# Deploy Datawiza Access Broker (DAB) With Your Application

After you successfully complete the configuration on IdP side and DCMC side, you are ready to deploy DAB with your app to enable SSO and granular access control.

You deploy DAB like you would deploy any other reverse-proxy, e.g, nginx. Most of DAB's configuration should have been done on the DCMC. You can use either Docker or Kubernetes to run the DAB. Below are Docker-specific instructions. Refer to Deploy DAB with Kubernetes for Kubernetes-specific instructions.

You can use docker-compose or docker run to run DAB. The following is an example docker-compose.yaml file when running DAB using docker-compose. Refer back to Prerequisites to install the docker-compose dependency.

# Important Step

  • Before running docker-compose up, run docker login registry.gitlab.com -u datawiza-deploy-token -p xxxxxxx to login to our container registry. If you have followed previous step-by-step instructions of Datawiza Cloud Management Console (DCMC) Configuration to the end, you should see a screen like below, which shows you the docker login command together with the datawiza deploy token. If you don't see the datawiza deploy token after those steps, please contact us at info@datawiza.com. Instruction-Step-5-End

  • Make sure that your docker-compose.yml file does not contain any tabs. They aren't allowed in YAML!

version: '3'

services:
  datawiza-access-broker:
    image: registry.gitlab.com/datawiza/access-broker
    container_name: datawiza-access-broker
    restart: always
    ports:
      - "9772:9772"
    environment:
      PROVISIONING_KEY: replace-it-with-your-PROVISIONING-KEY
      PROVISIONING_SECRET: replace-it-with-your-PROVISIONING-SECRET

# Notes:

  • "9772:9772" maps docker host's port 9772 to container's port 9772. If your public domain uses another port, e.g., 8080, you should replace "9772:9772" with "8080:8080".
  • If you are trying to deploy DAB with your own application, make sure that it is being hosted on the Docker network. Perform an ip addr show docker0 and host your application at this IP address with a given port number. Make sure this is consistent with the Upstream Server field in the DCMC.
  • Set PROVISIONING_KEY and PROVISIONING_SECRET to the values you get from Step2: Datawiza Cloud Management Console.
  • If you get the following error when trying to run your docker-compose command, you will have to add your current user to the docker group using the groupadd and usermod commands. Follow the instructions here.
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/json: dial unix /var/run/docker.sock: connect: permission denied
  • If everything looks good now, run docker-compose up to get DAB started.