This is a live document. If you encounter issues, please let us know via the #incommon-midpoint
Internet2 Slack channel or via email to inctrust-si@incommon.org
Introduction
This page shows how to get started with a Docker image for the midPoint component of the InCommon Trusted Access Platform.
Prerequisites
In order to set up and run this container and associated demonstrations, you need a Linux machine with a reasonably recent Docker installation. The most advanced demo/grouper
optionally uses an LDAP browser, e.g. Apache Directory Studio that itself requires Java. The LDAP browser is really optional. It is used only to check that LDAP objects are created correctly. You can safely proceed without it.
Also, make sure appropriate ports are available on the host machine. They are listed in the documentation to individual demonstrations.
Getting started (simple demo)
The image cannot be "run" by itself as it requires a midPoint repository - i.e. an SQL database - to execute. So the easiest way to start dockerized midPoint is to use one of the provided demonstrations. The most logical choice for just getting started with midPoint is demo/simple
.
$ git clone https://github.internet2.edu/Docker/midPoint_container.git $ cd midPoint_container/demo/simple $ docker compose up
After starting
After docker compose up
command successfully finishes you should see something like this on the console:
midpoint_server | 2024-05-24 07:23:53,374 [] [main] INFO (com.evolveum.midpoint.web.boot.MidPointSpringApplication): Started MidPointSpringApplication in 22.246 seconds (process running for 23.944)
Now you can log into midPoint using https://localhost:8080/midpoint URL, with an user of administrator
and a password of Test5ecr3t.The default password is configured using environmental variable in docker-compose.yml. See Administrator Initial Password documentation for details.
Beyond the simple demo
Besides the midPoint image itself, and the simple demo discussed above, the project contains demonstrations that integrate midPoint with selected other components
Demonstration Instruction Pages | Description |
---|---|
demo/simple | The simplest use of midPoint: just running it along with a dockerized PostgreSQL repository. |
demo/shibboleth-apache-sp | Shows how to use midPoint with the TAP Shibboleth SP container and Shibboleth IdP. |
demo/shibboleth-midpoint-sp | Shows how to use midPoint with Shibboleth IdP using SAML2 SP bundled with midPoint. |
demo/grouper | This is a demonstration of the use of midPoint image in a wider environment consisting of Grouper, Shibboleth, LDAP directory, and sample source and target systems. |
Configuring the containers (general information)
All the demos are trying to use existing containers with only configuration in the docker-compose.yml file, whenever possible. That enables you to simply use upstream containers without need of building and maintaining your own.
Especially for midPoint and related containers everything build on top of vanilla images, therefore you can fully use all information from midPoint's documentation. To start with midPoint in containers there are recommended documentation pages:
Documentation page | Description |
---|---|
Quick start with midPoint. Also explaining basic docker commands. | |
MidPoint In Container | Generic description of midPoint in containers, including deployment diagram. |
Customization in Container Environment | Detailed description of possible customization in containers. This page will also describe most of the settings done in docker-compose.yml files in the individual demos. |
MidPoint images used for InCommon Trusted Access Platform are build on Rocky Linux. You will find other options in the midPoint documentation, but Rocky Linux is recommended for TAP.
ARM images are available as experimental. Feedback from using them at midPoint working group or at #incommon-midPoint slack channel will be appreciated and will help to decide the next steps with ARM support.