如何搭建 Oracle Access Manager

发表于 更新于

大纲

参考 https://docs.oracle.com/en/middleware/idm/access-manager/12.2.1.4/tutorial-oam-docker/#Background 使用方法2获取OAM镜像

  1. Download a prebuilt OAM image from Oracle Container Registry by by navigating to Middleware > oam. This image contains no patches and should only be used in Developer or Test environments.

下载到的OAM镜像用于跑起来三个OAM容器

  • WebLogic Administration Server (AdminServer)
  • OAM Managed Server (oam_server1)
  • OAM Policy Manager Managed Server (oam_policy_mgr1)

跑起来这三个容器依赖一个可用的Oracle数据库

步骤汇总

  1. 创建一台全新的Ubuntu18.04,切换到root用户。

  2. https://hub.docker.com/_/oracle-database-enterprise-editionhttps://container-registry.oracle.com/ 登录账号后同意协议。(参考步骤二)

  3. 安装docker

    1
    2
    apt update
    apt install docker.io

  4. docker 登录dockerhub 和 container-registry.oracle.com

    1
    2
    3
    4
    docker login
    	输入 login.docker.com 的账号密码	
    docker login container-registry.oracle.com
    	输入 login.oracle.com 的账号密码

  5. 拉取两个镜像

    1
    2
    docker pull store/oracle/database-enterprise:12.2.0.1
    docker pull container-registry.oracle.com/middleware/oam:12.2.1.4.0

  6. 一些准备工作

    1
    2
    3
    docker network create -d bridge OamNET
    mkdir -p /scratch/user_projects
    chmod 777 /scratch/user_projects

  7. 启动四个容器(将172.17.0.1替换为docker虚拟网卡网关的IP)

    1
    2
    3
    4
    docker run -d -it --name myOracleDB -p 1521:1521 store/oracle/database-enterprise:12.2.0.1
    docker run -d --network=OamNET -p 7001:7001 --name=oamadmin --env CONNECTION_STRING=172.17.0.1:1521/ORCLPDB1.localdomain --env ADMIN_LISTEN_HOST=oamadmin --env DOMAIN_NAME=access_domain --env ADMIN_USER=weblogic --env ADMIN_PASSWORD=W3bl@gic --env ADMIN_LISTEN_PORT=7001 --env RCUPREFIX=OAM1 --env DB_USER=sys --env DB_PASSWORD=Oradoc_db1 --env DB_SCHEMA_PASSWORD=Oradoc_db2 -v /scratch/user_projects/:/u01/oracle/user_projects container-registry.oracle.com/middleware/oam:12.2.1.4.0
    docker run -d -p 14100:14100 --network=OamNET --volumes-from oamadmin --name oamms --env DOMAIN_NAME=access_domain --env ADMIN_USER=weblogic --env ADMIN_PASSWORD=W3bl@gic --env ADMIN_LISTEN_HOST=oamadmin --env ADMIN_LISTEN_PORT=7001 --env MANAGEDSERVER_PORT=14100 --env MANAGED_SERVER_CONTAINER=true --env MS_NAME=oam_server1 --env MS_HOST=oamms container-registry.oracle.com/middleware/oam:12.2.1.4.0 "/u01/oracle/dockertools/startMS.sh"
    docker run -d -p 15100:15100 --network=OamNET --volumes-from oamadmin --name oampolicy --env DOMAIN_NAME=access_domain --env ADMIN_USER=weblogic --env ADMIN_PASSWORD=W3bl@gic --env ADMIN_LISTEN_HOST=oamadmin --env ADMIN_LISTEN_PORT=7001 --env MANAGEDSERVER_PORT=15100 --env MANAGED_SERVER_CONTAINER=true --env MS_NAME=oam_policy_mgr1 --env MS_HOST=oampolicy container-registry.oracle.com/middleware/oam:12.2.1.4.0 "/u01/oracle/dockertools/startMS.sh"

  8. 查看各服务IP

    1
    docker inspect -f '{{.Name}} - {{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' oamadmin oamms oampolicy myOracleDB

  9. 使用以下链接访问服务。(192.168.0.105为虚拟机IP)

    1
    2
    3
    4
    5
    6
    7
    账号:weblogic  密码:W3bl@gic

    WebLogic Administration Console   http://192.168.0.105:7001/console         
    Oracle Enterprise Manager Console http://192.168.0.105:7001/em       
    Oracle Access Management Console  http://192.168.0.105:7001/oamconsole
    OAM Server Logout                 http://192.168.0.105:14100/oam/server/logout
    Policy Manager Access             http://192.168.0.105:15100/access

