IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Deploy IBM Verify Identity Access 11 on OpenShift - Latest documentation

    Posted 2 days ago

    Dear Verify team,

    We are deploying IBM Verify Identity Access 11 (on-prem) on OpenShift cluster, I'm looking step-by-step latest documentation, please provide link/pdf if any.

    And please guide us on below questions:

    1) What is the best way to deploy IVIA 11 on OpenShift cluster? with IBM Security Verify Operator??or without operator?? pros and cons of Operator if any

    2) And we need to provide OIDC/SAML2 integrations with Verify Access 11, so do we need dedicate IBM Verify Identity Access OIDC Provider pod or not??

    And please provide any reference materials/trainings on IVIA 11 deployment on OpenShift cluster and challenges. 

    Thanks for your support.

    Regards

    SK 



    ------------------------------
    Someswara Reddy Karem
    ------------------------------


  • 2.  RE: Deploy IBM Verify Identity Access 11 on OpenShift - Latest documentation

    Posted 2 days ago

    HI Someswara

    I will try to answer these

    What is the best way to deploy IVIA 11 on OpenShift cluster? with IBM Security Verify Operator??or without operator?? pros and cons of Operator if any

    1. Best is relative to your requirement
      1. Operator based Pros
        1. good automation /ease of deployment/easy maintenance
      2. Operator based Cons
        1. not flexible /will get deployed across projects
    2. Template based
      1. Openshift Verify template to create one click deployment of all IVIA container
        1. Pros
          1. flexible in choosing various component related to openshift
          2. can be specific to one project 
          3. once a template is ready , it can be instantiated to create prod,dev,green , blue IVIA deployment according to architecture
        2. cons
          1. need to create or reuse already created IVIA template -> dependency on good availability 
          2. not great automation as compared to Operator

    Second Question:

    1.for OIDC integration -> if you have advanced and moden use case you should go with OIDCOP , this is the nextGen OIDC Provider in IVIA and yes it will be a different deployment based on config maps

    2.For SAML , you need to make use of Federation Module of IVIA . This also supports OIDC provider but recommended is to use OIDCOP 

    3.I will see few samples of working Deployment can be passed to you.



    ------------------------------
    Tushar
    Tushar
    ------------------------------

    Original Message


  • 3.  RE: Deploy IBM Verify Identity Access 11 on OpenShift - Latest documentation

    Posted yesterday

    Hi Tushar,

    Thanks for your prompt reply. Can you please share working deployment yamls if any. 

    Regards

    Som



    ------------------------------
    Someswara Reddy Karem
    ------------------------------

    Original Message


Related Content