Important information about ForgeRock Identity Platform™ deployment using DevOps techniques.
Before You Deploy in Production
ForgeRock provides ForgeRock DevOps Examples, the Cloud Deployment Model (CDM), and the
forgeops Git repository to help you get started in the cloud.
Used together, these resources demonstrate deployment in a containerized
environment using DevOps techniques. You are responsible for adapting the
examples to suit your production requirements. These resources are provided for
demonstration purposes only.
Do not deploy ForgeRock software in a containerized environment in production until you have successfully deployed and tested the software in a non-production environment.
Deploying ForgeRock software in a containerized environment requires advanced proficiency in the technologies you use in your deployment. The technologies include, but are not limited to, Docker, Kubernetes, load balancers, DNS, public key infrastructure (PKI), Google Cloud Platform, Amazon Web Services, and Microsoft Azure.
If your organization lacks experience with complex DevOps deployments, then either engage with a certified ForgeRock consulting partner or deploy the platform on traditional architecture.
For information about obtaining support for ForgeRock Identity Platform software, see "Getting Support" in the DevOps Developer's Guide.
The ForgeRock DevOps documentation set explains how to deploy and operate the ForgeRock Identity Platform in DevOps environments. The following table describes each guide in the documentation set:
|DevOps Release Notes||
Anyone who wants to deploy the ForgeRock Identity Platform in a DevOps environment
Installing required third-party software
Upgrading ForgeRock Identity Platform DevOps deployments from version 6
DevOps changes for version 6.5, including new features, changes to existing functionality, deprecated features, and removed features
Version 6.5 limitations
|DevOps Quick Start Guide||
Anyone who wants to quickly evaluate or demonstrate the ForgeRock Identity Platform
Setting up a simple DevOps environment for deploying the ForgeRock Identity Platform
Deploying an evaluation version of the ForgeRock Identity Platform
|DevOps Developer's Guide||
Developers who configure the ForgeRock Identity Platform in a DevOps environment
Introduction to using DevOps to deploy the ForgeRock Identity Platform
Setting up DevOps environments for deploying the ForgeRock Identity Platform
Building Docker images for the ForgeRock Identity Platform
Deploying the ForgeRock DevOps Examples for AM and DS, IDM, and IG
Troubleshooting DevOps deployments of the ForgeRock Identity Platform
Cloud Deployment Model Cookbook:
DevOps developers who migrate ForgeRock Identity Platform deployments from development environments to production environments
Site reliability engineers who deploy the ForgeRock Identity Platform in production DevOps environments and keep the deployments up and running
Overview of the CDM
Deploying the CDM
Site Reliability Guide:
Site reliability engineers who keep DevOps deployments of the ForgeRock Identity Platform up and running
Building CI/CD infrastructure for deploying ForgeRock Identity Platform
Monitoring DevOps deployments of ForgeRock Identity Platform
Making DevOps deployments of ForgeRock Identity Platform highly available
Backing up and restoring directory data
Managing passwords, keys, and keystores
Upgrading the ForgeRock Identity Platform in DevOps environments
Third-Party Software and DevOps Deployments
The ForgeRock DevOps Examples and CDM require you to install software products that are not part of the ForgeRock Identity Platform. We strongly recommend that you become familiar with basic concepts for the following software before attempting to use it even in your initial experiments with DevOps deployments:
|Software||Recommended Level of Familiarity||Links to Introductory Material|
|Oracle VirtualBox||Install, start, and stop VirtualBox software; understand virtual machine settings; create snapshots||First Steps chapter in the VirtualBox documentation|
|Docker Client||Build, list, and remove images; understand the Docker client-server architecture; understand Docker registry concepts||Get Started With Docker tutorial|
|Kubernetes||Identify Kubernetes entities such as pods and clusters; understand the Kubernetes client-server architecture|
|Minikube||Understand what Minikube is; create and start a Minikube virtual machine; run docker and kubectl commands that access the Docker Engine and Kubernetes cluster running in the Minikube virtual machine|
|kubectl (Kubernetes client)||Run kubectl commands on a Kubernetes cluster||kubectl command overview|
|Kubernetes Helm||Understand what a Helm chart is; understand the Helm client-server architecture; run the helm command to install, list, and delete Helm charts in a Kubernetes cluster|
|Google Kubernetes Engine (GKE)||Create a Google Cloud Platform account and project, and make GKE available in the project||Quickstart for Kubernetes Engine|
|Google Cloud SDK||Run the gcloud command to access GKE components in a Google Cloud Platform project||Google Cloud SDK documentation|
|Amazon AWS CLI||Run the aws command to access EKS components in an Amazon EKS project||Getting Started with Amazon EKS|
|AWS IAM Authenticator for Kubernetes||Use AWS IAM credentials to authenticate to a Kubernetes cluster||AWS IAM Authenticator for Kubernetes|