Merge remote-tracking branch 'origin/develop' into tbarnes/apachefix

Author: Tom Barnes

site/apache.md

@@ -1,32 +1,32 @@
 
-# Load Balancing with Apache Web Server
+# Load balancing with the Apache HTTP Server
 
-This page describes how to setup and start a Apache Web Server for load balancing inside a Kubernetes cluster. The configuration and startup can either be automatic when you create a domain using the WebLogic Operator's `create-weblogic-domain.sh` script, or manual if you have an existing WebLogic domain configuration.
+This document describes how to set up and start an Apache HTTP Server for load balancing inside a Kubernetes cluster. The configuration and startup can be either automatic, when you create a domain using the WebLogic Operator's `create-weblogic-domain.sh` script, or manual, if you have an existing WebLogic domain configuration.
 
-## Build Docker Image for Apache Web Server
+## Build the Docker image for the Apache HTTP Server
 
-You need to build the Docker image for Apache Web Server that embeds the Oracle WebLogic Server Proxy Plugin.
+You need to build the Docker image for the Apache HTTP Server that embeds the Oracle WebLogic Server Proxy Plugin.
 
-  1. Download and build the Docker image for the Apache Web Server with 12.2.1.3.0 Oracle WebLogic Server Proxy Plugin.  See the instructions in [Apache Web Server with Oracle WebLogic Server Proxy Plugin on Docker](https://github.com/oracle/docker-images/tree/master/OracleWebLogic/samples/12213-webtier-apache).
+  1. Download and build the Docker image for the Apache HTTP Server with the 12.2.1.3.0 Oracle WebLogic Server Proxy Plugin.  See the instructions in [Apache HTTP Server with Oracle WebLogic Server Proxy Plugin on Docker](https://github.com/oracle/docker-images/tree/master/OracleWebLogic/samples/12213-webtier-apache).
 
-  2. Tag your Docker image to `store/oracle/apache:12.2.1.3` using `docker tag` command.
+  2. Tag your Docker image, `store/oracle/apache:12.2.1.3`, using the `docker tag` command.
 
 ```
 
      $ docker tag 12213-apache:latest store/oracle/apache:12.2.1.3
 
 ```
 
-More information about the Apache plugin can be found at: [Apache Web Server with Oracle WebLogic Server Proxy Plugin on Docker](https://docs.oracle.com/middleware/1213/webtier/develop-plugin/apache.htm#PLGWL395).
+For more information about the Apache plugin, see [Apache HTTP Server with Oracle WebLogic Server Proxy Plugin on Docker](https://docs.oracle.com/middleware/1213/webtier/develop-plugin/apache.htm#PLGWL395).
 
-Once you have access to the Docker image of the Apache Web Server, you can go ahead follow the instructions below to setup and start Kubernetes resources for an Apache Web Server.
+After you have access to the Docker image of the Apache HTTP Server, you can follow the instructions below to set up and start the Kubernetes resources for the Apache HTTP Server.
 
 
-## Use Apache load balancer with a WebLogic domain created with the WebLogic Operator
+## Use the Apache load balancer with a WebLogic domain created with the WebLogic Operator
 
-Please refer to [Creating a domain using the WebLogic Operator](creating-domain.md) for how to create a domain with the WebLogic Operator.
+For how to create a domain with the WebLogic Operator, please refer to [Creating a domain using the WebLogic Operator](creating-domain.md).
 
-You need to configure Apache Web Server as your load balancer for a WebLogic domain by setting the `loadBalancer` option to `APACHE` in `create-weblogic-domain-inputs.yaml` (as shown below) when running the `create-weblogic-domain.sh` script to create a domain. 
+You need to configure the Apache HTTP Server as your load balancer for a WebLogic domain by setting the `loadBalancer` option to `APACHE` in the `create-weblogic-domain-inputs.yaml` (as shown below) when running the `create-weblogic-domain.sh` script to create a domain.
 
 ```
 
@@ -36,9 +36,9 @@ loadBalancer: APACHE
 
 ```
 
-The `create-weblogic-domain.sh` script installs the Apache Web Server with Oracle WebLogic Server Proxy Plugin into the Kubernetes *cluster*  in the same namespace as the *domain*.
+The `create-weblogic-domain.sh` script installs the Apache HTTP Server with the Oracle WebLogic Server Proxy Plugin into the Kubernetes *cluster*  in the same namespace as the *domain*.
 
