This is a quick start guide intended to help you start up a basic installation of Open Service Catalog Manager (OSCM) with Docker and Docker Compose as quickly as possible. For more advanced configuration and usage please refer to the individual Docker containers' documentation. You can find the links in the Resources section.
A Linux system with:
We will refer to the Linux system with Docker installed as the docker host.
For initial tests, we recommend:
- 2 CPU cores
- 8GB of RAM
- 20GB of disk space
Please note that this minimum configuration is not suitable for production use.
We require an install directory named docker
on the docker host which holds various data such as persistent database data, configuration data and so on.
Choose any location you prefer. As example we will create this directory on the root level and refer to this as '/docker' in the following.
mkdir /docker
We will run a deployment container which prepares configuration file templates for us. Use -v
to mount the directory you created earlier to /target in the container. Use -e HOST_FQDN
to set your FQDN. This information will be written in the .env file. By default OSCM generates self-signed certificates using this host name in the CN field. Furthermore, OSCM requires this host name in order to rewrite the base URL links that are used for accessing the OSCM applications, API and services from the web browser.
docker run --name deployer1 --rm -v /docker:/target -e HOST_FQDN=${fqdn} servicecatalog/oscm-deployer
This creates two files with configuration variables. Please edit both files and adjust the configuration to your environment.
- .env: Configuration for Docker, such as images and the base data directory
- var.env: Configuration for the application, such as mail server, database and other settings
We will run a second deployment container which does the following:
- Create the necessary Docker Compose files
- Create the necessary subdirectories
- Initialize the application databases
- Start the application containers
- Start the proxy container
docker run --name deployer2 --rm -v /docker:/target -v /var/run/docker.sock:/var/run/docker.sock -e INITDB=true -e PROXY=true -e STARTUP=true servicecatalog/oscm-deployer
The application will take a few minutes to start up. The less CPU power you have, the longer it will take. Once everything has started, you may access the OSCM administration portal in your web browser using the FQDN or IP address you specified earlier.
https://hostname.fqdn/oscm-portal/
The initial login credentials are:
- Username:
administrator
- Password:
admin123
In order to be able to login to the Asynchronous Provisioning Platform (APP) and its service controllers, we will make some quick changes in the administration portal.
- Login to the administration portal
- Operation -> Manage organization
- Organization ID: Enter
PLATFORM_OPERATOR
- Enable the following Organization roles:
- Supplier
- Technology provider
- Fill in the mandatory fields (red asterisks)
- Click Save
- Account -> Manage users (Attention: Not Operation -> Manage users)
- Click on administrator
- Enter your Email address
- Enable all User roles:
- Click Save
- Logout of the administration portal and login again to enable the changes
Now you will be able to login to the APP:
https://hostname.fqdn/oscm-app/
- Username:
administrator
- Password:
admin123
As well as to the service controllers:
https://hostname.fqdn/oscm-app-<controller-id>/
<controller-id>
:azureARM
,aws
,openstack
,vmware
,shell
- Username:
administrator
- Password:
admin123
If using SSL you can configure your own users in the var.env file. You can set therefore the ADMIN_USER_ID, SUPPLIER_USER_ID, CUSTOMER_USER_ID and CONTROLLER_USER_NAME
Certificates are required to allow for trusted communication between OSCM and the Asynchronous Provisioning Platform (APP), or an application underlying a technical service. The OSCM deployer has already created a respective directory structure and a suitable Docker Compose configuration. In this way, default certificates have been inserted into the respective containers after deployment, thus communication between OSCM and APP is secured.
It is, however, possible to use custom SSL keypairs for the application listeners. They may be self-signed or official. Privacy Enhanced Mail (PEM) format is mandatory. This is a container format that may include just the public certificate, or an entire certificate chain including public key, private key, and root certificates. It is only necessary to place the respective certificate and/or key files in PEM format into the appropriate directories.
If you want to use your own SSL key pairs that your application is to use, replace the default key pair by your PEM files in the following directories on your Docker host:
- Private key:
/docker/config/<CONTAINER_NAME>/ssl/privkey
- Public certificate:
/docker/config/<CONTAINER_NAME>/ssl/cert
- Intermediates / chain (optional):
/docker/config/<CONTAINER_NAME>/ssl/chain
Note:
Replace /docker
with the directory where Docker is installed, and <CONTAINER_NAME>
with the respective container name, e.g. oscm-core
.
The custom certificates must also be placed into the trusted directory so that a trusted relationship between the containers is established:
/docker/config/certs
This directory is shared by all containers. By default, if you use your own SSL key pairs, you must also place all the public certificate files here.
For example, if you have a custom SSL keypair for the oscm-core
container, you need to place the private key into the /docker/config/oscm-core/ssl/privkey
directory, and the public certificate into the /docker/config/oscm-core/ssl/cert
directory. Additionally, you need to place the public certificate into the /docker/config/certs
directory on your Docker host. In this case, a restart of the oscm-core
and oscm-app
containers is required.
If you want your application to trust certain, possibly self-signed, SSL certificates, put them in PEM format in the following directory on your Docker host:
/docker/config/certs
Using the Shell integration software, you can execute your own shell scripts when managing subscriptions.
Such scripts can be specified in marketable service parameters, and then referenced as a script located either inside or outside (e.g. external URL) the docker host.
To reference a script located inside the docker host:
- Put it into the
/docker/config/oscm-app/scripts
directory on your docker host - Define a proper service parameter. It may only include the script filename (without any path specified e.g. sample.sh)
- Restart the oscm-app container
Please refer to our Getting Started guide.
- oscm-deployer: Application for deploying OSCM
- oscm-core: Core application
- oscm-help: Online-help for the OSCM Portal
- oscm-app: Asynchronous Provisioning Platform (optional)
- oscm-db: Database for oscm-core and oscm-app
- oscm-initdb: Initializes or restores the databases for oscm-core and oscm-app
- oscm-birt: Reporting engine (optional)
- oscm-branding: Webserver for marketplace branding packages (optional)
- oscm-identity: OSCM Identity Service (optional)
- oscm-maildev: Mail Service Mock (optional)
- oscm-proxy: Reverse proxy to use default ports (optional)
- oscm: Application source code for oscm-core and oscm-app
- oscm-dockerbuild: Docker files and scripts for building the application and Docker images