- Where to find the images
- Key features of ColdFusion Docker images
- Benefits of using ColdFusion Docker images
- Supported ColdFusion releases
- Pre-requisites
- Install Docker
- ColdFusion license
- System requirements
- Set up ColdFusion Docker images
- Run ColdFusion in a container
- Configure ColdFusion Using Environment Variables
- Environment Variable Updates in ColdFusion (2025 release)
- ColdFusion Container Management
- Integrating ColdFusion with a MySQL Database
Adobe provides official Docker images for ColdFusion, allowing easy deployment and management of ColdFusion applications in a containerized environment. These images are optimized for performance, security, and scalability.
In this article,
- Configuring Docker Compose
- Executing Docker Compose
- Docker Secrets
- Managing Docker Configs for ColdFusion
- Creating a Docker Config
- Configuration Precedence: Environment Variables vs. Docker Configs
- Central Configuration Server
- ColdFusion Add-ons and Performance Monitoring Toolset
- Performance Monitoring Toolset (PMT)
- ColdFusion API Manager Docker Image
Where to find the images
Key features of ColdFusion Docker images
- Pre-configured ColdFusion runtime.
- Support for multiple versions.
- Automated environment configuration.
- Licensing flexibility for deployment and production.
Benefits of using ColdFusion Docker images
- Similar configuration across development, staging, and production.
- All dependencies bundled into a single image.
- Scale up or down based on demand using Kubernetes or Docker Swarm.
- Reduces security risks by isolating runtime from other applications.
Supported ColdFusion releases
ColdFusion version |
Supported image tags |
Lifecycle status |
ColdFusion (2025 release) |
2025, latest |
Supported |
ColdFusion (2023 release) |
2023, latest |
Supported
|
ColdFusion (2021 release) |
2021 |
Supported |
Pre-requisites
Before using ColdFusion Docker images, ensure your system meets these requirements:
Install Docker
- Install Docker on your system. Refer to the Docker Installation Guide for instructions.
- Ensure that Docker Desktop is running.
ColdFusion license
System requirements
Set up ColdFusion Docker images
Pull the ColdFusion Docker image. Launch a terminal and run:
docker pull adobecoldfusion/coldfusion:latest
Pull a specific version:
docker pull adobecoldfusion/coldfusion:2025
Run ColdFusion in a container
Launch a container using the following command:
docker run -d -p 8500:8500 --name cf-container adobecoldfusion/coldfusion -e acceptEULA=yes
- -d: Runs the container in the background.
- -p 8500:8500: Assigns ColdFusion’s default port to the host machine.
- --name cf-container: Assigns a name to the container.
- -e acceptEULA=YES: Accepts the EULA for the container to run.
Configure ColdFusion Using Environment Variables
ColdFusion Docker images support configuration via environment variables. For example:
docker run -d -p 8500:8500 -e acceptEULA=YES -e password=YourSecurePassword -e enableSecureProfile=true --name cf-container adobecoldfusion/coldfusion
To get a list of available environment variables, run:
docker run --rm -it adobecoldfusion/coldfusion:latest help
Required Environment Variables:
acceptEULA=YES
Optional Environment Variables:
- password - ColdFusion administrator password (default: admin)
- enableSecureProfile - Enables/disables the secure profile (true/false, default: false)
- configureExternalSessions - Enables/disables external session storage (true/false, default: false)
- externalSessionsHost - Redis host for external sessions (default: localhost)
- externalSessionsPort - Redis port for external sessions (default: 6379)
- externalSessionsPassword - Password for Redis external sessions (default: empty)
- configureExternalAddons - Enables/disables external add-ons (true/false, default: false)
- addonsHost - Host for add-on container services (default: localhost)
- addonsPort - Port for add-on container services (default: 8997)
- addonsUsername - Username for Solr authentication (default: admin)
- addonsPassword - Password for Solr authentication (default: admin)
- addonsPDFServiceName - Name of the PDFg service manager (default: addonsContainer)
- addonsPDFSSL - Enables/disables SSL for the PDFg service (true/false, default: false)
- setupScript - Path to a ColdFusion (CFM) script executed on startup (must be in /app)
- setupScriptDelete - Deletes the setup script after execution (true/false, default: false)