-The Apache Web Server will expose a `NodePort` that allows access to the load balancer from outside of the Kubernetes cluster.  The port is configured by setting 'loadBalancerWebPort' in `create-weblogic-domain-inputs.yaml` file.
+The Apache HTTP Server will expose a `NodePort` that allows access to the load balancer from outside of the Kubernetes cluster.  The port is configured by setting `loadBalancerWebPort` in the `create-weblogic-domain-inputs.yaml` file.
 
 ```
 
@@ -48,13 +48,11 @@ loadBalancerWebPort: 30305
 
 ```
 
-The user can access an application from outside of the Kubernetes cluster via http://<host>:30305/<application-url>.
+Users can access an application from outside of the Kubernetes cluster by using `http://<host>:30305/<application-url>`.
 
 ### Use the default plugin WL module configuration
 
-By default, the Apache Docker image supports a simple WebLogic server proxy plugin configuration for a single WebLogic domain with an admin server and a cluster. The `create-weblogic-domain.sh` script automatically customizes the default behavior based on your domain configuration by generating a customized Kubernetes resources yaml file for Apache named `weblogic-domain-apache.yaml`. The default setting only supports the type of load balancing that uses the root path ("/"). 
-
-You can further customize the root path of the load balancer with `loadBalancerAppPrepath` property in the `create-weblogic-domain-inputs.yaml` file.
+By default, the Apache Docker image supports a simple WebLogic Server proxy plugin configuration for a single WebLogic domain with an Administration Server and a cluster. The `create-weblogic-domain.sh` script automatically customizes the default behavior based on your domain configuration by generating a customized Kubernetes resources yaml file for Apache named `weblogic-domain-apache.yaml`. The default setting supports only the type of load balancing that uses the root path ("/"). You can further customize the root path of the load balancer with the `loadBalancerAppPrepath` property in the `create-weblogic-domain-inputs.yaml` file.
 
 ```
 
@@ -66,11 +64,11 @@ loadBalancerAppPrepath: /weblogic
 
 It is sometimes, but rarely, desirable to expose a WebLogic administrative host and port through a load balancer to a public network.  If this is needed, then, once the `weblogic-domain-apache.yaml` file is generated, you can customize exposure of the WebLogic admin admin host and port by uncommenting the `WEBLOGIC_HOST` and `WEBLOGIC_PORT` environment variables in the file.   If this files' resources have already been deployed (as happens automatically when running `create-weblogic-domain.sh`), one way to make the change is to delete the files' running Kubernetes resources via `kubectl delete -f weblogic-domain-apache.yaml`, and then deploy them again via `kubectl create -f weblogic-domain-apache.yaml`.
 
-The user can then access an application from outside of the Kubernetes cluster via `http://<host>:30305/weblogic/<application-url>,` and, if the admin server host and port environment variables are uncommented below, an admin can access the admin console via `http://<host>:30305/console`.
+Users can then access an application from outside of the Kubernetes cluster by using `http://<host>:30305/weblogic/<application-url>,` and, if the WebLogic administration server host and port environment variables are uncommented below, an adminstrator can access the Administration Console via `http://<host>:30305/console`.
 
-The generated Kubernetes yaml files look like the following given the domainUID "domain1".
+The generated Kubernetes YAML files look like the following, given the `domainUID`, "`domain1`".
 
-`weblogic-domain-apache.yaml` for Apache web server deployment
+Sample `weblogic-domain-apache.yaml` file for Apache HTTP Server deployment.
 
 ```
 
@@ -258,7 +256,7 @@ spec:
 
 ```
 
-`weblogic-domain-apache-security.yaml` for associated RBAC roles and role bindings
+Sample `weblogic-domain-apache-security.yaml` file for associated RBAC roles and role bindings.
 
