ForgeOps

Minikube

forgeops repository

Before you can perform a ForgeOps deployment, you must first get the forgeops repository and check out the release/7.5-20240402 branch:

  1. Clone the forgeops repository. For example:

    $ git clone https://github.com/ForgeRock/forgeops.git

    The forgeops repository is a public Git repository. You do not need credentials to clone it.

  2. Check out the release/7.5-20240402 branch:

    $ cd forgeops
$ git checkout release/7.5-20240402

Depending on your organization’s repository strategy, you might need to clone the repository from a fork, instead of cloning ForgeRock’s master repository. You might also need to create a working branch from the release/7.5-20240402 branch. For more information, refer to Repository Updates.

Third-party software

Before performing a ForgeOps deployment, obtain non-ForgeRock software and install it on your local computer.

ForgeRock recommends that you install third-party software using Homebrew on macOS and Linux[1] .

The versions listed in this section have been validated for ForgeOps deployments on Minikube. Earlier and later versions will probably work. If you want to try using versions that are not in the table, it is your responsibility to validate them.

Software Version Homebrew package

Python 3

3.11.8

python@3.11

Docker client

25.0.3

docker

Kubernetes client (kubectl)

1.29.3

kubernetes-cli

Kubernetes context switcher (kubectx)

0.9.5

kubectx

Kustomize

5.3.0

kustomize

Helm

3.14.3

helm

JSON processor jq

1.7.1

jq

Six (Python compatibility library)

1.16.0

six

Setup tools (Python)

69.2.0

python-setuptools

Minikube

1.32.0

minikube

PyYaml

6.0.1

pyyaml

Hyperkit
(Intel x86-based macOS systems only)

0.20210107

hyperkit

Docker engine

In addition to the software listed in the preceding table, you’ll need to start a virtual machine that runs Docker engine.

For more information about using Colima when performing ForgeOps deployments, refer to this article.

Minimum requirements for the virtual machine:

  • 4 CPUs

  • 10 GB RAM

  • 60 GB disk space

For users running Microsoft Windows

ForgeRock supports ForgeOps deployments on macOS and Linux. If you have a Windows computer, you’ll need to create a Linux VM. We tested the following configurations:

  • Hypervisor: Hyper-V, VMWare Player, or VMWare Workstation

  • Guest OS: Current Ubuntu LTS release with 12 GB memory and 60 GB disk space

  • Nested virtualization enabled in the Linux VM.

Perform all the procedures in this documentation within the Linux VM. In this documentation, the local computer refers to the Linux VM for Windows users.

The Minikube implementation on Windows Subsystem for Linux (WSL2) has networking issues. As a result, consistent access to the ingress controller or the apps deployed on Minikube is not possible. This issue is tracked here. Do not attempt to perform ForgeOps deployments on WSL2 until this issue is resolved.

Minikube cluster

Minikube software runs a single-node Kubernetes cluster in a virtual machine.

The cluster/minikube/forgeops-minikube start command creates a Minikube cluster with a configuration that’s adequate for a ForgeOps deployment.

  1. Determine which virtual machine driver you want Minikube to use. By default, the forgeops-minikube command, which you run in the next step, starts Minikube with:

    • The Hyperkit driver on Intel x86-based macOS systems

    • The Docker driver on ARM-based macOS systems[2]

    • The Docker driver on Linux systems

    The default driver option is fine for most users. For more information about Minikube virtual machine drivers, refer to Drivers in the Minikube documentation.

    If you want to use a driver other than the default driver, specify the --driver option when you run the forgeops-minikube command in the next step.

  2. Set up Minikube:

    $ cd /path/to/forgeops/cluster/minikube
$ ./forgeops-minikube start
Running: "minikube start --cpus=3 --memory=9g --disk-size=40g --cni=true
--kubernetes-version=stable --addons=ingress,volumesnapshots,metrics-server --driver=hyperkit"

😄  minikube v1.32.0 on Darwin 13.6
✨  Using the hyperkit driver based on user configuration
💿  Downloading VM boot image …​
    > minikube-v1.32.1-amd64.iso…​.:  65 B / 65 B [---------] 100.00% ? p/s 0s
    > minikube-v1.32.1-amd64.iso:  292.96 MiB / 292.96 MiB  100.00% 6.66 MiB p/
👍  Starting control plane node minikube in cluster minikube
💾  Downloading Kubernetes v1.28.3 preload …​
    > preloaded-images-k8s-v18-v1…​:  403.35 MiB / 403.35 MiB  100.00% 8.60 Mi
🔥  Creating hyperkit VM (CPUs=3, Memory=9216MB, Disk=40960MB) …​
🐳  Preparing Kubernetes v1.28.3 on Docker 24.0.7 …​
    ▪ Generating certificates and keys …​
    ▪ Booting up control plane …​
    ▪ Configuring RBAC rules …​
🔗  Configuring CNI (Container Networking Interface) …​
🔎  Verifying Kubernetes components…​
    ▪ Using image registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20231011-8b53cabe0
    ▪ Using image registry.k8s.io/sig-storage/snapshot-controller:v6.1.0
    ▪ Using image registry.k8s.io/ingress-nginx/controller:v1.9.4
    ▪ Using image registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20231011-8b53cabe0
    ▪ Using image registry.k8s.io/metrics-server/metrics-server:v0.6.4
    ▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5
🔎  Verifying ingress addon…​
🌟  Enabled addons: storage-provisioner, metrics-server, default-storageclass, volumesnapshots, ingress
🏄  Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default

  3. Verify that your Minikube cluster is using the expected driver. For example:

    Running: "minikube start --cpus=3 --memory=9g --disk-size=40g --cni=true
--kubernetes-version=stable --addons=ingress,volumesnapshots --driver=hyperkit"
😄  minikube v1.32.0 on Darwin 13.6
✨  Using the hyperkit driver based on user configuration
...
    If you are running Minikube on an ARM-based macOS system and the forgeops-minikube output indicates that you are using the qemu driver, you probably did not start the virtual machine that runs your Docker engine.

Hostname resolution

Set up hostname resolution for the ForgeRock Identity Platform servers you’ll deploy in your namespace:

  1. Determine the Minikube ingress controller’s IP address:

    • If Minikube is running on an ARM-based macOS system[2] , use 127.0.0.1 as the IP address.

    • If Minikube is running on an x86-based macOS system or on a Linux system, get the IP address by running the minikube ip command:

      $ minikube ip
192.168.64.2

  2. Choose an FQDN (referred to as the deployment FQDN) that you’ll use when you deploy the ForgeRock Identity Platform, and when you access its GUIs and REST APIs. Ensure that the FQDN is unique in the cluster you will be deploying the ForgeRock Identity Platform.

    Examples in this documentation use forgeops.example.com as the deployment FQDN. You are not required to use forgeops.example.com; you can specify any FQDN you like.

  3. Add an entry to the /etc/hosts file to resolve the deployment FQDN:

    ingress-ip-address forgeops.example.com

    For ingress-ip-address, specify the IP address from step 1.

1. The Linux version of Homebrew does not support installing software it maintains as casks. Because of this, if you’re setting up an environment on Linux, you won’t be able to use Homebrew to install software in several cases. You’ll need to refer to the software’s documentation for information about how to install the software on a Linux system.
2. For example, systems based on M1 or M2 chipsets.
Copyright © 2010-2024 ForgeRock, all rights reserved.