Can a single system serve as both a development system and an orchestrator?
For on prem customers, our recommendation is to always have a separate environment to the Deployment Manager orchestrator. This is how it is deployed for our Pega cloud customers and it provides the following benefits
Security – Companies often have policies that prevent development environments, or lower environments in general, from being able to connect directly to higher environments especially production. The Deployment Manager orchestrator can be setup to be the only authorized entity that can connect between the different environments with all the appropriate security privileges enforced which can satisfy this policy.
Stability – if a dev environment needs to be restarted or is impacted in any significant way, then the DevOps pipelines running in the orchestrator are not affected. If a user were to rollback an application on the same system as the orchestrator it would cause significant problems.
Scale – A single Deployment Manager orchestrator instance can be used to manage multiple applications each of which will have their own environment stacks. Keeping the orchestrator separate will ensure that all the connectivity necessary between the different environments is handled only at the orchestrator and not between the dev environment
Ease of troubleshooting – It is easier to troubleshoot issues with pipelines if the devops environment is separate.