7.2.1.1. Launching with profiles

Using the previously created profiles, we can now launch the applications separately on two different machines:

airlock@internal.example.com

iam run -c /home/airlock/iam -i auth -p internal

external.example.com

iam run -c /home/airlock/iam -i auth -p external

Launching Multiple Profiles on the Same Machine

Launching multiple Airlock IAM profiles on one machine provides less isolation protection than using separate machines.

In order to launch multiple profiles on the same machine, it is necessary to change the web server port. In addition to configuring the iam.modules parameter, the ports for the connectors must be changed. By default both processes would try to bind to 8443 for HTTPS and 8080 for HTTP, which does not work. Different ports must be assigned to each profile.

If the machine has multiple network interfaces it is also possible to change the address from the default "0.0.0.0" to the IP address of the machine for a given network interface.