 ```
 
@@ -398,7 +396,7 @@ domain1-apache-webtier                                    2h
 ### Use your own plugin WL module configuration
 
 
-You can fine tune the behavior of the Apache plugin by providing your own Apache plugin configuration. You put your custom_mod_wl_apache.conf file in a local directory, for example `<host-config-dir>` , and specify this location in the `create-weblogic-domain-inputs.yaml` file as follows.
+You can fine tune the behavior of the Apache plugin by providing your own Apache plugin configuration. You put your `custom_mod_wl_apache.conf` file in a local directory, for example, `<host-config-dir>` , and specify this location in the `create-weblogic-domain-inputs.yaml` file as follows:
 
 ```
 
@@ -410,9 +408,9 @@ loadBalancerVolumePath: <host-config-dir>
 
 ```
 
-After the `loadBalancerVolumePath` property is specified, the `create-weblogic-domain.sh` script will use the custom_mod_wl_apache.conf file in `<host-config-dir>` directory to replace what is in the Docker image.
+After the `loadBalancerVolumePath` property is specified, the `create-weblogic-domain.sh` script will use the `custom_mod_wl_apache.conf` file in `<host-config-dir>` directory to replace what is in the Docker image.
 
-The generated yaml files will look similar except with un-commented entries like bellow.
+The generated YAML files will look similar except with un-commented entries like below:
 
 ```
 
@@ -422,7 +420,7 @@ The generated yaml files will look similar except with un-commented entries like
 
         hostPath:
 
-          path: <host-config-dir> 
+          path: <host-config-dir>
 
       containers:
 
@@ -444,21 +442,13 @@ The generated yaml files will look similar except with un-commented entries like
 
 ## Use the Apache load balancer with a manually created WebLogic Domain
 
-If your WebLogic domain is not created by the WebLogic Operator, you need to manually create and start all Kubernetes' resources for Apache Web Server.
-
-
-  1. Create your own custom_mod_wl_apache.conf file, and put it in a local dir, say `<host-conf-dir>`. See the instructions in [Apache Web Server with Oracle WebLogic Server Proxy Plugin on Docker](https://docs.oracle.com/middleware/1213/webtier/develop-plugin/apache.htm#PLGWL395).
-
-  2. Create the Apache deployment yaml file. See the example above. Note that you need to use the **volumes** and **volumeMounts** to mount `<host-config-dir>` in to `/config` directory inside the pod that runs Apache web tier. Note that the Apache Web Server needs to be in the same Kubernetes namespace as the WebLogic domains that it needs to access.
-
-  3. Create a RBAC yaml file. See the example above
-
-Note that you can choose to run one Apache Web Server to load balance to multiple domains/clusters inside the same Kubernetes cluster as long as the Apache Web Server and the domains are all in the same namespace.
-
-
-
+If your WebLogic domain is not created by the WebLogic Operator, you need to manually create and start all Kubernetes' resources for the Apache HTTP Server.
 
 
+  1. Create your own `custom_mod_wl_apache.conf` file, and put it in a local directory, for example, `<host-conf-dir>`. See the instructions in [Apache Web Server with Oracle WebLogic Server Proxy Plugin on Docker](https://docs.oracle.com/middleware/1213/webtier/develop-plugin/apache.htm#PLGWL395).
 
+  2. Create the Apache deployment YAML file. See the example above. Note that you need to use the **volumes** and **volumeMounts** to mount `<host-config-dir>` into the `/config` directory inside the pod that runs the Apache web tier. Note that the Apache HTTP Server needs to be in the same Kubernetes namespace as the WebLogic domain that it needs to access.
 
+  3. Create a RBAC YAML file. See the example above.
 
+Note that you can choose to run one Apache HTTP Server to balance the loads from multiple domains/clusters inside the same Kubernetes cluster, as long as the Apache HTTP Server and the domains are all in the same namespace.

site/rbac.md

@@ -1,24 +1,24 @@
-# RBAC
+# Role-Based Access Control (RBAC)
 
-The operator assumes that certain roles and role bindings are created on the Kubernetes cluster.  The operator installation scripts create these, and the operator verifies that they are correct when the cluster starts up.  This section lists the [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/) definitions that are created.
