TL;DR
APEX向けの構成スクリプトのリポジトリに、Oracle Graph Serverのコンテナを作るためのファイルを追加しました。
git clone https://github.com/ujnak/apex-podman-setup
cd apex-podman-setup/graph製品rpmは以下のページよりダウンロードします。アーキテクチャに合わせて、oracle-graph-<version>.x86_64.rpmまたはoracle-graph-<version>.aarch64.rpmを、ディレクトリgraph/filesの下に配置します。
以上で準備は完了です。コンテナ・イメージをビルドしてコンテナの作成と実行を行います。
podman build --file Dockerfile --tag oracle/graph:latest .
podman run -d --name oraclegraph -p 7007:7007 -e JAVA_TOOL_OPTIONS="-Xms1G -Xmx2G" localhost/oracle/graph:latest構築手順の紹介
@ryotayamanakaさんのQiitaの記事「Graph Serverコンテナ作成(23.4)」の記事に多くを依っています。公式のドキュメントは以下です。
イメージの作成には、macOSのpodmanを使用します。
OSのパッケージとしてnumactl, libgcc, libgfortranを追加していますが、これはEnterprise Schedulerの要件を満たすためだと思います。Enterprise SchedulerはARMでは動かないようで(OS要件はLinux (x86_64)となっている)、ARMでは不要かもしれません。
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright (c) 2022, 2023 Oracle and/or its affiliates. | |
| # | |
| # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. | |
| # | |
| # ORACLE DOCKERFILES PROJECT | |
| # -------------------------- | |
| # This is the Dockerfile for Oracle JDK 21 on Oracle Linux 8 | |
| # | |
| # REQUIRED FILES TO BUILD THIS IMAGE | |
| # ---------------------------------- | |
| # This dockerfile will download a copy of JDK 21 from | |
| # https://download.oracle.com/java/21/latest/jdk-21_linux-<ARCH>_bin.tar.gz | |
| # | |
| # It will use either x64 or aarch64 depending on the target platform | |
| # | |
| # HOW TO BUILD THIS IMAGE | |
| # ----------------------- | |
| # Run: | |
| # $ docker build -t oracle/jdk:21 . | |
| # | |
| # This command is already scripted in build.sh so you can alternatively run | |
| # $ bash build.sh | |
| # | |
| # The builder image will be used to uncompress the tar.gz file with the Java Runtime. | |
| # | |
| ##################################################################################################### | |
| # | |
| # NOTE for Oracle Graph Server: | |
| # | |
| # 1. Oracle Graph Server archive | |
| # https://www.oracle.com/database/graph/downloads.html | |
| # | |
| # Place the downloaded oracle-graph-<version>-<arch>.rpm file under **files** directory. | |
| # Make sure that there is only one file matching the pattern oracle-graph-*.rpm. | |
| # | |
| # HISTORY: | |
| # 2025/08/01 ynakakos initial version. | |
| # | |
| ##################################################################################################### | |
| FROM oraclelinux:8 as builder | |
| #LABEL maintainer="Aurelio Garcia-Ribeyro <aurelio.garciaribeyro@oracle.com>" | |
| # Since the files are compressed as tar.gz first dnf install tar. gzip is already in oraclelinux:8 | |
| RUN set -eux; \ | |
| dnf install -y tar; | |
| # Default to UTF-8 file.encoding | |
| ENV LANG en_US.UTF-8 | |
| # Environment variables for the builder image. | |
| # Required to validate that you are using the correct file | |
| ENV JAVA_URL=https://download.oracle.com/java/21/latest \ | |
| JAVA_HOME=/usr/java/jdk-21 | |
| ## | |
| SHELL ["/bin/bash", "-o", "pipefail", "-c"] | |
| RUN set -eux; \ | |
| ARCH="$(uname -m)" && \ | |
| # Java uses just x64 in the name of the tarball | |
| if [ "$ARCH" = "x86_64" ]; \ | |
| then ARCH="x64"; \ | |
| fi && \ | |
| JAVA_PKG="$JAVA_URL"/jdk-21_linux-"${ARCH}"_bin.tar.gz ; \ | |
| JAVA_SHA256=$(curl "$JAVA_PKG".sha256) ; \ | |
| curl --output /tmp/jdk.tgz "$JAVA_PKG" && \ | |
| echo "$JAVA_SHA256" */tmp/jdk.tgz | sha256sum -c; \ | |
| mkdir -p "$JAVA_HOME"; \ | |
| tar --extract --file /tmp/jdk.tgz --directory "$JAVA_HOME" --strip-components 1 | |
| ## Get a fresh version of Oracle Linux 8 for the final image | |
| FROM oraclelinux:8 | |
| # Default to UTF-8 file.encoding | |
