Installation and upgrade
Hardware requirements
Recommended hardware profiles for Airlock IAM (valid for OS installation and deployment with Docker):
Minimum requirements | |
|---|---|
Minimum (for demo purposes) | 1 CPU 2.0 GHz |
Low Up to 5 logins/sec | 1 x 4-Core CPU 3.0 GHz |
Medium Up to 25 logins/sec | 2 x 8-Core CPU 3.0 GHz |
High Up to 100 logins/sec | 2 x 16-Core CPU 3.0 GHz |
Note that achieving higher performance with horizontal scaling is easy, as Airlock IAM is built for active/active setups.
The actual performance depends mainly on configured features, defined authentication processes, cryptographic parameters, and load from other functionalities, e.g., self-services, One-Shot authentication, OAuth token exchange, etc. The chosen password hashing typically has the greatest impact since password hashing algorithms are to use high computation costs.
The above table bases on the following assumptions:
- Password with a secure hash, such as scrypt, as the first factor.
- MTAN as the second factor.
- Airlock IAM performance tuning and scaling best practices are respected:
- Audit Log signing is switched off.
- The DB connection pool has a size of 16 and fits well with the performance of the DB server.
- Recommended DB indices have been created.
Quick start guide
- Check for installation requirements:
- see above hardware requirements
- get an IAM license
- Decide whether to install directly on Linux (Installation on a Linux host system) or to use Docker (IAM as Docker image).
- Download the corresponding package from https://techzone.ergon.ch/downloads/airlock-iam (requires an Airlock Techzone login)
- Install IAM according to the installation instructions mentioned above.
- Read Getting started after installation.
Detailed instructions
More detailed instructions on the installation and upgrading of Airlock IAM is available in the following chapters: