR z-N(`9!odpXycjq#%?`E=94om)j4g*GE7-c#BCY{n$uJp>G-dE|n#=U4Jq{ac5kw5? zc3GkpLy5urC}03n8idRPhENS!=SijS!|+0%+L#=Ki7hKMixL&t2dEN%wVh3UFLdEL z3D{N3Lv4qd+-$de#rrWr9&0D2$dPa6v+YqY`zq-cu@M;9r?0^D=v$^Vm{GsvK!Lkj zR}vl1=-6=N&j|RIUIy+iFX(1Fd?))@MxH+D?diw-N+w4|D9+~kU3b2Y zeMK&uE9jN&{wA#2`!BRUJfCA+h8~MFT(T`8T*EiQP%f5iD+ts-eW*FYk3R7kLC`&E zKIpL(Q^h}|y=J^zb2T5;>?w!G^e(n|8B{$WplV z_raE1P7BZ}Tt&_gjN5#ZfA)&QyPWW4@p83-cHzq|0+$uUNv{WEtzh#8=^6DHVsG!k zLtorru;eZ_V(4q(T6xiz%>;73b3~U^yApG=d7mA_(+RUEBtVe%z4)b&dU}S>hvd>% zL!%IQ?%BMi*vnh@C%jRr(;gmGi4+xYcggx+lzMpGFz4Fr@J@=&LAO~3$K%6YjbV8) zw>o=7ewb@)DP_f;cwHrooq)r@h3sYQt$kocR*a=?f0(+P5)+iMa#7_+B=>P)C5(7T ziqKa2l^_pKTe4aqq0XBvoqYvVTU*n12<}?kp-|ik#kE**m*P^~odUt7P@s5mcQ0Nj z4#gdc6nCdkoa9gM`}OwT|H^vTyR(v&oOR}TW@gXKo^!I2okRv(X$22&KZ@?=^_Dm_ z0`U=XWJp5mqgS$}aVLx{Gj~OUe(_~7v*kDBD&N156~Ilbk>rQQ>{!NJjPq1Z;&Q{) zneW`5aP5@`Mov-(3)&x<~cRNcmYMHOSvyrLnD^u4r@{YJ1wGx@K zXHLwvP8`zJzETy~?~MYS?xc>!r7>Eo-CpqS)he)Fp3?=hjUR#8@>97T1s`Qova}-N z2xki+HbxnP^k%f;csE%>l`Z7J3v0#4Y2|PH-bAwU!J=27Lln0p@w~h~IBBVmhK^eb zXFA+RS=zO94Q<6n*TaJyrI0Q!8l417>#i<{y@;sSHc{8kH=Oc`TM<|sV<#wVa=y|V zwej-es$LjOKTQ`PWlpN~p=D8tcaJEnf4t@ao@Kptgt=pGUi(f>ePr|EM5XN*-dV(u zvw1T+QdTVEI)&08I`LDi1YnMq zsmq~1`ov6@Jv(kIVe!?&PCy?QZYY% ziZ8Gfeq;EOK27x~nmnoqSGX{{Ki~Pl_M3!6B58&eByvDfu=6nCeG_hZsQCoc6k-CB>C;Kjq)J@#Wo$9hrSunOW&~_&@J={=4w3reZ_c>IH zFNLy^-YLf3_bt?5+En0eydSeaaLE$N%@TfQis+PL7irqO5+kXYPHFzGdkTB*`V zs5yfX5tKujxxqM076msZJsuq)czh>7vwCF}1xj65waVkDTAr=vI zzy5>mm8I7j@~Y0ey6|q}?943@Qhmwx*a4IaYnE7(74cWE46YOwq7mw*a;OVsJp8S# z*qE;q?zYoo%kma?ki5rqQxoW@s-D^B^LOoNp&+4Q!rm;J(mF6#3W$)-6e=l$G=@YT z4#Rw_LryzAqH*y6ugXRoJgOs%(*Qh$$9EeI5Bs5gRS0ruB0 z;L)FdDVZyky^N#ihCg66x34R_5OihA>)DI!s-ZkpqwX%2}Y_U;0 z={$RkS;9U+IU-{%%{{mL?N(b$)A;*vC^&NJ@;w8GwRk$tb6zA#zBRWG{X`s5D9y+- zZVR2SVP96C1oii6!*tGHrZ6ucS81s6U&aV(UH9Uw_slQ59(%ZdBNJxzZ7l8dZ1!9? zlKzIiV|T3AW*Y>NJLaK6E!Q{I+F`oG>KTxQXtJK%jWNat!&M<>#Ej9usupmHj-{HI=m zr8qC#XO^#zMV=a!%8rnRBCC)Xx&yH}g45+UK~6X{d=zvbPXG*=(A9;4)saaJtkf|z zAF|?bRI+Hk#`CB|ywa|xRb=iG33S%qhc9nC=Z@U!{2E-8$-E^jO7NV|g{rX%5U4yG zfck24aMv;)alod57Hh>O@v3d9UuQvd~z~8xEBvT!c2AOOB^RI35qNmE0b|935VXE6m7%hanSJv8gt_HmmteLQ4H6&&)cv+k3lv&%@6jauD$=Glj;K-g#!b zRT<0Ka5}Ax#f$5iKkpqtl-|uzVL|*TJFXZK=Z%{{qz1dYkEkC)#c}2JNcMn6oIbf^ zwkSVH#_rzbTa&dMH>}1@$DMcvl2a~wC%^1d4bPE|Y?MPI?Dp2d*4(A>#q~?pcbN=_ z9l?2+63pzXz6fKL)TnvB+Kg?!F|~WC)QK(HTA$(V-JG3ktF&WKRp?aSADUDz{di!38ySDAg5L&v<%mDD85~zc>3wqL zbP(*+m}pW~zZ~~;fb!&3*Xiznb9DgYzU}a*6Ia=qmO_<`_ev|gJu`Wyc&r^*Yw!@- ztxr-r_tZ)!i8_bqx_mPXn`tEao)Vf&?&ah*UQPQU%bbgXk5aIn)@b(#Zlv-D=+JO7 zwF%mDnBm(LuL0V+5)}Cd=tu;To*}Sgxn@+#t`Qfvgb4exnvaxuSCj>^3V$Dj4=A8* zpEMEHJWp4<(V#_fEg6s4$Y*#-+0FHQEW0&9^m(c>7k07}+C(n*u+rP&vv8HV$+upw zqDsmGd7`5oY^(2bFjSJUc}3v8B8KMA-*>|)NXMVTk0M6uhiKqb!C4fmH|Ud2I8}D z?jQM6u??qYffQ(@LN>NcZ4_X<_hiRgP^p-8gVlCyWgu3&!i_B+|=69N*g_w-yAo= zv#q9|)4lTHm(C`0w%S7#3?-+j)soAzw0+Xwa@V!w=I)r07|*^(TjcM#pm$mlNb9%k zrP$n8s5bJXq`F$}PULT9WQ#X_oHx+BEve|ht{j&nrlUJ}d#rBuf={(g&M{K*SW9Ts zS^n16Nt2ye-5htCH>yb8j!Ljjg|BT?z%7&`$+i3)@0WPutg#(@k;m;lSOSv6%}!su zc$$Eh(HdN?FV3+B#||IYT0Y%wd|+6>gH<`ri9t6hv0t&|YE($04{mtLq&KTzKov+z zKAvX%6xKulq7pLQXj1fvel zd=p=+)bLnuj>?AOgdT~fyqALLoVj7UY{&+oz#z2bL-LSxM!sv%iK;0Z3r<2r`1(8g zNo=xhIhqy@dv_$o&HU#(NT=()QaVg2Q~oC!DHyQ^Gjb)0C%#}fF>aO-?FLwzRq80B z^3V8!3y{gAcgi0?I!|_a&fFf)%`5vQ^ecn44=?A4jJZe!NuPM~;ikO8-KK1b-YNUy zmGC{h*6@(~hD$|)+)3ao={ zJbG`XM%w8;Sw9B2jPMaJN=m$42_5&Y>uj!H%K89gu;6|?M1@5zAy+ws!+PR`e8W?i z?rjetd*rdT7WhneCVKaLi?^ED=KJ&q7q#(=hO_Q5++_51c^(FLj1gjfHqoeMyyik} z%8trQ-CHE9j0oa|(Et?z=hz7UqV^#`$TR3abd_?lzJ@ze7FY^sGg_(>WjWFcypOGO z50r1pg5jR4oBSkapK4yBFOJ(x&qi#%-cv&v!X1A0}nzn98)+ zmm}AxZO|W3y1|PyNBw{F z0y6H2yZ3QRz5)=u0W7JyS)Q8IdIy|_F}+6UW?c1DPw?q#-$~Dui=nHWTea12hX!Wg zd(=ht*4AK(hX{4)!%Jis#Wx^dj<#;UHu;9#5ckp>QJq{*cGhC6i;6(aJvHXZNGw4% z`oz~*%@G3E2aF(to*Lk0MBIqGG>>PAU#TObvq%5eu#I|0m@=nfdUnKOzTEwf_|E+; zFcfdZbLo&GgVyPE#%a)E5>!=j$2)hT-N$9T@7Mx z#Co)OT5}}M7Z#dUO;s26&6U{xb@q)m1=|hQi*kGsJ>(F%=Fh3Z?qRMbl%wg*?Z=!$ zS@m|`gP%m6ChfnjG4llL~pkpooIt^SDIH+%t`KqSVa2n#?|h~Yz6sE|ZUA&RwOlixlC|>(P97qO4D*&Mj ziPWkV-)1^A7blj(fzn%9mJ_gjYmD|uh4mXY#24WWGu;C!<;;FZR>!wn?%(xJwbup4 zOO^%m2`K1|!ckk)TlMTp4N2Rzl7$!<(HP6!18_gOgH>motLeW{A39FM+ryG`j`)~r z@P@%HOIqL$vXN3h?iwn*>geuk%WLgGu+glHxTA(k%8!98o_#Wo1eLXWYh5VXEe*4P1bsxKd&Q9S0%eIloxiR@h@Iax zaft6)!mEyOu;NAgB3V4#+{{#0dEc$sR(M@<)=e%KPjNNZI6*+lZsG;fOE1Dl@4cNr z^tW0Du}NhY*h{k{TfMy|54-8KTkP>G#x4pm+?N2sF4u;w0Hm|5a*euE;sV54herpQ zjt6F6bss+VBakaP#EhgN=$a(pa=*%Ai*duLXdAqGmlhP#!jnuQ*)pM2s1f{SQkdXc z;adAkYjCA!9*L(-aGbvG)8f$78oTk6DqcrKs=PFx4wc+j;9`6h25BFs`;dcMwC780 zqO?7>n!JtS&*xX01ji{ClQ@@q`8@nB7!_Ebr4+W8cl!v9O!h%=l5lTPQPUgma)1@H z*Lf5fxBR2E@ICdcZqtZ#)a%Ln=pz{jE5ga_TXS(Cs14?B=ixQ=AF)b}Vknqg+xQSb zDxpW}Z>{Dk=?8hklj%5ONyK74=2wSbb)Nc5aIVKU*&Zk=YRo_Qljah$BZ(`E*eaJJ)x@EfwrtBQ+ zz-eRGtKuppCvV5PbL{gDuQ1j($2F>lnaIH-qTa22uT5rjXyGb#ualI<9H@!q^2XP0mW?OuvVwNKm-S0(-4$|HgyXL*T-mi}JCYw<=UgAM$lXYc>RqU=*HE4~ z_ID{Ee!4rX4PDa7mStPCoKwUa7&XSDM^fVDEI&q)YviY8qN3Dzr7DKTORr%{TXXH_ z_2K3{!POChxAfboa|Vr}*tOYcCwTQoEsw2EwL0WZJEx*7*QM; z!A=7yeE&Gq)iemiA!uv&aMg1A(As=EcfXRCYKT&TjiriNqtKmEiA|uUB9K?S;#fwh zqHDNxbXaq2(4c>?6lDXcYX&Pidy_+Rfb#38#FXJX(=+Juc@(?V~AI z6tp_iNwhT1i#i(TTIZ;)lBsVO-B}%?31(uQ)m*cjA^CuulnA z?FXP;!>%aJ^xhQMPmAmm&o2rzfuT1Frqt{qZ}uJ#`=*C`d*%lxW;$oE%13gjD995?~!C}ksGZ3?ISShvnmd0nW<4af|S?I0wJJAPJ-R0q#$&@i5ch*qh{r2hDSdye+Q|L z`B%Kx4Nw%>Z>D_SM+Q zF27VpJBO`OI7{@8D?vGWJKtnrR)-)-gV)FgeO|=(HeD!2m9rH=5CMQ1#XTGLn=Cz! z)}m&}*TMD^KC20=mu{jY*+2ulb;D{-xDIV&0=C!jkfb_rTYOy8VTvqZK|nMd7cBmg z=9cBiA(x{gvrUF$XBm+26e7^uucY~S&p`)d-%i0>SXHpc5>)sfF#vxCKb0R+T)qa%SgM=cOl3EMSytLq!H@XDy zmFDC5AD~<&`&=nCfX|`vBD~8Nr+cpm^VJ3ebE)^vwnKh^0>;|>TR+tvVpY~edEX=U zke9gt4|LWshh#aB`SP7m`6lW&6lxr#aM%e${_i5jrqt~r58D2Md*nT4ef2a(SgfHi znS7_};J4S2!8GjJN-?)WLPo3i!3culZCVh_&URWi#BGwcS7Gf47xBp1S-YS$raiC# zr`omtCG~M7LfSIgTDGX{q7R-{1 zMvz`qwI@H&_GyDjRKE1g3_i32*Y_CiK5~<7Jk9RGtnLIyzV#^s)t|jiyUs;gUYNR+A;xMUXu5z5A|X9u-8s*LZUdz z&z~cb->_u@KI+bcUkTiry0@SU)LYu_5+OCg*u1yc7ecWpWJGj-^p zj;68^_`_E|1)lO;v2PkSBfL_|Y0FN!z5|tKKmrOQZ$0Xo&v7l0Yg&>8{b#kMfl}u^ z5P^k-UCdnyvYl5e%8D3-oP#+5E8!j`?UGEq;k+r{3@y$4EzLmYln1LT(*%8!JfI~; zx&^4f=>fTL%m;YCv$rKJaj474SoAQ??S;@vxjXd0asmCqlY;!4qJSVFP~4X2unLt# z#Mr90T_lRb8Qg8@SRTF5iuS}R0LWIDnGD8<{}Kfw#qydfeub^jPw-%kfs2zU+hW@| z0FiZz(`dV@pS^wa0MXrTL@3=Cszb4S zN&93~1+|DE1;zFD!t8^l%Svttur<}B0u&dEH=@9%&&&m9CgFe>_r6I~kfU6O zprzl_AGK?aid<#3OIwS!(!(S2UT@H%oDk6N3{wO@1y`SK5^amXB`|`W%GWsW5XZB4 zB1M2{y(sSH$jZ*}@EC`UE}*_yRS@m`)M*!1m#$YhI14l_kos4!X4hb7u$1wi40NQ3+^31}7gI1+*GRiuwt z5S$=CDetMPblZ2t+`5PMastM_dHrSB<>~`aIYGMcL%_`i^=4RJs>5|`FCc~-h(L;4 zbqOhcbD0&bjsrZ$5~%}(L(Xtk$-s!GD-z8#l2uNC5pN81QcFK+r2}-x8WOV1C79mf z>_SBS8E8EbUQ-St3*v=9CKVCgDYV`1i(rN$A=<&DUu=xf53-cI${>-s-0TF}WViGL zkXuOhBlIPNj@u}a8jBdnJ6)RUtd4zuk${KnYzSh7sF8GlWPzWvM>eG6p`r&5D(1RD zpA6W`S`v|Q1V{v!)A@%-0AM9|x6|vG%KAb3hri_U>UC)NJdO~&v;o8-= zZ!OGMBdtB> zITn1TA8F_#GTJ7+(=qaDs48+KChd{8zrb*m*s~R3eM6Q)+^78sl{O*5sP^>&{FsS% z{*`$239QfLF366@3pi9Aw?i~{)Af{FZaHJdGp@F23a)I&!pk15wd97dS$^ESyuS<# z_RLhGpOT$@CE=L#sEcSITDu12TgY+%d@oD|MmZ-A=R%ou2kd8dGDiklBZl;tc|U%F zQh(TH54yZIpPs24n3~m&0( zsxe*;(%>T#bv@9>&uH5t`CtY++CCXi^|^@wJ77tmg|qJ#y&;`WYAl)Rb3|X%ymLik z%ViP&xANCZQPWW`%E~;xZ&Dwo z8|>~3dzYkPWp|!td9MP~sA{5_B#sQ~F@OYT+ZHv$E_3Nf2)|}7sy4ox6ONjyDN>pP zKl?TBI?ie;X$8s;g3x)t00IDbf1Y<+2Ma6HACsRL_tCkV5=-(ms8>ozT#+9$iC&Vw z$oX9zk{vT04*Ma$Ggz4NF;P45Gqfe4J1M(p2~0!60q;iEBy$bh{a*36UoQL{-pUZ< zNcacy=@O8+Xv^|No6cvmzNN^gxse`{YczrRu(L07IsDp((RXR6zf^bdYVK&%mDkdk zti~MyRp$N;ozubF?UELO`0k8W`LBi%TkjUA72rg%RWsu(-^ten_?E|~qhX47NMFDb zQoKBTeTosx%khc#>&5KR8ajz5Moy!P9NeMt++KJGS(hT_Udo4r_-E;p5ff+$PJt^X z*;8s*!$i(_X$r#(^Q2{1j9w**hoBKE2%?EA^OO3Bz;@W#J`X|;JNhxH zfyME!vWaKlsa&MgkGhOrx9I`+Y2D_c&e9Md0DriEMd5l;qo!THDY{hIdeAMEFVogxx z8&z&-6NA1=&Lck4nr}7;PstVSptA>bM?|=1|6D7DnoTQhzdGCz>zSqq$v7#tDV1W zC2dL%&5K*Jtcu+RqRr-h|3I5aaT*ubD27PB87zaOnJuR2x5|*(=NI#?r`%$;Mu@z5 z)EA|xCz=S4V`OX?aEtOMYSR^%c6?dVH`_ zoAi^9SMKJfMB?YI8Wjwk?Wr-~%)al;Cn+VJz4uLu#PLHJ4V#+}YL2+=XnQ2BnJ~4}M%I7UVfTANyP% zB?GQkjPwH0V9Ex)PS#6->Gu1ZjWu<8S|kG3=}&uIOmUhsD%AQCITeq04%*5*k}w(t zybdZfnara3xJR|mP1(HOkLu%ov%LO*G>m!_dq-Gj!f@7^bAN{{hVo@tP!YE77N{%- z1H^;@`r`!)aP-5-Upf9u3<=;0O{dj@vMxL53Bl0kkJ9^d8JQ_#C_0DKbP=-lfwFw)ZrhbOl^%_T+CgdCE%Zp{iXE} zV~L@q;V0)$X=su9R|Mie@yq`M!f$2nUvX&ugcJO)IDaUY|7;q|p8$LRJHX%T=fCRu z^iR-O(1rK!y!IcPf7kUF^zWtlpOr`Z6NAYg7;K?iJp7tbBtW#9no5Vgp$QxGoM|`! z0ONN_03bgg3VPJo%uLPP#l_0Op4HmL@sG0U(6+J9H@V{j)HzGA0Kl)%{~@~rMYFOu zGxz-e#eRf7LCQE9K6DkihbEESpC~(_{pbJU4zb_WR5N#Ww>5WV{VfFlsP7MA?7lIf zHK?wv&~%ah6R{}NY5xncyn}^+^N*mgHg-4mWOezE?^ui-tys8NIat|Q zt&N@k=)=FeRQLsYVF>fPIsbRz@JHdl>o;JFteoyOP9oJ8SzwfzzQsf5^ zn*GJvzft%v1pn88{qpMHug$-Bv|s(tJik_IWjT0gVgmpK&<7VHH2*B1MFa5v0A<0u AWdHyG literal 0 HcmV?d00001 diff --git a/resources/webtestapp.war b/resources/webtestapp.war new file mode 100644 index 0000000000000000000000000000000000000000..7eb9c92d5fa3557b3b8520b6fdcdb0c3b6004a17 GIT binary patch literal 2618 zcmWIWW@Zs#U|`^2P+e9X@ItqXv7M2DL64b%ffFd2nU|7Up_f%$P&(|$-oT2pxB=H!UZ5ap%izanRc*XBjdTB{lr`{0hSaZ%)?XzErj{ICIvUm0RyRm#Xz1UO3fcRzUE^jVB}@&f3&9YgX$M zAMaqTy${~3`(gi2xOM-(*!iOT=Efi9@aNoLyvHf<*J+LX2`oRHj{VpaqJ8e%qSH5S zZ@BmQKt9tZp>?j0E^5}biCneN-JrVT_|KJFE5)1+>b`#aX{V-n;DjH=CEn|_rB>zb zi!%8k9aW-Ta{H$*(`EHWX6NTU$%b|g_Ub2dAL!n3W9Mevy5B$Pn)|o=773SGFD;$8 z=-X*~E50B5B-XVpX#D!VE>Va)crn~w`oYI-ygs?h7exzw+F9WA z$nX7m6~C=vmk-PNDfs^=@QZKGydNI$Ms41auesZ&wg2_EX9$4C76ZeRq^tm71i=9) zwtQVf9CbbY-1KoP6GK*}7w!|EnOBlpl$V%;M~@6nJ;{m58L4=5su9qclvtdZoLE|t zfn?qQjANELItScd1{LP%L@h+Vkq#_+TZY(jle)sIV69&fT&g^1t zI-k6dUqMM@T3A%4zCh3u*-g6@Ra|$?c~rDR#_n9DoKvj!hfhD+I$PRUmZq4vIJ2tH zT<9bGBxc6P$1Mx5*`8V)5xVVYwNrfjJ9BIQv!8hxw2fJB&wU{Fexkt>&P-|7%13+u z#C>Jo&A;4lW}{Q(#CfYS9_U|Ka8Ya~*W*j?_tx#-|F_g$W(DhpoS;?G>}-6^oOkCg z+%0-{?xnjsOU`TESS2>KvZ&2!uR~<~&;NgJz5J)s`1r7uu*6RZsfAG+(t<=^hio`; zYVqTb2Wqxj%wD>=`~!!nH4`Fj%??COf*in*4R>`yNr4;;KWA14?AbSc`bwZID=_@| zkyMqZCh1k==H&YC=4&z#x$F6(y{&bn?t>(b{_aQvKA>;50x_rv zh4~%mtDOAw%w&+)Vte=U9a0c+`>s~YeyNpH@2czUe>r|uD?7DaFHPDa9@O#WqpL9c zZ{Pa`etvh?es+ng`gknK*;`NJ;)*wyA6&Tb`|T0FE!m&f^zEAeCPBoz-SfG}rwiss zC7M<^g3W7fM;lAqnlP$&z$`2DkF@RoetsSGg^!R+32gtMx&G!`0Rn%htD1v z6ni+Cki39m52Q?@)HXE~+nfp5hA07%?R~Tt5_&Kin=diTTIA4dC)!@*k{8(xniVlT zpu_^BVQxW$G`8{?<_1tYyiS%I5T!M;Yog{uTmz%$J;6+0m}MHwHK3$x$b!h_$R@wP z9hBY(Ot~;R^`n#*h>z?~%yJNBGRU9dNG3x|MPv( + + Parameter Name + Explanation + + + _artifactsLocation + See below for details. + + + elkSettings + Optional. JSON object type. You can specify this parameters for Elasticsearch and Kibana(ELK) connection. If enable is true, must specify other properties. See the page WebLogic with Elastic on Azure for further information. + + + + enable + If enable is true, must specify all properties of the elkSettings. + + + + elasticsearchEndpoint + Endpoint of the Elasticsearch instance. + + + + elasticsearchPassword + Password for Elasticsearch account. + + + + elasticsearchUserName + User name for Elasticsearch account. + + + + logIndex + Must be the same value output at ELK deployment time. + + + + logsToIntegrate + Array with string value. Specify the expeted logs to integrate, you must input at least one log. + + + adminPasswordOrKey + Password of administration account for the new Virtual Machine that host new nodes. + + + adminVMName + Virtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server, for example: adminVM. + + enableCoherenceWebLocalStorage + Specifies whether Local Storage is enabled for the Coherence*Web cluster tier. + + + location + Must be the same region into which the server was initially deployed. + + + managedServerPrefix + Must be the same prefix with which the cluster was initially deployed. + + + numberOfExistingCacheNodes + Number of existing Coherence cache servers, used to name new virtual machines and new managed server. + + + numberOfNewCacheNodes + Number of new Coherence cahce servers, used to create Virtual Machines and Managed Server. + + + skuUrnVersion + Must be the same urn with which the cluster was initially deployed. + + + storageAccountName + The name of an existing storage account. + + + vmSizeSelectForCoherence + Select appropriate VM Size for Coherence cache servers. + + + wlsDomainName + Must be the same value provided at deployment time. + + + wlsPassword + Must be the same value provided at deployment time. + + + wlsUserName + Must be the same value provided at deployment time. + + + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateAddCacheNodeBasePath }} +``` + +### Existing cache nodes +To differentiate functionality of managed cache servers, we use **managed application server** to represent managed servers that host Java EE application, and use **managed cache server** to represent managed servers that used for cache. + +You can get the existing managed cache servers with the following command: + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfExistingCacheNodes=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}StorageVM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfExistingCacheNodes} +``` + +### Log index + +If you configured ELK in your cluster to export WebLogic Server logs to ELK, please input the value of Kibana log index, this template will set up ELK connection and export logs to specified index. + +You can get the value from Azure portal with the following steps: + +* Go to Azure portal. +* Open you resource group and click **Deployments**. +* Open the ELK deployment, and click **Output**. +* Copy the value of `logIndex`. + +Alternatively, use Azure CLI command to list log index inside the resource group deployments: + +```shell +$ az deployment group list -g 'yourResourceGroup' --query [*].properties.outputs.logIndex.value +[ + "azure-weblogic-cluster-f984df74-ab4d-4c17-a532-7f248659fb28" +] +``` + +### Storage account + +Each Storage Account handles up to 20,000 IOPS, and 500TB of data. If you use a storage account for Standard Virtual Machines, you can store until 40 virtual disks. + +We have two disks for one Virtual Machine, it's suggested no more than 20 Virtual Machines share the same storage account. Number of virtual machines that hosting managed servers should be less than or equal to 20. + +You can get the name of storage account from Azure portal with steps: + + * Go to Azure portal + * Go to the your resource group + * Find storage account resource and copy its name + +Alternatively, use Azure CLI command to list storage account inside a resource group: + +```shell +$ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/storageAccounts --query [*].name +[ + "219846olvm" +] +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSizeSelectForCoherence` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateAddCacheNodeBasePath }}" + }, + "adminPasswordOrKey": { + "value": "jyfRat@nht2019" + }, + "adminVMName": { + "value": "adminVM" + }, + "elkSettings": { + "value": { + "enable": true, + "elasticsearchEndpoint":"https://example.eastus2.azure.elastic-cloud.com:9243", + "elasticsearchPassword": "Secret123!", + "elasticsearchUserName":"elastic", + "logIndex": "azure-weblogic-dynamic-cluster-11122020", + "logsToIntegrate": ["HTTPAccessLog", "ServerLog", "DomainLog", "DataSourceLog", "StandardErrorAndOutput", "NodeManagerLog"] + } + }, + "enableCoherenceWebLocalStorage": { + "value": true + }, + "location": { + "value": "eastus" + }, + "managedServerPrefix": { + "value": "msp" + }, + "numberOfExistingCacheNodes": { + "value": 1 + }, + "numberOfNewCacheNodes": { + "value": 1 + }, + "skuUrnVersion": { + "value": "owls-122140-8u251-ol76;Oracle:weblogic-122140-jdk8u251-ol76:owls-122140-8u251-ol7;latest" + }, + "storageAccountName": { + "value": "d40140olvm" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to add new nodes. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az deployment group validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddCacheNodeBasePath }}arm/mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddCacheNodeBasePath }}arm/mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```bash +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/mainTemplate", + "location": null, + "name": "mainTemplate", + "properties": { + "correlationId": "19040fc8-2b74-4e64-9dd9-59a5a3ce401a", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/pid-157ea8ac-12ae-11eb-adc1-0242ac120002", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "pid-157ea8ac-12ae-11eb-adc1-0242ac120002", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM2_PublicIP", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2_PublicIP", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM2_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM2_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-04-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT10M24.4018847S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM2_NIC", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM2_PublicIP", + "resourceGroup": "haiche-cluster-1106" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateAddCacheNodeBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateAddCacheNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminUsername": { + "type": "String", + "value": "weblogic" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "wls" + }, + "enableCoherenceWebLocalStorage": { + "type": "Bool", + "value": true + }, + "guidValue": { + "type": "String", + "value": "d5dde421-44b0-48df-9d12-db02374654d3" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfExistingCacheNodes": { + "type": "Int", + "value": 1 + }, + "numberOfNewCacheNodes": { + "type": "Int", + "value": 1 + }, + "skuUrnVersion": { + "type": "String", + "value": "owls-122130-8u131-ol74;Oracle:weblogic-122130-jdk8u131-ol74:owls-122130-8u131-ol7;latest" + }, + "storageAccountName": { + "type": "String", + "value": "33f2e3olvm" + }, + "usePreviewImage": { + "type": "Bool", + "value": false + }, + "vmSizeSelectForCoherence": { + "type": "String", + "value": "Standard_A1" + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "networkInterfaces" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "16596437850900945013", + "templateLink": null, + "timestamp": "2020-11-09T06:28:40.936524+00:00" + }, + "resourceGroup": "haiche-cluster-1106", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify + +### Verify if new cache nodes are added to the WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment** -> **Machines**. + + You should see logical machines with name parttern `^{managedServerPrefix}StorageVM[0-9]+$`, machine names with number suffix from `numberOfExistingCacheNodes` to `numberOfExistingCacheNodes + numberOfNewCacheNodes` are added. +* Go to **Environment** -> **Servers** + + You should see servers with name parttern `^{managedServerPrefix}Storage[0-9]+$`, server names with number suffix from `numberOfExistingCacheNodes` to `numberOfExistingCacheNodes + numberOfNewNodes` are added to `storage1`. + +### Verify if Azure resources are added + +* Go to [Azure Portal](https://ms.portal.azure.com/). +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been added. diff --git a/subtemplate-src/admin-aadNestedTemplate.md b/subtemplate-src/admin-aadNestedTemplate.md new file mode 100644 index 000000000..d50d4998a --- /dev/null +++ b/subtemplate-src/admin-aadNestedTemplate.md @@ -0,0 +1,302 @@ +{% include variables.md %} + +# Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure Active Directory Domain Service (AAD DS) using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The AAD ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Active Directory LDAP Instance + +To apply AAD to {{ site.data.var.wlsFullBrandName }}, you must have an existing Azure Active Directory LDAP instance to use. If you don't have AAD LADP instance, please follow the steps in the tutorial [Configure secure LDAP for an Azure Active Directory Domain Services managed domain](https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the AAD ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and AAD instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `aadsPortNumber` | (optional) The LDAP port number, defaults to 636. | +| `aadsPublicIP` | The IP address of the LDAP server | +| `aadsServerHost` | The hostname of the Active Directory Domain Services server. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `location` | Must be the same region into which the server was initially deployed. | +| `wlsDomainName` | The name of the {{ site.data.var.wlsFullBrandName }} domain. | +| `wlsLDAPGroupBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains groups. | +| `wlsLDAPPrincipalPassword` | The credential (usually a password) used to connect to the LDAP server. | +| `wlsLDAPPrincipal` | The Distinguished Name (DN) of the LDAP user that {{ site.data.var.wlsFullBrandName }} should use to connect to the LDAP server. | +| `wlsLDAPProviderName` | (optional) The value used for creating authentication provider name of WebLogic Server. | +| `wlsLDAPSSLCertificate` | Client certificate that will be imported to trust store of SSL. | +| `wlsLDAPSSLCertificate` | See below for details. | +| `wlsLDAPUserBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains users. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### `wlsLDAPSSLCertificate` + +Use base64 to encode your existing SSL certificate. + +```bash +base64 your-certificate.cer -w 0 >temp.txt +``` + +Use the content as this file as the value of the `wlsLDAPSSLCertificate` parameter. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "aadsPublicIP": { + "value": "1.2.3.4" + }, + "aadsServerHost": { + "value": "ladps.fabrikam.com" + }, + "location": { + "value": "eastus" + }, + "wlsDomainName": { + "value": "adminDomain" + }, + "wlsLDAPGroupBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipal": { + "value": "CN=WLSTest,OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "value": "Secret123!" + }, + "wlsLDAPSSLCertificate": { + "value": "MIIKQQIBAz....EkAgIIAA==" + }, + "wlsLDAPUserBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified AAD. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/cli", + "location": null, + "name": "cli", + "properties": { + "correlationId": "6d98e1c8-0778-4fa5-a30a-8f10bbbb6818", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT2M59.6052694S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationAADTemplate": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "aadsPortNumber": { + "type": "String", + "value": "636" + }, + "aadsPublicIP": { + "type": "String", + "value": "40.76.11.111" + }, + "aadsServerHost": { + "type": "String", + "value": "ladps.wls-security.com" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsDomainName": { + "type": "String", + "value": "adminDomain" + }, + "wlsLDAPGroupBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipal": { + "type": "String", + "value": "CN=WLSTest,OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "type": "SecureString" + }, + "wlsLDAPProviderName": { + "type": "String", + "value": "AzureActiveDirectoryProvider" + }, + "wlsLDAPSSLCertificate": { + "type": "String", + "value": "LS0tLS1...LQ0K" + }, + "wlsLDAPUserBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "2818584196763146470", + "templateLink": null, + "timestamp": "2020-06-09T07:07:03.444046+00:00" + }, + "resourceGroup": "oraclevm-admin-06082", + "type": "Microsoft.Resources/deployments" +} + +``` + +## Verify AAD Integration + +Follow the steps to check if AAD is enabled. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Providers**. +* If the integration was successful, you will find the AAD provider for example `AzureActiveDirectoryProvider`. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Users and Groups**. +* If the integration was successful, you will find users from the AAD provider. diff --git a/subtemplate-src/admin-customDNSTemplate.md b/subtemplate-src/admin-customDNSTemplate.md new file mode 100644 index 000000000..746b9e506 --- /dev/null +++ b/subtemplate-src/admin-customDNSTemplate.md @@ -0,0 +1,164 @@ +{% include variables.md %} + +# Configure DNS alias to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a custom DNS alias. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Registered Domain Name + +You need to buy a domain name to create a custom DNS alias. + +### Azure DNS Zone + +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. + +```bash +$ nslookup -type=SOA contoso.com +Server: 172.29.80.1 +Address: 172.29.80.1#53 + +Non-authoritative answer: +contoso.com + origin = ns1-01.azure-dns.com + mail addr = azuredns-hostmaster.microsoft.com + serial = 1 + refresh = 3600 + retry = 300 + expire = 2419200 + minimum = 300 +Name: ns1-01.azure-dns.com +Address: 40.90.4.1 +Name: ns1-01.azure-dns.com +Address: 2603:1061::1 +``` + +We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. + +### Azure Managed Indentify + +If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + + +## Prepare the Parameters + +We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. + +| Parameter Name             | Explanation | +|----------------|-------------| +| `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| +| `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | +| `--artifact-location`| Required. See below for details. | +| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--location ` | Required. Must be the same region into which the server was initially deployed. | +| `--zone-name ` | Required. Azure DNS Zone name. | +| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| +| `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | +| `--help` | Help. | + +### Artifacts location + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +## Invoke the Automation Script + +We provide an automation script to configure a custom DNS alias. The script lets you do the following: + + * If you have an Azure DNS Zone, it will create a DNS alias for the admin console on the existing DNS Zone. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console. + +### Configure DNS Alias on an Existing Azure DNS Zone + +To configure a DNS alias on an existing Azure DNS Zone, in addition to the required parameters, you must also specify an Azure user-assigned managed identity ID and the resource group name in which your DNS Zone is deployed. + +This is an example to create a DNS alias `admin.contoso.com` for the admin console in an existing Azure DNS Zone. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --identity-id `yourIndentityID` \ + --zone-resource-group `yourDNSZoneResourceGroup` +``` + +An example output: + +```text +Done! + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + +``` + + +### Configure DNS Alias on a New Azure DNS Zone + +To configure a DNS alias on a new Azure DNS Zone, you must specify the required parameters. + +This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com +``` + +An example output: + +```text +DONE! + + +Action required: + Complete Azure DNS delegation to make the alias accessible. + Reference: https://aka.ms/dns-domain-delegation + Name servers: + [ + "ns1-02.azure-dns.com.", + "ns2-02.azure-dns.net.", + "ns3-02.azure-dns.org.", + "ns4-02.azure-dns.info." + ] + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console +``` + +**Note:** The DNS aliases are not accessible now, you must perform Azure DNS delegation after the deployment. Follow [Delegation of DNS zones with Azure DNS](https://aka.ms/dns-domain-delegation) to complete the Azure DNS delegation. + + +## Verify the Custom Alias + +Access the URL from output to verify if the custom alias works. diff --git a/subtemplate-src/admin-elkNestedTemplate.md b/subtemplate-src/admin-elkNestedTemplate.md new file mode 100644 index 000000000..4368d7225 --- /dev/null +++ b/subtemplate-src/admin-elkNestedTemplate.md @@ -0,0 +1,285 @@ +{% include variables.md %} + +# Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to land logs to Elasticsearch and Kibana using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The ELK ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Virtual machine size requirement +Ensure the virtual machines that have been deployed have at least **2.5GB** of memory. The default virtual machine size for WLS does not have enough memory. Use at least `Standard_A2_v2`. + +### Elasticsearch instance + +Refer to [Create an an Elastic on Azure instance](https://aka.ms/arm-oraclelinux-wls-elk#create-an-an-elastic-on-azure-instance) + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the ELK ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. + +We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and Elasticsearch instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| Virtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server. | +| `elasticsearchEndpoint` | The Elasticsearch endpoint. | +| `elasticsearchPassword` | Password of the Elasticsearch account. Used to distibute message with REST API to Elasticsearch instance. | +| `elasticsearchUserName` | User name of the Elasticsearch account. | +| `location` | Must be the same region into which the server was initially deployed. | +| `logsToIntegrate` | Specify the WebLogic logs to export to Elasticsearch, you must select at least one log. | +| `wlsDomainName` | Must be the same value provided at initial deployment time. | +| `wlsPassword` | Must be the same value provided at initial deployment time. | +| `wlsUserName` | Must be the same value provided at initial deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminVMName": { + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "value": "wlkpsw" + }, + "elasticsearchUserName": { + "value": "elastic" + }, + "location": { + "value": "eastus" + }, + "wlsDomainName": { + "value": "adminDomain" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to connect to Elasticsearch and Kinaba intance. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-admin-elk/providers/Microsoft.Resources/deployments/elkNestedTemplate", + "location": null, + "name": "elkNestedTemplate", + "properties": { + "correlationId": "61a46b43-27d0-4478-baba-c288059892d5", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-admin-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-admin-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-admin-elk/providers/Microsoft.Resources/deployments/pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceGroup": "haiche-admin-elk", + "resourceName": "pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceType": "Microsoft.Resources/deployments" + }, + ], + "duration": "PT8M54.4785762S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-admin-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-admin-elk" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "logIndex": { + "type": "String", + "value": "azure-weblogic-admin-b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationELKTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "type": "String", + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "type": "SecureString" + }, + "elasticsearchUserName": { + "type": "String", + "value": "elastic" + }, + "guidValue": { + "type": "String", + "value": "b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "logsToIntegrate": { + "type": "Array", + "value": [ + "HTTPAccessLog", + "ServerLog", + "DomainLog", + "DataSourceLog", + "StandardErrorAndOutput", + "NodeManagerLog" + ] + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "10060935779116645392", + "templateLink": null, + "timestamp": "2020-11-11T07:29:42.336797+00:00" + }, + "resourceGroup": "haiche-admin-elk", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify ELK connection + +Follow the steps to check if WebLogic Server logs are exported to Elasticsearch. + +* Go to Azure portal +* Copy log index from your resource group -> deployments -> elkNestedTemplate -> output -> logIndex . +* Go to Elasticsearch cloud and launch Kibana. +* Create index + * Go to Kibana -> Management -> Kibana -> Index Patterns + * Click `Create index Patterns` + * Input the log index you copy from output in Index pattern + * There should be an index you can select, otherwise, the ELK deployment failed + * Next step + * Select `@timestamp` in Time Filter and hit `Create index pattern` +* View logs + * Go to Kibana -> Discover + * Select the index you just created + * You will find the WebLogic Server logs listed diff --git a/subtemplate-src/appGatewayNestedTemplate.md b/subtemplate-src/appGatewayNestedTemplate.md new file mode 100644 index 000000000..039b015c6 --- /dev/null +++ b/subtemplate-src/appGatewayNestedTemplate.md @@ -0,0 +1,364 @@ +{% include variables.md %} + +# Apply Azure App Gateway ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with Azure Application Gateway using the Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The Application Gateway ARM tempate will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Certificate for SSL Termination + +Because the Application Gateway serves as the front end load balancer for the {{ site.data.var.wlsFullBrandName }} cluster, it must be provided with a certificate to allow browsers to connect via SSL. + +When deploying the {{ site.data.var.wlsFullBrandName }} offer from the Azure Portal, you can configure the deployment to fetch the SSL certificate and its password from a pre-existing Azure Key Vault. For a high-level introduction to SSL Certificates with Azure Key Vault see [Get started with Key Vault certificates](https://docs.microsoft.com/en-us/azure/key-vault/certificates/certificate-scenarios). For an overview of TLS termination with Application Gateway see [Overview of TLS termination and end to end TLS with Application Gateway](https://docs.microsoft.com/en-us/azure/application-gateway/ssl-overview). When configuring the Application Gateway after deployment, you must base64 encode the certificate and also know the password for the certificate. + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the database ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing SSL certificate. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `customDomainName`| Specify a custome domain name if want to override application gateway hostname. You are required to input the value if you use a pre-assigned SSL for application gateway. | +| `appGatewaySSLCertificateData`| See below for details. | +| `appGatewaySSLCertificatePassword`| See below for details. | +| `dnsNameforApplicationGateway`| (optional) A prefix value for the dns name of the Application Gateway. | +| `gatewayPublicIPAddressName` | (optional) A prefix value for the public IP address of the Application Gateway. | +| `location` | Must be the same region into which the server was initially deployed. | +| `managedServerPrefix` | At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `numberOfInstances` | The number of instances in the cluster. Must be the same as the value used at deployment time. | +| `overrideHostName` | If `true` the template will override the application gateway hostname with value of `customDomainName`. The vaule should be `true` if you use a pre-assigned SSL for application gateway. | +| `wlsDomainName` | At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### SSL Certificate Data and Password + +Use base64 to encode your existing PFX format certificate. + +```bash +base64 your-certificate.pfx -w 0 >temp.txt +``` + +Use the content as this file as the value of the `appGatewaySSLCertificateData` parameter. + +It is assumed that you have the password for the certificate. Use this as the value of the `appGatewaySSLCertificatePassword` parameter. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include any optional parameters, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation":{ + "value": "{{ armTemplateBasePath }}" + }, + "appGatewaySSLCertificateData": { + "value": "MIIKCQIB...sOr3QICCAA=" + }, + "appGatewaySSLCertificatePassword": { + "value": "myPasswordInClearText" + }, + "numberOfInstances": { + "value": 3 + }, + "location": { + "value": "eastus" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/appGatewayNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/appGatewayNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Resources/deployments/cli", + "location": null, + "name": "cli", + "properties": { + "correlationId": "4cc63f27-0f43-4244-9d89-a09bf417e943", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/publicIPAddresses/gwip", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "gwip", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/applicationGateways/myAppGateway", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "myAppGateway", + "resourceType": "Microsoft.Network/applicationGateways" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/applicationGateways/myAppGateway", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "myAppGateway", + "resourceType": "Microsoft.Network/applicationGateways" + }, + { + "apiVersion": "2019-11-01", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/publicIPAddresses/gwip", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "gwip", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Resources/deployments/pid-36deb858-08fe-5c07-bc77-ba957a59a080", + "resourceGroup": "oraclevm-cluster-0604", + "resourceName": "pid-36deb858-08fe-5c07-bc77-ba957a59a080", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT8M41.2104793S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-0604" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/applicationGateways/myAppGateway", + "resourceGroup": "oraclevm-cluster-0604" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-0604/providers/Microsoft.Network/publicIPAddresses/gwip", + "resourceGroup": "oraclevm-cluster-0604" + } + ], + "outputs": { + "appGatewayURL": { + "type": "String", + "value": "http://wlsgw9e6ed1-oraclevm-cluster-0604-wlsd.eastus.cloudapp.azure.com" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationAGWTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "appGatewaySSLCertificateData": { + "type": "String", + "value": "MIIKQQIBAz....EkAgIIAA==" + }, + "appGatewaySSLCertificatePassword": { + "type": "String", + "value": "myRedactedPassword" + }, + "dnsNameforApplicationGateway": { + "type": "String", + "value": "wlsgw" + }, + "gatewayPublicIPAddressName": { + "type": "String", + "value": "gwip" + }, + "guidValue": { + "type": "String", + "value": "9e6ed15b-d386-4cb9-a617-3cb6f785f6a0" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfInstances": { + "type": "Int", + "value": 4 + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "applicationGateways" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "12239709219097081949", + "templateLink": null, + "timestamp": "2020-06-04T03:17:01.168329+00:00" + }, + "resourceGroup": "oraclevm-cluster-0604", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify Application Gateway + +We will deploy a testing application to verify if the appliaction gateway is enabled. + +Go to Admin Server Console and deploy [webtestapp.war](../resources/webtestapp.war). + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* Select **Deployments**. +* Select **Install**. +* Select file `webtestapp.war`. +* Select **Next**. Choose "Install this deployment as an application". +* Select **Next**. Select "cluster-1" and "All servers in the cluster". +* Keep configuration as default and select **Finish**. +* Select **Activate Changes** +* In the left navigation pane, select **Deployments**. +* Select **Control** +* Select `webtestapp` +* Select **Start** +* Select **Servicing all requests** + +Then access the application with `/webtestapp`, you will get a page with server host information if application gateway was successfully enabled. diff --git a/subtemplate-src/cluster-aadNestedTemplate.md b/subtemplate-src/cluster-aadNestedTemplate.md new file mode 100644 index 000000000..871e44cad --- /dev/null +++ b/subtemplate-src/cluster-aadNestedTemplate.md @@ -0,0 +1,308 @@ +{% include variables.md %} + +# Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure Active Directory Domain Service (AAD DS) using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The AAD ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Active Directory LDAP Instance + +To apply AAD to {{ site.data.var.wlsFullBrandName }}, you must have an existing Azure Active Directory LDAP instance to use. If you don't have AAD LADP instance, please follow the steps in the tutorial [Configure secure LDAP for an Azure Active Directory Domain Services managed domain](https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the AAD ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and AAD instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `aadsPortNumber` | (optional) The LDAP port number, defaults to 636. | +| `aadsPublicIP` | The IP address of the LDAP server | +| `aadsServerHost` | The hostname of the Active Directory Domain Services server. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `location` | Must be the same region into which the server was initially deployed. | +| `managedServerPrefix` | Must be the same managed server prefix with that in initial deployed. | +| `numberOfInstances` | Numbers of Virtual Machines that have been deployed, including Virtual Machine that hosts Administration Server. | +| `wlsDomainName` | The name of the {{ site.data.var.wlsFullBrandName }} domain. | +| `wlsLDAPGroupBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains groups. | +| `wlsLDAPPrincipalPassword` | The credential (usually a password) used to connect to the LDAP server. | +| `wlsLDAPPrincipal` | The Distinguished Name (DN) of the LDAP user that {{ site.data.var.wlsFullBrandName }} should use to connect to the LDAP server. | +| `wlsLDAPProviderName` | (optional) The value used for creating authentication provider name of WebLogic Server. | +| `wlsLDAPSSLCertificate` | Client certificate that will be imported to trust store of SSL. | +| `wlsLDAPSSLCertificate` | See below for details. | +| `wlsLDAPUserBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains users. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### `wlsLDAPSSLCertificate` + +Use base64 to encode your existing SSL certificate. + +```bash +base64 your-certificate.cer -w 0 >temp.txt +``` + +Use the content as this file as the value of the `wlsLDAPSSLCertificate` parameter. + +### `numberOfInstances` + +The number of existing nodes, includeing Administration Server node. It should equal to existing Virtual Machine number. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. Pay attention to the value of `numberOfInstances`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "aadsPublicIP": { + "value": "1.2.3.4" + }, + "aadsServerHost": { + "value": "ladps.fabrikam.com" + }, + "location": { + "value": "eastus" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsLDAPGroupBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipal": { + "value": "CN=WLSTest,OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "value": "Secret123!" + }, + "wlsLDAPSSLCertificate": { + "value": "MIIKQQIBAz....EkAgIIAA==" + }, + "wlsLDAPUserBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified AAD. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/cli", + "location": null, + "name": "cli", + "properties": { + "correlationId": "6d98e1c8-0778-4fa5-a30a-8f10bbbb6818", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT2M59.6052694S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationAADTemplate": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "aadsPortNumber": { + "type": "String", + "value": "636" + }, + "aadsPublicIP": { + "type": "String", + "value": "40.76.11.111" + }, + "aadsServerHost": { + "type": "String", + "value": "ladps.wls-security.com" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsDomainName": { + "type": "String", + "value": "adminDomain" + }, + "wlsLDAPGroupBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipal": { + "type": "String", + "value": "CN=WLSTest,OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "type": "SecureString" + }, + "wlsLDAPProviderName": { + "type": "String", + "value": "AzureActiveDirectoryProvider" + }, + "wlsLDAPSSLCertificate": { + "type": "String", + "value": "LS0tLS1...LQ0K" + }, + "wlsLDAPUserBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "2818584196763146470", + "templateLink": null, + "timestamp": "2020-06-09T07:07:03.444046+00:00" + }, + "resourceGroup": "oraclevm-admin-06082", + "type": "Microsoft.Resources/deployments" +} + +``` + +## Verify AAD Integration + +Follow the steps to check if AAD is enabled. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Providers**. +* If the integration was successful, you will find the AAD provider for example `AzureActiveDirectoryProvider`. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Users and Groups**. +* If the integration was successful, you will find users from the AAD provider. diff --git a/subtemplate-src/cluster-addnode.md b/subtemplate-src/cluster-addnode.md new file mode 100644 index 000000000..0e74f565e --- /dev/null +++ b/subtemplate-src/cluster-addnode.md @@ -0,0 +1,734 @@ +{% include variables.md %} + +# Add nodes to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to add new managed application server using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Active Directory LDAP Instance + +Refer to [Azure Active Directory(AAD) LDAP Instance](aadNestedTemplate.html#azure-active-directory-ldap-instance). + +### Certificate for SSL Termination +Refer to [Configure Azure Application Gateway#Certificate for SSL Termination](appGatewayNestedTemplate.html#certificate-for-ssl-termination). + +### Administering Security for Oracle WebLogic Server & Configuring KeyStores +Refer to [Configuring Keystores](https://docs.oracle.com/en/middleware/fusion-middleware/weblogic-server/12.2.1.4/secmg/identity_trust.html). + +### Generate Base64 string for a given ssl certificate/keystore file + +Use the following command to generate a Base64 string for a given ssl certificate/keystore file, to be used as input in the parameters JSON file + +

base64 /my/path/your-certificate.cer -w 0 >temp.txt
+ + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the add-node ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. You must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and nodes that to be added. This section shows how to obtain the values for the following required properties. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Parameter NameExplanation
_artifactsLocationSee below for details.
aadsSettingsOptional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. See the page WebLogic to Azure with AAD via LDAP for further information.
enableIf enable is true, must specify all properties of the aadSettings.
publicIPThe public IP address of Azure Active Directory LDAP server.
serverHostThe server host of Azure Active Directory LDAP server.
certificateBase64StringThe based64 string of LADP client certificate that will be imported to trust store of WebLogic Server to enable SSL connection of AD provider.
adminPasswordOrKeyPassword of administration account for the new Virtual Machine that host new nodes.
adminURLThe URL of WebLogic Administration Server, usually made up with Virtual Machine name and port, for example: adminVM:7001.
appGatewaySettingsOptional. JSON object type. You can specify these parameters for application gateway configuration. If enable is true, you must specify other properties. If enable is false, the other properties are ignored. See the page Migrate a WebLogic Server cluster to Azure with Azure Application Gateway as a load balancer for further information.
enableIf enable is true, must specify all properties of the appGatewaySettings.
publicIPNameAzure resource name of application gateway public IP, default value is gwip
certificateBase64StringBase64 string of server certificate for application gateway.
certificatePasswordPassword of server certificate.
elkSettingsOptional. JSON object type. You can specify this parameters for Elasticsearch and Kibana(ELK) connection. If enable is true, must specify other properties. See the page WebLogic with Elastic on Azure for further information.
enableIf enable is true, must specify all properties of the elkSettings.
elasticsearchEndpointEndpoint of the Elasticsearch instance.
elasticsearchPasswordPassword for Elasticsearch account.
elasticsearchUserNameUser name for Elasticsearch account.
logIndexMust be the same value output at ELK deployment time.
logsToIntegrateArray with string value. Specify the expeted logs to integrate, you must input at least one log.
enableCoherenceIf true, create application managed server and add to the Coherence cluster application tier.
numberOfExistingNodesThe number of existing managed application servers, used to generate new virtual machine name.
numberOfNewNodesThe number of application managed server to add.
storageAccountNameThe name of an existing storage account.
wlsDomainNameMust be the same value provided at deployment time.
wlsUserNameMust be the same value provided at deployment time.
wlsPasswordMust be the same value provided at deployment time.
customSSLSettingsOptional. JSON object type. You can specify this parameters for configuring Custom SSL Settings for WebLogic Administration Server. If enable is true, must specify other properties. See the page Administering Security for Oracle WebLogic Server and Configuring Keystores for further information.
enableIf enable is true, must specify all properties of the customSSLSettings. +   Set to false by default.
customIdentityKeyStoreBase64StringThe based64 string of the custom identity keystore file that will be configured in the WebLogic Administration Server to enable SSL connection.
customIdentityKeyStorePassPhraseThe identity keystore pass phrase
customIdentityKeyStoreTypeIdentity Key Store Type. This can be either JKS or PKCS12
customTrustKeyStoreBase64StringThe based64 string of the custom trust keystore file that will be configured in the WebLogic Administration Server to enable SSL connection.
customTrustKeyStorePassPhraseThe trust keystore pass phrase
customTrustKeyStoreTypeTrust Key Store Type. This can be either JKS or PKCS12
privateKeyAliasThe private key alias
privateKeyPassPhraseThe private Key Pass phrase.
+ +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateAddNodeBasePath }} +``` + +### Enable SSH Authentication to VMs +If the cluster was deployed with SSH Authentication to VMs enabled, add this variable to your parameter file and fill in the base64 decoded public SSH key string to the `adminPasswordOrKey` field: +``` + "authenticationType": { + "value": "sshPublicKey" + }, + "adminPasswordOrKey": { + "value": "ssh-rsa ...." + }, +``` + +### Enable coherence +If `enableCoherence` is `true`, the template will create Azure resources to host new managed servers, and configure new application nodes to Coherence cluster. If your cluster is not Coherence cluster, please do not set this parameter `true`. + +### Existing managed application servers +To differentiate functionality of managed servers, we use **managed application server** to represent managed servers that host Java EE application, and use **managed cache server** to represent managed servers that used for cache. + +You can get the existing managed application servers with the following command: + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfExistingNodes=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}VM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfExistingNodes} +``` + +### Log index + +If you configured ELK in your cluster to export WebLogic Server logs to ELK, please input the value of Kibana log index, this template will set up ELK connection and export logs to specified index. + +You can get the value from Azure portal with the following steps: + +* Go to Azure portal. +* Open you resource group and click **Deployments**. +* Open the ELK deployment, and click **Output**. +* Copy the value of `logIndex`. + +Alternatively, use Azure CLI command to list log index inside the resource group deployments: + +```shell +$ az deployment group list -g 'yourResourceGroup' --query [*].properties.outputs.logIndex.value +[ + "azure-weblogic-cluster-f984df74-ab4d-4c17-a532-7f248659fb28" +] +``` + +### Storage account + +Each Storage Account handles up to 20,000 IOPS, and 500TB of data. If you use a storage account for Standard Virtual Machines, you can store until 40 virtual disks. + +We have two disks for one Virtual Machine, it's suggested no more than 20 Virtual Machines share the same storage account. Number of virtual machines that hosting managed servers should be less than or equal to 20. + +You can get the name of storage account from Azure portal with steps: + + * Go to Azure portal + * Go to the your resource group + * Find storage account resource and copy its name + +Alternatively, use Azure CLI command to list storage account inside a resource group: + +```shell +$ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/storageAccounts --query [*].name +[ + "219846olvm" +] +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateAddNodeBasePath }}" + }, + "aadsSettings": { + "value": { + "enable": true, + "publicIP":"13.68.244.90", + "serverHost": "ladps.wls-security.com", + "certificateBase64String":"LS0tLS1C...tLS0tLQ0K" + } + }, + "adminPasswordOrKey": { + "value": "Secret123!" + }, + "adminURL":{ + "value": "adminVM:7001" + }, + "appGatewaySettings": { + "value": { + "enable": true, + "publicIPName": "gwip", + "certificateBase64String": "MIIKQQI...gIIAA==", + "certificatePassword": "Secret123!" + } + }, + "elkSettings": { + "value": { + "enable": true, + "elasticsearchEndpoint":"https://example.eastus2.azure.elastic-cloud.com:9243", + "elasticsearchPassword": "Secret123!", + "elasticsearchUserName":"elastic", + "logIndex": "azure-weblogic-dynamic-cluster-11122020", + "logsToIntegrate": ["HTTPAccessLog", "ServerLog", "DomainLog", "DataSourceLog", "StandardErrorAndOutput", "NodeManagerLog"] + } + }, + "location": { + "value": "eastus" + }, + "numberOfExistingNodes": { + "value": 4 + }, + "numberOfNewNodes": { + "value": 3 + }, + "storageAccountName": { + "value": "496dfdolvm" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsUserName": { + "value": "weblogic" + }, + "wlsPassword": { + "value": "welcome1" + }, + "customSSLSettings": { + "value": { + "enable": true, + "customIdentityKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAQAKc2VydmV....QZL24ljJLq", + "customIdentityKeyStorePassPhrase": "mypassword", + "customIdentityKeyStoreType": "JKS", + "customTrustKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAgAJdHJ1c3R....Td4bYVnONyS0PC7k=", + "customTrustKeyStorePassPhrase": "mypassword", + "customTrustKeyStoreType": "JKS", + "privateKeyAlias": "servercert", + "privateKeyPassPhrase": "mypassword" + } + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to add new nodes. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddNodeBasePath }}arm/mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddNodeBasePath }}arm/mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```bash +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Resources/deployments/mainTemplate", + "location": null, + "name": "mainTemplate", + "properties": { + "correlationId": "54517529-a1c4-422f-a539-23b9a5129e80", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Resources/deployments/pid-c7671c10-ae59-5ec5-bff3-c60db22d7ea4", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "pid-c7671c10-ae59-5ec5-bff3-c60db22d7ea4", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/publicIPAddresses/mspVM7_PublicIP", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_PublicIP", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "2019-06-01", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Storage/storageAccounts/09b943olvm", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "09b943olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-04-01", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Storage/storageAccounts/09b943olvm", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "09b943olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT9M6.8098765S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/publicIPAddresses/mspVM7_PublicIP", + "resourceGroup": "oraclevm-dcluster-0727" + } + ], + "outputs": { + "wlsDomainLocation": { + "type": "String", + "value": "/u01/domains/wlsd" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateAddNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "aadsSettings": { + "type": "Object", + "value": { + "certificateBase64String": "LS0tLS1C...S0tLQ0K", + "enable": true, + "publicIP": "40.76.11.111", + "serverHost": "ladps.wls-security.com" + } + }, + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminURL": { + "type": "String", + "value": "adminVM:7001" + }, + "adminUsername": { + "type": "String", + "value": "weblogic" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "wls" + }, + "guidValue": { + "type": "String", + "value": "67657ba3-6248-46e5-bedc-53e16ac82571" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfExistingNodes": { + "type": "Int", + "value": 7 + }, + "numberOfNewNodes": { + "type": "Int", + "value": 1 + }, + "skuUrnVersion": { + "type": "String", + "value": "owls-122130-8u131-ol74;Oracle:weblogic-122130-jdk8u131-ol74:owls-122130-8u131-ol7;1.1.1" + }, + "storageAccountName": { + "type": "String", + "value": "09b943olvm" + }, + "usePreviewImage": { + "type": "Bool", + "value": false + }, + "vmSizeSelect": { + "type": "String", + "value": "Standard_A3" + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + }, + "customSSLSettings": { + "type": "Object", + "value": { + "enable": true, + "customIdentityKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAQAKc2VydmV....QZL24ljJLq", + "customIdentityKeyStorePassPhrase": "mypassword", + "customIdentityKeyStoreType": "JKS", + "customTrustKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAgAJdHJ1c3R....Td4bYVnONyS0PC7k=", + "customTrustKeyStorePassPhrase": "mypassword", + "customTrustKeyStoreType": "JKS", + "privateKeyAliasSecret": "servercert", + "privateKeyPassPhraseSecret": "mypassword" + } + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "networkInterfaces" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "15879952829017360289", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateAddNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-27T12:37:03.733682+00:00" + }, + "resourceGroup": "oraclevm-dcluster-0727", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify + +### Verify if new nodes are added to the WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment** -> **Machines**. + + You should see logical machines with name parttern `^{managedServerPrefix}VM[0-9]+`, machine names with number suffix from `numberOfExistingNodes` to `numberOfExistingNodes + numberOfNewNodes` are added. +* Go to **Environment** -> **Servers** + + You should see servers with name parttern `^{managedServerPrefix}[0-9]+$`, server names with number suffix from `numberOfExistingNodes` to `numberOfExistingNodes + numberOfNewNodes` are added to `cluster1`. + + +### Verify if the newly added server has SSL configured successfully +* If the input parameter customSSLSettings.enable is set to true and the required custom SSL configuration values have been provided, then you should see the SSL configuration for the newly added server under **Environment** -> **Servers** -> **New Server** -> **Keystores** + +### Verify if Azure resources are added + +* Go to [Azure Portal](https://ms.portal.azure.com/). +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been added. + +### Verify AAD Integration + +Verify AAD integration by delpoying a simple Java EE applciation with basic authentication. + +* Go to Administration Server Console and deploy [testing application](../resources/basicauth.war). + * Select **Deployments**. + * Select **Install**. + * Select file `basicauth.war`. + * Select **Next**. Choose "Install this deployment as an application". + * Select **Next**. Select "cluster-1" and "All servers in the cluster". + * Keep configuration as default and select **Finish**. + * Select **Activate Changes** + * In the left navigation pane, select **Deployments**. + * Select **Control** + * Select `basicauth` + * Select **Start** + * Select **Servicing all requests** + +* Access the sample application + * Go to Administration Server Console + * Go to **Environment -> Machines**. Click one of the new machines, make sure there are servers running on that machine. Click **Node Manager** and make note of the machine host in **Listen Address**, here named it as `machineName`. Click **Servers** and make note of **Listen Port**, here named it as `port`. + * Go to [Azure Portal](https://ms.portal.azure.com/), and get DNS name from Virtual Machine has the same name of `machineName`, named it `machineDNS` + * Go to `http://${machineDNS}:${port}/basicauth`, the browser will prompt up to ask for credentials, input one of AAD users from group **AAD DC Administrators**, note that use name should be **sAMAccountName**, for example `wlstest` for user `wlstest@javaeehotmailcom.onmicrosoft.com`. + * Expected result, you can access the sample application without error. \ No newline at end of file diff --git a/subtemplate-src/cluster-customDNSTemplate.md b/subtemplate-src/cluster-customDNSTemplate.md new file mode 100644 index 000000000..944709c37 --- /dev/null +++ b/subtemplate-src/cluster-customDNSTemplate.md @@ -0,0 +1,174 @@ +{% include variables.md %} + +# Configure DNS alias to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a custom DNS alias. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Registered Domain Name + +You need to buy a domain name to create a custom DNS alias. + +### Azure DNS Zone + +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. + +```bash +$ nslookup -type=SOA contoso.com +Server: 172.29.80.1 +Address: 172.29.80.1#53 + +Non-authoritative answer: +contoso.com + origin = ns1-01.azure-dns.com + mail addr = azuredns-hostmaster.microsoft.com + serial = 1 + refresh = 3600 + retry = 300 + expire = 2419200 + minimum = 300 +Name: ns1-01.azure-dns.com +Address: 40.90.4.1 +Name: ns1-01.azure-dns.com +Address: 2603:1061::1 +``` + +We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. + +### Azure Managed Indentify + +If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + + +## Prepare the Parameters + +We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. + +| Parameter Name             | Explanation | +|----------------|-------------| +| `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| +| `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | +| `--artifact-location`| Required. See below for details. | +| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--location ` | Required. Must be the same region into which the server was initially deployed. | +| `--zone-name ` | Required. Azure DNS Zone name. | +| `--gateway-label` | Optional. Label for applciation gateway. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| +| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| +| `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | +| `--help` | Help. | + +### Artifacts location + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +## Invoke the Automation Script + +We provide an automation script to configure a custom DNS alias. The script lets you do the following: + + * If you have an Azure DNS Zone, it will create a DNS alias for the admin console and application gateway on the existing DNS Zone. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console and application gateway. + +### Configure DNS Alias on an Existing Azure DNS Zone + +To configure a DNS alias on an existing Azure DNS Zone, in addition to the required parameters, you must also specify an Azure user-assigned managed identity ID and the resource group name in which your DNS Zone is deployed. + +This is an example to create a DNS alias `admin.contoso.com` for the admin console and `applciations.contoso.com` for the application gateway on an existing Azure DNS Zone. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --gateway-label applications \ + --identity-id `yourIndentityID` \ + --zone-resource-group `yourDNSZoneResourceGroup` +``` + +An example output: + +```text +Done! + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + + + Application Gateway URL: http://applications.contoso.com + Application Gateway secured URL: https://applications.contoso.com +``` + + +### Configure DNS Alias on a New Azure DNS Zone + +To configure a DNS alias on a new Azure DNS Zone, you must specify the required parameters. + +This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console and `applications.contoso.com` for application gateway. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --gateway-label applications +``` + +An example output: + +```text +DONE! + + +Action required: + Complete Azure DNS delegation to make the alias accessible. + Reference: https://aka.ms/dns-domain-delegation + Name servers: + [ + "ns1-02.azure-dns.com.", + "ns2-02.azure-dns.net.", + "ns3-02.azure-dns.org.", + "ns4-02.azure-dns.info." + ] + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + + + Application Gateway URL: http://applications.contoso.com + Application Gateway secured URL: https://applications.contoso.com +``` + +**Note:** The DNS aliases are not accessible now, you must perform Azure DNS delegation after the deployment. Follow [Delegation of DNS zones with Azure DNS](https://aka.ms/dns-domain-delegation) to complete the Azure DNS delegation. + + +## Verify the Custom Alias + +Access the URL from output to verify if the custom alias works. diff --git a/subtemplate-src/cluster-deletenode.md b/subtemplate-src/cluster-deletenode.md new file mode 100644 index 000000000..2b3c3ceba --- /dev/null +++ b/subtemplate-src/cluster-deletenode.md @@ -0,0 +1,535 @@ +{% include variables.md %} + +# Delete nodes from {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to delete nodes using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the delete-node ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. You must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and nodes to be deleted. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `deletingManagedServerNames` | The names of managed server that you want to delete. | +| `deletingManagedServerMachineNames`| The resource names of Azure Virtual Machine hosting managed servers that you want to delete. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateDeleteNodeBasePath }} +``` + +### `deletingManagedServerNames` + +This value must be an array of strings, for example: `["msp1", "msp2"]`. + +You can get the server names from WebLogic Server Administration Console, following the steps: + +* Go to WebLogic Server Administration Console, http://admin-host:7001/console. + +* Go to **Environment** -> **Servers**. + + You will find all available servers. Server names are listed in **Name** column. + + Make note of the machine for the deleting servers, you need to find out corresponding Azure Virtual Machine names of those machines. + +### `deletingManagedServerMachineNames` + +This value must be an array of strings, for example: `["mspVM1", "mspVM2"]`. + +You can get the server names from WebLogic Server Administration Console, following the steps: + +* Go to WebLogic Server Administration Console, http://admin-host:7001/console. + +* Go to **Environment** -> **Machines**. + + Open the machine you noted down in step `deletingManagedServerNames`. + + Click **Configuration** -> **Node Manager**, you will get compute name from **Listen Address**. + + The Azure Virtual Machine name was set with the same value of compute name during {{ site.data.var.wlsFullBrandName }} deployment. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that here we do not include `adminVMName`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "deletingManagedServerNames": { + "value": [ + "msp4", + "mspStorage2" + ] + }, + "deletingManagedServerMachineNames": { + "value": [ + "mspVM4", + "mspStorageVM2" + ] + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the delete-node script + +To delete managed nodes completely, you have to delete managed servers logically from the WebLogic Server instance, and physically release Azure resources that host the managed servers. We realize the two purposes in different ways: + * Delete managed servers and machines logically from WebLogic Server instance by deploying delete-node ARM template with Azure CLI. You have to specify the parameters file. + * Release corresponding Azure resources by running Azure CLI commands. The following resources will be removed: + * Virtual Machines that host managed servers that will be deleted. + * Data disks attached to the Virtual Machines + * OS disks attached to the Virtual Machines + * Network Interfaces added to the Virtual Machines + * Public IPs attached to the Virtual Machines + * If the Application Gateway is deployed, will remove the manged server hosts from gateway. + +We have provided an automation script for above two purposes, you can delete managed nodes easily with the following instructions. + +### Invoke the script + +Assume your parameters file is available in the current directory and is named `parameters.json`. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +The following command runs the script in silent mode with option `-s`, this mode will delete managed nodes logically and physically. + +If you want to keep Azure resources, refer to [advanced usage](#advanced-usage) for further information. + +```bash +$ curl -fsSL {{ armTemplateDeleteNodeBasePath }}scripts/deletenode-cli.sh | /bin/bash -s -- -s -g `yourResourceGroup` -u {{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json -p parameters.json +``` + +The script will validate the template with your parameters file; deploy the template to delete managed servers from WebLogic Server cluster; run Azure CLI commands to delete corresponding Azure resources. + +This is an example output of successful deployment, the {{ site.data.var.wlsFullBrandName }} is deployed with Application Gateway. Look for `Completed!` in your output. + +```bash +{ + "error": null, + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/mainTemplate", + "name": "mainTemplate", + "properties": { + "correlationId": "cbfaa443-3a72-4217-83e1-cc91485597fa", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-07232", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceGroup": "oraclevm-cluster-07232", + "resourceName": "pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT0S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputs": null, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "deletingManagedServerMachineNames": { + "type": "Array", + "value": [ + "mspVM2" + ] + }, + "deletingManagedServerNames": { + "type": "Array", + "value": [ + "msp2" + ] + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsForceShutDown": { + "type": "String", + "value": "true" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "3171958496378517565", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-23T07:44:38.977624+00:00", + "validatedResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-7d4ae6d6-17c5-5168-b7d2-e0bf33a1e878", + "resourceGroup": "oraclevm-cluster-07232" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-07232" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceGroup": "oraclevm-cluster-07232" + } + ] + }, + "resourceGroup": "oraclevm-cluster-07232", + "type": "Microsoft.Resources/deployments" +} +Accepted: newuserscript (Microsoft.Compute/virtualMachines/extensions) +Accepted: deletenode-1595490274 (Microsoft.Resources/deployments) +Command ran in 102.719 seconds (init: 0.061, invoke: 102.658) +Extension 'resource-graph' is already installed. +List resource Ids to be deleted: +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/mspVM2 +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/networkInterfaces/mspVM2_NIC +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/publicIPAddresses/mspVM2_PublicIP +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/ORACLEVM-CLUSTER-07232/providers/Microsoft.Compute/disks/mspVM2_OsDisk_1_e6d8ffb0e73649a4a713acf5e6ca7099 +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/ORACLEVM-CLUSTER-07232/providers/Microsoft.Compute/disks/mspVM2_lun_0_2_942609646fdc4e1dab06b23ffeee650f +Are you sure to delete these resources (y/n)?Deleting managed resources...Please do not stop. +[ + null, + null, + null, + null, + null +] +Command ran in 112.375 seconds (init: 0.062, invoke: 112.313) +Check if application gateway has deployed... +Removing mspVM2 from application gateway, please do not stop. +{ + "backendAddresses": [ + { + "fqdn": "mspVM1", + "ipAddress": null + }, + { + "fqdn": "mspVM3", + "ipAddress": null + } + ], + "backendIpConfigurations": null, + "etag": "W/\"23399346-e17b-4f56-bda4-5e77c1d82195\"", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/applicationGateways/myAppGateway/backendAddressPools/myGatewayBackendPool", + "name": "myGatewayBackendPool", + "provisioningState": "Succeeded", + "resourceGroup": "oraclevm-cluster-07232", + "type": "Microsoft.Network/applicationGateways/backendAddressPools" +} + +Complete! +``` + +### Advanced usage + +If you want to learn more about the script and run it manually, follow the advanced instructions to interact with the ternimal. + + * Download the script + + ```bash + $ curl -fsSL {{ armTemplateDeleteNodeBasePath }}scripts/deletenode-cli.sh + ``` + + You will get a shell script named `deletenode-cli.sh` in your current directory. Usage of the script: + + ```bash + ./deletenode-cli.sh -h + usage: deletenode-cli.sh -g resource-group [-f template-file] [-u template-url] -p paramter-file [-h] + -g Azure Resource Group of the Vitural Machines that host deleting manages servers, must be specified. + -f Path of ARM template to delete nodes, must be specified -f option or -u option. + -u URL of ARM template, must be specified -f option or -u option. + -p Path of ARM parameter, must be specified. + -s Execute the script in silent mode. The script will input y automatically for the prompt. + -h Help + ``` + + You can not only run the script with a local template file by specifying `-f` option, but also with a templatle URL using `-u` option. + + * Run the script + + Run the script with your parameters file in your current directory. The following command runs with a template URL: + + ```bash + ./deletenode-cli.sh -g yourResourceGroup -u {{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json -p parameters.json + ``` + + Before deleting any Azure resource, the script will prompt up message **Are you sure to delete these resources (y/n)?** to comfirm if you want to delete Azure resources. If you input `Y/y`, the Azure resources will be deleted. Otherwise, keep the resource and exit. + + This is an example output of deployment that will not delete Azure resources from your resource group, the {{ site.data.var.wlsFullBrandName }} is deployed with Application Gateway. Look for `Completed!` in your output. + + ```bash + { + "error": null, + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/mainTemplate", + "name": "mainTemplate", + "properties": { + "correlationId": "4b15b45b-fb1f-4def-ad32-d96201000ac1", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-07232", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceGroup": "oraclevm-cluster-07232", + "resourceName": "pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT0S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputs": null, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "deletingManagedServerMachineNames": { + "type": "Array", + "value": [ + "mspVM3" + ] + }, + "deletingManagedServerNames": { + "type": "Array", + "value": [ + "msp3" + ] + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsForceShutDown": { + "type": "String", + "value": "true" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "3171958496378517565", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-24T04:17:38.500948+00:00", + "validatedResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-7d4ae6d6-17c5-5168-b7d2-e0bf33a1e878", + "resourceGroup": "oraclevm-cluster-07232" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-cluster-07232" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Resources/deployments/pid-4b263220-3cc6-53b9-aef3-23ad10c45d52", + "resourceGroup": "oraclevm-cluster-07232" + } + ] + }, + "resourceGroup": "oraclevm-cluster-07232", + "type": "Microsoft.Resources/deployments" +} +Succeeded: pid-7d4ae6d6-17c5-5168-b7d2-e0bf33a1e878 (Microsoft.Resources/deployments) +Accepted: deletenode-1595564252 (Microsoft.Resources/deployments) +Accepted: newuserscript (Microsoft.Compute/virtualMachines/extensions) +Command ran in 102.182 seconds (init: 0.089, invoke: 102.092) +Extension 'resource-graph' is already installed. +List resource Ids to be deleted: +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Compute/virtualMachines/mspVM3 +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/networkInterfaces/mspVM3_NIC +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/publicIPAddresses/mspVM3_PublicIP +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/ORACLEVM-CLUSTER-07232/providers/Microsoft.Compute/disks/mspVM3_OsDisk_1_d5e69682dbff491e97b7a04eea3896eb +/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/ORACLEVM-CLUSTER-07232/providers/Microsoft.Compute/disks/mspVM3_lun_0_2_f5bfbf93870f4ed3b1d90a8b953818e7 +Are you sure to delete these resources (y/n)?n +Check if application gateway has deployed... +Removing mspVM3 from application gateway, please do not stop. +{ + "backendAddresses": [ + { + "fqdn": "mspVM1", + "ipAddress": null + } + ], + "backendIpConfigurations": null, + "etag": "W/\"b6f76f57-be98-406d-ac9c-d11035fd3b5b\"", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-cluster-07232/providers/Microsoft.Network/applicationGateways/myAppGateway/backendAddressPools/myGatewayBackendPool", + "name": "myGatewayBackendPool", + "provisioningState": "Succeeded", + "resourceGroup": "oraclevm-cluster-07232", + "type": "Microsoft.Network/applicationGateways/backendAddressPools" +} + +Complete! + ``` + +## Verify + +### Verify if the managed servers are deleted from WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment** -> **Servers**. + You should see no server names that have been deleted listed in **Name** column. +* Go to **Environment -> Machines**. + You should see logical machines that host the servers that have been deleted are removed. + +### Verify if the Azure resources are deleted + +* Go to [Azure Portal](https://ms.portal.azure.com/). +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been removed. + + For example, I want to delete managed server `msp1`, corresponding Virtual Machine name is `mspVM1`, Azure resource names are: + * Virtual Machine: `mspVM1` + * Data Disk: `mspVM1_lun_0_2_9d41e2c965744665adb6965625c20d9a` + * OS Disk: `mspVM1_OsDisk_1_05a8d81f5d01419a97ee17a45f974dca` + * Network Interface: `mspVM1_NIC` + * Public IP: `mspVM1_PublicIP` + + All of these resource should be deleted after the script finishes, unless you don't expect to delete them without specifying "Y/y" to the prompt. \ No newline at end of file diff --git a/subtemplate-src/cluster-elkNestedTemplate.md b/subtemplate-src/cluster-elkNestedTemplate.md new file mode 100644 index 000000000..22052c79f --- /dev/null +++ b/subtemplate-src/cluster-elkNestedTemplate.md @@ -0,0 +1,399 @@ +{% include variables.md %} + +# Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to land logs to Elasticsearch and Kibana using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The ELK ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Virtual machine size requirement +Ensure the virtual machines that have been deployed have at least **2.5GB** of memory. The default virtual machine size for WLS does not have enough memory. Use at least `Standard_A2_v2`. + +### Elasticsearch instance + +Refer to [Create an an Elastic on Azure instance](https://aka.ms/arm-oraclelinux-wls-elk#create-an-an-elastic-on-azure-instance) + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the ELK ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. + +We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and Elasticsearch instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| Virtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server. | +| `elasticsearchEndpoint` | The Elasticsearch endpoint. | +| `elasticsearchPassword` | Password of the Elasticsearch account. Used to distibute message with REST API to Elasticsearch instance. | +| `elasticsearchUserName` | User name of the Elasticsearch account. | +| `location` | Must be the same region into which the server was initially deployed. | +| `logsToIntegrate` | Specify the WebLogic logs to export to Elasticsearch, you must select at least one log. | +| `managedServerPrefix` | Must be the same prefix with which the cluster was initially deployed. | +| `numberOfManagedApplicationInstances` | Number of VMs that have been deployed to host managed application server. | +| `numberOfManagedCacheInstances` | Number of VMs that have been deployed to host managed cache server, please set the value if your cluster is Coherence cluster. | +| `wlsDomainName` | Must be the same value provided at initial deployment time. | +| `wlsPassword` | Must be the same value provided at initial deployment time. | +| `wlsUserName` | Must be the same value provided at initial deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Number of Managed application instances + +You can get the existing Managed application instances number with the following command using Azure CLI. + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfManagedApplicationInstances=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}VM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfManagedApplicationInstances} +``` + +### Number of Managed cache instances + +This parameter works for Coherence cluster. If your cluster is not Coherence cluter, keep it with default value `0`. + +You can get the existing Managed cache instances number with the following command using Azure CLI. It should be `0` if no value returned. + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfManagedCacheInstances=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}StorageVM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfManagedCacheInstances} +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminVMName": { + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "value": "wlkpsw" + }, + "elasticsearchUserName": { + "value": "elastic" + }, + "location": { + "value": "eastus" + }, + "managedServerPrefix": { + "value": "msp" + }, + "numberOfManagedApplicationInstances": { + "value": 2 + }, + "numberOfManagedCacheInstances": { + "value": 0 + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to connect to Elasticsearch and Kinaba intance. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Resources/deployments/elkNestedTemplate", + "location": null, + "name": "elkNestedTemplate", + "properties": { + "correlationId": "61a46b43-27d0-4478-baba-c288059892d5", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Resources/deployments/pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT8M54.4785762S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "logIndex": { + "type": "String", + "value": "azure-weblogic-cluster-b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationELKTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "type": "String", + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "type": "SecureString" + }, + "elasticsearchUserName": { + "type": "String", + "value": "elastic" + }, + "guidValue": { + "type": "String", + "value": "b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "logsToIntegrate": { + "type": "Array", + "value": [ + "HTTPAccessLog", + "ServerLog", + "DomainLog", + "DataSourceLog", + "StandardErrorAndOutput", + "NodeManagerLog" + ] + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfManagedApplicationInstances": { + "type": "Int", + "value": 2 + }, + "numberOfManagedCacheInstances": { + "type": "Int", + "value": 1 + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "10060935779116645392", + "templateLink": null, + "timestamp": "2020-11-11T07:29:42.336797+00:00" + }, + "resourceGroup": "haiche-cluster-elk", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify ELK connection + +Follow the steps to check if WebLogic Server logs are exported to Elasticsearch. + +* Go to Azure portal +* Copy log index from your resource group -> deployments -> elkNestedTemplate -> output -> logIndex . +* Go to Elasticsearch cloud and launch Kibana. +* Create index + * Go to Kibana -> Management -> Kibana -> Index Patterns + * Click `Create index Patterns` + * Input the log index you copy from output in Index pattern + * There should be an index you can select, otherwise, the ELK deployment failed + * Next step + * Select `@timestamp` in Time Filter and hit `Create index pattern` +* View logs + * Go to Kibana -> Discover + * Select the index you just created + * You will find the WebLogic Server logs listed diff --git a/subtemplate-src/cluster-nsgRulesTemplate.md b/subtemplate-src/cluster-nsgRulesTemplate.md new file mode 100644 index 000000000..510330b3b --- /dev/null +++ b/subtemplate-src/cluster-nsgRulesTemplate.md @@ -0,0 +1,81 @@ +{% include variables.md %} + +# Apply Azure Network Security Rule ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to append addtional security rules to an existing Azure Network Security Group deployed with {{ site.data.var.wlsFullBrandName }} using the Azure CLI. + +## Prerequisies + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### Azure Network Security Group + +The Azure Network Security Rule ARM template will be applied to an existing Azure Network Security Group (NSG) instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Prepare the Parameters JSON file + +You must construct a parameter JSON file containing the parameters to the NSG template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. The options to this template declare the desired configuration of the NSG. + +| Parameter Name | Description | +| `denyPublicTrafficForAdminServer` | Deny public tranffic for the admin server on port 7001, 7002. | +| `denyPublicTrafficForManagedServer` | Deny public tranffic for the managed servers on port 8001. | +| `enableAppGateway` | We deal with the configuration for managed servers when the Application Gateway is enabled. | +| `networkSecurityGroupName` | The name of the NSG. | + +#### Example Parameters JSON file + +Here is a fully filled out parameters file, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "denyPublicTrafficForManagedServer": { + "value": true + }, + "denyPublicTrafficForAdminServer": { + "value": false + }, + "enableAppGateway": { + "value": true + }, + "networkSecurityGroupName": { + "value": "wls-nsg" + } + } +} +``` + +## Invoke the ARM template + +This section shows how to kick off the deployment step-by-step. After the deployment, your existing NSG will append two additional Inbound Rules for admin and managed servers. Here we assume you have the parameter file in the current directory, the file is named `parameters.json`, and your NSG is named `wls-nsg`. Don't forget to replace `yourResourceGroup` with the Azure resource group in which the NSG is created. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/nsgNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template with it + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/nsgNestedTemplate.json +``` + +## Verify the rules have been appended to the Azure Network Security Group successfully + +When the deployment is completed, you can verify the appended rules via Azure Portal +* Visit the Azure Network Security Group under your resource group used above. +* Go to `Settings -> Inbound security rules`. +* Verify there is a rule named `WebLogicAdminPortsAllowed` with **Priority = '210'; Port = '7001, 7002'; Protocol = 'TCP'; Source = '10.0.0.0/24'; Aciton = 'Allow'**. +* Verify there is a rule named `WebLogicManagedPortsDenied` with **Priority = '221'; Port = '8001'; Protocol = '*'; Aciton = 'Deny'**. + diff --git a/subtemplate-src/coherenceTemplate.md b/subtemplate-src/coherenceTemplate.md new file mode 100644 index 000000000..632ba5a98 --- /dev/null +++ b/subtemplate-src/coherenceTemplate.md @@ -0,0 +1,526 @@ +{% include variables.md %} + +# Configure Coherence cluster to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a Coherence cluster using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The Coherence ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +**Note:** if you have enabled Coherence in the initial offer deployment from Azure portal, the Coherence cluster has been set up, you don't need to run Coherence tempalte. + +### Elasticsearch instance + +Optional. + +Refer to [Create an an Elastic on Azure instance](https://aka.ms/arm-oraclelinux-wls-elk#create-an-an-elastic-on-azure-instance) + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the Coherence ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. + +The deployment of coherenceTemplate.json will: + * Provision Azure resources, including virtual machine, network interface, disk, public IP to host new Coherence cache servers. + * Configure WebLogic Coherence cluster, including: + * Create Coherence cluster `myCoherence` + * Create data tier `storage1` cluster. + * Associate `cluster1` and `storage1` to `myCoherence` cluster. + * Create cache servers and assign them to `storage1` cluster. + +We must specify the information of the existing {{ site.data.var.wlsFullBrandName }}. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminPasswordOrKey` | SSH Key or password for the Virtual Machine. SSH key is recommended. | +| `adminVMName`| Virtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server. | +| `elasticsearchEndpoint` | The Elasticsearch endpoint. | +| `elasticsearchPassword` | Password for the Elasticsearch account. | +| `elasticsearchUserName` | User name for the Elasticsearch account. | +| `enableCoherenceWebLocalStorage` | Specifies whether Local Storage is enabled for the Coherence*Web cluster tier. | +| `enableELK` | If true, use the supplied parameters to distribute WebLogic Server logs to the Elasticsearch instance. | +| `location` | Must be the same region into which the server was initially deployed. | +| `logIndex` | Elasticsearch index you expect to export the logs to. Must be the same value with output from initial ELK deployment. | +| `logsToIntegrate` | Specify the WebLogic logs to export to Elasticsearch, you must select at least one log. | +| `managedServerPrefix` | Must be the same prefix with which the cluster was initially deployed. | +| `numberOfCoherenceCacheInstances` | Number of Coherence cache servers, used to create Virtual Machines and Managed Server. | +| `skuUrnVersion` | Must be the same urn with which the cluster was initially deployed. | +| `storageAccountName` | The name of an existing storage account. | +| `vmSizeSelectForCoherence` | Select appropriate VM Size for Coherence cache servers. | +| `wlsDomainName` | Must be the same value provided at initial deployment time. | +| `wlsPassword` | Must be the same value provided at initial deployment time. | +| `wlsUserName` | Must be the same value provided at initial deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Log index + +If you configured ELK in your cluster to export WebLogic Server logs to ELK, please input the value of Kibana log index, this template will set up ELK connection and export logs to specified index. + +You can get the value from Azure portal with the following steps: + +* Go to Azure portal. +* Open you resource group and click **Deployments**. +* Open the ELK deployment, and click **Output**. +* Copy the value of `logIndex`. + +Alternatively, use Azure CLI command to list log index inside the resource group deployments: + +```shell +$ az deployment group list -g 'yourResourceGroup' --query [*].properties.outputs.logIndex.value +[ + "azure-weblogic-cluster-f984df74-ab4d-4c17-a532-7f248659fb28" +] +``` + +### Storage account + +Each Storage Account handles up to 20,000 IOPS, and 500TB of data. If you use a storage account for Standard Virtual Machines, you can store until 40 virtual disks. + +We have two disks for one Virtual Machine, it's suggested no more than 20 Virtual Machines share the same storage account. Number of virtual machines that hosting managed servers should be less than or equal to 20. + +You can get the name of storage account from Azure portal with steps: + + * Go to Azure portal + * Go to the your resource group + * Find storage account resource and copy its name + +Alternatively, use Azure CLI command to list storage account inside a resource group: + +```shell +$ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/storageAccounts --query [*].name +[ + "219846olvm" +] +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. This is an example to set up Coherence*Web. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminPasswordOrKey": { + "value": "jyfRat@nht2019" + }, + "adminVMName": { + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "value": "Secret123!" + }, + "elasticsearchUserName": { + "value": "elastic" + }, + "enableCoherenceWebLocalStorage": { + "value": true + }, + "enableELK": { + "value": true + }, + "managedServerPrefix": { + "value": "msp" + }, + "location": { + "value": "eastus" + }, + "logIndex": { + "value": "azure-weblogic-cluster-11122020" + }, + "logsToIntegrate": { + "value": ["HTTPAccessLog", "ServerLog", "DomainLog", "DataSourceLog", "StandardErrorAndOutput","NodeManagerLog"] + }, + "numberOfCoherenceCacheInstances": { + "value": 1 + }, + "skuUrnVersion": { + "value": "owls-122140-8u251-ol76;Oracle:weblogic-122140-jdk8u251-ol76:owls-122140-8u251-ol7;latest" + }, + "storageAccountName": { + "value": "d40140olvm" + }, + "vmSizeSelectForCoherence": { + "value": "Standard_A1" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with a Coherence cluster. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az deployment group validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/coherenceTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/coherenceTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/coherenceTemplate", + "location": null, + "name": "coherenceTemplate", + "properties": { + "correlationId": "07555c54-2384-4ca3-b427-6cf7d8b53052", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Resources/deployments/pid-157eaa6e-12ae-11eb-adc1-0242ac120002", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "pid-157eaa6e-12ae-11eb-adc1-0242ac120002", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM1_PublicIP", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1_PublicIP", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM1_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM1_NIC", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-06-01", + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Storage/storageAccounts/33f2e3olvm", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "33f2e3olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT9M26.6278882S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/networkInterfaces/mspStorageVM1_NIC", + "resourceGroup": "haiche-cluster-1106" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-1106/providers/Microsoft.Network/publicIPAddresses/mspStorageVM1_PublicIP", + "resourceGroup": "haiche-cluster-1106" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationCoherenceTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminUsername": { + "type": "String", + "value": "weblogic" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "wls" + }, + "enableCoherenceWebLocalStorage": { + "type": "Bool", + "value": true + }, + "guidValue": { + "type": "String", + "value": "b4c17707-b932-43f0-a4cc-6d6990bb850f" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfCoherenceCacheInstances": { + "type": "Int", + "value": 1 + }, + "skuUrnVersion": { + "type": "String", + "value": "owls-122130-8u131-ol74;Oracle:weblogic-122130-jdk8u131-ol74:owls-122130-8u131-ol7;latest" + }, + "storageAccountName": { + "type": "String", + "value": "33f2e3olvm" + }, + "usePreviewImage": { + "type": "Bool", + "value": false + }, + "vmSizeSelectForCoherence": { + "type": "String", + "value": "Standard_A1" + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "networkInterfaces" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "7840329080326569798", + "templateLink": null, + "timestamp": "2020-11-06T08:48:57.229200+00:00" + }, + "resourceGroup": "haiche-cluster-1106", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify Coherence cluster + +Follow the steps to check if Coherence*Web is enabled. + +* Follow the example parameters to set up Coherence*Web. +* Go to admin console portal. +* Deploy [coherence-sample.war](../resources/coherence-sample.war) to `cluster1`. + Please select `cluster1` in the Targets page. +* Start `coherence-sample`. +* Open the sample with browser, click "add session" to add session infomation. Click "test session" to verify. + +If the Coherence cluster does not set up successfully, the application deployment will fail. + +If the cache server does not work correctly, session can not be saved, as we disabled local storage in application servers. diff --git a/subtemplate-src/dbTemplate.md b/subtemplate-src/dbTemplate.md new file mode 100644 index 000000000..ac4ab4faf --- /dev/null +++ b/subtemplate-src/dbTemplate.md @@ -0,0 +1,332 @@ +{% include variables.md %} + +# Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure database using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Database Instance + +To apply configure a database with {{ site.data.var.wlsFullBrandName }}, +you must have an existing database instance to use. This template +supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +create one from the Azure portal. + +### Apply multiple databases + +You can deploy different databases using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. + +To apply multiple databases, you have to remove the previous virtual machine extension. Last ARM parameters file is cached, it will block you from configuring the new database. + +Use the following command to remove virtual machine extension: + +```bash +# remove existing vm extension +az vm extension delete -g ${yourResourceGroup} --vm-name ${adminVMName} --name newuserscript +``` + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the database ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and database instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `dbPassword`| See below for details. | +| `dbUser` | See below for details. | +| `dsConnectionURL`| See below for details. | +| `jdbcDataSourceName`| Must be the JNDI name for the JDBC DataSource. | +| `location` | Must be the same region into which the server was initially deployed. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Obtain the JDBC Connection String, Database User, and Database Password + +The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. + +#### Oracle Database: + +The following is the format of the JDBC connection string for Oracle Database: + +```bash +jdbc:oracle:thin:@HOSTNAME:1521/DATABASENAME +``` + +For example: + +```bash +jdbc:oracle:thin:@benqoiz.southeastasia.cloudapp.azure.com:1521/pdb1 +``` + +#### Azure Database for PostgreSQL: + +Deploy an Azure Database PostgreSQL as described in [Create an Azure Database for PostgreSQL server in the Azure portal](https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-portal). + +1. Access the [Azure portal](https://portal.azure.com), and go to the service instance. + +2. Click **Connection Strings** under **Settings**. + +3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: + +```bash +jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?user=jroybtvp@20191015cbfgterfdy&password={your_password}&sslmode=require +``` + +When passing this value to the ARM template, remove the database user and password values from the connection string, and let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: + +```bash +jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?sslmode=require +``` + +Finally, replace `{your_database}` with the name of your database, typically `postgres`. + +#### Azure SQL Server + +Deploy Azure SQL Server as described in [Create a single database in Azure SQL Database using the Azure portal, PowerShell, and Azure CLI](https://docs.microsoft.com/en-us/azure/sql-database/sql-database-single-database-get-started?tabs=azure-portal). + +1. Access the [Azure portal](https://portal.azure.com) and go to the service instance. + +2. Click **Connection Strings** under **Settings**. + +3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: + +```bash +jdbc:sqlserver://rwo102804.database.windows.net:1433;database=rwo102804;user=jroybtvp@rwo102804;password={your_password_here};encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30; +``` + +When passing this value to the ARM template, remove the database user and password values, let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: + +```bash +jdbc:sqlserver://rwo102804.database.windows.net:1433;database={your_database};encrypt=true;tr +``` + +Finally, replace `{your_database}` with the name of your database. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include `adminVMName`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation":{ + "value": "{{ armTemplateBasePath }}" + }, + "location": { + "value": "eastus" + }, + "databaseType": { + "value": "postgresql" + }, + "dsConnectionURL": { + "value": "jdbc:postgresql://ejb060801p.postgres.database.azure.com:5432/postgres?sslmode=require" + }, + "dbPassword": { + "value": "Secret123!" + }, + "dbUser": { + "value": "postgres@ejb060801p" + }, + "jdbcDataSourceName": { + "value": "jdbc/ejb060801p" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Resources/deployments/db", + "location": null, + "name": "db", + "properties": { + "correlationId": "6fc805b9-1c47-4b32-b9b0-59745a21e559", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-0602", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Resources/deployments/3b35b279-0e94-5264-85f5-0d9d662f8a38", + "resourceGroup": "oraclevm-admin-0602", + "resourceName": "3b35b279-0e94-5264-85f5-0d9d662f8a38", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT17.4377546S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-0602" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationDbTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "databaseType": { + "type": "String", + "value": "postgresql" + }, + "dbPassword": { + "type": "SecureString" + }, + "dbUser": { + "type": "String", + "value": "weblogic@oraclevm" + }, + "dsConnectionURL": { + "type": "String", + "value": "jdbc:postgresql://oraclevm.postgres.database.azure.com:5432/postgres" + }, + "jdbcDataSourceName": { + "type": "String", + "value": "jdbc/WebLogicCafeDB" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "6381424766408193665", + "templateLink": null, + "timestamp": "2020-06-02T06:05:03.141828+00:00" + }, + "resourceGroup": "oraclevm-admin-0602", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify Database Connection + +Follow the steps to check if the database has successfully been connected. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigation pane, expand the **Services** tree node and the **DataSources** child node. +* Select the row for the JDBC database name, for example `jdbc/WebLogicDB`. +* Select the **Monitoring** tab and the **Testing** sub-tab. +* Select `admin` and select **Test Data Source** +* If the database is enabled, you will see a message similar to "Test of jdbc/WebLogicDB on server admin was successful." diff --git a/subtemplate-src/dynamic-cluster-aadNestedTemplate.md b/subtemplate-src/dynamic-cluster-aadNestedTemplate.md new file mode 100644 index 000000000..aec3d8344 --- /dev/null +++ b/subtemplate-src/dynamic-cluster-aadNestedTemplate.md @@ -0,0 +1,308 @@ +{% include variables.md %} + +# Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure Active Directory Domain Service (AAD DS) using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The AAD ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Active Directory LDAP Instance + +To apply AAD to {{ site.data.var.wlsFullBrandName }}, you must have an existing Azure Active Directory LDAP instance to use. If you don't have AAD LADP instance, please follow the steps in the tutorial [Configure secure LDAP for an Azure Active Directory Domain Services managed domain](https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the AAD ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and AAD instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `aadsPortNumber` | (optional) The LDAP port number, defaults to 636. | +| `aadsPublicIP` | The IP address of the LDAP server | +| `aadsServerHost` | The hostname of the Active Directory Domain Services server. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `dynamicClusterSize` | Size of the dynamic cluster. | +| `location` | Must be the same region into which the server was initially deployed. | +| `managedServerPrefix` | Must be the same managed server prefix with that in initial deployed. | +| `wlsDomainName` | The name of the {{ site.data.var.wlsFullBrandName }} domain. | +| `wlsLDAPGroupBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains groups. | +| `wlsLDAPPrincipalPassword` | The credential (usually a password) used to connect to the LDAP server. | +| `wlsLDAPPrincipal` | The Distinguished Name (DN) of the LDAP user that {{ site.data.var.wlsFullBrandName }} should use to connect to the LDAP server. | +| `wlsLDAPProviderName` | (optional) The value used for creating authentication provider name of WebLogic Server. | +| `wlsLDAPSSLCertificate` | Client certificate that will be imported to trust store of SSL. | +| `wlsLDAPSSLCertificate` | See below for details. | +| `wlsLDAPUserBaseDN` | The base distinguished name (DN) of the tree in the LDAP directory that contains users. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### `wlsLDAPSSLCertificate` + +Use base64 to encode your existing SSL certificate. + +```bash +base64 your-certificate.cer -w 0 >temp.txt +``` + +Use the content as this file as the value of the `wlsLDAPSSLCertificate` parameter. + +### `dynamicClusterSize` + +Size of the dynamic cluster, it should equal to numbers of Virtual Machines that have names starting with `msp`. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. Pay attention to the value of `dynamicClusterSize`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "aadsPublicIP": { + "value": "1.2.3.4" + }, + "aadsServerHost": { + "value": "ladps.fabrikam.com" + }, + "location": { + "value": "eastus" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsLDAPGroupBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipal": { + "value": "CN=WLSTest,OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "value": "Secret123!" + }, + "wlsLDAPSSLCertificate": { + "value": "MIIKQQIBAz....EkAgIIAA==" + }, + "wlsLDAPUserBaseDN": { + "value": "OU=AADDC Users,DC=fabrikam,DC=com" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified AAD. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/aadNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/cli", + "location": null, + "name": "cli", + "properties": { + "correlationId": "6d98e1c8-0778-4fa5-a30a-8f10bbbb6818", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Resources/deployments/pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceGroup": "oraclevm-admin-06082", + "resourceName": "pid-8295df19-fe6b-5745-ad24-51ef66522b24", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT2M59.6052694S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-06082/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-06082" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationAADTemplate": { + "type": "String", + "value": "https://raw.githubusercontent.com/galiacheng/arm-oraclelinux-wls-admin/deploy/src/main/arm/" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "aadsPortNumber": { + "type": "String", + "value": "636" + }, + "aadsPublicIP": { + "type": "String", + "value": "40.76.11.111" + }, + "aadsServerHost": { + "type": "String", + "value": "ladps.wls-security.com" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsDomainName": { + "type": "String", + "value": "adminDomain" + }, + "wlsLDAPGroupBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipal": { + "type": "String", + "value": "CN=WLSTest,OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsLDAPPrincipalPassword": { + "type": "SecureString" + }, + "wlsLDAPProviderName": { + "type": "String", + "value": "AzureActiveDirectoryProvider" + }, + "wlsLDAPSSLCertificate": { + "type": "String", + "value": "LS0tLS1...LQ0K" + }, + "wlsLDAPUserBaseDN": { + "type": "String", + "value": "OU=AADDC Users,DC=wls-security,DC=com" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "2818584196763146470", + "templateLink": null, + "timestamp": "2020-06-09T07:07:03.444046+00:00" + }, + "resourceGroup": "oraclevm-admin-06082", + "type": "Microsoft.Resources/deployments" +} + +``` + +## Verify AAD Integration + +Follow the steps to check if AAD is enabled. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Providers**. +* If the integration was successful, you will find the AAD provider for example `AzureActiveDirectoryProvider`. +* In the left navigator, expand the tree to select **Security Realms** -> **myrealm** -> **Users and Groups**. +* If the integration was successful, you will find users from the AAD provider. diff --git a/subtemplate-src/dynamic-cluster-addnode.md b/subtemplate-src/dynamic-cluster-addnode.md new file mode 100644 index 000000000..a7fcb016e --- /dev/null +++ b/subtemplate-src/dynamic-cluster-addnode.md @@ -0,0 +1,684 @@ +{% include variables.md %} + +# Add nodes to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to add add new managed application nodes using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Active Directory LDAP Instance + +Refer to [Azure Active Directory(AAD) LDAP Instance](aadNestedTemplate.html#azure-active-directory-ldap-instance). + +### Administering Security for Oracle WebLogic Server & Configuring KeyStores + +Refer to [Configuring Keystores](https://docs.oracle.com/en/middleware/fusion-middleware/weblogic-server/12.2.1.4/secmg/identity_trust.html). + +### Generate Base64 string for a given ssl certificate/keystore file + +Use the following command to generate a Base64 string for a given ssl certificate/keystore file, to be used as input in the parameters JSON file + +
base64 /my/path/your-certificate.cer -w 0 >temp.txt
+ + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the add-node ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. You must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and nodes that to be added. This section shows how to obtain the values for the following required properties. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Parameter NameExplanation
_artifactsLocationSee below for details.
aadsSettingsOptional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. See the page WebLogic to Azure with AAD via LDAP for further information.
enableIf enable is true, must specify all properties of the aadSettings.
publicIPThe public IP address of Azure Active Directory LDAP server.
serverHostThe server host of Azure Active Directory LDAP server.
certificateBase64StringThe based64 string of LADP client certificate that will be imported to trust store of WebLogic Server to enable SSL connection of AD provider.
adminPasswordOrKeyPassword of administration account for the new Virtual Machine that host new nodes.
adminURLThe URL of WebLogic Administration Server, usually made up with Virtual Machine name and port, for example: adminVM:7001.
elkSettingsOptional. JSON object type. You can specify this parameters for Elasticsearch and Kibana(ELK) connection. If enable is true, must specify other properties. See the page WebLogic with Elastic on Azure for further information.
enableIf enable is true, must specify all properties of the elkSettings.
elasticsearchEndpointEndpoint of the Elasticsearch instance.
elasticsearchPasswordPassword for Elasticsearch account.
elasticsearchUserNameUser name for Elasticsearch account.
logIndexMust be the same value output at ELK deployment time.
logsToIntegrateArray with string value. Specify the expeted logs to integrate, you must input at least one log.
numberOfExistingNodesThe number of existing managed application nodes, used to generate new virtual machine name,.
numberOfNewNodesThe number of nodes to add.
storageAccountNameThe name of an existing storage account.
wlsDomainNameMust be the same value provided at deployment time.
wlsUserNameMust be the same value provided at deployment time.
wlsPasswordMust be the same value provided at deployment time.
customSSLSettingsOptional. JSON object type. You can specify this parameters for configuring Custom SSL Settings for WebLogic Administration Server. If enable is true, must specify other properties. See the page Administering Security for Oracle WebLogic Server and Configuring Keystores for further information.
enableIf enable is true, must specify all properties of the customSSLSettings. +  Set to false by default.
customIdentityKeyStoreBase64StringThe based64 string of the custom identity keystore file that will be configured in the WebLogic Administration Server to enable SSL connection.
customIdentityKeyStorePassPhraseThe identity keystore pass phrase
customIdentityKeyStoreTypeIdentity Key Store Type. This can be either JKS or PKCS12
customTrustKeyStoreBase64StringThe based64 string of the custom trust keystore file that will be configured in the WebLogic Administration Server to enable SSL connection.
customTrustKeyStorePassPhraseThe trust keystore pass phrase
customTrustKeyStoreTypeTrust Key Store Type. This can be either JKS or PKCS12
privateKeyAliasThe private key alias
privateKeyPassPhraseThe private Key Pass phrase.
+ +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateAddNodeBasePath }} +``` + +### Existing managed application servers +To differentiate functionality of managed servers, we use **managed application server** to represent managed servers that host Java EE application, and use **managed cache server** to represent managed servers that used for cache. + +You can get the existing managed application nodes with the following command: + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfExistingNodes=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}VM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfExistingNodes} +``` + +### Log index + +If you configured ELK in your cluster to export WebLogic Server logs to ELK, please input the value of Kibana log index, this template will set up ELK connection and export logs to specified index. + +You can get the value from Azure portal with the following steps: + +* Go to Azure portal. +* Open you resource group and click **Deployments**. +* Open the ELK deployment, and click **Output**. +* Copy the value of `logIndex`. + +Alternatively, use Azure CLI command to list log index inside the resource group deployments: + +```shell +$ az deployment group list -g 'yourResourceGroup' --query [*].properties.outputs.logIndex.value +[ + "azure-weblogic-cluster-f984df74-ab4d-4c17-a532-7f248659fb28" +] +``` + +### Storage account + +Each Storage Account handles up to 20,000 IOPS, and 500TB of data. If you use a storage account for Standard Virtual Machines, you can store until 40 virtual disks. + +We have two disks for one Virtual Machine, it's suggested no more than 20 Virtual Machines share the same storage account. Number of virtual machines that hosting managed servers should be less than or equal to 20. + +You can get the name of storage account from Azure portal with steps: + + * Go to Azure portal + * Go to the your resource group + * Find storage account resource and copy its name + +Alternatively, use Azure CLI command to list storage account inside a resource group: + +```shell +$ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/storageAccounts --query [*].name +[ + "219846olvm" +] +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateAddNodeBasePath }}" + }, + "aadsSettings": { + "value": { + "enable": true, + "publicIP":"13.68.244.90", + "serverHost": "ladps.wls-security.com", + "certificateBase64String":"LS0tLS1C...tLS0tLQ0K" + } + }, + "adminPasswordOrKey": { + "value": "Secret123!" + }, + "adminURL":{ + "value": "adminVM:7001" + }, + "elkSettings": { + "value": { + "enable": true, + "elasticsearchEndpoint":"https://example.eastus2.azure.elastic-cloud.com:9243", + "elasticsearchPassword": "Secret123!", + "elasticsearchUserName":"elastic", + "logIndex": "azure-weblogic-dynamic-cluster-11122020", + "logsToIntegrate": ["HTTPAccessLog", "ServerLog", "DomainLog", "DataSourceLog", "StandardErrorAndOutput", "NodeManagerLog"] + } + }, + "location": { + "value": "eastus" + }, + "numberOfExistingNodes": { + "value": 4 + }, + "numberOfNewNodes": { + "value": 3 + }, + "storageAccountName": { + "value": "496dfdolvm" + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsUserName": { + "value": "weblogic" + }, + "wlsPassword": { + "value": "welcome1" + }, + "customSSLSettings": { + "value": { + "enable": true, + "customIdentityKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAQAKc2VydmV....QZL24ljJLq", + "customIdentityKeyStorePassPhrase": "mypassword", + "customIdentityKeyStoreType": "JKS", + "customTrustKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAgAJdHJ1c3R....Td4bYVnONyS0PC7k=", + "customTrustKeyStorePassPhrase": "mypassword", + "customTrustKeyStoreType": "JKS", + "privateKeyAliasSecret": "servercert", + "privateKeyPassPhraseSecret": "mypassword" + } + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to add new nodes. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddNodeBasePath }}arm/mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateAddNodeBasePath }}arm/mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```bash +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Resources/deployments/mainTemplate", + "location": null, + "name": "mainTemplate", + "properties": { + "correlationId": "54517529-a1c4-422f-a539-23b9a5129e80", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Resources/deployments/pid-c7671c10-ae59-5ec5-bff3-c60db22d7ea4", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "pid-c7671c10-ae59-5ec5-bff3-c60db22d7ea4", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/publicIPAddresses/mspVM7_PublicIP", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_PublicIP", + "resourceType": "Microsoft.Network/publicIPAddresses" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7_NIC", + "resourceType": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "2019-06-01", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Storage/storageAccounts/09b943olvm", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "09b943olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7", + "resourceType": "Microsoft.Compute/virtualMachines" + }, + { + "actionName": "listKeys", + "apiVersion": "2019-04-01", + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Storage/storageAccounts/09b943olvm", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "09b943olvm", + "resourceType": "Microsoft.Storage/storageAccounts" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727", + "resourceName": "mspVM7/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT9M6.8098765S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Compute/virtualMachines/mspVM7/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/networkInterfaces/mspVM7_NIC", + "resourceGroup": "oraclevm-dcluster-0727" + }, + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-dcluster-0727/providers/Microsoft.Network/publicIPAddresses/mspVM7_PublicIP", + "resourceGroup": "oraclevm-dcluster-0727" + } + ], + "outputs": { + "wlsDomainLocation": { + "type": "String", + "value": "/u01/domains/wlsd" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateAddNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "aadsSettings": { + "type": "Object", + "value": { + "certificateBase64String": "LS0tLS1C...S0tLQ0K", + "enable": true, + "publicIP": "40.76.11.111", + "serverHost": "ladps.wls-security.com" + } + }, + "adminPasswordOrKey": { + "type": "SecureString" + }, + "adminURL": { + "type": "String", + "value": "adminVM:7001" + }, + "adminUsername": { + "type": "String", + "value": "weblogic" + }, + "authenticationType": { + "type": "String", + "value": "password" + }, + "dnsLabelPrefix": { + "type": "String", + "value": "wls" + }, + "guidValue": { + "type": "String", + "value": "67657ba3-6248-46e5-bedc-53e16ac82571" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "numberOfExistingNodes": { + "type": "Int", + "value": 7 + }, + "numberOfNewNodes": { + "type": "Int", + "value": 1 + }, + "skuUrnVersion": { + "type": "String", + "value": "owls-122130-8u131-ol74;Oracle:weblogic-122130-jdk8u131-ol74:owls-122130-8u131-ol7;1.1.1" + }, + "storageAccountName": { + "type": "String", + "value": "09b943olvm" + }, + "usePreviewImage": { + "type": "Bool", + "value": false + }, + "vmSizeSelect": { + "type": "String", + "value": "Standard_A3" + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + }, + "customSSLSettings": { + "type": "Object", + "value": { + "enable": true, + "customIdentityKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAQAKc2VydmV....QZL24ljJLq", + "customIdentityKeyStorePassPhrase": "mypassword", + "customIdentityKeyStoreType": "JKS", + "customTrustKeyStoreBase64String": "/u3+7QAAAAIAAAABAAAAAgAJdHJ1c3R....Td4bYVnONyS0PC7k=", + "customTrustKeyStorePassPhrase": "mypassword", + "customTrustKeyStoreType": "JKS", + "privateKeyAliasSecret": "servercert", + "privateKeyPassPhraseSecret": "mypassword" + } + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Network", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "publicIPAddresses" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "networkInterfaces" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines" + }, + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "15879952829017360289", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateAddNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-27T12:37:03.733682+00:00" + }, + "resourceGroup": "oraclevm-dcluster-0727", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify + +### Verify if new nodes are added to the WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment -> Machines**. + You should see logical machines with suffix from `numberOfExistingNodes` to `numberOfExistingNodes + numberOfNewNodes` are added. + Make note of the total number of machines. + +* Scale up to check if the machines work + * Go to **Environment** -> **Cluster** -> `cluster1` -> **Control** -> **Scaling**. + + Input value to **Desired Number of Running Servers** with the total number of machines, saved in last step. + * Save and activate. + * Go to **Environment** -> **Servers**. + + Expected result: the running managed server number is the same as machine total number. And there are servers running on the new managed nodes. + +### Verify if Azure resources are added + +* Go to [Azure Portal](https://ms.portal.azure.com/). +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been added. + +### Verify AAD Integration + +Verify AAD integration by delpoying a simple Java EE applciation with basic authentication. + +* Go to Administration Server Console and deploy [testing application](../resources/basicauth.war). + * Select **Deployments**. + * Select **Install**. + * Select file `basicauth.war`. + * Select **Next**. Choose "Install this deployment as an application". + * Select **Next**. Select "cluster-1" and "All servers in the cluster". + * Keep configuration as default and select **Finish**. + * Select **Activate Changes** + * In the left navigation pane, select **Deployments**. + * Select **Control** + * Select `basicauth` + * Select **Start** + * Select **Servicing all requests** + +* Access the sample application + * Go to Administration Server Console + * Go to **Environment -> Machines**. Click one of the new machines, make sure there are servers running on that machine. Click **Node Manager** and make note of the machine host in **Listen Address**, here named it as `machineName`. Click **Servers** and make note of **Listen Port**, here named it as `port`. + * Go to [Azure Portal](https://ms.portal.azure.com/), and get DNS name from Virtual Machine has the same name of `machineName`, named it `machineDNS` + * Go to `http://${machineDNS}:${port}/basicauth`, the browser will prompt up to ask for credentials, input one of AAD users from group **AAD DC Administrators**, note that use name should be **sAMAccountName**, for example `wlstest` for user `wlstest@javaeehotmailcom.onmicrosoft.com`. + * Expected result, you can access the sample application without error. diff --git a/subtemplate-src/dynamic-cluster-customDNSTemplate.md b/subtemplate-src/dynamic-cluster-customDNSTemplate.md new file mode 100644 index 000000000..5e6921581 --- /dev/null +++ b/subtemplate-src/dynamic-cluster-customDNSTemplate.md @@ -0,0 +1,177 @@ +{% include variables.md %} + +# Configure DNS alias to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a custom DNS alias. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Registered Domain Name + +You need to buy a domain name to create a custom DNS alias. + +### Azure DNS Zone + +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. + +```bash +$ nslookup -type=SOA contoso.com +Server: 172.29.80.1 +Address: 172.29.80.1#53 + +Non-authoritative answer: +contoso.com + origin = ns1-01.azure-dns.com + mail addr = azuredns-hostmaster.microsoft.com + serial = 1 + refresh = 3600 + retry = 300 + expire = 2419200 + minimum = 300 +Name: ns1-01.azure-dns.com +Address: 40.90.4.1 +Name: ns1-01.azure-dns.com +Address: 2603:1061::1 +``` + +We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. + +### Azure Managed Indentify + +If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + + +## Prepare the Parameters + +We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. + +| Parameter Name             | Explanation | +|----------------|-------------| +| `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| +| `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | +| `--artifact-location`| Required. See below for details. | +| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--location` | Required. Must be the same region into which the server was initially deployed. | +| `--zone-name` | Required. Azure DNS Zone name. | +| `--ohs-vm-name` | Optional. Specify name of the VM that hosts the Oracle HTTP Server Load Balancer. | +| `--loadbalancer-label` | Optional. Label for Load Balancer. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| +| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| +| `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | +| `--help` | Help. | + +### Artifacts location + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +## Invoke the Automation Script + +We provide an automation script to configure a custom DNS alias. The script lets you do the following: + + * If you have an Azure DNS Zone, it will create a DNS alias for the admin console and application gateway on the existing DNS Zone. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console and application gateway. + +### Configure DNS Alias on an Existing Azure DNS Zone + +To configure a DNS alias on an existing Azure DNS Zone, in addition to the required parameters, you must also specify an Azure user-assigned managed identity ID and the resource group name in which your DNS Zone is deployed. + +This is an example to create a DNS alias `admin.contoso.com` for the admin console and `applciations.contoso.com` for the application gateway on an existing Azure DNS Zone. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --ohs-vm-name ohsVM \ + --loadbalancer-label applications \ + --identity-id `yourIndentityID` \ + --zone-resource-group `yourDNSZoneResourceGroup` +``` + +An example output: + +```text +Done! + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + + + Application Gateway URL: http://applications.contoso.com:7777 + Application Gateway secured URL: https://applications.contoso.com:4444 +``` + + +### Configure DNS Alias on a New Azure DNS Zone + +To configure a DNS alias on a new Azure DNS Zone, you must specify the required parameters. + +This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console and `applications.contoso.com` for application gateway. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --ohs-vm-name ohsVM \ + --loadbalancer-label applications +``` + +An example output: + +```text +DONE! + + +Action required: + Complete Azure DNS delegation to make the alias accessible. + Reference: https://aka.ms/dns-domain-delegation + Name servers: + [ + "ns1-02.azure-dns.com.", + "ns2-02.azure-dns.net.", + "ns3-02.azure-dns.org.", + "ns4-02.azure-dns.info." + ] + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + + + Application Gateway URL: http://applications.contoso.com:7777 + Application Gateway secured URL: https://applications.contoso.com:4444 +``` + +**Note:** The DNS aliases are not accessible now, you must perform Azure DNS delegation after the deployment. Follow [Delegation of DNS zones with Azure DNS](https://aka.ms/dns-domain-delegation) to complete the Azure DNS delegation. + + +## Verify the Custom Alias + +Access the URL from output to verify if the custom alias works. diff --git a/subtemplate-src/dynamic-cluster-deletenode.md b/subtemplate-src/dynamic-cluster-deletenode.md new file mode 100644 index 000000000..a87dc0cd4 --- /dev/null +++ b/subtemplate-src/dynamic-cluster-deletenode.md @@ -0,0 +1,482 @@ +{% include variables.md %} + +# Delete nodes from {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to delete nodes using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters that to the delete-node ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. You must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and nodes that to be deleted. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `deletingCacheServerNames`| (Optional) Names of cache servers to be deleted, comma delimited. Please ignore this parameter if you are not deleting cache servers. | +| `deletingManagedServerMachineNames`| The resource names of Azure Virtual Machine hosting managed nodes that you want to delete. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateDeleteNodeBasePath }} +``` + +### Server names + +This value must be an array of strings, with pattern `^${managedServerPrefix}Storage[0-9]+$`, for example: `["mspStorage1", "mspStorage2"]`. + +You can get the server names from WebLogic Server Administration Console, following the steps: + +* Go to WebLogic Server Administration Console, http://admin-host:7001/console. + +* Go to **Environment** -> **Servers**. + + Server names are listed in the first column. + + If you want to remove coresponding virtual machine, please go to [Machine names](#machine-names) to obtain machine names. + +### Machine names + +This value must be an array of strings, for example: `["mspVM1", "mspVM2", "mspStorageVM2"]`. + +You can get the machine names from WebLogic Server Administration Console, following the steps: + +* Go to WebLogic Server Administration Console, http://admin-host:7001/console. + +* Go to **Environment** -> **Machines**. + + Open the machine you want to delete. + + Click **Configuration** -> **Node Manager**, you will get compute name from **Listen Address**. + + The Azure Virtual Machine name was set with the same value of compute name during {{ site.data.var.wlsFullBrandName }} deployment. + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we do not include `adminVMName`. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "deletingCacheServerNames": { + "value": [ + "mspStorage2" + ] + }, + "deletingManagedServerMachineNames": { + "value": [ + "mspVM4", + "mspStorageVM2" + ] + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the delete-node script + +To delete managed nodes completely, you have to delete managed nodes logically from the WebLogic Server instance, and physically release Azure resources that host the managed nodes. We realize the two purposes in different ways: + * Delete machines logically from WebLogic Server instance by deploying delete-node ARM template with Azure CLI. You have to specify the parameters file. + The cluster will restart after deleting the machines, and manages servers may be reallocated to another existing machine. + * Release corresponding Azure resources by running Azure CLI commands. The following resources will be removed: + * Virtual Machines that host managed nodes that will be deleted. + * Data disks attached to the Virtual Machines + * OS disks attached to the Virtual Machines + * Network Interfaces added to the Virtual Machines + * Public IPs attached to the Virtual Machines + +We have provided an automation script for above two purposes, you can delete managed nodes easily with the following instructions. + +### Invoke the script + +Assume your parameters file is available in the current directory and is named `parameters.json`. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +The following command runs the script in silent mode with option `-s`, this mode will delete managed nodes logically and physically. + +If you want to keep Azure resources, refer to [advanced usage](#advanced-usage) for further information. + +```bash +$ curl -fsSL {{ armTemplateDeleteNodeBasePath }}scripts/deletenode-cli.sh | /bin/bash -s -- -s -g `yourResourceGroup` -u {{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json -p parameters.json +``` + +The script will validate the template with your parameters file; deploy the template to delete managed servers from WebLogic Server cluster; run Azure CLI commands to delete corresponding Azure resources. + +This is an example output of successful deployment, the {{ site.data.var.wlsFullBrandName }} is deployed with Application Gateway. Look for `Completed!` in your output. + +```bash +{ + "error": null, + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/mainTemplate", + "name": "mainTemplate", + "properties": { + "correlationId": "be24f5de-1fdf-4fc6-be97-ac53af3ccd3c", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-07222", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceGroup": "oraclevm-dcluster-07222", + "resourceName": "pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT0S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputs": null, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "deletingManagedServerMachineNames": { + "type": "Array", + "value": [ + "mspVM1" + ] + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsForceShutDown": { + "type": "String", + "value": "true" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "17905048512558945100", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-23T08:36:10.953240+00:00", + "validatedResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-a816a607-eb8a-5aa1-9475-c3fba6994679", + "resourceGroup": "oraclevm-dcluster-07222" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-07222" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceGroup": "oraclevm-dcluster-07222" + } + ] + }, + "resourceGroup": "oraclevm-dcluster-07222", + "type": "Microsoft.Resources/deployments" +} +Command ran in 46.180 seconds (init: 0.064, invoke: 46.116) +Extension 'resource-graph' is already installed. +List resource Ids to be deleted: +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/mspVM1 +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Network/networkInterfaces/mspVM1NIC +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Network/publicIPAddresses/mspVM1PublicIP +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/ORACLEVM-DCLUSTER-07222/providers/Microsoft.Compute/disks/mspVM1_OsDisk_1_e490d8e72ef14081aea596eab709efef +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/ORACLEVM-DCLUSTER-07222/providers/Microsoft.Compute/disks/mspVM1_lun_0_2_bb9f86a391c34e2d8dbe3b1b408d4952 +Are you sure to delete these resources (y/n)?Deleting managed resources...Please do not stop. +Deleting managed resources...Please do not stop. +[ + null, + null, + null, + null, + null +] +Command ran in 99.764 seconds (init: 0.068, invoke: 99.696) + +Complete! +``` + +### Advanced usage + +If you want to learn more about the script and run it manually, follow the advanced instructions to interact with the ternimal. + + * Download the script + + ```bash + $ curl -fsSL {{ armTemplateDeleteNodeBasePath }}scripts/deletenode-cli.sh + ``` + + You will get a shell script named `deletenode-cli.sh` in your current directory. Usage of the script: + + ```bash + ./deletenode-cli.sh -h + usage: deletenode-cli.sh -g resource-group [-f template-file] [-u template-url] -p paramter-file [-h] + -g Azure Resource Group of the Vitural Machines that host deleting manages servers, must be specified. + -f Path of ARM template to delete nodes, must be specified -f option or -u option. + -u URL of ARM template, must be specified -f option or -u option. + -p Path of ARM parameter, must be specified. + -s Execute the script in silent mode. The script will input y automatically for the prompt. + -h Help + ``` + + You can not only run the script with a local template file by specifying `-f` option, but also with a templatle URL using `-u` option. + + * Run the script + + Run the script with your parameters file in your current directory. The following command runs with a template URL: + + ```bash + ./deletenode-cli.sh -g yourResourceGroup -u {{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json -p parameters.json + ``` + + Before deleting any Azure resource, the script will prompt up message **Are you sure to delete these resources (y/n)?** to comfirm if you want to delete Azure resources. If you input `Y/y`, the Azure resources will be deleted. Otherwise, keep the resource and exit. + + This is an example output of deployment that will not delete Azure resources from your resource group, the {{ site.data.var.wlsFullBrandName }} is deployed with Application Gateway. Look for `Completed!` in your output. + + ```bash + { + "error": null, + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/mainTemplate", + "name": "mainTemplate", + "properties": { + "correlationId": "be24f5de-1fdf-4fc6-be97-ac53af3ccd3c", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-07222", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceGroup": "oraclevm-dcluster-07222", + "resourceName": "pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT0S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputs": null, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateDeleteNodeBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "deletingManagedServerMachineNames": { + "type": "Array", + "value": [ + "mspVM1" + ] + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsForceShutDown": { + "type": "String", + "value": "true" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "17905048512558945100", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "{{ armTemplateDeleteNodeBasePath }}arm/mainTemplate.json" + }, + "timestamp": "2020-07-23T08:36:10.953240+00:00", + "validatedResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-a816a607-eb8a-5aa1-9475-c3fba6994679", + "resourceGroup": "oraclevm-dcluster-07222" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-dcluster-07222" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Resources/deployments/pid-db9aa5e4-1e77-5f54-af38-9a7515cd27ab", + "resourceGroup": "oraclevm-dcluster-07222" + } + ] + }, + "resourceGroup": "oraclevm-dcluster-07222", + "type": "Microsoft.Resources/deployments" +} +Command ran in 46.180 seconds (init: 0.064, invoke: 46.116) +Extension 'resource-graph' is already installed. +List resource Ids to be deleted: +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Compute/virtualMachines/mspVM1 +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Network/networkInterfaces/mspVM1NIC +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/oraclevm-dcluster-07222/providers/Microsoft.Network/publicIPAddresses/mspVM1PublicIP +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/ORACLEVM-DCLUSTER-07222/providers/Microsoft.Compute/disks/mspVM1_OsDisk_1_e490d8e72ef14081aea596eab709efef +/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/ORACLEVM-DCLUSTER-07222/providers/Microsoft.Compute/disks/mspVM1_lun_0_2_bb9f86a391c34e2d8dbe3b1b408d4952 +Are you sure to delete these resources (y/n)?n + +Complete! + ``` + +## Verify + +### Verify if the managed servers are deleted from WebLogic Server instance. + +* Go to the {{ site.data.var.wlsFullBrandName }} Administration Console. +* Go to **Environment** -> **Machines**. + + You should see the logical machine names (e.g. `machine-mspVM1`) that have been deleted is not listed in **Name** column. + +### Verify if the Azure resources are deleted + +* Go to Azure Portal, https://ms.portal.azure.com/. +* Go to resource group that the {{ site.data.var.wlsFullBrandName }} is deployed. + + You should see corresponding Vitual Machines, Disks, Network Interfaces, Public IPs have been removed. + + For example, I want to delete managed server `msp1`, corresponding Virtual Machine name is `mspVM1`, Azure resource names are: + * Virtual Machine: `mspVM1` + * Data Disk: `mspVM1_lun_0_2_9d41e2c965744665adb6965625c20d9a` + * OS Disk: `mspVM1_OsDisk_1_05a8d81f5d01419a97ee17a45f974dca` + * Network Interface: `mspVM1_NIC` + * Public IP: `mspVM1_PublicIP` + + All of these resource should be deleted after the script finishes, unless you don't expect to delete them without specifying "Y/y" to the prompt. + + diff --git a/subtemplate-src/dynamic-cluster-elkNestedTemplate.md b/subtemplate-src/dynamic-cluster-elkNestedTemplate.md new file mode 100644 index 000000000..08fa9b092 --- /dev/null +++ b/subtemplate-src/dynamic-cluster-elkNestedTemplate.md @@ -0,0 +1,406 @@ +{% include variables.md %} + +# Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} to land logs to Elasticsearch and Kibana using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The ELK ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Virtual machine size requirement +Ensure the virtual machines that have been deployed have at least **2.5GB** of memory. The default virtual machine size for WLS does not have enough memory. Use at least `Standard_A2_v2`. + +### Elasticsearch instance + +Refer to [Create an an Elastic on Azure instance](https://aka.ms/arm-oraclelinux-wls-elk#create-an-an-elastic-on-azure-instance) + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the ELK ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. + +We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and Elasticsearch instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| Virtual machine name of which hosts the {{ site.data.var.wlsFullBrandName }} admin server. | +| `elasticsearchEndpoint` | The Elasticsearch endpoint. | +| `elasticsearchPassword` | Password for the Elasticsearch account. | +| `elasticsearchUserName` | User name for the Elasticsearch account. | +| `location` | Must be the same region into which the server was initially deployed. | +| `logsToIntegrate` | Specify the WebLogic logs to export to Elasticsearch, you must select at least one log. | +| `managedServerPrefix` | Must be the same prefix with which the cluster was initially deployed. | +| `maxDynamicClusterSize` | Must be the same value with which the cluster was initially deployed. | +| `numberOfManagedApplicationInstances` | Number of VMs that have been deployed to host managed application server. | +| `numberOfManagedCacheInstances` | Number of VMs that have been deployed to host managed cache server, please set the value if your cluster is Coherence cluster. | +| `wlsDomainName` | Must be the same value provided at initial deployment time. | +| `wlsPassword` | Must be the same value provided at initial deployment time. | +| `wlsUserName` | Must be the same value provided at initial deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Number of Managed application instances + +You can get the existing Managed application instances number with the following command using Azure CLI. + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfManagedApplicationInstances=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}VM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfManagedApplicationInstances} +``` + +### Number of Managed cache instances + +This parameter works for Coherence cluster. If your cluster is not Coherence cluter, keep it with default value `0`. + +You can get the existing Managed cache instances number with the following command using Azure CLI. It should be `0` if no value returned. + +```shell +$ resourceGroup= +$ managedServerPrefix= +$ numberOfManagedCacheInstances=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --query [*].name | grep "${managedServerPrefix}StorageVM[0-9]" | sed -e 's/[^0-9]/ /g' -e 's/^ *//g' -e 's/ *$//g' | tr -s ' ' | sed 's/ /\n/g' | sort -nr | head -n1) +$ echo ${numberOfManagedCacheInstances} +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminVMName": { + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "value": "wlkpsw" + }, + "elasticsearchUserName": { + "value": "elastic" + }, + "location": { + "value": "eastus" + }, + "managedServerPrefix": { + "value": "msp" + }, + "maxDynamicClusterSize": { + "value": 8 + }, + "numberOfManagedApplicationInstances": { + "value": 3 + }, + "numberOfManagedCacheInstances": { + "value": 0 + }, + "wlsDomainName": { + "value": "wlsd" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment to connect to Elasticsearch and Kinaba intance. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/elkNestedTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Resources/deployments/elkNestedTemplate", + "location": null, + "name": "elkNestedTemplate", + "properties": { + "correlationId": "61a46b43-27d0-4478-baba-c288059892d5", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Resources/deployments/pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "pid-e4165284-b017-5df9-9b91-3f11dd8a72e5", + "resourceType": "Microsoft.Resources/deployments" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspVM2/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "dependsOn": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk", + "resourceName": "mspStorageVM1/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "duration": "PT8M54.4785762S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspStorageVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM1/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + }, + { + "id": "/subscriptions/685ba005-af8d-4b04-8f16-a7bf38b2eb5a/resourceGroups/haiche-cluster-elk/providers/Microsoft.Compute/virtualMachines/mspVM2/extensions/newuserscript", + "resourceGroup": "haiche-cluster-elk" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "logIndex": { + "type": "String", + "value": "azure-weblogic-cluster-b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationELKTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationSasToken": { + "type": "SecureString" + }, + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "elasticsearchEndpoint": { + "type": "String", + "value": "https://example.eastus2.azure.elastic-cloud.com:9243" + }, + "elasticsearchPassword": { + "type": "SecureString" + }, + "elasticsearchUserName": { + "type": "String", + "value": "elastic" + }, + "guidValue": { + "type": "String", + "value": "b4e465d5-6ffc-49cf-b1d9-b4dbf6455d0a" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "logsToIntegrate": { + "type": "Array", + "value": [ + "HTTPAccessLog", + "ServerLog", + "DomainLog", + "DataSourceLog", + "StandardErrorAndOutput", + "NodeManagerLog" + ] + }, + "managedServerPrefix": { + "type": "String", + "value": "msp" + }, + "maxDynamicClusterSize": { + "value": 8 + }, + "numberOfManagedApplicationInstances": { + "type": "Int", + "value": 2 + }, + "numberOfManagedCacheInstances": { + "type": "Int", + "value": 1 + }, + "wlsDomainName": { + "type": "String", + "value": "wlsd" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "10060935779116645392", + "templateLink": null, + "timestamp": "2020-11-11T07:29:42.336797+00:00" + }, + "resourceGroup": "haiche-cluster-elk", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify ELK connection + +Follow the steps to check if WebLogic Server logs are exported to Elasticsearch. + +* Go to Azure portal +* Copy log index from your resource group -> deployments -> elkNestedTemplate -> output -> logIndex . +* Go to Elasticsearch cloud and launch Kibana. +* Create index + * Go to Kibana -> Management -> Kibana -> Index Patterns + * Click `Create index Patterns` + * Input the log index you copy from output in Index pattern + * There should be an index you can select, otherwise, the ELK deployment failed + * Next step + * Select `@timestamp` in Time Filter and hit `Create index pattern` +* View logs + * Go to Kibana -> Discover + * Select the index you just created + * You will find the WebLogic Server logs listed diff --git a/subtemplate-src/dynamic-cluster-nsgRulesTemplate.md b/subtemplate-src/dynamic-cluster-nsgRulesTemplate.md new file mode 100644 index 000000000..c7d63674d --- /dev/null +++ b/subtemplate-src/dynamic-cluster-nsgRulesTemplate.md @@ -0,0 +1,81 @@ +{% include variables.md %} + +# Apply Azure Network Security Rule ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to append addtional security rules to an existing Azure Network Security Group deployed with {{ site.data.var.wlsFullBrandName }} using the Azure CLI. + +## Prerequisies + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### Azure Network Security Group + +The Azure Network Security Rule ARM template will be applied to an existing Azure Network Security Group (NSG) instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Prepare the Parameters JSON file + +You must construct a parameter JSON file containing the parameters to the NSG template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. The options to this template declare the desired configuration of the NSG. + +| Parameter Name | Description | +| `denyPublicTrafficForAdminServer` | Deny public tranffic for the admin server on port 7001, 7002. | +| `denyPublicTrafficForManagedServer` | Deny public tranffic for the managed servers on port 8001. | +| `enableOHS` | We deal with the configuration for managed servers when the OHS load balancer is enabled. | +| `networkSecurityGroupName` | The name of the NSG. | + +#### Example Parameters JSON file + +Here is a fully filled out parameters file, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "denyPublicTrafficForManagedServer": { + "value": true + }, + "denyPublicTrafficForAdminServer": { + "value": false + }, + "enableOHS": { + "value": true + }, + "networkSecurityGroupName": { + "value": "wls-nsg" + } + } +} +``` + +## Invoke the ARM template + +This section shows how to kick off the deployment step-by-step. After the deployment, your existing NSG will append two additional Inbound Rules for admin and managed servers. Here we assume you have the parameter file in the current directory, the file is named `parameters.json`, and your NSG is named `wls-nsg`. Don't forget to replace `yourResourceGroup` with the Azure resource group in which the NSG is created. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/nsgNestedTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template with it + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/nsgNestedTemplate.json +``` + +## Verify the rules have been appended to the Azure Network Security Group successfully + +When the deployment is completed, you can verify the appended rules via Azure Portal +* Visit the Azure Network Security Group under your resource group used above. +* Go to `Settings -> Inbound security rules`. +* Verify there is a rule named `WebLogicAdminPortsAllowed` with **Priority = '210'; Port = '7001, 7002'; Protocol = 'TCP'; Source = '10.0.0.0/24'; Aciton = 'Allow'**. +* Verify there is a rule named `WebLogicManagedPortsDenied` with **Priority = '221'; Port = '8001'; Protocol = '*'; Aciton = 'Deny'**. + diff --git a/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md b/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md new file mode 100644 index 000000000..f7c8680cb --- /dev/null +++ b/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md @@ -0,0 +1,210 @@ + +{% include variables.md %} + +# Apply OHS ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a Oracle HTTP Server using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Certificate for SSL Termination + +Oracle HTTP Server serves as the front end load balancer for the {{ site.data.var.wlsFullBrandName }} dynamic cluster, hence it must be provided with a certificate to allow browsers to connect via SSL. + +#### Creating Self-signed certificate + +This section describes how to create a self-signed certificate in the format expected by Oracle HTTP server. The example provided below is one of the ways to create self-signed certificates. Note that such self-signed certificates created should only be used for testing purpose and it is not recommended for production purpose. + +* JKS format certificate + + ```bash + keytool -genkey -keyalg RSA -alias selfsigned -keystore keyStore.jks -storepass password -validity 360 -keysize 2048 + ``` + + Provide all information prompted and store in a file. + +* PKCS12 format certificate + + ```bash + openssl req -newkey rsa:2048 -x509 -keyout key.pem -out out.pem -days 3650 + ``` + + Provide all information prompted and store in a file. + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the OHS ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing SSL certificate. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +|`adminPasswordOrKey`|Password of administration account for the new Virtual Machine that hosts Oracle HTTP Server.| +|`adminUsername`| Username of administration account for the new Virtual Machine that hosts Oracle HTTP Server.| +|`adminRestMgmtURL`| WebLogic Server admin REST management URL. It should be in the format `http://admincomputername:adminport/management/weblogic/latest`.Example `http://adminVM:7001/management/weblogic/latest` or `http://adminVM:7005/management/weblogic/latest` | +|`dnsLabelPrefix`| Must be the same `dnsLabelPrefix` value with which WebLogic Dynamic cluster deployment is made. This value is used for fetching existing deployment `dnsLabelPrefix-nsg` NSG value. | +|`location`| Must be the same region into which the WebLogic dynamic cluster deployment is made.| +|`ohsComponentName` | Oracle HTTP Server component name to be configured as part of domain. At deployment, if this value is changed from its default value, the value used at deployment time must be used.| +|`ohsDomainName`| Oracle HTTP Server standalone domain name. At deployment, if this value is changed from its default value, the value used at deployment time must be used. | +|`ohsNMPassword`| Oracle HTTP Server NodeManager password configured as part of the domain. | +|`ohsNMUser`| Oracle HTTP Server NodeManager user name configured as part of the domain.| +|`keyType` | Certificate format supported for configuring Oracle HTTP Server SSL configuration. Supported format is `JKS` and `PKCS12`. Default value is `PKCS12`| +|`ohsSSLKeystoreData`| base64 bit encoded value of JKS/PKCS12 certificate contents. See below for details| +|`ohsSSLKeystorePassword`|The keystore stored password | +|`ohsSkuUrnVersion`| Oracle HTTP Server base images provided by publisher Oracle. Refer [Azure Marketplace OHS Base Images](https://azuremarketplace.microsoft.com/en-us/marketplace/apps?search=oracle%20ohs%20base%20image) | +|`ohsVMName`|At deployment time, if this value is changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted.| +|`ohshttpPort` | Http server port configured using which application can be accessed via Oracle HTTP Server.At deployment, if this value is changed from its default value, the value used at deployment time must be used.| +|`ohshttpsPort`| Https server port configured using which application can be accessed via Oracle HTTP Server.At deployment, if this value is changed from its default value, the value used at deployment time must be used.| +|`oracleVaultPswd` | Password for Oracle wallet/vault, to add certificates supplied for OHS.| +|`storageAccountName`| The name of an existing storage account. Must be the same storage account name avilable in existing deployed WebLogic dynamic cluster| +|`virtualNetworkName`| The name of an existing virtual network name. Must be the same virtual network name available in existing deployed WebLogic dynamic cluster| +|`wlsUserName` |Must be the same value provided at deployment time for WebLogic dynamic cluster deployment time.| +|`wlsPassword` |Must be the same value provided at deployment time WebLogic dynamic cluster deployment time.| + + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### `ohsSSLKeystoreData` +Use base64 to encode your existing SSL certificate. + + base64 your-JKS/PKCS12-certificate-contents -w 0 > temp.txt + +Use temp.txt contents to set the value for ohsSSLKeystoreData + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we did not include any optional parameters, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. + + +```json +{ + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "adminPasswordOrKey": { + "value": "Azure123456!" + }, + "adminRestMgmtURL": { + "value": "http://adminVM:7001/management/weblogic/latest" + }, + "adminUsername": { + "value": "azureuser" + }, + "dnsLabelPrefix": { + "value": "wls" + }, + "keyType": { + "value": "JKS" + }, + "location": { + "value": "eastus" + }, + "ohsComponentName": { + "value": "ohs_component" + }, + "ohsDomainName": { + "value": "ohsStandaloneDomain" + }, + "ohsNMPassword": { + "value": "Nmpswd1234567" + }, + "ohsNMUser": { + "value": "weblogic" + }, + "ohsSSLKeystoreData": { + "value": "/u3+7QAAAAIAAAABAAAAAQAKc2VsZnNpZ25lZAAAAX ...." + }, + "ohsSSLKeystorePassword": { + "value": "azure123!" + }, + "ohsSkuUrnVersion": { + "value": "ohs-122140-jdk8-ol76;ohs-122140-jdk8-ol76;latest" + }, + "ohsVMName": { + "value": "ohsVM" + }, + "ohshttpPort": { + "value": "7777" + }, + "ohshttpsPort": { + "value": "4444" + }, + "oracleVaultPswd": { + "value": "Welcome1234567" + }, + "storageAccountName": { + "value": "6be282olvm" + }, + "virtualNetworkName": { + "value": "wlsd_VNET" + }, + "wlsPassword": { + "value": "Welcome1234567" + }, + "wlsUserName": { + "value": "weblogic" + } +} +``` + +### Invoke the ARM template +Assume your parameters file is available in the current directory and is named parameters.json. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with a Oracle HTTP Server. Replace yourResourceGroup with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file +The `az deployment group validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/ohsNestedTemplate.json +``` +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/ohsNestedTemplate.json +``` +As with the validate command, if the command returns with an exit status other than 0, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```bash + "provisioningState": "Succeeded", + "template": null, + "templateHash": "13760326614657528322", +``` + +## Verify Oracle HTTP Server setup + +Successful deployment provides Oracle HTTP Server access url in your output, similar to below. + +```json + "ohsAccessURL": { + "type": "String", + "value": "http://wls-5ff4cab395-loadbalancer.eastus.cloudapp.azure.com:7777" + }, + "ohsSecureAccessURL": { + "type": "String", + "value": "https://wls-5ff4cab395-loadbalancer.eastus.cloudapp.azure.com:4444" + } +``` + +Follow the steps to verify Oracle HTTP Server. +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigator, expand the tree to select **Deployments**, install some sample application targeted to WebLogic Cluster and start the service. +* Access your application using ohsAccessURL/application +* Access your application using ohsSecureAccessURL/application + diff --git a/subtemplate-src/dynamic-customDNSTemplate.md b/subtemplate-src/dynamic-customDNSTemplate.md new file mode 100644 index 000000000..5e6921581 --- /dev/null +++ b/subtemplate-src/dynamic-customDNSTemplate.md @@ -0,0 +1,177 @@ +{% include variables.md %} + +# Configure DNS alias to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with a custom DNS alias. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Registered Domain Name + +You need to buy a domain name to create a custom DNS alias. + +### Azure DNS Zone + +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. + +```bash +$ nslookup -type=SOA contoso.com +Server: 172.29.80.1 +Address: 172.29.80.1#53 + +Non-authoritative answer: +contoso.com + origin = ns1-01.azure-dns.com + mail addr = azuredns-hostmaster.microsoft.com + serial = 1 + refresh = 3600 + retry = 300 + expire = 2419200 + minimum = 300 +Name: ns1-01.azure-dns.com +Address: 40.90.4.1 +Name: ns1-01.azure-dns.com +Address: 2603:1061::1 +``` + +We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. + +### Azure Managed Indentify + +If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + + +## Prepare the Parameters + +We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. + +| Parameter Name             | Explanation | +|----------------|-------------| +| `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| +| `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | +| `--artifact-location`| Required. See below for details. | +| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--location` | Required. Must be the same region into which the server was initially deployed. | +| `--zone-name` | Required. Azure DNS Zone name. | +| `--ohs-vm-name` | Optional. Specify name of the VM that hosts the Oracle HTTP Server Load Balancer. | +| `--loadbalancer-label` | Optional. Label for Load Balancer. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| +| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| +| `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | +| `--help` | Help. | + +### Artifacts location + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +## Invoke the Automation Script + +We provide an automation script to configure a custom DNS alias. The script lets you do the following: + + * If you have an Azure DNS Zone, it will create a DNS alias for the admin console and application gateway on the existing DNS Zone. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console and application gateway. + +### Configure DNS Alias on an Existing Azure DNS Zone + +To configure a DNS alias on an existing Azure DNS Zone, in addition to the required parameters, you must also specify an Azure user-assigned managed identity ID and the resource group name in which your DNS Zone is deployed. + +This is an example to create a DNS alias `admin.contoso.com` for the admin console and `applciations.contoso.com` for the application gateway on an existing Azure DNS Zone. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --ohs-vm-name ohsVM \ + --loadbalancer-label applications \ + --identity-id `yourIndentityID` \ + --zone-resource-group `yourDNSZoneResourceGroup` +``` + +An example output: + +```text +Done! + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + + + Application Gateway URL: http://applications.contoso.com:7777 + Application Gateway secured URL: https://applications.contoso.com:4444 +``` + + +### Configure DNS Alias on a New Azure DNS Zone + +To configure a DNS alias on a new Azure DNS Zone, you must specify the required parameters. + +This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console and `applications.contoso.com` for application gateway. + +```bash +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ + | /bin/bash -s -- \ + --resource-group `yourResourceGroup` \ + --admin-vm-name adminVM \ + --admin-console-label admin \ + --artifact-location {{ armTemplateBasePath }} \ + --location eastus \ + --zone-name contoso.com \ + --ohs-vm-name ohsVM \ + --loadbalancer-label applications +``` + +An example output: + +```text +DONE! + + +Action required: + Complete Azure DNS delegation to make the alias accessible. + Reference: https://aka.ms/dns-domain-delegation + Name servers: + [ + "ns1-02.azure-dns.com.", + "ns2-02.azure-dns.net.", + "ns3-02.azure-dns.org.", + "ns4-02.azure-dns.info." + ] + +Custom DNS alias: + Resource group: haiche-dns-doc + WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console + WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console + + + Application Gateway URL: http://applications.contoso.com:7777 + Application Gateway secured URL: https://applications.contoso.com:4444 +``` + +**Note:** The DNS aliases are not accessible now, you must perform Azure DNS delegation after the deployment. Follow [Delegation of DNS zones with Azure DNS](https://aka.ms/dns-domain-delegation) to complete the Azure DNS delegation. + + +## Verify the Custom Alias + +Access the URL from output to verify if the custom alias works. From cc0688bf9625b7d844384c8d2fb6c18f645308be Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Thu, 19 Aug 2021 12:58:22 -0400 Subject: [PATCH 03/42] On branch gh-pages Apply changes requested by @mricelli and @rjeberhard modified: LICENSE modified: README.md modified: _data/var.yml modified: admin/aadNestedTemplate.md modified: admin/dbTemplate.md modified: admin/elkNestedTemplate.md modified: cluster/aadNestedTemplate.md modified: cluster/addnode-coherence.md modified: cluster/addnode.md modified: cluster/appGatewayNestedTemplate.md modified: cluster/coherenceTemplate.md modified: cluster/dbTemplate.md modified: cluster/deletenode.md modified: cluster/elkNestedTemplate.md modified: dynamic-cluster/aadNestedTemplate.md modified: dynamic-cluster/addnode-coherence.md modified: dynamic-cluster/addnode.md modified: dynamic-cluster/coherenceTemplate.md modified: dynamic-cluster/dbTemplate.md modified: dynamic-cluster/deletenode.md modified: dynamic-cluster/elkNestedTemplate.md modified: dynamic-cluster/ohsNestedTemplate.md modified: release-notes/index.md modified: subtemplate-src/addnode-coherence.md modified: subtemplate-src/admin-aadNestedTemplate.md modified: subtemplate-src/admin-elkNestedTemplate.md modified: subtemplate-src/appGatewayNestedTemplate.md modified: subtemplate-src/cluster-aadNestedTemplate.md modified: subtemplate-src/cluster-addnode.md modified: subtemplate-src/cluster-deletenode.md modified: subtemplate-src/cluster-elkNestedTemplate.md modified: subtemplate-src/coherenceTemplate.md modified: subtemplate-src/dbTemplate.md modified: subtemplate-src/dynamic-cluster-aadNestedTemplate.md modified: subtemplate-src/dynamic-cluster-addnode.md modified: subtemplate-src/dynamic-cluster-deletenode.md modified: subtemplate-src/dynamic-cluster-elkNestedTemplate.md modified: subtemplate-src/dynamic-cluster-ohsNestedTemplate.md Signed-off-by: Ed Burns --- LICENSE | 236 +++--------------- README.md | 18 +- _data/var.yml | 6 + admin/aadNestedTemplate.md | 4 +- admin/dbTemplate.md | 2 + admin/elkNestedTemplate.md | 2 + cluster/aadNestedTemplate.md | 2 + cluster/addnode-coherence.md | 2 + cluster/addnode.md | 4 +- cluster/appGatewayNestedTemplate.md | 3 + cluster/coherenceTemplate.md | 2 + cluster/dbTemplate.md | 2 + cluster/deletenode.md | 4 +- cluster/elkNestedTemplate.md | 3 + dynamic-cluster/aadNestedTemplate.md | 2 + dynamic-cluster/addnode-coherence.md | 2 + dynamic-cluster/addnode.md | 2 + dynamic-cluster/coherenceTemplate.md | 2 + dynamic-cluster/dbTemplate.md | 2 + dynamic-cluster/deletenode.md | 2 + dynamic-cluster/elkNestedTemplate.md | 2 + dynamic-cluster/ohsNestedTemplate.md | 1 + release-notes/index.md | 10 +- subtemplate-src/addnode-coherence.md | 2 + subtemplate-src/admin-aadNestedTemplate.md | 2 + subtemplate-src/admin-elkNestedTemplate.md | 2 + subtemplate-src/appGatewayNestedTemplate.md | 2 + subtemplate-src/cluster-aadNestedTemplate.md | 2 + subtemplate-src/cluster-addnode.md | 4 +- subtemplate-src/cluster-deletenode.md | 4 +- subtemplate-src/cluster-elkNestedTemplate.md | 2 + subtemplate-src/coherenceTemplate.md | 2 + subtemplate-src/dbTemplate.md | 2 + .../dynamic-cluster-aadNestedTemplate.md | 2 + subtemplate-src/dynamic-cluster-addnode.md | 2 + subtemplate-src/dynamic-cluster-deletenode.md | 2 + .../dynamic-cluster-elkNestedTemplate.md | 2 + .../dynamic-cluster-ohsNestedTemplate.md | 1 + 38 files changed, 128 insertions(+), 220 deletions(-) diff --git a/LICENSE b/LICENSE index 261eeb9e9..733249598 100644 --- a/LICENSE +++ b/LICENSE @@ -1,201 +1,35 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. +Copyright (c) 2021, Oracle and/or its affiliates. + +The Universal Permissive License (UPL), Version 1.0 + +Subject to the condition set forth below, permission is hereby granted to any +person obtaining a copy of this software, associated documentation and/or data +(collectively the "Software"), free of charge and under any and all copyright +rights in the Software, and any and all patent rights owned or freely +licensable by each licensor hereunder covering either (i) the unmodified +Software as contributed to or provided by such licensor, or (ii) the Larger +Works (as defined below), to deal in both + +(a) the Software, and +(b) any piece of software and/or hardware listed in the lrgrwrks.txt file if +one is included with the Software (each a "Larger Work" to which the Software +is contributed by such licensors), + +without restriction, including without limitation the rights to copy, create +derivative works of, display, perform, and distribute the Software and make, +use, sell, offer for sale, import, export, have made, and have sold the +Software and the Larger Work(s), and to sublicense the foregoing rights on +either these or other terms. + +This license is subject to the following condition: +The above copyright notice and either this complete permission notice or at +a minimum a reference to the UPL must be included in all copies or +substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md index 2d8f99918..650c30c8d 100644 --- a/README.md +++ b/README.md @@ -1,18 +1,18 @@ # arm-oraclelinux-wls -# Simple deployment of a Oracle Linux VM with Weblogic Server pre-installed +# Simple deployment of a Oracle Linux VM with WebLogic Server pre-installed -This template allows us to deploy a simple Oracle Linux VM with Weblogic Server (12.2.1.3.0) pre-installed. -This template deploy by default, an A3 size VM in the resource group location and return the fully qualified domain name of the VM. +This template allows us to deploy a simple Oracle Linux VM with WebLogic Server (12.2.1.3.0) pre-installed. +By default, this template deploys an A3 size VM in the resource group location and return the fully qualified domain name of the VM. -To install Weblogic Server, requires Oracle Weblogic Install kit and Oracle JDK to be downloaded, from OTN Site (https://www.oracle.com/technical-resources/). The OTN site requires the user to accept OTN Free Developer License Agreement before downloading any resources. -So, when this template is run, user will be required to accept the OTN Free Developer License Agreement and also provide OTN credentials (username and password), to download the Oracle Weblogic Install Kit and Oracle JDK. +To install WebLogic Server, requires Oracle WebLogic Install kit and Oracle JDK to be downloaded, from OTN Site (https://www.oracle.com/technical-resources/). The OTN site requires the user to accept OTN Free Developer License Agreement before downloading any resources. +So, when this template is run, the user will be required to accept the OTN Free Developer License Agreement and also provide OTN credentials (username and password), to download the Oracle WebLogic Install Kit and Oracle JDK.

Using the template

Perform string substitution to generate the necessary artifacts for deployment or uploading to the Azure Cloud Partner Portal

-* Install Apache Maven. This project uses Apache Maven to do simple +* Install Apache Maven. This project uses Apache Maven to do a simple string substitution for several required parameters in the templates. * From the top level run `mvn clean install`. @@ -59,15 +59,15 @@ If you are new to template deployment, see:

Running the tests

-Microsoft provides template validation tests in the Git repo for [azure-quickstart-templates](https://github.com/Azure/azure-quickstart-templates/tree/master/test/template-tests). This project has maven configuration to run those tests against the ARM template. This is useful when building the template as part of a CI/CD pipeline. +Microsoft provides template validation tests in the Git repo for [azure-quickstart-templates](https://github.com/Azure/azure-quickstart-templates/tree/master/test/template-tests). This project includes a Maven configuration to run those tests against the ARM template. This is useful when building the template as part of a CI/CD pipeline.