- language - ColdFusion language (ja/en, default: en)
- licenseFilePath - Path to ColdFusion license file (must be in /data)
- licenseEdition - Defines ColdFusion license edition (1 for Enterprise, 2 for Standard)
- installModules - Comma-separated list of modules to install via CF Package Manager (all to install all)
- importCFSettings - Path to a JSON file with ColdFusion settings (must be in /app)
- importCFSettingsPassphrase - Passphrase for encrypted CF settings
- importModules - Path to a text file containing packages to be imported (must be in /app)
- deploymentType - ColdFusion deployment type (1 for Production, 2 for Development, 3 for Staging, 4 for Testing, 5 for Disaster Recovery)
- profile - ColdFusion profile (1 for Production + Secure, 2 for Production, 3 for Development)
- allowedAdminIPList - List of IP addresses allowed to access the ColdFusion Administrator
- cfsecretPath - Directory for storing secrets (default: /run/secrets)
- cfconfigPath - Directory for storing configurations (default: /configname)
- CCSNodes - List of client nodes for the CCS server (e.g., localhost:8500 key1 (true/false))
- startCCS - Starts CCS server (true/false, default: false)
Environment Variable Updates in ColdFusion (2025 release)
New Variables:
- licenseFilePath
- licenseEdition
- cfsecretPath
- cfconfigPath
- CCSNodes
- startCCS
Changes in Variable Usage:
- deploymentType now accepts numerical values (1-5) instead of string-based values.
- profile now uses numerical values (1-3) instead of text-based labels.
- allowedAdminIPList can now be set for any ColdFusion profile, whereas in CF 2023 and earlier, it was only applicable to the Production + Secure profile.
Discontinued Variable:
- serial is no longer supported in CF 2025. It remains available for CF 2023 and earlier for license activation.
Supported Commands with ColdFusion Containers
- help
- start
- info
- cli <.cfm>
ColdFusion Container Management
Starting a Container
docker start cf-container
Stopping a Container
docker stop cf-container
Removing a Container
docker rm -f cf-container
Utilizing Docker Compose
Docker Compose enables the definition and execution of multiple services (such as a web application or a database) via a single configuration file (docker-compose.yml). Instead of manually executing multiple docker run commands, you can streamline the process by defining everything in a YAML file and initiating it with:
docker-compose up -d
Integrating ColdFusion with a MySQL Database
In this example, we extend the ColdFusion base image to include a MySQL driver and configure a MySQL datasource using ColdFusion’s Admin API.
Dockerfile
FROM coldfusion:latest
COPY mysql-connector-java-commercial-8.0.11-bin.jar /opt/coldfusion/cfusion/lib
Note: Ensure that mysql-connector-java-commercial-8.0.11-bin.jar is available in the current working directory.
ColdFusion Admin API Script
Create a file named setupColdFusion.cfm in the webroot to configure the MySQL datasource:
<cfscript> // Authenticate with ColdFusion Administrator adminObj = createObject("component","CFIDE.adminapi.administrator"); adminObj.login("ColdFusion123"); // ColdFusion Admin password // Establish a MySQL datasource datasource = createObject("component", "CFIDE.adminapi.datasource"); datasource.setMySQL5("SampleMYSqlDB", "database-host", "testDB"); </cfscript>
version: "3" services: coldfusion: container_name: myapp build: context: ./app dockerfile: Dockerfile image: app depends_on: - redis - addons ports: - "8500:8500" volumes: - "/opt/wwwroot:/app" env_file: - coldfusion.env healthcheck: test: curl -f http://addons:8989/solr/ || exit 1 interval: 1m timeout: 3s deploy: mode: replicated replicas: 2 restart_policy: condition: on-failure update_config: parallelism: 1 delay: 10s networks: - webnet addons: container_name: mycfaddons image: addons environment: - acceptEULA=YES ports: - "8989:8989" networks: - webnet redis: container_name: myredis image: redis:latest ports: - "6381:6379" volumes: - "redis_data:/data" networks: - webnet volumes: redis_data: networks: webnet:
ColdFusion.env
Create a .env file (coldfusion.env) with the following content:
acceptEULA=YES
setupScript= setupColdFusion.cfm
password=ColdFusion123
Executing Docker Compose
Launch all services using:
docker-compose up -d
The docker-compose.yml file defines a multi-container setup using Docker Compose. It specifies three main services—ColdFusion, Redis, and Addons—and configures their dependencies, networking, and deployment settings.
