Improve weblogic for a better support regarding microservice arhitecture.

[cradules]

In the last few mounts, I have been working on a WebLogic microservice infrastructure and I did find a lot of points that need an improve.

I will start listing the issues, maybe they will be taken into consideration and fixed/improved.

• Script create-wls-domain.py is really outdated. I using Python 2.7 which was released on July 3rd, 2010. Many young ppl who working now never touch such an old version ... From here my iDE, etc generates so many errors/alerts. You should keep up to date with this kind of script also you should update the image to use python3.
• createWLSDomain.sh. Bad logic and writing. From trying to trap SIGKILL that is not possible, (an experienced Linux/UNIX admin will know that the kernel would not allow you to trap SIGKIL) to not have consistency.
• createWLSDomain.sh is not commented enough and if you don't understand Weblogic behaviour is quite a struggle to understand this script
• createWLSDomain.sh is bad as logic by not following the same consistency. It collects data from 2 streams, file properties and ENV. This force the user to maintain 2 streams, the question is why?

Example:

export DOMAIN_HOME=$DOMAIN_ROOT/$DOMAIN_NAME >> read from env
echo "Domain Home is:  $DOMAIN_HOME"

SEC_PROPERTIES_FILE=${PROPERTIES_FILE_DIR}/domain_security.properties  >> construct from a file
echo $SEC_PROPERTIES_FILE
if [ ! -e "${SEC_PROPERTIES_FILE}" ]; then
   echo "A properties file with the username and password needs to be supplied."
   exit
fi

# Get Username
USER=`awk '{print $1}' ${SEC_PROPERTIES_FILE} | grep username | cut -d "=" -f2`
if [ -z "${USER}" ]; then
   echo "The domain username is blank.  The Admin username must be set in the properties file." construct from a file
   exit
fi

# Get Password
PASS=`awk '{print $1}' ${SEC_PROPERTIES_FILE} | grep password | cut -d "=" -f2` >> construct from a file
if [ -z "${PASS}" ]; then
   echo "The domain password is blank.  The Admin password must be set in the properties file."
   exit
fi

Having stored passwords/users on files is BAD! This is a security issue. You are forcing users to write user and passwords on files in plain text. This should be stored only at ENV level because like this the user can create a process and populate the value of the key, at the running time and the value can be extracted from a VAULT in see secure mode and populate the KEY.

This is a major gap in your logic!

Another bad logic that can be destructive is :

if [ ! -f ${DOMAIN_HOME}/servers/${ADMIN_NAME}/logs/${ADMIN_NAME}.log ]; then
   # Create domain
   wlst.sh -skipWLSModuleScanning -loadProperties ${DOMAIN_PROPERTIES_FILE} -loadProperties ${SEC_PROPERTIES_FILE}  /u01/oracle/container-scripts/create-wls-domain.py
   -----

So you assume that this file will never be deleted after a domain is created? Well, that is wrong. When you have issues with space, the first thing you do is clean up the log files! If ppl are not aware of that they will just delete their domain, because if that file disappears from the disk, the env will be recreated! Again, you are using files to store usernames and passwords in files!

   mkdir -p ${DOMAIN_HOME}/servers/${ADMIN_NAME}/security/
   echo "username=${USER}" >> ${DOMAIN_HOME}/servers/${ADMIN_NAME}/security/boot.properties
   echo "password=${PASS}" >> ${DOMAIN_HOME}/servers/${ADMIN_NAME}/security/boot.properties

Also by forcing that, pushing a container on git, force users to create all kind of complicated .gitignore rules to exclude what is inside the log folder but not DOMAIN_HOME}/servers/${ADMIN_NAME}/logs/${ADMIN_NAME}.log. My question is why?

One more major issue is writing logs on disk. You should create the possibility that all info should be sent to stdout without writing on the disk. The new and modern infrastructure doesn't ship any more logs as a file but captures the stdout and ships the information on specialized solutions, like logstash or elastic search.

Is this the right solution for shipping logs to stdout?!

tail -f "${DOMAIN_HOME}"/servers/"${ADMIN_NAME}"/logs/"${ADMIN_NAME}".log &

The image build process is broken. The information in it is not enough for reaching the result of a docker image without errors.

You should check fmw_*_wls_Disk1_1of1.zip.download because if broken and nowhere says I have to download it from the official site and how ... took me a while to realize this file is bad I have to look for a good one!

As an improvement, you can also provide a docker-compose file for the users. This will make their life easier.

If my language is not the proper one, I do apologize and I hope you take into consideration all these problems.

Thank you!

For fixing all these issues, I had to refactor all your provided scripts.