Deploy Autonomous Identity on MacOS
This section shows you how to install and deploy Autonomous Identity using Minikube, Kubernetes, and Docker on a MacOS laptop or computer. This example shows you how easy it is to deploy Autonomous Identity locally on your computer.
This example setup is only for evaluation purposes and should not be used for production deployments.
This example uses a combination of components like Docker, Kubernetes, Minikube, and Hyperkit to deploy Autonomous Identity on your computer or laptop.
Docker is a popular tool that packages software and their dependencies into their own containers.
Kubernetes is an open-source orchestration platform that provides deployment, scaling, and load management across multiple containers, allowing you to run a microservices architecture.
Minikube is an open-source tool that lets you run a single-node Kubernetes cluster virtually on your local machine.
Hyperkit is a MacOS-based hypervisor that runs and manages virtual machines like Minikube.
See a simple image of this deployment
* Deployment Procedures*
Let’s set up Autonomous Identity on MacOS.
Hardware: MacBook Pro, 16 cores, 32GB RAM
Software: Homebrew for downloading third-party components
Minimum OS: MacOS Catalina, version 10.15.4
Download and install Minikube. If you already have minikube, make sure to upgrade to v1.9.2, which fixes NFS share mounting issues with the Hyperkit driver.
$ brew install minikube
$ mkdir ~/bin
$ sudo mkdir /Users/minikube
Change the privileges.
$ sudo chown $USER /Users/minikube
Create a startup script.
$ echo "minikube start --vm-driver=hyperkit --cpus 12 --memory 14336 --disk-size=50GB --nfs-share /Users/minikube --addons metrics-server" > ~/bin/start-minikube.sh
Make the script executable.
$ chmod +x ~/bin/start-minikube.sh
Export to $PATH.
$ echo -e "\nexport PATH=~/bin:$PATH" >> ~/.bash_profile
$ minikube.sh minikube v1.9.2 on Darwin 10.15.4 Using the hyperkit driver based on user configuration Starting control plane node m01 in cluster minikube Creating hyperkit VM (CPUs=10, Memory=14336MB, Disk=51200MB) … Password: Preparing Kubernetes v1.18.0 on Docker 19.03.8 … Enabling addons: default-storageclass, metrics-server, storage-provisioner Done! kubectl is now configured to use "minikube"
Check that Minikube is running.
$ minikube status m01 host: Running kubelet: Running apiserver: Running kubeconfig: Configured
Deploy the Components in Minikube
Create a directory for the Autonomous Identity repository.
$ mkdir -p ~/repo/autoid
Change to the directory.
$ cd ~/repo/autoid
Clone a kubernetes folder that holds the configuration files from the ForgeRock repo.
$ git clone ssh://email@example.com:7999/opt/autoid/kubernetes.git
Change to the
$ cd kubernetes
Check out the branch.
$ git checkout -b zoran-kubernetes origin/zoran-kubernetes-poc
analyticsfolder. This folder holds the example input files for ingestion.
$ mkdir -p /Users/minikube/autoid-data/analytics
Process the kustomize directory to create the microservices.
$ kubectl create -k .
List all pods in ps output format, and then wait for all pods to be in a "running" state. Note that you may see some errors for the pods:
ImagePullBackoff. These errors indicate that the pods are waiting for their dependencies to start. Continue waiting until all pods go into a "running" state.
$ kubectl get pods -w NAME READY STATUS RESTARTS AGE cassandra-db 1/1 Running 0 28m cli 1/1 Running 0 28m configuration-service 1/1 Running 0 28m consul-client 1/1 Running 7 28m consul-server 1/1 Running 0 28m nginx 1/1 Running 0 28m openldap 1/1 Running 0 28m phpldapadmin 1/1 Running 0 28m selfservice 1/1 Running 0 28m spark-56f58889fd-kbxdv 1/1 Running 0 28m spark-slaves-7f7674d5fc-7xjk8 1/1 Running 0 28m spark-slaves-7f7674d5fc-9dprx 1/1 Running 0 28m spark-slaves-7f7674d5fc-pfg5n 1/1 Running 0 28m spark-slaves-7f7674d5fc-wlvpp 1/1 Running 0 28m zoran-api 1/1 Running 0 28m zoran-ui 1/1 Running 0 28m
Run the Analytics Engine on MacOS
Copy the Demo Data into the Analytics folder.
$ cp demo-data/* /Users/minikube/autoid-data/analytics
Run the Analytics Pipeline.
$ kubectl exec cli — run-pipeline
Access the Autonomous Identity UI
Find out what your IP address is on Minikube.
$ minikube ip
/etc/hostsfile to map your minikube IP to the UI. Open an editor and add your Minikube IP address to the
/etc/hosts. For example, assume your Minikube IP address is 192.168.64.29, then update your
/etc/hostsfile as follows:
Open a browser and navigate to
To log in to Autonomous Identity, enter a test admin user:
Access a self-service UI if you want to change your Autonomous Identity password:
If you want to access the Apache Spark console:
Stop the Autonomous Identity
Stop Autonomous Identity
$ docker stop $(docker ps -a -q)
This section presents some troubleshooting tips when running the evaluation version of Autonomous Identity:
If you run low on memory, you can safely shutdown Minikube without losing data. All data in Cassandra, Consul, OpenLDAP are stored in Minikube using persistent volumes. You can access the data by running
minikube sshand going to the
Analytics jobs are quite compute intensive. You can speed up the analytics job if you can dedicate more resources for Minikube.
Alter the Minikube parameters to increase the CPU cound and memory.
Increase the number of Spark slaves by changing the variables
While running the analytics scripts, set
--num-executorsto the number of spark slaves.
Make sure the
--executor-memorymultiplied by the number of spark slaves is well within the memory allocated to Minikube.
If you change the Minikube resource allocation, delete the existing cluster and re-create.
To troubleshoot performance issues or pod crashes, run the Kubernetes dashboard. First, check if the metrics-server is running
kubectl top node. It should show an output like this:
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY% minikube 189m 2% 1165Mi 8%
If you see the output, start the Kubernetes dashboard by running