Skip navigation

In this post I am exploring the sense of configuring and running an Oracle SOA Suite 12.2 domain on docker and managed by Kubernetes, to discover if SOA is a good candidate to run on Docker.

The server where I will install it is running Oracle Linux 6.8; unfortunately Kubernetes now is supported on Linux 7, so my next post will handle that subject.

First of all here are my install bits and experiences.

 

 

Setting up Docker

 

 

Before installing I had to add some YUM repo to get the right docker package:

 

export DOCKERURL="https://yum.dockerproject.org/repo/main/oraclelinux/6"
 rm /etc/yum.repos.d/docker*.repo
yum-config-manager --add-repo "$DOCKERURL/oraclelinux/docker-ce.repo"
yum-config-manager --enable docker-ce-stable-17.05

 

The installation took place on a Linux VM running Oracle Linux 6.8. I used the YUM repository to install the appropriate version of docker:

I was lucky, it was already at the latest version.

Next, I wanted to pull the containers from the Oracle Container Registry, so I logged in from docker:

docker login container-registry.oracle.com

providing my OPN username and password.

 

Next, I considered a new place for where the docker containers are stored, because /var/lib/docker is mounted under "/", which is not a good idea to my opinion:

  • Backup if current dir
tar -zcC /var/lib docker > /u02/pd0/var_lib_docker-backup-$(date +%s).tar.gz

Move it to a new filesystem with sufficient space

mkdir /u02/pd0/docker
mv /var/lib/docker /u02/pd0/docker
  • Link it to the original location
ln -s /u02/pd0/docker /var/lib/docker

Quick and a slight dirty, but sufficient

 

First of all, a bridge network must be created, to enable containers to connect with eachother, like the SOA containers with their dehydration store:

docker network create -d bridge SOANet

 

Creating database container

Now on https://container-registry.oracle.com/ there are some instructions of how to set up a SOA Docker environment, however these instructions are not totally correct.

Creating a SOA Suite database, the parameters is the db.env.list were not correct

 

ORACLE_SID=<db sid="">
ORACLE_PDB=<pdb id="">
ORACLE_PWD=<password>

 

These weren't correct, in this case these properties were ignored and a default dummy name was used like ORCL...etc

The correct string should be DB_ instead of ORACLE_

DB_SID=soadb
DB_PDB=soapdb
DB_PWD=*******

 

After that, start the docker database container, and database came up with the right SID and Service Name.

docker start soadb
docker ps

Some verification:

- Login with SQL*Plus

- Showed Listener Status

 

Create AdminServer Container

Before creating the AdminServer I first obtained the the image from the registry:

docker pull container-registry.oracle.com/middleware/soasuite:12.2.1.3

 

Also inhere, specific parameters had to be set, although I also encountered some flaws in the original instructions:

  • Although password was set for the db admin, it didn't pick it up, and had to set it manually in the database  " alter user sys...."
  • The SID and Service names were not correct, for the PDB I had to configure it including domain name, so this was finally the correct setup:
CONNECTION_STRING=soadb:1521/soapdb.localdomain
RCUPREFIX=SOA1
DB_PASSWORD=******
DB_SCHEMA_PASSWORD=*****
ADMIN_PASSWORD=******
MANAGED_SERVER=soa_server1
DOMAIN_TYPE=soa

 

And next run the creation of the domain, and start the AdminServer through WLST

docker run -i -t  --name soaadminserver --network=SOANet -p 7001:7001 -v /u02/scratch/DockerVolume/SOAVolume/SOA:/u01/oracle/domains   --env-file ./adminserver.env.list oracle/soa:12.2.1.3

 

When this was finished, I could login to the WebLogic console. The listenadress of the AdminServer was empty so I guess the updListenAdress.py did not do it's work, so I changed it manually

 

Starting the managed server

The image configures already a managed server in the domain, so next is to spin up a container for the SOA managed server:

docker run -i -t  --name soa_server1 --network=SOANet -p 8001:8001   --volumes-from soaadminserver   --env-file ./soaserver.env.list oracle/soa:12.2.1.3 "/u01/oracle/dockertools/startMS.sh"

 

The SOA Managed server came up after a while, though, status in the console was SHUTDOWN, because the startscript did not use the nodemanager. Checking the log I could follow the startup sequence.

 

docker exec -it soaadminserver bash -c "tail -f  /u01/oracle/user_projects/domains/InfraDomain/logs/ms.log"

After that, I logged in into the container and started the nodemanager using the startNodemanager,.sh, to be able to start managed servers through the console and get health info.

 

Conclusion

Just some thoughts and doubts that came up in me; but please correct me if I'm wrong.

Now the million dollar question would be: Is SOA Suite fit for a container platform? It does run, although I haven't tested it yet. In the end to set it up is rather simple.

