oracle
diff --git a/‎docs-source/content/_index.md
Lines changed: 1 addition & 1 deletion b/‎docs-source/content/_index.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs-source/content/faq/coherence-requirements.md
Lines changed: 93 additions & 0 deletions b/‎docs-source/content/faq/coherence-requirements.md
Lines changed: 93 additions & 0 deletions
diff --git a/‎docs-source/content/userguide/managing-domains/fmw-infra/_index.md
Lines changed: 7 additions & 0 deletions b/‎docs-source/content/userguide/managing-domains/fmw-infra/_index.md
Lines changed: 7 additions & 0 deletions
diff --git a/‎integration-tests/src/test/java/oracle/kubernetes/operator/ItSitConfig.java
Lines changed: 62 additions & 68 deletions b/‎integration-tests/src/test/java/oracle/kubernetes/operator/ItSitConfig.java
Lines changed: 62 additions & 68 deletions
diff --git a/‎integration-tests/src/test/resources/setupenv.sh
Lines changed: 4 additions & 0 deletions b/‎integration-tests/src/test/resources/setupenv.sh
Lines changed: 4 additions & 0 deletions
@@ -1,6 +1,6 @@
 ### Oracle WebLogic Server Kubernetes Operator
 
-Oracle is finding ways for organizations using WebLogic Server to run important workloads, to move those workloads into the cloud. By certifying on industry standards, such as Docker and Kubernetes, WebLogic now runs in a cloud neutral infrastructure. In addition, we've provided an open-source Oracle WebLogic Server Kubernetes Operator (the “operator”) which has several key features to assist you with deploying and managing WebLogic domains in a Kubernetes environment. You can:
+Oracle is finding ways for organizations using WebLogic Server to run important workloads, to move those workloads into the cloud. By certifying on industry standards, such as Docker and Kubernetes, WebLogic now runs in a cloud neutral infrastructure. In addition, we've provided an open source Oracle WebLogic Server Kubernetes Operator (the “operator”) which has several key features to assist you with deploying and managing WebLogic domains in a Kubernetes environment. You can:
 
 * Create WebLogic domains in a Kubernetes persistent volume. This persistent volume can reside in an NFS file system or other Kubernetes volume types.
 * Create a WebLogic domain in a Docker image.
 