The setupColdFusion.cfm script executes automatically upon container startup, ensuring that the MySQL datasource is properly configured. Access the ColdFusion Administrator to verify the setup.
Docker Secrets
Docker secrets allow secure management of sensitive data in a Swarm environment. These secrets are encrypted both in transit and at rest and can only be accessed by services explicitly granted permission—only while their tasks are running.
Using Secrets in ColdFusion
In ColdFusion, you can securely pass sensitive credentials such as:
- ColdFusion Administrator Password
- CF Add-ons Password
- CF External Session Storage Password (Redis Password)
These credentials can be stored as Docker secrets. The secret names must match the corresponding environment variable names:
- password → ColdFusion Admin Password
- addonsPassword → CF Add-ons Password
- externalSessionsPassword → Redis Password
Example: Changing ColdFusion Admin Password
To change the ColdFusion Administrator console password inside a container, create a Docker secret named password. When the container starts, it automatically picks up this secret and updates the Administrator password accordingly.
Secret Storage Location
By default, secrets are available inside containers at:
/run/secrets/<secret_name>
If you need to store them in a custom location, specify the path using the cfsecretPath environment variable.
How to Create a Docker Secret
Create a Secret from a String
printf "myCFcomplexPassword" | docker secret create password -
Create a Secret from a File
docker secret create password ./secret.txt
Contents of secret.txt
myCFcomplexPassword
Sample docker-compose.yml configuration
version: "3.3" services: coldfusion: image: adobecoldfusion/coldfusion:latest ports: - "8501:8500" env_file: - variables.env volumes: - "./mynewwebroot:/app" networks: - webnet secrets: - source: password target: /opt/secrets/password networks: webnet: secrets: password: external: true
Sample variables.env File
acceptEULA=YES
password=ColdFusion123
cfsecretPath=/opt/secrets/
Secret Precedence in ColdFusion
If the same password is defined both as an environment variable and as a Docker secret, the secret takes precedence. In the example above, the CF Admin Console password will be myCFcomplexPassword, as it is retrieved from /opt/secrets/password, defined via cfsecretPath.
Managing Docker Configs for ColdFusion
Overview
Docker configs store non-sensitive configuration data in a Docker Swarm environment. They function similarly to secrets but are not encrypted at rest.
Storing ColdFusion Configuration in Docker Configs
ColdFusion supports storing the following environment variables in Docker configs:
- enableSecureProfile
- configureExternalSessions
- externalSessionsHost
- externalSessionsPort
- externalSessionsPassword
- configureExternalAddons
- addonsHost
- addonsPort
- addonsUsername
- addonsPassword
- addonsPDFServiceName
- addonsPDFSSL
- setupScript
- setupScriptDelete
- language
- installModules
- importCFSettings
- importCFSettingsPassphrase
- deploymentType
- profile
- allowedAdminIPList
You can create a config with the same name as the configuration key (e.g., enableSecureProfile) or store multiple configurations in a single config file named cfconfig.
By default, configs are available in the container under /<config_name>. You can specify a different path using the cfconfigPath environment variable.
