Unicon's IAM team has several Docker images* that our clients, and the public at large, may find beneficial. We have images for the Shibboleth IdP, Shibboleth SP, UNINETT SimpleSAMLphp, Internet2 Grouper, and Evolveum midPoint. With these images, deployers can easily stand up application instances for development work, testing, or even production use. Deployers just need to mount, or overlay via a new image layer, their specific configuration files, and start the container. The specific application will start-up and start serving requests.
All images are based on CentOS 7. All of these images maybe used directly, or the source can be used to have an entirely local build and deployment process (If this later option is choosen, it is recommended that minimal local changes are introduced to this code base in order to more easily keep the images updated with the baseline changes/ fixes. Local customizations should build upon this as a seperate layer). There are also sample projects that show how these "base" images are utilized.
Below is information about the specific images.
The Shibboleth IdP images ships with the Zulu release of OpenJDK, and Eclipse Jetty. The project site has information on switching out Zulu for Oracle's Java distrubtion for those that would rather run with Oracle. For those just starting out with the IdP, there is an init process that will generate and export the various cryptographic keys and common configuration files. These files can be edited and managed locally and incorporated into a deployment specific image. Custom images, css, and modified views can also be incorporated.
Docker Hub: https://hub.docker.com/r/unicon/shibboleth-idp/
Project Source: https://github.com/Unicon/shibboleth-idp-dockerized
Demo: https://github.com/UniconLabs/dockerized-idp-testbed (see the idp directory)
The Shibboleth SP image is configured with Apache HTTP Server. Add PHP, or another framework of your choice, and incorporate your application bits and the necessary Shibboleth SP configuration to a deployment specific image layer.
Docker Hub: https://hub.docker.com/r/unicon/shibboleth-sp/
Project Source: https://github.com/Unicon/shibboleth-sp-dockerized
Demo: https://github.com/UniconLabs/dockerized-idp-testbed (see the sp directory)
The SimpleSAMLphp image ships with Apache HTTP Server, PHP 5.5, and SimpleSAMLphp. Incorporate the standard SimpleSAMLphp configuration files and cryptographic keys into a deployment specific image.
Docker Hub: https://hub.docker.com/r/unicon/simplesamlphp/
Project Source: https://github.com/Unicon/simplesamlphp-dockerized
Demo: https://github.com/UniconLabs/dockerized-idp-testbed (see the simplesamlphp directory)
Unicon has two sets of Grouper images. The first is a completely self-contained demo which includes Grouper and pre-poulated MySQL Server and OpenLDAP Server instances. This image is perfect for kicking the tires on Grouper (using the image directly) or for developing custom Grouper extensions (using a deployment specific image and adding in configuration settings specific to the user story being worked on).
Docker Hub: https://hub.docker.com/r/unicon/grouper-demo/
Project Source: https://github.com/UniconLabs/grouper-demo-docker
Demo: https://github.com/UniconLabs/grouper-docker-dev-example (a development example)
The second set of Grouper images provides a specific image for each of Grouper's roles: api, daemon, ui, and web services. Each one can incorporate the local configuration into a deployment specific image.
Unicon's latest IAM related image is midPoint. It's still a work in-progress, but does work. Documentation should be coming soon (as time permits).
Please checkout the images and provide feedback via the respective Github repositories. If you need assistance using the images, or the targetted application, Unicon has great professional services that can help you out.
* Docker is changing the way that software developers and IT operations teams work with software. Docker allows applications to be packaged and run in isolation. Unlike virtual machine technology, the isolation is done at the process/kernel level. It also supports software define networking when using Docker Swarm, which makes routing traffic between Docker containers on different Docker host painless. Docker containers can easily be scaled as well.