@@ -0,0 +1,93 @@
+---
+title: "Coherence Requirements"
+date: 2019-08-12T12:41:38-04:00
+draft: false
+---
+
+If you are running Coherence on Kubernetes, either inside a WebLogic domain
+or standalone, then there are some additional requirements to make sure
+that Coherence can form clusters. 
+
+Note that some Fusion Middleware products, like SOA Suite, use Coherence
+and so these requirements apply to them.
+
+#### Unicast and Well Known Address 
+When the first Coherence process starts, it will form a cluster.  The next
+Coherence process to start (i.e. in a different pod) will use UDP to try
+to contact the senior member.  
+
+If you create a WebLogic domain which contains a Coherence cluster
+using the samples provided in this project, then that cluster will
+be configured correctly so that it is able to form; 
+you do not need to do any additional manual configuration.
+
+If you are running Coherence standalone (outside a 
+WebLogic domain) you should configure Coherence to use unicast and 
+provide a "well known address (WKA)" so that all members can find the senior
+member.  Most Kubernetes overlay network providers do not
+support multicast.  
+
+This is done by specifying the Coherence well known addresses in a variable named
+`coherence.wka` as shown in the example below:
+
+```
+-Dcoherence.wka=my-cluster-service
+```
+
+In this example `my-cluster-service` should be the name of the Kubernetes 
+service that is pointing to all of the members of that Coherence cluster.
+
+Please refer to the [Coherence operator documentation](https://oracle.github.io/coherence-operator/)
+for more information about running Coherence in Kubernetes outside of 
+a WebLogic domain.
+
+#### Operating system library requirements
+
+In order for Coherence clusters to form correctly, the `conntrack` library
+must be installed.  Most Kubernetes distributions will do this for you.
+If you have issues with clusters not forming, you should check that 
+`conntrack` is installed using this command (or equivalent):
+
+```
+$ rpm -qa | grep conntrack
+libnetfilter_conntrack-1.0.6-1.el7_3.x86_64
+conntrack-tools-1.4.4-4.el7.x86_64
+```
+
+You should see output similar to that shown above.  If you do not, then you
+should install `conntrack` using your operating system tools.
+
+#### Firewall (iptables) requirements
+
+Some Kubernetes distributions create `iptables` rules that block some
+types of traffic that Coherence requires to form clusters.  If you are
+not able to form clusters, you can check for this issue using the
+following command:
+
+```
+# iptables -t nat -v  -L POST_public_allow -n
+Chain POST_public_allow (1 references)
+pkts bytes target     prot opt in     out     source               destination
+164K   11M MASQUERADE  all  --  *      !lo     0.0.0.0/0            0.0.0.0/0
+   0     0 MASQUERADE  all  --  *      !lo     0.0.0.0/0            0.0.0.0/0
+```
+
+If you see output similar to the example above, i.e. if you see any entries 
+in this chain, then you need to remove them.  You can remove the entries
+using this command:
+
+```
+# iptables -t nat -v -D POST_public_allow 1
+```
+
+Note that you will need to run that command for each line. So in the example
+above, you would need to run it twice. 
+
+After you are done, you can run the previous command again and verify that
+the output is now an empty list.
+
+After making this change, restart your domain(s) and the Coherence cluster
+should now form correctly. 
+
+
+
@@ -15,6 +15,7 @@ pre = "<b> </b>"
 * [Create a Kubernetes secret with the RCU credentials](#create-a-kubernetes-secret-with-the-rcu-credentials)
 * [Creating an FMW Infrastructure domain](#creating-an-fmw-infrastructure-domain)
 * [Patching the FMW Infrastructure image](#patching-the-fmw-infrastructure-image)
+* [Additional considerations for Coherence](#additional-considerations-for-coherence)
 
 
 Starting with release 2.2.0, the operator supports FMW Infrastructure domains.
@@ -432,3 +433,9 @@ for more information.
 