Creating a Docker Config
Create a config from a command:
printf "scheduler" | docker config create installModules -
Create a config from a file:
docker config create cfconfig ./cfconfig.txt
Example cfconfig.txt file:
enableSecureProfile=true language=en installModules=debugger setupScript=c.cfm profile=Production Secure setupScriptDelete=false deploymentType=Staging allowedAdminIPList=*.*.*.* importCFSettings=cfsetupexport.json importCFSettingsPassphrase=coldfusion123
Example docker-compose.yml configuration
version: "3.3" services: coldfusion1: image: adobecoldfusion/coldfusion:latest ports: - "8500:8500" env_file: - variables.env volumes: - "./mynewwebroot/:/app" networks: - webnet secrets: - source: password target: /run/secrets/password configs: - source: cfconfig target: /opt/config/cfconfig configs: cfconfig: external: true networks: webnet: secrets: password: external: true
Running ColdFusion with Docker Swarm
docker swarm init
docker stack deploy -c compose1.yml UsingCFConfig
Storing ColdFusion Config in JSON Format
The cfconfig file can store key-value pairs for each configuration setting or be formatted as a JSON file.
Sample config.json file:
{ "enableSecureProfile": "YES", "language": "ja" }
Example docker-compose.yml Using JSON config:
version: "3.3" services: coldfusion1: image: adobecoldfusion/coldfusion:latest ports: - "8501:8500" env_file: - variables.env networks: - webnet secrets: - source: password target: /run/secrets/password configs: - source: cfconfig target: /opt/config/cfconfig configs: cfconfig: file: config.json networks: webnet: secrets: password: external: true
Example variables.env file:
acceptEULA=YES
cfconfigPath=/opt/config
Commands to start the container:
docker swarm init
docker stack deploy -c docker-compose.yml cfconfig.json
Configuration Precedence: Environment Variables vs. Docker Configs
When a configuration is defined in both an environment variable and a Docker config, Docker gives precedence to the config.
Example scenario:
printf "cfmongodb" | docker config create installModules -
docker config create cfconfig ./cfconfig.txt
Example cfconfig.txt file:
acceptEULA=YES
installModules=scheduler
Example variables.env file:
installModules=debugger
Precedence Rules:
- installModules is defined in:
- A separate Docker config (installModules)
- A multi-setting config (cfconfig)
- An environment variable (installModules in variables.env)
- Docker prioritizes configs over environment variables.
- The installModules config takes precedence, so cfmongodb is installed.
- If installModules were not defined as a separate config, the system would read from cfconfig.
- If neither config were defined, the environment variable would be used.
Central Configuration Server
You can start the CCS server and add nodes automatically during container startup using the ColdFusion Docker image. Configure the setup with the following environment variables:
CCSNodes
The CCSNodes variable contains a list of client nodes that will connect to the CCS server.
Each node should be formatted as:
hostname:port secretkey (true/false)
- hostname: The client's hostname or IP address.
- port: The port number used for communication.
- secretkey: A unique key for authentication, found in <cf_instancehome>/lib/ccs/ccs.properties.
- true/false: Indicates whether SSL is enabled (true for enabled, false for disabled). By default it is false.
Example:
hostname1:8500 mySecretKey1 true;hostname2:8501 mySecretKey2;hostname3:8502 mySecretKey3 false
Separate multiple client nodes with a semicolon (;).
If SSL is enabled for a node, set the last parameter to true; otherwise, leave it empty or set it to false.
startCCS
Set to true or false (default) to enable or disable CCS during startup.
Running the ColdFusion Container with CCS
Use the following docker run command:
docker run -dt -e acceptEULA=YES -p 8501:8500 -p 7071:7071 \
-e startCCS=true -e CCSNodes="cfhost1:8500 key1;cfhost2:8443 key2 true;cfhost3:8502 key3" adobecoldfusion/coldfusion:latest
Using Docker Config for CCS
You can also configure CCS via a Docker config file. Example:
config.json
{ "language": "ja", "deploymentType": 1, "profile": 2, "startCCS": true, "CCSNodes": "node1:8500 key1 false;node2:8443 key2 true" }
docker-compose.yml
version: "3.3" services: coldfusion1: image: adobecoldfusion/coldfusion:latest ports: - "8701:8500" env_file: - variables.env volumes: - "./mynewwebroot/:/app" - "./mydata:/data" networks: - webnet configs: - source: cfconfig target: /opt/config/cfconfig configs: cfconfig: file: config.json networks: webnet:
variables.env
acceptEULA=YES
cfconfigPath=/opt/config
Deploying CCS with Docker Swarm
Once everything is set up, initialize Docker Swarm and deploy the stack:
docker swarm init
docker stack deploy -c docker-compose.yml ccsserver
Docker secrets, config, and CCS server are only available with ColdFusion (2025 release).