①运行Oracle数据库

创建Oracle数据库

参考 https://hub.docker.com/_/oracle-database-enterprise-edition 登陆账号后跳转到 https://hub.docker.com/u/findneo/content/sub-3762ef81-7448-4275-909b-df7e6b5d4070 ,同意协议。

1
2
3
4
5
6
7
8
sudo docker login 
# 输入docker hub的账号密码

sudo docker pull store/oracle/database-enterprise:12.2.0.1
# 拉取镜像

sudo docker run -d -it --name myOracleDB -p 1521:1521 store/oracle/database-enterprise:12.2.0.1
# 运行起来一个Oracle数据库,并且开放到本地的1521端口

测试数据库连接

安装sqlplus

参考https://askubuntu.com/questions/159939/how-to-install-sqlplus

step1:

1
sudo apt-get install alien

step2:

https://www.oracle.com/database/technologies/instant-client/linux-x86-64-downloads.html 下载3个文件
oracle-instantclient12.2-basic-12.2.0.1.0-1.x86_64.rpm
oracle-instantclient12.2-sqlplus-12.2.0.1.0-1.x86_64.rpm
oracle-instantclient12.2-devel-12.2.0.1.0-1.x86_64.rpm

step3:

1
2
3
sudo alien -i oracle-instantclient*-basic*.rpm
sudo alien -i oracle-instantclient*-sqlplus*.rpm
sudo alien -i oracle-instantclient*-devel*.rpm

step4:

sudo apt-get install libaio1

step5:

1
2
sudo sensible-editor /etc/ld.so.conf.d/oracle.conf
# 粘贴 /usr/lib/oracle/12.2/client64/lib/

step6:

sudo ldconfig

step7 测试链接

1
2
sqlplus64 sys/Oradoc_db1@//127.0.0.1:1521/ORCLCDB.localdomain as sysdba
sqlplus64 sys/Oradoc_db1@//172.17.0.1:1521/ORCLPDB1.localdomain as sysdba

Image

其他:sqlplus64的用法

sqlplus64的用法:sqlplus [ [<option>] [{logon | /nolog}] [<start>] ]

其中<logon>

1
{<username>[/<password>][@<connect_identifier>] | / } [AS {SYSDBA | SYSOPER | SYSASM | SYSBACKUP | SYSDG | SYSKM | SYSRAC}] [EDITION=value]

其中<connect_identifier>可以是如下格式 @[<net_service_name> | [//]Host[:Port]/<service_name>]

如何知道 service_name 或者 net_service_name?Oracle数据库容器镜像文档service_name定义在环境变量TNS_ADMIN定义的目录下的tnsnames.ora文件中,
进容器看到 TNS_ADMIN=/u01/app/oracle/product/12.2.0/dbhome_1/admin/ORCLCDB ,tnsnames.ora文件内容为

1
2
ORCLCDB =   (DESCRIPTION =     (ADDRESS = (PROTOCOL = TCP)(HOST = 0.0.0.0)(PORT = 1521))     (CONNECT_DATA =       (SERVER = DEDICATED)       (SERVICE_NAME = ORCLCDB.localdomain)     )   )
ORCLPDB1 =   (DESCRIPTION =     (ADDRESS = (PROTOCOL = TCP)(HOST = 0.0.0.0)(PORT = 1521))     (CONNECT_DATA =       (SERVER = DEDICATED)       (SERVICE_NAME = ORCLPDB1.localdomain)     )   )

所以 SERVICE_NAME 可以是 ORCLCDB.localdomain 或者 ORCLPDB1.localdomain

②下载OAM镜像

进入 https://container-registry.oracle.com/ ,点击右上角Sign In,登陆自己的Oracle账号,然后点击MiddleWare,然后点击OAM。

Image

Image

在右侧区域同意协议,然后才可以下载。

Image

否则即使docker login,还是无法下载,会提示

Error response from daemon: pull access denied for container-registry.oracle.com/middleware/oam, repository does not exist or may require ‘docker login’: denied: requested access to the resource is denied。

Image

同意协议之后执行以下命令

1
sudo docker login container-registry.oracle.com

输入在Oracle注册的账号密码

1
sudo docker pull container-registry.oracle.com/middleware/oam:12.2.1.4.0

Image

③创建容器一

参考教程创建OAM Administration Server Container,其中包含WebLogic 和OAM Consoles.

