ODSA for Java Developers (Part 8) — Connecting to Oracle ADB from a Spring Boot 3.0 App with Spring Data JPA on Azure Red Hat OpenShift
Introduction
This blog post is about creating a container image for a Spring Boot 3.0 application, deploying the image to Azure Container Registry, and then using it to deploy the application to Azure Red Hat OpenShift (ARO).
Its goal is to provide a quick tutorial on creating and deploying a Spring Boot 3.0 application to ACI, then connect it to an Oracle Autonomous Database (ADB) instance provisioned using the Oracle Database Service for Azure.
Please check the official documentation for Azure Red Hat OpenShift to explore it comprehensively.
So without further ado, let’s get started!
Prerequisites
- JDK — Java Development Kit 17
- Your preferred Java IDE — Eclipse, IntelliJ, VS Code
- Apache Maven
- Oracle Database Service for Azure
- Azure Subscription
- Azure CLI
- Docker
- Register for a Red Hat account if you don’t have one
- A pull secret for your Azure Red Hat OpenShift cluster
Azure Red Hat OpenShift (ARO)
Azure Red Hat OpenShift provides a platform for Kubernetes orchestration, and it allows you to run Docker containers in a managed serverless Azure environment. By running your workloads in Azure Container Instances (ACI), you can focus on building your applications instead of addressing the infrastructure that runs them.
This blog post is not an exhaustive guide to Azure Containers Instances. Its goal is to provide a quick guide on how to build a container image for a Spring Boot 3 application, deploy it to Azure Container Registry, and then deploy an application based on that image to Azure Container Instances (ACI).
Code sample
We’ll use the same Spring Boot 3.0 sample application as in the previous blog posts in this series to perform the steps described above.
The only addition is a Dockerfile that will be used for our containerized Spring Boot 3.0 application, as shown below.
Note that this is a basic example of how to containerize a Spring Boot application, and there are many ways you can customize it. You can get more details by visiting the official Spring Boot with Docker guide.
If you have to install Docker, there are some options, such as Docker Desktop and Rancher Desktop, and you can see this blog post for pointers on installing Docker Desktop.
Copy the file above to the root directory of your project at the same level as the POM.xml file.
Test the Docker image locally
Assuming that you have Docker installed locally, you can test the application on your local machine.
Just navigate to the root directory of your project, and run the commands below.
docker build -t odsa-spring .
docker imagesYou will see the image below if everything is OK with your environment.
Now you can test the sample application locally. To do so, run the command below.
docker run -p 8080:8080 odsa-spring:latestThe Spring Boot 3.0 application will start. Open a browser and navigate to http://localhost:8080/employees
You should see a JSON response below, confirming that your Spring Boot application is running successfully in a Docker container.
Create an Azure Container Registry (ACR) instance
Azure Container Registry is a private registry service for building, storing, and managing container images.
So, the next step is to create an Azure Container Registry instance with the Azure CLI. Part 3 in this series has a specific section documenting the Azure CLI installation process.
Sign in to the Azure CLI and set your chosen Azure Subscription.
az login
az account set --subscription <YOUR_SUBSCRIPTION_ID>Create or reuse an existing Azure resource group. Remember to substitute the placeholders below with your preferred values.
Examples of the values used in commands are available throughout this blog post for your easy reference.
az group create --name <AZURE_RESOURCE_GROUP> --location <AZURE_REGION>An example:
az group create --name aro-my-rg --location eastusRegister an Azure Resource Provider for Container Registry.
az provider register --namespace Microsoft.ContainerRegistryCreate an Azure Container Registry instance. Note that the registry name must be unique within Azure and contain 5–50 lowercase alphanumeric characters. The command below will output a loginServer name, so take note of it.
az acr create --resource-group <AZURE_RESOURCE_GROUP> --name <ACR_INSTANCE_NAME> --sku <ACR_SERVICE_TIER>An example:
az acr create --resource-group aro-my-rg --name orclacregistry --sku basicLog in to Azure Container Registry.
az acr login --name <ACR_INSTANCE_NAME> --resource-group <AZURE_RESOURCE_GROUP>An example:
az acr login --name orclacregistry --resource-group aro-my-rgThe command returns a Login Succeeded message once completed.