Preconditions

The environment running the tests must have the git repo for [Azure Quickstart Templates)[https://github.com/Azure/azure-quickstart-templates] checked -out in the expected place, and the necessary powershell software installed +out in the expected place, and the necessary PowerShell software installed -1. Make it so the environment that runs `mvn` is able to execute the powershell command. +1. Make it so the environment that runs `mvn` is able to execute the PowerShell command. 2. Git clone the [Azure Quickstart Templates)[https://github.com/Azure/azure-quickstart-templates] into the top level `target` directory. diff --git a/_data/var.yml b/_data/var.yml index 6ac046797..ddd176cb8 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -10,4 +10,10 @@ jdkVersion: Oracle JDK 8u131 jdkVersionNumber: jdk1.8.0_131 repoPrefix: /arm-oraclelinux-wls- artifactsLocationBase: https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls- +passwordInFileNote: |-3 + Some things to note: + + * We did not include values for parameters that have a default value. + * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** + artifactsLocationTag: 2021-03-23-01-Q1 diff --git a/admin/aadNestedTemplate.md b/admin/aadNestedTemplate.md index d50d4998a..6cffeaeb5 100644 --- a/admin/aadNestedTemplate.md +++ b/admin/aadNestedTemplate.md @@ -61,7 +61,9 @@ Use the content as this file as the value of the `wlsLDAPSSLCertificate` paramet #### Example Parameters JSON -Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. +Here is a fully filled out parameters file. + +{{ site.data.var.passwordInFileNote }} ```json { diff --git a/admin/dbTemplate.md b/admin/dbTemplate.md index ac4ab4faf..b46907b35 100644 --- a/admin/dbTemplate.md +++ b/admin/dbTemplate.md @@ -125,6 +125,8 @@ Finally, replace `{your_database}` with the name of your database. Here is a fully filled out parameters file. Note that we did not include `adminVMName`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/admin/elkNestedTemplate.md b/admin/elkNestedTemplate.md index 4368d7225..93759dc21 100644 --- a/admin/elkNestedTemplate.md +++ b/admin/elkNestedTemplate.md @@ -52,6 +52,8 @@ This value must be the following. Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/cluster/aadNestedTemplate.md b/cluster/aadNestedTemplate.md index 871e44cad..0e72fe78c 100644 --- a/cluster/aadNestedTemplate.md +++ b/cluster/aadNestedTemplate.md @@ -69,6 +69,8 @@ The number of existing nodes, includeing Administration Server node. It should e Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. Pay attention to the value of `numberOfInstances`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/cluster/addnode-coherence.md b/cluster/addnode-coherence.md index 8f5716664..2c601d597 100644 --- a/cluster/addnode-coherence.md +++ b/cluster/addnode-coherence.md @@ -191,6 +191,8 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSizeSelectForCoherence` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/cluster/addnode.md b/cluster/addnode.md index 0e74f565e..98b78da9e 100644 --- a/cluster/addnode.md +++ b/cluster/addnode.md @@ -284,6 +284,8 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", @@ -731,4 +733,4 @@ Verify AAD integration by delpoying a simple Java EE applciation with basic auth * Go to **Environment -> Machines**. Click one of the new machines, make sure there are servers running on that machine. Click **Node Manager** and make note of the machine host in **Listen Address**, here named it as `machineName`. Click **Servers** and make note of **Listen Port**, here named it as `port`. * Go to [Azure Portal](https://ms.portal.azure.com/), and get DNS name from Virtual Machine has the same name of `machineName`, named it `machineDNS` * Go to `http://${machineDNS}:${port}/basicauth`, the browser will prompt up to ask for credentials, input one of AAD users from group **AAD DC Administrators**, note that use name should be **sAMAccountName**, for example `wlstest` for user `wlstest@javaeehotmailcom.onmicrosoft.com`. - * Expected result, you can access the sample application without error. \ No newline at end of file + * Expected result, you can access the sample application without error. diff --git a/cluster/appGatewayNestedTemplate.md b/cluster/appGatewayNestedTemplate.md index 039b015c6..3d8e98ee5 100644 --- a/cluster/appGatewayNestedTemplate.md +++ b/cluster/appGatewayNestedTemplate.md @@ -65,6 +65,9 @@ It is assumed that you have the password for the certificate. Use this as the v Here is a fully filled out parameters file. Note that we did not include any optional parameters, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. +{{ site.data.var.passwordInFileNote }} + + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/cluster/coherenceTemplate.md b/cluster/coherenceTemplate.md index 632ba5a98..546572006 100644 --- a/cluster/coherenceTemplate.md +++ b/cluster/coherenceTemplate.md @@ -111,6 +111,8 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor Here is a fully filled out parameters file. This is an example to set up Coherence*Web. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/cluster/dbTemplate.md b/cluster/dbTemplate.md index ac4ab4faf..b46907b35 100644 --- a/cluster/dbTemplate.md +++ b/cluster/dbTemplate.md @@ -125,6 +125,8 @@ Finally, replace `{your_database}` with the name of your database. Here is a fully filled out parameters file. Note that we did not include `adminVMName`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/cluster/deletenode.md b/cluster/deletenode.md index 2b3c3ceba..5f9311fa1 100644 --- a/cluster/deletenode.md +++ b/cluster/deletenode.md @@ -69,6 +69,8 @@ You can get the server names from WebLogic Server Administration Console, follow Here is a fully filled out parameters file. Note that here we do not include `adminVMName`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", @@ -532,4 +534,4 @@ Complete! * Network Interface: `mspVM1_NIC` * Public IP: `mspVM1_PublicIP` - All of these resource should be deleted after the script finishes, unless you don't expect to delete them without specifying "Y/y" to the prompt. \ No newline at end of file + All of these resource should be deleted after the script finishes, unless you don't expect to delete them without specifying "Y/y" to the prompt. diff --git a/cluster/elkNestedTemplate.md b/cluster/elkNestedTemplate.md index 22052c79f..fd485693d 100644 --- a/cluster/elkNestedTemplate.md +++ b/cluster/elkNestedTemplate.md @@ -79,6 +79,9 @@ $ echo ${numberOfManagedCacheInstances} Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. +{{ site.data.var.passwordInFileNote }} + + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/dynamic-cluster/aadNestedTemplate.md b/dynamic-cluster/aadNestedTemplate.md index aec3d8344..b4a6c5c27 100644 --- a/dynamic-cluster/aadNestedTemplate.md +++ b/dynamic-cluster/aadNestedTemplate.md @@ -69,6 +69,8 @@ Size of the dynamic cluster, it should equal to numbers of Virtual Machines that Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. Pay attention to the value of `dynamicClusterSize`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/dynamic-cluster/addnode-coherence.md b/dynamic-cluster/addnode-coherence.md index 8f5716664..2c601d597 100644 --- a/dynamic-cluster/addnode-coherence.md +++ b/dynamic-cluster/addnode-coherence.md @@ -191,6 +191,8 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSizeSelectForCoherence` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/dynamic-cluster/addnode.md b/dynamic-cluster/addnode.md index a7fcb016e..7dea5b0e7 100644 --- a/dynamic-cluster/addnode.md +++ b/dynamic-cluster/addnode.md @@ -240,6 +240,8 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", diff --git a/dynamic-cluster/coherenceTemplate.md b/dynamic-cluster/coherenceTemplate.md index 632ba5a98..546572006 100644 --- a/dynamic-cluster/coherenceTemplate.md +++ b/dynamic-cluster/coherenceTemplate.md @@ -111,6 +111,8 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor Here is a fully filled out parameters file. This is an example to set up Coherence*Web. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/dynamic-cluster/dbTemplate.md b/dynamic-cluster/dbTemplate.md index ac4ab4faf..b46907b35 100644 --- a/dynamic-cluster/dbTemplate.md +++ b/dynamic-cluster/dbTemplate.md @@ -125,6 +125,8 @@ Finally, replace `{your_database}` with the name of your database. Here is a fully filled out parameters file. Note that we did not include `adminVMName`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/dynamic-cluster/deletenode.md b/dynamic-cluster/deletenode.md index a87dc0cd4..40aa025b5 100644 --- a/dynamic-cluster/deletenode.md +++ b/dynamic-cluster/deletenode.md @@ -69,6 +69,8 @@ You can get the machine names from WebLogic Server Administration Console, follo Here is a fully filled out parameters file. Note that we do not include `adminVMName`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/dynamic-cluster/elkNestedTemplate.md b/dynamic-cluster/elkNestedTemplate.md index 08fa9b092..1eaa960f3 100644 --- a/dynamic-cluster/elkNestedTemplate.md +++ b/dynamic-cluster/elkNestedTemplate.md @@ -80,6 +80,8 @@ $ echo ${numberOfManagedCacheInstances} Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/dynamic-cluster/ohsNestedTemplate.md b/dynamic-cluster/ohsNestedTemplate.md index f7c8680cb..f9a774d53 100644 --- a/dynamic-cluster/ohsNestedTemplate.md +++ b/dynamic-cluster/ohsNestedTemplate.md @@ -88,6 +88,7 @@ Use temp.txt contents to set the value for ohsSSLKeystoreData Here is a fully filled out parameters file. Note that we did not include any optional parameters, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. +{{ site.data.var.passwordInFileNote }} ```json { diff --git a/release-notes/index.md b/release-notes/index.md index 1084f6b50..a539f30c9 100644 --- a/release-notes/index.md +++ b/release-notes/index.md @@ -8,11 +8,11 @@ | WebLogic Server Version | Oracle JDK Version | Oracle Linux Version | |-------------------------|--------------------|----------------------| - | 12.2.1.3.0 | 8u131 | 7.4 | - | 12.2.1.3.0 | 8u131 | 7.3 | - | 12.2.1.4.0 | 8u251 | 7.6 | - | 14.1.1.0.0 | 8u251 | 7.6 | - | 14.1.1.0.0 | 11_07 | 7.6 | + | 12.2.1.3.0 | 8 | 7.4 | + | 12.2.1.3.0 | 8 | 7.3 | + | 12.2.1.4.0 | 8 | 7.6 | + | 14.1.1.0.0 | 8 | 7.6 | + | 14.1.1.0.0 | 11 | 7.6 | ### arm-oraclelinux-wls diff --git a/subtemplate-src/addnode-coherence.md b/subtemplate-src/addnode-coherence.md index 8f5716664..2c601d597 100644 --- a/subtemplate-src/addnode-coherence.md +++ b/subtemplate-src/addnode-coherence.md @@ -191,6 +191,8 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSizeSelectForCoherence` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/admin-aadNestedTemplate.md b/subtemplate-src/admin-aadNestedTemplate.md index d50d4998a..a87a6c908 100644 --- a/subtemplate-src/admin-aadNestedTemplate.md +++ b/subtemplate-src/admin-aadNestedTemplate.md @@ -63,6 +63,8 @@ Use the content as this file as the value of the `wlsLDAPSSLCertificate` paramet Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/admin-elkNestedTemplate.md b/subtemplate-src/admin-elkNestedTemplate.md index 4368d7225..93759dc21 100644 --- a/subtemplate-src/admin-elkNestedTemplate.md +++ b/subtemplate-src/admin-elkNestedTemplate.md @@ -52,6 +52,8 @@ This value must be the following. Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/appGatewayNestedTemplate.md b/subtemplate-src/appGatewayNestedTemplate.md index 039b015c6..0559bdaa8 100644 --- a/subtemplate-src/appGatewayNestedTemplate.md +++ b/subtemplate-src/appGatewayNestedTemplate.md @@ -65,6 +65,8 @@ It is assumed that you have the password for the certificate. Use this as the v Here is a fully filled out parameters file. Note that we did not include any optional parameters, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/cluster-aadNestedTemplate.md b/subtemplate-src/cluster-aadNestedTemplate.md index 871e44cad..0e72fe78c 100644 --- a/subtemplate-src/cluster-aadNestedTemplate.md +++ b/subtemplate-src/cluster-aadNestedTemplate.md @@ -69,6 +69,8 @@ The number of existing nodes, includeing Administration Server node. It should e Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. Pay attention to the value of `numberOfInstances`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/cluster-addnode.md b/subtemplate-src/cluster-addnode.md index 0e74f565e..98b78da9e 100644 --- a/subtemplate-src/cluster-addnode.md +++ b/subtemplate-src/cluster-addnode.md @@ -284,6 +284,8 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", @@ -731,4 +733,4 @@ Verify AAD integration by delpoying a simple Java EE applciation with basic auth * Go to **Environment -> Machines**. Click one of the new machines, make sure there are servers running on that machine. Click **Node Manager** and make note of the machine host in **Listen Address**, here named it as `machineName`. Click **Servers** and make note of **Listen Port**, here named it as `port`. * Go to [Azure Portal](https://ms.portal.azure.com/), and get DNS name from Virtual Machine has the same name of `machineName`, named it `machineDNS` * Go to `http://${machineDNS}:${port}/basicauth`, the browser will prompt up to ask for credentials, input one of AAD users from group **AAD DC Administrators**, note that use name should be **sAMAccountName**, for example `wlstest` for user `wlstest@javaeehotmailcom.onmicrosoft.com`. - * Expected result, you can access the sample application without error. \ No newline at end of file + * Expected result, you can access the sample application without error. diff --git a/subtemplate-src/cluster-deletenode.md b/subtemplate-src/cluster-deletenode.md index 2b3c3ceba..5f9311fa1 100644 --- a/subtemplate-src/cluster-deletenode.md +++ b/subtemplate-src/cluster-deletenode.md @@ -69,6 +69,8 @@ You can get the server names from WebLogic Server Administration Console, follow Here is a fully filled out parameters file. Note that here we do not include `adminVMName`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", @@ -532,4 +534,4 @@ Complete! * Network Interface: `mspVM1_NIC` * Public IP: `mspVM1_PublicIP` - All of these resource should be deleted after the script finishes, unless you don't expect to delete them without specifying "Y/y" to the prompt. \ No newline at end of file + All of these resource should be deleted after the script finishes, unless you don't expect to delete them without specifying "Y/y" to the prompt. diff --git a/subtemplate-src/cluster-elkNestedTemplate.md b/subtemplate-src/cluster-elkNestedTemplate.md index 22052c79f..3ee880d3e 100644 --- a/subtemplate-src/cluster-elkNestedTemplate.md +++ b/subtemplate-src/cluster-elkNestedTemplate.md @@ -79,6 +79,8 @@ $ echo ${numberOfManagedCacheInstances} Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/coherenceTemplate.md b/subtemplate-src/coherenceTemplate.md index 632ba5a98..546572006 100644 --- a/subtemplate-src/coherenceTemplate.md +++ b/subtemplate-src/coherenceTemplate.md @@ -111,6 +111,8 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor Here is a fully filled out parameters file. This is an example to set up Coherence*Web. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/dbTemplate.md b/subtemplate-src/dbTemplate.md index ac4ab4faf..b46907b35 100644 --- a/subtemplate-src/dbTemplate.md +++ b/subtemplate-src/dbTemplate.md @@ -125,6 +125,8 @@ Finally, replace `{your_database}` with the name of your database. Here is a fully filled out parameters file. Note that we did not include `adminVMName`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/dynamic-cluster-aadNestedTemplate.md b/subtemplate-src/dynamic-cluster-aadNestedTemplate.md index aec3d8344..b4a6c5c27 100644 --- a/subtemplate-src/dynamic-cluster-aadNestedTemplate.md +++ b/subtemplate-src/dynamic-cluster-aadNestedTemplate.md @@ -69,6 +69,8 @@ Size of the dynamic cluster, it should equal to numbers of Virtual Machines that Here is a fully filled out parameters file. Note that we did not include values for parameters that have a default value. Pay attention to the value of `dynamicClusterSize`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/dynamic-cluster-addnode.md b/subtemplate-src/dynamic-cluster-addnode.md index a7fcb016e..7dea5b0e7 100644 --- a/subtemplate-src/dynamic-cluster-addnode.md +++ b/subtemplate-src/dynamic-cluster-addnode.md @@ -240,6 +240,8 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", diff --git a/subtemplate-src/dynamic-cluster-deletenode.md b/subtemplate-src/dynamic-cluster-deletenode.md index a87dc0cd4..40aa025b5 100644 --- a/subtemplate-src/dynamic-cluster-deletenode.md +++ b/subtemplate-src/dynamic-cluster-deletenode.md @@ -69,6 +69,8 @@ You can get the machine names from WebLogic Server Administration Console, follo Here is a fully filled out parameters file. Note that we do not include `adminVMName`. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/dynamic-cluster-elkNestedTemplate.md b/subtemplate-src/dynamic-cluster-elkNestedTemplate.md index 08fa9b092..1eaa960f3 100644 --- a/subtemplate-src/dynamic-cluster-elkNestedTemplate.md +++ b/subtemplate-src/dynamic-cluster-elkNestedTemplate.md @@ -80,6 +80,8 @@ $ echo ${numberOfManagedCacheInstances} Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, and `usePreviewImage` as default value. +{{ site.data.var.passwordInFileNote }} + ```json { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", diff --git a/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md b/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md index f7c8680cb..f9a774d53 100644 --- a/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md +++ b/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md @@ -88,6 +88,7 @@ Use temp.txt contents to set the value for ohsSSLKeystoreData Here is a fully filled out parameters file. Note that we did not include any optional parameters, assuming the {{ site.data.var.wlsFullBrandName }} was deployed accepting the default values. +{{ site.data.var.passwordInFileNote }} ```json { From 7c8c68da4891452c72bb8234fc232966e59ab892 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 13 Oct 2021 11:22:43 +0800 Subject: [PATCH 04/42] On branch gh-pages: update artifactsLocationBase and artifactsLocationTag Signed-off-by: galiacheng Changes to be committed: modified: _data/var.yml --- _data/var.yml | 5 +++-- _includes/variables.md | 20 ++++++++++---------- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/_data/var.yml b/_data/var.yml index ddd176cb8..a2e2fe1d6 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -9,11 +9,12 @@ oracleLinuxVersion: 7.4 jdkVersion: Oracle JDK 8u131 jdkVersionNumber: jdk1.8.0_131 repoPrefix: /arm-oraclelinux-wls- -artifactsLocationBase: https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls- +artifactsLocationBase: https://raw.githubusercontent.com/oracle/weblogic-azure +artifactsLocationSubPathForVM: weblogic-azure-vm/arm-oraclelinux-wls- passwordInFileNote: |-3 Some things to note: * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2021-03-23-01-Q1 +artifactsLocationTag: 2021-10-13-01-Q4 diff --git a/_includes/variables.md b/_includes/variables.md index 822fee0db..e8490eaa5 100644 --- a/_includes/variables.md +++ b/_includes/variables.md @@ -6,36 +6,36 @@ Account for variability in the repo paths. {% capture pageDir %}{{ pageDirName }}{% endcapture %} {% if pageDir contains "admin" %} - {% capture armTemplateBasePath %}{{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/src/main/arm/{% endcapture %} + {% capture armTemplateBasePath %}{{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/src/main/arm/{% endcapture %} {% comment %} - something like https://raw.githubusercontent.com/edburns/arm-oraclelinux-wls-admin/2020-06-24-01-Q2/src/main/arm/ + something like https://raw.githubusercontent.com/galiacheng/weblogic-azure/2021-10-13-01-Q4/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/ {% endcomment %} {% else %} {% assign repoPrefix = site.data.var.repoPrefix %} - {% capture armTemplateBasePath %}{{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}{{ repoPrefix }}{{ pageDir }}/src/main/arm/{% endcapture %} + {% capture armTemplateBasePath %}{{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}{{ repoPrefix }}{{ pageDir }}/src/main/arm/{% endcapture %} {% comment %} - something like https://raw.githubusercontent.com/edburns/arm-oraclelinux-wls-cluster/2020-06-24-01-Q2/arm-oraclelinux-wls-cluster/src/main/arm/ + something like https://raw.githubusercontent.com/galiacheng/weblogic-azure/2021-10-13-01-Q4/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/ {% endcomment %} - {% capture armTemplateDeleteNodeBasePath %}{{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/deletenode/src/main/{% endcapture %} + {% capture armTemplateDeleteNodeBasePath %}{{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/deletenode/src/main/{% endcapture %} {% comment %} - something like https://raw.githubusercontent.com/edburns/arm-oraclelinux-wls-cluster/2020-06-24-01-Q2/deletenode/src/main/ + something like https://raw.githubusercontent.com/galiacheng/weblogic-azure/2021-10-13-01-Q4/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/ {% endcomment %} - {% capture armTemplateAddNodeBasePath %}{{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/addnode/src/main/{% endcapture %} + {% capture armTemplateAddNodeBasePath %}{{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/addnode/src/main/{% endcapture %} {% comment %} - something like https://raw.githubusercontent.com/edburns/arm-oraclelinux-wls-cluster/2020-06-24-01-Q2/addnode/src/main/ + something like https://raw.githubusercontent.com/galiacheng/weblogic-azure/2021-10-13-01-Q4/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/ {% endcomment %} - {% capture armTemplateAddCacheNodeBasePath %}{{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/addnode-coherence/src/main/{% endcapture %} + {% capture armTemplateAddCacheNodeBasePath %}{{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/addnode-coherence/src/main/{% endcapture %} {% comment %} - something like https://raw.githubusercontent.com/edburns/arm-oraclelinux-wls-cluster/2020-06-24-01-Q2/addnode=-coherence/src/main/ + something like https://raw.githubusercontent.com/galiacheng/weblogic-azure/2021-10-13-01-Q4/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode=-coherence/src/main/ {% endcomment %} {% endif %} From 11eae5986d6d874859430b472f10155cb75c8fb6 Mon Sep 17 00:00:00 2001 From: Sanjay Mantoor Date: Fri, 8 Oct 2021 12:11:42 +0530 Subject: [PATCH 05/42] Updated License/Copyright and repository references --- Gemfile | 3 +++ Makefile | 3 +++ README.md | 5 +++++ _config.yml | 5 ++++- _data/var.yml | 3 +++ _includes/sub-template-01.md | 5 +++++ _includes/variables.md | 5 +++++ admin/aadNestedTemplate.md | 5 +++++ admin/customDNSTemplate.md | 5 +++++ admin/dbTemplate.md | 5 +++++ admin/elkNestedTemplate.md | 5 +++++ admin/index.md | 5 +++++ arm-oraclelinux-wls/src/main/scripts/create_datasource.py | 3 +++ cluster/aadNestedTemplate.md | 5 +++++ cluster/addnode-coherence.md | 5 +++++ cluster/addnode.md | 5 +++++ cluster/appGatewayNestedTemplate.md | 5 +++++ cluster/coherenceTemplate.md | 5 +++++ cluster/customDNSTemplate.md | 5 +++++ cluster/dbTemplate.md | 5 +++++ cluster/deletenode.md | 5 +++++ cluster/elkNestedTemplate.md | 5 +++++ cluster/index.md | 5 +++++ cluster/nsgRulesTemplate.md | 5 +++++ dynamic-cluster/aadNestedTemplate.md | 5 +++++ dynamic-cluster/addnode-coherence.md | 5 +++++ dynamic-cluster/addnode.md | 5 +++++ dynamic-cluster/coherenceTemplate.md | 5 +++++ dynamic-cluster/customDNSTemplate.md | 5 +++++ dynamic-cluster/dbTemplate.md | 5 +++++ dynamic-cluster/deletenode.md | 5 +++++ dynamic-cluster/elkNestedTemplate.md | 5 +++++ dynamic-cluster/index.md | 5 +++++ dynamic-cluster/nsgRulesTemplate.md | 5 +++++ dynamic-cluster/ohsNestedTemplate.md | 4 ++++ release-notes/index.md | 5 +++++ subtemplate-src/addnode-coherence.md | 5 +++++ subtemplate-src/admin-aadNestedTemplate.md | 5 +++++ subtemplate-src/admin-customDNSTemplate.md | 5 +++++ subtemplate-src/admin-elkNestedTemplate.md | 5 +++++ subtemplate-src/appGatewayNestedTemplate.md | 5 +++++ subtemplate-src/cluster-aadNestedTemplate.md | 5 +++++ subtemplate-src/cluster-addnode.md | 5 +++++ subtemplate-src/cluster-customDNSTemplate.md | 5 +++++ subtemplate-src/cluster-deletenode.md | 5 +++++ subtemplate-src/cluster-elkNestedTemplate.md | 5 +++++ subtemplate-src/cluster-nsgRulesTemplate.md | 5 +++++ subtemplate-src/coherenceTemplate.md | 5 +++++ subtemplate-src/dbTemplate.md | 5 +++++ subtemplate-src/dynamic-cluster-aadNestedTemplate.md | 5 +++++ subtemplate-src/dynamic-cluster-addnode.md | 5 +++++ subtemplate-src/dynamic-cluster-customDNSTemplate.md | 5 +++++ subtemplate-src/dynamic-cluster-deletenode.md | 5 +++++ subtemplate-src/dynamic-cluster-elkNestedTemplate.md | 5 +++++ subtemplate-src/dynamic-cluster-nsgRulesTemplate.md | 5 +++++ subtemplate-src/dynamic-cluster-ohsNestedTemplate.md | 4 ++++ subtemplate-src/dynamic-customDNSTemplate.md | 5 +++++ 57 files changed, 274 insertions(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 9863f8b55..669aa8011 100755 --- a/Gemfile +++ b/Gemfile @@ -1,3 +1,6 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + source "https://rubygems.org" ruby RUBY_VERSION diff --git a/Makefile b/Makefile index 742d7d7dd..9285ecef4 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,6 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + all: cp subtemplate-src/addnode-coherence.md cluster/addnode-coherence.md cp subtemplate-src/addnode-coherence.md dynamic-cluster/addnode-coherence.md diff --git a/README.md b/README.md index 650c30c8d..769b07726 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,8 @@ + + # arm-oraclelinux-wls # Simple deployment of a Oracle Linux VM with WebLogic Server pre-installed diff --git a/_config.yml b/_config.yml index 6bd888f58..176718d58 100644 --- a/_config.yml +++ b/_config.yml @@ -1,2 +1,5 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + theme: jekyll-theme-primer -repository: "wls-eng/arm-oraclelinux-wls" +repository: "oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls" diff --git a/_data/var.yml b/_data/var.yml index a2e2fe1d6..2b0ddf8d6 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -1,3 +1,6 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + azureFullBrandName: Microsoft Azure IaaS wlsFullBrandName: Oracle WebLogic Server brandNameNumber: 12c diff --git a/_includes/sub-template-01.md b/_includes/sub-template-01.md index f44a916e0..d2eaf6fd7 100644 --- a/_includes/sub-template-01.md +++ b/_includes/sub-template-01.md @@ -1,3 +1,8 @@ + + This page lists the available templates for working with existing deployments. These templates perform various operations on an existing deployment after it has initially been deployed from the Azure portal. diff --git a/_includes/variables.md b/_includes/variables.md index e8490eaa5..f4ecb68ee 100644 --- a/_includes/variables.md +++ b/_includes/variables.md @@ -1,3 +1,8 @@ + + {% comment %} Account for variability in the repo paths. {% endcomment %} diff --git a/admin/aadNestedTemplate.md b/admin/aadNestedTemplate.md index 6cffeaeb5..403a45f51 100644 --- a/admin/aadNestedTemplate.md +++ b/admin/aadNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/admin/customDNSTemplate.md b/admin/customDNSTemplate.md index 746b9e506..a10ed799e 100644 --- a/admin/customDNSTemplate.md +++ b/admin/customDNSTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Configure DNS alias to {{ site.data.var.wlsFullBrandName }} diff --git a/admin/dbTemplate.md b/admin/dbTemplate.md index b46907b35..e4ce14f1d 100644 --- a/admin/dbTemplate.md +++ b/admin/dbTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/admin/elkNestedTemplate.md b/admin/elkNestedTemplate.md index 93759dc21..42bb37e86 100644 --- a/admin/elkNestedTemplate.md +++ b/admin/elkNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana diff --git a/admin/index.md b/admin/index.md index 79686ab2d..e074f5857 100644 --- a/admin/index.md +++ b/admin/index.md @@ -1,3 +1,8 @@ + + # Single Node {{ site.data.var.wlsFullBrandName }} with Admin Server {% include sub-template-01.md %} diff --git a/arm-oraclelinux-wls/src/main/scripts/create_datasource.py b/arm-oraclelinux-wls/src/main/scripts/create_datasource.py index 5ddbd937b..0cd81692c 100644 --- a/arm-oraclelinux-wls/src/main/scripts/create_datasource.py +++ b/arm-oraclelinux-wls/src/main/scripts/create_datasource.py @@ -1,3 +1,6 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + connect('weblogic','gumby1234','t3://ejb1024010-ejb102401rg-ejb102401.eastus.cloudapp.azure.com:7001') edit("Edwards-MacBook-Pro.local") startEdit() diff --git a/cluster/aadNestedTemplate.md b/cluster/aadNestedTemplate.md index 0e72fe78c..8796d07c3 100644 --- a/cluster/aadNestedTemplate.md +++ b/cluster/aadNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/cluster/addnode-coherence.md b/cluster/addnode-coherence.md index 2c601d597..3991ab6a7 100644 --- a/cluster/addnode-coherence.md +++ b/cluster/addnode-coherence.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Add cache managed server to {{ site.data.var.wlsFullBrandName }} Coherence cluster diff --git a/cluster/addnode.md b/cluster/addnode.md index 98b78da9e..94a8bb734 100644 --- a/cluster/addnode.md +++ b/cluster/addnode.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Add nodes to {{ site.data.var.wlsFullBrandName }} diff --git a/cluster/appGatewayNestedTemplate.md b/cluster/appGatewayNestedTemplate.md index 3d8e98ee5..73d4a0f6b 100644 --- a/cluster/appGatewayNestedTemplate.md +++ b/cluster/appGatewayNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure App Gateway ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/cluster/coherenceTemplate.md b/cluster/coherenceTemplate.md index 546572006..401c1ec9a 100644 --- a/cluster/coherenceTemplate.md +++ b/cluster/coherenceTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Configure Coherence cluster to {{ site.data.var.wlsFullBrandName }} diff --git a/cluster/customDNSTemplate.md b/cluster/customDNSTemplate.md index 944709c37..8182d0d0d 100644 --- a/cluster/customDNSTemplate.md +++ b/cluster/customDNSTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Configure DNS alias to {{ site.data.var.wlsFullBrandName }} diff --git a/cluster/dbTemplate.md b/cluster/dbTemplate.md index b46907b35..e4ce14f1d 100644 --- a/cluster/dbTemplate.md +++ b/cluster/dbTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/cluster/deletenode.md b/cluster/deletenode.md index 5f9311fa1..f02442b19 100644 --- a/cluster/deletenode.md +++ b/cluster/deletenode.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Delete nodes from {{ site.data.var.wlsFullBrandName }} diff --git a/cluster/elkNestedTemplate.md b/cluster/elkNestedTemplate.md index fd485693d..acce72ef2 100644 --- a/cluster/elkNestedTemplate.md +++ b/cluster/elkNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana diff --git a/cluster/index.md b/cluster/index.md index 4f20c5bda..5b4270ef7 100644 --- a/cluster/index.md +++ b/cluster/index.md @@ -1,3 +1,8 @@ + + # {{ site.data.var.wlsFullBrandName }} Cluster {% include sub-template-01.md %} diff --git a/cluster/nsgRulesTemplate.md b/cluster/nsgRulesTemplate.md index 510330b3b..71c76350d 100644 --- a/cluster/nsgRulesTemplate.md +++ b/cluster/nsgRulesTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure Network Security Rule ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/dynamic-cluster/aadNestedTemplate.md b/dynamic-cluster/aadNestedTemplate.md index b4a6c5c27..9dacb7df1 100644 --- a/dynamic-cluster/aadNestedTemplate.md +++ b/dynamic-cluster/aadNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/dynamic-cluster/addnode-coherence.md b/dynamic-cluster/addnode-coherence.md index 2c601d597..3991ab6a7 100644 --- a/dynamic-cluster/addnode-coherence.md +++ b/dynamic-cluster/addnode-coherence.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Add cache managed server to {{ site.data.var.wlsFullBrandName }} Coherence cluster diff --git a/dynamic-cluster/addnode.md b/dynamic-cluster/addnode.md index 7dea5b0e7..53201615c 100644 --- a/dynamic-cluster/addnode.md +++ b/dynamic-cluster/addnode.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Add nodes to {{ site.data.var.wlsFullBrandName }} diff --git a/dynamic-cluster/coherenceTemplate.md b/dynamic-cluster/coherenceTemplate.md index 546572006..401c1ec9a 100644 --- a/dynamic-cluster/coherenceTemplate.md +++ b/dynamic-cluster/coherenceTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Configure Coherence cluster to {{ site.data.var.wlsFullBrandName }} diff --git a/dynamic-cluster/customDNSTemplate.md b/dynamic-cluster/customDNSTemplate.md index 5e6921581..63b42e405 100644 --- a/dynamic-cluster/customDNSTemplate.md +++ b/dynamic-cluster/customDNSTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Configure DNS alias to {{ site.data.var.wlsFullBrandName }} diff --git a/dynamic-cluster/dbTemplate.md b/dynamic-cluster/dbTemplate.md index b46907b35..e4ce14f1d 100644 --- a/dynamic-cluster/dbTemplate.md +++ b/dynamic-cluster/dbTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/dynamic-cluster/deletenode.md b/dynamic-cluster/deletenode.md index 40aa025b5..1fc614491 100644 --- a/dynamic-cluster/deletenode.md +++ b/dynamic-cluster/deletenode.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Delete nodes from {{ site.data.var.wlsFullBrandName }} diff --git a/dynamic-cluster/elkNestedTemplate.md b/dynamic-cluster/elkNestedTemplate.md index 1eaa960f3..f3b1f2ff9 100644 --- a/dynamic-cluster/elkNestedTemplate.md +++ b/dynamic-cluster/elkNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana diff --git a/dynamic-cluster/index.md b/dynamic-cluster/index.md index 4835215f2..66c84fec9 100644 --- a/dynamic-cluster/index.md +++ b/dynamic-cluster/index.md @@ -1,3 +1,8 @@ + + # {{ site.data.var.wlsFullBrandName }} Dynamic Cluster {% include sub-template-01.md %} diff --git a/dynamic-cluster/nsgRulesTemplate.md b/dynamic-cluster/nsgRulesTemplate.md index c7d63674d..e47262537 100644 --- a/dynamic-cluster/nsgRulesTemplate.md +++ b/dynamic-cluster/nsgRulesTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure Network Security Rule ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/dynamic-cluster/ohsNestedTemplate.md b/dynamic-cluster/ohsNestedTemplate.md index f9a774d53..16ede60a5 100644 --- a/dynamic-cluster/ohsNestedTemplate.md +++ b/dynamic-cluster/ohsNestedTemplate.md @@ -1,3 +1,7 @@ + {% include variables.md %} diff --git a/release-notes/index.md b/release-notes/index.md index a539f30c9..0d509bb6b 100644 --- a/release-notes/index.md +++ b/release-notes/index.md @@ -1,3 +1,8 @@ + + # Release Notes ## 2020-Q2 diff --git a/subtemplate-src/addnode-coherence.md b/subtemplate-src/addnode-coherence.md index 2c601d597..3991ab6a7 100644 --- a/subtemplate-src/addnode-coherence.md +++ b/subtemplate-src/addnode-coherence.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Add cache managed server to {{ site.data.var.wlsFullBrandName }} Coherence cluster diff --git a/subtemplate-src/admin-aadNestedTemplate.md b/subtemplate-src/admin-aadNestedTemplate.md index a87a6c908..99653c202 100644 --- a/subtemplate-src/admin-aadNestedTemplate.md +++ b/subtemplate-src/admin-aadNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/admin-customDNSTemplate.md b/subtemplate-src/admin-customDNSTemplate.md index 746b9e506..a10ed799e 100644 --- a/subtemplate-src/admin-customDNSTemplate.md +++ b/subtemplate-src/admin-customDNSTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Configure DNS alias to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/admin-elkNestedTemplate.md b/subtemplate-src/admin-elkNestedTemplate.md index 93759dc21..42bb37e86 100644 --- a/subtemplate-src/admin-elkNestedTemplate.md +++ b/subtemplate-src/admin-elkNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana diff --git a/subtemplate-src/appGatewayNestedTemplate.md b/subtemplate-src/appGatewayNestedTemplate.md index 0559bdaa8..428391d9f 100644 --- a/subtemplate-src/appGatewayNestedTemplate.md +++ b/subtemplate-src/appGatewayNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure App Gateway ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/cluster-aadNestedTemplate.md b/subtemplate-src/cluster-aadNestedTemplate.md index 0e72fe78c..8796d07c3 100644 --- a/subtemplate-src/cluster-aadNestedTemplate.md +++ b/subtemplate-src/cluster-aadNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/cluster-addnode.md b/subtemplate-src/cluster-addnode.md index 98b78da9e..94a8bb734 100644 --- a/subtemplate-src/cluster-addnode.md +++ b/subtemplate-src/cluster-addnode.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Add nodes to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/cluster-customDNSTemplate.md b/subtemplate-src/cluster-customDNSTemplate.md index 944709c37..8182d0d0d 100644 --- a/subtemplate-src/cluster-customDNSTemplate.md +++ b/subtemplate-src/cluster-customDNSTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Configure DNS alias to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/cluster-deletenode.md b/subtemplate-src/cluster-deletenode.md index 5f9311fa1..f02442b19 100644 --- a/subtemplate-src/cluster-deletenode.md +++ b/subtemplate-src/cluster-deletenode.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Delete nodes from {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/cluster-elkNestedTemplate.md b/subtemplate-src/cluster-elkNestedTemplate.md index 3ee880d3e..c675fbfa8 100644 --- a/subtemplate-src/cluster-elkNestedTemplate.md +++ b/subtemplate-src/cluster-elkNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana diff --git a/subtemplate-src/cluster-nsgRulesTemplate.md b/subtemplate-src/cluster-nsgRulesTemplate.md index 510330b3b..71c76350d 100644 --- a/subtemplate-src/cluster-nsgRulesTemplate.md +++ b/subtemplate-src/cluster-nsgRulesTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure Network Security Rule ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/coherenceTemplate.md b/subtemplate-src/coherenceTemplate.md index 546572006..401c1ec9a 100644 --- a/subtemplate-src/coherenceTemplate.md +++ b/subtemplate-src/coherenceTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Configure Coherence cluster to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/dbTemplate.md b/subtemplate-src/dbTemplate.md index b46907b35..e4ce14f1d 100644 --- a/subtemplate-src/dbTemplate.md +++ b/subtemplate-src/dbTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/dynamic-cluster-aadNestedTemplate.md b/subtemplate-src/dynamic-cluster-aadNestedTemplate.md index b4a6c5c27..9dacb7df1 100644 --- a/subtemplate-src/dynamic-cluster-aadNestedTemplate.md +++ b/subtemplate-src/dynamic-cluster-aadNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure Active Directory ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/dynamic-cluster-addnode.md b/subtemplate-src/dynamic-cluster-addnode.md index 7dea5b0e7..53201615c 100644 --- a/subtemplate-src/dynamic-cluster-addnode.md +++ b/subtemplate-src/dynamic-cluster-addnode.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Add nodes to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/dynamic-cluster-customDNSTemplate.md b/subtemplate-src/dynamic-cluster-customDNSTemplate.md index 5e6921581..63b42e405 100644 --- a/subtemplate-src/dynamic-cluster-customDNSTemplate.md +++ b/subtemplate-src/dynamic-cluster-customDNSTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Configure DNS alias to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/dynamic-cluster-deletenode.md b/subtemplate-src/dynamic-cluster-deletenode.md index 40aa025b5..1fc614491 100644 --- a/subtemplate-src/dynamic-cluster-deletenode.md +++ b/subtemplate-src/dynamic-cluster-deletenode.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Delete nodes from {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/dynamic-cluster-elkNestedTemplate.md b/subtemplate-src/dynamic-cluster-elkNestedTemplate.md index 1eaa960f3..f3b1f2ff9 100644 --- a/subtemplate-src/dynamic-cluster-elkNestedTemplate.md +++ b/subtemplate-src/dynamic-cluster-elkNestedTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Land {{ site.data.var.wlsFullBrandName }} logs to Elasticsearch and Kibana diff --git a/subtemplate-src/dynamic-cluster-nsgRulesTemplate.md b/subtemplate-src/dynamic-cluster-nsgRulesTemplate.md index c7d63674d..e47262537 100644 --- a/subtemplate-src/dynamic-cluster-nsgRulesTemplate.md +++ b/subtemplate-src/dynamic-cluster-nsgRulesTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Apply Azure Network Security Rule ARM Template to {{ site.data.var.wlsFullBrandName }} diff --git a/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md b/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md index f9a774d53..16ede60a5 100644 --- a/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md +++ b/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md @@ -1,3 +1,7 @@ + {% include variables.md %} diff --git a/subtemplate-src/dynamic-customDNSTemplate.md b/subtemplate-src/dynamic-customDNSTemplate.md index 5e6921581..63b42e405 100644 --- a/subtemplate-src/dynamic-customDNSTemplate.md +++ b/subtemplate-src/dynamic-customDNSTemplate.md @@ -1,3 +1,8 @@ + + {% include variables.md %} # Configure DNS alias to {{ site.data.var.wlsFullBrandName }} From 135117a9775328f1166ca8e86d7aa01c23ee344b Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 22 Nov 2021 11:20:39 +0800 Subject: [PATCH 06/42] Create global variable for aks doc. --- _data/var.yml | 1 + aks/index.md | 14 ++++++++++++++ aks/mainTemplate.md | 34 ++++++++++++++++++++++++++++++++++ 3 files changed, 49 insertions(+) create mode 100644 aks/index.md create mode 100644 aks/mainTemplate.md diff --git a/_data/var.yml b/_data/var.yml index 2b0ddf8d6..95b7e3e69 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -2,6 +2,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. azureFullBrandName: Microsoft Azure IaaS +aksFullName: Azure Kubernetes Service wlsFullBrandName: Oracle WebLogic Server brandNameNumber: 12c partNumber: E48696-01 diff --git a/aks/index.md b/aks/index.md new file mode 100644 index 000000000..e73ea4ecd --- /dev/null +++ b/aks/index.md @@ -0,0 +1,14 @@ + + +# Run {{ site.data.var.wlsFullBrandName }} on {{ site.data.var.aksFullName }} + +Templates available for working with [{{ site.data.var.wlsFullBrandName }} on {{ site.data.var.aksFullName }}](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks): + +* [Create Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration](mainTemplate.md) + +* [Configure a database connection](dbTemplate.md) + +* [Update application](aadNestedTemplate.md) \ No newline at end of file diff --git a/aks/mainTemplate.md b/aks/mainTemplate.md new file mode 100644 index 000000000..0641b9072 --- /dev/null +++ b/aks/mainTemplate.md @@ -0,0 +1,34 @@ + + +# Create Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration + +This page documents how to create Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration using Azure CLI. + +## Introduction + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the database ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and database instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `dbPassword`| See below for details. | +| `dbUser` | See below for details. | +| `dsConnectionURL`| See below for details. | +| `jdbcDataSourceName`| Must be the JNDI name for the JDBC DataSource. | +| `location` | Must be the same region into which the server was initially deployed. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | From 7a097424bc3a18af49345bb66a17edf8c344e4b7 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 29 Nov 2021 10:59:14 +0800 Subject: [PATCH 07/42] Document for mainTemplalte Signed-off-by: galiacheng --- _config.yml | 2 +- _data/var.yml | 1 + _includes/sub-template-dnszone.md | 35 +++++ _includes/variables.md | 7 +- aks/mainTemplate.md | 236 ++++++++++++++++++++++++++++-- 5 files changed, 266 insertions(+), 15 deletions(-) create mode 100644 _includes/sub-template-dnszone.md diff --git a/_config.yml b/_config.yml index 176718d58..b9199f1b2 100644 --- a/_config.yml +++ b/_config.yml @@ -2,4 +2,4 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. theme: jekyll-theme-primer -repository: "oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls" +repository: "oracle/weblogic-azure" diff --git a/_data/var.yml b/_data/var.yml index 95b7e3e69..546eb81d9 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -15,6 +15,7 @@ jdkVersionNumber: jdk1.8.0_131 repoPrefix: /arm-oraclelinux-wls- artifactsLocationBase: https://raw.githubusercontent.com/oracle/weblogic-azure artifactsLocationSubPathForVM: weblogic-azure-vm/arm-oraclelinux-wls- +artifactsLocationSubPathForAks: weblogic-azure-aks passwordInFileNote: |-3 Some things to note: diff --git a/_includes/sub-template-dnszone.md b/_includes/sub-template-dnszone.md new file mode 100644 index 000000000..f2422dcf3 --- /dev/null +++ b/_includes/sub-template-dnszone.md @@ -0,0 +1,35 @@ + + + +#### Registered Domain Name + +You need to buy a domain name to create a custom DNS alias. + +#### Azure DNS Zone + +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. + +```bash +$ nslookup -type=SOA contoso.com +Server: 172.29.80.1 +Address: 172.29.80.1#53 + +Non-authoritative answer: +contoso.com + origin = ns1-01.azure-dns.com + mail addr = azuredns-hostmaster.microsoft.com + serial = 1 + refresh = 3600 + retry = 300 + expire = 2419200 + minimum = 300 +Name: ns1-01.azure-dns.com +Address: 40.90.4.1 +Name: ns1-01.azure-dns.com +Address: 2603:1061::1 +``` + +We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. \ No newline at end of file diff --git a/_includes/variables.md b/_includes/variables.md index f4ecb68ee..a3043182f 100644 --- a/_includes/variables.md +++ b/_includes/variables.md @@ -16,7 +16,12 @@ Account for variability in the repo paths. {% comment %} something like https://raw.githubusercontent.com/galiacheng/weblogic-azure/2021-10-13-01-Q4/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/ {% endcomment %} - + +{% else if %} + {% capture armTemplateBasePath %}{{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForAks}}/src/main/arm/{% endcapture %} + {% comment %} + something like https://raw.githubusercontent.com/galiacheng/weblogic-azure/2021-10-13-01-Q4/weblogic-azure-aks/src/main/arm/ + {% endcomment %} {% else %} {% assign repoPrefix = site.data.var.repoPrefix %} {% capture armTemplateBasePath %}{{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}{{ repoPrefix }}{{ pageDir }}/src/main/arm/{% endcapture %} diff --git a/aks/mainTemplate.md b/aks/mainTemplate.md index 0641b9072..e5d232559 100644 --- a/aks/mainTemplate.md +++ b/aks/mainTemplate.md @@ -3,32 +3,242 @@ Copyright (c) 2021, Oracle and/or its affiliates. Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. --> +{% include variables.md %} + # Create Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration This page documents how to create Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration using Azure CLI. ## Introduction +We have [Azure Marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) that +makes it easy to get started with WebLogic Server on Azure, see [document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). +If you want the following advanced usage, we have mainTemplate which enables you to customize your WebLogic cluster. + +- Customize Azure Container Insight with specified retension days, workaspace SKU and resource permissions. + +- Customize Azure Kubernetes Service version and Agent Pool name. + +- Create custom T3 channel for WebLogic Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer serive. + +- Customize the CPU and memory resource for server pod, which default by 200m and 1.5Gi. + +The mainTemplate enables you not only to create a new WebLogic cluster, but also to refresh your existing cluster with new inputs. + +This document will guide you to create a new WebLogic cluster using the advanced configurations. + ## Prerequisites ### Environment for Setup * [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. +### Azure Managed Indentify + +You are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) +to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + +### Azure Service Principal + +Optional. + +You are required to input a Base64 encoded JSON string of a service principal for the selected subscription +if you are going to enable Azure Application Gatway ingress. + +You can generate one with command `az ad sp create-for-rbac --sdk-auth | base64 -w0`. + +### Database Instance + +Optional. + +If you are going to apply a database with {{ site.data.var.wlsFullBrandName }}, +you must have an existing database instance to use. This template +supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), +[Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +create one from the Azure portal. If you want to use other databse, you must provide a running data server, +make sure the database is accessible from Azure, you can contact [Azure Java EE team](https://aka.ms/wls-aks-contactme) for support, +see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for configuration. + +### Custom DNS + +Optional. + +{% include sub-template-dnszone.md %} + +## Prepare the Parameters + +You must construct a parameters JSON file containing the parameters to the database ARM template. +See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. +This section shows how to obtain the values for the required properties. + +### Obtain parameter values from Azure portal + +The first step is to obtain the parameter values from Azure portal, as Azure portal eases the interface and validation. +You can also create the objects in your parameter file directly. + +The following steps are leveraging [Azure Create UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade) to obtain the value of parameters that are available from Azure portal. The Azure UI Definition Sandbox provides controls to select resources and input your value easily. + +- Use your favourite browser and open [Azure UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade). + +- Clear the content of Azure UI Definition Sandbox, and replace with the content of [createUiDefinition.json]({{ armTemplateBasePath }}createUiDefinition.json) + +- Click **Preview** + +- Fill in values, see [running Oracle WebLogic Server on Azure Kuberneters Service document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). -## Prepare the Parameters JSON file +- Click **Review+create**, after you finish the inputs. The Azure UI Definition Sandbox will validate the inputs, you must resolve error if there is before going on. -You must construct a parameters JSON file containing the parameters to the database ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and database instance. This section shows how to obtain the values for the following required properties. + You will find a message "Validation Passed". -| Parameter Name | Explanation | +- Click "View outputs payload", copy the payload and save it to a file named `parameters.json` + +### Configure advanced parameters + +| Advanced parameter Name | Explanation | |----------------|-------------| -| `_artifactsLocation`| See below for details. | -| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | -| `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | -| `dbPassword`| See below for details. | -| `dbUser` | See below for details. | -| `dsConnectionURL`| See below for details. | -| `jdbcDataSourceName`| Must be the JNDI name for the JDBC DataSource. | -| `location` | Must be the same region into which the server was initially deployed. | -| `wlsPassword` | Must be the same value provided at deployment time. | -| `wlsUserName` | Must be the same value provided at deployment time. | +| `_artifactsLocation`| Required. See below for details. | +| `aciResourcePermissions`| Optinal. The parameter activates when Azure Container Insight is enabled, `enableAzureMonitoring=true`. `false`: Set the workspace to workspace-context permissions. This is the default setting if the flag isn't set. `true`: Set the workspace to resource-context permissions. See [Azure Monitor access control mode](https://docs.microsoft.com/en-us/azure/azure-monitor/logs/manage-access#configure-access-control-mode) | +| `aciRetentionInDays`| Optinal. Number of days to retain data in Azure Monitor workspace. | +| `aciWorkspaceSku`| Optinal. Pricing tier: PerGB2018 or legacy tiers (Free, Standalone, PerNode, Standard or Premium) which are not available to all customers.. | +| `aksAgentPoolName` | Optinal. The name for this node pool. Node pool must contain only lowercase letters and numbers. For Linux node pools the name cannot be longer than 12 characters. | +| `aksVersion`| Optinal. Version of Azure Kubernetes Service. Use default version if no specified value. | +| `enableAdminT3Tunneling`| Optinal. Configure a custom channel in Admin Server for the T3 protocol that enables HTTP tunneling. | +| `enableClusterT3Tunneling` | Optinal. Configure a custom channel in WebLogic cluster for the T3 protocol that enables HTTP tunneling. | +| `t3ChannelAdminPort` | Optinal. Sepcify cublic port of the custom T3 channel in admin server. | +| `t3ChannelClusterPort` | Optinal. Specify public port of the custom T3 channel in WebLoigc cluster. | +| `wlsCPU` | Optinal. Sepcify CPU requests for admin server and managed server pods. | +| `wlsMemory` | Optinal. Specify memory requests for admin server and managed server pods. | + + +#### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +Append the expected advanced parameter to `parameters.json`. And make sure `_artifactsLocation` is presenting in `parameters.json`. + +#### Example Parameters JSON + +This is a sample to create WebLogic cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. +The parameters using default value haven't been shown for brevity. + +```json +{ + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "createACR": { + "value": true + }, + "enableAdminT3Tunneling": { + "value": true + }, + "enableClusterT3Tunneling": { + "value": true + }, + "identity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} + } + } + }, + "lbSvcValues": { + "value": [ + { + "colName": "domain1-admin-t3", + "colTarget": "adminServerT3", + "colPort": "7005" + }, + { + "colName": "domain-cluster-t3", + "colTarget": "cluster1T3", + "colPort": "8011" + } + ] + }, + "location": { + "value": "eastus" + }, + "ocrSSOPSW": { + "value": "Secret123!" + }, + "ocrSSOUser": { + "value": "sample@foo.com" + }, + "wdtRuntimePassword": { + "value": "Secret123!" + }, + "wlsPassword": { + "value": "Secret123!" + }, + "wlsUserName": { + "value": "weblogic" + } + } +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. +This section shows the commands to create WebLogic cluster on AKS. + +Use the command to create a resoruce group. + +```shell +resourceGroupName="hello-wls-aks" +az group create --name ${resourceGroupName} -l eastus +``` + +### Validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose \ + --resource-group ${resourceGroupName} \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose \ + --resource-group ${resourceGroupName} \ + --name advanced-deployment \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +After a successful deployment, you should find `"provisioningState": "Succeeded"` in your output. + + +## Verify deployment + +The sample has set up custom T3 channel for Administration Server and cluster, you should be able to access Administration Console portal +using the public address of T3 channel. + +Obtain the address from deployment output: + + - Open your resource group from Azure portal. + - Click **Settings** -> **Deployments** -> the deployment with name `advanced-deployment`, listed in the bottom. + - Click **Outputs** of the deployment, copy the value of `adminServerT3ExternalUrl` + +Access `${adminServerT3ExternalUrl}/console` from browser, you should find the login page. + + \ No newline at end of file From 4506e5d01c09424d841531043152ae264c0abef3 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 30 Nov 2021 09:50:13 +0800 Subject: [PATCH 08/42] Documents for dbTemplate Signed-off-by: galiacheng --- .gitignore | 1 + .../sub-template-datasource-connection-url.md | 57 +++++ admin/dbTemplate.md | 58 +---- aks/dbTemplate.md | 198 ++++++++++++++++++ aks/index.md | 2 +- aks/updateAppTemplate.md | 0 cluster/dbTemplate.md | 58 +---- dynamic-cluster/dbTemplate.md | 58 +---- subtemplate-src/dbTemplate.md | 58 +---- 9 files changed, 261 insertions(+), 229 deletions(-) create mode 100644 .gitignore create mode 100644 _includes/sub-template-datasource-connection-url.md create mode 100644 aks/dbTemplate.md create mode 100644 aks/updateAppTemplate.md diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000..82606e1bb --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/_site/** \ No newline at end of file diff --git a/_includes/sub-template-datasource-connection-url.md b/_includes/sub-template-datasource-connection-url.md new file mode 100644 index 000000000..1a4b9c2f2 --- /dev/null +++ b/_includes/sub-template-datasource-connection-url.md @@ -0,0 +1,57 @@ +#### Oracle Database: + +The following is the format of the JDBC connection string for Oracle Database: + +```bash +jdbc:oracle:thin:@HOSTNAME:1521/DATABASENAME +``` + +For example: + +```bash +jdbc:oracle:thin:@benqoiz.southeastasia.cloudapp.azure.com:1521/pdb1 +``` + +#### Azure Database for PostgreSQL: + +Deploy an Azure Database PostgreSQL as described in [Create an Azure Database for PostgreSQL server in the Azure portal](https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-portal). + +1. Access the [Azure portal](https://portal.azure.com), and go to the service instance. + +2. Click **Connection Strings** under **Settings**. + +3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: + +```bash +jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?user=jroybtvp@20191015cbfgterfdy&password={your_password}&sslmode=require +``` + +When passing this value to the ARM template, remove the database user and password values from the connection string, and let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: + +```bash +jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?sslmode=require +``` + +Finally, replace `{your_database}` with the name of your database, typically `postgres`. + +#### Azure SQL Server + +Deploy Azure SQL Server as described in [Create a single database in Azure SQL Database using the Azure portal, PowerShell, and Azure CLI](https://docs.microsoft.com/en-us/azure/sql-database/sql-database-single-database-get-started?tabs=azure-portal). + +1. Access the [Azure portal](https://portal.azure.com) and go to the service instance. + +2. Click **Connection Strings** under **Settings**. + +3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: + +```bash +jdbc:sqlserver://rwo102804.database.windows.net:1433;database=rwo102804;user=jroybtvp@rwo102804;password={your_password_here};encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30; +``` + +When passing this value to the ARM template, remove the database user and password values, let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: + +```bash +jdbc:sqlserver://rwo102804.database.windows.net:1433;database={your_database};encrypt=true;tr +``` + +Finally, replace `{your_database}` with the name of your database. \ No newline at end of file diff --git a/admin/dbTemplate.md b/admin/dbTemplate.md index e4ce14f1d..5645b516a 100644 --- a/admin/dbTemplate.md +++ b/admin/dbTemplate.md @@ -68,63 +68,7 @@ This value must be the following. The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. -#### Oracle Database: - -The following is the format of the JDBC connection string for Oracle Database: - -```bash -jdbc:oracle:thin:@HOSTNAME:1521/DATABASENAME -``` - -For example: - -```bash -jdbc:oracle:thin:@benqoiz.southeastasia.cloudapp.azure.com:1521/pdb1 -``` - -#### Azure Database for PostgreSQL: - -Deploy an Azure Database PostgreSQL as described in [Create an Azure Database for PostgreSQL server in the Azure portal](https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-portal). - -1. Access the [Azure portal](https://portal.azure.com), and go to the service instance. - -2. Click **Connection Strings** under **Settings**. - -3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: - -```bash -jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?user=jroybtvp@20191015cbfgterfdy&password={your_password}&sslmode=require -``` - -When passing this value to the ARM template, remove the database user and password values from the connection string, and let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: - -```bash -jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?sslmode=require -``` - -Finally, replace `{your_database}` with the name of your database, typically `postgres`. - -#### Azure SQL Server - -Deploy Azure SQL Server as described in [Create a single database in Azure SQL Database using the Azure portal, PowerShell, and Azure CLI](https://docs.microsoft.com/en-us/azure/sql-database/sql-database-single-database-get-started?tabs=azure-portal). - -1. Access the [Azure portal](https://portal.azure.com) and go to the service instance. - -2. Click **Connection Strings** under **Settings**. - -3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: - -```bash -jdbc:sqlserver://rwo102804.database.windows.net:1433;database=rwo102804;user=jroybtvp@rwo102804;password={your_password_here};encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30; -``` - -When passing this value to the ARM template, remove the database user and password values, let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: - -```bash -jdbc:sqlserver://rwo102804.database.windows.net:1433;database={your_database};encrypt=true;tr -``` - -Finally, replace `{your_database}` with the name of your database. +{% include sub-template-datasource-connection-url.md %} #### Example Parameters JSON diff --git a/aks/dbTemplate.md b/aks/dbTemplate.md new file mode 100644 index 000000000..0204a2167 --- /dev/null +++ b/aks/dbTemplate.md @@ -0,0 +1,198 @@ + + +{% include variables.md %} + +# Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} that is running on AKS + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure database using Azure CLI. + +You can invoke the database ARM template to: + + - Create a new datasource connection, you can have multiple datasource connections in your cluster. + + - Update an existing datasource connection + + - Delete an existing datasource connection + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### Azure Managed Indentify + +You are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) +to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + +### WebLogic Server Instance + +The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +If you are using your own datasource driver, make sure the datasource driver is uploaded during the WebLogic Server instance provisioning. + +You can create a WebLogic cluster with datasource driver library with steps: + + - Open [WebLogic on AKS marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) + + - Input values to **Basics** and **Config AKS cluster** blade + + - In the Database blade, select **Yes** to connect to database. For **Choose databse type**, select **Other**, upload datasource driver in **Datasource driver**. + + - Finish other inputs, create **Review + create** to provison a cluster. + +You will get a WebLogic cluster with your datasource driver built in the image. + +### Database Instance + +To apply a database with {{ site.data.var.wlsFullBrandName }}, +you must have an existing database instance to use. + +#### Work with built-in datasource driver + +The marketplace offer ships with database driver for [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). You can invoke the dbTemplate to create datasource connection for those database. +If you do not have an instance, please create one from Azure portal. + +#### Bring your own datasource driver + +Besides [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal), you are able to create datasource connection using other databases, such as [IBM Informix](https://www.ibm.com/products/informix) and [MariaDB](https://mariadb.org/), but you have to follow those steps to achieve that: + + - Create your database server, and make sure the database is accessible from Azure. + + - Ship your database driver to WebLogic cluster. The only approach to upload a datasource driver is using [marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks). The offer enables you to bring your own datasource driver. See [WebLogic Server Instance](#webLogic-server-instance) + + - Invoke the dbTemplate to update an existing datasource connection or create another new datasource connection. + +### Apply multiple datasource + +You may want to enable multiple datasource in your cluster for the following usage: + - Create multiple datasource connections using the same database + - Create multiple datasource connections using different databases + +You can deploy different datasource connections using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. + +To deploy datasource using your own datasource driver, we assume the datasource driver have been uploaded to the cluster. See [WebLogic Server Instance](#webLogic-server-instance) + +## Prepare the Parameters JSON file + +| Advanced parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| Required. See below for details. | +| `aksClusterName`| Required. Name of the AKS cluster. Must be the same value provided at deployment time. | +| `databaseType`| Optinal. Defaults by `oracle`.
`oracle`: will provision a [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database) datasoruce connection.
`postgresql`: will provision a [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) datasource connection.
`sqlserver`: will provision a [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) datasource connection. | +| `dbConfigurationType`| Optinal. Defaults by `createOrUpdate`.
`createOrUpdate`: the deployment will create a new datasource connection if there is no datasource has the same name with `jdbcDataSourceName`, otherwise, will update the expected datasource with new inputs.
