4.3 Deciding to Use the Scripts or Manual Installation Method

To determine whether to use the installation scripts or perform a manual installation, review the following considerations:

  • The scripts install Identity Intelligence on the operating system with a default minimum installation. If you have any customizations on the operating system, we recommend you to perform the prerequisites manually and perform installation and post installation configuration using scripts.

  • The scripts install Identity Intelligence only on a singled-homed network (a single-homed stub system is one that is connected with a single network link). If you have a dual-homed network (dual or redundant connections to a single Internet Service Provider), we recommend that you use the manual installation process.

  • The scripts disable plain text communication between Transformation Hub (Kafka) and all the components outside the Kubernetes cluster, such as Identity Governance, Identity Manager Driver for Entity Data Model, database, and so on. Therefore, you must configure SSL between Transformation Hub (Kafka) and the components that are outside the Kubernetes cluster. The scripts automatically configures SSL for database as database is installed as part of the script.

  • The scripts automatically tune the system for a single-node deployment with a small workload.

  • The script configures database agent to use the port 5438 instead of the default port 5444, as the script installs both CDF and database on the same node.

  • The scripts register a service with the operating system to automatically start the database Kafka scheduler to collect event data.

  • The scripts install the cluster with a single master node and single worker node running on the same system. You can add worker nodes after the installation to scale and enable worker high availability.

  • If you use the scripts, you cannot configure high availability for the master node. If you want high availability for the master node, we recommend that you use the manual installation process.

  • The scripts disable the option to authorize Micro Focus to collect suite usage data.

  • The scripts create NFS shares on the system used by the containers in the cluster. They configure the firewall to disable remote access to this NFS server. If you plan to add additional nodes to the cluster, you must enable remote access to the NFS server in the firewall.

  • The scripts use the following paths by default:

    • To install Kubernetes: /opt/arcsight/kubernetes

    • To create NFS shared directories: /opt/NFS_Volume

    • To unzip database installer file: /opt/arcsight-database

    • To install database: /opt/vertica

  • If you must use proxy in your environment, you must use the manual installation process.