 An example of a non-ZDP compliant patch is one that includes a schema change
 that can not be applied dynamically.
+
+#### Additional considerations for Coherence
+
+If you are running a domain which contains Coherence, please refer to
+[Coherence requirements]({{< relref "/faq/coherence-requirements.md" >}})
+for more information.
@@ -14,7 +14,6 @@
 import java.nio.file.StandardOpenOption;
 import java.util.Map;
 import java.util.logging.Level;
-
 import oracle.kubernetes.operator.utils.Domain;
 import oracle.kubernetes.operator.utils.ExecResult;
 import oracle.kubernetes.operator.utils.Operator;
@@ -82,7 +81,14 @@ public static void staticPrepare() throws Exception {
       fqdn = TestUtils.getHostName();
       JDBC_URL = "jdbc:mysql://" + fqdn + ":" + MYSQL_DB_PORT + "/";
       // copy the configuration override files to replacing the JDBC_URL token
-      copySitConfigFiles();
+      String[] files = {
+        "config.xml",
+        "jdbc-JdbcTestDataSource-0.xml",
+        "diagnostics-WLDF-MODULE-0.xml",
+        "jms-ClusterJmsSystemResource.xml",
+        "version.txt"
+      };
+      copySitConfigFiles(files, "test-secrets");
       // create weblogic domain with configOverrides
       domain = createSitConfigDomain();
       Assert.assertNotNull(domain);
@@ -132,7 +138,6 @@ public static void staticUnPrepare() throws Exception {
    * @throws Exception - if it cannot create the domain
    */
   private static Domain createSitConfigDomain() throws Exception {
-    String createDomainScript = TEST_RES_DIR + "/domain-home-on-pv/create-domain.py";
     // load input yaml to map and add configOverrides
     Map<String, Object> domainMap = TestUtils.loadYaml(DOMAINONPV_WLST_YAML);
     domainMap.put("configOverrides", "sitconfigcm");
@@ -168,22 +173,17 @@ private static void destroySitConfigDomain() throws Exception {
    *
    * @throws IOException when copying files from source location to staging area fails
    */
-  private static void copySitConfigFiles() throws IOException {
+  private static void copySitConfigFiles(String files[], String secretName) throws IOException {
     String srcDir = TEST_RES_DIR + "/sitconfig/configoverrides";
     String dstDir = configOverrideDir;
-    String[] files = {
-      "config.xml",
-      "jdbc-JdbcTestDataSource-0.xml",
-      "diagnostics-WLDF-MODULE-0.xml",
-      "jms-ClusterJmsSystemResource.xml",
-      "version.txt"
-    };
+
+    Charset charset = StandardCharsets.UTF_8;
     for (String file : files) {
       Path path = Paths.get(srcDir, file);
       logger.log(Level.INFO, "Copying {0}", path.toString());
-      Charset charset = StandardCharsets.UTF_8;
       String content = new String(Files.readAllBytes(path), charset);
       content = content.replaceAll("JDBC_URL", JDBC_URL);
+      content = content.replaceAll("test-secrets", secretName);
       if (getWeblogicImageTag().contains(PS3_TAG)) {
         content = content.replaceAll(JDBC_DRIVER_NEW, JDBC_DRIVER_OLD);
       }
@@ -387,7 +387,7 @@ public void testConfigOverrideAfterDomainStartup() throws Exception {
         Paths.get(srcDir, "config_1.xml"),
         Paths.get(dstDir, "config.xml"),
         StandardCopyOption.REPLACE_EXISTING);
-    recreateCrdWithNewConfigMap();
+    recreateConfigMapandRestart("test-secrets", "test-secrets");
     transferTests();
     ExecResult result =
         TestUtils.exec(
@@ -423,7 +423,7 @@ public void testOverrideJdbcResourceAfterDomainStart() throws Exception {
         Paths.get(srcDir, "jdbc-JdbcTestDataSource-1.xml"),
         Paths.get(dstDir, "jdbc-JdbcTestDataSource-1.xml"),
         StandardCopyOption.REPLACE_EXISTING);
-    recreateCrdWithNewConfigMap();
+    recreateConfigMapandRestart("test-secrets", "test-secrets");
     transferTests();
     ExecResult result =
         TestUtils.exec(
@@ -452,45 +452,29 @@ public void testOverrideJdbcResourceWithNewSecret() throws Exception {
     logTestBegin(testMethod);
     // recreate the map with new situational config files
     String[] files = {"config.xml", "jdbc-JdbcTestDataSource-0.xml"};
-    String secretName = "test-secrets-new";
-    for (String file : files) {
-      Path path = Paths.get(sitconfigTmpDir, "configoverridefiles", file);
-      String content = new String(Files.readAllBytes(path), StandardCharsets.UTF_8);
-      content = content.replaceAll("test-secrets", secretName);
-      if (getWeblogicImageTag().contains(PS3_TAG)) {
-        content = content.replaceAll(JDBC_DRIVER_NEW, JDBC_DRIVER_OLD);
-      }
-      Files.write(
-          Paths.get(sitconfigTmpDir, "configoverridefiles", file),
-          content.getBytes(StandardCharsets.UTF_8),
-          StandardOpenOption.TRUNCATE_EXISTING);
+    String newSecret = "test-secrets-new";
+    try {
+      copySitConfigFiles(files, newSecret);
+      recreateConfigMapandRestart("test-secrets", newSecret);
+      transferTests();
+      ExecResult result =
+          TestUtils.exec(
+              KUBE_EXEC_CMD
+                  + " 'sh runSitConfigTests.sh "
+                  + fqdn
+                  + " "
+                  + T3CHANNELPORT
+                  + " weblogic welcome1 "
+                  + testMethod
+                  + " "
+                  + JDBC_URL
+                  + "'");
+      assertResult(result);
+      logger.log(Level.INFO, "SUCCESS - {0}", testMethod);
+    } finally {
+      copySitConfigFiles(files, "test-secrets");
+      recreateConfigMapandRestart("test-secrets-new", "test-secrets");
     }
-    String content = new String(Files.readAllBytes(Paths.get(domainYaml)), StandardCharsets.UTF_8);
-    content = content.replaceAll("test-secrets", secretName);
-    Files.write(
-        Paths.get(domainYaml),
-        content.getBytes(StandardCharsets.UTF_8),
-        StandardOpenOption.TRUNCATE_EXISTING);
-
-    TestUtils.exec("kubectl delete secret " + domain.getDomainUid() + "-test-secrets", true);
-    createNewSecret(secretName);
-    TestUtils.exec("kubectl apply -f " + domainYaml, true);
-    recreateCrdWithNewConfigMap();
-    transferTests();
-    ExecResult result =
-        TestUtils.exec(
-            KUBE_EXEC_CMD
-                + " 'sh runSitConfigTests.sh "
-                + fqdn
-                + " "
-                + T3CHANNELPORT
-                + " weblogic welcome1 "
-                + testMethod
-                + " "
-                + JDBC_URL
-                + "'");
-    assertResult(result);
-    logger.log(Level.INFO, "SUCCESS - {0}", testMethod);
   }
 
