Skip to main content
Skip table of contents

Deploy Digital Access component 6.10.0 on Docker

This article is new for Digital Access 6.10.0.

This article describes how to deploy the Smart ID Digital Access component on Docker using docker swarm.

You can also deploy Smart ID complete package using docker compose for which you can refer to Deploy Smart ID.

Known issue with the network card VMXNET3 on VMware virtualization platform

If you use the network card VMXNET3, there may be an issue with the docker swarm overlay network. The issue is that the swarm containers can ping each other (ICMP protocol), but TCP and UDP fail.

It is recommended to change the network card for all involved servers to E1000. This is done in the VMware configuration of the guest virtual machine.

This issue is only present on the VMware platform, and not on other virtualization platforms, to our knowledge.

Prerequisites

The following is needed:

  • Docker client and engine version 20.10.10 or later

  • Linux that supports the above docker versions

  • Software Components: Any of the PostgreSQL, MySQL, Sql-server, or Oracle database

  • Configuration files: DA-<version>.tgz

  • System Requirements: 8cpu with 32GB RAM and 100 GB physical space is recommended.

  • For offline setup, you must install docker

Preparations

  • Download the DA-<version>.tgz file on system from the support portal. In following steps, we will use DA-6.10.0.tgz for example and must be replaced by the version you plan to deploy.

  • It is always recommended to take backup/snapshot before starting setup.

  • If you have multiple network interfaces, note down the NIC name or IP address of the network interface which will be used by docker swarm.

    • When docker swarm is initialized it binds to one NIC and one IP address for communication, and if you have multiple NICs, you have to specify which one to use, by NIC name or IP address.

    • If you want traffic for swarm to be restricted to a private/internal network then provide an internal IP address. But if you want to expose some of your service then you need to provide your public IP address.

Step-by-step instruction

Run the setup

  1. Copy DA-6.10.0.tgz to your working directory.

  2. Extract the file using tar command:

    BASH 
    tar -xf DA-6.10.0.tgz

  3. Navigate to the scripts folder inside the setup folder:

    BASH 
    cd setup/scripts

  4. Run the script setup.sh:

    BASH 
    sudo bash setup.sh

  5. During the setup, provide the below mentioned inputs. 

Inputs

You will need to input the IP address that will be used for the swarm communication based on the NICs. See the "Preparations" section above.

CODE 
####################################################

Setting up docker swarm...

####################################################

Enter ip address which should be used for docker swarm communication:

It will now pull the docker images and start the services

CODE 
####################################################
Starting Digital Access...
####################################################

Creating network da_da-overlay
Creating service da_admin
Creating service da_authentication
Creating service da_distribution
Creating service da_policy
Creating service da_accesspoint
Successfully deployed

####################################################
Setup script execution completed successfully
####################################################

Wait for all the images to get downloaded. To check status of downloaded images, use this command: 

Check images
BASH 
sudo docker image ls
CODE 
REPOSITORY                                                            TAG             IMAGE ID       CREATED          SIZE
nexusimages.azurecr.io/smartid-digitalaccess/distribution-service     6.10.0-394020   e5a06b884e27   48 minutes ago   509MB
nexusimages.azurecr.io/smartid-digitalaccess/policy-service           6.10.0-394020   bec54cfa16bc   48 minutes ago   542MB
nexusimages.azurecr.io/smartid-digitalaccess/administration-service   6.10.0-394020   f97fdcebc431   48 minutes ago   626MB
nexusimages.azurecr.io/smartid-digitalaccess/authentication-service   6.10.0-394020   bfb625675612   49 minutes ago   510MB
nexusimages.azurecr.io/smartid-digitalaccess/access-point             6.10.0-394020   3703f2d06211   6 hours ago      104MB

After all the images are downloaded from the repository, the containers will start automatically. It can take a few minutes to start all the containers. To check the container status, use this command:

CODE 
sudo docker ps

Make sure the status of each container is healthy.

Restart the services using this command on the node:

CODE 
sudo bash /opt/nexus/scripts/start-all.sh

Offline setup

Offline setups consist of two steps:

Step 1: Save Container Images

For the first step you need a system with network connectivity. Download docker images on the system.

  1. Make sure docker is installed.

  2. Download the images using the command docker pull. 

    CODE 
    sudo docker pull nexusimages.azurecr.io/smartid-digitalaccess/administration-service:6.10.0-394020
sudo docker pull nexusimages.azurecr.io/smartid-digitalaccess/policy-service:6.10.0-394020
sudo docker pull nexusimages.azurecr.io/smartid-digitalaccess/authentication-service:6.10.0-394020
sudo docker pull nexusimages.azurecr.io/smartid-digitalaccess/distribution-service:6.10.0-394020
sudo docker pull nexusimages.azurecr.io/smartid-digitalaccess/access-point:6.10.0-394020

  3. To verify that all images are downloaded, run this command:

    CODE 
    sudo docker image ls

  4. Save all images in tar.gz files. Run these commands: 

    CODE 
    sudo docker save nexusimages.azurecr.io/smartid-digitalaccess/administration-service:6.10.0-394020 > admin.tar
sudo docker save nexusimages.azurecr.io/smartid-digitalaccess/authentication-service:6.10.0-394020 > authentication.tar
sudo docker save nexusimages.azurecr.io/smartid-digitalaccess/distribution-service:6.10.0-394020 > distribution.tar
sudo docker save nexusimages.azurecr.io/smartid-digitalaccess/policy-service:6.10.0-394020 > policy.tar
sudo docker save nexusimages.azurecr.io/smartid-digitalaccess/access-point:6.10.0-394020 > accesspoint.tar

gzip *.tar

  5. Copy all the tar.gz files onto the system where you want to setup Digital Access.

Step 2: Load Container Images

On the system where the Digital Access setup will be done:

  1.  Go to the folder where all the tar.gz files are copied.

  2. Load the images to a local docker repository using the command:

    BASH 
    find -name *.tar.gz | xargs --no-run-if-empty -L 1 sudo docker load -i

  3. To verify that all of the required images are loaded, run this command:

    CODE 
    sudo docker image ls

  4. Run the installation process, and follow the steps mentioned above.

Additional information

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close