Build and deploy an image to your ACR instance
We’ll use the Docker image we used in a previous step to test the Spring Boot application locally. The command below will build, tag and deploy it as required.
az acr build --resource-group <AZURE_RESOURCE_GROUP> --registry <ACR_INSTANCE_NAME> --image <IMAGE_NAME:TAG> .An example:
az acr build --resource-group aro-my-rg --registry orclacregistry --image odsa-spring:v1 .The process to deploy the image will start as expected.
After a short while, you will see messages confirming that your image got pushed to your ACR repository as expected.
List the images in your registry to ensure a successful image deployment.
az acr repository list --name <ACR_INSTANCE_NAME> --output tableAn example:
az acr repository list --name orclacregistry --output table
You can also use the Azure Portal to check your ACR instance and the respective repository to see the image with the related tag, as shown below.
Configure the dependencies required by an ARO cluster
You must get a pull secret for your Azure Red Hat OpenShift cluster.
A Red Hat pull secret enables your ARO cluster to access Red Hat container registries. Use this link to download your pull secret file.
Next, please register the resource providers below.
az provider register --namespace Microsoft.RedHatOpenShift --wait
az provider register --namespace Microsoft.Authorization --wait
az provider register --namespace Microsoft.Storage --wait
az provider register --namespace Microsoft.Compute --waitIf you want, you can list all providers for your subscription with the command below.
az provider list -o tableYou can also confirm if a specific provider is registered, as an example you can check the ARO provider.
az provider list --query "[?namespace=='Microsoft.RedHatOpenShift']"Last, check your current Azure resource quota. ARO requires a minimum of 40 cores to create and run an OpenShift cluster.
As an example, you can use the command below to check the quota for a target Azure Virtual Machine (VM) size, let’s say a “Standard DSv5” VM family SKU.
az vm list-usage --location eastus --query "[?contains(name.value, 'standardDSv5Family')]" -o table
Create a VNET with two subnets
ARO clusters running OpenShift 4.x require a VNET with two subnets, for the Kubernetes master and worker nodes.
First, create a virtual network.
az network vnet create --resource-group aro-my-rg --name aro-my-vnet --address-prefixes 10.0.0.0/22Create an empty subnet for the K8s master nodes.
az network vnet subnet create --resource-group aro-my-rg --vnet-name aro-my-vnet --name aro-master-subnet --address-prefixes 10.0.0.0/23Create an empty subnet for the K8s worker nodes.
az network vnet subnet create --resource-group aro-my-rg --vnet-name aro-my-vnet --name aro-worker-subnet --address-prefixes 10.0.2.0/23Create an ARO cluster
Run the following command to create your ARO cluster. Remember to include your pull secret file, if you want to enable your cluster to access the Red Hat container registries as well.
az aro create --resource-group aro-my-rg --name aro-my-cluster --vnet aro-my-vnet --master-subnet aro-master-subnet --worker-subnet aro-worker-subnetIt will take a while to complete. Typically, it takes about 30 minutes or so to create a cluster. This an excellent opportunity to grab a cup of coffee!
As soon as it completes, a response in JSON will be returned. Look for the status: “provisioningState”: “Succeeded” to confirm it.
You can also check the Azure Portal to ensure it’s up and running properly as expected. Search for Azure Red Hat OpenShift, then select the result under the Services option.
You will seed the cluster as shown below.
Connect to your ARO cluster
You can connect using the usual kubeadmin user. First, you have to retrieve its password, so run the command below.
az aro list-credentials --name aro-my-clusterYou should see a response similar to the one below. The password will be in kubeadminPassword as shown below, copy and save it.
{
"kubeadminPassword": "<KUBEADMIN_PASSWORD>",
"kubeadminUsername": "kubeadmin"
}Retrieve the OpenShift Container Platform URL
Run the command below to get the OpenShift URL.
az aro show --name aro-my-cluster --query "consoleProfile.url" -o tsvUse the URL above to launch the OpenShift console and use the kubeadmin as the username, and the retrieved password to log in.
Click on the question mark (?) in the top-right corner, then select Command Line Tools to find the OpenShift Command Line Interface (oc CLI) binaries.
