This demo shows how to run midPoint container with alternative repository implementation.
Starting
$ cd demo/postgresql $ docker-compose up
After docker-compose up command successfully finishes you should see something like this on the console:
midpoint_server_1 | midpoint;midpoint.log;demo;;2018-09-20 16:25:22,191 [] [main] INFO (org.springframework.boot.web.embedded.tomcat.TomcatWebServer): Tomcat started on port(s): 8080 (http) 9090 (http) with context path '/midpoint' midpoint_server_1 | midpoint;midpoint.log;demo;;2018-09-20 16:25:22,209 [] [main] INFO (com.evolveum.midpoint.web.boot.MidPointSpringApplication): Started MidPointSpringApplication in 60.512 seconds (JVM running for 61.688)
Now you can log into midPoint using https://localhost:8443/midpoint URL, with an user of administrator and a password of 5ecr3t.
You can safely ignore console messages like this:
midpoint_data_1 | ERROR: could not serialize access due to read/write dependencies among transactions midpoint_data_1 | DETAIL: Reason code: Canceled on identification as a pivot, during write. midpoint_data_1 | HINT: The transaction might succeed if retried.
This is a part of standard midPoint conflict resolution process. The mentioned transactions are really retried and they succeed eventually.
Containers
The demo/postgresql composition contains the following containers:
| Container name | Description |
|---|---|
postgresql_midpoint_server_1 | This is the standard container providing midPoint functionality. It contains standalone Tomcat running midPoint application, reverse Apache proxy, and TIER Beacon. |
| This container hosts midPoint repository; this time it is implemented on PostgreSQL 9.5 database. |
Communication
The containers publish the following TCP ports. (Port mapped to localhost denotes the mapping of container port to the host port where it can be reached from the outside.)
| Container | Port number | Port mapped to localhost | Description |
|---|---|---|---|
| 443 | 8443 | HTTPS port to be used to connect to midPoint application |
| 80 | - | HTTP port to be used to connect to midPoint application | |
| 9090 | - | Tomcat AJP port used for Apache httpd ↔ Tomcat communication | |
| 5432 | 5432 | Port used to connect to the PostgreSQL database |
Docker volumes
The following volumes are created to persist data and other relevant files.
| Volume name | Description | Used by container |
|---|---|---|
| The midPoint home directory. Contains schema extensions, logs, custom libraries, custom ConnId connectors, and so on. | |
| Volume hosting PostgreSQL database used by midPoint. | |
Configuring the composition
The following configuration properties are supported. Please refer to the main documentation page for their explanation.
| Property | Default value |
|---|---|
ENV | demo |
USERTOKEN | |
REPO_MISSING_SCHEMA_ACTION | create |
REPO_UPGRADEABLE_SCHEMA_ACTION | stop |
REPO_SCHEMA_VERSION_IF_MISSING | |
REPO_SCHEMA_VARIANT | |
MP_MEM_MAX | 2048m |
MP_MEM_INIT | 1024m |
MP_JAVA_OPTS | |
TIER_BEACON_OPT_OUT | |
TIMEZONE | UTC |
You can tailor these to your needs.
The following Docker secrets are used:
| Secret | Location |
|---|---|
mp_database_password.txt | configs-and-secrets/midpoint/application/database_password.txt |
mp_keystore_password.txt | configs-and-secrets/midpoint/application/keystore_password.txt |
mp_host-key.pem | configs-and-secrets/midpoint/httpd/host-key.pem |
The following configuration files are used:
| Target file | Source location |
|---|---|
/etc/pki/tls/certs/host-cert.pem | configs-and-secrets/midpoint/httpd/host-cert.pem |
/etc/pki/tls/certs/cachain.pem | configs-and-secrets/midpoint/httpd/host-cert.pem |
You can modify or replace these files as needed.