Switching to the Oracle JVM - Unicon/shibboleth-idp-dockerized GitHub Wiki

There are several ways to methods that can be used to use the Oracle JVM instead of the OpenJDK Zulu package that ships with the image.

Using Your Custom Image

Assuming that you are already using a custom image to add in UI customizations, configs, what have you, it is trivial to swap out the OpenJDK Zulu by adding the following to your image's Dockerfile:

#Remove OpenJDK
RUN cd /opt \
    && rm -rf zulu*/

#Install Oracle JVM
RUN java_version=8u71; \
    java_bnumber=15; \
    java_semver=1.8.0_71; \
    java_hash=429c3184b10d7af2bb5db3faf20b467566eb5bd95778f8339352c180c8ba48a1; \
    wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" \
    http://download.oracle.com/otn-pub/java/jdk/$java_version-b$java_bnumber/server-jre-$java_version-linux-x64.tar.gz \
    && echo "$java_hash  server-jre-$java_version-linux-x64.tar.gz" | sha256sum -c - \
    && tar -zxvf server-jre-$java_version-linux-x64.tar.gz -C /opt \
    && rm server-jre-$java_version-linux-x64.tar.gz \
    && ln -sf /opt/jdk$java_semver/ /opt/jre-home

See Oracle's Java download page for the current version, "bnumber" and hash values. All, but the hash value, can be obtained from the Unix download link on the download page.

This removes the OpenJDK Zulu install, downloads the installation package, verifies its hash, unpacks it and links it appropriately.

Mount the JVM from the Docker Host

Another option is to download the Oracle JVM to the Docker Host and then mount this location as a container volume at start-up.

docker run -p 443:4443 -v /path/to/extract/jvm/on/the/host:/opt/jre-home:ro unicon/shibboleth-idp:latest

Ensure that you have downloaded and unpacked the Linux JVM package, especially if you are running Docker on Windows or OS X.

The container path must be /opt/jre-home otherwise you must also set the JAVA_HOME environment variable, at container startup, to the matching location.