Merge remote-tracking branch 'origin/develop' into istio-enablement

Author: rjeberhard

docs-source/content/_index.md

@@ -1,6 +1,6 @@
 ### Oracle WebLogic Server Kubernetes Operator
 
-Oracle is finding ways for organizations using WebLogic Server to run important workloads, to move those workloads into the cloud. By certifying on industry standards, such as Docker and Kubernetes, WebLogic now runs in a cloud neutral infrastructure. In addition, we've provided an open-source Oracle WebLogic Server Kubernetes Operator (the “operator”) which has several key features to assist you with deploying and managing WebLogic domains in a Kubernetes environment. You can:
+Oracle is finding ways for organizations using WebLogic Server to run important workloads, to move those workloads into the cloud. By certifying on industry standards, such as Docker and Kubernetes, WebLogic now runs in a cloud neutral infrastructure. In addition, we've provided an open source Oracle WebLogic Server Kubernetes Operator (the “operator”) which has several key features to assist you with deploying and managing WebLogic domains in a Kubernetes environment. You can:
 
 * Create WebLogic domains in a Kubernetes persistent volume. This persistent volume can reside in an NFS file system or other Kubernetes volume types.
 * Create a WebLogic domain in a Docker image.

docs-source/content/faq/coherence-requirements.md

@@ -0,0 +1,93 @@
+---
+title: "Coherence Requirements"
+date: 2019-08-12T12:41:38-04:00
+draft: false
+---
+
+If you are running Coherence on Kubernetes, either inside a WebLogic domain
+or standalone, then there are some additional requirements to make sure
+that Coherence can form clusters. 
+
+Note that some Fusion Middleware products, like SOA Suite, use Coherence
+and so these requirements apply to them.
+
+#### Unicast and Well Known Address 
+When the first Coherence process starts, it will form a cluster.  The next
+Coherence process to start (i.e. in a different pod) will use UDP to try
+to contact the senior member.  
+
+If you create a WebLogic domain which contains a Coherence cluster
+using the samples provided in this project, then that cluster will
+be configured correctly so that it is able to form; 
+you do not need to do any additional manual configuration.
+
+If you are running Coherence standalone (outside a 
+WebLogic domain) you should configure Coherence to use unicast and 
+provide a "well known address (WKA)" so that all members can find the senior
+member.  Most Kubernetes overlay network providers do not
+support multicast.  
+
+This is done by specifying the Coherence well known addresses in a variable named
+`coherence.wka` as shown in the example below:
+
+```
+-Dcoherence.wka=my-cluster-service
+```
+
+In this example `my-cluster-service` should be the name of the Kubernetes 
+service that is pointing to all of the members of that Coherence cluster.
+
+Please refer to the [Coherence operator documentation](https://oracle.github.io/coherence-operator/)
+for more information about running Coherence in Kubernetes outside of 
+a WebLogic domain.
+
+#### Operating system library requirements
+
+In order for Coherence clusters to form correctly, the `conntrack` library
+must be installed.  Most Kubernetes distributions will do this for you.
+If you have issues with clusters not forming, you should check that 
+`conntrack` is installed using this command (or equivalent):
+
+```
+$ rpm -qa | grep conntrack
+libnetfilter_conntrack-1.0.6-1.el7_3.x86_64
+conntrack-tools-1.4.4-4.el7.x86_64
+```
+
+You should see output similar to that shown above.  If you do not, then you
+should install `conntrack` using your operating system tools.
+
+#### Firewall (iptables) requirements
+
+Some Kubernetes distributions create `iptables` rules that block some
+types of traffic that Coherence requires to form clusters.  If you are
+not able to form clusters, you can check for this issue using the
+following command:
+
+```
+# iptables -t nat -v  -L POST_public_allow -n
+Chain POST_public_allow (1 references)
+pkts bytes target     prot opt in     out     source               destination
+164K   11M MASQUERADE  all  --  *      !lo     0.0.0.0/0            0.0.0.0/0
+   0     0 MASQUERADE  all  --  *      !lo     0.0.0.0/0            0.0.0.0/0
+```
+
+If you see output similar to the example above, i.e. if you see any entries 
+in this chain, then you need to remove them.  You can remove the entries
+using this command:
+
+```
+# iptables -t nat -v -D POST_public_allow 1
+```
+
+Note that you will need to run that command for each line. So in the example
+above, you would need to run it twice. 
+
+After you are done, you can run the previous command again and verify that
+the output is now an empty list.
+
+After making this change, restart your domain(s) and the Coherence cluster
+should now form correctly. 
+
+
+

docs-source/content/userguide/managing-domains/domain-lifecycle/restarting.md

@@ -199,3 +199,14 @@ If you've created a new image that is not rolling compatible, and you've changed
     the image, or the Kubernetes resources that register your domain with the operator.  For example, your servers are caching information from an external database and you've modified the contents of the database.
 
