Posts

Showing posts from 2015

Kubernetes Namespaces and OpenAM

Image
I have been conducting some experiments running the ForgeRock stack on Kubernetes. I recently stumbled on namespaces.

In a nutshell Kubernetes (k8) namespaces provide isolation for instances. The typical use case is to provide isolated environments for dev, QA, production and so on.

I had an "Aha!" moment when it occurred to me that namespaces could also provide multi-tenancy on a k8 cluster. How might this work?

Let's create a two node OpenAM cluster using an external OpenDJ instance:

See https://github.com/ForgeRock/fretes  for some samples used in this article

kubectl create -f am-dj-idm/

The above command launches all the containers found in the given directory, wires them up together (updates DNS records), and create a load balancer on GCE.

 If I look at my services:

 kubectl get service 

I see something like this:

NAME       LABELS          SELECTOR   IP(S) PORT(S) 
openam-svc name=openam-svc site=site1 10.215.249.206 80/TCP 
                                      104.…

A script to download ForgeRock nightly binaries

Here is a little script to download all of the nightly builds for the ForgeRock stack. Handy for testing!


Loading https://gist.github.com/wstrange/499008ad8cf29eeef28c
This file is part of the frstack project. You may find a more up to date copy here



Sample todo app using Angular2 and Dart

Here is a sample todo app written in Angular2 and Dart. This is largely copied from David East's sample JS angular2 app.



Running OpenAM and OpenDJ on Kubernetes with Google Container Engine

Image
Still quite experimental, but if you are adventurous, have a look at:

https://github.com/ForgeRock/frstack/tree/master/docker/k8


This will set up a two node Kubernetes cluster running OpenAM and OpenDJ.  This uses images on the Docker hub that provide nightly builds for OpenAM and OpenDJ.

I will be presenting this at the ForgeRock IRM summit this thursday. Fingers crossed that the demo gods smile down on me!


Nice Demo of OpenAM log analysis using the ELK stack

Image
The folks at Identropy have put together a nifty video showing analysis of OpenAM audit log events using the ELK stack (Elasticsearch, Logstash, Kibana).

Check it out here:



Frstack to automate ForgeRock install has a new home.

A quick update:

The 'frstack' project to automate the installation of the ForgeRock stack (OpenAM, OpenIDM, OpenDJ and OpenIG) has been moved from my personal github account to the new ForgeRock account.


You can find it at:  https://github.com/ForgeRock/frstack

Happy Installing!