Deploying Oracle WebLogic Server on Kubernetes...No Java Message Service No Enterprise JavaBeans Developers Engineers Administration IT WebLogic at CERN 15/01/2020 Antonio Nappi 12

Deploying Oracle WebLogic Server on Kubernetes

15/01/2020 Antonio Nappi 2

Antonio Nappi

What is CERN?


What is CERN?


Member States:Austria, Belgium, Bulgaria, CzechRepublic, Denmark, Finland, France, Germany,Greece, Hungary, Israel, Italy, Netherlands, Norway,Poland, Portugal, Romania, Serbia, Slovakia, Spain, Sweden,Switzerland and United Kingdom

Associate Members in the Pre-Stage to Membership:Cyprus, Slovenia

Associate Members:India, Pakistan, Turkey, Ukraine

Observers to Council:Japan, Russia, United States ofAmerica, the European Commission, Joint Institute forNuclear Research and UNESCO

What is CERN?






What is CERN?






~ 3 000 members of personnelUsers from 100 different countries

Budget ~ 1 100 MCHF per year

CERN: a unique environment




Study fundamental particlesHow they interactUnderstand the fundamental laws of nature

Large Hadron Collider ( LHC )Largest particle collider in the world27 km in circumferenceThousand of magnets



Study fundamental particlesHow they interactUnderstand the fundamental laws of nature

Large Hadron Collider ( LHC )Largest particle collider in the world27 km in circumferenceThousand of magnets

Place where the Web was born

Science for peaceMelting pot

CERN Openlab


WebLogic at CERN


WebLogic on VMs (12.1.3)~ 358 Clusters~ 100 Applications

DEV / TEST / PREPROD / PROD

Web Profile application StatefulNo Java Message ServiceNo Enterprise JavaBeans

DevelopersEngineersAdministrationIT

WebLogic at CERN


WebLogic on VMs (12.1.3)~ 358 Clusters~ 100 Applications

DEV / TEST / PREPROD / PROD

Web Profile application StatefulNo Java Message ServiceNo Enterprise JavaBeans

DevelopersEngineersAdministrationIT

WebLogic on KubernetesDifferent versions

12.1.312.2.1

~ 60 deployment18 DEV18 TEST 12 PREPROD12 PROD


Why KubernetesImmutable

• Versioning• Easier to track

Portable

• On Premise• Public Cloud• Disaster Recovery Plan easier

High Availability

• Self-Healing

Fast Provisioning

• Increase productivity


Constraints


ConstraintsTransparent for developers

Replicate VM modelLoggingMonitoring




CERN InfrastructureOpenStack Private Cloud

Built for physics workloads




CERN InfrastructureOpenStack Private Cloud

Built for physics workloads

Current architecture


Kubernetes provisioningPrivate Cloud/OpenStack Magnum







HA Production scenarioApplication spread across 3 AZS

Weighted Round RobinCanary deployments











Everything ephemeral













One application per K8S namespace







One application per K8S namespace

Namespace Application



Load balancer

15/01/2020 Antonio Nappi

HA External Load BalancerPacemaker & CorosyncDiscriminate traffic based on url

27

Load balancer



28

Load balancer



Ingress HAProxyThe only point of accessNo LoadBalancer service type

29

Load balancer




30

KubernetesCluster

Load balancer




Prevent unauthorized access Firewall no customizableShare a secret

31

KubernetesCluster

Load balancer




Prevent unauthorized access Firewall no customizableShare a secret

32

GET / HTTP/1.1 Host: k8s-anappi-test.cern.ch Connection: keep-alive User-Agent: Mozilla/5.0 Accept: text/htmlX-Jeedy-Secret: our_secret

KubernetesCluster

Logging


Pod

Logging

15/01/2020

Pod

Antonio Nappi 34

Logging

15/01/2020

PodShip, add custom fields

Antonio Nappi 35

Logging


Pod PodShip, add custom fields

Logging



Filter, parse and ship

Logging




3P

Logging




3P

Developers

Logging




3P

Developers

Logging




3P

3PDevelopers

Logging




3P

3P

Visualize

Developers

Metrics


Pod

Metrics


Pod

Metrics


Pod

Metrics


Pod Pod

Metrics


Pod PodPull

Metrics


Pod PodPull Ship

Metrics


Pod PodPull Ship 3P

Metrics


Pod PodPull Ship 3P

Developers

Metrics


Pod PodPull Ship 3P

Developers

Metrics


Pod PodPull Ship 3P

Developers3P

Metrics


Pod PodPull Ship 3P

Developers3P

Visualize

Collaboration with Oracle


Testing different opensource productsWebLogic Kubernetes OperatorWebLogic Deploy ToolingWebLogic Image Tool

WebLogic Deploy Tooling


FasterDecreases sensitively our configuration time

Domain config in YAML file.Configuration at runtime

Don’t need to store the domain in a Docker imageWorks with different WebLogic versions

12.1.3Problem related to Single Sign On configuration

Bug in WLST

WebLogic Image Tool


FasterAvoid to build our own packages (RPMs)

EasierExecution of two commands

Possibility to base WLS images on custom onesIntegration will happen in Q2

Credit: Lukas Gedvilas

WebLogic Kubernetes Operator


Opensource!!Way to do it

OperatorCustom Resource Definition

Use of deploy toolingExtremely fast Simpler

Currently not used at CERNNo support for old version (12.1.3)

Evaluate again during 2020

Next Steps : Part 1


Complete the migration of environments to Kubernetes (ongoing)12.2.1.3 WebLogic only in Kubernetes

PrometheusWebLogic Exporter

Replace Logstash and Filebeat with FluentdDisaster Recovery on the Cloud ( OCI )

Container Engine for Kubernetes

Lessons learned


Production environments can run on containersKubernetes standard de facto

Huge support from communityIncreased portability and dynamicity of the system

Open new doorsLet us focus on developers needsNo vendor lock-in

Infrastructure flexibilityEach piece can be changed with one of same logic

Security is trickyIt isn’t painlessAll that glitters is not gold

Everyday new toolsNot jump too fast on them

Images credits


https://plus.maths.org/content/round-peg-square-hole-or-square-peg-round-holehttps://giphy.com/gifs/aumanimation-8BkrxepXlKaWMbt5pK

https://plus.maths.org/content/round-peg-square-hole-or-square-peg-round-hole

https://giphy.com/gifs/aumanimation-8BkrxepXlKaWMbt5pK


THANK YOU


[email protected]

Documents

Deploying Oracle WebLogic Server on Kubernetes...No Java Message Service No Enterprise JavaBeans Developers Engineers Administration IT WebLogic at CERN 15/01/2020 Antonio Nappi 12