Skip to main content

Configure Oracle DB service (sample)

Scope here: How to configure Oracle DB service for hosting KOBIL Shift services databases

Make use of an Oracle CDB instance to define additional PDB inside. You need to define one PDB per KOBIL Shift service and configure this in the KOBIL Shift metaconfiguration. Here in the sample creating a PDB named db-name-shift and a Tablespace also named db-name-shift. Use this template to then create required DBs per KOBIL Shift service (i.e. find sample db-names in the metaconfig per service under database.name - i.e. idp_core, smartdashboard, ast_ca or ast_login).

CREATE PLUGGABLE DATABASE <db-name-shift> ADMIN USER <kobil-db-admin> IDENTIFIED BY <kobil-db-admin> CREATE_FILE_DEST='/opt/oracle/oradata';
ALTER PLUGGABLE DATABASE <db-name-shift> OPEN READ WRITE;
ALTER SESSION SET CONTAINER=<db-name-shift>;

CREATE TABLESPACE <db-name-shift>;
CREATE USER <db-username-shift> IDENTIFIED by <db-username-password> DEFAULT TABLESPACE <db-name-shift> QUOTA unlimited ON <db-name-shift>;
GRANT CREATE PROCEDURE, CREATE TABLE, CREATE TYPE, CREATE SEQUENCE, CREATE SESSION, CREATE VIEW TO <db-username-shift>

Once the database is created the configuration within the KOBIL Shift metaconfig is required to match to this setup (here sample for IDP-Core service) - please note below VERY IMPORTANT annotation:

# -- Configuration for idp-core -- here as sample
# -- select for DB-type under common.datastores.database.type: oracle
idpCore:
  enabled: true
  replicaCount: 1

  database:
    host: ora-db-host              # Oracle DB serivce hostname
    port: 1521                     # Oracle DB service port (number) 
    name: "idp_core"               # database-name -- PDB-name -- db-name-shift
    auth:                          # DB-access credentials could be also configured via secret:  common.existingSecretDatastoreCredentials
      username: user               # PDB-name assigned user -- db-username-shift
      password: "password"         # password

In case of using ISTIO service mesh functionality this can - when enabling the Istio-Sidecare functionality - affect the connectivity to a remote Database-service. Therefore find note in the README covering annotation update for Istio services. Due to issues for OpenShift ServiceMesh it is required to set also the remote DB-service IP-address instead of the "hostname" (as the nameresolution at time of Init-container runtime does not resolve the hostname:

global:
  annotations:
    workload:
      traffic.sidecar.istio.io/excludeOutboundPorts: "1521"

Find more info from RedHat