ColdFusion Add-ons and Performance Monitoring Toolset
ColdFusion Add-ons
ColdFusion add-ons provide additional services like Solr (search) and PDFG (PDF Generation). These add-ons can run as separate Docker containers alongside your ColdFusion server using Docker Compose for better orchestration.
Pulling the ColdFusion Add-ons Image
ColdFusion add-ons images are available on Amazon ECR and Docker Hub.
From ECR:
docker pull public.ecr.aws/adobe/coldfusionaddons:latest
docker pull public.ecr.aws/adobe/coldfusionaddons:latest-2025
docker pull public.ecr.aws/adobe/coldfusionaddons2023:latest
From Docker Hub:
docker pull adobecoldfusion/coldfusionaddons:latest-2025
docker pull adobecoldfusion/coldfusionaddons:latest-2023
docker pull adobecoldfusion/coldfusionaddons2023:latest
Supported Environment Variables
Required:
acceptEULA=YES
Optional:
solrUsername=<SOLR-USERNAME>
solrPassword=<SOLR-PASSWORD>
Running ColdFusion Add-ons Containers
Basic usage:
docker run -dt -p 8993:8995 -e acceptEULA=YES public.ecr.aws/adobe/coldfusionaddons:latest start
Specify Solr credentials:
docker run -dt -p 8994:8995 -e acceptEULA=YES -e solrUsername=admin -e solrPassword=admin adobecoldfusion/coldfusionaddons:latest
Performance Monitoring Toolset (PMT)
Before running PMT in a container, ensure system limits are set correctly:
ulimit -n 65536
sysctl -w vm.max_map_count=262144
Pulling the PMT Image
PMT images are available on Amazon ECR and Docker Hub.
From ECR:
docker pull public.ecr.aws/adobe/pmt:latest
docker pull public.ecr.aws/adobe/pmt:latest-2025
docker pull public.ecr.aws/adobe/pmt2021:latest
From Docker Hub:
docker pull adobecoldfusion/pmt:latest
docker pull adobecoldfusion/pmt:latest-2023
docker pull adobecoldfusion/pmt2021:latest
Supported Environment variables:
Required:
acceptEULA=YES
datastoreHost=<DATASTORE-HOSTNAME>
datastorePort=<DATASTORE-PORT>
Optional:
startPMT=true # Default: true
startDatastore=true # Default: true
dataStoreNodeName=<Cluster Node Name>
dataStoreMaster=true # Default: true (Set false for additional nodes)
dataStoreNodes=["host1:port1", "host2:port2"]
Running PMT Containers
docker run -dt -p 9101:9101 -e acceptEULA=YES \
-e datastoreHost=<ElasticSearchHostName> \
-e datastorePort=<ElasticSearchPort> \
-e startDatastore=false \
adobecoldfusion/pmt:latest start
Running ColdFusion and PMT with Docker Compose
Environment Files
pmt.env
acceptEULA=YES
datastoreHost=pmt
datastorePort=9200
startDatastore=true
coldfusion.env
acceptEULA=YES
password=ColdFusion123
docker-compose.yml
version: "3" services: coldfusion: container_name: coldfusion image: coldfusion:2023.0.7 ports: - "8500:8500" volumes: - "./webroot:/app" env_file: - coldfusion.env healthcheck: test: curl -f http://localhost:8500/ interval: 1m timeout: 3s networks: - webnet pmt: container_name: pmt image: adobecoldfusion/pmt:2023.0.0 depends_on: - coldfusion ports: - "9101:9101" env_file: - pmt.env healthcheck: test: curl -f http://localhost:9101/ interval: 1m timeout: 3s networks: - webnet networks: webnet:
This setup ensures that both ColdFusion and PMT run together in a well-orchestrated Docker environment.
