Skip to content
This repository was archived by the owner on Apr 21, 2024. It is now read-only.


Repository files navigation

This repository is no longer maintained.

Issue reports and pull requests will not be attended.


Use these artefacts as a reference to build your deployment artefacts. Existing artefacts only developed to demonstrate a reference deployment and should not be used as is in production

WSO2 Identity Server Ansible scripts

This repository contains the Ansible scripts for installing and configuring WSO2 Identity Server and Identity Server Analytics.

Supported Operating Systems

  • Ubuntu 16.04 or higher
  • CentOS 7

Supported Ansible Versions

  • Ansible 2.6.2

Directory Structure

├── dev
│   ├── group_vars
│   │   └── is.yml
│   ├── host_vars
│   │   └── is_1.yml
│   └── inventory
├── docs
│   ├── images
│   │   ├── Deployment-pattern-1-diagram.png
│   │   └── Deployment-pattern-2-diagram.png
│   ├──
│   └──
├── files
│   ├── lib
│   │   ├── amazon-corretto-
│   │   └── mysql-connector-java-5.1.47-bin.jar
│   └── packs
│       └──
├── roles
│   ├── common
│   │   └── tasks
│   │       ├── custom.yml
│   │       └── main.yml
│   └── is
│       ├── tasks
│       │   ├── custom.yml
│       │   └── main.yml
│       └── templates
│           ├── carbon-home
│           │   ├── bin
│           │   │   └──
│           │   └── repository
│           │       └── conf
│           │           └── deployment.toml.j2
│           └── wso2is.service.j2
├── scripts
│   ├──
│   └──
└── site.yml

Packs could be either copied to a local directory, or downloaded from a remote location.

Packs to be Copied

Copy the following files to files/packs directory.

  1. WSO2 Identity Server 5.10.0 package

Copy the following files to files/lib directory.

  1. MySQL Connector/J
  2. Amazon Coretto for Linux x64 JDK

Downloading from remote location

In group_vars, change the values of the following variables in all groups:

  1. The value of pack_location should be changed from "local" to "remote"
  2. The value of remote_jdk should be changed to the URL in which the JDK should be downloaded from, and remove it as a comment.
  3. The value of remote_pack should be changed to the URL in which the package should be downloaded from, and remove it as a comment.

Running WSO2 Identity Server Ansible scripts

1. Run the existing scripts without customization

The existing Ansible scripts contain the configurations to set-up a single node WSO2 Identity Server pattern. In order to deploy the pattern, you need to replace the [ip_address] given in the inventory file under dev folder by the IP of the location where you need to host the Identity Server. An example is given below.

wso2is ansible_host=

Run the following command to run the scripts.

ansible-playbook -i dev site.yml

If you need to alter the configurations given, please change the parameterized values in the yaml files under group_vars and host_vars.

2. Customize the WSO2 Ansible scripts

The templates that are used by the Ansible scripts are in j2 format in-order to enable parameterization.

The axis2.xml.j2 file is added under roles/is/templates/carbon-home/repositoy/conf/axis2/, in order to enable customizations. You can add any other customizations to custom.yml under tasks of each role as well.

Step 1

Uncomment the following line in main.yml under the role you want to customize.

- import_tasks: custom.yml

Step 2

Add the configurations to the custom.yml. A sample is given below.

- name: "Copy custom file"
    src: path/to/example/file/example.xml.j2
    dest: destination/example.xml.j2
  when: "(inventory_hostname in groups['is'])"

Follow the steps mentioned under docs directory to customize/create new Ansible scripts and deploy the recommended patterns.

Performance Tuning

System configurations can be changed through Ansible to optimize OS level performance. Performance tuning can be enabled by changing enable_performance_tuning in dev/group_vars/is.yml to true.

System files that will be updated when performance tuning are enabled is available in files/system. Update the configuration values according to the requirements of your deployment.