View Source

h4. Provisioning strategy

* The same [ansible|http://www.ansible.com/home] scripts are used by all environments. Differences between environments is handled by configuration.

* Limit flexibility and prioritize the recommended setup.


h4. Infrastructure

* Create servers, Amazon Linux
** Micro installation: 1 micro server (SSOLoginWebApp, SecurityTokenService, UserAdminService), 1 small server (UserIdentityBackend, UseradminWebApp)
** Normal installation: 2 micro servers HA (SSOLoginWebApp, SecurityTokenService, UserAdminService), 1 small server (UserIdentityBackend),1 small server (UseradminWebApp)
** Normal On-premise admin installation: 2 micro servers HA (SSOLoginWebApp, SecurityTokenService, UserAdminService), 1 small server (UserIdentityBackend),On premise server (UseradminWebApp)

* Set up firewalls
** DMZ sone (SSOLoginWebApp, SecurityTokenService, UserAdminService)
** Secure Vault (UserIdentityBackend, UseradminWebApp)

* [Install OpenLDAP for UIB] on Ubuntu

* [Amazon RDS for PostgreSQL|http://aws.amazon.com/rds/postgresql/]


h4. Whydah core

* Properties, config_override

* HTTPS only, Certificates

* HA, HazelCast

* Import from CSV

h4. TODO

# Remove import.enabled
## Always run import functionality. Add missing data, never overwrite or remove.
## Do not delete anything by default