Layer7 Access Management

Expand all | Collapse all

Automated deployment of Policy Server and Agent

Jump to Best Answer
  • 1.  Automated deployment of Policy Server and Agent

    Posted 02-03-2015 04:43 AM

    Hi,

    we have multiple large SiteMinder environments running on RedHat Linux.

    Does anyone have experience in automatic deployment from the Test to QA to Prod environment?

    Please let me know which tools can be used.

    Kind Regards,

    Gottfried



  • 2.  Re: Automated deployment of Policy Server and Agent

    Posted 02-09-2015 03:53 PM

    Automated Deployment. Could we be more specific? Are we referring to Policy Data (Policy Domains, AgentGroups etc) Migration?

     

    Regards

     

    Hubert



  • 3.  Re: Automated deployment of Policy Server and Agent

    Posted 02-10-2015 07:35 AM

    Hi Hubert,

    the customer has 2 DEV, 2 QA and 2 PROD Policy Server environments. All systems are running currently under RedHat 6.

    The idea is to have an (semi-) automatic mechanism for the moving the implementation from one stage to another.

    Each stage has it's own configuration settings i.e. DNS records, IP addresses, etc.

    Therefore the automation software should be as flexible as possible and should support different settings.
    Questions are:

    a) What is a good environment to start: Is CA Release Automation a good environment? Also I heard about CA Express Install which can install unattended a SiteMinder environment? Any other environment?

    b) Which installations or configurations do already exist for SiteMinder and can be used and adapted for customer's environment?

    c) For installations/configurations automation is hard to implement?

    d) Which installations can be automated but there is no yet existing automation

    With answers to these questions we can build a picture how such an environment will look like.

    Do you have any input for these questions?

    Kind regards,

    Gottfried



  • 4.  Re: Automated deployment of Policy Server and Agent
    Best Answer

    Posted 02-10-2015 09:20 AM

    Thank You, this helps in understanding what is being sought

     

     

    a) What is a good environment to start: Is CA Release Automation a good environment? Also I heard about CA Express Install which can install unattended a SiteMinder environment? Any other environment?

    • CA Release Automation is a Good Product to begin with. I know there has been some work done between CA Single Sign On and CA LISA (a.k.a CA Release Automation) for automating deployment.

     

    b) Which installations or configurations do already exist for SiteMinder and can be used and adapted for customer's environment?

     

    c) For installations/configurations automation is hard to implement?

    • No, many of CA Single Sign On customers do some level of automation.
    • The most common way is using Silent Installation feature of the Product (explained above OOB feature).
      • One could further take the silent install a step ahead by writing PERL scripts as a wrapper surrounding the Silent Install procedures.
      • This could help reading inputs from a different properties file to populate the correct values as per respective Environments e.g. DEV / TEST / PRODN.
      • You could also have one properties file per Environment already created, and on runtime based on user input of DEV / TEST / PRODN, apply the correct properties file as input to Installer.
    • These days one also has the luxury of using other Products like CA Release Automation (a.k.a CA LISA) to automate deployments. Though my personal knowledge in that space is quite less. However there should be some knowledge base internally within CA Release Automation Communities OR support site OR Product documentation.

     

    d) Which installations can be automated but there is no yet existing automation.

    • From CA Single SignOn perspective almost all of the installation and configuration steps could be automated by using the Silent Install. You could further enhance it by writing a few PERL scripts.

     

     

    Hope this helps!

     

     

    Regards

     

    Hubert