Automating Forgerock OPENDJ and OPENAM on Terraform , ECS and EC2

This topic has 4 replies, 2 voices, and was last updated 6 years, 4 months ago by Warren Strange.

  • Author
  • #10108

    Hi , We are successfull set up a openam with opendj Docker . How can we automate the deployment with Terraform for AWS EC2 . The most important issue now is that , for some reason OpenAM crashes for every 3 weeks .

    When we log into the EC2 , the docker hangs and we loose all data including realms , subject , Agents every thing . We need to create a new EC2 , and up the Docker from scratch .

    Can you please suggest the below :
    1) Data persistence using Dockers ( how to keep the data in OPENDJ ) ???
    2) AWS EC2 deployment best practices for OpenAM and OPENDJ
    3) Automating OpenAM first time configuration

     Warren Strange

    For data persistence you should be keeping all writable data (example: DJ configuration and database) on mounted docker volumes – not within the Docker image itself.

    Automating OpenAM configuration is harder than it should be, and we are working to address that in future releases. Stay tuned.

    Using some kind of container orchestration layer is important – to monitor and restart containers. There are some basic Kubernetes manifests located Please have a look at those.


    hi , I’m trying to backup /opt/opendj/instances/instance1 , and mount a docker volume on EC2 . but this folder seems to be empty .

    is this the correct folder ? please suggest .


    also , what about load balancing , suggested Launch configuration for opendj , openam and resttoldap on AWS ?

     Warren Strange

    We recently changed the openDJ image to write data to /opt/opendj/data – so please try mounting a volume on that. Have a look at the Dockerfile – you may have to adjust to suit your needs.

    There is a Docker compose file that demonstrates a CTS setup

    That might be a good starting point.

    We don’t have load balancing, or more complex configurations at this point. Work in progress – but pull requests are most welcome!

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?