[midPoint] midPoint 3.8 Docker Install with MySQL

Solberg, Eric eric at solberg.com
Wed Oct 17 23:00:11 CEST 2018 

Thanks everyone for your help working through the issues I had here. I thought I’d give back to the list here with the complete steps to make this work.

 

I’m using VMs based on Debian 9 on Google Cloud Platform. This should work in Docker containers or other Linux environments perhaps with minor changes to some of the apt-get steps. These instructions presume you have a MySQL instance running at [mysql-host] and have your MySQL [root-password]. 

 

Here I’m using a throw-away VM instance to get the initial configuration working. 

 

Make sure your package library is up to date:

 

sudo apt-get update

 

If you don’t have Java, install it:

 

sudo apt-get install openjdk-8-jdk

 

Install midpoint standalone- this is temporary and can be a throw-away instance

 

cd ~

wget https://evolveum.com/downloads/midpoint/3.8/midpoint-3.8-dist.tar.gz

sudo tar xzf midpoint-3.8-dist.tar.gz -C /opt

sudo mv /opt/midpoint-3.8 /opt/midpoint

sudo /opt/midpoint/bin/start.sh

 

Midpoint will take a few minutes to start.  You can monitor startup with:

 

sudo tail /opt/midpoint/var/log/midpoint.log

 

You can access the demo install at http://myserver-ip-or-localhost:8080. It takes a while to load the first time.

Log in as user: administrator / password: 5ecr3t

 

Shut down:

 

sudo /opt/midpoint/bin/stop.sh

 

Get the MySQL client if you don’t have it:

 

sudo apt-get install mysql-client 

 

Create the MySQL database:

 

mysql -h [mysql-host] -u root -p

Enter password: [root-password]

MySQL> CREATE DATABASE midpoint CHARACTER SET utf8 DEFAULT CHARACTER SET utf8 COLLATE utf8_bin DEFAULT COLLATE utf8_bin; 

MySQL> CREATE USER 'midpoint' IDENTIFIED BY 'some-password';

GRANT ALL on midpoint.* TO 'midpoint';

MySQL> \q

 

Import the database schema (will take a minute or so):

 

mysql -h [mysql-host] -u midpoint -p midpoint < /opt/midpoint/doc/config/sql/_all/mysql-3.8-all-utf8mb4.sql

Enter password: [some-password]

 

Install the MySQL driver:

 

wget https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-8.0.12.tar.gz

tar xzf mysql-connector-java-8.0.12.tar.gz

sudo mkdir -p /opt/midpoint/var/lib

sudo cp mysql-connector-java-8.0.12/mysql-connector-java-8.0.12.jar /opt/midpoint/var/lib/

 

Update config.xml to use the MySQL driver:

 

sudo vim /opt/midpoint/var/config.xml

 

You will replace the entire <repository> … </repository> section.

Replace:

<repository>

    <repositoryServiceFactoryClass>com.evolveum.midpoint.repo.sql.SqlRepositoryFactory

    </repositoryServiceFactoryClass>

    <baseDir>${midpoint.home}</baseDir>

    <asServer>true</asServer>

</repository>

With (remember to replace [mysql-host] and [some-password] with the appropriate info):

<repository>

    <repositoryServiceFactoryClass>com.evolveum.midpoint.repo.sql.SqlRepositoryFactory

    </repositoryServiceFactoryClass>

    <database>mysql</database>

    <jdbcUsername>midpoint</jdbcUsername>

    <jdbcPassword>[some-password]</jdbcPassword>

    <jdbcUrl>jdbc:mysql://[mysql-host]:3306/midpoint?characterEncoding=utf8&disableMariaDbDriver</jdbcUrl>

</repository>

 

Re-start midpoint with the MySQL database. 

