Perform the following steps to deploy the Identity Manager Configuration Generator container to generate the configuration files.
Run the following command to load the docker image:
docker load --input docker-images/IDM_485_idm_conf_generator.tar.gz
Run the following command to deploy the configuration generator container:
docker run --rm -it --name=idm_conf_generator -v /data:/config idm_conf_generator:idm-4.8.5
The following table provides information on the new prompts:
NOTE:For all the existing prompts, refer the section Understanding the Configuration Parameters.
Prompt |
Description |
---|---|
Do you want to deploy Identity Manager Containers on Azure? |
Specify your choice to deploy Identity Manager Containers.
|
Specify the namespace for Kubernetes Deployment. |
Enter the namespace for Kubernetes Deployment. For example, idm. |
Enter the short hostname for the virtual machine. |
Specify the short hostname for sles15sp2 virtual machine used to run the docker engine container. For example, identityengine. |
Enter the Identity Manager Engine data disk size for persistence in GB. |
Specify the data disk size as per your requirement. For example, 10GB. |
Do you want to create a new Azure PostgreSQL Server instance? |
Specify your choice to create a new Azure PostgreSQL Server instance.
|
Enter the fully qualified domain name (FQDN) for accessing the Identity Manager web applications. |
Specify the FQDN to access the identity manager web applications. For example, identitymanager.eastus.cloudapp.azure.com. NOTE:Identity Manager web applications include Identity Applications, Identity Reporting, SSPR, OSP and also Identity Console. |
Enter the TLS certificate file. |
Specify the TLS certificate file in PEM format, which contains the subject alternate name and calling name for the domain specified above. For example, /config/tls.crt. |
Enter the private key file for the TLS certificate. |
Specify the private key file for the TLS certificate. For example, /config/tls.key. |
Enter the Identity Vault Server Name. |
Specify the Identity Vault Server Name. For example, IDVAULTSERVER. |
Enter the Azure Service Principal ID. |
Specify the Azure Service Principal ID generated in Section: Planning your deployment, Step 5. |
Enter the Azure Service Password. |
Specify the Azure service password generated in Section: Planning your deployment, Step 5. |
Enter the Tenant ID of your Service Principal. |
Specify the Tenant ID generated in Section: Planning your deployment, Step 5. |
Enter the existing Azure Container Registry Server Name. |
Specify the Azure Container Registry Server Name. Refer to Step 4. |
Enter the Azure Container Registry user name. |
Specify the Azure Container Registry user name. Refer to Step 4. |
Enter the Azure Container Registry user password. |
Specify the Azure Container Registry password. Refer to Step 4. |
Sign in to Azure CLI. |
Refer to Step 2. |
Enter the appropriate Azure Account id printed above as-is without double quotes. |
Specify the Azure Account ID generated in the above Step. |
Enter the Azure Resource Group Name. |
Specify the Azure Resource group name. For example, idvault-rg. |
Enter the Azure Resource Group Location. |
Specify the Resource Group Location. For example, eastus. |
After executing all the prompts, Identity Manager configuration generator container performs the following actions:
A Key vault is created under the resource group.
All the sensitive information is pushed to the Key vault.
NOTE:To access the sensitive information in Azure Key Vault, refer to Quickstart:Azure Key Vault.
Terraform files and Helm Charts are created and delivered as IDM_4.8.5_Cloud_Deployment_files.zip file under the shared volume.