+The operator assumes that certain roles and role bindings are created on the Kubernetes cluster.  The operator installation scripts create these, and the operator verifies that they are correct when the cluster starts up.  This document lists the [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/) definitions that are created.
 
-The general design goal is to provide the operator with the minimum amount of permissions that it requires, and to favor built-in roles over custom roles where it make sense to do so.
+The general design goal is to provide the operator with the minimum amount of permissions that it requires, and to favor built-in roles over custom roles, where it make sense to do so.
 
-## KUBERNETES ROLE DEFINITIONS
+## Kubernetes role definitions
 
-| Cluster Role | Resources | Verbs | Notes |
+| Cluster role | Resources | Verbs | Notes |
 | --- | --- | --- | --- |
-| weblogic-operator-cluster-role |	namespaces, persistentvolumes	| get, list, watch | 1 |
+| `weblogic-operator-cluster-role` |	namespaces, persistentvolumes	| get, list, watch | 1 |
 | |	customresourcedefinitions in API group apiextensions.k8s.io	| get, list, watch, create, update, patch, delete, deletecollection	| |
 | |	domains in API group weblogic.oracle	| get, list, watch, update, patch	| |
 | |	Ingresses in API group extensions	| get, list, watch, create, update, patch, delete, deletecollection	| |
-| weblogic-operator-cluster-role-nonresource	| nonResourceURLs: ["/version/*"]	| get |	1 |
-|weblogic-operator-namespace-role	| secrets, persistentvolumeclaims	| get, list, watch	| 2 |
+| `weblogic-operator-cluster-role-nonresource`	| nonResourceURLs: ["/version/*"]	| get |	1 |
+|`weblogic-operator-namespace-role`	| secrets, persistentvolumeclaims	| get, list, watch	| 2 |
 | |	services, pods, networkpolicies	| get, list, watch, create, update, patch, delete, deletecollection | |
-| NAMESPACE-operator-rolebinding-discovery	| system:discovery in API group rbac.authorization.k8s.io | |		1 |
-| NAMESPACE-operator-rolebinding-auth-delegator	| system:auth-delegator in API group rbac.authorization.k8s.io	| |	1 |
+| `NAMESPACE-operator-rolebinding-discovery`	| system:discovery in API group rbac.authorization.k8s.io | |		1 |
+| `NAMESPACE-operator-rolebinding-auth-delegator`	| system:auth-delegator in API group rbac.authorization.k8s.io	| |	1 |
 
-**Notes**
+**Notes**:
 
 1. This cluster role is assigned to the operator’s service account in the operator’s namespace.  The uppercase text `NAMESPACE` in the cluster role name is replaced with the operator’s namespace.
 2. This cluster role is assigned to the operator’s service account in each of the “target namespaces”; that is, each namespace that the operator is configured to manage.

site/rest.md

@@ -2,16 +2,16 @@
 
 The operator provides a REST server which can be used to get a list of WebLogic domains and clusters and to initiate scaling operations.  Swagger documentation for the REST API is available [here](https://oracle.github.io/weblogic-kubernetes-operator/swagger/index.html).
 
-Most of the services access a `GET`, for example:
+You can access most of the REST services using `GET`, for example:
 
 * To obtain a list of domains, send a `GET` request to the URL `/operator/latest/domains`.
 * To obtain a list of clusters in a domain, send a `GET` request to the URL `/operator/latest/domains/<domainUID>/clusters`.
 
 All of the REST services require authentication.  Callers must pass in a valid token header and a CA certificate file.  The `X-Requested-By` header is not required.  Callers should pass in the `Accept:/application/json` header.
 
-If using `curl`, the `-k` option can be used to bypass the check to verify that the operator's certificate is trusted (instead of `curl --cacert`).
+If using `curl`, you can use the `-k` option to bypass the check to verify that the operator's certificate is trusted (instead of `curl --cacert`).
 
-Here is a small BASH script that may help to prepare the necessary token, certificates, and so on, to call the operator's REST services:
+Here is a small BASH script that may help to prepare the necessary token, certificates, and such, to call the operator's REST services:
 
 ```
 #!/bin/bash