| ENV LANG en_US.UTF-8 | |
| ENV JAVA_HOME=/usr/java/jdk-21 | |
| ENV PATH $JAVA_HOME/bin:$PATH | |
| # If you need the Java Version you can read it from the release file with | |
| # JAVA_VERSION=$(sed -n '/^JAVA_VERSION="/{s///;s/"//;p;}' "$JAVA_HOME"/release); | |
| # Copy the uncompressed Java Runtime from the builder image | |
| COPY --from=builder $JAVA_HOME $JAVA_HOME | |
| # For Oracle Graph | |
| COPY ./files/oracle-graph-*.rpm /tmp/ | |
| RUN set -eux; \ | |
| # Ensure we get the latest OL 8 updates available at build time | |
| dnf -y update; \ | |
| # JDK assumes freetype is available | |
| dnf install -y \ | |
| # freetype fontconfig \ | |
| freetype fontconfig unzip numactl gcc libgfortran python3.11 python3.11-pip \ | |
| ; \ | |
| # For Oracle Graph | |
| dnf install -y \ | |
| /tmp/oracle-graph-*.rpm ; \ | |
| rm -f /tmp/oracle-graph-*.rpm ; \ | |
| alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 20000 ; \ | |
| alternatives --install /usr/bin/pip3 pip3 /usr/bin/pip3.11 2000 ; \ | |
| pip3 install oracle-graph-client ; \ | |
| # End | |
| rm -rf /var/cache/dnf; \ | |
| ln -sfT "$JAVA_HOME" /usr/java/default; \ | |
| ln -sfT "$JAVA_HOME" /usr/java/latest; \ | |
| for bin in "$JAVA_HOME/bin/"*; do \ | |
| base="$(basename "$bin")"; \ | |
| [ ! -e "/usr/bin/$base" ]; \ | |
| alternatives --install "/usr/bin/$base" "$base" "$bin" 20000; \ | |
| done; | |
| # For Oracle Graph | |
| COPY ./server.conf /etc/oracle/graph/server.conf | |
| COPY ./pgx.conf /etc/oracle/graph/pgx.conf | |
| EXPOSE 7007 | |
| WORKDIR /opt/oracle/graph/bin | |
| CMD ["sh", "/opt/oracle/graph/pgx/bin/start-server"] |
コンテナ・イメージに含める設定ファイルとしてserver.confを作成します。enable_tlsをfalseにして、HTTPで接続するようにします。
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "port": 7007, | |
| "enable_tls": false, | |
| "enable_client_authentication": false, | |
| "server_keystore": "/etc/oracle/graph/server_keystore.jks", | |
| "server_keystore_alias": "pgx", | |
| "server_keystore_type": "JKS", | |
| "server_keystore_provider": "SUN", | |
| "ca_certs": [], | |
| "working_dir": "/opt/oracle/graph/pgx/tmp_data" | |
| } |
もう一つの設定ファイルとしてpgx.confを作成します。schedulerとしてbasic_schedulerを選択し(x86_64であればenterprise_schedulerが動くので不要です)、pgx_realmのoptionsに含まれるjdbc_urlとbase_urlを変更しています。
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "scheduler": "basic_scheduler", | |
| "allow_idle_timeout_overwrite": true, | |
| "allow_task_timeout_overwrite": true, | |
| "authorization": [{ | |
| "pgx_role": "GRAPH_ADMINISTRATOR", | |
| "pgx_permissions": [] | |
| }, { | |
| "pgx_role": "GRAPH_DEVELOPER", | |
| "pgx_permissions": [ | |
| ] | |
| }], | |
| "enable_gm_compiler": true, | |
| "enterprise_scheduler_config": { | |
| "analysis_task_config": { | |
| "priority": "MEDIUM", | |
| "weight": "<no-of-CPUs>", | |
| "max_threads": "<no-of-CPUs>" | |
| }, | |
| "fast_analysis_task_config": { | |
| "priority": "HIGH", | |
| "weight": 1, | |
| "max_threads": "<no-of-CPUs>" | |
| }, | |
| "num_io_threads_per_task": "<no-of-CPUs>" | |
| }, | |
| "graph_algorithm_language": "JAVA", | |
| "in_place_update_consistency_model": "ALLOW_INCONSISTENCIES", | |
| "java_home_dir": "<system-java-home-dir>", | |
| "max_active_sessions": 1024, | |
| "max_queue_size_per_session": -1, | |
| "max_snapshot_count": 0, | |
| "memory_cleanup_interval": 5, | |
| "preload_graphs": [], | |
| "pgx_realm": { | |
| "implementation": "oracle.pg.identity.DatabaseRealm", | |
| "options": { | |
| "jdbc_url": "jdbc:oracle:thin:@host.containers.internal:1521/freepdb1", | |
| "token_expiration_seconds": 3600, | |
| "refresh_time_before_token_expiry_seconds": 1800, | |
| "connect_timeout_milliseconds": 10000, | |
