Simple Docker Deployment - GluuFederation/gluu-docker GitHub Wiki
This is an example deployment mechanism as a proof of concept. It is not a sustainable build (there are no persistent volumes for data) and should not be taken as such. For demo purposes only. Please see a more stable stand-alone deployment option, which handles persistence better.
Installing Docker
Refer to https://docs.docker.com/install/linux/docker-ce/ubuntu/ for installing Docker CE in Ubuntu.
Deploying Containers
Get the IP address of the machine and save it as environment variable for later use:
export IPADDR=$(ip route get 1 | awk '{print $NF;exit}')
-
Deploy consul container:
docker run -d \ --name consul \ --net=host \ consul agent \ -server \ -bind=$IPADDR \ -retry-join=$IPADDR \ -bootstrap \ -client=$IPADDR \ -ui
-
Generate initial cluster configuration:
docker run --rm \ gluufederation/config-init:3.1.2_dev \ generate \ --kv-host $IPADDR \ --ldap-type opendj \ --domain ${hostname} \ --admin-pw ${password} \ --org-name 'Gluu Inc.' \ --country-code US \ --state TX \ --city Austin \ --email [email protected]
NOTE, if domain is not publicly available, add it to the
/etc/hosts
file. -
Deploy OpenDJ container:
docker run -d \ --name opendj-init \ -e GLUU_KV_HOST=$IPADDR \ -e GLUU_LDAP_INIT=true \ -e GLUU_LDAP_INIT_HOST=$IPADDR \ -e GLUU_LDAP_INIT_PORT=1636 \ -p 1636:1636 \ -p 8989:8989 \ -p 4444:4444 \ gluufederation/opendj:3.1.2_dev
Note that this will take some time and it's necessary for this to finish before you can continue. Track it with
docker logs -f opendj-init
until you get "The Directory Server has started successfully" notification. -
Deploy oxAuth container:
docker run -d \ --name oxauth \ -e GLUU_KV_HOST=$IPADDR \ -e GLUU_LDAP_URL=$IPADDR:1636 \ -p 8081:8080 \ gluufederation/oxauth:3.1.2_dev
-
Deploy nginx container:
docker run -d \ --name nginx \ -e GLUU_KV_HOST=$IPADDR \ -e GLUU_OXAUTH_BACKEND=$IPADDR:8081 \ -e GLUU_OXTRUST_BACKEND=$IPADDR:8082 \ -e GLUU_OXSHIBBOLETH_BACKEND=$IPADDR:8086 \ -e GLUU_OXPASSPORT_BACKEND=$IPADDR:8090 \ -p 80:80 \ -p 443:443 \ gluufederation/nginx:3.1.2_dev
-
Deploy oxTrust container:
docker run -d \ --name oxtrust \ -e GLUU_KV_HOST=$IPADDR \ -e GLUU_LDAP_URL=$IPADDR:1636 \ -e GLUU_OXTRUST_CONFIG_GENERATION=true \ -v /tmp/shared-shibboleth-idp:/opt/shared-shibboleth-idp \ --add-host=${hostname}:$IPADDR \ -p 8082:8080 \ gluufederation/oxtrust:3.1.2_dev
This will deploy an oxTrust container with a volume mapped to
/tmp/shared-shibboleth-idp
for use with the oxShibboleth container as well as create all the necessary configuration files. -
(Optional) Deploy oxPassport container:
docker run -d \ --name oxpassport \ -e GLUU_KV_HOST=$IPADDR \ --add-host=${hostname}:$IPADDR \ -p 8090:8090 \ gluufederation/oxpassport:3.1.2_dev
-
(Optional) Deploy oxShibboleth container:
docker run -d \ --name oxshibboleth \ -e GLUU_KV_HOST=$IPADDR \ -e GLUU_KV_PORT=8500 \ -e GLUU_LDAP_URL=$IPADDR:1636 \ -v /tmp/shared-shibboleth-idp:/opt/shared-shibboleth-idp \ -p 8086:8080 \ gluufederation/oxshibboleth:3.1.2_dev
-
Open the browser, visit https://${hostname}/ to log in to oxTrust.