Connecting an Oracle database to Kubernetes

You can set up the connection between the Kubernetes cluster and the database in different ways depending on the database hosting model and connection type that you plan.

Currently the container deployment supports the following connection types:

  • TLS over TCP for on-prem databases

  • mTLS over TCPS for Oracle OCI database using Oracle ADB.

Other configurations such as TLS over TCPS for Oracle OCI is not supported.

Note: Note: _TP is used to avoid parallel execution errors while deploying WorkZone.

Standard connection settings

For standard TLS access to an Oracle database, the environment YAML file should contain these values in the “db” group:

db:

ipAddress: <IP>

port: <port>

cultures: da-DK;en-GB

Name Description
ipAddress The IP address of the database.
port 1521 or 1522 are the default values.
cultures For example, da-DK;en-GB.

If you want to control additional parameters, you can add the following database parameters to the file:

WORKZONE_DB_DSN: <DSN>

WORKZONE_DB_SID: <SID>

WORKZONE_DB_HOSTNAME: <Host Name>

WORKZONE_DB_PROTOCOL: <Protocol>

WORKZONE_DB_SERVER_MODE: <Server Mode>

WORKZONE_DB_PORT: <Port>

Name

Description
WORKZONE_DB_DSN

The database service name-
WORKZONE_DB_SID

The database name.
WORKZONE_DB_HOSTNAME

There URL.
WORKZONE_DB_PROTOCOL TCP and TCPS.
WORKZONE_DB_SERVER_MODE Dedicated, .. ,…

WORKZONE_DB_PORT

The standard values are for TLS 1521 and mTLS 1522.

Connecting to an Oracle on-premises database using TLS

Only the standard connection setting is required to connect to an on-premises database.

Connecting to Oracle ADB Instance Using TLS and mTLS

On the Instance Portal page of the Oracle ADB instance, you can enable/disable mTLS. If you disable mTLS, you can run connections both with TLS and mTLS. TLS is simplest connection type. mTLS has more safeguarding but it is more complex to configure.

To find the relevant wallet and TNS connector data for both, go to Database Connection on the Database ADB Portal Page page.

Configuring a TLS connection for WorkZone on Oracle ADB

Pending content.

Configuring a mTLS Connection for Oracle ADB

Running your databases from Oracle OCI, mTLS is the default connection option. mTLS requires use of a wallet on the client and a change of port to 1522.

Your environment file must include these minimum settings to support an Oracle ADB instance using mTLS.

Set the port and add a “wallet” section

db:

ipAddress: <IP>

port: 1522

cultures: da-DK;en-GB

wallet:

enabled: true

secretName: wallet

The Oracle OCI wallet files must be placed in the Kubernetes secret named “wallet”. You can download the wallet ZIP file from the Oracle ADB Database Connection page.

Create the wallet secret

  1. Download the wallet ZIP file.

  2. Unzip the wallet file.

  3. Connect to the Kubernetes server and run the command below from the unzipped wallet folder.

    kubectl create secret generic wallet `

    --namespace <name Space> `

    --from-file=./cwallet.sso `

    --from-file=./ewallet.p12 `

    --from-file=./keystore.jks `

    --from-file=./ojdbc.properties `

    --from-file=./README `

    --from-file=./sqlnet.ora `

    --from-file=./tnsnames.ora `

    --from-file=./truststore.jks

    4. The copy image is missing

  4. To verify that the wallet is created, run the following command:

    kubectl get secret wallet –-namespace <namespace>

Connecting to an Oracle ADB Instance using interconnect between OCI and Azure

Pending content