This expert-led workshop guides students through the deployment of the ForgeRock Identity Platform® (Identity Platform) on a Kubernetes cluster running in Google Kubernetes Environment (GKE).
The workshop initially describes how to use the ForgeRock Cloud Developer's Kit (CDK) to deploy a sample configuration of the Identity Platform, which includes ForgeRock® Access Management (AM) and ForgeRock® Identity Management (IDM), which share ForgeRock® Directory Service (DS) as an identity store.
The CDK is used to configure the Identity Platform and redeploy the updated configuration in an existing Kubernetes cluster.
Students then create a new cluster to deploy the Identity Platform by following the Cloud Deployment Model (CDM). Monitoring add-ons tools are included with the CDM example. The skills gained by performing deployments with the CDK and CDM reference examples help you identify the Kubernetes cluster and the Identity Platform configuration requirements needed for preparation to move deployments into other environments, such as test and production.
The last chapter of the workshop explores the challenges of migrating an existing on-prem ForgeRock deployment to Kubernetes.
This workshop uses the ForgeRock DevOps documentation set as a reference for the hands-on labs.
Also, it is important that you have already successfully completed the relevant ForgeRock Core Concepts courses before attending this workshop. It is beneficial that you also have experience working with DevOps technology such as Kubernetes, Skaffold, Kustomize, Git, among other related tools.
- Revision C.1 of this course is based on the DevOps 7.1.0 documentation.
Skills Gained
Upon completion of this course, you should be able to:
- Introduce the ForgeOps toolset and documentation, get familiar with DevOps tools and deploy the Identity Platform using the CDK
- Configure the Identity Platform by using the CDM
- Use the provided ForgeRock scripts to add monitoring, run benchmarks, and explore the backup and restore tools for the Identity Platform. Build your custom base Docker images. Manage Secrets
- Migrate the ForgeRock Entertainment Company (FEC) Portal sample application to Kubernetes
Who Can Benefit
The target audiences for this course include:
- Developers who customize and deploy AM, DS, and IDM components.
- Deployment engineers who routinely set up Kubernetes clusters and deploy integrated software in the cloud.
- Site engineers who configure the Kubernetes cluster and who launch the Platform into production.
Prerequisites
The following are the prerequisites for successfully completing this course:
- Successful completion of the ForgeRock University core concepts courses:
- DS-400: ForgeRock® Directory Services Core Concepts
- AM-400: ForgeRock® Access Management Core Concepts
- IDM-400: ForgeRock® Identity Management Core Concepts
- Knowledge of Liux, working in a Linux environment, using the command-line, and knowledge of shell scripting is expected.
- DevOps experience and experience with Kubernetes and Docker are recommended.
Course Contents
Chapter 1: Introducing DevOps Techniques and the CDK
Lesson 1: Introducing ForgeRock DevOps Documentation and Examples
- Describe the Identity Platform and related DevOps techniques for deploying the Identity Platform to Kubernetes
- Access your CloudShare lab environment and developer desktop
- Access your associated GCP account for deploying the Identity Platform
- Describe the ForgeRock DevOps documentation and the CDK and CDM methods of deployment
- Describe the DevOps tools for deployment and deploy a simple application to validate the environment
- Deploy a simple application with Skaffold to validate the tools and environment
- Examine Kustomize using a sample application
Lesson 2: Deploying the Identity Platform to GKE Using the CDK
- Prepare your DevOps environment
- Prepare to use an existing cluster for the Identity Platform
- Deploy the Identity Platform to a GKE cluster
- Verify the Identity Platform is deployed and accessible
- Work with basic DevOps commands to explore the Identity Platform
- Remove the Identity Platform deployment and clean up the environment
Lesson 3: Troubleshooting When Problems Arise
- Approach troubleshooting of common issues in Kubernetes systematically
- Locate DevOps related troubleshooting references
- Run commands for troubleshooting environment issues
- Run commands for troubleshooting containerization issues
- Run commands for troubleshooting orchestration issues
- Identify resources for getting additional support
Lesson 4: Deploying the Identity Platform With Custom Docker Images
- Navigate the forgeopsrepository
- Describe data used during deployment of the Identity Platform
- Deploying the Identity Platform using a customized configuration profile
- Deploy the Identity Platform using a customized configuration profile
- Describe how to work with Kubernetes manifests and objects
- Describe how to use Kustomize overlays to modify Kubernetes objects
- Use Kustomize overlays to modify deployment configurations
Chapter 2: Working With the CDM
Lesson 1: Managing Multiple Deployment Environments
- Manage multiple environments with Skaffold profiles and Kustomize
- Prepare for deployment to multiple environments
- Move from development to other environments using Property Value Substitution
Lesson 2: Preparing Your Environment and Deploying the CDM
- Describe the CDM
- Describe the requirements for creating and setting up the deployment environment for the CDM
- Create a Kubernetes cluster
- Deploy the necessary software for the CDM
- Set up your local environment to push Docker images
- Deploy the CDM
Chapter 3: Building a Staging Environment
Lesson 1: Monitoring and Benchmarking Your Deployment
- Describe the monitoring infrastructure for the CDM
- Monitor the CDM deployment
- Benchmark the CDM deployment for monitoring (optional)
Lesson 2: Backing Up and Restoring the Identity Platform
- Describe backup and restore with CDM
- Enable scheduled backups, initiate a backup, and export user data
Lesson 3: Building Your Own Base Docker Images
- (Overview) Build custom base Docker images
- Create your own base Docker images
- Deploy using your own base Docker images
Lesson 4: Handling Secrets
- Overview of the Forgeops secret generation
- Manage secrets
Chapter 4: Migrating an On-Prem Deployment to Kubernetes
Lesson 1: General Considerations
- Plan the migration
- Production considerations
- Prepare your environment
Lesson 2: Migrating an On-Prem DS Configuration to Kubernetes
- Discuss how you can migrate an existing DS configuration to Kubernetes
- Migrate the DS configuration and sample user data using the CDK
Lesson 3: Migrating an On-Prem AM Configuration to Kubernetes
- Discuss how you can migrate an existing AM configuration to Kubernetes
- Migrate an existing AM configuration to Kubernetes
- Discuss how to customize the AM web application
- Customize the AM web application during deployment
Lesson 4: Migrating an On-Prem IDM Configuration to Kubernetes
- Discuss how you can migrate an existing IDM configuration to Kubernetes
- Migrate the configuration from an on-prem IDM to the CDK
- Migrate identity data from an on-prem IDM to Kubernetes