Using environment variables example

The following sections show example of using environment variables to create containers.

About this task

The containers must be created in the following order:

MongoDB
Zookeeper
Kafka
API Behavioral Security (ABS)
API Security Enforcer (ASE)
API Publish
Dashboard

Steps

To launch the MongoDB container, run the following command with some sample environment variables:
```
docker run -d --name mongo --hostname mongo
```
Result:

Running this command creates the MongoDB container with settings in environment variables provided.
```
docker run -d --name mongo --hostname mongo -e MONGO_USERNAME="new_mongo_user" \
-e MONGO_PASSWORD="new_mongo_password" \
-e WIRED_TIGER_CACHE_SIZE_GB="1.8" \
-e MONGO_SSL="true" pingidentity/mongo:4.2.0
```
If any of the environment variables are not used, then the container is launched with the default values.

To launch the Zookeeper container, run the following command with some sample environment variables:

docker run -d --name zookeeper --hostname zookeeper

Example:

docker run -d --name zookeeper --hostname zookeeper -e ZOOKEEPER_PORT="2181" \
-e ZOOKEEPER_SSL_PORT="2182" \
pingidentity/zookeeper:5.1

To launch the Kafka container, run the following command with some sample environment variables:

docker run -d --name kafka --hostname kafka --link zookeeper:zookeeper

Example:

docker run -d --name kafka --hostname kafka --link zookeeper:zookeeper \
-e ZOOKEEPER_URL="zookeeper:2182" \
-e KAFKA_SASL_PORT="9093" \
-e KAFKA_SSL_PORT="9092" \
-e DELETE_TOPIC="true" \
-e REPLICATION_FACTOR="1" \
-e TOPIC_PARTITION="1" \
-e ABS_CONSUMER_USER="abs_consumer" \
-e ABS_PRODUCER_USER="abs_producer" \
-e ABS_CONSUMER_GROUP="pi4api.abs" \
-e ABS_CONSUMER_PASSWORD="changeme" \
-e ABS_PRODUCER_PASSWORD="changeme" \
-e TRANSACTION_TOPIC="pi4api.queuing.transactions" \
-e ATTACK_TOPIC="pi4api.queuing.ioas" \
-e ANOMALIES_TOPIC="pi4api.queuing.anomalies" \
-e DE_CONSUMER_USER="pi4api_de_user" \
-e DE_CONSUMER_GROUP="pi4api.data-engine" \
-e DE_CONSUMER_PASSWORD="changeme" \
-e RETENTION_PERIOD="172800000" \
-e POD_NAME="0" \
pingidentity/kafka:5.1

To launch the ABS container, run the following command with some sample environment variables:

docker run -d --name abs --hostname abs --link mongo:mongo --link kafka:kafka

Example:

docker run -d --name abs --hostname abs --link mongo:mongo --link kafka:kafka -e MONGO_RS=mongodb://mongo:27017 \
-e MONGO_USERNAME="new_mongo_user" \
-e MONGO_PASSWORD="new_mongo_password" -e MONGO_SSL="true" \
-e ABS_ACCESS_KEY="new_abs_ak" \
-e ABS_SECRET_KEY="new_abs_sk" -e ABS_ACCESS_KEY_RU="new_abs_ak_ru" \
-e ABS_SECRET_KEY_RU="new_abs_sk_ru" \
-e ATTACK_INITIAL_TRAINING="24" \
-e API_DISCOVERY="true" -e API_DISCOVERY_INITIAL_PERIOD="6" \
-e API_DISCOVERY_UPDATE_INTERVAL="1" \
-e API_DISCOVERY_SUBPATH="3" \
-e KAFKA_SERVERS="kafka:9093" \
-e KAFKA_MIN_INSYNC_REPLICA="1" \
-e ABS_CONSUMER_USER="abs_consumer" \
-e ABS_PRODUCER_USER="abs_producer" \
-e ABS_CONSUMER_GROUP="pi4api.abs" \
-e ABS_CONSUMER_PASSWORD="changeme" \
-e ABS_PRODUCER_PASSWORD="changeme" \
-e TRANSACTION_TOPIC="pi4api.queuing.transactions" \
-e ATTACK_TOPIC="pi4api.queuing.ioas" \
-e ANOMALIES_TOPIC="pi4api.queuing.anomalies" \
pingidentity/abs:5.1

