Installation and upgrade

Hardware requirements

Recommended hardware profiles for Airlock IAM (valid for OS installation and deployment with Docker):

Profile

Minimum Requirements

Example

Minimum (for demo purposes)

1 CPU 2.0 GHz
4 GB RAM

Virtual machine with 4GB RAM and a virtual 10 GB disk

Small

Up to 5 logins/sec

1 x 4-Core CPU 3.0 GHz
8 GB RAM
80 GB Diskspace

Virtual machine with 4 vCPUs, 6 GB RAM, and a virtual 80 GB disk

HP ProLiant DL20 Gen9
1 x 4-Core Xeon (E3-1240v5) CPU 3.5G - 3.9 Hz
8 GB RAM

Medium

Up to 25 logins/sec

2 x 8-Core CPU 3.0 GHz
16 GB RAM
400 GB Diskspace

HP ProLiant DL360 Gen10
2 x 10-Core Xeon (4114) CPU 2.2 - 3.0 GHz
16 GB RAM

or equivalent virtual machine

Large

Up to 100 logins/sec

2 x 16-Core CPU 3.0 GHz
32 GB RAM
1 TB Diskspace

HP ProLiant DL360 Gen10
2 x 18-Core Xeon (6140) CPU 2.3 - 3.7 GHz
32 GB RAM

or equivalent virtual machine

 
Info

Note that achieving higher performance with horizontal scaling is easy, as Airlock IAM is built for active/active setups.

The actual performance depends mainly on configured features, defined authentication processes, cryptographic parameters, and load from other functionalities, e.g., self-services, One-Shot authentication, OAuth token exchange, etc. The chosen password hashing typically has the greatest impact since password hashing algorithms are to use high computation costs.

The above table bases on the following assumptions:

  • Password with scrypt hashes as the first factor.
  • MTAN as the second factor.
  • Airlock IAM performance tuning and scaling best practices are respected:
    • Audit Log signing is switched off.
    • The DB connection pool has a size of 16 and fits well with the performance of the DB server.
    • Recommended DB indices have been created.

Quick start guide

  1. Check for installation requirements:
    • see above hardware requirements
    • get an IAM license
  3. Decide whether to install directly on Linux (Installation on a Linux host system) or to use Docker (IAM as Docker image).
  4. Download the corresponding package from https://techzone.ergon.ch/downloads/airlock-iam (requires an Airlock Techzone login)
  5. Install IAM according to the installation instructions mentioned above.
  6. Read Getting started after installation.

Detailed instructions

More detailed instructions on the installation and upgrading of Airlock IAM is available in the following chapters: