10.2 Updating Containers on Distributed Servers

The containers must be updated in the following order:

10.2.1 Updating Identity Manager Engine Container

  1. Create a credentials.properties file under the shared directory /data with the following content.

    ID_VAULT_ADMIN_LDAP="<ID_VAULT_ADMIN_LDAP>"
ID_VAULT_PASSWORD="<ID_VAULT_PASSWORD>"

    where, ID_VAULT_ADMIN_LDAP must be in comma format.

    For example,

    ID_VAULT_ADMIN_LDAP="cn=admin,ou=sa,o=system"

    ID_VAULT_PASSWORD="novell"

  2. (Conditional) To handle any driver RPM updates or third-party files, perform the steps mentioned in Handling RPM Updates and Third Party Files.

  3. Navigate to the location where you have extracted the Identity_Manager_4.8.7_Containers.tar.gz file.

  4. Navigate to the docker-images directory.

  5. Run the following command to load the image:

    docker load --input IDM_487_identityengine.tar.gz

  6. Update the container using the following command if you are deploying the Identity Manager Engine using the overlay network:

    docker run --restart unless-stopped -d --ip=192.168.0.12 --network=idmoverlaynetwork --hostname=identityengine.example.com --name=engine-container -v /etc/hosts:/etc/hosts -v /data:/config -p 8028:8028 -p 524:524 -p 389:389 -p 8030:8030 -p 636:636 -e SILENT_INSTALL_FILE=/config/credentials.properties --stop-timeout 100 identityengine:idm-4.8.7

    Update the container using the following command if you are deploying the Identity Manager Engine using the host network:

    docker run --restart unless-stopped -d --network=host --name=engine-container -v /etc/hosts:/etc/hosts -v /data:/config -e SILENT_INSTALL_FILE=/config/credentials.properties --stop-timeout 100 identityengine:idm-4.8.7

10.2.2 Updating Remote Loader Container

  1. (Conditional) To handle any driver RPM updates or third-party files, perform the steps mentioned in Handling RPM Updates and Third Party Files.

  2. (Conditional) To start Remote Loader instances automatically with the container, perform the steps mentioned in Starting Remote Loader Instances Automatically With Remote Loader Container Deployment.

  3. Navigate to the location where you have extracted the Identity_Manager_4.8.7_Containers.tar.gz file.

  4. Navigate to the docker-images directory.

  5. Run the following command to load the image:

    docker load --input IDM_487_remoteloader.tar.gz

  6. Deploy the container by running the following command:

    docker run --restart unless-stopped -d --ip=192.168.0.2 --network=idmoverlaynetwork --hostname=remoteloader.example.com -p 8090:8090 --name=rl-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 remoteloader:idm-4.8.7

    The driver files can be found at the /opt/novell/eDirectory/lib/dirxml/classes/ directory of the container.

  7. (Conditional) If the Remote Loader instances are not running, start the Remote Loader instances.

10.2.3 Updating Fanout Agent Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.7_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_487_fanoutagent.tar.gz

  4. Update the container using the following command:

    docker run --restart unless-stopped -d --ip=192.168.0.3 --network=idmoverlaynetwork --hostname=fanoutagent.example.com --name=foa-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 fanoutagent:idm-4.8.7

  5. Start Fanout Agent.

10.2.4 Updating OSP Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.7_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_487_osp.tar.gz

  4. Update the container using the following command:

    docker run --restart unless-stopped -d --ip=192.168.0.5 --network=idmoverlaynetwork --hostname=osp.example.com -p 8543:8543 --name=osp-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 osp:idm-4.8.7

  5. Run the following command to log in to the container:

    docker exec -it <container> <command>

    For example,

    docker exec -it osp-container bash

  6. Navigate to the /opt/netiq/idm/apps/configupdate/ directory.

  7. Modify the configupdate.sh.properties file.

  8. Set the value of the no_nam_oauth parameter to false.

  9. Save the configupdate.sh.properties file.

  10. Run the following command to exit the container.

    exit

10.2.5 Updating PostgreSQL Container

NOTE:Before you update the PostgreSQL container, ensure that you stop the dependent containers such as Identity Applications and/or Identity Reporting.