It allows you to create applications and manage OpenShift projects from a CLI. Find and download the oc CLI binary that is appropriate to your machine as shown below, and install it per the documentation for your OS.
Connect to your ARO cluster using the OpenShift CLI
Run the command below to retrieve the address of your ARO cluster’s API server.
az aro show --name aro-my-cluster --query apiserverProfile.url -o tsvRun the command below to log in to the API server. Note that it will use the default project, so we’ll create an OpenShift project in the following steps as required.
oc login <ARO_CLUSTER_APISERVER_ADDRESS> -u kubeadmin -p <KUBEADMIN_PASSWORD>
Enable the Admin user account
You must run the command below to enable the Admin user account.
az acr update --resource-group aro-my-rg --name orclacregistry --admin-enabled true Get the credentials
Take note of them, and ensure they are saved properly.
az acr credential show --resource-group aro-my-rg --name orclacregistryCreate the K8s secret for your cluster with the oc CLI tool
Now you can use the oc CLI tool to create a Kubernetes secret. Execute the command with your ACR credentials.
oc create secret docker-registry --docker-server orclacregistry.azurecr.io --docker-username orclacregistry --docker-password <PASSWORD> --docker-email unused acr-secretYou should see a confirmation as shown below.
Create an ARO project
Create a new ARO project by running the command below.
oc new-project odsa-spring-project
You can see the project by running the command oc project as below.
You can also use the console to see your project as below.
Create a new ARO application
First, run the command below.
oc new-app --image=orclacregistry.azurecr.io/odsa-spring:v1 
You can see the pod information by running the command below.
oc get pods
Next, create a YAML file with the spec for an Ingress component, which forwards the traffic to a Service component.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: odsa-spring-ingress
spec:
rules:
- host: odsa-spring-myhost
http:
paths:
- backend:
service:
name: odsa-spring-service
port:
number: 8080
path: /
pathType: ExactCreate the Ingress and the Service components by running the command below.
oc apply -f odsa-spring-ingress.yaml
Check the details of your Ingress component.
oc get ingress
Check the details of your Service component.
oc get services
Add the outbound IP addresses of your ARO container to the ACL
Before you can open a browser to test it, there’s a last but essential step. We have to add the outbound IP address of your ARO container instance to your Oracle Autonomous Database instance’s ACL (Access Control List).
Go to the ODSA console, select your ADB instance, select Networking on the right-hand side, and then click Edit at the top. Add the IP address to its ACL. Click OK. Wait until its status changes from Updating to Active.
You will see a notification message with a confirmation, as shown below.
Test the application
As in the previous blog posts in this series, the URL format for this application is below.
https://<PUBLIC_IP_ADDRESS>/employees
Check the container logs
You can inspect the container instance logs with the command below.
az container logs --resource-group myResourceGroup --name mycontainerYou will see the Hibernate query logged successfully, as expected.
Congratulations! You deployed a Spring Boot 3.0 application to a container on Azure Container Instances (ACI). It is connected to an Oracle Autonomous Database (ADB) instance provisioned with the Oracle Database Service for Azure.
Wrapping it up
That’s it! You learned how to configure a Spring Boot application to use UCP as a native Spring Datasource.
Then, you deployed it to a Kubernetes cluster on Azure Red Hat OpenShift (ARO). I hope you enjoyed this blog post and our series about ODSA. Stay tuned!
Oracle Database Service for Azure (ODSA) Series
This post complements the series on developing Azure applications with ODSA, which includes the previous blog posts listed below.
ODSA for Java Developers (Part 1) — Introduction to Oracle Database Service for Azure
References
Oracle Database Service for Azure — Documentation
Develop Java applications with Oracle Database
Developers Guide For Oracle JDBC on Maven Central
Oracle Database JDBC Java API Reference, Release 23c
Azure Red Hat OpenShift — Documentation
Azure Container Registry — Documentation
Oracle Developers and Oracle OCI Free Tier
Join our Oracle Developers channel on Slack to discuss Java, JDBC, the Oracle Database, OCI, ODSA, and other topics!
Build, test, and deploy your applications on Oracle Cloud — for free! Get access to OCI Cloud Free Tier!