`delete`: the deployment will delete a datasource connection that has name `jdbcDataSourceName` | +| `dbGlobalTranPro` | Optinal. Defaults by `OnePhaseCommit`. The transaction protocol (global transaction processing behavior) for the data source. You may use one from: `["TwoPhaseCommit", "LoggingLastResource", "OnePhaseCommit", "None"]`| +| `dbPassword`| Required. Password for the datasource connection. | +| `dbUser`| Required. User id for the datasource connection. | +| `dsConnectionURL` | Required. JDBC connection string. | +| `identity` | Required. Azure user managed identity used, make sure the identity has permission to create/update/delete Azure resources. It's recommended to assign "Contributor" role. | +| `jdbcDataSourceName` | Required. Specify public port of the custom T3 channel in WebLoigc cluster. | +| `wlsDomainUID` | Required. UID of the domain that you are going to update. Make sure it's the same with the initial cluster deployment. | +| `wlsPassword` | Required. Password for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | +| `wlsUserName` | Required. User name for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Obtain the JDBC Connection String, Database User, and Database Password + +The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. + +{% include sub-template-datasource-connection-url.md %} + +#### Example Parameters JSON + +```json +{ + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "aksClusterName": { + "value": "aks-sample" + }, + "databaseType": { + "value": "postgresql" + }, + "dbConfigurationType": { + "value": "createOrUpdate" + }, + "dbPassword": { + "value": "Secret123!" + }, + "dbUser": { + "value": "postgres@sampledb" + }, + "dsConnectionURL": { + "value": "jdbc:postgresql://sampledb.postgres.database.azure.com:5432/postgres?sslmode=require" + }, + "identity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} + } + } + }, + "jdbcDataSourceName": { + "value": "jdbc/WebLogicDB" + }, + "wlsDomainUID": { + "value": "sample-domain1" + }, + "wlsPassword": { + "value": "Secret123!" + }, + "wlsUserName": { + "value": "weblogic" + } + } +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### Validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +For a successful deployment, you should find `"provisioningState": "Succeeded"` in your output. + +## Verify Database Connection + +Follow the steps to check if the database has successfully been connected. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigation pane, expand the **Services** tree node and the **DataSources** child node. +* Select the row for the JDBC database name, for example `jdbc/WebLogicDB`. +* Select the **Monitoring** tab and the **Testing** sub-tab. +* Select `admin` and select **Test Data Source** +* If the database is enabled, you will see a message similar to "Test of jdbc/WebLogicDB on server admin was successful." \ No newline at end of file diff --git a/aks/index.md b/aks/index.md index e73ea4ecd..4525fcab5 100644 --- a/aks/index.md +++ b/aks/index.md @@ -11,4 +11,4 @@ Templates available for working with [{{ site.data.var.wlsFullBrandName }} on {{ * [Configure a database connection](dbTemplate.md) -* [Update application](aadNestedTemplate.md) \ No newline at end of file +* [Update application](updateAppTemplate.md) \ No newline at end of file diff --git a/aks/updateAppTemplate.md b/aks/updateAppTemplate.md new file mode 100644 index 000000000..e69de29bb diff --git a/cluster/dbTemplate.md b/cluster/dbTemplate.md index e4ce14f1d..5645b516a 100644 --- a/cluster/dbTemplate.md +++ b/cluster/dbTemplate.md @@ -68,63 +68,7 @@ This value must be the following. The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. -#### Oracle Database: - -The following is the format of the JDBC connection string for Oracle Database: - -```bash -jdbc:oracle:thin:@HOSTNAME:1521/DATABASENAME -``` - -For example: - -```bash -jdbc:oracle:thin:@benqoiz.southeastasia.cloudapp.azure.com:1521/pdb1 -``` - -#### Azure Database for PostgreSQL: - -Deploy an Azure Database PostgreSQL as described in [Create an Azure Database for PostgreSQL server in the Azure portal](https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-portal). - -1. Access the [Azure portal](https://portal.azure.com), and go to the service instance. - -2. Click **Connection Strings** under **Settings**. - -3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: - -```bash -jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?user=jroybtvp@20191015cbfgterfdy&password={your_password}&sslmode=require -``` - -When passing this value to the ARM template, remove the database user and password values from the connection string, and let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: - -```bash -jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?sslmode=require -``` - -Finally, replace `{your_database}` with the name of your database, typically `postgres`. - -#### Azure SQL Server - -Deploy Azure SQL Server as described in [Create a single database in Azure SQL Database using the Azure portal, PowerShell, and Azure CLI](https://docs.microsoft.com/en-us/azure/sql-database/sql-database-single-database-get-started?tabs=azure-portal). - -1. Access the [Azure portal](https://portal.azure.com) and go to the service instance. - -2. Click **Connection Strings** under **Settings**. - -3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: - -```bash -jdbc:sqlserver://rwo102804.database.windows.net:1433;database=rwo102804;user=jroybtvp@rwo102804;password={your_password_here};encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30; -``` - -When passing this value to the ARM template, remove the database user and password values, let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: - -```bash -jdbc:sqlserver://rwo102804.database.windows.net:1433;database={your_database};encrypt=true;tr -``` - -Finally, replace `{your_database}` with the name of your database. +{% include sub-template-datasource-connection-url.md %} #### Example Parameters JSON diff --git a/dynamic-cluster/dbTemplate.md b/dynamic-cluster/dbTemplate.md index e4ce14f1d..5645b516a 100644 --- a/dynamic-cluster/dbTemplate.md +++ b/dynamic-cluster/dbTemplate.md @@ -68,63 +68,7 @@ This value must be the following. The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. -#### Oracle Database: - -The following is the format of the JDBC connection string for Oracle Database: - -```bash -jdbc:oracle:thin:@HOSTNAME:1521/DATABASENAME -``` - -For example: - -```bash -jdbc:oracle:thin:@benqoiz.southeastasia.cloudapp.azure.com:1521/pdb1 -``` - -#### Azure Database for PostgreSQL: - -Deploy an Azure Database PostgreSQL as described in [Create an Azure Database for PostgreSQL server in the Azure portal](https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-portal). - -1. Access the [Azure portal](https://portal.azure.com), and go to the service instance. - -2. Click **Connection Strings** under **Settings**. - -3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: - -```bash -jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?user=jroybtvp@20191015cbfgterfdy&password={your_password}&sslmode=require -``` - -When passing this value to the ARM template, remove the database user and password values from the connection string, and let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: - -```bash -jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?sslmode=require -``` - -Finally, replace `{your_database}` with the name of your database, typically `postgres`. - -#### Azure SQL Server - -Deploy Azure SQL Server as described in [Create a single database in Azure SQL Database using the Azure portal, PowerShell, and Azure CLI](https://docs.microsoft.com/en-us/azure/sql-database/sql-database-single-database-get-started?tabs=azure-portal). - -1. Access the [Azure portal](https://portal.azure.com) and go to the service instance. - -2. Click **Connection Strings** under **Settings**. - -3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: - -```bash -jdbc:sqlserver://rwo102804.database.windows.net:1433;database=rwo102804;user=jroybtvp@rwo102804;password={your_password_here};encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30; -``` - -When passing this value to the ARM template, remove the database user and password values, let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: - -```bash -jdbc:sqlserver://rwo102804.database.windows.net:1433;database={your_database};encrypt=true;tr -``` - -Finally, replace `{your_database}` with the name of your database. +{% include sub-template-datasource-connection-url.md %} #### Example Parameters JSON diff --git a/subtemplate-src/dbTemplate.md b/subtemplate-src/dbTemplate.md index e4ce14f1d..5645b516a 100644 --- a/subtemplate-src/dbTemplate.md +++ b/subtemplate-src/dbTemplate.md @@ -68,63 +68,7 @@ This value must be the following. The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. -#### Oracle Database: - -The following is the format of the JDBC connection string for Oracle Database: - -```bash -jdbc:oracle:thin:@HOSTNAME:1521/DATABASENAME -``` - -For example: - -```bash -jdbc:oracle:thin:@benqoiz.southeastasia.cloudapp.azure.com:1521/pdb1 -``` - -#### Azure Database for PostgreSQL: - -Deploy an Azure Database PostgreSQL as described in [Create an Azure Database for PostgreSQL server in the Azure portal](https://docs.microsoft.com/en-us/azure/postgresql/quickstart-create-server-database-portal). - -1. Access the [Azure portal](https://portal.azure.com), and go to the service instance. - -2. Click **Connection Strings** under **Settings**. - -3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: - -```bash -jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?user=jroybtvp@20191015cbfgterfdy&password={your_password}&sslmode=require -``` - -When passing this value to the ARM template, remove the database user and password values from the connection string, and let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: - -```bash -jdbc:postgresql://20191015cbfgterfdy.postgres.database.azure.com:5432/{your_database}?sslmode=require -``` - -Finally, replace `{your_database}` with the name of your database, typically `postgres`. - -#### Azure SQL Server - -Deploy Azure SQL Server as described in [Create a single database in Azure SQL Database using the Azure portal, PowerShell, and Azure CLI](https://docs.microsoft.com/en-us/azure/sql-database/sql-database-single-database-get-started?tabs=azure-portal). - -1. Access the [Azure portal](https://portal.azure.com) and go to the service instance. - -2. Click **Connection Strings** under **Settings**. - -3. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection string to the clipboard. The JDBC connection string will be similar to the following: - -```bash -jdbc:sqlserver://rwo102804.database.windows.net:1433;database=rwo102804;user=jroybtvp@rwo102804;password={your_password_here};encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30; -``` - -When passing this value to the ARM template, remove the database user and password values, let them be the parameters `dbUser` and `dbPassword`. In the above JDBC connection string sample, the value for `dsConnectionURL` argument after removing the database user and password, will be: - -```bash -jdbc:sqlserver://rwo102804.database.windows.net:1433;database={your_database};encrypt=true;tr -``` - -Finally, replace `{your_database}` with the name of your database. +{% include sub-template-datasource-connection-url.md %} #### Example Parameters JSON From d3cb7642292b68accb2caf20128a743ee5035e64 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 1 Dec 2021 15:53:23 +0800 Subject: [PATCH 09/42] Documents for updating WLS cluster. Signed-off-by: galiacheng --- _includes/sub-template-advanced-usage.md | 11 + .../sub-template-create-update-wls-on-aks.md | 185 ++++++++++++++++ aks/index.md | 4 +- aks/mainTemplate.md | 208 ++---------------- aks/updateClusterTemplate.md | 66 ++++++ 5 files changed, 278 insertions(+), 196 deletions(-) create mode 100644 _includes/sub-template-advanced-usage.md create mode 100644 _includes/sub-template-create-update-wls-on-aks.md create mode 100644 aks/updateClusterTemplate.md diff --git a/_includes/sub-template-advanced-usage.md b/_includes/sub-template-advanced-usage.md new file mode 100644 index 000000000..e9e07f3fd --- /dev/null +++ b/_includes/sub-template-advanced-usage.md @@ -0,0 +1,11 @@ +We have [Azure Marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) that +makes it easy to get started with WebLogic Server on Azure, see [document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). +If you want the following advanced usage, we have mainTemplate which enables you to customize your WebLogic cluster. + +- Customize Azure Container Insight with specified retension days, workaspace SKU and resource permissions. + +- Customize Azure Kubernetes Service version and Agent Pool name. + +- Create custom T3 channel for WebLogic Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer serive. + +- Customize the CPU and memory resource for server pod, which default by 200m and 1.5Gi. \ No newline at end of file diff --git a/_includes/sub-template-create-update-wls-on-aks.md b/_includes/sub-template-create-update-wls-on-aks.md new file mode 100644 index 000000000..867e4cb36 --- /dev/null +++ b/_includes/sub-template-create-update-wls-on-aks.md @@ -0,0 +1,185 @@ +## Prepare the Parameters + +You must construct a parameters JSON file containing the parameters to the database ARM template. +See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. +This section shows how to obtain the values for the required properties. + +### Obtain parameter values from Azure portal + +The first step is to obtain the parameter values from Azure portal, as Azure portal eases the interface and validation. +You can define TLS/SSL configuration, Load Balancer setting, Application Gateway integration, custom DNS configuration and Database using the interface. + +While if you prefer to edit a json file, you can also create the objects in your parameter file directly. + +The following steps are leveraging [Azure Create UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade) to obtain the value. The Azure UI Definition Sandbox provides controls to select resources and input your value easily. + +- Use your favourite browser and open [Azure UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade). + +- Clear the content of Azure UI Definition Sandbox, and replace with the content of [createUiDefinition.json]({{ armTemplateBasePath }}createUiDefinition.json) + +- Click **Preview** + +- Fill in values, see [running Oracle WebLogic Server on Azure Kuberneters Service document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). + + - **Basics** blade, configure the creadentials for WebLogic and select User assigned managed identity. + + - **Configure** blade, configure the AKS cluster, image selection and Java EE application selection. + + - **TLS/SSL configuration** blade, configure TLS/SSL certificates for Identity Key Store and Trust Key Store, which will be applied to WebLogic cluster. + + - **Networking** blade, configure Standard Load Balancer service and Application Gateway Ingress Controller. + + - **DNS configuration** blade, configure custom DNS alias for WebLogic Console portal and cluster. + + - **Database** blade, configure datasource connection. If you want to enable other database, select `Other` in **Choose database type** and finish the required inputs. + +- Click **Review+create**, the Azure UI Definition Sandbox will validate the inputs, you must resolve error if there is before going on. + + You will find a message "Validation Passed". + +- Click **View outputs payload**, copy the payload and save it to a file named `parameters.json` + +### Configure advanced parameters + +| Advanced parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| Required. See below for details. | +| `aciResourcePermissions`| Optinal. The parameter activates when Azure Container Insight is enabled, `enableAzureMonitoring=true`. `false`: Set the workspace to workspace-context permissions. This is the default setting if the flag isn't set. `true`: Set the workspace to resource-context permissions. See [Azure Monitor access control mode](https://docs.microsoft.com/en-us/azure/azure-monitor/logs/manage-access#configure-access-control-mode) | +| `aciRetentionInDays`| Optinal. Number of days to retain data in Azure Monitor workspace. | +| `aciWorkspaceSku`| Optinal. Pricing tier: PerGB2018 or legacy tiers (Free, Standalone, PerNode, Standard or Premium) which are not available to all customers.. | +| `aksAgentPoolName` | Optinal. The name for this node pool. Node pool must contain only lowercase letters and numbers. For Linux node pools the name cannot be longer than 12 characters. | +| `aksVersion`| Optinal. Version of Azure Kubernetes Service. Use default version if no specified value. | +| `enableAdminT3Tunneling`| Optinal. Configure a custom channel in Admin Server for the T3 protocol that enables HTTP tunneling. | +| `enableClusterT3Tunneling` | Optinal. Configure a custom channel in WebLogic cluster for the T3 protocol that enables HTTP tunneling. | +| `t3ChannelAdminPort` | Optinal. Sepcify cublic port of the custom T3 channel in admin server. | +| `t3ChannelClusterPort` | Optinal. Specify public port of the custom T3 channel in WebLoigc cluster. | +| `wlsCPU` | Optinal. Sepcify CPU requests for admin server and managed server pods. | +| `wlsMemory` | Optinal. Specify memory requests for admin server and managed server pods. | + + +#### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +Append the expected advanced parameter to `parameters.json`. And make sure `_artifactsLocation` is presenting in `parameters.json`. + +#### Example Parameters JSON + +This is a sample to create WebLogic cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. +The parameters using default value haven't been shown for brevity. + +```json +{ + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "createACR": { + "value": true + }, + "enableAdminT3Tunneling": { + "value": true + }, + "enableClusterT3Tunneling": { + "value": true + }, + "identity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} + } + } + }, + "lbSvcValues": { + "value": [ + { + "colName": "domain1-admin-t3", + "colTarget": "adminServerT3", + "colPort": "7005" + }, + { + "colName": "domain-cluster-t3", + "colTarget": "cluster1T3", + "colPort": "8011" + } + ] + }, + "location": { + "value": "eastus" + }, + "ocrSSOPSW": { + "value": "Secret123!" + }, + "ocrSSOUser": { + "value": "sample@foo.com" + }, + "wdtRuntimePassword": { + "value": "Secret123!" + }, + "wlsPassword": { + "value": "Secret123!" + }, + "wlsUserName": { + "value": "weblogic" + } + } +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. +This section shows the commands to create WebLogic cluster on AKS. + +Use the command to create a resoruce group. + +```shell +resourceGroupName="hello-wls-aks" +az group create --name ${resourceGroupName} -l eastus +``` + +### Validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose \ + --resource-group ${resourceGroupName} \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose \ + --resource-group ${resourceGroupName} \ + --name advanced-deployment \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +After a successful deployment, you should find `"provisioningState": "Succeeded"` in your output. + + +## Verify deployment + +The sample has set up custom T3 channel for Administration Server and cluster, you should be able to access Administration Console portal +using the public address of T3 channel. + +Obtain the address from deployment output: + + - Open your resource group from Azure portal. + - Click **Settings** -> **Deployments** -> the deployment with name `advanced-deployment`, listed in the bottom. + - Click **Outputs** of the deployment, copy the value of `adminServerT3ExternalUrl` + +Access `${adminServerT3ExternalUrl}/console` from browser, you should find the login page. diff --git a/aks/index.md b/aks/index.md index 4525fcab5..9bd6b627c 100644 --- a/aks/index.md +++ b/aks/index.md @@ -7,7 +7,9 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or Templates available for working with [{{ site.data.var.wlsFullBrandName }} on {{ site.data.var.aksFullName }}](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks): -* [Create Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration](mainTemplate.md) +* [Create WebLogic cluster with advanced configuration](mainTemplate.md) + +* [Update WebLogic cluster with advanced configuration](updateClusterTemplate.md) * [Configure a database connection](dbTemplate.md) diff --git a/aks/mainTemplate.md b/aks/mainTemplate.md index e5d232559..b72c4e0d1 100644 --- a/aks/mainTemplate.md +++ b/aks/mainTemplate.md @@ -11,21 +11,9 @@ This page documents how to create Oracle WebLogic cluster on {{ site.data.var.ak ## Introduction -We have [Azure Marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) that -makes it easy to get started with WebLogic Server on Azure, see [document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). -If you want the following advanced usage, we have mainTemplate which enables you to customize your WebLogic cluster. +{% include sub-template-advanced-usage.md %} -- Customize Azure Container Insight with specified retension days, workaspace SKU and resource permissions. - -- Customize Azure Kubernetes Service version and Agent Pool name. - -- Create custom T3 channel for WebLogic Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer serive. - -- Customize the CPU and memory resource for server pod, which default by 200m and 1.5Gi. - -The mainTemplate enables you not only to create a new WebLogic cluster, but also to refresh your existing cluster with new inputs. - -This document will guide you to create a new WebLogic cluster using the advanced configurations. +This document will guide you to create a WebLogic cluster using the advanced configurations. ## Prerequisites @@ -46,8 +34,8 @@ To obtain ID of the indentify: go to Azure Portal; open the identity **Overview* Optional. -You are required to input a Base64 encoded JSON string of a service principal for the selected subscription -if you are going to enable Azure Application Gatway ingress. +If you are going to enable Azure Application Gatway Ingress Controller, you are required to input +a Base64 encoded JSON string of a service principal for the selected subscription. You can generate one with command `az ad sp create-for-rbac --sdk-auth | base64 -w0`. @@ -56,12 +44,14 @@ You can generate one with command `az ad sp create-for-rbac --sdk-auth | base64 Optional. If you are going to apply a database with {{ site.data.var.wlsFullBrandName }}, -you must have an existing database instance to use. This template -supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), -[Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please -create one from the Azure portal. If you want to use other databse, you must provide a running data server, -make sure the database is accessible from Azure, you can contact [Azure Java EE team](https://aka.ms/wls-aks-contactme) for support, -see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for configuration. +you must have an existing database instance to use. + +This template builds with datasource driver for three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), +[Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +create one from the Azure portal. + +If you want to use other databse, you must provide a running data server, +make sure the database is accessible from Azure. Then specify a datasource driver url via `dbDriverLibrariesUrls `, datasource driver name via `dbDriverName` and test table name `dbTestTableName`, see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for more information. ### Custom DNS @@ -69,176 +59,4 @@ Optional. {% include sub-template-dnszone.md %} -## Prepare the Parameters - -You must construct a parameters JSON file containing the parameters to the database ARM template. -See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. -This section shows how to obtain the values for the required properties. - -### Obtain parameter values from Azure portal - -The first step is to obtain the parameter values from Azure portal, as Azure portal eases the interface and validation. -You can also create the objects in your parameter file directly. - -The following steps are leveraging [Azure Create UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade) to obtain the value of parameters that are available from Azure portal. The Azure UI Definition Sandbox provides controls to select resources and input your value easily. - -- Use your favourite browser and open [Azure UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade). - -- Clear the content of Azure UI Definition Sandbox, and replace with the content of [createUiDefinition.json]({{ armTemplateBasePath }}createUiDefinition.json) - -- Click **Preview** - -- Fill in values, see [running Oracle WebLogic Server on Azure Kuberneters Service document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). - -- Click **Review+create**, after you finish the inputs. The Azure UI Definition Sandbox will validate the inputs, you must resolve error if there is before going on. - - You will find a message "Validation Passed". - -- Click "View outputs payload", copy the payload and save it to a file named `parameters.json` - -### Configure advanced parameters - -| Advanced parameter Name | Explanation | -|----------------|-------------| -| `_artifactsLocation`| Required. See below for details. | -| `aciResourcePermissions`| Optinal. The parameter activates when Azure Container Insight is enabled, `enableAzureMonitoring=true`. `false`: Set the workspace to workspace-context permissions. This is the default setting if the flag isn't set. `true`: Set the workspace to resource-context permissions. See [Azure Monitor access control mode](https://docs.microsoft.com/en-us/azure/azure-monitor/logs/manage-access#configure-access-control-mode) | -| `aciRetentionInDays`| Optinal. Number of days to retain data in Azure Monitor workspace. | -| `aciWorkspaceSku`| Optinal. Pricing tier: PerGB2018 or legacy tiers (Free, Standalone, PerNode, Standard or Premium) which are not available to all customers.. | -| `aksAgentPoolName` | Optinal. The name for this node pool. Node pool must contain only lowercase letters and numbers. For Linux node pools the name cannot be longer than 12 characters. | -| `aksVersion`| Optinal. Version of Azure Kubernetes Service. Use default version if no specified value. | -| `enableAdminT3Tunneling`| Optinal. Configure a custom channel in Admin Server for the T3 protocol that enables HTTP tunneling. | -| `enableClusterT3Tunneling` | Optinal. Configure a custom channel in WebLogic cluster for the T3 protocol that enables HTTP tunneling. | -| `t3ChannelAdminPort` | Optinal. Sepcify cublic port of the custom T3 channel in admin server. | -| `t3ChannelClusterPort` | Optinal. Specify public port of the custom T3 channel in WebLoigc cluster. | -| `wlsCPU` | Optinal. Sepcify CPU requests for admin server and managed server pods. | -| `wlsMemory` | Optinal. Specify memory requests for admin server and managed server pods. | - - -#### `_artifactsLocation` - -This value must be the following. - -```bash -{{ armTemplateBasePath }} -``` - -Append the expected advanced parameter to `parameters.json`. And make sure `_artifactsLocation` is presenting in `parameters.json`. - -#### Example Parameters JSON - -This is a sample to create WebLogic cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. -The parameters using default value haven't been shown for brevity. - -```json -{ - "_artifactsLocation": { - "value": "{{ armTemplateBasePath }}" - }, - "createACR": { - "value": true - }, - "enableAdminT3Tunneling": { - "value": true - }, - "enableClusterT3Tunneling": { - "value": true - }, - "identity": { - "value": { - "type": "UserAssigned", - "userAssignedIdentities": { - "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} - } - } - }, - "lbSvcValues": { - "value": [ - { - "colName": "domain1-admin-t3", - "colTarget": "adminServerT3", - "colPort": "7005" - }, - { - "colName": "domain-cluster-t3", - "colTarget": "cluster1T3", - "colPort": "8011" - } - ] - }, - "location": { - "value": "eastus" - }, - "ocrSSOPSW": { - "value": "Secret123!" - }, - "ocrSSOUser": { - "value": "sample@foo.com" - }, - "wdtRuntimePassword": { - "value": "Secret123!" - }, - "wlsPassword": { - "value": "Secret123!" - }, - "wlsUserName": { - "value": "weblogic" - } - } -``` - -## Invoke the ARM template - -Assume your parameters file is available in the current directory and is named `parameters.json`. -This section shows the commands to create WebLogic cluster on AKS. - -Use the command to create a resoruce group. - -```shell -resourceGroupName="hello-wls-aks" -az group create --name ${resourceGroupName} -l eastus -``` - -### Validate your parameters file - -The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. - -```bash -az group deployment validate --verbose \ - --resource-group ${resourceGroupName} \ - --parameters @parameters.json \ - --template-uri {{ armTemplateBasePath }}mainTemplate.json -``` - -If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. - -### Execute the template - -After successfully validating the template invocation, change `validate` to `create` to invoke the template. - -```bash -az group deployment create --verbose \ - --resource-group ${resourceGroupName} \ - --name advanced-deployment \ - --parameters @parameters.json \ - --template-uri {{ armTemplateBasePath }}mainTemplate.json -``` - -As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. - -After a successful deployment, you should find `"provisioningState": "Succeeded"` in your output. - - -## Verify deployment - -The sample has set up custom T3 channel for Administration Server and cluster, you should be able to access Administration Console portal -using the public address of T3 channel. - -Obtain the address from deployment output: - - - Open your resource group from Azure portal. - - Click **Settings** -> **Deployments** -> the deployment with name `advanced-deployment`, listed in the bottom. - - Click **Outputs** of the deployment, copy the value of `adminServerT3ExternalUrl` - -Access `${adminServerT3ExternalUrl}/console` from browser, you should find the login page. - - \ No newline at end of file +{% include sub-template-create-update-wls-on-aks.md %} \ No newline at end of file diff --git a/aks/updateClusterTemplate.md b/aks/updateClusterTemplate.md new file mode 100644 index 000000000..2c224ff8d --- /dev/null +++ b/aks/updateClusterTemplate.md @@ -0,0 +1,66 @@ + + +{% include variables.md %} + +# Update Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration + +This page documents how to update Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration using Azure CLI. + +## Introduction + +{% include sub-template-advanced-usage.md %} + +This document will guide you to update a WebLogic cluster using the advanced configurations. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Managed Indentify + +You are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) +to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + +### Azure Service Principal + +Optional. + +If you are going to enable Azure Application Gatway Ingress Controller, you are required to input +a Base64 encoded JSON string of a service principal for the selected subscription. + +You can generate one with command `az ad sp create-for-rbac --sdk-auth | base64 -w0`. + +### Database Instance + +Optional. + +If you are going to apply a database with {{ site.data.var.wlsFullBrandName }}, +you must have an existing database instance to use. + +This template builds with datasource driver for three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), +[Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +create one from the Azure portal. + +If you want to use other databse, you must provide a running data server, +make sure the database is accessible from Azure. Then specify a datasource driver url via `dbDriverLibrariesUrls `, datasource driver name via `dbDriverName` and test table name `dbTestTableName`, see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for more information. + +### Custom DNS + +Optional. + +{% include sub-template-dnszone.md %} + +{% include sub-template-create-update-wls-on-aks.md %} \ No newline at end of file From b73dfdf18f0e611b1276f7454181e759d917d11d Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 1 Dec 2021 17:47:00 +0800 Subject: [PATCH 10/42] Document for updating application in cluster. Signed-off-by: galiacheng --- aks/dbTemplate.md | 10 +- aks/index.md | 2 +- aks/mainTemplate.md | 11 ++ aks/updateAppTemplate.md | 269 +++++++++++++++++++++++++++++++++++ aks/updateClusterTemplate.md | 11 ++ 5 files changed, 297 insertions(+), 6 deletions(-) diff --git a/aks/dbTemplate.md b/aks/dbTemplate.md index 0204a2167..b8d3ee3c6 100644 --- a/aks/dbTemplate.md +++ b/aks/dbTemplate.md @@ -86,9 +86,6 @@ To deploy datasource using your own datasource driver, we assume the datasource |----------------|-------------| | `_artifactsLocation`| Required. See below for details. | | `aksClusterName`| Required. Name of the AKS cluster. Must be the same value provided at deployment time. | -| `databaseType`| Optinal. Defaults by `oracle`.
`oracle`: will provision a [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database) datasoruce connection.
`postgresql`: will provision a [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) datasource connection.
`sqlserver`: will provision a [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) datasource connection. | -| `dbConfigurationType`| Optinal. Defaults by `createOrUpdate`.
`createOrUpdate`: the deployment will create a new datasource connection if there is no datasource has the same name with `jdbcDataSourceName`, otherwise, will update the expected datasource with new inputs.
`delete`: the deployment will delete a datasource connection that has name `jdbcDataSourceName` | -| `dbGlobalTranPro` | Optinal. Defaults by `OnePhaseCommit`. The transaction protocol (global transaction processing behavior) for the data source. You may use one from: `["TwoPhaseCommit", "LoggingLastResource", "OnePhaseCommit", "None"]`| | `dbPassword`| Required. Password for the datasource connection. | | `dbUser`| Required. User id for the datasource connection. | | `dsConnectionURL` | Required. JDBC connection string. | @@ -97,6 +94,9 @@ To deploy datasource using your own datasource driver, we assume the datasource | `wlsDomainUID` | Required. UID of the domain that you are going to update. Make sure it's the same with the initial cluster deployment. | | `wlsPassword` | Required. Password for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | | `wlsUserName` | Required. User name for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | +| `databaseType`| Optinal. Defaults by `oracle`.
`oracle`: will provision a [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database) datasoruce connection.
`postgresql`: will provision a [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) datasource connection.
`sqlserver`: will provision a [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) datasource connection. | +| `dbConfigurationType`| Optinal. Defaults by `createOrUpdate`.
`createOrUpdate`: the deployment will create a new datasource connection if there is no datasource has the same name with `jdbcDataSourceName`, otherwise, will update the expected datasource with new inputs.
`delete`: the deployment will delete a datasource connection that has name `jdbcDataSourceName` | +| `dbGlobalTranPro` | Optinal. Defaults by `OnePhaseCommit`. The transaction protocol (global transaction processing behavior) for the data source. You may use one from: `["TwoPhaseCommit", "LoggingLastResource", "OnePhaseCommit", "None"]`| ### `_artifactsLocation` @@ -169,7 +169,7 @@ Assume your parameters file is available in the current directory and is named ` The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. ```bash -az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}dbTemplate.json ``` If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. @@ -179,7 +179,7 @@ If the command returns with an exit status other than `0`, inspect the output an After successfully validating the template invocation, change `validate` to `create` to invoke the template. ```bash -az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}dbTemplate.json ``` As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. diff --git a/aks/index.md b/aks/index.md index 9bd6b627c..07a97d153 100644 --- a/aks/index.md +++ b/aks/index.md @@ -13,4 +13,4 @@ Templates available for working with [{{ site.data.var.wlsFullBrandName }} on {{ * [Configure a database connection](dbTemplate.md) -* [Update application](updateAppTemplate.md) \ No newline at end of file +* [Update Java EE application](updateAppTemplate.md) \ No newline at end of file diff --git a/aks/mainTemplate.md b/aks/mainTemplate.md index b72c4e0d1..dd19388ff 100644 --- a/aks/mainTemplate.md +++ b/aks/mainTemplate.md @@ -30,6 +30,17 @@ to create a user-assigned managed identity. To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. +### Azure Storage account + +If you are deploying Java EE application or using your own datasource driver, you are required to +have application packages and jdbc libraries in Azure Storage Account. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) to create Azure Storage Account and blobs. + +Upload your application packages (.jar, .war, .ear files) to the blob. + +Upload your jdbc drivers (.jar files) to the blob. + ### Azure Service Principal Optional. diff --git a/aks/updateAppTemplate.md b/aks/updateAppTemplate.md index e69de29bb..2d71ef593 100644 --- a/aks/updateAppTemplate.md +++ b/aks/updateAppTemplate.md @@ -0,0 +1,269 @@ + + +{% include variables.md %} + +# Apply Update Application ARM Template to {{ site.data.var.wlsFullBrandName }} that is running on AKS + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with Java EE applications using Azure CLI. + +You can invoke the ARM template to: + + - Update a running Java EE application with new version. + + - Remove a running Java EE application. + + - Deploy a new Java EE application. + +The template will only update the application deployments in WebLogic cluster, without any change to other configuration. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### Azure Managed Indentify + +You are required to input the ID of a user-assigned managed identity. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) +to create a user-assigned managed identity. + +To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. + +### WebLogic Server Instance + +The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Azure Storage account + +You are required to upload the application packages to Azure Storage Account. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) to create Azure Storage Account and blobs. + +Upload your application packages (.jar, .war, .ear files) to the blob. + +## Prepare the Parameters JSON file + +| Advanced parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| Required. See below for details. | +| `acrName` | Required. String value.
Name of Azure Container Registry that is used to managed the WebLogic domain images. | +| `aksClusterName`| Required. String value.
Name of the AKS cluster. Must be the same value provided at deployment time. | +| `aksClusterRGName` | Required. String value.
Name of resource group that contains the (AKS) instance, probably the resource group you are working on. It's recommended to run this template in the same resource group that runs AKS. | +| `identity` | Required. Object value.
Azure user managed identity used, make sure the identity has permission to create/update/delete Azure resources. It's recommended to assign "Contributor" role. | +| `wlsDomainName` | Required. String value.
Password for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | +| `wlsDomainUID` | Required. String value.
User name for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | +| `appPackageUrls`| Optinal. Array.
String array of Java EE applciation location, which can be downloaded using "curl". Currently, only support urls of Azure Storage Account blob. | +| `appPackageFromStorageBlob`| Optinal. Object value.
Key `storageAccountName` specify the storage account name, the template will download application package from this storage account.
Key `containerName` specify the container name that stores the Java EE application. | +| `ocrSSOPSW` | Optional. String value.
Password for Oracle SSO account. | +| `ocrSSOUser` | Optional. String value.
User name for Oracle SSO account. | +| `wlsImageTag` | Optional. String value.
Docker tag that comes after "container-registry.oracle.com/middleware/weblogic:". | +| `userProvidedAcr` | Optional. String value.
User provided ACR for base image. | +| `userProvidedImagePath` | Optional. String value.
User provided base image path. | +| `useOracleImage` | Optional. Bool value.
`true`: use Oracle standard images from Oracle Container Registry.
`false`: use user provided images from Azure Container Registry. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + + +### Java EE application location + +The template supports two approach to specify the location of Java EE application. +The template will update the cluter with applications specified in `appPackageUrls` and `appPackageFromStorageBlob`. + +#### SAS Urls + +You can specify the application urls via `appPackageUrls`. The template only supports url from Azure Storage Account. +Make sure the urls are accessible from public network. +You may want to update one application, but you must include all the application SAS urls in the parameter. +If you are removing an application, do not include the application url. + +Steps to obtain SAS urls: + + * Open your Storage Account from Azure portal. If you don't have, please follow this [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) to create one. + + * Open your container. If you don't have, please follow this [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) to create one. + + * You should find your application listed. If not, please upload your application package to the container: + + * Click **Upload** + + * Select the application file + + * Click **Upload** + + * Click your application, and click **Generate SAS**. + + * Signing method: Account key + + * Signing key: Key 1 + + * Permisson: Read + + * Click **Generate SAS token and URL** + + * Copy the **Blob SAS URL** and save it to a file. + + * Repeat step 4 for other applicatios. + + * Now you have all the urls. `appPackageUrls` will be value like `["sasUrl1", "sasUrl2"]`. + + It should present in parameters.json like: + + ```json + { + "appPackageUrls": { + "value": [ + "sasUrl1", + "sasUrl2" + ] + } + } + ``` + +#### Storage Account Blob + +You can also specify the contaier of Storage Account. The template will download all the .jar, .war. .ear files from the container. + +You may want to update one application, but you must include all the application in the container. +If you want to remove an application, do not include the application. + +Steps to upload your applications to blob: + * Open your storage account from Azure portal. If you don't have, please follow [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) to create one. + + * Create a new container follow [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) you may name it `javaeeapps`. + + * Upload your application to the container. + + * Now you can specify the value of storage blob: + + * `storageAccountName`: name of your Storage Account + + * `containerName`: container name, should be `javaeeapps` if you use the name in step 2. + + It should present in parameters.json like: + + ```json + { + "appPackageFromStorageBlob": { + "value": { + "storageAccountName": "", + "containerName": "" + } + } + } + ``` + +You can define the application location using both approaches, but it'not suggested. The template will download +applications from `appPackageUrls` and `appPackageFromStorageBlob`. + +### Base image location + +The template supports two kinds of base image: + + - Oracle Standard image from Oracle Container Registry (OCR) + + - User provided image from Azure Container Registry (ACR) + +#### Oracle Standard image + +If you are using Oracle Standard image, you must provide the following parameters: + + - `ocrSSOPSW`: Password for Oracle SSO account. The template will use the account to pull image from OCR. + + - `ocrSSOUser`: User id for Oracle SSO account. The template will use the account to pull image from OCR. + + - `wlsImageTag`: weblogic image tag, the available tags are listed in [Oracle WebLogic Server images](https://container-registry.oracle.com/ords/f?p=113:4:3004995055779:::RP,4:P4_REPOSITORY,AI_REPOSITORY,P4_REPOSITORY_NAME,AI_REPOSITORY_NAME:5,5,Oracle%20WebLogic%20Server,Oracle%20WebLogic%20Server&cs=3ESIKaQQ31HlQbmvX7rymOn1zTwhKyMi5Y3TGWtMC0_2pGBgoBq1i3laSr5it036HJbbmsNugZLvrWuqQYU3T9A). Default value is `12.2.1.4`. + +#### User provided image + +If you are bringing your own image, you must provide the following parameters: + + - `userProvidedAcr`: ACR name that contains your image. The `acrName` should be the same ACR name. + + - `userProvidedImagePath`: image path in ACR. + + - `useOracleImage`: `false` + +#### Example Parameters JSON + +This is an example to deploy Java EE application in `samplecontainer` to the WebLogic cluster, using Oracle base image. +The parameters using default value haven't been shown for brevity. + +```json +{ + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "acrName": { + "value": "sampleacr" + }, + "aksClusterRGName": { + "value": "sampleaksgroup" + }, + "aksClusterName": { + "value": "sampleaks" + }, + "appPackageFromStorageBlob": { + "value": { + "storageAccountName": "samplestorage", + "containerName": "samplecontainer" + } + }, + "identity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} + } + } + }, + "ocrSSOPSW": { + "value": "Secret123!" + }, + "ocrSSOUser": { + "value": "foo@example.com" + } + } + +``` + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### Validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}updateAppTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}updateAppTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +For a successful deployment, you should find `"provisioningState": "Succeeded"` in your output. + +## Verify application + +Visit the application via cluster address, you should find your application have been updated. + diff --git a/aks/updateClusterTemplate.md b/aks/updateClusterTemplate.md index 2c224ff8d..1f0b3ddd0 100644 --- a/aks/updateClusterTemplate.md +++ b/aks/updateClusterTemplate.md @@ -34,6 +34,17 @@ to create a user-assigned managed identity. To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. +### Azure Storage account + +If you are deploying Java EE application or using your own datasource driver, you are required to +have application packages and jdbc libraries in Azure Storage Account. + +Follow this [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) to create Azure Storage Account and blobs. + +Upload your application packages (.jar, .war, .ear files) to the blob. + +Upload your jdbc drivers (.jar files) to the blob. + ### Azure Service Principal Optional. From 45104c97dd3f557843fafaf556195dbc1bb9d5a8 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 2 Dec 2021 11:20:19 +0800 Subject: [PATCH 11/42] Fix typos Signed-off-by: galiacheng --- aks/dbTemplate.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aks/dbTemplate.md b/aks/dbTemplate.md index b8d3ee3c6..f9a545017 100644 --- a/aks/dbTemplate.md +++ b/aks/dbTemplate.md @@ -78,7 +78,7 @@ You may want to enable multiple datasource in your cluster for the following usa You can deploy different datasource connections using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. -To deploy datasource using your own datasource driver, we assume the datasource driver have been uploaded to the cluster. See [WebLogic Server Instance](#webLogic-server-instance) +To deploy datasource using your own datasource driver, we assume the datasource driver has been uploaded to the cluster. See [WebLogic Server Instance](#webLogic-server-instance) ## Prepare the Parameters JSON file From 9a24214bbd1a7d07ae6b75ad47c454a436c30e89 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 2 Dec 2021 14:46:08 +0800 Subject: [PATCH 12/42] On branch gh-pages: refactoring Signed-off-by: galiacheng --- _data/var.yml | 2 +- .../sub-template-create-update-wls-on-aks.md | 79 +++---------------- aks/dbTemplate.md | 34 ++++---- aks/mainTemplate.md | 57 ++++++++++++- aks/updateAppTemplate.md | 12 ++- aks/updateClusterTemplate.md | 56 ++++++++++++- 6 files changed, 153 insertions(+), 87 deletions(-) diff --git a/_data/var.yml b/_data/var.yml index 546eb81d9..39d90a30b 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2021-10-13-01-Q4 +artifactsLocationTag: 2021-12-04-02-Q4 diff --git a/_includes/sub-template-create-update-wls-on-aks.md b/_includes/sub-template-create-update-wls-on-aks.md index 867e4cb36..33c12d61a 100644 --- a/_includes/sub-template-create-update-wls-on-aks.md +++ b/_includes/sub-template-create-update-wls-on-aks.md @@ -44,17 +44,17 @@ The following steps are leveraging [Azure Create UI Definition Sandbox](https:// | Advanced parameter Name | Explanation | |----------------|-------------| | `_artifactsLocation`| Required. See below for details. | -| `aciResourcePermissions`| Optinal. The parameter activates when Azure Container Insight is enabled, `enableAzureMonitoring=true`. `false`: Set the workspace to workspace-context permissions. This is the default setting if the flag isn't set. `true`: Set the workspace to resource-context permissions. See [Azure Monitor access control mode](https://docs.microsoft.com/en-us/azure/azure-monitor/logs/manage-access#configure-access-control-mode) | -| `aciRetentionInDays`| Optinal. Number of days to retain data in Azure Monitor workspace. | -| `aciWorkspaceSku`| Optinal. Pricing tier: PerGB2018 or legacy tiers (Free, Standalone, PerNode, Standard or Premium) which are not available to all customers.. | -| `aksAgentPoolName` | Optinal. The name for this node pool. Node pool must contain only lowercase letters and numbers. For Linux node pools the name cannot be longer than 12 characters. | -| `aksVersion`| Optinal. Version of Azure Kubernetes Service. Use default version if no specified value. | -| `enableAdminT3Tunneling`| Optinal. Configure a custom channel in Admin Server for the T3 protocol that enables HTTP tunneling. | -| `enableClusterT3Tunneling` | Optinal. Configure a custom channel in WebLogic cluster for the T3 protocol that enables HTTP tunneling. | -| `t3ChannelAdminPort` | Optinal. Sepcify cublic port of the custom T3 channel in admin server. | -| `t3ChannelClusterPort` | Optinal. Specify public port of the custom T3 channel in WebLoigc cluster. | -| `wlsCPU` | Optinal. Sepcify CPU requests for admin server and managed server pods. | -| `wlsMemory` | Optinal. Specify memory requests for admin server and managed server pods. | +| `aciResourcePermissions`| Optinal. Boolean value.
The parameter activates when Azure Container Insight is enabled, `enableAzureMonitoring=true`. `false`: Set the workspace to workspace-context permissions. This is the default setting if the flag isn't set. `true`: Set the workspace to resource-context permissions. See [Azure Monitor access control mode](https://docs.microsoft.com/en-us/azure/azure-monitor/logs/manage-access#configure-access-control-mode) | +| `aciRetentionInDays`| Optinal. Integer value.
Number of days to retain data in Azure Monitor workspace. | +| `aciWorkspaceSku`| Optinal. Enum value.
Pricing tier: PerGB2018 or legacy tiers (Free, Standalone, PerNode, Standard or Premium) which are not available to all customers.. | +| `aksAgentPoolName` | Optinal. String value.
The name for this node pool. Node pool must contain only lowercase letters and numbers. For Linux node pools the name cannot be longer than 12 characters. | +| `aksVersion`| Optinal. String value.
Version of Azure Kubernetes Service. Use default version if no specified value. | +| `enableAdminT3Tunneling`| Optinal. Boolean value.
Configure a custom channel in Admin Server for the T3 protocol that enables HTTP tunneling. | +| `enableClusterT3Tunneling` | Optinal. Boolean value.
Configure a custom channel in WebLogic cluster for the T3 protocol that enables HTTP tunneling. | +| `t3ChannelAdminPort` | Optinal. Integer value, 1-65535.
Sepcify cublic port of the custom T3 channel in admin server. | +| `t3ChannelClusterPort` | Optinal. Integer value, 1-65535.
Specify public port of the custom T3 channel in WebLoigc cluster. | +| `wlsCPU` | Optinal. String value.
Sepcify CPU requests for admin server and managed server pods. See [Managing Resources for Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)| +| `wlsMemory` | Optinal. String value.
Specify memory requests for admin server and managed server pods. See [Managing Resources for Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)| #### `_artifactsLocation` @@ -127,59 +127,4 @@ The parameters using default value haven't been shown for brevity. "value": "weblogic" } } -``` - -## Invoke the ARM template - -Assume your parameters file is available in the current directory and is named `parameters.json`. -This section shows the commands to create WebLogic cluster on AKS. - -Use the command to create a resoruce group. - -```shell -resourceGroupName="hello-wls-aks" -az group create --name ${resourceGroupName} -l eastus -``` - -### Validate your parameters file - -The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. - -```bash -az group deployment validate --verbose \ - --resource-group ${resourceGroupName} \ - --parameters @parameters.json \ - --template-uri {{ armTemplateBasePath }}mainTemplate.json -``` - -If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. - -### Execute the template - -After successfully validating the template invocation, change `validate` to `create` to invoke the template. - -```bash -az group deployment create --verbose \ - --resource-group ${resourceGroupName} \ - --name advanced-deployment \ - --parameters @parameters.json \ - --template-uri {{ armTemplateBasePath }}mainTemplate.json -``` - -As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. - -After a successful deployment, you should find `"provisioningState": "Succeeded"` in your output. - - -## Verify deployment - -The sample has set up custom T3 channel for Administration Server and cluster, you should be able to access Administration Console portal -using the public address of T3 channel. - -Obtain the address from deployment output: - - - Open your resource group from Azure portal. - - Click **Settings** -> **Deployments** -> the deployment with name `advanced-deployment`, listed in the bottom. - - Click **Outputs** of the deployment, copy the value of `adminServerT3ExternalUrl` - -Access `${adminServerT3ExternalUrl}/console` from browser, you should find the login page. +``` \ No newline at end of file diff --git a/aks/dbTemplate.md b/aks/dbTemplate.md index f9a545017..d20ab95a2 100644 --- a/aks/dbTemplate.md +++ b/aks/dbTemplate.md @@ -85,18 +85,18 @@ To deploy datasource using your own datasource driver, we assume the datasource | Advanced parameter Name | Explanation | |----------------|-------------| | `_artifactsLocation`| Required. See below for details. | -| `aksClusterName`| Required. Name of the AKS cluster. Must be the same value provided at deployment time. | -| `dbPassword`| Required. Password for the datasource connection. | -| `dbUser`| Required. User id for the datasource connection. | -| `dsConnectionURL` | Required. JDBC connection string. | -| `identity` | Required. Azure user managed identity used, make sure the identity has permission to create/update/delete Azure resources. It's recommended to assign "Contributor" role. | -| `jdbcDataSourceName` | Required. Specify public port of the custom T3 channel in WebLoigc cluster. | -| `wlsDomainUID` | Required. UID of the domain that you are going to update. Make sure it's the same with the initial cluster deployment. | -| `wlsPassword` | Required. Password for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | -| `wlsUserName` | Required. User name for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | -| `databaseType`| Optinal. Defaults by `oracle`.
`oracle`: will provision a [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database) datasoruce connection.
`postgresql`: will provision a [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) datasource connection.
`sqlserver`: will provision a [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) datasource connection. | -| `dbConfigurationType`| Optinal. Defaults by `createOrUpdate`.
`createOrUpdate`: the deployment will create a new datasource connection if there is no datasource has the same name with `jdbcDataSourceName`, otherwise, will update the expected datasource with new inputs.
`delete`: the deployment will delete a datasource connection that has name `jdbcDataSourceName` | -| `dbGlobalTranPro` | Optinal. Defaults by `OnePhaseCommit`. The transaction protocol (global transaction processing behavior) for the data source. You may use one from: `["TwoPhaseCommit", "LoggingLastResource", "OnePhaseCommit", "None"]`| +| `aksClusterName`| Required. String value.
Name of the AKS cluster. Must be the same value provided at deployment time. | +| `dbPassword`| Required. String value.
Password for the datasource connection. | +| `dbUser`| Required. String value.
User id for the datasource connection. | +| `dsConnectionURL` | Required. String value.
JDBC connection string. | +| `identity` | Required. Object value.
Azure user managed identity used, make sure the identity has permission to create/update/delete Azure resources. It's recommended to assign "Contributor" role. | +| `jdbcDataSourceName` | Required. String value.
JDBC name for the datasource connection. | +| `wlsDomainUID` | Required. String value.
UID of the domain that you are going to update. Make sure it's the same with the initial cluster deployment. | +| `wlsPassword` | Required. String value.
Password for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | +| `wlsUserName` | Required. String value.
User name for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | +| `databaseType`| Optinal. Enum value.
Defaults by `oracle`.
`oracle`: will provision a [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database) datasoruce connection.
`postgresql`: will provision a [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) datasource connection.
`sqlserver`: will provision a [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) datasource connection. | +| `dbConfigurationType`| Optinal. Enum value.
Defaults by `createOrUpdate`.
`createOrUpdate`: the deployment will create a new datasource connection if there is no datasource has the same name with `jdbcDataSourceName`, otherwise, will update the expected datasource with new inputs.
`delete`: the deployment will delete a datasource connection that has name `jdbcDataSourceName` | +| `dbGlobalTranPro` | Optinal. Enum value.
Defaults by `OnePhaseCommit`. The transaction protocol (global transaction processing behavior) for the data source. You may use one from: `["TwoPhaseCommit", "LoggingLastResource", "OnePhaseCommit", "None"]`| ### `_artifactsLocation` @@ -169,7 +169,10 @@ Assume your parameters file is available in the current directory and is named ` The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. ```bash -az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}dbTemplate.json +az deployment group validate --verbose \ + --resource-group `yourResourceGroup` \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}dbTemplate.json ``` If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. @@ -179,7 +182,10 @@ If the command returns with an exit status other than `0`, inspect the output an After successfully validating the template invocation, change `validate` to `create` to invoke the template. ```bash -az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}dbTemplate.json +az deployment group create --verbose \ + --resource-group `yourResourceGroup` \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}dbTemplate.json ``` As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. diff --git a/aks/mainTemplate.md b/aks/mainTemplate.md index dd19388ff..1c60fe03a 100644 --- a/aks/mainTemplate.md +++ b/aks/mainTemplate.md @@ -70,4 +70,59 @@ Optional. {% include sub-template-dnszone.md %} -{% include sub-template-create-update-wls-on-aks.md %} \ No newline at end of file +{% include sub-template-create-update-wls-on-aks.md %} + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. +This section shows the commands to create WebLogic cluster on AKS. + +Use the command to create a resoruce group. + +```shell +resourceGroupName="hello-wls-aks" +az group create --name ${resourceGroupName} -l eastus +``` + +### Validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose \ + --resource-group ${resourceGroupName} \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose \ + --resource-group ${resourceGroupName} \ + --name advanced-deployment \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +After a successful deployment, you should find `"provisioningState": "Succeeded"` in your output. + + +## Verify deployment + +The sample has set up custom T3 channel for Administration Server and cluster, you should be able to access Administration Console portal +using the public address of T3 channel. + +Obtain the address from deployment output: + + - Open your resource group from Azure portal. + - Click **Settings** -> **Deployments** -> the deployment with name `advanced-deployment`, listed in the bottom. + - Click **Outputs** of the deployment, copy the value of `adminServerT3ExternalUrl` + +Access `${adminServerT3ExternalUrl}/console` from browser, you should find the login page. diff --git a/aks/updateAppTemplate.md b/aks/updateAppTemplate.md index 2d71ef593..92605d6aa 100644 --- a/aks/updateAppTemplate.md +++ b/aks/updateAppTemplate.md @@ -64,7 +64,7 @@ Upload your application packages (.jar, .war, .ear files) to the blob. | `wlsImageTag` | Optional. String value.
Docker tag that comes after "container-registry.oracle.com/middleware/weblogic:". | | `userProvidedAcr` | Optional. String value.
User provided ACR for base image. | | `userProvidedImagePath` | Optional. String value.
User provided base image path. | -| `useOracleImage` | Optional. Bool value.
`true`: use Oracle standard images from Oracle Container Registry.
`false`: use user provided images from Azure Container Registry. | +| `useOracleImage` | Optional. Boolean value.
`true`: use Oracle standard images from Oracle Container Registry.