To launch the ASE container, run the following command with some sample environment variables to launch the ASE container:

docker run -d --name ase --link abs:abs --hostname ase

Example:

docker run -d --name ase --link abs:abs --hostname ase -e MODE="inline" \
-e ENABLE_CLUSTER="true" -e ENABLE_ABS="true" -e ABS_ENDPOINT="abs:8080" \
-e ABS_ACCESS_KEY="new_abs_ak" -e ABS_SECRET_KEY="new_abs_sk" -e ENABLE_ABS_PUBLISH="true" --shm-size=1g pingidentity/ase:5.1

To launch the second ASE node in ASE cluster, run the following command with some sample environment variables to launch the ASE node in a cluster:

docker run -d --name ase1 --link abs:abs --link ase:ase --hostname ase1

Example:

docker run -d --name ase1 --link abs:abs --link ase:ase --hostname ase1 \
-e MODE="inline" -e ENABLE_CLUSTER="true" \
-e PEER_NODE="ase:8020" -e ENABLE_ABS="true" \
-e ABS_ENDPOINT="abs:8080" -e ABS_ACCESS_KEY="new_abs_ak" \
-e ABS_SECRET_KEY="new_abs_sk" --shm-size=1g pingidentity/ase:5.1

To launch the API Publish container, run the following command with some sample environment variables:

docker run -d --name apipublish --hostname apipublish --link mongo:mongo

Example:

docker run -d --name apipublish --hostname apipublish --link mongo:mongo -e MONGO_RS=mongodb://mongo:27017 \
-e MONGO_USERNAME="new_mongo_user" \
-e MONGO_PASSWORD="new_mongo_password" -e MONGO_SSL="true" \
pingidentity/apipublish:5.1

To launch the Dashboard, run the following command with some sample environment variables:

docker run -d --name webgui --link abs:abs --link ase:ase --link apipublish:apipublish --link kafka:kafka --hostname webgui

Example:

docker run -d --name webgui --link abs:abs --link ase:ase --link apipublish:apipublish --link kafka:kafka --hostname webgui \
-e ABS_RESTRICTED_USER_ACCESS="false" \
-e ABS_ACCESS_KEY="new_abs_ak" -e ABS_SECRET_KEY="new_abs_sk" -e ABS_HOST="abs" \
-e ABS_URL="https://abs:8080" -e ASE_URL="https://ase:8010" \
 -e WEBGUI_ADMIN_PASSWORD="new_webgui_admin_password" \
-e WEBGUI_PING_USER_PASSWORD="new_webgui_pinguser_password" \
-e KAFKA_SERVERS="kafka:9093" \
-e KAFKA_MIN_INSYNC_REPLICA="1" \
-e DE_CONSUMER_USER="ping_user" \
-e DE_CONSUMER_GROUP="pi4api.data-engine" \
-e DE_CONSUMER_PASSWORD="changeme" \
-e TRANSACTION_TOPIC="pi4api.queuing.transactions" \
-e ATTACK_TOPIC="pi4api.queuing.ioas" \
-e ANOMALIES_TOPIC="pi4api.queuing.anomalies" \
-e API_PUBLISH_URL="https://apipublish:8050" \
-p 8030:8030 -p 8040:8040 pingidentity/dashboard:5.1

Next steps

When the containers are created, the exposed ports are not mapped. To map the ports, you need to complete port mapping using the -p option in the docker run command. The following table lists the ports that should be exposed in the container.

Component	Port number	Usage
ASE	8080	HTTP data plane
8443	HTTPS data plane
8010	Management port number
8020	Cluster port number
ABS	8080	API server port number
Dashboard	8030	Dashboard port number
MongoDB	27017	MongoDB port number
API Publish	8050	API Publish port number
Zookeeper	2181 2182	Zookeeper port number
Kafka	9092 9093	Kafka port number

Component

Port number

Usage

ASE

8080

HTTP data plane

8443

HTTPS data plane

8010

Management port number

8020

Cluster port number

ABS

8080

API server port number

Dashboard

8030

Dashboard port number

MongoDB

27017

MongoDB port number

API Publish

8050

API Publish port number

Zookeeper

2181

2182

Zookeeper port number

Kafka

9092

9093

Kafka port number

PingIntelligence

Using environment variables example

About this task

Steps

Result:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Next steps