Deploy the Oracle App Gateway Docker Container

• Download the App Gateway docker image. Open the navigation menu  and select Identity & Security. Under Identity, select Domains. Click the name of the identity domain that you want to work in. You might need to change the compartment to find the domain that you want. Then, click Settings and then Downloads.
• Create a wallet file containing the Client ID and Client Secret of the App Gateway that was created in the Admin Console. Name the wallet file cwallet.sso and copy it to the local folder so that the container can uptake the file. Note: The wallet tool can be downloaded from the IAM Console. In the IAM Console, expand the Navigation Drawer, select Settings, and then select Downloads.
• Install Docker (Command: $ yum install docker-engine).
• Add the current user to the Docker group (Command: $ sudo usermod -a -G docker $USER).

1. Load the .tar.gz file to the local Docker registry. Command: $ docker load -i <.tar.gz file>
2. Verify that you see the image in the local Docker registry. Command: $ docker images

$ docker run -it -d 
--name <container name> 
--env-file <path to env file>  
--env HOST_MACHINE=`hostname -f` 
--volume <local folder>/cwallet.sso:/usr/local/nginx/conf/cwallet.sso
--net=host/<User-defined bridge name> <image name>

$ docker run -it -d  
--name appgateway 
--env-file appgateway-env 
--env HOST_MACHINE=`hostname -f` 
--volume /opt/appgateway/cwallet.sso:/usr/local/nginx/conf/cwallet.sso  
--net=host opc-delivery.docker.acme.com/idcs/appgateway:RELEASE-BUILDNUMBER

$ docker run -it -p 80:9000  -d  
--name appgateway 
--env-file /home/<username>/dev/appgateway_pool/appgateway_env --env HOST_MACHINE=`hostname -f`
--volume /opt/appgateway/cwallet.sso:/usr/local/nginx/conf/cwallet.sso   
--net=bridge-net  idcs.docker.acme.com/idcs/appgateway: RELEASE-BUILDNUMBER

1. Configured SSL certificates must be copied to the location that is specified in Additional Properties. Go to Security, App Gateways, <Gateway>, Hosts, Additional Properties and note the location.
2. Run commands like the following. Note: The location of the certificate depends on the location you specified in the App Gateways Host.

   $ docker cp deploy/docker/nginx/build/test-config/certs/my-appgateway.cert appgateway:/scratch/docker/cloudgate/certs/my-appgateway.cert

   $ docker cp deploy/docker/nginx/build/test-config/certs/my-appgateway.key appgateway:/scratch/docker/cloudgate/certs/my-appgateway.key

• How do I know if my container was created successfully?

  Run the command: $ docker ps -a and ensure that the STATUS is Up in the list corresponding to your container name.

• If the container STATUS shows exited, how do I check the logs to determine why the container was terminated?

  Run the command: $ docker logs <container name>. This command prints the log messages, which contain the log messages printed by App Gateway.

• How to do edit the cloudgate.config file inside the container?

  Run the command: $ docker exec -it <container name> bash.

  Run this command to access the container if the container is running with a Bash shell. Once inside the container, you can edit the files using Nano editor.

• Can we print the access logs in JSON format?

  Yes, you can print the access logs in JSON format. Add the lines below to the file /usr/local/nginx/conf/nginx.conf, inside an HTTP block and then restart App Gateway.

  log_format jsonf escape=json '{"remote_addr": "$remote_addr", "remote_user":
        "$remote_user", "time": [$time_local], "request": "$request", "status": $status,
        "body_bytes_sent": $body_bytes_sent, "http_referer": "$http_referer", "user_agent":
        "$http_user_agent", "x_forwarded_for": "$http_x_forwarded_for"}'; access_log                    
        /usr/local/nginx/logs/access.log jsonf;

  Note: You can edit the JSON fields that you're interested in by removing or adding the NGINX variable.