Cloud Deployment Quickstart (CDQ)

The CDQ is a very quick, single-command deployment of the ForgeRock Identity Platform on a Kubernetes cluster, suitable for demonstration purposes only. Use the CDQ when you want to quickly demonstrate deployment of the platform on Kubernetes. For example, you could deploy CDQ, access the AM console, and examine AM’s configuration.

Do not attempt to perform development tasks or even proofs of concept on the CDQ. If you need to build custom images for the ForgeRock Identity Platform, use the CDK, not the CDQ. If you need to deploy the platform to prepare for going to production, use the CDM.

CDQ Prerequisites

You’ll need to download and install some software, and create a namespace in a Kubernetes cluster before you can deploy the CDQ:

  • script. If you haven’t already done so, get the forgeops repository. The script resides in the repository’s bin directory.

    More information here.

  • Third-party software. At minimum, you’ll need Kubernetes client software (the kubectl command). If you plan to deploy the CDQ to a Minikube cluster, you’ll also need Minikube and VirtualBox software.

    More information here.

  • A Kubernetes cluster. You can use a Minikube cluster or a shared cluster on a cloud provider.

    More information here for Minikube.

  • Ingress controller (in Minikube). Enable the ingress controller.

    More information here.

  • A namespace in the cluster. Example commands in this section assume that you plan to deploy the CDQ into a namespace called cdq.

    More information here.

  • Local hostname resolution. Add a hostname entry to your /etc/hosts file to enable local resolution of hostnames used by the platform UIs.

    More information here:

  • Kubernetes context. Your local Kubernetes context must be set to the cluster and namespace where you plan to deploy the platform.

    More information here:

CDQ Deployment

To deploy the CDQ in the cdq namespace, run the script. In a separate terminal tab or window, run the kubectl get pods command to monitor status of the deployment. Wait until all the pods are ready.

Then you can access platform UIs, using the links in the Relevant URLs section of the CLI output, and the passwords in the Relevant passwords section.

For example:

$ cd /path/to/forgeops/bin
$ ./ -n cdq -a -f 2021.05.12-7.1.0

Checking secret-agent operator and related CRDs: secret-agent CRD found in cluster.
Checking ds-operator and related CRDs: ds-operator CRD found in cluster.

Using forgeops repo:tag "ForgeRock/forgeops:2021.05.12-7.1.0"
Targeting namespace: "cdq"
. . .
Relevant passwords:
Iod2maUH4DifWUQpE7VAWcz4 (amadmin user)
CQaCCGhQEiZXNYdFrqPPmfuE (openidm-admin user)
9tSlPkkyQZixI03f7fMaW7ajrHy6el9Y (uid=admin user)
5veoH11bbzsu03N5aPbDev7XtevsJWKj (App str svc acct (uid=am-config,ou=admins,ou=am-config))
6gSGUKcQRSH5ONgpbWCHBLEDZfNFwZAn (CTS svc acct (uid=openam_cts,ou=admins,ou=famrecords,ou=openam-session,ou=tokens))
fNimTz7Fzv5FPC5dQBAvDphjVvGBcWWL (ID repo svc acct (uid=am-identity-bind-account,ou=admins,ou=identities))

Relevant URLs:

Enjoy your "quickstart" deployment!

CDQ Removal

To remove the CDQ from the cdq namespace, run the script with the -u option. For example:

$ cd /path/to/forgeops/bin
$ ./ -n cdq -u

Uninstalling the CDQ
Targeting namespace: cdq

configmap "idm" deleted
. . .