ForgeOps

CDM deployment

This page describes the legacy CDM implementation, which will be deprecated in an upcoming release. We strongly recommend that you transition to the current CDM implementation as soon as possible.

Now that you’ve set up your deployment environment following the instructions in the Setup section for your cloud platform, you’re ready to deploy the CDM.

To deploy the CDM in your Kubernetes cluster using artifacts from the forgeops repository:

  1. Make sure that context is set to the prod namespace:

    $ kubens prod

  2. Configure secrets for the ForgeRock Identity Platform:

    1. Deploy the secrets:

      $ cd /path/to/forgeops/kustomize/base/secrets
$ kubectl apply --filename secret_agent_config.yaml

    2. Verify that all the ForgeRock Identity Platform secrets have been created:

      $ kubectl get sac
NAME            STATUS      NUMSECRETS   NUMK8SSECRETS
forgerock-sac   Completed   14           14

      When the forgerock-sac entry reaches Completed status, all the secrets have been created.

  3. Change to the /path/to/forgeops directory and execute the skaffold run command. For example:

    $ cd /path/to/forgeops
$ skaffold run --profile small

  4. Check the status of the pods in the prod namespace until all the pods are ready:

    1. Run the kubectl get pods command:

      $ kubectl get pods
NAME                           READY   STATUS      RESTARTS   AGE
admin-ui-69bc8b89bb-dtmj8      1/1     Running     0          3m30s
am-cfc95954d-wqz6d             1/1     Running     0          3m29s
amster-j87dl                   0/1     Completed   0          3m27s
ds-cts-0                       1/1     Running     0          3m28s
ds-cts-1                       1/1     Running     0          2m55s
ds-cts-2                       1/1     Running     0          2m21s
ds-idrepo-0                    1/1     Running     0          3m28s
ds-idrepo-1                    1/1     Running     0          2m32s
end-user-ui-6985574b49-dz8t9   1/1     Running     0          3m29s
idm-57b6b86b98-hl8mj           1/1     Running     0          3m29s
ldif-importer-m6n6x            0/1     Completed   0          3m27s
login-ui-64b994b944-9qv7n      1/1     Running     0          3m29s
rcs-agent-787769544d-jm7g4     1/1     Running     0          3m28s

    2. Review the output. Deployment is complete when:

      • All entries in the STATUS column indicate Running or Completed.

      • The READY column indicates all running containers are available. The entry in the READY column represents [total number of containers/number of available containers].

      • Three AM and two IDM pods are present.

      • The initial loading jobs (amster and ldif-importer) have reached Completed status.

    3. If necessary, continue to query your deployment’s status until all the pods are ready.

Next step

Copyright © 2010-2024 ForgeRock, all rights reserved.