`false`: use user provided images from Azure Container Registry. | ### `_artifactsLocation` @@ -246,7 +246,10 @@ Assume your parameters file is available in the current directory and is named ` The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. ```bash -az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}updateAppTemplate.json +az deployment group validate --verbose \ + --resource-group `yourResourceGroup` \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}updateAppTemplate.json ``` If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. @@ -256,7 +259,10 @@ If the command returns with an exit status other than `0`, inspect the output an After successfully validating the template invocation, change `validate` to `create` to invoke the template. ```bash -az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}updateAppTemplate.json +az deployment group create --verbose \ + --resource-group `yourResourceGroup` \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}updateAppTemplate.json ``` As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. diff --git a/aks/updateClusterTemplate.md b/aks/updateClusterTemplate.md index 1f0b3ddd0..fd13c7e5c 100644 --- a/aks/updateClusterTemplate.md +++ b/aks/updateClusterTemplate.md @@ -74,4 +74,58 @@ Optional. {% include sub-template-dnszone.md %} -{% include sub-template-create-update-wls-on-aks.md %} \ No newline at end of file +{% include sub-template-create-update-wls-on-aks.md %} + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. +This section shows the commands to create WebLogic cluster on AKS. + +Set resource group name, should be the one running your AKS cluster. + +```shell +resourceGroupName="hello-wls-aks" +``` + +### Validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az deployment group validate --verbose \ + --resource-group ${resourceGroupName} \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}mainTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az deployment group create --verbose \ + --resource-group ${resourceGroupName} \ + --name advanced-deployment \ + --parameters @parameters.json \ + --template-uri {{ armTemplateBasePath }}mainTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +After a successful deployment, you should find `"provisioningState": "Succeeded"` in your output. + + +## Verify deployment + +The sample has set up custom T3 channel for Administration Server and cluster, you should be able to access Administration Console portal +using the public address of T3 channel. + +Obtain the address from deployment output: + + - Open your resource group from Azure portal. + - Click **Settings** -> **Deployments** -> the deployment with name `advanced-deployment`, listed in the bottom. + - Click **Outputs** of the deployment, copy the value of `adminServerT3ExternalUrl` + +Access `${adminServerT3ExternalUrl}/console` from browser, you should find the login page. From ed66b4b9d4d7dd48838f488501dcbd8e7ec7d5ab Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 2 Dec 2021 15:49:20 +0800 Subject: [PATCH 13/42] Update update-cluster document for required parameters. Signed-off-by: galiacheng --- .../sub-template-create-update-wls-on-aks.md | 68 +-------- aks/mainTemplate.md | 64 ++++++++- aks/updateClusterTemplate.md | 133 +++++++++++++++++- 3 files changed, 200 insertions(+), 65 deletions(-) diff --git a/_includes/sub-template-create-update-wls-on-aks.md b/_includes/sub-template-create-update-wls-on-aks.md index 33c12d61a..faaa2d72a 100644 --- a/_includes/sub-template-create-update-wls-on-aks.md +++ b/_includes/sub-template-create-update-wls-on-aks.md @@ -23,7 +23,11 @@ The following steps are leveraging [Azure Create UI Definition Sandbox](https:// - **Basics** blade, configure the creadentials for WebLogic and select User assigned managed identity. - - **Configure** blade, configure the AKS cluster, image selection and Java EE application selection. + - If you are updating a WebLogic cluster, make sure you have right domain UID and domain name. + + - **Configure AKS cluter** blade, configure the AKS cluster, image selection and Java EE application selection. + + - If you are updating a WebLogic cluster, make sure you have selected the right AKS cluster and ACR. - **TLS/SSL configuration** blade, configure TLS/SSL certificates for Identity Key Store and Trust Key Store, which will be applied to WebLogic cluster. @@ -66,65 +70,3 @@ This value must be the following. ``` Append the expected advanced parameter to `parameters.json`. And make sure `_artifactsLocation` is presenting in `parameters.json`. - -#### Example Parameters JSON - -This is a sample to create WebLogic cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. -The parameters using default value haven't been shown for brevity. - -```json -{ - "_artifactsLocation": { - "value": "{{ armTemplateBasePath }}" - }, - "createACR": { - "value": true - }, - "enableAdminT3Tunneling": { - "value": true - }, - "enableClusterT3Tunneling": { - "value": true - }, - "identity": { - "value": { - "type": "UserAssigned", - "userAssignedIdentities": { - "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} - } - } - }, - "lbSvcValues": { - "value": [ - { - "colName": "domain1-admin-t3", - "colTarget": "adminServerT3", - "colPort": "7005" - }, - { - "colName": "domain-cluster-t3", - "colTarget": "cluster1T3", - "colPort": "8011" - } - ] - }, - "location": { - "value": "eastus" - }, - "ocrSSOPSW": { - "value": "Secret123!" - }, - "ocrSSOUser": { - "value": "sample@foo.com" - }, - "wdtRuntimePassword": { - "value": "Secret123!" - }, - "wlsPassword": { - "value": "Secret123!" - }, - "wlsUserName": { - "value": "weblogic" - } - } -``` \ No newline at end of file diff --git a/aks/mainTemplate.md b/aks/mainTemplate.md index 1c60fe03a..5964fcdcf 100644 --- a/aks/mainTemplate.md +++ b/aks/mainTemplate.md @@ -72,6 +72,68 @@ Optional. {% include sub-template-create-update-wls-on-aks.md %} +#### Example Parameters JSON + +This is a sample to create WebLogic cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. +The parameters using default value haven't been shown for brevity. + +```json +{ + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "createACR": { + "value": true + }, + "enableAdminT3Tunneling": { + "value": true + }, + "enableClusterT3Tunneling": { + "value": true + }, + "identity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} + } + } + }, + "lbSvcValues": { + "value": [ + { + "colName": "domain1-admin-t3", + "colTarget": "adminServerT3", + "colPort": "7005" + }, + { + "colName": "domain-cluster-t3", + "colTarget": "cluster1T3", + "colPort": "8011" + } + ] + }, + "location": { + "value": "eastus" + }, + "ocrSSOPSW": { + "value": "Secret123!" + }, + "ocrSSOUser": { + "value": "sample@foo.com" + }, + "wdtRuntimePassword": { + "value": "Secret123!" + }, + "wlsPassword": { + "value": "Secret123!" + }, + "wlsUserName": { + "value": "weblogic" + } + } +``` + ## Invoke the ARM template Assume your parameters file is available in the current directory and is named `parameters.json`. @@ -125,4 +187,4 @@ Obtain the address from deployment output: - Click **Settings** -> **Deployments** -> the deployment with name `advanced-deployment`, listed in the bottom. - Click **Outputs** of the deployment, copy the value of `adminServerT3ExternalUrl` -Access `${adminServerT3ExternalUrl}/console` from browser, you should find the login page. +Get public IP and port from `adminServerT3ExternalUrl`, access `http://:/console` from browser, you should find the login page. diff --git a/aks/updateClusterTemplate.md b/aks/updateClusterTemplate.md index fd13c7e5c..c6f877051 100644 --- a/aks/updateClusterTemplate.md +++ b/aks/updateClusterTemplate.md @@ -49,6 +49,9 @@ Upload your jdbc drivers (.jar files) to the blob. Optional. +If you have enabled Azure Application Gatway Ingress Controller, you are not allowed to configure the gateway ingress again. +You can access Console portal and application in cluster using the previous address. + If you are going to enable Azure Application Gatway Ingress Controller, you are required to input a Base64 encoded JSON string of a service principal for the selected subscription. @@ -76,6 +79,134 @@ Optional. {% include sub-template-create-update-wls-on-aks.md %} +As the template will apply the new confguration to a running WebLogic cluster, you must specify: + +- The same credentials for WebLogic +- The same domain name and domain UID. +- The same AKS and ACR. + +Parameters to specify WebLogic credentials: + +```json +{ + "wlsPassword": { + "value": "Secret123!" + }, + "wlsUserName": { + "value": "weblogic" + } +} +``` + +Parameters for AKS and ACR should look like: + +```json +{ + "acrName": { + "value": "" + }, + "aksClusterName": { + "value": "" + }, + "aksClusterRGName": { + "value": "" + }, + "createACR": { + "value": false + }, + "createAKSCluster": { + "value": false + } +} +``` + +Parameters for domain should look like, ignore them if you used the default values: + +```json +{ + "wlsDomainName": { + "value": "domain2" + }, + "wlsDomainUID": { + "value": "sample-domain2" + } +} +``` + +#### Example Parameters JSON + +This is a sample to create WebLogic cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. +The parameters using default value haven't been shown for brevity. + +```json +{ + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "acrName": { + "value": "sampleacr" + }, + "aksClusterName": { + "value": "sampleaks" + }, + "aksClusterRGName": { + "value": "sampleaksgroup" + }, + "createACR": { + "value": false + }, + "createAKSCluster": { + "value": false + }, + "enableAdminT3Tunneling": { + "value": true + }, + "enableClusterT3Tunneling": { + "value": true + }, + "identity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} + } + } + }, + "lbSvcValues": { + "value": [ + { + "colName": "domain1-admin-t3", + "colTarget": "adminServerT3", + "colPort": "7005" + }, + { + "colName": "domain-cluster-t3", + "colTarget": "cluster1T3", + "colPort": "8011" + } + ] + }, + "location": { + "value": "eastus" + }, + "ocrSSOPSW": { + "value": "Secret123!" + }, + "ocrSSOUser": { + "value": "sample@foo.com" + }, + "wdtRuntimePassword": { + "value": "Secret123!" + }, + "wlsPassword": { + "value": "Secret123!" + }, + "wlsUserName": { + "value": "weblogic" + } + } +``` + ## Invoke the ARM template Assume your parameters file is available in the current directory and is named `parameters.json`. @@ -128,4 +259,4 @@ Obtain the address from deployment output: - Click **Settings** -> **Deployments** -> the deployment with name `advanced-deployment`, listed in the bottom. - Click **Outputs** of the deployment, copy the value of `adminServerT3ExternalUrl` -Access `${adminServerT3ExternalUrl}/console` from browser, you should find the login page. +Get public IP and port from `adminServerT3ExternalUrl`, access `http://:/console` from browser, you should find the login page. From d517d69771c0904db2b6c8ea26c0a2cbd9ed7647 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 2 Dec 2021 16:38:49 +0800 Subject: [PATCH 14/42] Highlight wdtRuntimePassword in update-cluster doc. Signed-off-by: galiacheng --- aks/updateClusterTemplate.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/aks/updateClusterTemplate.md b/aks/updateClusterTemplate.md index c6f877051..0b5774fb8 100644 --- a/aks/updateClusterTemplate.md +++ b/aks/updateClusterTemplate.md @@ -50,7 +50,7 @@ Upload your jdbc drivers (.jar files) to the blob. Optional. If you have enabled Azure Application Gatway Ingress Controller, you are not allowed to configure the gateway ingress again. -You can access Console portal and application in cluster using the previous address. +You can access console portal and application using the previous address. If you are going to enable Azure Application Gatway Ingress Controller, you are required to input a Base64 encoded JSON string of a service principal for the selected subscription. @@ -79,7 +79,7 @@ Optional. {% include sub-template-create-update-wls-on-aks.md %} -As the template will apply the new confguration to a running WebLogic cluster, you must specify: +The template will apply the new confguration in `parameters.json` to the running WebLogic cluster, please double check you have specified: - The same credentials for WebLogic - The same domain name and domain UID. @@ -89,6 +89,9 @@ Parameters to specify WebLogic credentials: ```json { + "wdtRuntimePassword": { + "value": "Secret123!" + }, "wlsPassword": { "value": "Secret123!" }, From 031765e745de18611a626a160d2454c4b3e84507 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 2 Dec 2021 17:26:13 +0800 Subject: [PATCH 15/42] Limitation for updating cluster. Signed-off-by: galiacheng --- aks/updateClusterTemplate.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/aks/updateClusterTemplate.md b/aks/updateClusterTemplate.md index 0b5774fb8..056fccdeb 100644 --- a/aks/updateClusterTemplate.md +++ b/aks/updateClusterTemplate.md @@ -13,6 +13,14 @@ This page documents how to update Oracle WebLogic cluster on {{ site.data.var.ak {% include sub-template-advanced-usage.md %} +While, there are some limitations: + +- No support to update a WebLogic cluster using older weblogic version, for example, you can not downgrade a 14.1.1.0 cluster to 12.2.1.4. + +- If you have enabled Azure Application Gatway Ingress Controller, you can not update the WebLogic cluster with TLS/SSL enabled to a cluster without TLS/SSL, otherwise, ingress will fail, you have to create new ingress for HTTP access. + +- You have to specify all required parameters, even though you are not going to update some of them. + This document will guide you to update a WebLogic cluster using the advanced configurations. ## Prerequisites From 5d6c451afa575875e96e076597882301c61d51bf Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 13 Dec 2021 17:03:45 -0800 Subject: [PATCH 16/42] On branch galiacheng-gh-pages WIP: #94 modified: _includes/sub-template-advanced-usage.md modified: _includes/sub-template-create-update-wls-on-aks.md modified: _includes/sub-template-dnszone.md modified: aks/mainTemplate.md --- _includes/sub-template-advanced-usage.md | 13 +++--- .../sub-template-create-update-wls-on-aks.md | 32 +++++++------- _includes/sub-template-dnszone.md | 2 +- aks/mainTemplate.md | 43 ++++++++----------- 4 files changed, 42 insertions(+), 48 deletions(-) diff --git a/_includes/sub-template-advanced-usage.md b/_includes/sub-template-advanced-usage.md index e9e07f3fd..05e00f295 100644 --- a/_includes/sub-template-advanced-usage.md +++ b/_includes/sub-template-advanced-usage.md @@ -1,11 +1,12 @@ -We have [Azure Marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) that -makes it easy to get started with WebLogic Server on Azure, see [document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). -If you want the following advanced usage, we have mainTemplate which enables you to customize your WebLogic cluster. +We have an [Azure Marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) that +makes it easy to get started with WebLogic Server on Azure. For complete documentation on the offer, see [the user guide](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). -- Customize Azure Container Insight with specified retension days, workaspace SKU and resource permissions. +If you need to go beyond the capabilities of the Azure Marketplace offer, this guidance enables several advanced features. The following features and more are possible. + +- Customize Azure Container Insights with specified retention days, workspace SKU and resource permissions. - Customize Azure Kubernetes Service version and Agent Pool name. -- Create custom T3 channel for WebLogic Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer serive. +- Create custom T3 channel for WebLogic Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer service. -- Customize the CPU and memory resource for server pod, which default by 200m and 1.5Gi. \ No newline at end of file +- Customize the CPU and memory resources for server pod. This enables you to go beyond the default values of 200m and 1.5Gi. diff --git a/_includes/sub-template-create-update-wls-on-aks.md b/_includes/sub-template-create-update-wls-on-aks.md index faaa2d72a..15d3cf374 100644 --- a/_includes/sub-template-create-update-wls-on-aks.md +++ b/_includes/sub-template-create-update-wls-on-aks.md @@ -1,7 +1,7 @@ ## Prepare the Parameters -You must construct a parameters JSON file containing the parameters to the database ARM template. -See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. +You must construct a parameters JSON file containing the parameters to be passed to the ARM template. +For background information about parameter files, see [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files). This section shows how to obtain the values for the required properties. ### Obtain parameter values from Azure portal @@ -9,39 +9,39 @@ This section shows how to obtain the values for the required properties. The first step is to obtain the parameter values from Azure portal, as Azure portal eases the interface and validation. You can define TLS/SSL configuration, Load Balancer setting, Application Gateway integration, custom DNS configuration and Database using the interface. -While if you prefer to edit a json file, you can also create the objects in your parameter file directly. +If you prefer to edit a json file, you can also create the objects in your parameter file directly. -The following steps are leveraging [Azure Create UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade) to obtain the value. The Azure UI Definition Sandbox provides controls to select resources and input your value easily. +The following steps use the [Azure Create UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade) to obtain the values. The Azure UI Definition Sandbox provides controls to select resources and input your values easily. **More importantly, this approach generates syntactically valid JSON, eliminating an important class of data entry error.** -- Use your favourite browser and open [Azure UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade). +- Use your favourite browser and open the [Azure UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade). -- Clear the content of Azure UI Definition Sandbox, and replace with the content of [createUiDefinition.json]({{ armTemplateBasePath }}createUiDefinition.json) +- Clear the content of Azure UI Definition Sandbox, and replace with the contents of this file: [createUiDefinition.json]({{ armTemplateBasePath }}createUiDefinition.json). -- Click **Preview** +- Select **Preview**. -- Fill in values, see [running Oracle WebLogic Server on Azure Kuberneters Service document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). +- Fill in the appropriate values. For guidance, see [running Oracle WebLogic Server on Azure Kuberneters Service document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). - - **Basics** blade, configure the creadentials for WebLogic and select User assigned managed identity. + - **Basics** blade, configure the credentials for WebLogic and select User assigned managed identity. - If you are updating a WebLogic cluster, make sure you have right domain UID and domain name. - - **Configure AKS cluter** blade, configure the AKS cluster, image selection and Java EE application selection. + - In the **Configure AKS cluter** blade, configure the AKS cluster, image selection and Java EE application selection. - If you are updating a WebLogic cluster, make sure you have selected the right AKS cluster and ACR. - - **TLS/SSL configuration** blade, configure TLS/SSL certificates for Identity Key Store and Trust Key Store, which will be applied to WebLogic cluster. + - In the **TLS/SSL configuration** blade, configure TLS/SSL certificates for Identity Key Store and Trust Key Store, which will be applied to WebLogic cluster. - - **Networking** blade, configure Standard Load Balancer service and Application Gateway Ingress Controller. + - In the **Networking** blade, configure Standard Load Balancer service and Application Gateway Ingress Controller. - - **DNS configuration** blade, configure custom DNS alias for WebLogic Console portal and cluster. + - In the **DNS configuration** blade, configure custom DNS alias for WebLogic Console portal and cluster. - - **Database** blade, configure datasource connection. If you want to enable other database, select `Other` in **Choose database type** and finish the required inputs. + - In the **Database** blade, configure datasource connection. If you want to enable other database, select `Other` in **Choose database type** and finish the required inputs. -- Click **Review+create**, the Azure UI Definition Sandbox will validate the inputs, you must resolve error if there is before going on. +- Select **Review+create**, the Azure UI Definition Sandbox will validate the inputs, you must resolve any errors before proceeding. You will find a message "Validation Passed". -- Click **View outputs payload**, copy the payload and save it to a file named `parameters.json` +- **Here is the most important step:** Select **View outputs payload**, copy the payload and save it to a file named `parameters.json` ### Configure advanced parameters diff --git a/_includes/sub-template-dnszone.md b/_includes/sub-template-dnszone.md index f2422dcf3..942cd6e24 100644 --- a/_includes/sub-template-dnszone.md +++ b/_includes/sub-template-dnszone.md @@ -32,4 +32,4 @@ Name: ns1-01.azure-dns.com Address: 2603:1061::1 ``` -We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. \ No newline at end of file +We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. To create an Azure DNS Zone, follow the steps in [Quickstart: Create an Azure DNS zone and record using the Azure portal](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal). diff --git a/aks/mainTemplate.md b/aks/mainTemplate.md index 5964fcdcf..e4576b1de 100644 --- a/aks/mainTemplate.md +++ b/aks/mainTemplate.md @@ -7,16 +7,18 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or # Create Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration -This page documents how to create Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration using Azure CLI. +This page documents how to create an Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration using the Azure CLI. ## Introduction {% include sub-template-advanced-usage.md %} -This document will guide you to create a WebLogic cluster using the advanced configurations. +This document will guide you to create or update a WebLogic Server cluster in ways that supplement and enhance the capabilities offered by the Azure Marketplace offer. ## Prerequisites +This section lists several prerequisites for activating the features in the guidance. Optional prerequisites are marked as (optional) + ### Environment for Setup * [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. @@ -25,48 +27,39 @@ This document will guide you to create a WebLogic cluster using the advanced con You are required to input the ID of a user-assigned managed identity. -Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) -to create a user-assigned managed identity. +To create a user-assigned managed identity, follow the steps in [Manage user-assigned managed identities](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal). -To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. +You will need the resource ID of the identity. To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; select **JSON View** and copy the **Resource ID**. ### Azure Storage account -If you are deploying Java EE application or using your own datasource driver, you are required to -have application packages and jdbc libraries in Azure Storage Account. +If you are deploying a Java EE application or using your own JDBC datasource driver, you are required to +have application packages and jdbc libraries uploaded to a blob storage container in an Azure Storage Account. -Follow this [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) to create Azure Storage Account and blobs. +To create Azure Storage Account and blobs, follow the steps in [Quickstart: Upload, download, and list blobs with the Azure portal](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal). Upload your application packages (.jar, .war, .ear files) to the blob. Upload your jdbc drivers (.jar files) to the blob. -### Azure Service Principal - -Optional. +### Azure Service Principal (optional) -If you are going to enable Azure Application Gatway Ingress Controller, you are required to input -a Base64 encoded JSON string of a service principal for the selected subscription. +If you are going to enable the Azure Application Gateway Ingress Controller, you are required to input a Base64 encoded JSON string for the service principal for the selected subscription. -You can generate one with command `az ad sp create-for-rbac --sdk-auth | base64 -w0`. +You can generate one with command `az ad sp create-for-rbac --sdk-auth | base64 -w0`. **Note: on macOS, omit the `-w0` flag**. -### Database Instance - -Optional. +### Database Instance (optional) If you are going to apply a database with {{ site.data.var.wlsFullBrandName }}, -you must have an existing database instance to use. +you must have an existing database instance to use. This template builds with datasource driver for three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), -[Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please -create one from the Azure portal. - -If you want to use other databse, you must provide a running data server, -make sure the database is accessible from Azure. Then specify a datasource driver url via `dbDriverLibrariesUrls `, datasource driver name via `dbDriverName` and test table name `dbTestTableName`, see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for more information. +[Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please create one from the Azure portal. -### Custom DNS +If you want to use any other databse, you must provide a running database instance. +Make sure the database is accessible from Azure. Specify a datasource driver url via `dbDriverLibrariesUrls `, datasource driver name via `dbDriverName` and test table name `dbTestTableName`, see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for more information. -Optional. +### Custom DNS (optional) {% include sub-template-dnszone.md %} From d8f5ea26a98e75ec813abc7e17ce2114112e11b3 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Tue, 14 Dec 2021 16:12:15 -0800 Subject: [PATCH 17/42] On branch galiacheng-gh-pages Completed copyediting for mainTemplate and included files. Your branch is up to date with 'galiacheng/gh-pages'. modified: _data/var.yml modified: _includes/sub-template-advanced-usage.md modified: _includes/sub-template-create-update-wls-on-aks.md modified: aks/mainTemplate.md Signed-off-by: Ed Burns --- _data/var.yml | 2 +- _includes/sub-template-advanced-usage.md | 2 +- .../sub-template-create-update-wls-on-aks.md | 19 ++++++++----------- aks/mainTemplate.md | 6 +++--- 4 files changed, 13 insertions(+), 16 deletions(-) diff --git a/_data/var.yml b/_data/var.yml index 39d90a30b..6ad4035f2 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2021-12-04-02-Q4 +artifactsLocationTag: 2021-12-14-03-Q4 diff --git a/_includes/sub-template-advanced-usage.md b/_includes/sub-template-advanced-usage.md index 05e00f295..824125239 100644 --- a/_includes/sub-template-advanced-usage.md +++ b/_includes/sub-template-advanced-usage.md @@ -1,4 +1,4 @@ -We have an [Azure Marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) that +Oracle and Microsoft maintain an [Azure Marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) that makes it easy to get started with WebLogic Server on Azure. For complete documentation on the offer, see [the user guide](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). If you need to go beyond the capabilities of the Azure Marketplace offer, this guidance enables several advanced features. The following features and more are possible. diff --git a/_includes/sub-template-create-update-wls-on-aks.md b/_includes/sub-template-create-update-wls-on-aks.md index 15d3cf374..f2ae50901 100644 --- a/_includes/sub-template-create-update-wls-on-aks.md +++ b/_includes/sub-template-create-update-wls-on-aks.md @@ -6,12 +6,7 @@ This section shows how to obtain the values for the required properties. ### Obtain parameter values from Azure portal -The first step is to obtain the parameter values from Azure portal, as Azure portal eases the interface and validation. -You can define TLS/SSL configuration, Load Balancer setting, Application Gateway integration, custom DNS configuration and Database using the interface. - -If you prefer to edit a json file, you can also create the objects in your parameter file directly. - -The following steps use the [Azure Create UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade) to obtain the values. The Azure UI Definition Sandbox provides controls to select resources and input your values easily. **More importantly, this approach generates syntactically valid JSON, eliminating an important class of data entry error.** +The following steps use the [Azure Create UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade) to obtain the values. If you prefer to edit a json file, you can also create the objects in your parameters file directly. The Azure UI Definition Sandbox provides controls to select resources and input your values easily. **More importantly, this approach generates syntactically valid JSON, eliminating an important class of data entry error.** - Use your favourite browser and open the [Azure UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade). @@ -39,18 +34,20 @@ The following steps use the [Azure Create UI Definition Sandbox](https://portal. - Select **Review+create**, the Azure UI Definition Sandbox will validate the inputs, you must resolve any errors before proceeding. - You will find a message "Validation Passed". + You will find a message "Validation Passed". **You are now done with the Sandbox.** -- **Here is the most important step:** Select **View outputs payload**, copy the payload and save it to a file named `parameters.json` +- Select **View outputs payload**, copy the payload and save it to a file named `parameters.json` ### Configure advanced parameters +Now that you have a syntactically and semantically correct `parameters.json`, you must add some additional parameters, depending on the features you want to configure. + | Advanced parameter Name | Explanation | |----------------|-------------| | `_artifactsLocation`| Required. See below for details. | -| `aciResourcePermissions`| Optinal. Boolean value.
The parameter activates when Azure Container Insight is enabled, `enableAzureMonitoring=true`. `false`: Set the workspace to workspace-context permissions. This is the default setting if the flag isn't set. `true`: Set the workspace to resource-context permissions. See [Azure Monitor access control mode](https://docs.microsoft.com/en-us/azure/azure-monitor/logs/manage-access#configure-access-control-mode) | +| `aciResourcePermissions`| Optinal. Boolean value.
The parameter activates when Azure Container Insights is enabled. If `false`: Set the workspace to workspace-context permissions. This is the default setting if the flag isn't set. If `true`: Set the workspace to resource-context permissions. See [Azure Monitor access control mode](https://docs.microsoft.com/en-us/azure/azure-monitor/logs/manage-access#configure-access-control-mode) | | `aciRetentionInDays`| Optinal. Integer value.
Number of days to retain data in Azure Monitor workspace. | -| `aciWorkspaceSku`| Optinal. Enum value.
Pricing tier: PerGB2018 or legacy tiers (Free, Standalone, PerNode, Standard or Premium) which are not available to all customers.. | +| `aciWorkspaceSku`| Optinal. Enum value.
For the set of valid values for this parameter, see the **sku** property in [Resource Manager template samples for Log Analytics workspaces in Azure Monitor](https://docs.microsoft.com/en-us/azure/azure-monitor/logs/resource-manager-workspace#template-file) | | `aksAgentPoolName` | Optinal. String value.
The name for this node pool. Node pool must contain only lowercase letters and numbers. For Linux node pools the name cannot be longer than 12 characters. | | `aksVersion`| Optinal. String value.
Version of Azure Kubernetes Service. Use default version if no specified value. | | `enableAdminT3Tunneling`| Optinal. Boolean value.
Configure a custom channel in Admin Server for the T3 protocol that enables HTTP tunneling. | @@ -69,4 +66,4 @@ This value must be the following. {{ armTemplateBasePath }} ``` -Append the expected advanced parameter to `parameters.json`. And make sure `_artifactsLocation` is presenting in `parameters.json`. +Append the expected advanced parameter to `parameters.json`. And make sure `_artifactsLocation` is present with the value shown above in `parameters.json`. diff --git a/aks/mainTemplate.md b/aks/mainTemplate.md index e4576b1de..330228be3 100644 --- a/aks/mainTemplate.md +++ b/aks/mainTemplate.md @@ -5,9 +5,9 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or {% include variables.md %} -# Create Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration +# Advanced and post deployment actions with Oracle WebLogic Server cluster on {{ site.data.var.aksFullName }} -This page documents how to create an Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration using the Azure CLI. +This document describes how to create and/or update an Oracle WebLogic Server cluster on {{ site.data.var.aksFullName }} using the Azure CLI. ## Introduction @@ -17,7 +17,7 @@ This document will guide you to create or update a WebLogic Server cluster in wa ## Prerequisites -This section lists several prerequisites for activating the features in the guidance. Optional prerequisites are marked as (optional) +This section lists several prerequisites for activating the features as described in the guidance. Optional prerequisites are marked as (optional) ### Environment for Setup From 1eeab948e72c89671c291a40a23b92a06d04ce9c Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Tue, 14 Dec 2021 17:23:11 -0800 Subject: [PATCH 18/42] On branch galiacheng-gh-pages Increase use of includes. Continue copyediting. modified: _includes/sub-template-create-update-wls-on-aks.md modified: _includes/sub-template-dnszone.md new file: _includes/sub-template-prerequisites-db.md new file: _includes/sub-template-prerequisites-sp.md new file: _includes/sub-template-prerequisites-storage.md new file: _includes/sub-template-prerequisites-uami.md new file: _includes/sub-template-prerequisites-wls.md new file: _includes/sub-template-prerequisites.md modified: aks/dbTemplate.md modified: aks/index.md modified: aks/mainTemplate.md modified: aks/updateAppTemplate.md modified: aks/updateClusterTemplate.md --- .../sub-template-create-update-wls-on-aks.md | 74 +++++++++ _includes/sub-template-dnszone.md | 2 + _includes/sub-template-prerequisites-db.md | 11 ++ _includes/sub-template-prerequisites-sp.md | 6 + .../sub-template-prerequisites-storage.md | 11 ++ _includes/sub-template-prerequisites-uami.md | 7 + _includes/sub-template-prerequisites-wls.md | 3 + _includes/sub-template-prerequisites.md | 13 ++ aks/dbTemplate.md | 15 +- aks/index.md | 4 +- aks/mainTemplate.md | 116 +-------------- aks/updateAppTemplate.md | 35 ++--- aks/updateClusterTemplate.md | 140 +----------------- 13 files changed, 153 insertions(+), 284 deletions(-) create mode 100644 _includes/sub-template-prerequisites-db.md create mode 100644 _includes/sub-template-prerequisites-sp.md create mode 100644 _includes/sub-template-prerequisites-storage.md create mode 100644 _includes/sub-template-prerequisites-uami.md create mode 100644 _includes/sub-template-prerequisites-wls.md create mode 100644 _includes/sub-template-prerequisites.md diff --git a/_includes/sub-template-create-update-wls-on-aks.md b/_includes/sub-template-create-update-wls-on-aks.md index f2ae50901..8a0677d9b 100644 --- a/_includes/sub-template-create-update-wls-on-aks.md +++ b/_includes/sub-template-create-update-wls-on-aks.md @@ -67,3 +67,77 @@ This value must be the following. ``` Append the expected advanced parameter to `parameters.json`. And make sure `_artifactsLocation` is present with the value shown above in `parameters.json`. + +#### Example Parameters JSON + +This is a sample to create WebLogic cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. +The parameters using default value haven't been shown for brevity. + +```json +{ + "_artifactsLocation": { + "value": "{{ armTemplateBasePath }}" + }, + "acrName": { + "value": "sampleacr" + }, + "aksClusterName": { + "value": "sampleaks" + }, + "aksClusterRGName": { + "value": "sampleaksgroup" + }, + "createACR": { + "value": false + }, + "createAKSCluster": { + "value": false + }, + "enableAdminT3Tunneling": { + "value": true + }, + "enableClusterT3Tunneling": { + "value": true + }, + "identity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} + } + } + }, + "lbSvcValues": { + "value": [ + { + "colName": "domain1-admin-t3", + "colTarget": "adminServerT3", + "colPort": "7005" + }, + { + "colName": "domain-cluster-t3", + "colTarget": "cluster1T3", + "colPort": "8011" + } + ] + }, + "location": { + "value": "eastus" + }, + "ocrSSOPSW": { + "value": "Secret123!" + }, + "ocrSSOUser": { + "value": "sample@foo.com" + }, + "wdtRuntimePassword": { + "value": "Secret123!" + }, + "wlsPassword": { + "value": "Secret123!" + }, + "wlsUserName": { + "value": "weblogic" + } + } +``` diff --git a/_includes/sub-template-dnszone.md b/_includes/sub-template-dnszone.md index 942cd6e24..46556c88c 100644 --- a/_includes/sub-template-dnszone.md +++ b/_includes/sub-template-dnszone.md @@ -4,6 +4,8 @@ Copyright (c) 2021, Oracle and/or its affiliates. Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. --> +### Custom DNS (optional) + #### Registered Domain Name You need to buy a domain name to create a custom DNS alias. diff --git a/_includes/sub-template-prerequisites-db.md b/_includes/sub-template-prerequisites-db.md new file mode 100644 index 000000000..36f7aa3ee --- /dev/null +++ b/_includes/sub-template-prerequisites-db.md @@ -0,0 +1,11 @@ +### Database Instance (optional) + +If you are going to apply a database with {{ site.data.var.wlsFullBrandName }}, +you must have an existing database instance to use. + +This template builds with datasource driver for three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), +[Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please create one from the Azure portal. + +If you want to use any other databse, you must provide a running database instance. +Make sure the database is accessible from Azure. Specify a datasource driver url via `dbDriverLibrariesUrls `, datasource driver name via `dbDriverName` and test table name `dbTestTableName`, see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for more information. + diff --git a/_includes/sub-template-prerequisites-sp.md b/_includes/sub-template-prerequisites-sp.md new file mode 100644 index 000000000..212fd6f78 --- /dev/null +++ b/_includes/sub-template-prerequisites-sp.md @@ -0,0 +1,6 @@ +### Azure Service Principal (optional) + +If you are going to enable the Azure Application Gateway Ingress Controller, you are required to input a Base64 encoded JSON string for the service principal for the selected subscription. + +You can generate one with command `az ad sp create-for-rbac --sdk-auth | base64 -w0`. **Note: on macOS, omit the `-w0` flag**. + diff --git a/_includes/sub-template-prerequisites-storage.md b/_includes/sub-template-prerequisites-storage.md new file mode 100644 index 000000000..f652d8cf0 --- /dev/null +++ b/_includes/sub-template-prerequisites-storage.md @@ -0,0 +1,11 @@ +### Azure Storage account + +If you are deploying a Java EE application or using your own JDBC datasource driver, you are required to +have application packages and jdbc libraries uploaded to a blob storage container in an Azure Storage Account. + +To create Azure Storage Account and blobs, follow the steps in [Quickstart: Upload, download, and list blobs with the Azure portal](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal). + +Upload your application packages (.jar, .war, .ear files) to the blob. + +Upload your jdbc drivers (.jar files) to the blob. + diff --git a/_includes/sub-template-prerequisites-uami.md b/_includes/sub-template-prerequisites-uami.md new file mode 100644 index 000000000..06c25431d --- /dev/null +++ b/_includes/sub-template-prerequisites-uami.md @@ -0,0 +1,7 @@ +### Azure Managed Identity + +You are required to input the ID of a user-assigned managed identity that has the **Contributor** at the subscription level of the current subscription. + +To create a user-assigned managed identity, follow the steps in [Manage user-assigned managed identities](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal). + +You will need the resource ID of the identity. To obtain ID of the identity: go to Azure Portal; open the identity **Overview** page; select **JSON View** and copy the **Resource ID**. diff --git a/_includes/sub-template-prerequisites-wls.md b/_includes/sub-template-prerequisites-wls.md new file mode 100644 index 000000000..819c4a868 --- /dev/null +++ b/_includes/sub-template-prerequisites-wls.md @@ -0,0 +1,3 @@ +### WebLogic Server Instance + +The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). diff --git a/_includes/sub-template-prerequisites.md b/_includes/sub-template-prerequisites.md new file mode 100644 index 000000000..7a74594bd --- /dev/null +++ b/_includes/sub-template-prerequisites.md @@ -0,0 +1,13 @@ +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +{% include sub-template-prerequisites-uami.md %} + +{% include sub-template-prerequisites-storage.md %} + +{% include sub-template-prerequisites-sp.md %} + +{% include sub-template-prerequisites-db.md %} + +{% include sub-template-dnszone.md %} diff --git a/aks/dbTemplate.md b/aks/dbTemplate.md index d20ab95a2..3ca5fa5b9 100644 --- a/aks/dbTemplate.md +++ b/aks/dbTemplate.md @@ -5,7 +5,7 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or {% include variables.md %} -# Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} that is running on AKS +# Apply Database ARM Template to existing {{ site.data.var.wlsFullBrandName }} This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure database using Azure CLI. @@ -23,18 +23,9 @@ You can invoke the database ARM template to: * [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. -### Azure Managed Indentify +{% include sub-template-prerequisites-uami.md %} -You are required to input the ID of a user-assigned managed identity. - -Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) -to create a user-assigned managed identity. - -To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. - -### WebLogic Server Instance - -The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). +{% include sub-template-prerequisites-wls.md %} If you are using your own datasource driver, make sure the datasource driver is uploaded during the WebLogic Server instance provisioning. diff --git a/aks/index.md b/aks/index.md index 07a97d153..a33109762 100644 --- a/aks/index.md +++ b/aks/index.md @@ -7,9 +7,9 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or Templates available for working with [{{ site.data.var.wlsFullBrandName }} on {{ site.data.var.aksFullName }}](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks): -* [Create WebLogic cluster with advanced configuration](mainTemplate.md) +* [Create WebLogic Server cluster with advanced configuration](mainTemplate.md) -* [Update WebLogic cluster with advanced configuration](updateClusterTemplate.md) +* [Update WebLogic Server cluster with advanced configuration](updateClusterTemplate.md) * [Configure a database connection](dbTemplate.md) diff --git a/aks/mainTemplate.md b/aks/mainTemplate.md index 330228be3..912343895 100644 --- a/aks/mainTemplate.md +++ b/aks/mainTemplate.md @@ -5,127 +5,23 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or {% include variables.md %} -# Advanced and post deployment actions with Oracle WebLogic Server cluster on {{ site.data.var.aksFullName }} +# Advanced actions with Oracle WebLogic Server cluster on {{ site.data.var.aksFullName }} -This document describes how to create and/or update an Oracle WebLogic Server cluster on {{ site.data.var.aksFullName }} using the Azure CLI. +This document describes how to create an {{ site.data.var.wlsFullBrandName }} cluster on {{ site.data.var.aksFullName }} using the Azure CLI. ## Introduction {% include sub-template-advanced-usage.md %} -This document will guide you to create or update a WebLogic Server cluster in ways that supplement and enhance the capabilities offered by the Azure Marketplace offer. +This document will guide you to create a WebLogic Server cluster in ways that supplement and enhance the capabilities offered by the Azure Marketplace offer. The techniques described in this document go beyond what you can configure using the Azure Marketplace offer. ## Prerequisites This section lists several prerequisites for activating the features as described in the guidance. Optional prerequisites are marked as (optional) -### Environment for Setup - -* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. - -### Azure Managed Indentify - -You are required to input the ID of a user-assigned managed identity. - -To create a user-assigned managed identity, follow the steps in [Manage user-assigned managed identities](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal). - -You will need the resource ID of the identity. To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; select **JSON View** and copy the **Resource ID**. - -### Azure Storage account - -If you are deploying a Java EE application or using your own JDBC datasource driver, you are required to -have application packages and jdbc libraries uploaded to a blob storage container in an Azure Storage Account. - -To create Azure Storage Account and blobs, follow the steps in [Quickstart: Upload, download, and list blobs with the Azure portal](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal). - -Upload your application packages (.jar, .war, .ear files) to the blob. - -Upload your jdbc drivers (.jar files) to the blob. - -### Azure Service Principal (optional) - -If you are going to enable the Azure Application Gateway Ingress Controller, you are required to input a Base64 encoded JSON string for the service principal for the selected subscription. - -You can generate one with command `az ad sp create-for-rbac --sdk-auth | base64 -w0`. **Note: on macOS, omit the `-w0` flag**. - -### Database Instance (optional) - -If you are going to apply a database with {{ site.data.var.wlsFullBrandName }}, -you must have an existing database instance to use. - -This template builds with datasource driver for three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), -[Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please create one from the Azure portal. - -If you want to use any other databse, you must provide a running database instance. -Make sure the database is accessible from Azure. Specify a datasource driver url via `dbDriverLibrariesUrls `, datasource driver name via `dbDriverName` and test table name `dbTestTableName`, see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for more information. - -### Custom DNS (optional) - -{% include sub-template-dnszone.md %} - -{% include sub-template-create-update-wls-on-aks.md %} - -#### Example Parameters JSON - -This is a sample to create WebLogic cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. -The parameters using default value haven't been shown for brevity. - -```json -{ - "_artifactsLocation": { - "value": "{{ armTemplateBasePath }}" - }, - "createACR": { - "value": true - }, - "enableAdminT3Tunneling": { - "value": true - }, - "enableClusterT3Tunneling": { - "value": true - }, - "identity": { - "value": { - "type": "UserAssigned", - "userAssignedIdentities": { - "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} - } - } - }, - "lbSvcValues": { - "value": [ - { - "colName": "domain1-admin-t3", - "colTarget": "adminServerT3", - "colPort": "7005" - }, - { - "colName": "domain-cluster-t3", - "colTarget": "cluster1T3", - "colPort": "8011" - } - ] - }, - "location": { - "value": "eastus" - }, - "ocrSSOPSW": { - "value": "Secret123!" - }, - "ocrSSOUser": { - "value": "sample@foo.com" - }, - "wdtRuntimePassword": { - "value": "Secret123!" - }, - "wlsPassword": { - "value": "Secret123!" - }, - "wlsUserName": { - "value": "weblogic" - } - } -``` +{% include sub-template-prerequisites.md %} + +{% include sub-template-create-update-wls-on-aks.md %} ## Invoke the ARM template diff --git a/aks/updateAppTemplate.md b/aks/updateAppTemplate.md index 92605d6aa..099657f6b 100644 --- a/aks/updateAppTemplate.md +++ b/aks/updateAppTemplate.md @@ -5,19 +5,19 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or {% include variables.md %} -# Apply Update Application ARM Template to {{ site.data.var.wlsFullBrandName }} that is running on AKS +# Update the Java application in an existing {{ site.data.var.wlsFullBrandName }} -This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with Java EE applications using Azure CLI. +This page documents how to update an existing deployment of {{ site.data.var.wlsFullBrandName }} with a Java EE applications using Azure CLI. -You can invoke the ARM template to: +You can invoke this ARM template to: - - Update a running Java EE application with new version. +- Update a running Java EE application with new version. - - Remove a running Java EE application. +- Remove a running Java EE application. - - Deploy a new Java EE application. +- Deploy a new Java EE application. -The template will only update the application deployments in WebLogic cluster, without any change to other configuration. +The template will only update the application deployments in the {{ site.data.var.wlsFullBrandName }} cluster, without any change to other configuration. ## Prerequisites @@ -25,26 +25,11 @@ The template will only update the application deployments in WebLogic cluster, w * [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. -### Azure Managed Indentify +{% include sub-template-prerequisites-uami.md %} -You are required to input the ID of a user-assigned managed identity. +{% include sub-template-prerequisites-wls.md %} -Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) -to create a user-assigned managed identity. - -To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. - -### WebLogic Server Instance - -The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). - -### Azure Storage account - -You are required to upload the application packages to Azure Storage Account. - -Follow this [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) to create Azure Storage Account and blobs. - -Upload your application packages (.jar, .war, .ear files) to the blob. +{% include sub-template-prerequisites-storage.md %} ## Prepare the Parameters JSON file diff --git a/aks/updateClusterTemplate.md b/aks/updateClusterTemplate.md index 056fccdeb..355ad1556 100644 --- a/aks/updateClusterTemplate.md +++ b/aks/updateClusterTemplate.md @@ -5,7 +5,7 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or {% include variables.md %} -# Update Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration +# Post deployment actions for Oracle WebLogic Server cluster on {{ site.data.var.aksFullName }} This page documents how to update Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration using Azure CLI. @@ -25,69 +25,11 @@ This document will guide you to update a WebLogic cluster using the advanced con ## Prerequisites -### Environment for Setup +{% include sub-template-prerequisites.md %} -* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. +## Updating the existing WebLogic Server cluster -### WebLogic Server Instance - -The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). - -### Azure Managed Indentify - -You are required to input the ID of a user-assigned managed identity. - -Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) -to create a user-assigned managed identity. - -To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. - -### Azure Storage account - -If you are deploying Java EE application or using your own datasource driver, you are required to -have application packages and jdbc libraries in Azure Storage Account. - -Follow this [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) to create Azure Storage Account and blobs. - -Upload your application packages (.jar, .war, .ear files) to the blob. - -Upload your jdbc drivers (.jar files) to the blob. - -### Azure Service Principal - -Optional. - -If you have enabled Azure Application Gatway Ingress Controller, you are not allowed to configure the gateway ingress again. -You can access console portal and application using the previous address. - -If you are going to enable Azure Application Gatway Ingress Controller, you are required to input -a Base64 encoded JSON string of a service principal for the selected subscription. - -You can generate one with command `az ad sp create-for-rbac --sdk-auth | base64 -w0`. - -### Database Instance - -Optional. - -If you are going to apply a database with {{ site.data.var.wlsFullBrandName }}, -you must have an existing database instance to use. - -This template builds with datasource driver for three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), -[Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please -create one from the Azure portal. - -If you want to use other databse, you must provide a running data server, -make sure the database is accessible from Azure. Then specify a datasource driver url via `dbDriverLibrariesUrls `, datasource driver name via `dbDriverName` and test table name `dbTestTableName`, see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for more information. - -### Custom DNS - -Optional. - -{% include sub-template-dnszone.md %} - -{% include sub-template-create-update-wls-on-aks.md %} - -The template will apply the new confguration in `parameters.json` to the running WebLogic cluster, please double check you have specified: +The template will apply the new configuration in `parameters.json` to the running WebLogic cluster, please double check you have specified: - The same credentials for WebLogic - The same domain name and domain UID. @@ -144,79 +86,7 @@ Parameters for domain should look like, ignore them if you used the default valu } ``` -#### Example Parameters JSON - -This is a sample to create WebLogic cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. -The parameters using default value haven't been shown for brevity. - -```json -{ - "_artifactsLocation": { - "value": "{{ armTemplateBasePath }}" - }, - "acrName": { - "value": "sampleacr" - }, - "aksClusterName": { - "value": "sampleaks" - }, - "aksClusterRGName": { - "value": "sampleaksgroup" - }, - "createACR": { - "value": false - }, - "createAKSCluster": { - "value": false - }, - "enableAdminT3Tunneling": { - "value": true - }, - "enableClusterT3Tunneling": { - "value": true - }, - "identity": { - "value": { - "type": "UserAssigned", - "userAssignedIdentities": { - "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} - } - } - }, - "lbSvcValues": { - "value": [ - { - "colName": "domain1-admin-t3", - "colTarget": "adminServerT3", - "colPort": "7005" - }, - { - "colName": "domain-cluster-t3", - "colTarget": "cluster1T3", - "colPort": "8011" - } - ] - }, - "location": { - "value": "eastus" - }, - "ocrSSOPSW": { - "value": "Secret123!" - }, - "ocrSSOUser": { - "value": "sample@foo.com" - }, - "wdtRuntimePassword": { - "value": "Secret123!" - }, - "wlsPassword": { - "value": "Secret123!" - }, - "wlsUserName": { - "value": "weblogic" - } - } -``` +{% include sub-template-create-update-wls-on-aks.md %} ## Invoke the ARM template From 09c58c430464aa1f8ba8a8f2e0efc00dc141e6fb Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 16 Dec 2021 10:26:33 +0800 Subject: [PATCH 19/42] Apply comments from @rosemarymarano Signed-off-by: galiacheng --- _includes/sub-template-advanced-usage.md | 2 +- .../sub-template-create-update-wls-on-aks.md | 4 +- _includes/sub-template-dnszone.md | 2 +- _includes/sub-template-prerequisites-db.md | 4 +- .../sub-template-prerequisites-storage.md | 6 +-- aks/dbTemplate.md | 50 +++++++++---------- aks/updateAppTemplate.md | 14 +++--- aks/updateClusterTemplate.md | 2 +- 8 files changed, 42 insertions(+), 42 deletions(-) diff --git a/_includes/sub-template-advanced-usage.md b/_includes/sub-template-advanced-usage.md index 824125239..4096e839c 100644 --- a/_includes/sub-template-advanced-usage.md +++ b/_includes/sub-template-advanced-usage.md @@ -7,6 +7,6 @@ If you need to go beyond the capabilities of the Azure Marketplace offer, this g - Customize Azure Kubernetes Service version and Agent Pool name. -- Create custom T3 channel for WebLogic Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer service. +- Create custom T3 channel for WebLogic Server Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer service. - Customize the CPU and memory resources for server pod. This enables you to go beyond the default values of 200m and 1.5Gi. diff --git a/_includes/sub-template-create-update-wls-on-aks.md b/_includes/sub-template-create-update-wls-on-aks.md index 8a0677d9b..aef9ad89e 100644 --- a/_includes/sub-template-create-update-wls-on-aks.md +++ b/_includes/sub-template-create-update-wls-on-aks.md @@ -6,7 +6,7 @@ This section shows how to obtain the values for the required properties. ### Obtain parameter values from Azure portal -The following steps use the [Azure Create UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade) to obtain the values. If you prefer to edit a json file, you can also create the objects in your parameters file directly. The Azure UI Definition Sandbox provides controls to select resources and input your values easily. **More importantly, this approach generates syntactically valid JSON, eliminating an important class of data entry error.** +The following steps use the [Azure Create UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade) to obtain the values. If you prefer to edit a JSON file, you can also create the objects in your parameters file directly. The Azure UI Definition Sandbox provides controls to select resources and input your values easily. **More importantly, this approach generates syntactically valid JSON, eliminating an important class of data entry error.** - Use your favourite browser and open the [Azure UI Definition Sandbox](https://portal.azure.com/?feature.customPortal=false#blade/Microsoft_Azure_CreateUIDef/SandboxBlade). @@ -30,7 +30,7 @@ The following steps use the [Azure Create UI Definition Sandbox](https://portal. - In the **DNS configuration** blade, configure custom DNS alias for WebLogic Console portal and cluster. - - In the **Database** blade, configure datasource connection. If you want to enable other database, select `Other` in **Choose database type** and finish the required inputs. + - In the **Database** blade, configure data source connection. If you want to enable other database, select `Other` in **Choose database type** and finish the required inputs. - Select **Review+create**, the Azure UI Definition Sandbox will validate the inputs, you must resolve any errors before proceeding. diff --git a/_includes/sub-template-dnszone.md b/_includes/sub-template-dnszone.md index 46556c88c..0673ba42f 100644 --- a/_includes/sub-template-dnszone.md +++ b/_includes/sub-template-dnszone.md @@ -12,7 +12,7 @@ You need to buy a domain name to create a custom DNS alias. #### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com diff --git a/_includes/sub-template-prerequisites-db.md b/_includes/sub-template-prerequisites-db.md index 36f7aa3ee..24f555a22 100644 --- a/_includes/sub-template-prerequisites-db.md +++ b/_includes/sub-template-prerequisites-db.md @@ -3,9 +3,9 @@ If you are going to apply a database with {{ site.data.var.wlsFullBrandName }}, you must have an existing database instance to use. -This template builds with datasource driver for three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), +This template builds with data source driver for three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please create one from the Azure portal. If you want to use any other databse, you must provide a running database instance. -Make sure the database is accessible from Azure. Specify a datasource driver url via `dbDriverLibrariesUrls `, datasource driver name via `dbDriverName` and test table name `dbTestTableName`, see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for more information. +Make sure the database is accessible from Azure. Specify a data source driver url via `dbDriverLibrariesUrls `, data source driver name via `dbDriverName` and test table name `dbTestTableName`, see [Database](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/#database) for more information. diff --git a/_includes/sub-template-prerequisites-storage.md b/_includes/sub-template-prerequisites-storage.md index f652d8cf0..1fdf9298d 100644 --- a/_includes/sub-template-prerequisites-storage.md +++ b/_includes/sub-template-prerequisites-storage.md @@ -1,11 +1,11 @@ ### Azure Storage account -If you are deploying a Java EE application or using your own JDBC datasource driver, you are required to -have application packages and jdbc libraries uploaded to a blob storage container in an Azure Storage Account. +If you are deploying a Java EE application or using your own JDBC data source driver, you are required to +have application packages and JDBC libraries uploaded to a blob storage container in an Azure Storage Account. To create Azure Storage Account and blobs, follow the steps in [Quickstart: Upload, download, and list blobs with the Azure portal](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal). Upload your application packages (.jar, .war, .ear files) to the blob. -Upload your jdbc drivers (.jar files) to the blob. +Upload your JDBC drivers (.jar files) to the blob. diff --git a/aks/dbTemplate.md b/aks/dbTemplate.md index 3ca5fa5b9..ad9fbacd6 100644 --- a/aks/dbTemplate.md +++ b/aks/dbTemplate.md @@ -11,11 +11,11 @@ This page documents how to configure an existing deployment of {{ site.data.var. You can invoke the database ARM template to: - - Create a new datasource connection, you can have multiple datasource connections in your cluster. + - Create a new data source connection, you can have multiple data source connections in your cluster. - - Update an existing datasource connection + - Update an existing data source connection - - Delete an existing datasource connection + - Delete an existing data source connection ## Prerequisites @@ -27,49 +27,49 @@ You can invoke the database ARM template to: {% include sub-template-prerequisites-wls.md %} -If you are using your own datasource driver, make sure the datasource driver is uploaded during the WebLogic Server instance provisioning. +If you are using your own data source driver, make sure the data source driver is uploaded during the WebLogic Server instance provisioning. -You can create a WebLogic cluster with datasource driver library with steps: +You can create a WebLogic cluster with data source driver library with steps: - Open [WebLogic on AKS marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) - Input values to **Basics** and **Config AKS cluster** blade - - In the Database blade, select **Yes** to connect to database. For **Choose databse type**, select **Other**, upload datasource driver in **Datasource driver**. + - In the Database blade, select **Yes** to connect to database. For **Choose databse type**, select **Other**, upload data source driver in **data source driver**. - Finish other inputs, create **Review + create** to provison a cluster. -You will get a WebLogic cluster with your datasource driver built in the image. +You will get a WebLogic cluster with your data source driver built in the image. ### Database Instance To apply a database with {{ site.data.var.wlsFullBrandName }}, you must have an existing database instance to use. -#### Work with built-in datasource driver +#### Work with built-in data source driver -The marketplace offer ships with database driver for [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). You can invoke the dbTemplate to create datasource connection for those database. +The marketplace offer ships with database driver for [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). You can invoke the dbTemplate to create data source connection for those database. If you do not have an instance, please create one from Azure portal. -#### Bring your own datasource driver +#### Bring your own data source driver -Besides [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal), you are able to create datasource connection using other databases, such as [IBM Informix](https://www.ibm.com/products/informix) and [MariaDB](https://mariadb.org/), but you have to follow those steps to achieve that: +Besides [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal), you are able to create data source connection using other databases, such as [IBM Informix](https://www.ibm.com/products/informix) and [MariaDB](https://mariadb.org/), but you have to follow those steps to achieve that: - Create your database server, and make sure the database is accessible from Azure. - - Ship your database driver to WebLogic cluster. The only approach to upload a datasource driver is using [marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks). The offer enables you to bring your own datasource driver. See [WebLogic Server Instance](#webLogic-server-instance) + - Ship your database driver to WebLogic cluster. The only approach to upload a data source driver is using [marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks). The offer enables you to bring your own data source driver. See [WebLogic Server Instance](#webLogic-server-instance) - - Invoke the dbTemplate to update an existing datasource connection or create another new datasource connection. + - Invoke the dbTemplate to update an existing data source connection or create another new data source connection. -### Apply multiple datasource +### Apply multiple data source -You may want to enable multiple datasource in your cluster for the following usage: - - Create multiple datasource connections using the same database - - Create multiple datasource connections using different databases +You may want to enable multiple data source in your cluster for the following usage: + - Create multiple data source connections using the same database + - Create multiple data source connections using different databases -You can deploy different datasource connections using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. +You can deploy different data source connections using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. -To deploy datasource using your own datasource driver, we assume the datasource driver has been uploaded to the cluster. See [WebLogic Server Instance](#webLogic-server-instance) +To deploy data source using your own data source driver, we assume the data source driver has been uploaded to the cluster. See [WebLogic Server Instance](#webLogic-server-instance) ## Prepare the Parameters JSON file @@ -77,16 +77,16 @@ To deploy datasource using your own datasource driver, we assume the datasource |----------------|-------------| | `_artifactsLocation`| Required. See below for details. | | `aksClusterName`| Required. String value.
Name of the AKS cluster. Must be the same value provided at deployment time. | -| `dbPassword`| Required. String value.
