WIP: Support for Openshift env with non-root(oracle) user

OracleWebLogic/samples/12213-webtier-apache/Dockerfile

@@ -1,42 +1,48 @@
 # Example of Apache HTTP Server with WebLogic plugin for load balancing WebLogic on Docker Containers
 #
-# Copyright (c) 2016-2019 Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2016-2020 Oracle and/or its affiliates.
 #
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 #
 # REQUIRED FILES TO BUILD THIS IMAGE
 # ----------------------------------
-# fmw_12.2.1.3.0_wlsplugins_Disk1_1of1.zip
+# For version 12.2.1.3 Required file fmw_12.2.1.3.0_wlsplugins_Disk1_1of1.zip
+# For Version 12.2.1.4 Required file fmw_12.2.1.4.0_wlsplugins_Disk1_1of1.zip
 # Download the generic installer from http://www.oracle.com/technetwork/middleware/webtier/downloads/index-jsp-156711.html and save it in this same folder.
 #
 # HOW TO BUILD THIS IMAGE
 # -----------------------
 # Put all downloaded files in the same directory as this Dockerfile
 # RUN:
-#      $ sh buildDockerImage.sh
+#      $ sh buildDockerImage.sh -v <version>
+#  The value of version is either 12.2.1.3 or 12.2.1.4   
 #
 # PULL BASE IMAGE
 # -----------------------------------
 FROM oraclelinux:7-slim
+#Defined ARG Variable VERSION to pass through the value to the environment variables
+ARG VERSION=12.2.1.3.0
 
 # Environment variables required for this build (do NOT change)
 # ----------------------------------------------
-ENV FMW_PKG="fmw_12.2.1.3.0_wlsplugins_Disk1_1of1.zip" \
-    PLUGINS_PKG="WLSPlugins12c-12.2.1.3.0.zip" \
-    PLUGIN_PKG="WLSPlugin12.2.1.3.0-Apache2.2-Apache2.4-Linux_x86_64-12.2.1.3.0.zip" \
-    PLUGIN_HOME="/root" \
+ENV FMW_PKG="fmw_${VERSION}_wlsplugins_Disk1_1of1.zip" \
+    PLUGINS_PKG="WLSPlugins12c-${VERSION}.zip" \
+    PLUGIN_PKG="WLSPlugin${VERSION}-Apache2.2-Apache2.4-Linux_x86_64-${VERSION}.zip" \
+    PLUGIN_HOME="/u01/oracle" \
     MOD_WLS_PLUGIN="mod_wl_24.so" \
-    LD_LIBRARY_PATH="/root/lib" \
+    LD_LIBRARY_PATH="/u01/oracle/lib" \
     WEBLOGIC_CLUSTER="server0:7002,server1:7002" \
     LOCATION="/weblogic" \
     WEBLOGIC_HOST="wlsadmin" \
-    WEBLOGIC_PORT="7001" 
-
+    WEBLOGIC_PORT="7001" \
+    NonPriviledgedPorts="false" \
+    VERSION="$VERSION"
 
 # Copy required files to build this image
 # ------------------------------------------------------
 COPY $FMW_PKG /tmp/
 COPY weblogic.conf /etc/httpd/conf.d/ 
+COPY pluginWeblogic.conf /etc/ld.so.conf.d/
 COPY custom_mod_wl_apache.conf.sample /config/custom_mod_wl_apache.conf
 COPY custom_mod_wl_apache.conf.sample /configtmp/custom_mod_wl_apache.conf
 COPY custom_mod_ssl_apache.conf.sample /configtmp/custom_mod_ssl_apache.conf
@@ -46,16 +52,38 @@ COPY container-scripts/* /u01/oracle/container-scripts/
 
