Apereo CAS - Docker Infrastructure Deployment w/ Terraform

Posted by Misagh Moayyed on January 03, 2022 · 5 mins read ·

Infrastructure as code (IaC) tools allow you to manage infrastructure with configuration files rather than through a graphical user interface. Terraform is HashiCorp’s Infrastructure as Code tool. It lets you define resources and infrastructure in human-readable, declarative configuration files, and manages your infrastructure’s lifecycle.

In this blog post, we will take a look at what it takes to deploy and run an Apereo CAS Docker container using Terraform. Our starting position is based on the following:


Installing Terraform on MacOS using HomeBrew takes the following commands:

brew tap hashicorp/tap
brew install hashicorp/tap/terraform

Terraform Configuration

The set of files used to describe an Apereo CAS Deployment infrastructure in Terraform is known as a Terraform configuration. In this first approach, we plan to build, change, and destroy Docker infrastructure using Terraform without specifically dealing with a Cloud platform like AWS or Azur. Our CAS configuration, as is the case for every Terraform configuration, must be in its own working directory and looks something like this:

terraform {
  required_providers {
    docker = {
      source  = "kreuzwerker/docker"
      version = "~> 2.13.0"

provider "docker" {}

variable "server_port" {
  description = "The Apach Tomcat server port to bind"
  type        = number
  default     = 8080

resource "docker_image" "cas" {
  name         = "apereo/cas:"
  keep_locally = false

resource "docker_container" "cas" {
  image = docker_image.cas.latest
  name  = "cas-server"
  env = ["SERVER_SSL_ENABLED=false", "SERVER_PORT=${var.server_port}"]
  ports {
    internal = 8080
    external = 8080

output "container_id" {
  description = "ID of the Docker container"
  value       = docker_container.cas.id

output "image_id" {
  description = "ID of the Docker image"
  value       = docker_image.cas.id

A few things to note:

  • The provider block configures the specified docker provider, which is used by Terraform to create and manage your resources.
  • Our CAS Docker image resource is based on apereo/cas: and is then deployed as a Docker container with the name cas-server, where the container is instructed by default to map the host port 8080 to that of the container.
  • The CAS Docker container is configured to set a few environment variables that are translated by Spring Boot to disable the SSL configuration and to provide an easy and configurable way to set the Apache Tomcat’s port that is used by a client to access CAS.
  • We also define a few outputs that we could then query using the terraform output command. Terraform prints output values to the screen when we apply the configuration.

If we are happy with the defaults and are ready to build, we could just run:

terraform apply

To have the CAS Docker container and the underlying Apache Tomcat web server bind on port 8081, we could run:

terraform apply -var "server_port=8081"

You could examine the launched CAS container via docker ps, and of course tail the CAS logs via docker logs cas-server. Of course, the CAS web application itself can be accessed via http://localhost:[8080|8081]/cas (depending on your port selection at build time).

Finally, we can shut everything down and destroy the Docker infrastructure:

terraform destroy

Need Help?

If you have questions about the contents and the topic of this blog post, or if you need additional guidance and support, feel free to send us a note and ask about consulting and support services.


I hope this review was of some help to you and I am sure that both this post as well as the functionality it attempts to explain can be improved in any number of ways. Please feel free to engage and contribute as best as you can.

Happy Coding,

Misagh Moayyed