4.2 Updating Containers on Distributed Servers

The containers must be updated in the following order:

4.2.1 Updating Identity Manager Engine Container

  1. Create a credentials.properties file under the shared directory /data with the following content.

    ID_VAULT_ADMIN="<ID_VAULT_ADMIN>"
ID_VAULT_PASSWORD="<ID_VAULT_PASSWORD>"

    where, ID_VAULT_ADMIN must be in dot format.

    For example,

    ID_VAULT_ADMIN="admin.sa.system"
ID_VAULT_PASSWORD="novell"

  2. (Conditional) To handle any driver RPM updates or third-party files, perform the steps mentioned in Handling RPM Updates and Third Party Files.

  3. Navigate to the location where you have extracted the Identity_Manager_4.8.5_P1_Containers.tar.gz file.

  4. Navigate to the docker-images directory.

  5. Run the following command to load the image:

    docker load --input IDM_485_P1_identityengine.tar.gz

  6. Update the container using the following command if you are deploying the Identity Manager Engine using the overlay network:

    docker run -d --ip=192.168.0.12 --network=idmoverlaynetwork --hostname=identityengine.example.com --name=engine-container -v /etc/hosts:/etc/hosts -v /data:/config -p 8028:8028 -p 524:524 -p 389:389 -p 8030:8030 -p 636:636 -e SILENT_INSTALL_FILE=/config/credentials.properties --stop-timeout 100 identityengine:idm-4.8.5.0100

    Update the container using the following command if you are deploying the Identity Manager Engine using the host network:

    docker run -d --network=host --name=engine-container -v /etc/hosts:/etc/hosts -v /data:/config -e SILENT_INSTALL_FILE=/config/credentials.properties --stop-timeout 100 identityengine:idm-4.8.5.0100

4.2.2 Updating Remote Loader Container

  1. (Conditional) To handle any driver RPM updates or third-party files, perform the steps mentioned in Handling RPM Updates and Third Party Files.

  2. (Conditional) To start Remote Loader instances automatically with the container, perform the steps mentioned in Starting Remote Loader Instances Automatically With Remote Loader Container Deployment.

  3. Navigate to the location where you have extracted the Identity_Manager_4.8.5_P1_Containers.tar.gz file.

  4. Navigate to the docker-images directory.

  5. Run the following command to load the image:

    docker load --input IDM_485_P1_remoteloader.tar.gz

  6. Deploy the container by running the following command:

    docker run -d --ip=192.168.0.2 --network=idmoverlaynetwork --hostname=remoteloader.example.com -p 8090:8090 --name=rl-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 remoteloader:idm-4.8.5.0100

    The driver files can be found at the /opt/novell/eDirectory/lib/dirxml/classes/ directory of the container.

  7. (Conditional) If the Remote Loader instances are not running, start the Remote Loader instances.

4.2.3 Updating Fanout Agent Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.5_P1_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_485_P1_fanoutagent.tar.gz

  4. Update the container using the following command:

    docker run -d --ip=192.168.0.3 --network=idmoverlaynetwork --hostname=fanoutagent.example.com --name=foa-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 fanoutagent:idm-4.8.5.0100

  5. Start Fanout Agent.

4.2.4 Updating iManager Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.5_P1_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input iManager_326_P2.tar.gz

  4. Ensure that the iManager.env file is created and present in the /data directory.

    # Certificate Public Key Algorithm
# Allowed Values: RSA, ECDSA256, ECDSA384
CERTIFICATE_ALGORITHM=RSA
# Cipher Suite
# Allowed Values:
# For RSA - NONE, LOW, MEDIUM HIGH
# For ECDSA256 - SUITEB128ONLY
# For ECDSA384 - SUITEB128, SUITEB192
CIPHER_SUITE=NONE
# Tomcat Server HTTP Port
TOMCAT_HTTP_PORT=8080
# Tomcat Server SSL Port
TOMCAT_SSL_PORT=8743
# iManager Authorized User (admin_name.container_name.tree_name)
AUTHORIZED_USER=

  5. Update the container using the following command:

    docker run -d --ip=192.168.0.4 --name=iman-container --network=idmoverlaynetwork --hostname=imanager.example.com -v /etc/hosts:/etc/hosts -v /data:/config -v /data/iManager.env:/etc/opt/novell/iManager/conf/iManager.env -p 8743:8743 --stop-timeout 100 imanager:3.2.6-p2

  6. (Conditional) If you have already installed Identity Manager, run the following command to check whether the plug-ins are loaded.

    docker log <container name>

    For example,

    docker log <iman-container>

  7. To install the Identity Manager plug-ins, perform the following steps:

    1. Log in to iManager.

      https://imanager.example.com:8743/nps/

    2. Click Configure.

    3. Click Plug-in Installation and then click Available NetIQ Plug-in Modules.

    4. Select the NetIQ Identity Manager iManager 3.2 Plug-ins for IDM 4.8.5.0100 and click Install.

    To obtain the plug-ins offline, perform the following steps:

    1. Download the Identity_Manager_4.8.5_Linux.iso from the NetIQ Downloads website.

    2. Mount the downloaded.iso.

    3. From the mounted location, navigate to the /iManager/plugins directory and obtain the required plug-ins.

    Alternatively, you can install the plug-ins from the iManager plug-ins website.

  8. Restart the iManager container.

    docker restart iman-container

4.2.5 Updating Identity Applications Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.5_P1_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_485_P1_identityapplication.tar.gz

  4. Update the container using the following command:

    docker run -d --ip=192.168.0.7 --network=idmoverlaynetwork --hostname=identityapps.example.com -p 18543:18543 --name=idapps-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 identityapplication:idm-4.8.5.0100

4.2.6 Updating Form Renderer Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.5_P1_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_485_P1_formrenderer.tar.gz

  4. Update the container using the following command:

    docker run -d --ip=192.168.0.8 --network=idmoverlaynetwork --hostname=formrenderer.example.com -p 8600:8600 --name=fr-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 formrenderer:idm-4.8.5.0100

4.2.7 Updating SSPR Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.5_P1_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_485_P1_sspr.tar.gz

  4. Update the container using the following command:

    docker run -d --ip=192.168.0.11 --network=idmoverlaynetwork --hostname=sspr.example.com --name=sspr-container -v /etc/hosts:/etc/hosts -v /data/sspr:/config -p 8443:8443 --stop-timeout 100 sspr/sspr-webapp:latest