 # Use unzip because the base image does not contain a JDK
 # Note that adding unzip does not noticeably increase the size of the image
-RUN yum install -y unzip httpd libaio mod_ssl.x86_64 && \
+RUN yum install -y sudo unzip httpd libaio mod_ssl.x86_64 && \
+    groupadd sudo && \					 
+    useradd -b /u01 -d /u01/oracle -m -G sudo -s /bin/bash oracle && \
+    touch /etc/sudoers && \
+    sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' && \
+    sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' && \
+    echo "oracle ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \
     unzip /tmp/$FMW_PKG -d /tmp && \
     unzip /tmp/$PLUGINS_PKG -d /tmp && \
     unzip /tmp/$PLUGIN_PKG -d $PLUGIN_HOME && \
     sed -i -e "s;logs/error_log;/proc/self/fd/2;" /etc/httpd/conf/httpd.conf && \
     sed -i -e "s;logs/access_log;/proc/self/fd/1;" /etc/httpd/conf/httpd.conf && \
-    rm /tmp/$PLUGINS_PKG /tmp/WLSPlugin12.2.1.3.0-*.zip /tmp/$FMW_PKG /tmp/fmw_12213_readme*
+    sed -i -e "s;User apache;User oracle;" /etc/httpd/conf/httpd.conf && \
+    sed -i -e "s;Group apache;Group oracle;" /etc/httpd/conf/httpd.conf && \
+    sed -i -e "s;root apache;oracle oracle;" /usr/lib/tmpfiles.d/httpd.conf && \
+    sed -i -e "s;apache apache;oracle oracle;" /usr/lib/tmpfiles.d/httpd.conf && \
+    chown -R oracle /var/log/httpd && \
+    chown oracle  -R /etc/httpd/logs/ && \
+    chown oracle -R /etc/pki/tls/certs/localhost.crt && \
+    chown oracle -R /etc/pki/tls/private/localhost.key && \
+    setcap cap_net_bind_service=+epi /usr/sbin/httpd && \
+    ldconfig && \
+    rm /tmp/$PLUGINS_PKG /tmp/WLSPlugin${VERSION}-*.zip /tmp/$FMW_PKG /tmp/fmw_12*_readme* && \
+    chown oracle:oracle -R /u01 && \
+    chown oracle:oracle -R /tmp && \
+    chown oracle:oracle -R /config && \
+    chown oracle:oracle -R /run
 
 #Expose ports
 EXPOSE 80 4433
 
+USER oracle 
+
 # Provision Apache instance
 CMD ["/u01/oracle/container-scripts/run-httpd.sh"]

OracleWebLogic/samples/12213-webtier-apache/README.md

@@ -1,42 +1,51 @@
 Apache HTTP Server with Oracle WebLogic Server Proxy Plugin on Docker
 ===============
-This project includes a quick start Dockerfile and samples for standalone Apache HTTP Server with the 12.2.1.3.0 Oracle WebLogic Server Proxy Plugin based on Oracle Linux. The certification of Apache on Docker does not require the use of any file presented in this repository. Customers and users are welcome to use them as starters, and customize, tweak, or create from scratch, new scripts and Dockerfiles.
+This project includes a Dockerfile and samples for standalone Apache HTTP Server with the 12.2.1.3.0 and 12.2.1.4.0 Oracle WebLogic Server Proxy Plugin based on Oracle Linux. This is a generic Docker File and can be used to build apache images of different versions and to support containers to run on differnet ports i.e 80 and 8080. The certification of Apache on Docker does not require the use of any file presented in this repository. Customers and users are welcome to use them as starters, and customize, tweak, or create from scratch, new scripts and Dockerfiles.The only supported versions are 12.2.1.3.0 & 12.2.1.4.0.
 
 ## Build Apache With the Plugin Docker Image
 
-This project offers a Dockerfile for the Apache HTTP Server with the Oracle WebLogic Server Proxy Plugin in standalone mode. To assist in building the images, you can use the  `buildDockerImage.sh` script. See below for instructions and usage.
+This project offers a generic Dockerfile for the Apache HTTP Server with the Oracle WebLogic Server Proxy Plugin in standalone mode to build different verions of the `Apache` image. To assist in building the images, you can use the  `buildDockerImage.sh` script. The only supported versions are 12.2.1.3.0 & 12.2.1.4.0. See below for instructions and usage.
 