1
2
3
4
5
6
7
8
sudo docker images
sudo docker network create -d bridge OamNET
# 14f104a67b0819335f9490dadc3e4003540bcdbb7b19436b2aea56250a5f2713

sudo mkdir -p /scratch/user_projects
sudo chmod 777 /scratch/user_projects

sudo docker run -d --network=OamNET -p 7001:7001 --name=oamadmin --env CONNECTION_STRING=127.0.0.1:1521/ORCLCDB.localdomain --env ADMIN_LISTEN_HOST=oamadmin --env DOMAIN_NAME=access_domain --env ADMIN_USER=weblogic --env ADMIN_PASSWORD=password --env ADMIN_LISTEN_PORT=7001 --env RCUPREFIX=OAM1 --env DB_USER=sys --env DB_PASSWORD=Oradoc_db1 --env DB_SCHEMA_PASSWORD=password -v /scratch/user_projects/:/u01/oracle/user_projects container-registry.oracle.com/middleware/oam:12.2.1.4.0

可能会连不上,使用以下命令调试,看看错误是什么

1
sudo docker run --rm --network=OamNET -p 7001:7001 --name=oamadmin --env CONNECTION_STRING=127.0.0.1:1521/ORCLCDB.localdomain --env ADMIN_LISTEN_HOST=oamadmin --env DOMAIN_NAME=access_domain --env ADMIN_USER=weblogic --env ADMIN_PASSWORD=password --env ADMIN_LISTEN_PORT=7001 --env RCUPREFIX=OAM1 --env DB_USER=sys --env DB_PASSWORD=Oradoc_db1 --env DB_SCHEMA_PASSWORD=password -v /scratch/user_projects/:/u01/oracle/user_projects container-registry.oracle.com/middleware/oam:12.2.1.4.0

报错及解决

报错一:无法连接数据库

1
2
Unable to connect to the database using the provided details.
Enter a valid hostname and port or check if the listener is up and running

解决一:使用正确的IP

需要注意CONNECTION_STRING是从新建的容器中访问的,所以给的IP应该是容器网卡的网关或者主机的,比如 172.17.0.1,而不是127.0.0.1。

报错二:无法连接CDB

1
The selected Oracle database is a multitenant container database (CDB). Connecting to a multitenant container database (CDB) is not supported. Instead, connect to a valid pluggable database (PDB).

解决二:使用PDB

PDB和CDB是Oracle12的新特性,CDB是多租的。Oracle 数据库 12 c 多租户选项允许单个容器数据库 (CDB) 来承载多个单独的可插拔数据库 (PDB)。

——https://www.cnblogs.com/kerrycode/p/3386917.html

使用以下语句查看自己是否是所租数据库

1
select name, decode(cdb, 'YES', 'Multitenant Option enabled', 'Regular 12c Database: ') "Multitenant Option" , open_mode, con_id from v$database;

结果

1
2
3
NAME      Multitenant Option         OPEN_MODE              CON_ID
--------- -------------------------- -------------------- ----------
ORCLCDB   Multitenant Option enabled READ WRITE            0

或者直接 

1
select cdb from v$database

YES表示该数据库是CDB,如果是NO表示是NO-CDB(普通数据库)

或者执行

1
show pdbs;

结果

1
2
3
   CON_ID CON_NAME              OPEN MODE  RESTRICTED
---------- ------------------------------ ---------- ----------
     2 PDB$SEED              READ ONLY  NO

搜索 “how to connect to pdb directly” ,参考此文 想到通过新建服务连接到PDB。然后注意到/u01/app/oracle/product/12.2.0/dbhome_1/admin/ORCLCDB/tnsnames.ora 文件内容如下,其中已经包括两个Service。

1
2
ORCLCDB =   (DESCRIPTION =     (ADDRESS = (PROTOCOL = TCP)(HOST = 0.0.0.0)(PORT = 1521))     (CONNECT_DATA =       (SERVER = DEDICATED)       (SERVICE_NAME = ORCLCDB.localdomain)     )   )
ORCLPDB1 =   (DESCRIPTION =     (ADDRESS = (PROTOCOL = TCP)(HOST = 0.0.0.0)(PORT = 1521))     (CONNECT_DATA =       (SERVER = DEDICATED)       (SERVICE_NAME = ORCLPDB1.localdomain)     )   )

所以只要,创建容器时CONNECTION_STRING 使用 172.17.0.1:1521/ORCLPDB1.localdomain 而不是 172.17.0.1:1521/ORCLCDB.localdomain 就能解决这个错误。

报错三:无法执行SQL

1
2
3
ERROR - RCU-6005 Unable to execute sql query.
CAUSE - RCU-6005 Database not in open state.
ACTION - RCU-6005 Make sure that the database is open.