| "connection_pool_cleanup_interval_secs": 10, | |
| "max_pool_size": 64, | |
| "max_threads_size": 16, | |
| "max_num_users": 512, | |
| "max_num_token_refresh": 24, | |
| "max_num_results_per_user": 10, | |
| "visualization_results_duration_seconds": 1800, | |
| "table_maximum_rows": 1000, | |
| "krb5_conf_file": "<REPLACE-WITH-KRB5-CONF-FILE-PATH-TO-ENABLE-KERBEROS-AUTHENTICATION>", | |
| "krb5_ticket_cache_dir": "/dev/shm/graph_cache", | |
| "krb5_max_cache_size": 1024, | |
| "base_url": "http://localhost:7007", | |
| "get_latest_snapshot_for_visualization": true | |
| } | |
| }, | |
| "release_memory_threshold": 0.0, | |
| "session_idle_timeout_secs": 14400, | |
| "session_task_timeout_secs": 0, | |
| "strict_mode": true, | |
| "tmp_dir": "/tmp" | |
| } |
oracle-graph-<version>.<arch>.rpmについては、ディレクトリfilesを作成して、その下にファイルを置きます。Oracle Graph Serverは、以下のページにアクセスしてダウンロードします。Oracle Graph Serverのアーカイブは、AMD64かARMでファイルが異なります。
https://www.oracle.com/database/graph/downloads.html
Oracle Graph Serverは新しいバージョンでも、Dockerfileは変更せずにイメージが作れるはずです。
podman run -d --name oraclegraph -p 7007:7007 -e JAVA_TOOL_OPTIONS="-Xms1G -Xmx2G" localhost/oracle/graph:latest
grant graph_developer to wksp_apexdev;
grant graph_administrator to wksp_apexdev;
ワークスペース・スキーマをUsername、スキーマのパスワードをPasswordに与えてSUBMITをクリックするとGraph Visualizationの画面が開きます。
- 上記のDockerfile
- Oracle Graph Serverのrpmファイル(filesの下) - oracle-graph-<version>.<arch>.rpm
- 上記のserver.conf
- 上記のpgx.conf
以下のコマンドを実行して、oracle/graph:latestのコンテナ・イメージを作成します。
podman build --file Dockerfile --tag oracle/graph:latest .
% podman build --file Dockerfile --tag oracle/graph:latest .
[1/2] STEP 1/6: FROM oraclelinux:8 AS builder
[1/2] STEP 2/6: RUN set -eux; dnf install -y tar;
+ dnf install -y tar
Oracle Linux 8 BaseOS Latest (aarch64) 9.9 MB/s | 137 MB 00:13
Oracle Linux 8 Application Stream (aarch64) 10 MB/s | 64 MB 00:06
Last metadata expiration check: 0:00:10 ago on Fri Aug 1 08:36:47 2025.
Package tar-2:1.30-9.el8.aarch64 is already installed.
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Upgrading:
tar aarch64 2:1.30-10.el8_10 ol8_baseos_latest 830 k
Transaction Summary
================================================================================
Upgrade 1 Package
[中略]
[2/2] STEP 8/12: COPY ./server.conf /etc/oracle/graph/server.conf
--> 57b07733a3c5
[2/2] STEP 9/12: COPY ./pgx.conf /etc/oracle/graph/pgx.conf
--> a6d7586673f4
[2/2] STEP 10/12: EXPOSE 7007
--> 2bf0e8b7e545
[2/2] STEP 11/12: WORKDIR /opt/oracle/graph/bin
--> 99ab66416e6d
[2/2] STEP 12/12: CMD ["sh", "/opt/oracle/graph/pgx/bin/start-server"]
[2/2] COMMIT oracle/graph:latest
--> c82c95112e1b
Successfully tagged localhost/oracle/graph:latest
c82c95112e1befe0a069633ffefaafd670db6625b821006b677c89e34aee1dc0
%
作成されたコンテナ・イメージからコンテナを作成して、Oracle Graph ServerのWeb UIにアクセスします。
podman run -d --name oraclegraph -p 7007:7007 -e JAVA_TOOL_OPTIONS="-Xms1G -Xmx2G" localhost/oracle/graph:latest
% podman run -d --name oraclegraph -p 7007:7007 -e JAVA_TOOL_OPTIONS="-Xms1G -Xmx2G" localhost/oracle/graph:latest
34899dd4d9d378633cd1666909def7caa6272b4d775fcb4f977e21d084c532be
%
ブラウザより以下のURLにアクセスします。
今回の構成は、ローカルのコンテナとしてOracle Graph Serverを実行し、同じくローカルで実行しているOracle Database 23ai Freeにアクセスすることを想定しています。また、APEXのワークスペース・スキーマを接続ユーザーとします。
公式のドキュメントのUser Authentication and Authorizationのセクションにユーザーの設定方法が記載されていますが、Oracle Autonomous Databaseおよび23aiではGRAPH_DEVELOPERとGRAPH_ADMINISTRATORのロールは作成済みなので、ロールを割り当てるとOracle Graph Serverからアクセスできるようになります。以下では、APEXのワークスペース・スキーマをWKSP_APEXDEVとしています。
grant graph_developer to wksp_apexdev;
grant graph_administrator to wksp_apexdev;
ワークスペース・スキーマをUsername、スキーマのパスワードをPasswordに与えてSUBMITをクリックするとGraph Visualizationの画面が開きます。
今回の記事は以上になります。
完