   /**
@@ -522,7 +506,32 @@ private void createJdbcResource() throws Exception {
    *
    * @throws Exception when pods restart fail
    */
-  private void recreateCrdWithNewConfigMap() throws Exception {
+  private void recreateConfigMapandRestart(String oldSecret, String newSecret) throws Exception {
+    if (!oldSecret.equals(newSecret)) {
+      String content =
+          new String(Files.readAllBytes(Paths.get(domainYaml)), StandardCharsets.UTF_8);
+      content = content.replaceAll(oldSecret, newSecret);
+      Files.write(
+          Paths.get(domainYaml),
+          content.getBytes(StandardCharsets.UTF_8),
+          StandardOpenOption.TRUNCATE_EXISTING);
+
+      TestUtils.exec("kubectl delete secret " + domain.getDomainUid() + "-" + oldSecret, true);
+      String cmd =
+          "kubectl -n "
+              + domain.getDomainNs()
+              + " create secret generic "
+              + domain.getDomainUid()
+              + "-"
+              + newSecret
+              + " --from-literal=hostname="
+              + TestUtils.getHostName()
+              + " --from-literal=dbusername=root"
+              + " --from-literal=dbpassword=root123";
+      TestUtils.exec(cmd, true);
+      TestUtils.exec("kubectl apply -f " + domainYaml, true);
+    }
+
     int clusterReplicas =
         TestUtils.getClusterReplicas(DOMAINUID, domain.getClusterName(), domain.getDomainNs());
 
@@ -543,21 +552,6 @@ private void recreateCrdWithNewConfigMap() throws Exception {
     domain.verifyDomainCreated();
   }
 
-  private void createNewSecret(String secretName) throws Exception {
-    String cmd =
-        "kubectl -n "
-            + domain.getDomainNs()
-            + " create secret generic "
-            + domain.getDomainUid()
-            + "-"
-            + secretName
-            + " --from-literal=hostname="
-            + TestUtils.getHostName()
-            + " --from-literal=dbusername=root"
-            + " --from-literal=dbpassword=root123";
-    TestUtils.exec(cmd, true);
-  }
-
   /**
    * Transfer the tests to run in WLS pods.
    *
 
@@ -54,6 +54,10 @@ function create_image_pull_secret_wl {
 	    echo "secret $IMAGE_PULL_SECRET_WEBLOGIC was not created successfully"
 	    exit 1
 	  fi
+	  
+	  # below docker pull is needed to for domain home in image tests the base image should be in local repo
+	  docker login -u $OCR_USERNAME -p $OCR_PASSWORD ${OCR_SERVER}
+	  docker pull $IMAGE_NAME_WEBLOGIC:$IMAGE_TAG_WEBLOGIC
   fi
   set -x
 }