Kubernetes deployment for the ForgeRock® Identity Platform.
This repository provides Docker and Kustomize artifacts for deploying the ForgeRock Identity Platform on a Kubernetes cluster.
This GitHub repository is a read-only mirror of ForgeRock's Bitbucket Server repository. Users with ForgeRock BackStage accounts can make pull requests on our Bitbucket Server repository. ForgeRock accepts pull requests on GitHub for review only.
This repository is provided on an “as is” basis, without warranty of any kind, to the fullest extent permitted by law. ForgeRock does not warrant or guarantee the individual success developers may have in implementing the code on their development platforms or in production configurations. ForgeRock does not warrant, guarantee or make any representations regarding the use, results of use, accuracy, timeliness or completeness of any data or information relating to these samples. ForgeRock disclaims all warranties, expressed or implied, and in particular, disclaims all warranties of merchantability, and warranties related to the code, or any service or software related thereto. ForgeRock shall not be liable for any direct, indirect or consequential damages or costs of any type arising out of any action taken by you or others related to the samples.
See About the forgeops repository in the ForgeOps documentation for information about how to work with this pre-release software.
Note: The forgeops repository’s master branch contains pre-release software that is not supported by ForgeRock.
If you want to work with the latest stable forgeops repository release, use the latest release branch and the latest release documentation.
See the ForgeOps Release Notes to read about new features and changes.
The provided configuration, which we call the Cloud Developer's Kit (CDK), is a basic installation that can be further extended by developers to meet their requirements. The main features of the CDK configuration are:
- Deployments for ForgeRock AM, IDM, DS and IG. IG is not deployed by default, but is available optionally.
- AM configured with a single root realm.
- A number of OIDC clients configured for AM/IDM integration and for smoke tests.
Note that the
idm-provisioning
,idm-admin-ui
and theend-user-ui
client configurations are required for the integration of IDM and AM. - Directory service instances configured for:
- The shared AM/IDM repo (ds-idrepo).
- The AM dynamic runtime data store for policies and agents. Currently, the ds-idrepo is used.
- The Access Manager Core Token Service (ds-cts).
- A Gatling test harness, which exercises the basic deployment and can be modified to include additional tests.
If you just want to observe the ForgeRock Identity Platform in action on a Kubernetes cluster, you can try out our ForgeOps deployment. You'll need to install the required third-party software, set up a Kubernetes cluster, and install the ForgeRock Identity Platform.
See the Setup and Deployment sections in the documentation for detailed information about all these tasks.
See UI and API access in the ForgeOps documentation.
ForgeRock uses secrets generated by Secret Agent Operator.
See Troubleshooting in the ForgeOps documentation.
See Remove a ForgeOps deployment in the ForgeOps documentation.
About the forgeops repositories
The latest release documentation
This project is licensed under the CDDL License - see the LICENSE file for details Copyright 2024 Ping Identity Corporation. All Rights Reserved.