Identity Gateway 7.2

Build and run a Docker image

ForgeRock delivers a Dockerfile inside IG-7.2.0.zip, to help you build an evaluation-only, base Docker image for IG. After building and running the Docker image, add a configuration as described in Add configuration to a Docker image.

ForgeRock provides no commercial support for production deployments that use ForgeRock’s evaluation-only Docker images. When deploying the ForgeRock Identity Platform using Docker images, you must build and use your own images for production deployments.

The Docker image has the following characteristics:

  • The Docker image runs on Linux and Mac operating systems.

  • IG binaries are delivered in /opt/ig.

  • The environment variable $IG_INSTANCE_DIR has the value /var/ig.

  • A ForgeRock user with username: forgerock and uid: 11111, runs the IG process and owns the configuration files.

Build the base image for IG

  1. Download IG-7.2.0.zip from the ForgeRock BackStage download site, and unzip. The directory /path/to/identity-gateway is created.

  2. Go to /path/to/identity-gateway:

    $ cd /path/to/identity-gateway
  3. With a Docker daemon running, build a base Docker image:

    $ docker build . -f docker/Dockerfile -t ig-image
    
    Sending build context to Docker daemon
    Step 1/7 : FROM gcr.io/forgerock-io/java-11:latest
    latest: Pulling from forgerock-io/java-11
    ...
    Successfully tagged ig-image:latest
  4. Make sure that the Docker image is available:

    $ docker image list
    
    REPOSITORY                   TAG        IMAGE ID
    ig-image                     latest
    gcr.io/forgerock-io/java-11  latest

Run the Docker image

The following steps run the Docker image on port 8080. Make sure that the port is not being used, or use a different port as described in the procedure.

  1. With a Docker daemon running, run the Docker image:

    $ docker run -p 8080:8080 ig-image

    IG starts up, and the console displays the message log.

  2. Go to http://localhost:8080 to view the IG welcome page.

Consider using the following options when you run the Docker image:

  • The default ports 8080:8080 equate to local-machine-port:internal-container-port. IG can run on a different port, but the container must always run on 8080. The following example runs IG on port 8090:

    $ docker run -p 8090:8080 ig-image
  • The default configuration directory is /var/ig/. The following example sets the configuration directory to $HOME/.openig:

    $ docker run -p 8080:8080 -v $HOME/.openig:/var/ig/ ig-image
  • Run the image in sh shell, in interactive mode, using the provided Forgerock user:

    $ docker run -p 8080:8080 -it --user 11111 ig-image sh

Stop the Docker image

  1. List the Docker containers that are running:

    $ docker container ls
  2. For a container with the status Up, use the container ID to stop the container:

    $ docker container stop CONTAINER_ID