解决三:打开PDB

为了解决报错二胡乱操作了数据库,其中一个动作关闭了PDB,从而导致了这个错误。打开它就好了。

SQL> select name,open_mode from v$pdbs;

1
2
3
4
5
6
NAME
--------------------------------------------------------------------------------
OPEN_MODE
----------
ORCLPDB1
MOUNTED

SQL> alter pluggable database ORCLPDB1 open;

1
Pluggable database altered.

SQL> select name,open_mode from v$pdbs;

1
2
3
4
5
6
NAME
--------------------------------------------------------------------------------
OPEN_MODE
----------
ORCLPDB1
READ WRITE

报错四:创建domain失败

日志详情:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
CONNECTION_STRING=172.17.0.1:1521/ORCLPDB1.localdomain
RCUPREFIX=OAM1
DOMAIN_HOME=/u01/oracle/user_projects/domains/access_domain
INFO: Admin Server not configured. Will run RCU and Domain Configuration Phase...
Configuring Domain for first time 
Start the Admin and Managed Servers  
=====================================
Loading RCU Phase
=================
CONNECTION_STRING=172.17.0.1:1521/ORCLPDB1.localdomain
RCUPREFIX=OAM1
jdbc_url=jdbc:oracle:thin:@172.17.0.1:1521/ORCLPDB1.localdomain
Creating Domain 1st execution
Loading RCU into database with RCUPREFIX OAM1
Domain Configuration Phase
==========================
/u01/oracle/oracle_common/common/bin/wlst.sh -skipWLSModuleScanning /u01/oracle/dockertools/create_domain.py -oh /u01/oracle -jh /u01/jdk -parent /u01/oracle/user_projects/domains -name access_domain -user weblogic -password password -rcuDb 172.17.0.1:1521/ORCLPDB1.localdomain -rcuPrefix OAM1 -rcuSchemaPwd password -isSSLEnabled true
Cmd is /u01/oracle/oracle_common/common/bin/wlst.sh -skipWLSModuleScanning /u01/oracle/dockertools/create_domain.py -oh /u01/oracle -jh /u01/jdk -parent /u01/oracle/user_projects/domains -name access_domain -user weblogic -password password -rcuDb 172.17.0.1:1521/ORCLPDB1.localdomain -rcuPrefix OAM1 -rcuSchemaPwd password -isSSLEnabled true

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

create_domain.py called with the following inputs:
INFO: sys.argv[0] = /u01/oracle/dockertools/create_domain.py
INFO: sys.argv[1] = -oh
INFO: sys.argv[2] = /u01/oracle
INFO: sys.argv[3] = -jh
INFO: sys.argv[4] = /u01/jdk
INFO: sys.argv[5] = -parent
INFO: sys.argv[6] = /u01/oracle/user_projects/domains
INFO: sys.argv[7] = -name
INFO: sys.argv[8] = access_domain
INFO: sys.argv[9] = -user
INFO: sys.argv[10] = weblogic
INFO: sys.argv[11] = -password
INFO: sys.argv[12] = password
INFO: sys.argv[13] = -rcuDb
INFO: sys.argv[14] = 172.17.0.1:1521/ORCLPDB1.localdomain
INFO: sys.argv[15] = -rcuPrefix
INFO: sys.argv[16] = OAM1
INFO: sys.argv[17] = -rcuSchemaPwd
INFO: sys.argv[18] = password
INFO: sys.argv[19] = -isSSLEnabled
INFO: sys.argv[20] = true
INFO: Creating Admin server...
INFO: Enabling SSL PORT for AdminServer...
Error: set() failed. Do dumpStack() to see details.
Error: runCmd() failed. Do dumpStack() to see details.
Problem invoking WLST - Traceback (innermost last):
  File "/u01/oracle/dockertools/create_domain.py", line 513, in ?
  File "/u01/oracle/dockertools/create_domain.py", line 123, in createOAMDomain
  File "/u01/oracle/dockertools/create_domain.py", line 184, in createBaseDomain
  File "/tmp/WLSTOfflineIni5785928536971827845.py", line 79, in set
  File "/tmp/WLSTOfflineIni5785928536971827845.py", line 19, in command
	at com.oracle.cie.domain.script.jython.CommandExceptionHandler.handleException(CommandExceptionHandler.java:69)
	at com.oracle.cie.domain.script.jython.WLScriptContext.handleException(WLScriptContext.java:3085)
	at com.oracle.cie.domain.script.jython.WLScriptContext.runCmd(WLScriptContext.java:738)
	at sun.reflect.GeneratedMethodAccessor132.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)