-The `buildDockerImage.sh` script is a utility shell script that performs MD5 checks and is an easy way for beginners to get started. Expert users are welcome to directly call `docker build` with their preferred set of parameters.
+The `buildDockerImage.sh` script is a utility shell script that performs MD5 checks and construct the build args based on the verion of the apache image to be built, is an easy way for beginners to get started. Expert users are welcome to directly call `docker build` with their preferred set of parameters.
 
-IMPORTANT: You have to download the `Oracle WebLogic Server Proxy Plugin 12.2.1.3.0` package (see the `.download` file) and place it in this directory.
+IMPORTANT: You have to download the `Oracle WebLogic Server Proxy Plugin` of version 12.2.1.3.0 and 12.2.1.4.0  package (see the `.download` file) and place it in this directory.
 
-Run the `buildDockerImage.sh` script.
+Run the `buildDockerImage.sh` script with version option `-v`.
 
-        $ sh buildDockerImage.sh
+        $ sh buildDockerImage.sh -v <Verion of the image to be built>
+For Example to built the image for version 12.2.1.4.0 
+        $ sh buildDockerImage.sh -v 12.2.1.4.0
 
 ## Run the Apache HTTP Server in a Container
 
-Run an Apache container to access an Administration Server, or a Managed Server, in a non-clustered environment that is running on `<host>` and listening to `<port>`.
-
-        $ docker run -d -e WEBLOGIC_HOST=<host> -e WEBLOGIC_PORT=<port> -p 80:80 oracle/apache:12.2.1.3
+Run an Apache container on supported versions  to access an Administration Server, or a Managed Server, in a non-clustered environment that is running on `<host>` and listening to `<port>`.
 
+        $ docker run -d -e WEBLOGIC_HOST=<host> -e WEBLOGIC_PORT=<port> -p 80:80 oracle/apache:<version>
+Similarly, Apache container in NonPriviledgedPort (8080) 		
+        $ docker run -d -e WEBLOGIC_HOST=<host> -e WEBLOGIC_PORT=<port> -e NonPriviledgedPorts=true -p 8080:8080 oracle/apache:<version>
+
 Run an Apache image to proxy and load balance to a list of Managed Servers in a cluster.
 
         Use a list of hosts and ports.
 
-        $ docker run -d -e WEBLOGIC_CLUSTER=host1:port,host2:port,host3:port -p 80:80 oracle/apache:12.2.1.3
+        $ docker run -d -e WEBLOGIC_CLUSTER=host1:port,host2:port,host3:port -p 80:80 oracle/apache:<version>
 
-        Or use a cluster URL if it is available
+Similarly, Apache container in NonPriviledgedPort (8080) 		
 
-        $ docker run -d -e WEBLOGIC_CLUSTER=<cluster-url> -p 80:80 oracle/apache:12.2.1.3
+        $ docker run -d -e WEBLOGIC_CLUSTER=host1:port,host2:port,host3:port -e NonPriviledgedPorts=true -p 8080:8080 oracle/apache:<version>
+        Or use a cluster URL if it is available
 
+        $ docker run -d -e WEBLOGIC_CLUSTER=<cluster-url> -p 80:80 oracle/apache:<version>
+Similarly, Apache container in NonPriviledgedPort (8080) 		
+        $ docker run -d -e WEBLOGIC_CLUSTER=<cluster-url> -e NonPriviledgedPorts=true -p 8080:8080 oracle/apache:<version>
+
 The values of `WEBLOGIC_CLUSTER` must be valid and correspond to existing containers running WebLogic Servers.
 
