If you’ve followed the instructions for deploying the CDM without modifying configurations, then the following indicates that you’ve been successful:
The Kubernetes cluster and pods are up and running.
DS, AM, and IDM are installed and running. You can access each ForgeRock component.
DS is provisioned with sample users. Replication and failover work as expected.
Monitoring tools are installed and running. You can access a monitoring console for DS, AM, and IDM.
When you’re satisfied that all of these conditions are met, then you’ve successfully taken the first steps towards deploying the ForgeRock Identity Platform in the cloud. Congratulations!
You can use the CDM to test deployment customizations—options that you might want to use in production, but are not part of the CDM. Examples include, but are not limited to:
Running lightweight benchmark tests
Making backups of CDM data, and restoring the data
Securing TLS with a certificate that’s dynamically obtained from Let’s Encrypt
Using an ingress controller other than the NGINX ingress controller
Resizing the cluster to meet your business requirements
Configuring Alert Manager to issue alerts when usage thresholds have been reached
Now that you’re familiar with the CDM—ForgeRock’s reference implementation—you’re ready to work with a project team to plan and configure your production deployment. You’ll need a team with expertise in the ForgeRock Identity Platform, in your cloud provider, and in Kubernetes on your cloud provider. We strongly recommend that you engage a ForgeRock technical consultant or partner to assist you with deploying the platform in production.
You’ll perform these major activities:
Platform configuration. ForgeRock Identity Platform experts configure AM and IDM using the CDK, and build custom Docker images for the ForgeRock Identity Platform. The Cloud Developer’s Kit Documentation provides information about platform configuration tasks.
Cluster configuration. Cloud technology experts configure the Kubernetes
cluster that will host the ForgeRock Identity Platform for optimal performance and
reliability. Tasks include: configuring your Kubernetes cluster to suit your
business needs; setting up monitoring and alerts to track site health and
performance; backing up configuration and user data for disaster preparedness;
and securing your deployment. The How-Tos
and READMEs in the
forgeops repository provide information about cluster
Site reliability engineering. Site reliability engineers monitor the
ForgeRock Identity Platform deployment, and keep the deployment up and running based on your
business requirements. These might include use cases, service-level agreements,
thresholds, and load test profiles. The
How-Tos, and READMEs in the
repository, provide information about site reliability.