com.oracle.cie.domain.script.jython.WLSTException: com.oracle.cie.domain.script.jython.WLSTException

Domain Creation Failed.. Please check the Domain Logs

可以从48行看到是在 Creating Admin server... 阶段出错的。

解决四:提高ADMIN_PASSWORD 密码复杂度

需要注意的是每次失败重试之前要先删除之前留下的痕迹。

1
2
sudo docker rm oamadmin
sudo rm -rf /scratch/user_projects/*

从这里 https://github.com/oracle/docker-images/issues/844#issuecomment-389884511 看到可能是密码复杂度不够,导致无法设置密码。

启动容器的命令改为以下。将其中 ADMIN_PASSWORDDB_SCHEMA_PASSWORD 的复杂度变高。

其中ADMIN_PASSWORD 应该是weblogic管理台的密码。DB_SCHEMA_PASSWORDpassword you want to set for the RCU schemas

那么什么是RCU schemas 呢?什么是RCU呢?不太理解,先跳过。

Repository Creation Utility is a graphical and CLI-based tool used to create and manage Oracle Fusion Middleware database schemas.

改进两个密码的复杂度重新创建容器。

1
sudo docker run -d --network=OamNET -p 7001:7001 --name=oamadmin --env CONNECTION_STRING=172.17.0.1:1521/ORCLPDB1.localdomain --env ADMIN_LISTEN_HOST=oamadmin --env DOMAIN_NAME=access_domain --env ADMIN_USER=weblogic --env ADMIN_PASSWORD=W3bl@gic --env ADMIN_LISTEN_PORT=7001 --env RCUPREFIX=OAM1 --env DB_USER=sys --env DB_PASSWORD=Oradoc_db1 --env DB_SCHEMA_PASSWORD=Dbsch3m@ -v /scratch/user_projects/:/u01/oracle/user_projects container-registry.oracle.com/middleware/oam:12.2.1.4.0

并使用 sudo docker logs -ft oamadmin 查看新建过程打印出来的日志,看到问题得到了解决。

报错五:创建domain失败

可以看到前几个步骤都顺利完成了,但也出现了新的问题。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
类似前文日志
INFO: Creating Admin server...
INFO: Enabling SSL PORT for AdminServer...
Creating Node Managers...
Will create Base domain at /u01/oracle/user_projects/domains/access_domain
Writing base domain...
Base domain created at /u01/oracle/user_projects/domains/access_domain
Extending domain at /u01/oracle/user_projects/domains/access_domain
Database  172.17.0.1:1521/ORCLPDB1.localdomain
Apply Extension templates
Extension Templates added
Extension Templates added
Deleting oam_server1
The default oam_server1 coming from the oam extension template deleted
Deleting oam_policy_mgr1
The default oam_server1 coming from the oam extension template deleted
Configuring JDBC Templates ...
Configuring the Service Table DataSource...
fmwDatabase  jdbc:oracle:thin:@172.17.0.1:1521/ORCLPDB1.localdomain
Getting Database Defaults...
Error: getDatabaseDefaults() failed. Do dumpStack() to see details.
Error: runCmd() failed. Do dumpStack() to see details.
Problem invoking WLST - Traceback (innermost last):
  File "/u01/oracle/dockertools/create_domain.py", line 513, in ?
  File "/u01/oracle/dockertools/create_domain.py", line 124, in createOAMDomain
  File "/u01/oracle/dockertools/create_domain.py", line 328, in extendOamDomain
  File "/u01/oracle/dockertools/create_domain.py", line 259, in configureJDBCTemplates
  File "/tmp/WLSTOfflineIni7074819690261705056.py", line 267, in getDatabaseDefaults
  File "/tmp/WLSTOfflineIni7074819690261705056.py", line 19, in command
Failed to build JDBC Connection object: 
	at com.oracle.cie.domain.script.jython.CommandExceptionHandler.handleException(CommandExceptionHandler.java:69)
	at com.oracle.cie.domain.script.jython.WLScriptContext.handleException(WLScriptContext.java:3085)
	at com.oracle.cie.domain.script.jython.WLScriptContext.runCmd(WLScriptContext.java:738)
	at sun.reflect.GeneratedMethodAccessor132.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)

com.oracle.cie.domain.script.jython.WLSTException: com.oracle.cie.domain.script.jython.WLSTException: Got exception when auto configuring the schema component(s) with data obtained from shadow table: 
Failed to build JDBC Connection object: 