 ### Administration Server Only Example
 
 First, make sure that you have the WebLogic Server 12.2.1.3 install image. Pull the WebLogic install image from the DockerStore, `store/oracle/weblogic:12.2.1.3`, or build your own image, `oracle/weblogic:12.2.1.3-developer`, at [https://github.com/oracle/docker-images/tree/master/OracleWebLogic/dockerfiles/12.2.1.3](https://github.com/oracle/docker-images/tree/master/OracleWebLogic/dockerfiles/12.2.1.3).
 
-Start a container from the WebLogic install image. During runtime, you can override the default values of the following parameters with the `-e` option:
+Start a container from the WebLogic install image on supported versions. During runtime, you can override the default values of the following parameters with the `-e` option:
 
         ADMIN_NAME (default: AdminServer)
         ADMIN_PORT (default: 7001)
@@ -52,39 +61,69 @@ NOTE: To set the `DOMAIN_NAME`, you must set both `DOMAIN_NAME` and `DOMAIN_HOME
                      -e DOMAIN_HOME=/u01/oracle/user_projects/domains/abc_domain \
                      -e DOMAIN_NAME=abc_domain \
                      -p 7001:7001 \
-                     store/oracle/weblogic:12.2.1.3
+                     store/oracle/weblogic:<version>
 
-Start an Apache container by calling:
+Start an Apache container on default port by calling:
 
         $ docker run -d --name apache \
                      -e WEBLOGIC_HOST=<admin-host> \
                      -e WEBLOGIC_PORT=7001 \
                      -p 80:80 \
-                     oracle/apache:12.2.1.3
+                     oracle/apache:<version>
 
 Now you can access the WebLogic Server Administration Console under `http://localhost/console` (default to port 80) instead of using port 7001. You can access the Console from a remote machine using the WebLogic Administration Server's `<admin-host>` instead of `localhost`.
 
+Start an Apache container on NonPriviledgedPort by calling:
+
+        $ docker run -d --name apache \
+                     -e WEBLOGIC_HOST=<admin-host> \
+                     -e WEBLOGIC_PORT=7001 \
+                     -e NonPriviledgedPorts=true \
+                     -p 8080:8080 \
+                     oracle/apache:<version>
+
+
+Now you can access the WebLogic Server Administration Console under `http://localhost:8080/console` (NonPriviledgedPort 8080) instead of using port 7001. You can access the Console from a remote machine using the WebLogic Administration Server's `<admin-host>` instead of `localhost`.
+
 ## Provide Your Own Apache Plugin Configuration
 If you want to start the Apache container with some pre-specified `mod_weblogic` configuration:
 
 * Create a `custom_mod_wl_apache.conf` file by referring to `custom_mod_wl_apache.conf.sample` and Chapter 3 of the [Fusion Middleware Using Oracle WebLogic Server Proxy Plug-Ins](https://docs.oracle.com/middleware/12213/webtier/develop-plugin/apache.htm#GUID-231FB5FD-8D0A-492A-BBFD-DC12A31BF2DE) documentation.
 
 * Place the `custom_mod_wl_apache.conf` file in a directory `<host-config-dir>` on the host machine and then mount this directory into the container at the location `/config`. By doing so, the contents of the host directory `<host-config-dir>` (and hence `custom_mod_wl_apache.conf`) will become available in the container at the mount point.
 
-This mounting can be done by using the `-v` option with the `docker run` command as shown below.
+This mounting can be done by using the `-v` option with the `docker run` command on `default port` as shown below.
 