  1. On the Docker host, navigate to any location. For example:

    cd /tmp

  2. Run the following command to take a back up of the existing PostgreSQL container data.

    docker exec postgresql-container pg_dumpall -U postgres > dump.sql

  3. Stop the PostgreSQL container.

    docker stop <container name>

    For example,

    docker stop postgresql-container

  4. Delete the PostgreSQL container.

    docker rm <container name>

  5. Delete the existing PostgreSQL data directory.

    rm -rf /data/postgres

  6. (Conditional) Delete the PostgreSQL Docker image.

    docker rmi <image ID>

  7. Create a sub-directory under the shared directory /data, for example, postgres.

    mkdir postgres

  8. Navigate to the location where you have extracted the Identity_Manager_4.8.7_Containers.tar.gz file.

  9. Navigate to the docker-images directory.

  10. Run the following command to load the image:

    docker load --input IDM_487_postgres.tar.gz

  11. Update the container using the following command:

    docker run --restart unless-stopped -d --ip=192.168.0.6 --network=idmoverlaynetwork --hostname=postgresql.example.com --name=postgresql-container -p 5432:5432 -e POSTGRES_PASSWORD=<password> -v /data/postgres:/var/lib/postgresql/data -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 postgres:12.14

    For example,

    docker run --restart unless-stopped -d --ip=192.168.0.6 --network=idmoverlaynetwork --hostname=postgresql.example.com --name=postgresql-container -p 5432:5432 -e POSTGRES_PASSWORD=novell -v /data/postgres:/var/lib/postgresql/data -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 postgres:12.14

  12. Copy the data file you backed up on the Docker host (Step 2) to the new PostgreSQL data directory.

    cp /tmp/dump.sql /data/postgres

  13. Run the following command to log in to the container:

    docker exec -it <container> <command>

    For example,

    docker exec -it postgresql-container bash

  14. Navigate to the /var/lib/postgresql/data/ directory.

  15. Restore the data backed up in Step 2 to the new PostgreSQL container.

    psql -U postgres < dump.sql

  16. Run the following command to exit the container.

    exit

10.2.6 Updating Identity Applications Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.7_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_487_identityapplication.tar.gz

  4. Update the container using the following command:

    docker run --restart unless-stopped -d --ip=192.168.0.7 --network=idmoverlaynetwork --hostname=identityapps.example.com -p 18543:18543 --name=idapps-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 identityapplication:idm-4.8.7

10.2.7 Updating Form Renderer Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.7_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_487_formrenderer.tar.gz

  4. Update the container using the following command:

    docker run --restart unless-stopped -d --ip=192.168.0.8 --network=idmoverlaynetwork --hostname=formrenderer.example.com -p 8600:8600 --name=fr-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 formrenderer:idm-4.8.7

10.2.8 Updating ActiveMQ Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.7_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_487_activemq.tar.gz

  4. Update the container using the following command:

    docker run --restart unless-stopped -d --ip=192.168.0.9 --network=idmoverlaynetwork --hostname=activemq.example.com -p 61616:61616 --name=amq-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 activemq:idm-4.8.7

10.2.9 Updating Identity Reporting Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.7_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_487_identityreporting.tar.gz

  4. Update the container using the following command:

    docker run --restart unless-stopped -d --ip=192.168.0.10 --network=idmoverlaynetwork --hostname=identityreporting.example.com -p 28543:28543 --name=rpt-container -v /etc/hosts:/etc/hosts -v /data:/config --stop-timeout 100 identityreporting:idm-4.8.7

10.2.10 Updating SSPR Container

  1. Navigate to the location where you have extracted the Identity_Manager_4.8.7_Containers.tar.gz file.

  2. Navigate to the docker-images directory.

  3. Run the following command to load the image:

    docker load --input IDM_487_sspr.tar.gz

  4. Update the container using the following command:

    docker run --restart unless-stopped -d --ip=192.168.0.11 --network=idmoverlaynetwork --hostname=sspr.example.com --name=sspr-container -v /etc/hosts:/etc/hosts -v /data/sspr:/config -p 8443:8443 --stop-timeout 100 sspr/sspr-webapp:4.7.0.0-ea

10.2.11 Updating Identity Console Container

For more information on updating Identity Console Container, see Upgrading Identity Console As Docker Container.