Password for the datasource connection. | -| `dbUser`| Required. String value.
User id for the datasource connection. | +| `dbPassword`| Required. String value.
Password for the data source connection. | +| `dbUser`| Required. String value.
User id for the data source connection. | | `dsConnectionURL` | Required. String value.
JDBC connection string. | | `identity` | Required. Object value.
Azure user managed identity used, make sure the identity has permission to create/update/delete Azure resources. It's recommended to assign "Contributor" role. | -| `jdbcDataSourceName` | Required. String value.
JDBC name for the datasource connection. | +| `jdbcDataSourceName` | Required. String value.
JDBC name for the data source connection. | | `wlsDomainUID` | Required. String value.
UID of the domain that you are going to update. Make sure it's the same with the initial cluster deployment. | | `wlsPassword` | Required. String value.
Password for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | | `wlsUserName` | Required. String value.
User name for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | -| `databaseType`| Optinal. Enum value.
Defaults by `oracle`.
`oracle`: will provision a [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database) datasoruce connection.
`postgresql`: will provision a [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) datasource connection.
`sqlserver`: will provision a [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) datasource connection. | -| `dbConfigurationType`| Optinal. Enum value.
Defaults by `createOrUpdate`.
`createOrUpdate`: the deployment will create a new datasource connection if there is no datasource has the same name with `jdbcDataSourceName`, otherwise, will update the expected datasource with new inputs.
`delete`: the deployment will delete a datasource connection that has name `jdbcDataSourceName` | +| `databaseType`| Optinal. Enum value.
Defaults by `oracle`.
`oracle`: will provision a [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database) datasoruce connection.
`postgresql`: will provision a [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) data source connection.
`sqlserver`: will provision a [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) data source connection. | +| `dbConfigurationType`| Optinal. Enum value.
Defaults by `createOrUpdate`.
`createOrUpdate`: the deployment will create a new data source connection if there is no data source has the same name with `jdbcDataSourceName`, otherwise, will update the expected data source with new inputs.
`delete`: the deployment will delete a data source connection that has name `jdbcDataSourceName` | | `dbGlobalTranPro` | Optinal. Enum value.
Defaults by `OnePhaseCommit`. The transaction protocol (global transaction processing behavior) for the data source. You may use one from: `["TwoPhaseCommit", "LoggingLastResource", "OnePhaseCommit", "None"]`| ### `_artifactsLocation` @@ -101,7 +101,7 @@ This value must be the following. The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. -{% include sub-template-datasource-connection-url.md %} +{% include sub-template-data source-connection-url.md %} #### Example Parameters JSON diff --git a/aks/updateAppTemplate.md b/aks/updateAppTemplate.md index 099657f6b..e65f20924 100644 --- a/aks/updateAppTemplate.md +++ b/aks/updateAppTemplate.md @@ -42,7 +42,7 @@ The template will only update the application deployments in the {{ site.data.va | `identity` | Required. Object value.
Azure user managed identity used, make sure the identity has permission to create/update/delete Azure resources. It's recommended to assign "Contributor" role. | | `wlsDomainName` | Required. String value.
Password for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | | `wlsDomainUID` | Required. String value.
User name for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | -| `appPackageUrls`| Optinal. Array.
String array of Java EE applciation location, which can be downloaded using "curl". Currently, only support urls of Azure Storage Account blob. | +| `appPackageUrls`| Optinal. Array.
String array of Java EE applciation location, which can be downloaded using "curl". Currently, only support URLs of Azure Storage Account blob. | | `appPackageFromStorageBlob`| Optinal. Object value.
Key `storageAccountName` specify the storage account name, the template will download application package from this storage account.
Key `containerName` specify the container name that stores the Java EE application. | | `ocrSSOPSW` | Optional. String value.
Password for Oracle SSO account. | | `ocrSSOUser` | Optional. String value.
User name for Oracle SSO account. | @@ -65,14 +65,14 @@ This value must be the following. The template supports two approach to specify the location of Java EE application. The template will update the cluter with applications specified in `appPackageUrls` and `appPackageFromStorageBlob`. -#### SAS Urls +#### SAS URLs -You can specify the application urls via `appPackageUrls`. The template only supports url from Azure Storage Account. -Make sure the urls are accessible from public network. -You may want to update one application, but you must include all the application SAS urls in the parameter. +You can specify the application URLs via `appPackageUrls`. The template only supports url from Azure Storage Account. +Make sure the URLs are accessible from public network. +You may want to update one application, but you must include all the application SAS URLs in the parameter. If you are removing an application, do not include the application url. -Steps to obtain SAS urls: +Steps to obtain SAS URLs: * Open your Storage Account from Azure portal. If you don't have, please follow this [guide](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal) to create one. @@ -100,7 +100,7 @@ Steps to obtain SAS urls: * Repeat step 4 for other applicatios. - * Now you have all the urls. `appPackageUrls` will be value like `["sasUrl1", "sasUrl2"]`. + * Now you have all the URLs. `appPackageUrls` will be value like `["sasUrl1", "sasUrl2"]`. It should present in parameters.json like: diff --git a/aks/updateClusterTemplate.md b/aks/updateClusterTemplate.md index 355ad1556..a25258ced 100644 --- a/aks/updateClusterTemplate.md +++ b/aks/updateClusterTemplate.md @@ -29,7 +29,7 @@ This document will guide you to update a WebLogic cluster using the advanced con ## Updating the existing WebLogic Server cluster -The template will apply the new configuration in `parameters.json` to the running WebLogic cluster, please double check you have specified: +The template will apply the new configuration in `parameters.json` to the running WebLogic cluster, please double check that you have specified: - The same credentials for WebLogic - The same domain name and domain UID. From 70e6d244bda87d2ee688f80c80ba6e88e3324ab1 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 15 Dec 2021 22:27:28 -0500 Subject: [PATCH 20/42] Fix spelling errors --- _includes/sub-template-advanced-usage.md | 6 +++++- admin/customDNSTemplate.md | 16 ++++++++-------- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/_includes/sub-template-advanced-usage.md b/_includes/sub-template-advanced-usage.md index 4096e839c..7ee8acc1a 100644 --- a/_includes/sub-template-advanced-usage.md +++ b/_includes/sub-template-advanced-usage.md @@ -1,5 +1,5 @@ Oracle and Microsoft maintain an [Azure Marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) that -makes it easy to get started with WebLogic Server on Azure. For complete documentation on the offer, see [the user guide](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). +makes it easy to get started with {{ site.data.var.wlsFullBrandName }} on Azure. For complete documentation on the offer, see [the user guide](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). If you need to go beyond the capabilities of the Azure Marketplace offer, this guidance enables several advanced features. The following features and more are possible. @@ -7,6 +7,10 @@ If you need to go beyond the capabilities of the Azure Marketplace offer, this g - Customize Azure Kubernetes Service version and Agent Pool name. +<<<<<<< HEAD - Create custom T3 channel for WebLogic Server Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer service. +======= +- Create custom T3 channel for {{ site.data.var.wlsFullBrandName }} Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer service. +>>>>>>> Start to apply Rosemary edits - Customize the CPU and memory resources for server pod. This enables you to go beyond the default values of 200m and 1.5Gi. diff --git a/admin/customDNSTemplate.md b/admin/customDNSTemplate.md index a10ed799e..4f8a3d3eb 100644 --- a/admin/customDNSTemplate.md +++ b/admin/customDNSTemplate.md @@ -17,7 +17,7 @@ This page documents how to configure an existing deployment of {{ site.data.var. ### WebLogic Server Instance -The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). +The DNS Configuration ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). ### Registered Domain Name @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have performed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com @@ -47,9 +47,9 @@ Name: ns1-01.azure-dns.com Address: 2603:1061::1 ``` -We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. +We strongly recommend you create an Azure DNS Zone for domain management and reuse it for other purpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. -### Azure Managed Indentify +### Azure Managed Identity If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. @@ -64,7 +64,7 @@ We provide an automation shell script for DNS configuration. You must specify th | Parameter Name             | Explanation | |----------------|-------------| -| `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| +| `--admin-vm-name`| Required. Name of virtual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| | `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | | `--artifact-location`| Required. See below for details. | | `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | @@ -104,7 +104,7 @@ $ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data --artifact-location {{ armTemplateBasePath }} \ --location eastus \ --zone-name contoso.com \ - --identity-id `yourIndentityID` \ + --identity-id `yourIdentityID` \ --zone-resource-group `yourDNSZoneResourceGroup` ``` @@ -114,7 +114,7 @@ An example output: Done! Custom DNS alias: - Resource group: haiche-dns-doc + Resource group: contoso-dns-doc WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console @@ -156,7 +156,7 @@ Action required: ] Custom DNS alias: - Resource group: haiche-dns-doc + Resource group: contoso-dns-doc WebLogic Server Administration Console URL: http://admin.contoso.com:7001/console WebLogic Server Administration Console secured URL: https://admin.contoso.com:7002/console ``` From 3e92e9f6bf7a77349d7641e5883189ef6e8f79f7 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 15 Dec 2021 22:28:58 -0500 Subject: [PATCH 21/42] Fix spelling errors --- _includes/sub-template-advanced-usage.md | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/_includes/sub-template-advanced-usage.md b/_includes/sub-template-advanced-usage.md index 7ee8acc1a..bcf9cbe15 100644 --- a/_includes/sub-template-advanced-usage.md +++ b/_includes/sub-template-advanced-usage.md @@ -7,10 +7,5 @@ If you need to go beyond the capabilities of the Azure Marketplace offer, this g - Customize Azure Kubernetes Service version and Agent Pool name. -<<<<<<< HEAD -- Create custom T3 channel for WebLogic Server Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer service. -======= -- Create custom T3 channel for {{ site.data.var.wlsFullBrandName }} Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer service. ->>>>>>> Start to apply Rosemary edits - +- Create custom T3 channel for {{ site.data.var.wlsFullBrandName }} Administration Server and cluster and expose the T3 channel via Azure Standard Load Balancer - Customize the CPU and memory resources for server pod. This enables you to go beyond the default values of 200m and 1.5Gi. From 9bb8f72b595d48b333ef723fcf9622c8cb1e7590 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 15 Dec 2021 22:37:29 -0500 Subject: [PATCH 22/42] On branch galiacheng-gh-pages find . -type f -exec perl -i.bak -pe s/Once you have completed/After you have completed/g; {} ; -print modified: cluster/customDNSTemplate.md modified: dynamic-cluster/customDNSTemplate.md modified: subtemplate-src/admin-customDNSTemplate.md modified: subtemplate-src/cluster-customDNSTemplate.md modified: subtemplate-src/dynamic-cluster-customDNSTemplate.md modified: subtemplate-src/dynamic-customDNSTemplate.md Signed-off-by: Ed Burns --- cluster/customDNSTemplate.md | 2 +- dynamic-cluster/customDNSTemplate.md | 2 +- subtemplate-src/admin-customDNSTemplate.md | 2 +- subtemplate-src/cluster-customDNSTemplate.md | 2 +- subtemplate-src/dynamic-cluster-customDNSTemplate.md | 2 +- subtemplate-src/dynamic-customDNSTemplate.md | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cluster/customDNSTemplate.md b/cluster/customDNSTemplate.md index 8182d0d0d..ba4bfb4b3 100644 --- a/cluster/customDNSTemplate.md +++ b/cluster/customDNSTemplate.md @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com diff --git a/dynamic-cluster/customDNSTemplate.md b/dynamic-cluster/customDNSTemplate.md index 63b42e405..a7ae0e572 100644 --- a/dynamic-cluster/customDNSTemplate.md +++ b/dynamic-cluster/customDNSTemplate.md @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com diff --git a/subtemplate-src/admin-customDNSTemplate.md b/subtemplate-src/admin-customDNSTemplate.md index a10ed799e..0b9fbeb07 100644 --- a/subtemplate-src/admin-customDNSTemplate.md +++ b/subtemplate-src/admin-customDNSTemplate.md @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com diff --git a/subtemplate-src/cluster-customDNSTemplate.md b/subtemplate-src/cluster-customDNSTemplate.md index 8182d0d0d..ba4bfb4b3 100644 --- a/subtemplate-src/cluster-customDNSTemplate.md +++ b/subtemplate-src/cluster-customDNSTemplate.md @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com diff --git a/subtemplate-src/dynamic-cluster-customDNSTemplate.md b/subtemplate-src/dynamic-cluster-customDNSTemplate.md index 63b42e405..a7ae0e572 100644 --- a/subtemplate-src/dynamic-cluster-customDNSTemplate.md +++ b/subtemplate-src/dynamic-cluster-customDNSTemplate.md @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com diff --git a/subtemplate-src/dynamic-customDNSTemplate.md b/subtemplate-src/dynamic-customDNSTemplate.md index 63b42e405..a7ae0e572 100644 --- a/subtemplate-src/dynamic-customDNSTemplate.md +++ b/subtemplate-src/dynamic-customDNSTemplate.md @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). Once you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com From b38b7773c7519d55a4c9da71e4dd012cfaeb4e00 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 16 Dec 2021 12:06:38 +0800 Subject: [PATCH 23/42] Fix datasource with data source globally. Signed-off-by: galiacheng Changes to be committed: modified: admin/dbTemplate.md modified: aks/dbTemplate.md modified: cluster/dbTemplate.md modified: dynamic-cluster/dbTemplate.md modified: subtemplate-src/dbTemplate.md --- admin/dbTemplate.md | 2 +- aks/dbTemplate.md | 2 +- cluster/dbTemplate.md | 2 +- dynamic-cluster/dbTemplate.md | 2 +- subtemplate-src/dbTemplate.md | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/admin/dbTemplate.md b/admin/dbTemplate.md index 5645b516a..159d7342d 100644 --- a/admin/dbTemplate.md +++ b/admin/dbTemplate.md @@ -51,7 +51,7 @@ You must construct a parameters JSON file containing the parameters to the datab | `dbPassword`| See below for details. | | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | -| `jdbcDataSourceName`| Must be the JNDI name for the JDBC DataSource. | +| `jdbcDataSourceName`| Must be the JNDI name for the JDBC data source. | | `location` | Must be the same region into which the server was initially deployed. | | `wlsPassword` | Must be the same value provided at deployment time. | | `wlsUserName` | Must be the same value provided at deployment time. | diff --git a/aks/dbTemplate.md b/aks/dbTemplate.md index ad9fbacd6..54aebe753 100644 --- a/aks/dbTemplate.md +++ b/aks/dbTemplate.md @@ -101,7 +101,7 @@ This value must be the following. The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. -{% include sub-template-data source-connection-url.md %} +{% include sub-template-datasource-connection-url.md %} #### Example Parameters JSON diff --git a/cluster/dbTemplate.md b/cluster/dbTemplate.md index 5645b516a..159d7342d 100644 --- a/cluster/dbTemplate.md +++ b/cluster/dbTemplate.md @@ -51,7 +51,7 @@ You must construct a parameters JSON file containing the parameters to the datab | `dbPassword`| See below for details. | | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | -| `jdbcDataSourceName`| Must be the JNDI name for the JDBC DataSource. | +| `jdbcDataSourceName`| Must be the JNDI name for the JDBC data source. | | `location` | Must be the same region into which the server was initially deployed. | | `wlsPassword` | Must be the same value provided at deployment time. | | `wlsUserName` | Must be the same value provided at deployment time. | diff --git a/dynamic-cluster/dbTemplate.md b/dynamic-cluster/dbTemplate.md index 5645b516a..159d7342d 100644 --- a/dynamic-cluster/dbTemplate.md +++ b/dynamic-cluster/dbTemplate.md @@ -51,7 +51,7 @@ You must construct a parameters JSON file containing the parameters to the datab | `dbPassword`| See below for details. | | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | -| `jdbcDataSourceName`| Must be the JNDI name for the JDBC DataSource. | +| `jdbcDataSourceName`| Must be the JNDI name for the JDBC data source. | | `location` | Must be the same region into which the server was initially deployed. | | `wlsPassword` | Must be the same value provided at deployment time. | | `wlsUserName` | Must be the same value provided at deployment time. | diff --git a/subtemplate-src/dbTemplate.md b/subtemplate-src/dbTemplate.md index 5645b516a..159d7342d 100644 --- a/subtemplate-src/dbTemplate.md +++ b/subtemplate-src/dbTemplate.md @@ -51,7 +51,7 @@ You must construct a parameters JSON file containing the parameters to the datab | `dbPassword`| See below for details. | | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | -| `jdbcDataSourceName`| Must be the JNDI name for the JDBC DataSource. | +| `jdbcDataSourceName`| Must be the JNDI name for the JDBC data source. | | `location` | Must be the same region into which the server was initially deployed. | | `wlsPassword` | Must be the same value provided at deployment time. | | `wlsUserName` | Must be the same value provided at deployment time. | From 8d8498485a1280d6740d319bdf88b9cae6f0d583 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 16 Dec 2021 12:43:17 +0800 Subject: [PATCH 24/42] Replace "WebLogic cluster" with Oracle WebLogic Server cluster globally. Signed-off-by: galiacheng Changes to be committed: modified: _includes/sub-template-create-update-wls-on-aks.md modified: admin/customDNSTemplate.md modified: aks/dbTemplate.md modified: aks/mainTemplate.md modified: aks/updateAppTemplate.md modified: aks/updateClusterTemplate.md modified: cluster/customDNSTemplate.md modified: dynamic-cluster/customDNSTemplate.md modified: dynamic-cluster/ohsNestedTemplate.md modified: subtemplate-src/admin-customDNSTemplate.md modified: subtemplate-src/cluster-customDNSTemplate.md modified: subtemplate-src/dynamic-cluster-customDNSTemplate.md modified: subtemplate-src/dynamic-cluster-ohsNestedTemplate.md modified: subtemplate-src/dynamic-customDNSTemplate.md --- .../sub-template-create-update-wls-on-aks.md | 16 ++++++++-------- admin/customDNSTemplate.md | 4 ++-- aks/dbTemplate.md | 10 +++++----- aks/mainTemplate.md | 2 +- aks/updateAppTemplate.md | 4 ++-- aks/updateClusterTemplate.md | 16 ++++++++-------- cluster/customDNSTemplate.md | 4 ++-- dynamic-cluster/customDNSTemplate.md | 4 ++-- dynamic-cluster/ohsNestedTemplate.md | 2 +- subtemplate-src/admin-customDNSTemplate.md | 4 ++-- subtemplate-src/cluster-customDNSTemplate.md | 4 ++-- .../dynamic-cluster-customDNSTemplate.md | 4 ++-- .../dynamic-cluster-ohsNestedTemplate.md | 2 +- subtemplate-src/dynamic-customDNSTemplate.md | 4 ++-- 14 files changed, 40 insertions(+), 40 deletions(-) diff --git a/_includes/sub-template-create-update-wls-on-aks.md b/_includes/sub-template-create-update-wls-on-aks.md index aef9ad89e..acdf963f9 100644 --- a/_includes/sub-template-create-update-wls-on-aks.md +++ b/_includes/sub-template-create-update-wls-on-aks.md @@ -16,19 +16,19 @@ The following steps use the [Azure Create UI Definition Sandbox](https://portal. - Fill in the appropriate values. For guidance, see [running Oracle WebLogic Server on Azure Kuberneters Service document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). - - **Basics** blade, configure the credentials for WebLogic and select User assigned managed identity. + - In the **Basics** blade, configure the credentials for {{ site.data.var.wlsFullBrandName }} and select User assigned managed identity. - - If you are updating a WebLogic cluster, make sure you have right domain UID and domain name. + - If you are updating an {{ site.data.var.wlsFullBrandName }} cluster, make sure you have right domain UID and domain name. - In the **Configure AKS cluter** blade, configure the AKS cluster, image selection and Java EE application selection. - - If you are updating a WebLogic cluster, make sure you have selected the right AKS cluster and ACR. + - If you are updating an {{ site.data.var.wlsFullBrandName }} cluster, make sure you have selected the right AKS cluster and ACR. - - In the **TLS/SSL configuration** blade, configure TLS/SSL certificates for Identity Key Store and Trust Key Store, which will be applied to WebLogic cluster. + - In the **TLS/SSL configuration** blade, configure TLS/SSL certificates for Identity Key Store and Trust Key Store, which will be applied to the {{ site.data.var.wlsFullBrandName }} cluster. - In the **Networking** blade, configure Standard Load Balancer service and Application Gateway Ingress Controller. - - In the **DNS configuration** blade, configure custom DNS alias for WebLogic Console portal and cluster. + - In the **DNS configuration** blade, configure custom DNS alias for {{ site.data.var.wlsFullBrandName }} Administration Console portal and cluster. - In the **Database** blade, configure data source connection. If you want to enable other database, select `Other` in **Choose database type** and finish the required inputs. @@ -51,9 +51,9 @@ Now that you have a syntactically and semantically correct `parameters.json`, yo | `aksAgentPoolName` | Optinal. String value.
The name for this node pool. Node pool must contain only lowercase letters and numbers. For Linux node pools the name cannot be longer than 12 characters. | | `aksVersion`| Optinal. String value.
Version of Azure Kubernetes Service. Use default version if no specified value. | | `enableAdminT3Tunneling`| Optinal. Boolean value.
Configure a custom channel in Admin Server for the T3 protocol that enables HTTP tunneling. | -| `enableClusterT3Tunneling` | Optinal. Boolean value.
Configure a custom channel in WebLogic cluster for the T3 protocol that enables HTTP tunneling. | +| `enableClusterT3Tunneling` | Optinal. Boolean value.
Configure a custom channel in the {{ site.data.var.wlsFullBrandName }} cluster for the T3 protocol that enables HTTP tunneling. | | `t3ChannelAdminPort` | Optinal. Integer value, 1-65535.
Sepcify cublic port of the custom T3 channel in admin server. | -| `t3ChannelClusterPort` | Optinal. Integer value, 1-65535.
Specify public port of the custom T3 channel in WebLoigc cluster. | +| `t3ChannelClusterPort` | Optinal. Integer value, 1-65535.
Specify public port of the custom T3 channel in the {{ site.data.var.wlsFullBrandName }} cluster. | | `wlsCPU` | Optinal. String value.
Sepcify CPU requests for admin server and managed server pods. See [Managing Resources for Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)| | `wlsMemory` | Optinal. String value.
Specify memory requests for admin server and managed server pods. See [Managing Resources for Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)| @@ -70,7 +70,7 @@ Append the expected advanced parameter to `parameters.json`. And make sure `_art #### Example Parameters JSON -This is a sample to create WebLogic cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. +This is a sample to create an {{ site.data.var.wlsFullBrandName }} cluster with custom T3 channel, and expose the T3 channel via Azure Load Balancer Service. The parameters using default value haven't been shown for brevity. ```json diff --git a/admin/customDNSTemplate.md b/admin/customDNSTemplate.md index 4f8a3d3eb..2356ac8ff 100644 --- a/admin/customDNSTemplate.md +++ b/admin/customDNSTemplate.md @@ -67,7 +67,7 @@ We provide an automation shell script for DNS configuration. You must specify th | `--admin-vm-name`| Required. Name of virtual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| | `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | | `--artifact-location`| Required. See below for details. | -| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--resource-group` | Required. Name of resource group that has an {{ site.data.var.wlsFullBrandName }} cluster deployed. | | `--location ` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name ` | Required. Azure DNS Zone name. | | `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| @@ -87,7 +87,7 @@ This value must be the following. We provide an automation script to configure a custom DNS alias. The script lets you do the following: * If you have an Azure DNS Zone, it will create a DNS alias for the admin console on the existing DNS Zone. - * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the {{ site.data.var.wlsFullBrandName }} cluster, then create the DNS alias for the admin console. ### Configure DNS Alias on an Existing Azure DNS Zone diff --git a/aks/dbTemplate.md b/aks/dbTemplate.md index 54aebe753..f605466ec 100644 --- a/aks/dbTemplate.md +++ b/aks/dbTemplate.md @@ -13,9 +13,9 @@ You can invoke the database ARM template to: - Create a new data source connection, you can have multiple data source connections in your cluster. - - Update an existing data source connection + - Update an existing data source connection. - - Delete an existing data source connection + - Delete an existing data source connection. ## Prerequisites @@ -29,7 +29,7 @@ You can invoke the database ARM template to: If you are using your own data source driver, make sure the data source driver is uploaded during the WebLogic Server instance provisioning. -You can create a WebLogic cluster with data source driver library with steps: +You can create an {{ site.data.var.wlsFullBrandName }} cluster with data source driver library with steps: - Open [WebLogic on AKS marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) @@ -39,7 +39,7 @@ You can create a WebLogic cluster with data source driver library with steps: - Finish other inputs, create **Review + create** to provison a cluster. -You will get a WebLogic cluster with your data source driver built in the image. +You will get an {{ site.data.var.wlsFullBrandName }} cluster with your data source driver built in the image. ### Database Instance @@ -57,7 +57,7 @@ Besides [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/ - Create your database server, and make sure the database is accessible from Azure. - - Ship your database driver to WebLogic cluster. The only approach to upload a data source driver is using [marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks). The offer enables you to bring your own data source driver. See [WebLogic Server Instance](#webLogic-server-instance) + - Ship your database driver to the {{ site.data.var.wlsFullBrandName }} cluster. The only approach to upload a data source driver is using [marketplace offer](https://portal.azure.com/?feature.customPortal=false#create/oracle.20210620-wls-on-aks20210620-wls-on-aks). The offer enables you to bring your own data source driver. See [WebLogic Server Instance](#webLogic-server-instance) - Invoke the dbTemplate to update an existing data source connection or create another new data source connection. diff --git a/aks/mainTemplate.md b/aks/mainTemplate.md index 912343895..2210894cb 100644 --- a/aks/mainTemplate.md +++ b/aks/mainTemplate.md @@ -26,7 +26,7 @@ This section lists several prerequisites for activating the features as describe ## Invoke the ARM template Assume your parameters file is available in the current directory and is named `parameters.json`. -This section shows the commands to create WebLogic cluster on AKS. +This section shows the commands to create an {{ site.data.var.wlsFullBrandName }} cluster on AKS. Use the command to create a resoruce group. diff --git a/aks/updateAppTemplate.md b/aks/updateAppTemplate.md index e65f20924..639178f7a 100644 --- a/aks/updateAppTemplate.md +++ b/aks/updateAppTemplate.md @@ -62,7 +62,7 @@ This value must be the following. ### Java EE application location -The template supports two approach to specify the location of Java EE application. +The template supports two approaches to specify the location of Java EE application. The template will update the cluter with applications specified in `appPackageUrls` and `appPackageFromStorageBlob`. #### SAS URLs @@ -181,7 +181,7 @@ If you are bringing your own image, you must provide the following parameters: #### Example Parameters JSON -This is an example to deploy Java EE application in `samplecontainer` to the WebLogic cluster, using Oracle base image. +This is an example to deploy Java EE application in `samplecontainer` to the {{ site.data.var.wlsFullBrandName }} cluster, using Oracle base image. The parameters using default value haven't been shown for brevity. ```json diff --git a/aks/updateClusterTemplate.md b/aks/updateClusterTemplate.md index a25258ced..6e91ba338 100644 --- a/aks/updateClusterTemplate.md +++ b/aks/updateClusterTemplate.md @@ -5,9 +5,9 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or {% include variables.md %} -# Post deployment actions for Oracle WebLogic Server cluster on {{ site.data.var.aksFullName }} +# Post deployment actions for {{ site.data.var.wlsFullBrandName }} cluster on {{ site.data.var.aksFullName }} -This page documents how to update Oracle WebLogic cluster on {{ site.data.var.aksFullName }} with advanced configuration using Azure CLI. +This page documents how to update the {{ site.data.var.wlsFullBrandName }} cluster on {{ site.data.var.aksFullName }} with advanced configuration using Azure CLI. ## Introduction @@ -15,21 +15,21 @@ This page documents how to update Oracle WebLogic cluster on {{ site.data.var.ak While, there are some limitations: -- No support to update a WebLogic cluster using older weblogic version, for example, you can not downgrade a 14.1.1.0 cluster to 12.2.1.4. +- No support to update an {{ site.data.var.wlsFullBrandName }} cluster using older weblogic version, for example, you can not downgrade a 14.1.1.0 cluster to 12.2.1.4. -- If you have enabled Azure Application Gatway Ingress Controller, you can not update the WebLogic cluster with TLS/SSL enabled to a cluster without TLS/SSL, otherwise, ingress will fail, you have to create new ingress for HTTP access. +- If you have enabled Azure Application Gatway Ingress Controller, you can not update the {{ site.data.var.wlsFullBrandName }} cluster with TLS/SSL enabled to a cluster without TLS/SSL, otherwise, ingress will fail, you have to create new ingress for HTTP access. - You have to specify all required parameters, even though you are not going to update some of them. -This document will guide you to update a WebLogic cluster using the advanced configurations. +This document will guide you to update an {{ site.data.var.wlsFullBrandName }} cluster using the advanced configurations. ## Prerequisites {% include sub-template-prerequisites.md %} -## Updating the existing WebLogic Server cluster +## Updating the existing {{ site.data.var.wlsFullBrandName }} cluster -The template will apply the new configuration in `parameters.json` to the running WebLogic cluster, please double check that you have specified: +The template will apply the new configuration in `parameters.json` to the running {{ site.data.var.wlsFullBrandName }} cluster, please double check that you have specified: - The same credentials for WebLogic - The same domain name and domain UID. @@ -91,7 +91,7 @@ Parameters for domain should look like, ignore them if you used the default valu ## Invoke the ARM template Assume your parameters file is available in the current directory and is named `parameters.json`. -This section shows the commands to create WebLogic cluster on AKS. +This section shows the commands to create an {{ site.data.var.wlsFullBrandName }} cluster on AKS. Set resource group name, should be the one running your AKS cluster. diff --git a/cluster/customDNSTemplate.md b/cluster/customDNSTemplate.md index ba4bfb4b3..0db025c79 100644 --- a/cluster/customDNSTemplate.md +++ b/cluster/customDNSTemplate.md @@ -67,7 +67,7 @@ We provide an automation shell script for DNS configuration. You must specify th | `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| | `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | | `--artifact-location`| Required. See below for details. | -| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--resource-group` | Required. Name of resource group that has an {{ site.data.var.wlsFullBrandName }} cluster deployed. | | `--location ` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name ` | Required. Azure DNS Zone name. | | `--gateway-label` | Optional. Label for applciation gateway. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| @@ -88,7 +88,7 @@ This value must be the following. We provide an automation script to configure a custom DNS alias. The script lets you do the following: * If you have an Azure DNS Zone, it will create a DNS alias for the admin console and application gateway on the existing DNS Zone. - * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console and application gateway. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the {{ site.data.var.wlsFullBrandName }} cluster, then create the DNS alias for the admin console and application gateway. ### Configure DNS Alias on an Existing Azure DNS Zone diff --git a/dynamic-cluster/customDNSTemplate.md b/dynamic-cluster/customDNSTemplate.md index a7ae0e572..ad7a7db4a 100644 --- a/dynamic-cluster/customDNSTemplate.md +++ b/dynamic-cluster/customDNSTemplate.md @@ -67,7 +67,7 @@ We provide an automation shell script for DNS configuration. You must specify th | `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| | `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | | `--artifact-location`| Required. See below for details. | -| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--resource-group` | Required. Name of resource group that has an {{ site.data.var.wlsFullBrandName }} cluster deployed. | | `--location` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name` | Required. Azure DNS Zone name. | | `--ohs-vm-name` | Optional. Specify name of the VM that hosts the Oracle HTTP Server Load Balancer. | @@ -89,7 +89,7 @@ This value must be the following. We provide an automation script to configure a custom DNS alias. The script lets you do the following: * If you have an Azure DNS Zone, it will create a DNS alias for the admin console and application gateway on the existing DNS Zone. - * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console and application gateway. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the {{ site.data.var.wlsFullBrandName }} cluster, then create the DNS alias for the admin console and application gateway. ### Configure DNS Alias on an Existing Azure DNS Zone diff --git a/dynamic-cluster/ohsNestedTemplate.md b/dynamic-cluster/ohsNestedTemplate.md index 16ede60a5..89503b001 100644 --- a/dynamic-cluster/ohsNestedTemplate.md +++ b/dynamic-cluster/ohsNestedTemplate.md @@ -209,7 +209,7 @@ Successful deployment provides Oracle HTTP Server access url in your output, sim Follow the steps to verify Oracle HTTP Server. * Visit the {{ site.data.var.wlsFullBrandName }} Admin console. -* In the left navigator, expand the tree to select **Deployments**, install some sample application targeted to WebLogic Cluster and start the service. +* In the left navigator, expand the tree to select **Deployments**, install some sample application targeted to the {{ site.data.var.wlsFullBrandName }} cluster and start the service. * Access your application using ohsAccessURL/application * Access your application using ohsSecureAccessURL/application diff --git a/subtemplate-src/admin-customDNSTemplate.md b/subtemplate-src/admin-customDNSTemplate.md index 0b9fbeb07..13354495c 100644 --- a/subtemplate-src/admin-customDNSTemplate.md +++ b/subtemplate-src/admin-customDNSTemplate.md @@ -67,7 +67,7 @@ We provide an automation shell script for DNS configuration. You must specify th | `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| | `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | | `--artifact-location`| Required. See below for details. | -| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--resource-group` | Required. Name of resource group that has an {{ site.data.var.wlsFullBrandName }} cluster deployed. | | `--location ` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name ` | Required. Azure DNS Zone name. | | `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| @@ -87,7 +87,7 @@ This value must be the following. We provide an automation script to configure a custom DNS alias. The script lets you do the following: * If you have an Azure DNS Zone, it will create a DNS alias for the admin console on the existing DNS Zone. - * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the {{ site.data.var.wlsFullBrandName }} cluster, then create the DNS alias for the admin console. ### Configure DNS Alias on an Existing Azure DNS Zone diff --git a/subtemplate-src/cluster-customDNSTemplate.md b/subtemplate-src/cluster-customDNSTemplate.md index ba4bfb4b3..0db025c79 100644 --- a/subtemplate-src/cluster-customDNSTemplate.md +++ b/subtemplate-src/cluster-customDNSTemplate.md @@ -67,7 +67,7 @@ We provide an automation shell script for DNS configuration. You must specify th | `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| | `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | | `--artifact-location`| Required. See below for details. | -| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--resource-group` | Required. Name of resource group that has an {{ site.data.var.wlsFullBrandName }} cluster deployed. | | `--location ` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name ` | Required. Azure DNS Zone name. | | `--gateway-label` | Optional. Label for applciation gateway. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| @@ -88,7 +88,7 @@ This value must be the following. We provide an automation script to configure a custom DNS alias. The script lets you do the following: * If you have an Azure DNS Zone, it will create a DNS alias for the admin console and application gateway on the existing DNS Zone. - * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console and application gateway. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the {{ site.data.var.wlsFullBrandName }} cluster, then create the DNS alias for the admin console and application gateway. ### Configure DNS Alias on an Existing Azure DNS Zone diff --git a/subtemplate-src/dynamic-cluster-customDNSTemplate.md b/subtemplate-src/dynamic-cluster-customDNSTemplate.md index a7ae0e572..ad7a7db4a 100644 --- a/subtemplate-src/dynamic-cluster-customDNSTemplate.md +++ b/subtemplate-src/dynamic-cluster-customDNSTemplate.md @@ -67,7 +67,7 @@ We provide an automation shell script for DNS configuration. You must specify th | `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| | `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | | `--artifact-location`| Required. See below for details. | -| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--resource-group` | Required. Name of resource group that has an {{ site.data.var.wlsFullBrandName }} cluster deployed. | | `--location` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name` | Required. Azure DNS Zone name. | | `--ohs-vm-name` | Optional. Specify name of the VM that hosts the Oracle HTTP Server Load Balancer. | @@ -89,7 +89,7 @@ This value must be the following. We provide an automation script to configure a custom DNS alias. The script lets you do the following: * If you have an Azure DNS Zone, it will create a DNS alias for the admin console and application gateway on the existing DNS Zone. - * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console and application gateway. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the {{ site.data.var.wlsFullBrandName }} cluster, then create the DNS alias for the admin console and application gateway. ### Configure DNS Alias on an Existing Azure DNS Zone diff --git a/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md b/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md index 16ede60a5..89503b001 100644 --- a/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md +++ b/subtemplate-src/dynamic-cluster-ohsNestedTemplate.md @@ -209,7 +209,7 @@ Successful deployment provides Oracle HTTP Server access url in your output, sim Follow the steps to verify Oracle HTTP Server. * Visit the {{ site.data.var.wlsFullBrandName }} Admin console. -* In the left navigator, expand the tree to select **Deployments**, install some sample application targeted to WebLogic Cluster and start the service. +* In the left navigator, expand the tree to select **Deployments**, install some sample application targeted to the {{ site.data.var.wlsFullBrandName }} cluster and start the service. * Access your application using ohsAccessURL/application * Access your application using ohsSecureAccessURL/application diff --git a/subtemplate-src/dynamic-customDNSTemplate.md b/subtemplate-src/dynamic-customDNSTemplate.md index a7ae0e572..ad7a7db4a 100644 --- a/subtemplate-src/dynamic-customDNSTemplate.md +++ b/subtemplate-src/dynamic-customDNSTemplate.md @@ -67,7 +67,7 @@ We provide an automation shell script for DNS configuration. You must specify th | `--admin-vm-name`| Required. Name of vitual machine that hosts {{ site.data.var.wlsFullBrandName }} admin server. Must be the same value provided at initial deployment time.| | `--admin-console-label` | Required. Label for {{ site.data.var.wlsFullBrandName }} admin console. Used to generate subdomain of admin console. | | `--artifact-location`| Required. See below for details. | -| `--resource-group` | Required. Name of resource group that has WebLogic cluster deployed. | +| `--resource-group` | Required. Name of resource group that has an {{ site.data.var.wlsFullBrandName }} cluster deployed. | | `--location` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name` | Required. Azure DNS Zone name. | | `--ohs-vm-name` | Optional. Specify name of the VM that hosts the Oracle HTTP Server Load Balancer. | @@ -89,7 +89,7 @@ This value must be the following. We provide an automation script to configure a custom DNS alias. The script lets you do the following: * If you have an Azure DNS Zone, it will create a DNS alias for the admin console and application gateway on the existing DNS Zone. - * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the WebLogic cluster, then create the DNS alias for the admin console and application gateway. + * If you don't have an Azure DNS Zone, it will create the DNS Zone in the same resource group as the {{ site.data.var.wlsFullBrandName }} cluster, then create the DNS alias for the admin console and application gateway. ### Configure DNS Alias on an Existing Azure DNS Zone From 0ed35216df5b3d0b8aa3812a7be8c501520196fb Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 16 Dec 2021 13:07:30 +0800 Subject: [PATCH 25/42] Fix pageDir. Signed-off-by: galiacheng --- _includes/variables.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/variables.md b/_includes/variables.md index a3043182f..ffe8f013e 100644 --- a/_includes/variables.md +++ b/_includes/variables.md @@ -17,7 +17,7 @@ Account for variability in the repo paths. something like https://raw.githubusercontent.com/galiacheng/weblogic-azure/2021-10-13-01-Q4/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/ {% endcomment %} -{% else if %} +{% elsif pageDir == "aks" %} {% capture armTemplateBasePath %}{{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForAks}}/src/main/arm/{% endcapture %} {% comment %} something like https://raw.githubusercontent.com/galiacheng/weblogic-azure/2021-10-13-01-Q4/weblogic-azure-aks/src/main/arm/ From e011a467f6096fd1f807b281cda92f47f8fe2d05 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 16 Dec 2021 13:20:06 +0800 Subject: [PATCH 26/42] Apply Java app to Oracle WebLogic Server cluster. Signed-off-by: galiacheng --- aks/updateAppTemplate.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aks/updateAppTemplate.md b/aks/updateAppTemplate.md index 639178f7a..2bff0f43e 100644 --- a/aks/updateAppTemplate.md +++ b/aks/updateAppTemplate.md @@ -5,7 +5,7 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or {% include variables.md %} -# Update the Java application in an existing {{ site.data.var.wlsFullBrandName }} +# Update the Java application in an existing {{ site.data.var.wlsFullBrandName }} cluster This page documents how to update an existing deployment of {{ site.data.var.wlsFullBrandName }} with a Java EE applications using Azure CLI. From a7d3fe066cca44204d97d6163153e4c2e14fee8f Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 27 Jan 2022 14:26:04 +0800 Subject: [PATCH 27/42] Add new parameter 'dbGlobalTranPro' to db document. Signed-off-by: galiacheng Changes to be committed: modified: admin/dbTemplate.md modified: cluster/dbTemplate.md modified: dynamic-cluster/dbTemplate.md modified: subtemplate-src/dbTemplate.md --- admin/dbTemplate.md | 1 + cluster/dbTemplate.md | 1 + dynamic-cluster/dbTemplate.md | 1 + subtemplate-src/dbTemplate.md | 1 + 4 files changed, 4 insertions(+) diff --git a/admin/dbTemplate.md b/admin/dbTemplate.md index 159d7342d..5d967936b 100644 --- a/admin/dbTemplate.md +++ b/admin/dbTemplate.md @@ -48,6 +48,7 @@ You must construct a parameters JSON file containing the parameters to the datab | `_artifactsLocation`| See below for details. | | `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | | `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `dbGlobalTranPro` | Determines the transaction protocol (global transaction processing behavior) for the data source. Must be one of `TwoPhaseCommit`, `LoggingLastResource`, `EmulateTwoPhaseCommit`, `OnePhaseCommit` or `None`. | | `dbPassword`| See below for details. | | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | diff --git a/cluster/dbTemplate.md b/cluster/dbTemplate.md index 159d7342d..5d967936b 100644 --- a/cluster/dbTemplate.md +++ b/cluster/dbTemplate.md @@ -48,6 +48,7 @@ You must construct a parameters JSON file containing the parameters to the datab | `_artifactsLocation`| See below for details. | | `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | | `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `dbGlobalTranPro` | Determines the transaction protocol (global transaction processing behavior) for the data source. Must be one of `TwoPhaseCommit`, `LoggingLastResource`, `EmulateTwoPhaseCommit`, `OnePhaseCommit` or `None`. | | `dbPassword`| See below for details. | | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | diff --git a/dynamic-cluster/dbTemplate.md b/dynamic-cluster/dbTemplate.md index 159d7342d..5d967936b 100644 --- a/dynamic-cluster/dbTemplate.md +++ b/dynamic-cluster/dbTemplate.md @@ -48,6 +48,7 @@ You must construct a parameters JSON file containing the parameters to the datab | `_artifactsLocation`| See below for details. | | `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | | `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `dbGlobalTranPro` | Determines the transaction protocol (global transaction processing behavior) for the data source. Must be one of `TwoPhaseCommit`, `LoggingLastResource`, `EmulateTwoPhaseCommit`, `OnePhaseCommit` or `None`. | | `dbPassword`| See below for details. | | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | diff --git a/subtemplate-src/dbTemplate.md b/subtemplate-src/dbTemplate.md index 159d7342d..5d967936b 100644 --- a/subtemplate-src/dbTemplate.md +++ b/subtemplate-src/dbTemplate.md @@ -48,6 +48,7 @@ You must construct a parameters JSON file containing the parameters to the datab | `_artifactsLocation`| See below for details. | | `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | | `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `dbGlobalTranPro` | Determines the transaction protocol (global transaction processing behavior) for the data source. Must be one of `TwoPhaseCommit`, `LoggingLastResource`, `EmulateTwoPhaseCommit`, `OnePhaseCommit` or `None`. | | `dbPassword`| See below for details. | | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | From f436e25e637805b52fcca3f08f8535a75c97e6cc Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 27 Jan 2022 14:28:28 +0800 Subject: [PATCH 28/42] use new tag 2022-01-28-1-Q1. Signed-off-by: galiacheng --- _data/var.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_data/var.yml b/_data/var.yml index 6ad4035f2..5fd361179 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2021-12-14-03-Q4 +artifactsLocationTag: 2022-01-28-1-Q1 From 87414690ec0ffa8c9f2d4fa1d7a54dd191cc3a7a Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 7 Feb 2022 17:29:36 -0800 Subject: [PATCH 29/42] Update tag to 2022-02-08-1-Q1 --- _data/var.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_data/var.yml b/_data/var.yml index 5fd361179..dab5d8626 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-01-28-1-Q1 +artifactsLocationTag: 2022-02-08-1-Q1 From d61877ee6070af31f1c4639e5fd938f9ecfec158 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 17 Feb 2022 10:08:23 +0800 Subject: [PATCH 30/42] add index page for vm documents. Signed-off-by: galiacheng Changes to be committed: new file: vms/index.md --- vms/index.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 vms/index.md diff --git a/vms/index.md b/vms/index.md new file mode 100644 index 000000000..c6c4ca13a --- /dev/null +++ b/vms/index.md @@ -0,0 +1,16 @@ + + +# Oracle WebLogic Server on Azure virtual machines + + +This page lists the collections of templates for working with existing deployments. + +* [Oracle WebLogic Server with Admin Server](../admin/index.md) + +* [Oracle WebLogic Server Cluster](../cluster/index.md) + +* [Oracle WebLogic Server Dynamic Cluster](../dynamic-cluster/index.md) + From 1df54512e7fd545f82636daff4e3d322599f6e8e Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 18 Feb 2022 12:14:00 +0800 Subject: [PATCH 31/42] remove index.md from the linked pathes. Signed-off-by: galiacheng Changes to be committed: modified: vms/index.md --- vms/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vms/index.md b/vms/index.md index c6c4ca13a..8e9d73fdf 100644 --- a/vms/index.md +++ b/vms/index.md @@ -8,9 +8,9 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or This page lists the collections of templates for working with existing deployments. -* [Oracle WebLogic Server with Admin Server](../admin/index.md) +* [Oracle WebLogic Server with Admin Server](../admin/) -* [Oracle WebLogic Server Cluster](../cluster/index.md) +* [Oracle WebLogic Server Cluster](../cluster/) -* [Oracle WebLogic Server Dynamic Cluster](../dynamic-cluster/index.md) +* [Oracle WebLogic Server Dynamic Cluster](../dynamic-cluster/) From 1b66c2da308782dd1ac4052dea849ce8b3170669 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 22 Apr 2022 17:27:11 -0400 Subject: [PATCH 32/42] On branch edburns-msft-101-actions-hygiene-gh-pages Update tag after successful run of https://github.com/oracle/weblogic-azure/actions/runs/2210104884 modified: _data/var.yml Signed-off-by: Ed Burns --- _data/var.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_data/var.yml b/_data/var.yml index dab5d8626..471ed5741 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-02-08-1-Q1 +artifactsLocationTag: 2022-04-22-1-Q2 From 1c3e30b6624e9ecca73da1e5a1c1a99ac13ced1d Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 8 Jun 2022 15:44:00 -0400 Subject: [PATCH 33/42] On branch gh-pages Merge this after merging #152. modified: _data/var.yml Signed-off-by: Ed Burns --- _data/var.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_data/var.yml b/_data/var.yml index 471ed5741..1fb55bd48 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-04-22-1-Q2 +artifactsLocationTag: 2022-06-08-1-Q2 From a3d350cad1e2895a127e9605cf5f54694363c35b Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 17 Jun 2022 13:41:07 -0400 Subject: [PATCH 34/42] On branch edburns-msft-gh-pages-2022-06-17-1-Q2 Use new tag 2022-06-17-1-Q2 modified: _data/var.yml Signed-off-by: Ed Burns --- _data/var.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_data/var.yml b/_data/var.yml index 1fb55bd48..1dc7f915c 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-06-08-1-Q2 +artifactsLocationTag: 2022-06-17-1-Q2 From 8dc8fe7aa72dcd3b8e75d8ef73685aa748ddb6c7 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 22 Aug 2022 15:26:04 +0800 Subject: [PATCH 35/42] add MySQL support in post deployment documents. Signed-off-by: galiacheng Changes to be committed: modified: _data/var.yml modified: _includes/sub-template-create-update-wls-on-aks.md new file: _includes/sub-template-datasource-mysql-connection-url.md modified: _includes/sub-template-prerequisites.md modified: aks/dbTemplate.md --- _data/var.yml | 2 +- .../sub-template-create-update-wls-on-aks.md | 10 +-------- ...emplate-datasource-mysql-connection-url.md | 19 ++++++++++++++++ _includes/sub-template-prerequisites.md | 4 ---- aks/dbTemplate.md | 22 +++++++++++++++---- 5 files changed, 39 insertions(+), 18 deletions(-) create mode 100644 _includes/sub-template-datasource-mysql-connection-url.md diff --git a/_data/var.yml b/_data/var.yml index 1dc7f915c..07237cabc 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-06-17-1-Q2 +artifactsLocationTag: 2022-08-22-1-Q3 diff --git a/_includes/sub-template-create-update-wls-on-aks.md b/_includes/sub-template-create-update-wls-on-aks.md index acdf963f9..10d1b1c18 100644 --- a/_includes/sub-template-create-update-wls-on-aks.md +++ b/_includes/sub-template-create-update-wls-on-aks.md @@ -16,7 +16,7 @@ The following steps use the [Azure Create UI Definition Sandbox](https://portal. - Fill in the appropriate values. For guidance, see [running Oracle WebLogic Server on Azure Kuberneters Service document](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/). - - In the **Basics** blade, configure the credentials for {{ site.data.var.wlsFullBrandName }} and select User assigned managed identity. + - In the **Basics** blade, configure the credentials for {{ site.data.var.wlsFullBrandName }}. - If you are updating an {{ site.data.var.wlsFullBrandName }} cluster, make sure you have right domain UID and domain name. @@ -99,14 +99,6 @@ The parameters using default value haven't been shown for brevity. "enableClusterT3Tunneling": { "value": true }, - "identity": { - "value": { - "type": "UserAssigned", - "userAssignedIdentities": { - "/subscriptions/subscription-id/resourceGroups/samples/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azure_wls_aks": {} - } - } - }, "lbSvcValues": { "value": [ { diff --git a/_includes/sub-template-datasource-mysql-connection-url.md b/_includes/sub-template-datasource-mysql-connection-url.md new file mode 100644 index 000000000..1266d8967 --- /dev/null +++ b/_includes/sub-template-datasource-mysql-connection-url.md @@ -0,0 +1,19 @@ +#### MySQL + +Deploy Azure Database for MySQL as described in [Create an Azure Database for MySQL server by using the Azure portal](https://docs.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal). + +1. Access the [Azure portal](https://portal.azure.com) and go to the service instance. + +2. Note that, for Azure Database for MySQL, you need to add @\ to the admin user name, similar to `weblogic@contoso`. + +3. Click **Connection Strings** under **Settings**. + +4. Locate the **JDBC** section and click the copy icon on the right to copy the JDBC connection script to the clipboard. The JDBC connection string will be the value of **url**, similar to the following: + +```bash +jdbc:mysql://contoso.mysql.database.azure.com:3306/{your_database}?useSSL=true&requireSSL=false +``` + +Next, replace `{your_database}` with the name of your database. + +You have to append arguments according to the WLS version you are using. \ No newline at end of file diff --git a/_includes/sub-template-prerequisites.md b/_includes/sub-template-prerequisites.md index 7a74594bd..ad074c551 100644 --- a/_includes/sub-template-prerequisites.md +++ b/_includes/sub-template-prerequisites.md @@ -2,12 +2,8 @@ * [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. -{% include sub-template-prerequisites-uami.md %} - {% include sub-template-prerequisites-storage.md %} -{% include sub-template-prerequisites-sp.md %} - {% include sub-template-prerequisites-db.md %} {% include sub-template-dnszone.md %} diff --git a/aks/dbTemplate.md b/aks/dbTemplate.md index f605466ec..93cd4f951 100644 --- a/aks/dbTemplate.md +++ b/aks/dbTemplate.md @@ -48,12 +48,12 @@ you must have an existing database instance to use. #### Work with built-in data source driver -The marketplace offer ships with database driver for [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). You can invoke the dbTemplate to create data source connection for those database. -If you do not have an instance, please create one from Azure portal. +The marketplace offer ships with database driver for [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) and [MySQL](https://www.mysql.com/). You can invoke the dbTemplate to create data source connection for those database. +If you do not have an instance, please create one from Azure portal. You are able to provision a MySQL instance quickly using [Azure Database for MySQL](https://docs.microsoft.com/en-us/azure/mysql/). #### Bring your own data source driver -Besides [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal), you are able to create data source connection using other databases, such as [IBM Informix](https://www.ibm.com/products/informix) and [MariaDB](https://mariadb.org/), but you have to follow those steps to achieve that: +Besides [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) and [MySQL](https://www.mysql.com/), you are able to create data source connection using other databases, such as [IBM Informix](https://www.ibm.com/products/informix) and [MariaDB](https://mariadb.org/), but you have to follow those steps to achieve that: - Create your database server, and make sure the database is accessible from Azure. @@ -85,7 +85,7 @@ To deploy data source using your own data source driver, we assume the data sour | `wlsDomainUID` | Required. String value.
UID of the domain that you are going to update. Make sure it's the same with the initial cluster deployment. | | `wlsPassword` | Required. String value.
Password for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | | `wlsUserName` | Required. String value.
User name for WebLogic Administrator. Make sure it's the same with the initial cluster deployment. | -| `databaseType`| Optinal. Enum value.
Defaults by `oracle`.
`oracle`: will provision a [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database) datasoruce connection.
`postgresql`: will provision a [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) data source connection.
`sqlserver`: will provision a [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) data source connection. | +| `databaseType`| Optinal. Enum value.
Defaults by `oracle`.
`oracle`: will provision a [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database) datasoruce connection.
`postgresql`: will provision a [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) data source connection.
`sqlserver`: will provision a [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) data source connection.
`mysql`: will provision a [MySQL](https://www.mysql.com/) data source connection. | | `dbConfigurationType`| Optinal. Enum value.
Defaults by `createOrUpdate`.
`createOrUpdate`: the deployment will create a new data source connection if there is no data source has the same name with `jdbcDataSourceName`, otherwise, will update the expected data source with new inputs.
`delete`: the deployment will delete a data source connection that has name `jdbcDataSourceName` | | `dbGlobalTranPro` | Optinal. Enum value.