         $ docker run -v <host-config-dir>:/config -w /config \
                      -d -e WEBLOGIC_HOST=<admin-host> \
                      -e WEBLOGIC_PORT=7001 \
-                     -p 80:80 oracle/apache:12.2.1.3
+                     -p 80:80 oracle/apache:<version>
+
+     on NonPriviledgedPort (8080) as shown below
+
+        $ docker run -v <host-config-dir>:/config -w /config \
+                     -d -e WEBLOGIC_HOST=<admin-host> \
+                     -e WEBLOGIC_PORT=7001 \
+                     -e NonPriviledgedPorts=true \
+                     -p 8080:8080 oracle/apache:<version>
 
 **Note**: You can also mount the file directly as follows:
 
         $ docker run \
             -v <host-config-dir>/custom_mod_wl_apache.conf:/config/custom_mod_wl_apache.conf  \
             -w /config -d -e WEBLOGIC_HOST=<admin-host> \
             -e WEBLOGIC_PORT=7001 \
-            -p 80:80 oracle/apache:12.2.1.3
+            -p 80:80 oracle/apache:<version>
+
+    on NonPriviledgedPort (8080)
+
+        $ docker run \
+            -v <host-config-dir>/custom_mod_wl_apache.conf:/config/custom_mod_wl_apache.conf  \
+            -w /config -d -e WEBLOGIC_HOST=<admin-host> \
+            -e WEBLOGIC_PORT=7001 \
+            -e NonPriviledgedPorts=true \
+            -p 8080:8080 oracle/apache:<version>
+
 
 After the mounting is done, the `custom_mod_wl_apache.conf` file will replace the built-in version of the file.
 
@@ -107,7 +146,8 @@ For demo and quick testing purposes, you could use auto-generation of the certif
                      --volume-driver local \
                      -v <host-config-dir>:/config \
                      -w /config \
-                     oracle/apache:12.2.1.3
+                     oracle/apache:<version>
+
 
 Use `VIRTUAL_HOST_NAME` to specify the `VirtualHostName` of the Apache HTTP server. If `VIRTUAL_HOST_NAME` is not set, SSL will not be enabled.
 
@@ -129,7 +169,7 @@ In production, Oracle strongly recommends that you provide your own certificates
                      -p 4433:4433 \
                      -v <host-config-dir>:/config \
                      -w /config \
-                     oracle/apache:12.2.1.3
+                     oracle/apache:<version>
 
 Use `SSL_CERT_FILE` and `SSL_CERT_KEY_FILE` to specify the name of the certificate and key files, including the path in the container's file system. Both of the environment variables need to be set.
 

OracleWebLogic/samples/12213-webtier-apache/buildDockerImage.sh

@@ -6,9 +6,9 @@
 #
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 #
-# Copyright (c) 2016-2018 Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2016-2020 Oracle and/or its affiliates.
 #
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 #
 usage() {
 cat << EOF
@@ -17,12 +17,12 @@ Usage: buildDockerImage.sh -v [version] [-s]
 Builds a Docker Image for Apache HTTP Server (standalone) .
 
 Parameters:
-   -v: Release version to build. Required. E.g 12.2.1.3.0
+   -v: Release version to build. Required. E.g 12.2.1.3.0 or 12.2.1.4.0 (default version : 12.2.1.3.0)
    -s: skips the MD5 check of packages
 
 LICENSE Universal Permissive License v1.0
 
-Copyright (c) 2016-2018: Oracle and/or its affiliates. All rights reserved.
+Copyright (c) 2016-2020: Oracle and/or its affiliates.
 
 
 EOF
@@ -33,7 +33,7 @@ exit 0
 # Validate packages
 checksumPackages() {
   echo "Checking if required packages are present and valid..."
-  md5sum -c *.download
+   md5sum -c fmw_${VERSION}_wlsplugins_Disk1_1of1.zip.download
   if [ "$?" -ne 0 ]; then
     echo "MD5 for required packages to build this image did not match!"
     echo "Make sure to download missing files in folder dockerfiles. See *.download files for more information"
@@ -42,9 +42,10 @@ checksumPackages() {
 }
 
 
-#Parameters
+#Default value of Parameters 
 VERSION="12.2.1.3.0"
 SKIPMD5=0
+
 while getopts "hsdgiv:" optname; do
   case "$optname" in
     "h")
@@ -63,17 +64,37 @@ while getopts "hsdgiv:" optname; do
   esac
 done
 