 

sudo /opt/midpoint/bin/start.sh

 

Midpoint will take a couple minutes to start, then you can access at http://serverip-or-localhost:8080 

Log in as user: administrator / password: 5ecr3t

If all is well, midpoint will now be accessing the MySQL database. Note that this database must now be used with the keystore.jceks and config.xml files in your installation, which we will put into the permanent Docker image. There are other approaches, such as persistent volumes- but this is simple.

 

Shutdown again:

 

sudo /opt/midpoint/bin/stop.sh

 

If you don’t have Docker installed (these steps from https://docs.docker.com/install/linux/docker-ce/debian/):

 

sudo apt-get install \

     apt-transport-https \

     ca-certificates \

     curl \

     gnupg2 \

     software-properties-common

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -

sudo add-apt-repository \

   "deb [arch=amd64] https://download.docker.com/linux/debian \

   $(lsb_release -cs) \

   stable"

sudo apt-get update

sudo apt-get install docker-ce

sudo docker run hello-world

 

Create a Dockerfile that includes midpoint, the MySQL driver, and the keystore.jceks and config.xml files. 

 

mkdir ~/midpoint-docker

cd ~/midpoint-docker

sudo cp /opt/midpoint/var/config.xml .

sudo cp /opt/midpoint/var/keystore.jceks .

sudo chmod 666 config.xml keystore.jceks

 

In this directory, create a file named Dockerfile and paste the following into the file:

 

FROM openjdk:8-jdk-alpine

 

MAINTAINER you at domain.com

 

ENV MP_VERSION 3.8

ENV MP_DIR /opt/midpoint

ENV XMX 3072M

ENV XMS 3072M

 

RUN mkdir -p ${MP_DIR}/var \

 && echo 'Downloading midPoint archive...' \

 && wget https://evolveum.com/downloads/midpoint/${MP_VERSION}/midpoint-${MP_VERSION}-dist.tar.gz -P ${MP_DIR} \

 && echo 'Extracting midPoint archive...' \

 && tar xzf ${MP_DIR}/midpoint-${MP_VERSION}-dist.tar.gz -C ${MP_DIR} --strip-components=1 \

 && echo 'Downloading MySQL driver...' \

 && cd /tmp \

 && wget https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-8.0.12.tar.gz -P . \

 && echo 'Extracting and installing MySQL driver...' \

 && tar xzf mysql-connector-java-8.0.12.tar.gz \

 && mkdir -p ${MP_DIR}/var/lib \

 && cp mysql-connector-java-8.0.12/mysql-connector-java-8.0.12.jar ${MP_DIR}/var/lib \

 && echo 'Cleaning up...' \

 && rm mysql-connector-java-8.0.12.tar.gz \

 && rm -rf mysql-connector-java-8.0.12 \

 && rm ${MP_DIR}/midpoint-${MP_VERSION}-dist.tar.gz \

 && echo 'Done.'

 

COPY config.xml ${MP_DIR}/var/

COPY keystore.jceks ${MP_DIR}/var/

 

CMD ["/bin/sh", "-c", "java -Xmx$XMX -Xms$XMS -Dfile.encoding=UTF8 -Dmidpoint.home=$MP_DIR/var -jar $MP_DIR/lib/midpoint.war"]

 

Save this file, then build and run the docker file:

 

sudo docker build -t midpoint-docker .  

 

You should now be able to run the image:

 

sudo docker run -p 8080:8080 midpoint-docker  

 

You’ll see the midpoint log messages, and should be able to access http://serverip-or-localhost:8080 once it has started.

 

In my case, I’m pushing this to the google container repository (gcr.io) and have used this image to initialize GCE VMs and GKE kubnernetes instances.

 

Then I’ve put this behind a load balancer with DNS “internal.mydomain.com”, removed the public IP address from the VM, set up SSL on the load balancer frontend, and enabled Identity Aware Load Balancing in GCP. I’ll be using this approach for my internal admin tools including midpoint.

 

Hope this helps!

 

Eric

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20181017/45e9a250/attachment.htm>

More information about the midPoint mailing list