IAM Docker images can be obtained from Docker Hub. Note that our Ergon Informatik AG image repository is private.
- There are two ways to obtain Airlock IAM Docker images:
- ●Via pull, directly from the Docker repository.
- ●As downloaded version for air-gapped installations.
Step 1 - Pull from Docker Hub (hub.docker.com)
Note that our image repository is private and you need an access token to pull the images.
- To gain access the following steps must be taken:
- 1.Create a support ticket for "access to Airlock IAM on Docker Hub" on https://techzone.ergon.ch.
- 2.You will receive an access token for the Docker-ID airlockcustomer.
You can download the image from here, as soon as you have got access token: Airlock IAM on Docker hub – airlock-iam
Step 2- Configure Docker to verify digital signatures
All images of Airlock IAM are signed and it is strongly recommended to configure Docker to verify these digital signatures. It is recommended to configure Docker to enforce digital signatures on all images.
This is achieved by setting the following environment variable:
Docker CLI
export DOCKER_CONTENT_TRUST=1
For more details on Docker content trust see Content trust in Docker.
You may inspect the signature using the docker trust command:
Docker CLI
docker trust inspect --pretty docker.io/ergon/airlock-iam
Step 3 - Retrieve Docker image
Check the (Docker Hub) Airlock IAM Image repository page to see all available Tags.
To obtain the latest container image, for example, use the following command:
Docker CLI
docker login docker pull docker.io/ergon/airlock-iam:latest
For production, specific tags should be used, e.g. "7.6.0" or "latest-7.6".
Alternatively: Download distribution of Docker image
This method allows for "air-gapped" installation, where the server doesn't connect to the Docker registry directly. A local/private Docker registry or other means of distributing the image as files to your machines is used instead.
The Docker image is published as an image file and has the file extension ".tar.gz".
The image file can be loaded and pushed to your local Docker registry:
Docker CLI
# load image docker load -i airlock-iam-docker-image-7.6.tar.gz # Should list the loaded image docker images | grep airlock # Create alias matching the Docker Hub repository name for the # examples on this page to work docker tag airlock-iam:7.6 ergon/airlock-iam:7.6 # Show help to perform a quick check docker run --rm ergon/airlock-iam:7.6 --help # Replace "docker.example.com" with the URL to your local # Docker registry docker tag ergon/airlock-iam:7.6 docker.example.com/ergon/airlock-iam:7.6 # Push the image to the local Docker registry docker push docker.example.com/ergon/airlock-iam:7.6
If you don't have a local Docker registry you may skip the tagging and pushing steps.