Using the container image

In this section we'll use the Docker image locally, which is useful for integration, testing, and troubleshooting. Docker, e.g. Docker Desktop, must be installed and running. You should also create a new empty directory to which you can change (cd).

The directory will be used to store Airlock IAM configuration files:

Preparation

mkdir -p ~/airlock-iam-docker && cd ~/airlock-iam-docker  # Create new directory
docker info  # Make sure Docker daemon is running

Using the CLI to perform application-level configuration tasks works very similarly to the way it does on a traditional installation without docker. The iam command is the default entry-point of the Docker image.

This means that any CLI command can be executed inside a Docker image as follows:

Docker CLI

# Show all available parameters and their default values
docker run --rm quay.io/airlock/iam:8.2 default-parameters

# Correct permissions when using native Docker on Linux
mkdir -p "$(pwd)/iam" && sudo chown -R 1000:0 "$(pwd)/iam"

# Create new instance named "auth"
docker run --rm -v "$(pwd)/iam:/home/airlock/iam" quay.io/airlock/iam:8.2 init --instance auth

# Upgrade configuration of instance named "auth"
docker run --rm -v "$(pwd)/iam:/home/airlock/iam" quay.io/airlock/iam:8.2 upgrade -i auth

# Run Airlock IAM and forward the HTTPS port 8443 to the host
docker run --rm -v "$(pwd)/iam:/home/airlock/iam" -p 8443:8443 quay.io/airlock/iam:8.2 run -i auth

Shell access

To access the Airlock IAM CLI without a running container:

Docker CLI

docker run --rm -it --entrypoint /bin/bash -v "$(pwd)/iam:/home/airlock/iam" quay.io/airlock/iam:8.2