ColdFusion API Manager Docker Image
The Docker image for ColdFusion API Manager (APIM) is available on both Amazon ECR and Docker Hub. You can pull the latest images using the following commands:
Pulling the API Manager Image
From Amazon ECR:
docker pull public.ecr.aws/adobe/apimanager:latest
docker pull public.ecr.aws/adobe/apimanager:latest-2023
docker pull public.ecr.aws/adobe/apimanager2023:2023.0.12
From Docker Hub:
docker pull adobecoldfusion/apimanager:latest
docker pull adobecoldfusion/apimanager:latest-2025
docker pull adobecoldfusion/apimanager2023:latest
Environment Variables
To view the list of supported environment variables, run:
docker run --rm -it public.ecr.aws/adobe/apimanager:latest help
Supported Commands:
- help
- start <.cfm>
Required Environment Variables:
apim_acceptEULA=YES
Optional Environment Variables:
- apim_serial=<Serial Key>
- apim_previousSerial=<Previous Serial Key (Upgrade)>
- apim_password=<API Manager Admin Password>
- apim_datastoreHost=<Datastore Hostname>
- apim_datastorePort=<Datastore Port>
- apim_datastorePassword=<Redis (Datastore) Password>
- apim_datastoreSeed=<Datastore Encryption Seed>
- apim_analyticsHost=<Analytics Server Hostname>
- apim_analyticsPort=<Analytics Server Port>
- apim_analyticsClusterPort=<Analytics Server Cluster Port>
- apim_analyticsClusterName=<ElasticSearch Cluster Name>
Usage
Running API Manager from Amazon ECR:
docker container run -dt \
-e apim_ acceptEULA=YES \
-e apim_ datastoreHost=<Datastore Hostname> \
-e apim_ datastorePort=<Datastore Port> \
-e apim_ analyticsHost=<Analytics Server Hostname> \
-e apim_ analyticsPort=<Analytics Server Port> \
-e apim_ analyticsClusterPort=<Analytics Server Cluster Port> \
-e apim_ analyticsClusterName=<ElasticSearch Cluster Name> \
public.ecr.aws/adobe/apimanager:latest
Running API Manager from Docker Hub:
docker run -dt -p 8500:8500 \
-e apim_ acceptEULA=YES \
-e apim_ datastoreHost=<Hostname> \
-e apim_ datastorePort=6378 \
-e apim_ analyticsHost=10.42.70.250 \
-e apim_ analyticsPort=9201 \
-e apim_ analyticsClusterPort=<Cluster Port> \
-e apim_ analyticsClusterName=<ElasticSearch Cluster Name> \
apimanager:latest
Docker Compose Configuration
The following is a sample docker-compose.yml configuration:
version: "3" services: analytics: container_name: analytics image: public.ecr.aws/adobe/apimanageraddons:latest env_file: - analytics.env networks: - webnet datastore: container_name: datastore image: public.ecr.aws/adobe/apimanageraddons:latest env_file: - datastore.env networks: - webnet ports: - "9200:9200" - "9300:9300" apim: container_name: apimanager image: public.ecr.aws/adobe/apimanager:latest ports: - "9000:9000" env_file: - apimanager.env networks: - webnet depends_on: - datastore networks: webnet:
Environment Files
apimanager.env
apim_ acceptEULA=YES
apim_ serial=<enter serial number>
apim_Password=APIManager123
apim_ datastoreHost=datastore
apim_ datastorePort=6379
apim_ datastorePassword=MyRedisPassword
apim_ analyticsHost=analytics
apim_ analyticsPort=9200
apim_ analyticsClusterPort=9300
apim_ analyticsClusterName=apim-analytics
analytics.env
acceptEULA=YES
startAnalyticsService=true
analyticsClusterName=apim-analytics
datastore.env
acceptEULA=YES
startDatastoreService=true
datastorePassword=MyRedisPassword