You can configure an EAA connector as a Docker image on a Docker-ready environment for using with Access applications.
Client-access applications cannot be attached to a Docker-based connector. For RDP and SSH, make sure you choose browser-based applications for docker to support.
Compatible virtual environment:
- Docker environment with installed Docker. Enterprise Application Access (EAA) connectors installed as Docker containers require a Docker-ready OS environment.
- CPU. Four virtual cores
- Memory. 8 GB RAM
- Storage. 16 GB hard drive disk space (4 GB allocated to swap space and 12 GB of free space).
- A private IP address inside the Local Area Network (LAN), either DHCP or static. The connector should run close to internal applications, possibly in the same subnet as the application, and be able to communicate with the
Log in to Enterprise Center.
In the Enterprise Center navigation menu, select Application Access > Clients & Connectors > Access and Identity Connectors.
Click Add New Connector (+). Provide a name and an optional description.
For Package select Docker.
(Optional) You can enable Debugging, if you need to have remote debugging.
The connector appears on the connector list page. The connector status changes to Created. Click Download Template, to download the file.
- In your Docker environment, open a terminal window.
a. Go to the downloaded Docker container.
b. Unzip the Docker image:
$ gunzip <Connector_docker_image_filename.tar.gz>
c. Load the image into Docker:
$ sudo docker load -i <Connector_docker_image_filename.tar>
d. Check that the image is loaded properly and find the <docker_image_name>:
$ sudo docker images
e. Create a docker volume to persist runtime updates:
$ sudo docker volume create <Volume_Name>
f. Run the Docker image:
$ sudo docker run --name <Connector_Name> --restart=always --volume <Volume_Name>:/opt/wapp -d <docker_image_name>
g. Confirm that the Docker-based container is running:
$ sudo docker ps
- Return to Enterprise Center and verify that the connector shows the private and public IP addresses assigned to it. The connector status will be, Checked in . Click on the hand icon, and click Approve, to approve the connector. Wait while the EAA service verifies the connector. A success message appears. The connector status changes to Ready and should see Connector is running.
- To prevent abnormal behavior in the event of the agent being restarted, commit the connector to a new image:
$ sudo docker commit <Connector_Container_ID> <new_image_name>
<new_image_name>with the name of your connector.
Docker-based connector now runs as a container on your server, and you can add your applications and secure them with Enterprise Application Access.
Updated 4 months ago