     In these cases, you must manually initiate a restart.
+
+* **Managed Coherence Servers safe shutdown**.
+
+    If the domain is configured to use a Coherence cluster, then you will need to increase the Kubernetes graceful timeout value.
+    When a server is shut down, Coherence needs time to recover partitions and rebalance the cluster before it is safe to shut down a second server.
+    Using the Kubernetes graceful termination feature, the operator will automatically wait until the Coherence HAStatus MBean attribute
+    indicates that it is safe to shut down the server.  However, after the graceful termination timeout expires, the pod will be deleted regardless.
+    Therefore, it is important to set the domain YAML `timeoutSeconds` to a large enough value to prevent the server from shutting down before
+    Coherence is safe. Furthermore, if the operator is not able to access the Coherence MBean, then the server will not be shut down
+    until the domain `timeoutSeconds` expires.  To minimize any possibility of cache data loss, you should increase the `timeoutSeconds`
+    value to a large number, for example, 15 minutes.

docs-source/content/userguide/managing-domains/fmw-infra/_index.md

@@ -15,6 +15,7 @@ pre = "<b> </b>"
 * [Create a Kubernetes secret with the RCU credentials](#create-a-kubernetes-secret-with-the-rcu-credentials)
 * [Creating an FMW Infrastructure domain](#creating-an-fmw-infrastructure-domain)
 * [Patching the FMW Infrastructure image](#patching-the-fmw-infrastructure-image)
+* [Additional considerations for Coherence](#additional-considerations-for-coherence)
 
 
 Starting with release 2.2.0, the operator supports FMW Infrastructure domains.
@@ -432,3 +433,9 @@ for more information.
 
 An example of a non-ZDP compliant patch is one that includes a schema change
 that can not be applied dynamically.
+
+#### Additional considerations for Coherence
+
+If you are running a domain which contains Coherence, please refer to
+[Coherence requirements]({{< relref "/faq/coherence-requirements.md" >}})
+for more information.

docs-source/content/userguide/managing-operators/using-the-operator/using-helm.md

