IdentityServer4 on Docker

Update - 18 August 2016
This article was written when ASP.NET Core was in RC1. ASP.NET Core 1.0 was released in June 2016 which had some breaking changes. I have updated my repo and written a new post which explains the changes required to target ASP.NET Core 1.0. You can find it here.

With Microsoft supporting .NET on Linux and docker supporting running containers on Windows, its a great time to be working on .NET stack. Now you can develop and test .NET code on containers directly from Windows without having to switch OS. Moreover Docker is beta testing its new program which makes running containers on Windows much easier. For this post we will go oldschool and use docker toolbox.

What is IdentityServer?

IdentityServer is an open source .NET implementation of OpenId Connect protocol. I have been following its development deeply since I came to know about it last year. IdentityServer4 is being developed completely on ASP.NET Core which means if built on .NET Core, it would work cross platform.

Note: While writing this article, IdentityServer4 is in Beta. Some features such as session management is not implemented yet.

Below I would detail on how to host IdentityServer4(IdSrv in short), a sample API which checks for access token and a simple javascript client in docker running on Windows. The code can be found in my github repo. This repo is essentially a fork of IdentityServer4 Samples with few changes where I have deleted other clients and changed some configurations URLs (more detail below). Lets get started.

Get Docker

Install Docker Toolbox for Windows by following instructions here.

Create a Docker VM

Create a new Docker VM by writing following command in Command Prompt.

docker-machine create --driver virtualbox --virtualbox-no-vtx-check idsrv-demo

Docker Toolbox installs Oracle VirtualBox which has known issue if you have hyper-v installed. In case you are experiencing issues while creating Docker VM, follow Hanselman’s post on how to switch between hyper-v and virtualbox.

Lets break down the above command.

Run docker-machine ls to verify if the VM is created and running. Note the URL of the VM. This URL will be used to access any application in containers hosted on this VM.

docker-machine ls

Setup the environment by running docker-machine env --shell=cmd idsrv-demo and following the instructions at prompt.

docker-machine env

Change URLs in the code

You will have to change the URLs in your code to point to the new VM URL in the following places:

Publish the projects

Go to each project folder and run dnu publish to publish in your desired folder.

dnu publish -o <Path to output directory>

Add a Dockerfile

Create a platintext file and name it as Dockerfile (without extension) in the root of output of each of the published project. It should sit together with approot, wwwroot and logs folder. Paste the following content in the Dockerfile.

FROM microsoft/aspnet:1.0.0-rc1-update1-coreclr

COPY . /app
WORKDIR /app/approot

EXPOSE <PORT>
ENTRYPOINT ["./web"]

Build Image

Go to the root of the published output of each project and run the following command to create a new image. This will download the base image from docker hub and may take time depending upon internet connection.

docker build -t idsrvhost .

docker build

Do the same for each of the projects but change the tag name. Run docker images to view all the generated image.

docker images

Create the container

We will create one container for each image. Run the following commands to create and start the containers.

docker run -d -p 22530:22530 --name idsrv-host idsrvhost
docker run -d -p 7017:7017 --name client jsclient
docker run -d -p 3860:3860 --name api sampleapi

Run docker ps to view all the created containers.

docker ps

Thats it.

Open the browser and go to the URL:PORT to view each of the site. Open URL:7017 to play with the javascript client.

client

Conclusion

Docker is great and very easy once you get hang of it. Next step you can try -v command to mount the source code to container without having to publish the site. This is incredibly helpful during development where you want to avoid hassle of publishing and creating new images every time you make a change.

comments powered by Disqus