Page created: 1 Nov 2021
|
Page updated: 4 May 2022
The following sections show example of using environment variables to create containers.
The containers must be created in the following order:
- MongoDB
- Zookeeper
- Kafka
- ABS
- ASE
- API Publish
- Dashboard
Launch MongoDB container: Run the following command with some sample environment
variables to launch the MongoDB container:
docker run -d --name mongo --hostname mongo -e MONGO_USERNAME="new_mongo_user" \
-e MONGO_PASSWORD="new_mongo_password" \
-e WIRED_TIGER_CACHE_SIZE_GB="1.8" \
-e MONGO_SSL="true" pingidentity/mongo:4.2.0
Running this command creates the MongoDB container with settings in environment variable provided. If any of the environment variable is not used, then the container is launched with default values.
Launch Zookeeper container: Run the following command with some sample environment
variables to launch the Zookeeper
container:
docker run -d --name zookeeper --hostname zookeeper -e ZOOKEEPER_PORT="2181" \
-e ZOOKEEPER_SSL_PORT="2182" \
pingidentity/zookeeper:5.1
Launch Kafka container: Run the following command with some sample environment
variables to launch the Kafka
container:
docker run -d --name kafka --hostname kafka --link zookeeper:zookeeper \
-e ZOOKEEPER_URL="zookeeper:2182" \
-e KAFKA_SASL_PORT="9093" \
-e KAFKA_SSL_PORT="9092" \
-e DELETE_TOPIC="true" \
-e REPLICATION_FACTOR="1" \
-e TOPIC_PARTITION="1" \
-e ABS_CONSUMER_USER="abs_consumer" \
-e ABS_PRODUCER_USER="abs_producer" \
-e ABS_CONSUMER_GROUP="pi4api.abs" \
-e ABS_CONSUMER_PASSWORD="changeme" \
-e ABS_PRODUCER_PASSWORD="changeme" \
-e TRANSACTION_TOPIC="pi4api.queuing.transactions" \
-e ATTACK_TOPIC="pi4api.queuing.ioas" \
-e ANOMALIES_TOPIC="pi4api.queuing.anomalies" \
-e DE_CONSUMER_USER="pi4api_de_user" \
-e DE_CONSUMER_GROUP="pi4api.data-engine" \
-e DE_CONSUMER_PASSWORD="changeme" \
-e RETENTION_PERIOD="172800000" \
-e POD_NAME="0" \
pingidentity/kafka:5.1
Launch ABS container: Run the following command with some sample environment
variables to launch the ABS
container:
docker run -d --name abs --hostname abs --link mongo:mongo --link kafka:kafka -e MONGO_RS=mongodb://mongo:27017 \
-e MONGO_USERNAME="new_mongo_user" \
-e MONGO_PASSWORD="new_mongo_password" -e MONGO_SSL="true" \
-e ABS_ACCESS_KEY="new_abs_ak" \
-e ABS_SECRET_KEY="new_abs_sk" -e ABS_ACCESS_KEY_RU="new_abs_ak_ru" \
-e ABS_SECRET_KEY_RU="new_abs_sk_ru" \
-e ATTACK_INITIAL_TRAINING="24" \
-e API_DISCOVERY="true" -e API_DISCOVERY_INITIAL_PERIOD="6" \
-e API_DISCOVERY_UPDATE_INTERVAL="1" \
-e API_DISCOVERY_SUBPATH="3" \
-e KAFKA_SERVERS="kafka:9093" \
-e KAFKA_MIN_INSYNC_REPLICA="1" \
-e ABS_CONSUMER_USER="abs_consumer" \
-e ABS_PRODUCER_USER="abs_producer" \
-e ABS_CONSUMER_GROUP="pi4api.abs" \
-e ABS_CONSUMER_PASSWORD="changeme" \
-e ABS_PRODUCER_PASSWORD="changeme" \
-e TRANSACTION_TOPIC="pi4api.queuing.transactions" \
-e ATTACK_TOPIC="pi4api.queuing.ioas" \