Defaults by `OnePhaseCommit`. The transaction protocol (global transaction processing behavior) for the data source. You may use one from: `["TwoPhaseCommit", "LoggingLastResource", "OnePhaseCommit", "None"]`| @@ -103,6 +103,20 @@ The parameter `dsConnectionURL` stands for JDBC connection string. The connectio {% include sub-template-datasource-connection-url.md %} +{% include sub-template-datasource-mysql-connection-url.md %} + +* If you are using **Patched WebLogic Server Images** from [Oracle Container Registry](https://container-registry.oracle.com/) **middleware/weblogic_cpu** repository, you have to specify **serverTimezone**, like the following: + + ```bash + jdbc:mysql://contoso.mysql.database.azure.com:3306/guest?useSSL=true&requireSSL=false&serverTimezone=UTC + ``` + +* If you are using **General WebLogic Server Images** from [Oracle Container Registry](https://container-registry.oracle.com/) **middleware/weblogic** repository, you have to specify **serverTimezone** and **enabledTLSProtocols**, like the following: + + ```bash + jdbc:mysql://contoso.mysql.database.azure.com:3306/guest?useSSL=true&requireSSL=false&serverTimezone=UTC&enabledTLSProtocols=TLSv1.2 + ``` + #### Example Parameters JSON ```json From b94fe785e4a3843bd793a6a62d1fde0ea1e63947 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 19 Sep 2022 15:05:14 +0800 Subject: [PATCH 36/42] remove uami from DNS configuration doc --- _data/var.yml | 2 +- admin/customDNSTemplate.md | 15 ++------------- cluster/customDNSTemplate.md | 15 ++------------- dynamic-cluster/customDNSTemplate.md | 18 ++++-------------- subtemplate-src/admin-customDNSTemplate.md | 19 ++++--------------- subtemplate-src/cluster-customDNSTemplate.md | 19 ++++--------------- .../dynamic-cluster-customDNSTemplate.md | 18 ++++-------------- subtemplate-src/dynamic-customDNSTemplate.md | 4 ++-- 8 files changed, 23 insertions(+), 87 deletions(-) diff --git a/_data/var.yml b/_data/var.yml index 07237cabc..a144454fe 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-08-22-1-Q3 +artifactsLocationTag: 2022-09-19-1-Q3 diff --git a/admin/customDNSTemplate.md b/admin/customDNSTemplate.md index 2356ac8ff..59ab2a1ad 100644 --- a/admin/customDNSTemplate.md +++ b/admin/customDNSTemplate.md @@ -49,15 +49,6 @@ Address: 2603:1061::1 We strongly recommend you create an Azure DNS Zone for domain management and reuse it for other purpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. -### Azure Managed Identity - -If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. - -Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. - -To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. - - ## Prepare the Parameters We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. @@ -70,7 +61,6 @@ We provide an automation shell script for DNS configuration. You must specify th | `--resource-group` | Required. Name of resource group that has an {{ site.data.var.wlsFullBrandName }} cluster deployed. | | `--location ` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name ` | Required. Azure DNS Zone name. | -| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| | `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | | `--help` | Help. | @@ -96,7 +86,7 @@ To configure a DNS alias on an existing Azure DNS Zone, in addition to the requi This is an example to create a DNS alias `admin.contoso.com` for the admin console in an existing Azure DNS Zone. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ @@ -104,7 +94,6 @@ $ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data --artifact-location {{ armTemplateBasePath }} \ --location eastus \ --zone-name contoso.com \ - --identity-id `yourIdentityID` \ --zone-resource-group `yourDNSZoneResourceGroup` ``` @@ -128,7 +117,7 @@ To configure a DNS alias on a new Azure DNS Zone, you must specify the required This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ diff --git a/cluster/customDNSTemplate.md b/cluster/customDNSTemplate.md index 0db025c79..dd7a3c2c2 100644 --- a/cluster/customDNSTemplate.md +++ b/cluster/customDNSTemplate.md @@ -49,15 +49,6 @@ Address: 2603:1061::1 We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. -### Azure Managed Indentify - -If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. - -Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. - -To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. - - ## Prepare the Parameters We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. @@ -71,7 +62,6 @@ We provide an automation shell script for DNS configuration. You must specify th | `--location ` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name ` | Required. Azure DNS Zone name. | | `--gateway-label` | Optional. Label for applciation gateway. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| -| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| | `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | | `--help` | Help. | @@ -97,7 +87,7 @@ To configure a DNS alias on an existing Azure DNS Zone, in addition to the requi This is an example to create a DNS alias `admin.contoso.com` for the admin console and `applciations.contoso.com` for the application gateway on an existing Azure DNS Zone. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ @@ -106,7 +96,6 @@ $ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data --location eastus \ --zone-name contoso.com \ --gateway-label applications \ - --identity-id `yourIndentityID` \ --zone-resource-group `yourDNSZoneResourceGroup` ``` @@ -133,7 +122,7 @@ To configure a DNS alias on a new Azure DNS Zone, you must specify the required This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console and `applications.contoso.com` for application gateway. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ diff --git a/dynamic-cluster/customDNSTemplate.md b/dynamic-cluster/customDNSTemplate.md index ad7a7db4a..a4ee6364d 100644 --- a/dynamic-cluster/customDNSTemplate.md +++ b/dynamic-cluster/customDNSTemplate.md @@ -17,7 +17,7 @@ This page documents how to configure an existing deployment of {{ site.data.var. ### WebLogic Server Instance -The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). +The DNS Configuration ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). ### Registered Domain Name @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have performed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com @@ -49,14 +49,6 @@ Address: 2603:1061::1 We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. -### Azure Managed Indentify - -If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. - -Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. - -To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. - ## Prepare the Parameters @@ -72,7 +64,6 @@ We provide an automation shell script for DNS configuration. You must specify th | `--zone-name` | Required. Azure DNS Zone name. | | `--ohs-vm-name` | Optional. Specify name of the VM that hosts the Oracle HTTP Server Load Balancer. | | `--loadbalancer-label` | Optional. Label for Load Balancer. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| -| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| | `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | | `--help` | Help. | @@ -98,7 +89,7 @@ To configure a DNS alias on an existing Azure DNS Zone, in addition to the requi This is an example to create a DNS alias `admin.contoso.com` for the admin console and `applciations.contoso.com` for the application gateway on an existing Azure DNS Zone. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ @@ -108,7 +99,6 @@ $ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data --zone-name contoso.com \ --ohs-vm-name ohsVM \ --loadbalancer-label applications \ - --identity-id `yourIndentityID` \ --zone-resource-group `yourDNSZoneResourceGroup` ``` @@ -135,7 +125,7 @@ To configure a DNS alias on a new Azure DNS Zone, you must specify the required This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console and `applications.contoso.com` for application gateway. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ diff --git a/subtemplate-src/admin-customDNSTemplate.md b/subtemplate-src/admin-customDNSTemplate.md index 13354495c..e5f8ac1cf 100644 --- a/subtemplate-src/admin-customDNSTemplate.md +++ b/subtemplate-src/admin-customDNSTemplate.md @@ -17,7 +17,7 @@ This page documents how to configure an existing deployment of {{ site.data.var. ### WebLogic Server Instance -The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). +The DNS Configuration ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). ### Registered Domain Name @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have performed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com @@ -49,15 +49,6 @@ Address: 2603:1061::1 We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. -### Azure Managed Indentify - -If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. - -Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. - -To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. - - ## Prepare the Parameters We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. @@ -70,7 +61,6 @@ We provide an automation shell script for DNS configuration. You must specify th | `--resource-group` | Required. Name of resource group that has an {{ site.data.var.wlsFullBrandName }} cluster deployed. | | `--location ` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name ` | Required. Azure DNS Zone name. | -| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| | `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | | `--help` | Help. | @@ -96,7 +86,7 @@ To configure a DNS alias on an existing Azure DNS Zone, in addition to the requi This is an example to create a DNS alias `admin.contoso.com` for the admin console in an existing Azure DNS Zone. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ @@ -104,7 +94,6 @@ $ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data --artifact-location {{ armTemplateBasePath }} \ --location eastus \ --zone-name contoso.com \ - --identity-id `yourIndentityID` \ --zone-resource-group `yourDNSZoneResourceGroup` ``` @@ -128,7 +117,7 @@ To configure a DNS alias on a new Azure DNS Zone, you must specify the required This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ diff --git a/subtemplate-src/cluster-customDNSTemplate.md b/subtemplate-src/cluster-customDNSTemplate.md index 0db025c79..5e6f6a84a 100644 --- a/subtemplate-src/cluster-customDNSTemplate.md +++ b/subtemplate-src/cluster-customDNSTemplate.md @@ -17,7 +17,7 @@ This page documents how to configure an existing deployment of {{ site.data.var. ### WebLogic Server Instance -The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). +The DNS Configuration ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). ### Registered Domain Name @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have performed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com @@ -49,15 +49,6 @@ Address: 2603:1061::1 We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. -### Azure Managed Indentify - -If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. - -Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. - -To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. - - ## Prepare the Parameters We provide an automation shell script for DNS configuration. You must specify the information of the existing Oracle WebLogic Server. This section shows how to obtain the values for the following required properties. @@ -71,7 +62,6 @@ We provide an automation shell script for DNS configuration. You must specify th | `--location ` | Required. Must be the same region into which the server was initially deployed. | | `--zone-name ` | Required. Azure DNS Zone name. | | `--gateway-label` | Optional. Label for applciation gateway. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| -| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| | `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | | `--help` | Help. | @@ -97,7 +87,7 @@ To configure a DNS alias on an existing Azure DNS Zone, in addition to the requi This is an example to create a DNS alias `admin.contoso.com` for the admin console and `applciations.contoso.com` for the application gateway on an existing Azure DNS Zone. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ @@ -106,7 +96,6 @@ $ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data --location eastus \ --zone-name contoso.com \ --gateway-label applications \ - --identity-id `yourIndentityID` \ --zone-resource-group `yourDNSZoneResourceGroup` ``` @@ -133,7 +122,7 @@ To configure a DNS alias on a new Azure DNS Zone, you must specify the required This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console and `applications.contoso.com` for application gateway. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ diff --git a/subtemplate-src/dynamic-cluster-customDNSTemplate.md b/subtemplate-src/dynamic-cluster-customDNSTemplate.md index ad7a7db4a..a4ee6364d 100644 --- a/subtemplate-src/dynamic-cluster-customDNSTemplate.md +++ b/subtemplate-src/dynamic-cluster-customDNSTemplate.md @@ -17,7 +17,7 @@ This page documents how to configure an existing deployment of {{ site.data.var. ### WebLogic Server Instance -The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). +The DNS Configuration ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). ### Registered Domain Name @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have performed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com @@ -49,14 +49,6 @@ Address: 2603:1061::1 We strongly recommand you create an Azure DNS Zone for domain management and reuse it for other perpose. Follow the [guide](https://docs.microsoft.com/en-us/azure/dns/dns-getstarted-portal) to create an Azure DNS Zone. -### Azure Managed Indentify - -If you are going to configure DNS alias based on an existing DNS Zone, you are required to input the ID of a user-assigned managed identity. - -Follow this [guide](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal) to create a user-assigned managed identity. - -To obtain ID of the indentify: go to Azure Portal; open the identity **Overview** page; click **JSON View** and copy the **Resource ID**. - ## Prepare the Parameters @@ -72,7 +64,6 @@ We provide an automation shell script for DNS configuration. You must specify th | `--zone-name` | Required. Azure DNS Zone name. | | `--ohs-vm-name` | Optional. Specify name of the VM that hosts the Oracle HTTP Server Load Balancer. | | `--loadbalancer-label` | Optional. Label for Load Balancer. Used to generate subdomain of application gateway. The parameter is only required if you want to create DNS alias for application gateway.| -| `--identity-id` | Optional. ID of Azure user-assigned managed identity. The parameter is only required if you are creating DNS alias on an existing DNS Zone.| | `--zone-resource-group` | Optional. Name of resource group that has Azure DNS Zone deployed. The parameter is only required if you are creating DNS alias on an existing DNS Zone. | | `--help` | Help. | @@ -98,7 +89,7 @@ To configure a DNS alias on an existing Azure DNS Zone, in addition to the requi This is an example to create a DNS alias `admin.contoso.com` for the admin console and `applciations.contoso.com` for the application gateway on an existing Azure DNS Zone. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ @@ -108,7 +99,6 @@ $ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data --zone-name contoso.com \ --ohs-vm-name ohsVM \ --loadbalancer-label applications \ - --identity-id `yourIndentityID` \ --zone-resource-group `yourDNSZoneResourceGroup` ``` @@ -135,7 +125,7 @@ To configure a DNS alias on a new Azure DNS Zone, you must specify the required This is an example of creating an Azure DNS Zone, then creating a DNS alias `admin.contoso.com` for the admin console and `applications.contoso.com` for application gateway. ```bash -$ curl -fsSL {{ site.data.var.artifactsLocationBase }}{{ pageDir }}/{{ site.data.var.artifactsLocationTag }}/cli-scripts/custom-dns-alias-cli.sh \ +$ curl -fsSL {{ site.data.var.artifactsLocationBase }}/{{ site.data.var.artifactsLocationTag }}/{{site.data.var.artifactsLocationSubPathForVM}}{{ pageDir }}/cli-scripts/custom-dns-alias-cli.sh \ | /bin/bash -s -- \ --resource-group `yourResourceGroup` \ --admin-vm-name adminVM \ diff --git a/subtemplate-src/dynamic-customDNSTemplate.md b/subtemplate-src/dynamic-customDNSTemplate.md index ad7a7db4a..0a06c7d23 100644 --- a/subtemplate-src/dynamic-customDNSTemplate.md +++ b/subtemplate-src/dynamic-customDNSTemplate.md @@ -17,7 +17,7 @@ This page documents how to configure an existing deployment of {{ site.data.var. ### WebLogic Server Instance -The DNS Configuraton ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). +The DNS Configuration ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). ### Registered Domain Name @@ -25,7 +25,7 @@ You need to buy a domain name to create a custom DNS alias. ### Azure DNS Zone -If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have perfomed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. +If you create the DNS alias on an existing [Azure DNS Zone](https://docs.microsoft.com/en-us/azure/dns/dns-overview), make sure you have performed the [Azure DNS Delegation](https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation). After you have completed the delegation, you can verify it with `nslookup`. For example, assuming your domain name is **contoso.com**, this output shows a correct delegation. ```bash $ nslookup -type=SOA contoso.com From 5d39d5b02e4e9e9520d9985e494d5437d1c64d09 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Tue, 20 Sep 2022 18:18:12 -0400 Subject: [PATCH 37/42] Update var.yml --- _data/var.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_data/var.yml b/_data/var.yml index a144454fe..1bb5cf49a 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-09-19-1-Q3 +artifactsLocationTag: 2022-09-21-1-Q3 From 1ccc33e526686df6ee16fca9da0abc65084c530e Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Wed, 16 Nov 2022 07:18:16 +0800 Subject: [PATCH 38/42] update parameter name of "vmSize" (#216) --- _data/var.yml | 2 +- cluster/addnode-coherence.md | 6 +++--- cluster/addnode.md | 4 ++-- dynamic-cluster/addnode-coherence.md | 6 +++--- dynamic-cluster/addnode.md | 4 ++-- subtemplate-src/addnode-coherence.md | 6 +++--- subtemplate-src/cluster-addnode.md | 4 ++-- subtemplate-src/dynamic-cluster-addnode.md | 4 ++-- 8 files changed, 18 insertions(+), 18 deletions(-) diff --git a/_data/var.yml b/_data/var.yml index 1bb5cf49a..0d2496f16 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-09-21-1-Q3 +artifactsLocationTag: 2022-11-04-1-Q4 diff --git a/cluster/addnode-coherence.md b/cluster/addnode-coherence.md index 3991ab6a7..f208cade4 100644 --- a/cluster/addnode-coherence.md +++ b/cluster/addnode-coherence.md @@ -114,7 +114,7 @@ You must construct a parameters JSON file containing the parameters to `addnode- The name of an existing storage account. - vmSizeSelectForCoherence + vmSize Select appropriate VM Size for Coherence cache servers. @@ -194,7 +194,7 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor #### Example Parameters JSON -Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSizeSelectForCoherence` as default value. +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSize` as default value. {{ site.data.var.passwordInFileNote }} @@ -453,7 +453,7 @@ This is an example output of successful deployment. Look for `"provisioningStat "type": "Bool", "value": false }, - "vmSizeSelectForCoherence": { + "vmSize": { "type": "String", "value": "Standard_A1" }, diff --git a/cluster/addnode.md b/cluster/addnode.md index 94a8bb734..9cd7189ac 100644 --- a/cluster/addnode.md +++ b/cluster/addnode.md @@ -287,7 +287,7 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor #### Example Parameters JSON -Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. +Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSize` as default value. {{ site.data.var.passwordInFileNote }} @@ -571,7 +571,7 @@ This is an example output of successful deployment. Look for `"provisioningStat "type": "Bool", "value": false }, - "vmSizeSelect": { + "vmSize": { "type": "String", "value": "Standard_A3" }, diff --git a/dynamic-cluster/addnode-coherence.md b/dynamic-cluster/addnode-coherence.md index 3991ab6a7..f208cade4 100644 --- a/dynamic-cluster/addnode-coherence.md +++ b/dynamic-cluster/addnode-coherence.md @@ -114,7 +114,7 @@ You must construct a parameters JSON file containing the parameters to `addnode- The name of an existing storage account. - vmSizeSelectForCoherence + vmSize Select appropriate VM Size for Coherence cache servers. @@ -194,7 +194,7 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor #### Example Parameters JSON -Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSizeSelectForCoherence` as default value. +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSize` as default value. {{ site.data.var.passwordInFileNote }} @@ -453,7 +453,7 @@ This is an example output of successful deployment. Look for `"provisioningStat "type": "Bool", "value": false }, - "vmSizeSelectForCoherence": { + "vmSize": { "type": "String", "value": "Standard_A1" }, diff --git a/dynamic-cluster/addnode.md b/dynamic-cluster/addnode.md index 53201615c..955dca579 100644 --- a/dynamic-cluster/addnode.md +++ b/dynamic-cluster/addnode.md @@ -243,7 +243,7 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor #### Example Parameters JSON -Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. +Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSize` as default value. {{ site.data.var.passwordInFileNote }} @@ -519,7 +519,7 @@ This is an example output of successful deployment. Look for `"provisioningStat "type": "Bool", "value": false }, - "vmSizeSelect": { + "vmSize": { "type": "String", "value": "Standard_A3" }, diff --git a/subtemplate-src/addnode-coherence.md b/subtemplate-src/addnode-coherence.md index 3991ab6a7..f208cade4 100644 --- a/subtemplate-src/addnode-coherence.md +++ b/subtemplate-src/addnode-coherence.md @@ -114,7 +114,7 @@ You must construct a parameters JSON file containing the parameters to `addnode- The name of an existing storage account. - vmSizeSelectForCoherence + vmSize Select appropriate VM Size for Coherence cache servers. @@ -194,7 +194,7 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor #### Example Parameters JSON -Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSizeSelectForCoherence` as default value. +Here is a fully filled out parameters file. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `usePreviewImage` and `vmSize` as default value. {{ site.data.var.passwordInFileNote }} @@ -453,7 +453,7 @@ This is an example output of successful deployment. Look for `"provisioningStat "type": "Bool", "value": false }, - "vmSizeSelectForCoherence": { + "vmSize": { "type": "String", "value": "Standard_A1" }, diff --git a/subtemplate-src/cluster-addnode.md b/subtemplate-src/cluster-addnode.md index 94a8bb734..9cd7189ac 100644 --- a/subtemplate-src/cluster-addnode.md +++ b/subtemplate-src/cluster-addnode.md @@ -287,7 +287,7 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor #### Example Parameters JSON -Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. +Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSize` as default value. {{ site.data.var.passwordInFileNote }} @@ -571,7 +571,7 @@ This is an example output of successful deployment. Look for `"provisioningStat "type": "Bool", "value": false }, - "vmSizeSelect": { + "vmSize": { "type": "String", "value": "Standard_A3" }, diff --git a/subtemplate-src/dynamic-cluster-addnode.md b/subtemplate-src/dynamic-cluster-addnode.md index 53201615c..955dca579 100644 --- a/subtemplate-src/dynamic-cluster-addnode.md +++ b/subtemplate-src/dynamic-cluster-addnode.md @@ -243,7 +243,7 @@ $ az resource list -g 'yourResourceGroup' --resource-type Microsoft.Storage/stor #### Example Parameters JSON -Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSizeSelect` as default value. +Here is a fully filled out parameters file, with Azure Active Directory enabled. We will leave values of `adminUsername`, `authenticationType`, `dnsLabelPrefix`, `managedServerPrefix`, `skuUrnVersion`, `usePreviewImage` and `vmSize` as default value. {{ site.data.var.passwordInFileNote }} @@ -519,7 +519,7 @@ This is an example output of successful deployment. Look for `"provisioningStat "type": "Bool", "value": false }, - "vmSizeSelect": { + "vmSize": { "type": "String", "value": "Standard_A3" }, From 8647711d296925b78f8fc790e618bf3ed5bed59f Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Thu, 1 Dec 2022 03:16:12 +0800 Subject: [PATCH 39/42] Update cluster/dbTemplate for passwordless support. (#223) update tag MySQL modified: Makefile modified: _data/var.yml modified: cluster/dbTemplate.md new file: subtemplate-src/cluster-dbTemplate.md --- Makefile | 2 +- _data/var.yml | 2 +- cluster/dbTemplate.md | 46 +++- subtemplate-src/cluster-dbTemplate.md | 322 ++++++++++++++++++++++++++ 4 files changed, 366 insertions(+), 6 deletions(-) create mode 100644 subtemplate-src/cluster-dbTemplate.md diff --git a/Makefile b/Makefile index 9285ecef4..5143ae2ff 100644 --- a/Makefile +++ b/Makefile @@ -17,7 +17,7 @@ all: cp subtemplate-src/coherenceTemplate.md cluster/coherenceTemplate.md cp subtemplate-src/coherenceTemplate.md dynamic-cluster/coherenceTemplate.md cp subtemplate-src/dbTemplate.md admin - cp subtemplate-src/dbTemplate.md cluster + cp subtemplate-src/cluster-dbTemplate.md cluster/dbTemplate.md cp subtemplate-src/dbTemplate.md dynamic-cluster cp subtemplate-src/dynamic-cluster-aadNestedTemplate.md dynamic-cluster/aadNestedTemplate.md cp subtemplate-src/dynamic-cluster-addnode.md dynamic-cluster/addnode.md diff --git a/_data/var.yml b/_data/var.yml index 0d2496f16..a69168b52 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-11-04-1-Q4 +artifactsLocationTag: 2022-12-01-2-Q4 diff --git a/cluster/dbTemplate.md b/cluster/dbTemplate.md index 5d967936b..e224a232c 100644 --- a/cluster/dbTemplate.md +++ b/cluster/dbTemplate.md @@ -23,9 +23,15 @@ The database ARM template will be applied to an existing {{ site.data.var.wlsFul To apply configure a database with {{ site.data.var.wlsFullBrandName }}, you must have an existing database instance to use. This template -supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) and [MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal). If you do not have an instance, please create one from the Azure portal. +### Connect database with Managed Identity + +The template supports to connect [Azure Database for MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal) with Managed Identity. + +You can follow [Creating a MySQL user for your Managed Identity](https://learn.microsoft.com/en-us/azure/mysql/single-server/how-to-connect-with-managed-identity#creating-a-mysql-user-for-your-managed-identity) to create a database user for your Managed Identity in MySQL instance. Once you finish that, you are able to connect the database without password. + ### Apply multiple databases You can deploy different databases using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. @@ -47,13 +53,18 @@ You must construct a parameters JSON file containing the parameters to the datab |----------------|-------------| | `_artifactsLocation`| See below for details. | | `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | -| `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `databaseType`| Must be one of `postgresql`, `oracle`, `sqlserver` and `mysql` | | `dbGlobalTranPro` | Determines the transaction protocol (global transaction processing behavior) for the data source. Must be one of `TwoPhaseCommit`, `LoggingLastResource`, `EmulateTwoPhaseCommit`, `OnePhaseCommit` or `None`. | -| `dbPassword`| See below for details. | +| `dbIdentity` | See below for details. You must provide this value if `enablePswlessConnection` is `true`.| +| `dbPassword`| See below for details. You don't need to input this value if `enablePswlessConnection` is `false`.| | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | +| `enablePswlessConnection` | True to enable passwordless datasource connection. Default value is `false`.| | `jdbcDataSourceName`| Must be the JNDI name for the JDBC data source. | | `location` | Must be the same region into which the server was initially deployed. | +| `managedServerPrefix` | Must be the same value provided at deployment time. | +| `numberOfManagedApplicationInstances` | Numbers of managed servers. Must be the same value provided at deployment time. | +| `wlsDomainName` | Must be the same value provided at deployment time. | | `wlsPassword` | Must be the same value provided at deployment time. | | `wlsUserName` | Must be the same value provided at deployment time. | @@ -71,9 +82,34 @@ The parameter `dsConnectionURL` stands for JDBC connection string. The connectio {% include sub-template-datasource-connection-url.md %} +### Obtain the Managed Identity + +The parameter `dbIdentity` stands for Managed Identity that can connect to database. + +Firstly, obtain Managed Identity Id with command: + +```bash +resourceID=$(az identity show --resource-group myResourceGroup --name myManagedIdentity --query id --output tsv) +``` + +The value muse be the following: + +```json +{ + "dbIdentity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "${resourceID}": {} + } + } + } +} +``` + #### Example Parameters JSON -Here is a fully filled out parameters file. Note that we did not include `adminVMName`. +Here is a fully filled out parameters file. Note that we keep default value for `adminVMName`, `managedServerPrefix`, `numberOfManagedApplicationInstances` and `wlsDomainName`. {{ site.data.var.passwordInFileNote }} @@ -113,6 +149,8 @@ Here is a fully filled out parameters file. Note that we did not include `admi } ``` + + ## Invoke the ARM template Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. diff --git a/subtemplate-src/cluster-dbTemplate.md b/subtemplate-src/cluster-dbTemplate.md new file mode 100644 index 000000000..e224a232c --- /dev/null +++ b/subtemplate-src/cluster-dbTemplate.md @@ -0,0 +1,322 @@ + + +{% include variables.md %} + +# Apply Database ARM Template to {{ site.data.var.wlsFullBrandName }} + +This page documents how to configure an existing deployment of {{ site.data.var.wlsFullBrandName }} with an existing Azure database using Azure CLI. + +## Prerequisites + +### Environment for Setup + +* [Azure CLI](https://docs.microsoft.com/en-us/cli/azure), use `az --version` to test if `az` works. + +### WebLogic Server Instance + +The database ARM template will be applied to an existing {{ site.data.var.wlsFullBrandName }} instance. If you don't have one, please create a new instance from the Azure portal, by following the link to the offer [in the index](index.md). + +### Database Instance + +To apply configure a database with {{ site.data.var.wlsFullBrandName }}, +you must have an existing database instance to use. This template +supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) and [MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal). If you do not have an instance, please +create one from the Azure portal. + +### Connect database with Managed Identity + +The template supports to connect [Azure Database for MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal) with Managed Identity. + +You can follow [Creating a MySQL user for your Managed Identity](https://learn.microsoft.com/en-us/azure/mysql/single-server/how-to-connect-with-managed-identity#creating-a-mysql-user-for-your-managed-identity) to create a database user for your Managed Identity in MySQL instance. Once you finish that, you are able to connect the database without password. + +### Apply multiple databases + +You can deploy different databases using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. + +To apply multiple databases, you have to remove the previous virtual machine extension. Last ARM parameters file is cached, it will block you from configuring the new database. + +Use the following command to remove virtual machine extension: + +```bash +# remove existing vm extension +az vm extension delete -g ${yourResourceGroup} --vm-name ${adminVMName} --name newuserscript +``` + +## Prepare the Parameters JSON file + +You must construct a parameters JSON file containing the parameters to the database ARM template. See [Create Resource Manager parameter file](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/parameter-files) for background information about parameter files. We must specify the information of the existing {{ site.data.var.wlsFullBrandName }} and database instance. This section shows how to obtain the values for the following required properties. + +| Parameter Name | Explanation | +|----------------|-------------| +| `_artifactsLocation`| See below for details. | +| `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | +| `databaseType`| Must be one of `postgresql`, `oracle`, `sqlserver` and `mysql` | +| `dbGlobalTranPro` | Determines the transaction protocol (global transaction processing behavior) for the data source. Must be one of `TwoPhaseCommit`, `LoggingLastResource`, `EmulateTwoPhaseCommit`, `OnePhaseCommit` or `None`. | +| `dbIdentity` | See below for details. You must provide this value if `enablePswlessConnection` is `true`.| +| `dbPassword`| See below for details. You don't need to input this value if `enablePswlessConnection` is `false`.| +| `dbUser` | See below for details. | +| `dsConnectionURL`| See below for details. | +| `enablePswlessConnection` | True to enable passwordless datasource connection. Default value is `false`.| +| `jdbcDataSourceName`| Must be the JNDI name for the JDBC data source. | +| `location` | Must be the same region into which the server was initially deployed. | +| `managedServerPrefix` | Must be the same value provided at deployment time. | +| `numberOfManagedApplicationInstances` | Numbers of managed servers. Must be the same value provided at deployment time. | +| `wlsDomainName` | Must be the same value provided at deployment time. | +| `wlsPassword` | Must be the same value provided at deployment time. | +| `wlsUserName` | Must be the same value provided at deployment time. | + +### `_artifactsLocation` + +This value must be the following. + +```bash +{{ armTemplateBasePath }} +``` + +### Obtain the JDBC Connection String, Database User, and Database Password + +The parameter `dsConnectionURL` stands for JDBC connection string. The connection string is database specific. + +{% include sub-template-datasource-connection-url.md %} + +### Obtain the Managed Identity + +The parameter `dbIdentity` stands for Managed Identity that can connect to database. + +Firstly, obtain Managed Identity Id with command: + +```bash +resourceID=$(az identity show --resource-group myResourceGroup --name myManagedIdentity --query id --output tsv) +``` + +The value muse be the following: + +```json +{ + "dbIdentity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "${resourceID}": {} + } + } + } +} +``` + +#### Example Parameters JSON + +Here is a fully filled out parameters file. Note that we keep default value for `adminVMName`, `managedServerPrefix`, `numberOfManagedApplicationInstances` and `wlsDomainName`. + +{{ site.data.var.passwordInFileNote }} + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation":{ + "value": "{{ armTemplateBasePath }}" + }, + "location": { + "value": "eastus" + }, + "databaseType": { + "value": "postgresql" + }, + "dsConnectionURL": { + "value": "jdbc:postgresql://ejb060801p.postgres.database.azure.com:5432/postgres?sslmode=require" + }, + "dbPassword": { + "value": "Secret123!" + }, + "dbUser": { + "value": "postgres@ejb060801p" + }, + "jdbcDataSourceName": { + "value": "jdbc/ejb060801p" + }, + "wlsPassword": { + "value": "welcome1" + }, + "wlsUserName": { + "value": "weblogic" + } + } +} +``` + + + +## Invoke the ARM template + +Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. + +### First, validate your parameters file + +The `az group deployment validate` command is very useful to validate your parameters file is syntactically correct. + +```bash +az group deployment validate --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +If the command returns with an exit status other than `0`, inspect the output and resolve the problem before proceeding. You can check the exit status by executing the commad `echo $?` immediately after the `az` command. + +### Next, execute the template + +After successfully validating the template invocation, change `validate` to `create` to invoke the template. + +```bash +az group deployment create --verbose --resource-group `yourResourceGroup` --parameters @parameters.json --template-uri {{ armTemplateBasePath }}nestedtemplates/dbTemplate.json +``` + +As with the validate command, if the command returns with an exit status other than `0`, inspect the output and resolve the problem. + +This is an example output of successful deployment. Look for `"provisioningState": "Succeeded"` in your output. + +```json +{ + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Resources/deployments/db", + "location": null, + "name": "db", + "properties": { + "correlationId": "6fc805b9-1c47-4b32-b9b0-59745a21e559", + "debugSetting": null, + "dependencies": [ + { + "dependsOn": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-0602", + "resourceName": "adminVM/newuserscript", + "resourceType": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Resources/deployments/3b35b279-0e94-5264-85f5-0d9d662f8a38", + "resourceGroup": "oraclevm-admin-0602", + "resourceName": "3b35b279-0e94-5264-85f5-0d9d662f8a38", + "resourceType": "Microsoft.Resources/deployments" + } + ], + "duration": "PT17.4377546S", + "mode": "Incremental", + "onErrorDeployment": null, + "outputResources": [ + { + "id": "/subscriptions/05887623-95c5-4e50-a71c-6e1c738794e2/resourceGroups/oraclevm-admin-0602/providers/Microsoft.Compute/virtualMachines/adminVM/extensions/newuserscript", + "resourceGroup": "oraclevm-admin-0602" + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + }, + "parameters": { + "_artifactsLocation": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + }, + "_artifactsLocationDbTemplate": { + "type": "String", + "value": "{{ armTemplateBasePath }}" + } + "adminVMName": { + "type": "String", + "value": "adminVM" + }, + "databaseType": { + "type": "String", + "value": "postgresql" + }, + "dbPassword": { + "type": "SecureString" + }, + "dbUser": { + "type": "String", + "value": "weblogic@oraclevm" + }, + "dsConnectionURL": { + "type": "String", + "value": "jdbc:postgresql://oraclevm.postgres.database.azure.com:5432/postgres" + }, + "jdbcDataSourceName": { + "type": "String", + "value": "jdbc/WebLogicCafeDB" + }, + "location": { + "type": "String", + "value": "eastus" + }, + "wlsPassword": { + "type": "SecureString" + }, + "wlsUserName": { + "type": "String", + "value": "weblogic" + } + }, + "parametersLink": null, + "providers": [ + { + "id": null, + "namespace": "Microsoft.Resources", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + null + ], + "properties": null, + "resourceType": "deployments" + } + ] + }, + { + "id": null, + "namespace": "Microsoft.Compute", + "registrationPolicy": null, + "registrationState": null, + "resourceTypes": [ + { + "aliases": null, + "apiVersions": null, + "capabilities": null, + "locations": [ + "eastus" + ], + "properties": null, + "resourceType": "virtualMachines/extensions" + } + ] + } + ], + "provisioningState": "Succeeded", + "template": null, + "templateHash": "6381424766408193665", + "templateLink": null, + "timestamp": "2020-06-02T06:05:03.141828+00:00" + }, + "resourceGroup": "oraclevm-admin-0602", + "type": "Microsoft.Resources/deployments" +} +``` + +## Verify Database Connection + +Follow the steps to check if the database has successfully been connected. + +* Visit the {{ site.data.var.wlsFullBrandName }} Admin console. +* In the left navigation pane, expand the **Services** tree node and the **DataSources** child node. +* Select the row for the JDBC database name, for example `jdbc/WebLogicDB`. +* Select the **Monitoring** tab and the **Testing** sub-tab. +* Select `admin` and select **Test Data Source** +* If the database is enabled, you will see a message similar to "Test of jdbc/WebLogicDB on server admin was successful." From 658a400f38905faacb034d908b2928503c19c857 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Thu, 22 Dec 2022 23:55:21 +0800 Subject: [PATCH 40/42] update gh-pages for pswless PostgreSQL support. (#231) --- Makefile | 4 +-- _data/var.yml | 2 +- _includes/sub-template-connect-db-with-msi.md | 7 ++++ _includes/sub-template-obtain-msi.md | 24 +++++++++++++ admin/dbTemplate.md | 18 +++++++--- cluster/dbTemplate.md | 31 ++-------------- dynamic-cluster/dbTemplate.md | 19 +++++++--- ...ster-dbTemplate.md => admin-dbTemplate.md} | 36 +++---------------- subtemplate-src/dbTemplate.md | 19 +++++++--- 9 files changed, 84 insertions(+), 76 deletions(-) create mode 100644 _includes/sub-template-connect-db-with-msi.md create mode 100644 _includes/sub-template-obtain-msi.md rename subtemplate-src/{cluster-dbTemplate.md => admin-dbTemplate.md} (88%) diff --git a/Makefile b/Makefile index 5143ae2ff..f1e324825 100644 --- a/Makefile +++ b/Makefile @@ -16,8 +16,8 @@ all: cp subtemplate-src/cluster-nsgRulesTemplate.md cluster/nsgRulesTemplate.md cp subtemplate-src/coherenceTemplate.md cluster/coherenceTemplate.md cp subtemplate-src/coherenceTemplate.md dynamic-cluster/coherenceTemplate.md - cp subtemplate-src/dbTemplate.md admin - cp subtemplate-src/cluster-dbTemplate.md cluster/dbTemplate.md + cp subtemplate-src/admin-dbTemplate.md admin/dbTemplate.md + cp subtemplate-src/dbTemplate.md cluster cp subtemplate-src/dbTemplate.md dynamic-cluster cp subtemplate-src/dynamic-cluster-aadNestedTemplate.md dynamic-cluster/aadNestedTemplate.md cp subtemplate-src/dynamic-cluster-addnode.md dynamic-cluster/addnode.md diff --git a/_data/var.yml b/_data/var.yml index a69168b52..9375ba17d 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-12-01-2-Q4 +artifactsLocationTag: 2022-12-30-3-Q4 diff --git a/_includes/sub-template-connect-db-with-msi.md b/_includes/sub-template-connect-db-with-msi.md new file mode 100644 index 000000000..c34544984 --- /dev/null +++ b/_includes/sub-template-connect-db-with-msi.md @@ -0,0 +1,7 @@ +### Connect database with Managed Identity + +The template supports to connect [Azure Database for MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) with Managed Identity. + +You can follow [Creating a MySQL user for your Managed Identity](https://learn.microsoft.com/en-us/azure/mysql/single-server/how-to-connect-with-managed-identity#creating-a-mysql-user-for-your-managed-identity) to create a database user for your Managed Identity in MySQL instance. Once you finish that, you are able to connect the database without password. + +You can follow [Create a PostgreSQL user for your Managed Identity](https://learn.microsoft.com/en-us/azure/postgresql/single-server/how-to-connect-with-managed-identity#creating-a-postgresql-user-for-your-managed-identity) to create a database user for your Managed Identity in PostgreSQL instance. Once you finish that, you are able to connect the database without password. \ No newline at end of file diff --git a/_includes/sub-template-obtain-msi.md b/_includes/sub-template-obtain-msi.md new file mode 100644 index 000000000..53f06556f --- /dev/null +++ b/_includes/sub-template-obtain-msi.md @@ -0,0 +1,24 @@ +### Obtain the Managed Identity + +The parameter `dbIdentity` stands for Managed Identity that can connect to database. + +Firstly, obtain Managed Identity Id with command: + +```bash +resourceID=$(az identity show --resource-group myResourceGroup --name myManagedIdentity --query id --output tsv) +``` + +The value muse be the following: + +```json +{ + "dbIdentity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "${resourceID}": {} + } + } + } +} +``` \ No newline at end of file diff --git a/admin/dbTemplate.md b/admin/dbTemplate.md index 5d967936b..54041387a 100644 --- a/admin/dbTemplate.md +++ b/admin/dbTemplate.md @@ -23,9 +23,11 @@ The database ARM template will be applied to an existing {{ site.data.var.wlsFul To apply configure a database with {{ site.data.var.wlsFullBrandName }}, you must have an existing database instance to use. This template -supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) and [MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal). If you do not have an instance, please create one from the Azure portal. +{% include sub-template-connect-db-with-msi.md %} + ### Apply multiple databases You can deploy different databases using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. @@ -47,13 +49,17 @@ You must construct a parameters JSON file containing the parameters to the datab |----------------|-------------| | `_artifactsLocation`| See below for details. | | `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | -| `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `databaseType`| Must be one of `postgresql`, `oracle`, `sqlserver` and `mysql` | +| `dbIdentity` | See below for details. You must provide this value if `enablePswlessConnection` is `true`.| | `dbGlobalTranPro` | Determines the transaction protocol (global transaction processing behavior) for the data source. Must be one of `TwoPhaseCommit`, `LoggingLastResource`, `EmulateTwoPhaseCommit`, `OnePhaseCommit` or `None`. | -| `dbPassword`| See below for details. | +| `dbIdentity` | See below for details. You must provide this value if `enablePswlessConnection` is `true`.| +| `dbPassword`| See below for details. You don't need to input this value if `enablePswlessConnection` is `false`.| | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | +| `enablePswlessConnection` | True to enable passwordless datasource connection. Default value is `false`.| | `jdbcDataSourceName`| Must be the JNDI name for the JDBC data source. | | `location` | Must be the same region into which the server was initially deployed. | +| `wlsDomainName` | Must be the same value provided at deployment time. | | `wlsPassword` | Must be the same value provided at deployment time. | | `wlsUserName` | Must be the same value provided at deployment time. | @@ -71,9 +77,11 @@ The parameter `dsConnectionURL` stands for JDBC connection string. The connectio {% include sub-template-datasource-connection-url.md %} +{% include sub-template-obtain-msi.md%} + #### Example Parameters JSON -Here is a fully filled out parameters file. Note that we did not include `adminVMName`. +Here is a fully filled out parameters file. Note that we keep default value for `adminVMName` and `wlsDomainName`. {{ site.data.var.passwordInFileNote }} @@ -113,6 +121,8 @@ Here is a fully filled out parameters file. Note that we did not include `admi } ``` + + ## Invoke the ARM template Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. diff --git a/cluster/dbTemplate.md b/cluster/dbTemplate.md index e224a232c..ea0775c1a 100644 --- a/cluster/dbTemplate.md +++ b/cluster/dbTemplate.md @@ -26,11 +26,7 @@ you must have an existing database instance to use. This template supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) and [MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal). If you do not have an instance, please create one from the Azure portal. -### Connect database with Managed Identity - -The template supports to connect [Azure Database for MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal) with Managed Identity. - -You can follow [Creating a MySQL user for your Managed Identity](https://learn.microsoft.com/en-us/azure/mysql/single-server/how-to-connect-with-managed-identity#creating-a-mysql-user-for-your-managed-identity) to create a database user for your Managed Identity in MySQL instance. Once you finish that, you are able to connect the database without password. +{% include sub-template-connect-db-with-msi.md %} ### Apply multiple databases @@ -82,30 +78,7 @@ The parameter `dsConnectionURL` stands for JDBC connection string. The connectio {% include sub-template-datasource-connection-url.md %} -### Obtain the Managed Identity - -The parameter `dbIdentity` stands for Managed Identity that can connect to database. - -Firstly, obtain Managed Identity Id with command: - -```bash -resourceID=$(az identity show --resource-group myResourceGroup --name myManagedIdentity --query id --output tsv) -``` - -The value muse be the following: - -```json -{ - "dbIdentity": { - "value": { - "type": "UserAssigned", - "userAssignedIdentities": { - "${resourceID}": {} - } - } - } -} -``` +{% include sub-template-obtain-msi.md%} #### Example Parameters JSON diff --git a/dynamic-cluster/dbTemplate.md b/dynamic-cluster/dbTemplate.md index 5d967936b..ea0775c1a 100644 --- a/dynamic-cluster/dbTemplate.md +++ b/dynamic-cluster/dbTemplate.md @@ -23,9 +23,11 @@ The database ARM template will be applied to an existing {{ site.data.var.wlsFul To apply configure a database with {{ site.data.var.wlsFullBrandName }}, you must have an existing database instance to use. This template -supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) and [MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal). If you do not have an instance, please create one from the Azure portal. +{% include sub-template-connect-db-with-msi.md %} + ### Apply multiple databases You can deploy different databases using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. @@ -47,13 +49,18 @@ You must construct a parameters JSON file containing the parameters to the datab |----------------|-------------| | `_artifactsLocation`| See below for details. | | `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | -| `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `databaseType`| Must be one of `postgresql`, `oracle`, `sqlserver` and `mysql` | | `dbGlobalTranPro` | Determines the transaction protocol (global transaction processing behavior) for the data source. Must be one of `TwoPhaseCommit`, `LoggingLastResource`, `EmulateTwoPhaseCommit`, `OnePhaseCommit` or `None`. | -| `dbPassword`| See below for details. | +| `dbIdentity` | See below for details. You must provide this value if `enablePswlessConnection` is `true`.| +| `dbPassword`| See below for details. You don't need to input this value if `enablePswlessConnection` is `false`.| | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | +| `enablePswlessConnection` | True to enable passwordless datasource connection. Default value is `false`.| | `jdbcDataSourceName`| Must be the JNDI name for the JDBC data source. | | `location` | Must be the same region into which the server was initially deployed. | +| `managedServerPrefix` | Must be the same value provided at deployment time. | +| `numberOfManagedApplicationInstances` | Numbers of managed servers. Must be the same value provided at deployment time. | +| `wlsDomainName` | Must be the same value provided at deployment time. | | `wlsPassword` | Must be the same value provided at deployment time. | | `wlsUserName` | Must be the same value provided at deployment time. | @@ -71,9 +78,11 @@ The parameter `dsConnectionURL` stands for JDBC connection string. The connectio {% include sub-template-datasource-connection-url.md %} +{% include sub-template-obtain-msi.md%} + #### Example Parameters JSON -Here is a fully filled out parameters file. Note that we did not include `adminVMName`. +Here is a fully filled out parameters file. Note that we keep default value for `adminVMName`, `managedServerPrefix`, `numberOfManagedApplicationInstances` and `wlsDomainName`. {{ site.data.var.passwordInFileNote }} @@ -113,6 +122,8 @@ Here is a fully filled out parameters file. Note that we did not include `admi } ``` + + ## Invoke the ARM template Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. diff --git a/subtemplate-src/cluster-dbTemplate.md b/subtemplate-src/admin-dbTemplate.md similarity index 88% rename from subtemplate-src/cluster-dbTemplate.md rename to subtemplate-src/admin-dbTemplate.md index e224a232c..54041387a 100644 --- a/subtemplate-src/cluster-dbTemplate.md +++ b/subtemplate-src/admin-dbTemplate.md @@ -26,11 +26,7 @@ you must have an existing database instance to use. This template supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) and [MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal). If you do not have an instance, please create one from the Azure portal. -### Connect database with Managed Identity - -The template supports to connect [Azure Database for MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal) with Managed Identity. - -You can follow [Creating a MySQL user for your Managed Identity](https://learn.microsoft.com/en-us/azure/mysql/single-server/how-to-connect-with-managed-identity#creating-a-mysql-user-for-your-managed-identity) to create a database user for your Managed Identity in MySQL instance. Once you finish that, you are able to connect the database without password. +{% include sub-template-connect-db-with-msi.md %} ### Apply multiple databases @@ -54,6 +50,7 @@ You must construct a parameters JSON file containing the parameters to the datab | `_artifactsLocation`| See below for details. | | `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | | `databaseType`| Must be one of `postgresql`, `oracle`, `sqlserver` and `mysql` | +| `dbIdentity` | See below for details. You must provide this value if `enablePswlessConnection` is `true`.| | `dbGlobalTranPro` | Determines the transaction protocol (global transaction processing behavior) for the data source. Must be one of `TwoPhaseCommit`, `LoggingLastResource`, `EmulateTwoPhaseCommit`, `OnePhaseCommit` or `None`. | | `dbIdentity` | See below for details. You must provide this value if `enablePswlessConnection` is `true`.| | `dbPassword`| See below for details. You don't need to input this value if `enablePswlessConnection` is `false`.| @@ -62,8 +59,6 @@ You must construct a parameters JSON file containing the parameters to the datab | `enablePswlessConnection` | True to enable passwordless datasource connection. Default value is `false`.| | `jdbcDataSourceName`| Must be the JNDI name for the JDBC data source. | | `location` | Must be the same region into which the server was initially deployed. | -| `managedServerPrefix` | Must be the same value provided at deployment time. | -| `numberOfManagedApplicationInstances` | Numbers of managed servers. Must be the same value provided at deployment time. | | `wlsDomainName` | Must be the same value provided at deployment time. | | `wlsPassword` | Must be the same value provided at deployment time. | | `wlsUserName` | Must be the same value provided at deployment time. | @@ -82,34 +77,11 @@ The parameter `dsConnectionURL` stands for JDBC connection string. The connectio {% include sub-template-datasource-connection-url.md %} -### Obtain the Managed Identity - -The parameter `dbIdentity` stands for Managed Identity that can connect to database. - -Firstly, obtain Managed Identity Id with command: - -```bash -resourceID=$(az identity show --resource-group myResourceGroup --name myManagedIdentity --query id --output tsv) -``` - -The value muse be the following: - -```json -{ - "dbIdentity": { - "value": { - "type": "UserAssigned", - "userAssignedIdentities": { - "${resourceID}": {} - } - } - } -} -``` +{% include sub-template-obtain-msi.md%} #### Example Parameters JSON -Here is a fully filled out parameters file. Note that we keep default value for `adminVMName`, `managedServerPrefix`, `numberOfManagedApplicationInstances` and `wlsDomainName`. +Here is a fully filled out parameters file. Note that we keep default value for `adminVMName` and `wlsDomainName`. {{ site.data.var.passwordInFileNote }} diff --git a/subtemplate-src/dbTemplate.md b/subtemplate-src/dbTemplate.md index 5d967936b..ea0775c1a 100644 --- a/subtemplate-src/dbTemplate.md +++ b/subtemplate-src/dbTemplate.md @@ -23,9 +23,11 @@ The database ARM template will be applied to an existing {{ site.data.var.wlsFul To apply configure a database with {{ site.data.var.wlsFullBrandName }}, you must have an existing database instance to use. This template -supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/) and [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal). If you do not have an instance, please +supports three popular Azure databases: [Oracle](https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/oracle%20database), [Azure SQL Server](https://docs.microsoft.com/en-us/azure/azure-sql/), [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?WT.mc_id=gallery&tabs=azure-portal) and [MySQL](https://learn.microsoft.com/en-us/azure/mysql/single-server/quickstart-create-mysql-server-database-using-azure-portal). If you do not have an instance, please create one from the Azure portal. +{% include sub-template-connect-db-with-msi.md %} + ### Apply multiple databases You can deploy different databases using the database ARM template, by changing the ARM parameters file and invoking the template again with Azure CLI. @@ -47,13 +49,18 @@ You must construct a parameters JSON file containing the parameters to the datab |----------------|-------------| | `_artifactsLocation`| See below for details. | | `adminVMName`| At deployment time, if this value was changed from its default value, the value used at deployment time must be used. Otherwise, this parameter should be omitted. | -| `databaseType`| Must be one of `postgresql`, `oracle` or `sqlserver` | +| `databaseType`| Must be one of `postgresql`, `oracle`, `sqlserver` and `mysql` | | `dbGlobalTranPro` | Determines the transaction protocol (global transaction processing behavior) for the data source. Must be one of `TwoPhaseCommit`, `LoggingLastResource`, `EmulateTwoPhaseCommit`, `OnePhaseCommit` or `None`. | -| `dbPassword`| See below for details. | +| `dbIdentity` | See below for details. You must provide this value if `enablePswlessConnection` is `true`.| +| `dbPassword`| See below for details. You don't need to input this value if `enablePswlessConnection` is `false`.| | `dbUser` | See below for details. | | `dsConnectionURL`| See below for details. | +| `enablePswlessConnection` | True to enable passwordless datasource connection. Default value is `false`.| | `jdbcDataSourceName`| Must be the JNDI name for the JDBC data source. | | `location` | Must be the same region into which the server was initially deployed. | +| `managedServerPrefix` | Must be the same value provided at deployment time. | +| `numberOfManagedApplicationInstances` | Numbers of managed servers. Must be the same value provided at deployment time. | +| `wlsDomainName` | Must be the same value provided at deployment time. | | `wlsPassword` | Must be the same value provided at deployment time. | | `wlsUserName` | Must be the same value provided at deployment time. | @@ -71,9 +78,11 @@ The parameter `dsConnectionURL` stands for JDBC connection string. The connectio {% include sub-template-datasource-connection-url.md %} +{% include sub-template-obtain-msi.md%} + #### Example Parameters JSON -Here is a fully filled out parameters file. Note that we did not include `adminVMName`. +Here is a fully filled out parameters file. Note that we keep default value for `adminVMName`, `managedServerPrefix`, `numberOfManagedApplicationInstances` and `wlsDomainName`. {{ site.data.var.passwordInFileNote }} @@ -113,6 +122,8 @@ Here is a fully filled out parameters file. Note that we did not include `admi } ``` + + ## Invoke the ARM template Assume your parameters file is available in the current directory and is named `parameters.json`. This section shows the commands to configure your {{ site.data.var.wlsFullBrandName }} deployment with the specified database. Replace `yourResourceGroup` with the Azure resource group in which the {{ site.data.var.wlsFullBrandName }} is deployed. From 18c630c1a9d87b22c883531c170c0656aeff1c74 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Sat, 18 Feb 2023 01:53:44 +0800 Subject: [PATCH 41/42] remove links to aad guidance (#245) --- cluster/addnode.md | 2 +- dynamic-cluster/addnode.md | 2 +- subtemplate-src/cluster-addnode.md | 2 +- subtemplate-src/dynamic-cluster-addnode.md | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cluster/addnode.md b/cluster/addnode.md index 9cd7189ac..b4bc4baf5 100644 --- a/cluster/addnode.md +++ b/cluster/addnode.md @@ -51,7 +51,7 @@ You must construct a parameters JSON file containing the parameters to the add-n aadsSettings - Optional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. See the page WebLogic to Azure with AAD via LDAP for further information. + Optional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. diff --git a/dynamic-cluster/addnode.md b/dynamic-cluster/addnode.md index 955dca579..a00b830ad 100644 --- a/dynamic-cluster/addnode.md +++ b/dynamic-cluster/addnode.md @@ -49,7 +49,7 @@ You must construct a parameters JSON file containing the parameters to the add-n aadsSettings - Optional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. See the page WebLogic to Azure with AAD via LDAP for further information. + Optional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. diff --git a/subtemplate-src/cluster-addnode.md b/subtemplate-src/cluster-addnode.md index 9cd7189ac..b4bc4baf5 100644 --- a/subtemplate-src/cluster-addnode.md +++ b/subtemplate-src/cluster-addnode.md @@ -51,7 +51,7 @@ You must construct a parameters JSON file containing the parameters to the add-n aadsSettings - Optional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. See the page WebLogic to Azure with AAD via LDAP for further information. + Optional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. diff --git a/subtemplate-src/dynamic-cluster-addnode.md b/subtemplate-src/dynamic-cluster-addnode.md index 955dca579..c4356ae71 100644 --- a/subtemplate-src/dynamic-cluster-addnode.md +++ b/subtemplate-src/dynamic-cluster-addnode.md @@ -49,7 +49,7 @@ You must construct a parameters JSON file containing the parameters to the add-n aadsSettings - Optional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. See the page WebLogic to Azure with AAD via LDAP for further information. + Optional. JSON object type. You can specify this parameters for Azure Active Directory integration. If enable is true, must specify other properties. From 03d6c74204c866dccc60bb4458c9652d0fcad2b5 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 18 Mar 2024 22:00:02 -0400 Subject: [PATCH 42/42] Update var.yml to new tag 2024-02-29-1-Q1. --- _data/var.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_data/var.yml b/_data/var.yml index 9375ba17d..4728159c5 100644 --- a/_data/var.yml +++ b/_data/var.yml @@ -22,4 +22,4 @@ passwordInFileNote: |-3 * We did not include values for parameters that have a default value. * Even though this parameters file has values for sensitive fields such as passwords, these values are not echoed on the command line, or repeated in the logs because they are passed directly as `secureString` type in ARM. **Please ensure any occurrences of the parameters file in the filesystem are sufficiently secured.** -artifactsLocationTag: 2022-12-30-3-Q4 +artifactsLocationTag: 2024-02-29-1-Q1