The Airlock IAM Docker image is compatible with any Docker host (engine + client) that is supported by Docker Inc.
It is also compatible with Docker Compose, Kubernetes, and OpenShift platforms.
- Further, this includes:
- Support for arbitrary user IDs.
- Environment variables for configuration. See Application parameters, Sandboxing with profiles.
- Logging to standard output. See Logging configuration.
For recommended hardware profiles see https://techzone.ergon.ch/hardware-iam.
Running IAM in a container on Windows or macOS (Docker Desktop) requires increasing the underlying VM's memory to at least 4 GB. This can be done in the Docker settings.
On Windows, all docker run commands should include the options --interactive --tty, or abbreviated -it, options to allocate an interactive terminal so that ctrl-c is correctly handled when trying to stop a container, otherwise containers may remain running in the background.
While running Airlock IAM on container orchestration platforms is supported, dynamic load balancing, where containers are dynamically created, is not supported at this time.
Airlock IAM containers are designed to run at all times. More information on Airlock IAM load balancing can be found in the Airlock Gateway documentation.
Airlock IAM Security Best Practices
Please review the documented Security best practices carefully. They apply to the underlying operating system, the Docker platform and the Airlock IAM application.