Domain Creation Failed.. Please check the Domain Logs

解决五:修改DB_SCHEMA_PASSWORD

从日志看到是在 Getting Database Defaults... 阶段出现的问题,搜索 getDatabaseDefaults() failed. Do dumpStack() to see details. 发现这个github issue有讨论。

看到有人说是 schema password 的问题,于是随便改DB_SCHEMA_PASSWORD ,改成Oradoc_db1 还是不行,改成Oradoc_db2就可以了,我也不知道是什么原因😓

image-20220319001023127

总之呢,用这个命令,就可以跑起来三个容器中的第一个了!

1
sudo docker run -d --network=OamNET -p 7001:7001 --name=oamadmin --env CONNECTION_STRING=172.17.0.1:1521/ORCLPDB1.localdomain --env ADMIN_LISTEN_HOST=oamadmin --env DOMAIN_NAME=access_domain --env ADMIN_USER=weblogic --env ADMIN_PASSWORD=W3bl@gic --env ADMIN_LISTEN_PORT=7001 --env RCUPREFIX=OAM1 --env DB_USER=sys --env DB_PASSWORD=Oradoc_db1 --env DB_SCHEMA_PASSWORD=Oradoc_db2 -v /scratch/user_projects/:/u01/oracle/user_projects container-registry.oracle.com/middleware/oam:12.2.1.4.0

成果

image-20220319001206652

④创建容器二

1
sudo docker run -d -p 14100:14100 --network=OamNET --volumes-from oamadmin --name oamms --env DOMAIN_NAME=access_domain --env ADMIN_USER=weblogic --env ADMIN_PASSWORD=W3bl@gic --env ADMIN_LISTEN_HOST=oamadmin --env ADMIN_LISTEN_PORT=7001 --env MANAGEDSERVER_PORT=14100 --env MANAGED_SERVER_CONTAINER=true --env MS_NAME=oam_server1 --env MS_HOST=oamms container-registry.oracle.com/middleware/oam:12.2.1.4.0 "/u01/oracle/dockertools/startMS.sh"

image-20220319002053797

⑤创建容器三

1
sudo docker run -d -p 15100:15100 --network=OamNET --volumes-from oamadmin --name oampolicy --env DOMAIN_NAME=access_domain --env ADMIN_USER=weblogic --env ADMIN_PASSWORD=W3bl@gic --env ADMIN_LISTEN_HOST=oamadmin --env ADMIN_LISTEN_PORT=7001 --env MANAGEDSERVER_PORT=15100 --env MANAGED_SERVER_CONTAINER=true --env MS_NAME=oam_policy_mgr1 --env MS_HOST=oampolicy container-registry.oracle.com/middleware/oam:12.2.1.4.0 "/u01/oracle/dockertools/startMS.sh"

image-20220319002625756

⑥验证服务可用性

1
sudo docker inspect -f '{{.Name}} - {{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' oamadmin oamms oampolicy myOracleDB

image-20220319003016738

Console or Page URL
WebLogic Administration Console http://<oamadmin_ip>:7001/console
Oracle Enterprise Manager Console http://<oamadmin_ip>:7001/em
Oracle Access Management Console http://<oamadmin_ip>:7001/oamconsole
OAM Server Logout http://<oamms_ip>:14100/oam/server/logout
Policy Manager Access http://<oampolicy_ip>:15100/access

各服务截图

image-20220319004128564

image-20220319004142916

image-20220319004039342

image-20220319004207596

image-20220319004232583

image-20220319004241815

⑦启停与删除

启停

1
2
sudo docker stop oamadmin oamms oampolicy myOracleDB
sudo docker start oamadmin oamms oampolicy myOracleDB

删除

1
2
3
sudo docker stop oamadmin oamms oampolicy myOracleDB
sudo docker rm oamadmin oamms oampolicy myOracleDB
sudo rm -rf /scratch/user_projects

参考链接