Installing Sync server Guide to install Sync server using Docker. There is a public docker image at docker hub: https://hub.docker.com/r/soffid/iam-sync Prerequisites Soffid IAM sync server requires the following requirements: Supported database installed Soffid Console Installed Video Tutorial Linux Installation Install first Sync server To configure the first IAM Sync server, the following environment variables can be set for the first server: Variable Description Example DB_URL JDBC URL jdbc:mariadb://dbcontainer/soffid DB_USER Database user Soffid DB_PASSWORD Database password 5uper5ecret SOFFID_HOSTNAME The hostname used to access the sync server syncserver01.soffid.com SOFFID_PORT TCP port used for incoming connections 760 SOFFID_MAIN Set to yes for the first sync server, no for the next ones yes Additional parameters to configure the database connections. Allows you to establish the min and the max of database connections: Variable Description Example DBPOOL_MIN_IDLE The minimum number of connections should be kept in the pool at all times. 1 or 2 DBPOOL_MAX_IDLE The maximum number of connections should be kept in the pool at all times. between 10 and 15 DBPOOL_INITIAL The number of connections will be established when the connection pool is started. 3 or 4 DBPOOL_MAX The maximum number of active connections that can be allocated. If no value is indicated, the default value is 30. The transaction fails if the maximum connections are reached within 30 seconds and no connection is released. 25 DBPOOL_MAX_IDLE_TIME Number of seconds that a connection to a DB that is not in use is maintained. Available since Sync Server version 3.5.4.3 3600 Install next Sync servers To configure the next sync servers, the following environment variables can be set: Variable Description Example SOFFID_SERVER First sync server url https://syncserver01.soffid.com:1760 SOFFID_USER Soffid user to join the security domain. If you are working in a tenant, the user of the tenant. admin SOFFID_PASS Soffid user password. If you are working in a tenant, the user password of the tenant. changeit SOFFID_HOSTNAME The host name used to access to the sync server syncserver.soffid.com SOFFID_PORT TCP port used for incomming connections 760 SOFFID_TENANT Tenant name master SOFFID_MAIN Set to yes for the first sync server, no for the next ones no Install Sync server in a private network To configure a sync server in a private network, not directly accessible from the main sync server, the following environment variables can be set: Variable Description Example SOFFID_SERVER First sync server url https://syncserver01.soffid.com:1760 SOFFID_USER Soffid user to join the security domain admin SOFFID_PASS Soffid user password changeit SOFFID_HOSTNAME The host name used to access to the sync server syncserver.soffid.com SOFFID_TENANT Tenant name master SOFFID_MAIN Set to yes for the first sync server, no for the next ones no SOFFID_REMOTE Flag to enable cloud protocol yes You can use this configuration when the main sync server is located in the cloud. The following volumes are defined by default Volume Usage /opt/soffid/iam-sync/conf Configuration files, including private keys and certificates Command Here you have a sample command to start a docker container running IAM sync server. Mind to specify the port number to expose the sync server docker to the outside world. It is not needed when using the cloud connectivity: docker run -d \ -e DB_URL=jdbc:mysql://mariadb-service/soffid \ -e DB_USER=soffid \ -e DB_PASSWORD=soffid \ -e SOFFID_PORT=1760 \ -e SOFFID_HOSTNAME=iam-sync.soffidnet \ -e SOFFID_MAIN=yes \ --name=iam-sync \ --publish 1760:1760 \ --network=soffidnet \ soffid/iam-sync:latest To see sync server log file, execute: docker logs -f iam-sync You can also view the log files inside the container. To do this, first enter the container, then you should find the log files in the /var/log/soffid/ directory. root@soffid:~# docker exec -it iam-sync /bin/bash root@e1a90ff25d99:/# less /var/log/soffid/syncserver.log Now you can connect to the IAM console http://localhost:8080/soffid  and chek if Console and Syncserver are connected.