--- title: Custom PingGateway image description: The PingGateway configuration provided in the CDK canonical configuration profile is an example. It is not meant for use in production. Remove this configuration and replace it with your own routes before using PingGateway in your environment. component: forgeops version: 7.4 page_id: forgeops::how-to/ig/deploy-custom-ig canonical_url: https://docs.pingidentity.com/forgeops/7.4/how-to/ig/deploy-custom-ig.html keywords: ["Internet Gateway", "forgeops Command"] section_ids: prerequisites: Prerequisites build_a_custom_pinggateway_image_and_deploy_pinggateway: Build a custom PingGateway image and deploy PingGateway --- # Custom PingGateway image The PingGateway configuration provided in the CDK canonical configuration profile is an example. It is not meant for use in production. Remove this configuration and replace it with your own routes before using PingGateway in your environment. Refer to the [PingGateway Deployment Guide](https://docs.pingidentity.com/pinggateway/2023.11/ig/devops-guide/preface.html) for configuring routes. ## Prerequisites Before starting to build your custom PingGateway image and deploy PingGateway, set up your local environment to write Docker images: > **Collapse: Minikube** > > Set up your local environment to execute docker commands on Minikube's Docker engine. > > ForgeRock recommends using the built-in Docker engine when developing custom Docker images using Minikube. When you use Minikube's Docker engine, you don't have to build Docker images on a local engine and then push the images to a local or cloud-based Docker registry. Instead, you build images using the same Docker engine that Minikube uses. This streamlines development. > > To set up your local environment to execute docker commands on Minikube's Docker engine, run the docker-env command in your shell: > > ``` > $ eval $(minikube docker-env) > ``` > **Collapse: GKE shared cluster** > > To set up your local computer to push Docker images to your Google Cloud GCR container registry: > > 1. If it's not already running, start Docker on your local computer. For more information, refer to the Docker documentation. > > 2. Set up a Docker credential helper: > > ``` > $ gcloud auth configure-docker > ``` > **Collapse: EKS shared cluster** > > To set up your local computer to push Docker images to your Amazon ECR container registry: > > 1. If it's not already running, start Docker on your local computer. For more information, refer to the Docker documentation. > > 2. Log in to Amazon ECR. Use the Docker registry location you [obtained from your cluster administrator](../../cdk/cloud/setup/eks/clusterinfo.html): > > ``` > $ aws ecr get-login-password | \ > docker login --username AWS --password-stdin my-docker-registry > stdin my-docker-registry > Login Succeeded > ``` > > ECR login sessions expire after 12 hours. Because of this, you'll need to perform these steps again whenever your login session expires. > **Collapse: AKS shared cluster** > > To set up your local computer to push Docker images to your Azure ACR container registry: > > 1. If it's not already running, start Docker on your local computer. For more information, refer to the Docker documentation. > > 2. Install the [ACR Docker Credential Helper](https://github.com/Azure/acr-docker-credential-helper). ## Build a custom PingGateway image and deploy PingGateway 1. Verify that the CDK is up and running. 2. Configure PingGateway by creating, modifying, or deleting rules in the /path/to/forgeops/docker/ig/config-profiles/my-profile/config/routes-service directory. 3. [Identify the repository](../../cdk/develop/setup.html#push-to) to which you'll push the Docker image. You'll use this location in the next step to specify the --push-to argument's value. 4. Build a new `ig` image that includes your changes to PingGateway static configuration: ``` $ cd /path/to/forgeops/bin $ ./forgeops build ig --config-profile my-profile --push-to my-repo Generating tags... - ig → ig:0a27bdfea Checking cache... - ig: Not found. Building Starting build... Found [minikube] context, using local docker daemon. Building [ig]... Sending build context to Docker daemon 55.81kB Step 1/5 : FROM gcr.io/forgerock-io/ig:2023.11.0 --→ ba6f8150204e Step 2/5 : ARG CONFIG_PROFILE=cdk ... Step 5/5 : COPY --chown=forgerock:root . /var/ig --→ c173995218a3 Successfully built c173995218a3 Successfully tagged ig:0a27bdfea Updated the image_defaulter with your new image for ig: "ig:c173995218a3c55dbca76fff08588153db0693a51ff0904e6adee34b7163340a" ``` 5. Uninstall the previously deployed PingGateway from your CDK: 1. Set the active namespace in your local Kubernetes context to the namespace in which you have deployed the PingGateway. 2. Delete PingGateway: ``` $ ./forgeops delete ig "cdk" platform detected in namespace: "my-namespace". Uninstalling component(s): ['ig'] from namespace: "my-namespace". OK to delete components? [Y/N] Y secret "openig-secrets-env" deleted service "ig" deleted deployment.apps "ig" deleted ``` 6. Deploy PingGateway using your customized PingGateway image: ``` $ ./forgeops install ig --cdk Checking secret-agent operator and related CRDs: secret-agent CRD found in cluster. Checking ds-operator and related CRDs: ds-operator CRD found in cluster. Installing component(s): ['ig'] secret/openig-secrets-env created service/ig created deployment.apps/ig created Enjoy your deployment! ``` 7. Run the kubectl get pods command to check the status of the PingGateway pod. Wait until the PingGateway pod is ready before proceeding to the next step. 8. Verify that your PingGateway routes work.