-# Apache Image Name
-IMAGE_NAME="oracle/apache:12.2.1.3"
 
-# cd $VERSION
+# Validate Versions, supported versions 12.2.1.3.0 and 12.2.1.4.0
+
+versionOK=false
+if [ "${VERSION}" = "NONE" ]; then
+   VERSION="12.2.1.3.0"
+   versionOK=true
+else
+  if [ ${VERSION} = 12.2.1.3.0 -o ${VERSION} = 12.2.1.4.0 ]; then
+       versionOK=true
+  fi
+fi
+
+# Confirm Versions Before starting the Build
+if [ "${versionOK}" = "false" ]; then
+  echo "ERROR: Incorrect version ${VERSION} specified"
+  usage
+fi
 
 if [ ! "$SKIPMD5" -eq 1 ]; then
   checksumPackages
 else
   echo "Skipped MD5 checksum."
 fi
 
+# Apache Image Name
+IMAGE_NAME="oracle/apache:${VERSION%??}"
+
+# Build  Arg Version
+ARG_VERSION=" --build-arg VERSION=${VERSION}"
+
 # Proxy settings
 PROXY_SETTINGS=""
 if [ "${http_proxy}" != "" ]; then
@@ -101,9 +122,10 @@ fi
 # ################## #
 echo "Building image '$IMAGE_NAME' ..."
 echo "Proxy Settings '$PROXY_SETTINGS'"
+echo "Build Arg Version '$ARG_VERSION'"
 # BUILD THE IMAGE (replace all environment variables)
 BUILD_START=$(date '+%s')
-docker build --force-rm=true --no-cache=true $PROXY_SETTINGS -t $IMAGE_NAME -f Dockerfile . || {
+docker build  --force-rm=true --no-cache=true $PROXY_SETTINGS -t $IMAGE_NAME  $ARG_VERSION -f Dockerfile . || {
   echo "There was an error building the image."
   exit 1
 }

OracleWebLogic/samples/12213-webtier-apache/container-scripts/run-httpd.sh

@@ -6,13 +6,19 @@
 #
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 #
-# Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2018-2020 Oracle and/or its affiliates.
 #
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 # Apache gets grumpy about PID files pre-existing
 rm -f /run/httpd/httpd.pid
 
+# Inorder to listen the apache container on port 8080, the variable NonPriviledgedPorts to be set to true.
+# Oracle user to update httpd conf file to support apache container on NonPriviledgedPorts 
+if [ ${NonPriviledgedPorts} = "true" ]; then
+  sudo  sed -i -e "s;Listen 80;Listen 8080;" /etc/httpd/conf/httpd.conf  
+fi
+
 echo $SSL_CERT_FILE $SSL_CERT_KEY_FILE $VIRTUAL_HOST_NAME 
 
 if [ ! -f /config/custom_mod_wl_apache.conf ]; then
@@ -33,7 +39,8 @@ else
   fi
 
   # We only copy this file when SSL is enabled
-  cp /configtmp/custom_mod_ssl_apache.conf /etc/httpd/conf.d/
+  sudo cp /configtmp/custom_mod_ssl_apache.conf /etc/httpd/conf.d/
+  # Copied in the Docker File
 
   if [ -z ${SSL_CERT_FILE} ] || [ -z ${SSL_CERT_KEY_FILE} ]; then
     echo Warning: both SSL_CERT_FILE and SSL_CERT_KEY_FILE need to be specified.

OracleWebLogic/samples/12213-webtier-apache/fmw_12.2.1.4.0_wlsplugins_Disk1_1of1.zip.download

@@ -0,0 +1,3 @@
+# Download file fmw_12.2.1.4.0_wlsplugins_Disk1_1of1.zip from the following address:
+# - http://www.oracle.com/technetwork/middleware/webtier/downloads/index-jsp-156711.html
+ea182660b566c84367667ee1ba9d2c12  fmw_12.2.1.4.0_wlsplugins_Disk1_1of1.zip