-e ANOMALIES_TOPIC="pi4api.queuing.anomalies" \
pingidentity/abs:5.1
Launch ASE container: Run the following command with some sample environment
variables to launch the ASE container:
docker run -d --name ase --link abs:abs --hostname ase -e MODE="inline" \
-e ENABLE_CLUSTER="true" -e ENABLE_ABS="true" -e ABS_ENDPOINT="abs:8080" \
-e ABS_ACCESS_KEY="new_abs_ak" -e ABS_SECRET_KEY="new_abs_sk" -e ENABLE_ABS_PUBLISH="true" --shm-size=1g pingidentity/ase:5.1
Launch the second ASE node in ASE cluster: Run the following command with some
sample environment variables to launch the ASE node in a cluster:
docker run -d --name ase1 --link abs:abs --link ase:ase --hostname ase1 \
-e MODE="inline" -e ENABLE_CLUSTER="true" \
-e PEER_NODE="ase:8020" -e ENABLE_ABS="true" \
-e ABS_ENDPOINT="abs:8080" -e ABS_ACCESS_KEY="new_abs_ak" \
-e ABS_SECRET_KEY="new_abs_sk" --shm-size=1g pingidentity/ase:5.1Launch API Publish container: Run the following command with some sample environment
variables to launch the API Publish
container:
docker run -d --name apipublish --hostname apipublish --link mongo:mongo -e MONGO_RS=mongodb://mongo:27017 \
-e MONGO_USERNAME="new_mongo_user" \
-e MONGO_PASSWORD="new_mongo_password" -e MONGO_SSL="true" \
pingidentity/apipublish:5.1
Launch Dashboard: Run the following command with some sample environment variables
to launch the Dashboard
container:
docker run -d --name webgui --link abs:abs --link ase:ase --link apipublish:apipublish --link kafka:kafka --hostname webgui \
-e ABS_RESTRICTED_USER_ACCESS="false" \
-e ABS_ACCESS_KEY="new_abs_ak" -e ABS_SECRET_KEY="new_abs_sk" -e ABS_HOST="abs" \
-e ABS_URL="https://abs:8080" -e ASE_URL="https://ase:8010" \
-e WEBGUI_ADMIN_PASSWORD="new_webgui_admin_password" \
-e WEBGUI_PING_USER_PASSWORD="new_webgui_pinguser_password" \
-e KAFKA_SERVERS="kafka:9093" \
-e KAFKA_MIN_INSYNC_REPLICA="1" \
-e DE_CONSUMER_USER="ping_user" \
-e DE_CONSUMER_GROUP="pi4api.data-engine" \
-e DE_CONSUMER_PASSWORD="changeme" \
-e TRANSACTION_TOPIC="pi4api.queuing.transactions" \
-e ATTACK_TOPIC="pi4api.queuing.ioas" \
-e ANOMALIES_TOPIC="pi4api.queuing.anomalies" \
-e API_PUBLISH_URL="https://apipublish:8050" \
-p 8030:8030 -p 8040:8040 pingidentity/dashboard:5.1
Port mapping
When the containers are created, the exposed ports are not mapped. To map the ports,
you need to complete port mapping using the
-p option in the
docker run command. The following table lists the ports that
should be exposed in the container.| Component | Port number | Usage |
| ASE | 8080 | HTTP data plane |
| 8443 | HTTPS data plane | |
| 8010 | Management port number | |
| 8020 | Cluster port number | |
| ABS | 8080 | API server port number |
| Dashboard | 8030 | Dashboard port number |
| MongoDB | 27017 | MongoDB port number |
| API Publish | 8050 | API Publish port number |
| Zookeeper | 2181 2182 |
Zookeeper port number |
| Kafka | 9092 9093 |
Kafka port number |