How to deploy CA SSO with PaaS system like Openshift

Document ID : KB000103781
Last Modified Date : 04/07/2018
Show Technical Document Details
Question:
We'd like to know if you support Web Agent with OpenShift software to
dynamically be able to register the Web Agent. What is important for
us to know, is the process to register every Apache instance that
OpenShift wake up during high work peaks with CASSO and how to
unregister that instance when OpenShift takes it down during low
peaks. If there is any way to do that.
Answer:
At first glance, OpenShift is supported.

  Administration, Internals and Supportability
  https://communities.ca.com/servlet/JiveServlet/download/241807667-1-189327/why-upgrade-to-ca-single-sign-12.8.pdf

  Using Web Agent in Dynamically Scaled Environments
  
  CA SSO Web Agents can be used in dynamically scaled environments
  such as Docker containers and OpenShift. Using these technologies
  require taking a different approach to register the Web Agent
  instances. For more information, see Use Web Agent in Dynamically
  Scaled Environments.

  https://docops.ca.com/ca-single-sign-on/12-7/en/release-notes/new-features

and here the doc about registration :

  Use Web Agent in Dynamically Scaled Environments

  For each application, create a trusted host using Java Agent API
  SDK. Using this method you can create a new trusted host and obtain
  its generated shared secret in an unencrypted string format. You
  must save this shared secret to use as part of the data
  initialization of the application. You can use this approach to
  register all versions of the Web Agents (6x and later). The
  following sample code can be used to register an application, the
  sample code uses SDK versions 12.5 and up. You can also use SDK
  version 12.0 by removing the lines that handle FIPS mode:

  https://docops.ca.com/ca-single-sign-on/12-7/en/configuring/policy-server-configuration/agents-and-agent-groups/use-web-agent-in-dynamically-scaled-environments