ForgeOps

CDM deployment

This page describes the legacy CDM implementation, which will be deprecated in an upcoming release. We strongly recommend that you transition to the current CDM implementation as soon as possible.

Now that you’ve set up your deployment environment following the instructions in the Setup section for your cloud platform, you’re ready to deploy the CDM.

To deploy the CDM in your Kubernetes cluster using artifacts from the forgeops repository:

  1. Make sure that context is set to the prod namespace:

    $ kubens prod
  2. Configure secrets for the ForgeRock Identity Platform:

    1. Deploy the secrets:

      $ cd /path/to/forgeops/kustomize/base/secrets
      $ kubectl apply --filename secret_agent_config.yaml
    2. Verify that all the ForgeRock Identity Platform secrets have been created:

      $ kubectl get sac
      NAME            STATUS      NUMSECRETS   NUMK8SSECRETS
      forgerock-sac   Completed   14           14

      When the forgerock-sac entry reaches Completed status, all the secrets have been created.

  3. Change to the /path/to/forgeops directory and execute the skaffold run command. For example:

    $ cd /path/to/forgeops
    $ skaffold run --profile small
  4. Check the status of the pods in the prod namespace until all the pods are ready:

    1. Run the kubectl get pods command:

      $ kubectl get pods
      NAME                           READY   STATUS      RESTARTS   AGE
      admin-ui-69bc8b89bb-dtmj8      1/1     Running     0          3m30s
      am-cfc95954d-wqz6d             1/1     Running     0          3m29s
      amster-j87dl                   0/1     Completed   0          3m27s
      ds-cts-0                       1/1     Running     0          3m28s
      ds-cts-1                       1/1     Running     0          2m55s
      ds-cts-2                       1/1     Running     0          2m21s
      ds-idrepo-0                    1/1     Running     0          3m28s
      ds-idrepo-1                    1/1     Running     0          2m32s
      end-user-ui-6985574b49-dz8t9   1/1     Running     0          3m29s
      idm-57b6b86b98-hl8mj           1/1     Running     0          3m29s
      ldif-importer-m6n6x            0/1     Completed   0          3m27s
      login-ui-64b994b944-9qv7n      1/1     Running     0          3m29s
      rcs-agent-787769544d-jm7g4     1/1     Running     0          3m28s
    2. Review the output. Deployment is complete when:

      • All entries in the STATUS column indicate Running or Completed.

      • The READY column indicates all running containers are available. The entry in the READY column represents [total number of containers/number of available containers].

      • Three AM and two IDM pods are present.

      • The initial loading jobs (amster and ldif-importer) have reached Completed status.

    3. If necessary, continue to query your deployment’s status until all the pods are ready.

Next step