Skip to main content
Console terminology: In the Maverics Console, Orchestrator instances and configuration delivery are managed through Deployments. When working directly with YAML, configuration is managed as files delivered via the -config flag or MAVERICS_CONFIG environment variable.

System Requirements

Before installing the Orchestrator, ensure your environment meets the minimum requirements for your chosen deployment method.

Hardware

  • CPU — 2+ cores recommended for production workloads
  • Memory — 512 MB minimum, 1 GB+ recommended
  • Disk — 100 MB for the binary, additional space for logs and cache

Software

  • Operating system — Linux (amd64, arm64), macOS (arm64), or Windows (amd64)
  • Network — Outbound HTTPS access for identity provider communication
  • TLS — Valid TLS certificates for production deployments

Download the Orchestrator

All Orchestrator downloads are available through the Maverics Console at maverics.strata.io. Downloads are accessed from within a Deployment — open any Deployment and use the Download Orchestrator Software modal.
The download experience is currently located inside Deployments rather than in the main Console navigation. To access the download modal, create or open a Deployment, then look for the download option in the Deployment detail view.

Evaluation Bundles

Evaluation bundles are pre-packaged Orchestrator bundles designed for quick proof-of-concept setups. They are available when you select Maverics storage as the configuration provider for your Deployment. Each bundle includes everything you need to start the Orchestrator locally and test identity workflows without additional infrastructure.
PlatformFileNotes
Windowsmaverics-evaluation.zipExtract and run
macOSmaverics-evaluation.tar.gzExtract and run
Linuxmaverics-evaluation.tar.gzExtract and run
Fastest path for new users: Create a Deployment with “Maverics storage” as the config provider, download the eval bundle for your platform, extract it, and run the Orchestrator binary. You will have a working instance in minutes.

Platform Installers

Platform installers are production-ready packages for deploying the Orchestrator to your infrastructure. The latest version is v2026.02.1 (released February 5, 2026). The Orchestrator is a stateless service that can be deployed on Linux, Windows, Docker, and optionally run on Kubernetes.
PlatformFileNotes
Windowsmaverics-orchestrator.msiRegisters as a Windows service with guided setup for configuration source, TLS certificates, and environment variables
macOSmaverics-orchestrator.zipStandalone binary archive
Red Hatmaverics-rhlinux.rpmRPM package for RHEL-based distributions
Ubuntu / Debianmaverics-package.debDEB package for Debian-based distributions
Dockermaverics-orchestrator.tarPre-built container image (load with docker load)
FIPS 140-3 Builds — The Orchestrator offers experimental FIPS-compliant builds using a FIPS 140-3 validated cryptographic module. See FIPS 140-3 Builds for current status, feature details, and availability.

Other Resources

ResourceFileDescription
Windows Client Authenticator AppWindowsClientAuthenticatorAppforMaveric.exeDesktop authenticator application for Windows environments
The Windows Client Authenticator App is also available from the Console download modal.

Deployment Guides

Linux, macOS & Windows

Platform-specific installation using RPM, DEB, MSI, or standalone binary

Docker

Load and run the Orchestrator as a container

Kubernetes (Helm)

Deploy to Kubernetes using the official Strata Helm chart

CLI Flags

The maverics binary accepts the following flags. All flags use single-dash format (Go flag package convention).
FlagTypeDefaultDescription
-configstring/etc/maverics/maverics.yamlConfiguration file path
-secretProviderstringSecret provider URL (e.g., hashivault://vault.example.com/secret/data/maverics)
-versionboolfalsePrint the Maverics version and exit
-verboseboolfalseEnable verbose (DEBUG) logging
Precedence: CLI flag > environment variable > default value. For example, -config /path/to/config.yaml overrides the MAVERICS_CONFIG environment variable, which overrides the default path.

Environment Variables

Environment variables provide an alternative to CLI flags for configuring the Orchestrator. This is particularly useful in containerized deployments where flags may not be practical.
VariablePurposeDefault
MAVERICS_CONFIGConfig file path (alternative to -config flag)
MAVERICS_SECRET_PROVIDERSecret provider URL
MAVERICS_DEBUG_MODEEnable DEBUG logging (true/false)
MAVERICS_HTTP_ADDRESSOverride HTTP server bind address

Post-Installation Verification

After installation, verify the Orchestrator is installed correctly and can start successfully. 
# Verify the binary is installed
maverics -version

# Start with a config file
maverics -config /etc/maverics/maverics.yaml

# Check the health endpoint (in another terminal)
curl -s https://localhost:9443/status
# Expected: {"status": "up"}
The health endpoint at /status returns a JSON response indicating the Orchestrator is running. The default listen address is 0.0.0.0:9443, configurable via the http.address setting in your YAML configuration.

Configuration

Configure the Orchestrator after installation

Getting Started

End-to-end quick-start guide