@@ -67,6 +67,16 @@ $ helm upgrade \
   kubernetes/charts/weblogic-operator
 ```
 
+Enable operator debugging on port 30999. Again, we use `--reuse-values` to change one value without affecting the others:
+```
+$ helm upgrade \
+  --reuse-values \
+  --set "remoteDebugNodePortEnabled=true" \
+  --wait \
+  weblogic-operator \
+  kubernetes/charts/weblogic-operator
+```
+
 ### Operator Helm configuration values
 
 This section describes the details of the operator Helm chart's available configuration values.

integration-tests/USECASES.MD

@@ -100,6 +100,8 @@ Configuration Overrides Usecases
 | JDBC Resource Override | Override JDBC connection pool properties; `initialCapacity`, `maxCapacity`, `test-connections-on-reserve`, `connection-harvest-max-count`, `inactive-connection-timeout-seconds`. Override the JDBC driver parameters like data source `URL`, `DB` `user` and `password` using kubernetes secret. The test verifies the overridden functionality datasource `URL`, `user`, `password` by getting the data source connection and running DDL statement it is connected to. |
 | JMS Resource Override | Override UniformDistributedTopic Delivery Failure Parameters, `redelivery-limit` and `expiration-policy`. The JMX test client verifies the serverConfig MBean tree for the expected delivery failure parameters, `redelivery-limit` and `expiration-policy`. |
 | WLDF Resource Override | Override `wldf-instrumentation-monitor` and `harvester` in a diagnostics module. The test client verifies the new instrumentation monitors/harvesters set by getting the WLDF resource from serverConfig tree with expected values.  |
+| Configuration override with running domain | Override the administration server with Startup and Shutdown class by editing the configmap and recreating the domain CRD. The override is verified by JMX client connecting to the serverConfig MBean tree and the values are checked against the expected values. |
+| JDBC Resource Override with running domain | Override non dynamic JDBC connection pool properties; `ignore-in-use-connections`, `login-delay-Seconds`, `connection-cache-type`, `global-transactions-protocol`  by editing the configmap and recreating the domain CRD. The test only verifies the expected values against the config tree |
 
 | Session Migration | Use Case |
 | --- | --- |
@@ -151,11 +153,12 @@ Configuration Overrides Usecases
 
 | Init Container | Use Case |
 | --- | --- |
-| Add initContainers to domain | Add a initContainers object to spec level and verify the init containers are created for weblogic server pods prior to starting it and runs to completion and then weblogic pod are started |
-| Add initContainers to adminServer | Add a initContainers object to adminServer level and verify the init container is created for administration server weblogic server pod prior to starting it and runs to completion and then weblogic pod is started |
-| Add initContainers to Clusters | Add a initContainers object to Clusters level and verify the init containers are created for weblogic server pods prior to starting the clusters and runs to completion and then weblogic pod are started |
-| Add initContainers to managedServers | Add a initContainers object to managed server level and verify the init container is created for managed server weblogic server pod prior to starting it and runs to completion and then weblogic pod is started |
-| Add bad initContainers to domain | Add a bad initContainers object to domain and verify the init container run fails and no weblogic pod is started |
-| Add multiple initContainers to domain | Add multiple initContainers object to domain level and verify all of the init container are run before weblogic server pod are started |
-| Add initContainers with different names at different level | Add a multiple initContainers object at domain level and server level and verify all of the init containers are run before weblogic server pods are started |
-| Add initContainers with same names at different level | Add a multiple initContainers object at domain level and server level and verify only the server level init containers are run before weblogic server pods are started |
+| Add initContainers to domain | Add a initContainers object to spec level and verify the init containers are created for Weblogic server pods prior to starting it and runs to completion and then Weblogic pod are started |
+| Add initContainers to adminServer | Add a initContainers object to adminServer level and verify the init container is created for administration server Weblogic server pod prior to starting it and runs to completion and then Weblogic pod is started |
+| Add initContainers to Clusters | Add a initContainers object to Clusters level and verify the init containers are created for Weblogic server pods prior to starting the clusters and runs to completion and then Weblogic pod are started |
+| Add initContainers to managedServers | Add a initContainers object to managed server level and verify the init container is created for managed server Weblogic server pod prior to starting it and runs to completion and then Weblogic pod is started |
+| Add bad initContainers to domain | Add a bad initContainers object to domain and verify the init container run fails and no Weblogic pod is started |
+| Add multiple initContainers to domain | Add multiple initContainers object to domain level and verify all of the init container are run before Weblogic server pod are started |
+| Add initContainers with different names at different level | Add a multiple initContainers object at domain level and server level and verify all of the init containers are run before Weblogic server pods are started |
+| Add initContainers with same names at different level | Add a multiple initContainers object at domain level and server level and verify only the server level init containers are run before Weblogic server pods are started |
+

integration-tests/pom.xml

@@ -302,5 +302,13 @@
                 <jrf_enabled>false</jrf_enabled>
             </properties>
         </profile>
+        <profile>
+            <id>full-integration-tests</id>
+            <properties>
+                <skipITs>false</skipITs>
+                <includes-failsafe>**/*.java</includes-failsafe>
+                <jrf_enabled>true</jrf_enabled>
+            </properties>
+        </profile>
     </profiles>
 </project>

integration-tests/src/test/java/oracle/kubernetes/operator/BaseTest.java

@@ -49,6 +49,7 @@ public class BaseTest {
   public static final String DOMAININIMAGE_WLST_YAML = "domaininimagewlst.yaml";
   public static final String DOMAININIMAGE_WDT_YAML = "domaininimagewdt.yaml";
   public static final String DOMAINONSHARINGPV_WLST_YAML = "domainonsharingpvwlst.yaml";
+  public static final String DOMAINONPV_LOGGINGEXPORTER_YAML = "loggingexpdomainonpvwlst.yaml";
 
   // property file used to configure constants for integration tests
   public static final String APP_PROPS_FILE = "OperatorIT.properties";