Apart from some flaws during setup, you might ask yourselve : what are we doing different inhere, instead of spinning up servers and/or VMS

 

Well 1st, all docker containers run on a server, but we skipped the entire server configuration and based on a pre-baked image we could bring rather quick an environment

But looking from an application perspective, we still not doing anything containerized. Even in a docker container monoliths can exist.

So, the complete story is that at platform level we have containers, at application level, not yet.

At this years Developer Tour in Latin America I was selected to speak in Argentina, which would be a great adventure for me. As I have never been on the southern hemisphere, I was really excited and honoured to go. After a very long flight from Amsterdam to Buenos Aires, almost 14 hours, I landed early morning in Buenos Aires, which was in winter time. For me a big switch as in the Netherlands it was around 35 *C when I left.   But who's complaining.

 

Packed with my suitcase and my Oracle Management Cloud bible I entered Buenos Aires... what a city and what contrasts. Beautiful art and architecture but also a lot poverty.

I like the urban lifestyle so I found my way in Buenos Aires and visited some hotspots every tourst must see. If you ever plan to go, wear some good shoes because the streets are sometimes hard to walk on.

Nevertheless, I could breath the Southern American lifestyle while seeing the Tango live on the streets:

 

IMG_20180807_173001.jpg

 

The conference day

 

The conference took place on my birthday, the 9th of aigust 2018 in the UADE, one of the many universities of Buenos Aires.

IMG_20180807_114614.jpg

 

A 20 minutes walk from my hotel brought me there, and around 9:30 AM the conference was openend in the main Auditorium. My session was planned at 11:05 am, but die to some delay it began a bit later, so I followed some other sessions. Although the majority of the sessions were in Spanish, which isn't my stongest language, I could follow some of it, and was lucky that the slides were in English. As I was on the Analytics track I followed a session from Edelweiss Kammerman about Data Visialization with the Oracle Datawarehouse Cloud Service, and the Session before me from Diego Sanchez, also about the Management Cloud, regarding problem detection and analysis.

 

 

Security Analytics with the Oracle Management Cloud

 

As I was in the Analytics track I had to emphasize on the Analytics capabilities of the Oracle Management Cloud, where Machinelearning, Anomaly Detection and Data Visualization are important topics.

Machinelearning capabilities are essential for this solution; in OMC the following are used:

 

  • Anomaly Detection
    • See the abnomal symptoms. We're not interested in what's going ok, but in the exceptions
  • Clustering
    • Reduce tons of billions of data to a manageabe and understandable pattern. This requires high end technology analysis.
  • Correlation
    • Correlate as might seem different events to eachother to a common recognzed pattern. Such as link by a common attribute, an OrderID, a Personal ID and so on,

 

 

The battle against attacks is always lag behind

 

Let's face it; SOC's are having a hard time to defend against all kinds of hostile actions, which can be from the outside world, or inside by suspected fraude of employees. Some of the bad already happened when they come in action.

The  Security Monitoring and Analystics of OMC can help them make  life a bit easier by doing the following

  • Intelligent monitor security events
  • Investigate using Log Analytics
  • Understand  and interpret attackchains
  • Automatically remediate  to reduce exposure
  • Continually harden systems in response to a threat or weakness

Now a well known pattern of attack is the Cyber Kill Chain where through some certain steps hostile parties can inflitrate into systems without anyone noticing. And don't think of the stereotypes of young guys or girls on their addic, trying to hack. No we think about highly sophisticated attacks, nitiated by machines and well organized groups of maybe governments or criminal organizations.

 

2018-08-10 14_31_48-OMC_analytics_machinelearning.pptx [Protected View] - PowerPoint.png

 

A typical SMA Dashboard Identifying attacks

 

 

Also when you lay a part of your IT in the cloud, you can easily integrate you Access Biroker or Identity Management Systems into The Oracle Management Cloud

2018-08-10 14_32_17-OMC_analytics_machinelearning.pptx [Protected View] - PowerPoint.png

 

 

 

The SMA Engine works with Machine Learning Models and Rules in order to detect any security thread, as I already explained in an earlier blog. But the fact that SMA worls closely together with the Log Analytics modue makes it a strong and well integrated solution for any enterprise to use in it's everlasting battle against attacks.

 

The closing Speakers, ACE and DevChamp dinner

As a traditiion the event was closed with a nice dinner at a  restaurant to try out the Argentinian meat culture, where I met some of my colleagues which I did not had the chance to meet.

By surpise, Jennifer Nicholson from the ACE program announced a new Java Developer Champion: Hillmer Chona,,, Congratulations and well done!

 

 

Big thanks

 

Finnaly I would like to thank the Argentinian Oracle User group for the organization and hope to see you maybe next year.