Installation with installer script
We recommended using the shell script installer as it is the quickest way to install Airlock IAM and follows our conventions by default.
- Download the Airlock IAM installer script from Airlock Techzone. The latest Airlock IAM installer (
airlock-iam-installer-<version>.sh) can be downloaded after log-in from:
https://techzone.ergon.ch/downloads/airlock-iam - Transfer the script to the target host.
- Make the script executable:
chmod u+x ./airlock-iam-installer-<release_version>.sh - Run the installer as root using
su #/sudo su:./airlock-iam-installer-<release_version>.sh - The installer will print a preview of what the installation will do and wait for confirmation.
- Once the installer has finished, switch to the
airlockuser and start using the CLI: - Terminal box
su - airlock # Switch to user "airlock" (must be run as "root") iam --help # Display usage/help and list available subcommands iam init --help # Display usage/help for the "init" subcommand iam init --analytics LICENSE_DATA --instance test # Create new instance named "test", enable license analytics
- Notice
As of IAM 8.5, the IAM license and analytics feature is mandatory. If it is not configured, configuration activation will fail. The IAM CLI is used to configure the analytics plugin, during the
init,reset, andupgradeoperations, as shown in the sample commands above.When you run any of these operations, you must include the
-aor--analyticscommand line option. You have two choices:- To enable license analytics, use:
--analytics LICENSE_DATA - To enable usage analytics, use
--analytics USAGE_DATA
Note that IAM will always transmit license analytics data to the Airlock cloud service. Usage analytics data, however, is transmitted only if you explicitly enable it. For more information, see License and usage analytics .
- To enable license analytics, use:
In summary, the following actions will be performed:
- The Airlock IAM distribution will be installed to
/opt/airlock-iam-<version>/and linked to/opt/airlock-iam/. - The default user is named
airlock. If the user does not exist, a new user will be created. - A configuration root directory will be created in the user's home. By default, this will be
/home/airlock/iam. - In the configuration directory, a default instance named
authwill be created. - The application-level configuration file will be
/home/airlock/iam/instances/auth/instance.properties. See also Application parameters.
- In the configuration directory, a default instance named
- Bash integration will be installed to
~/.bashrc, including bash auto/tab completion~/.bash_completion.d/. By default, those files will be in/home/airlock. - The PATH will allow the
iamcommand to be typed directly instead of/opt/airlock-iam/bin/iam. - The default
IAM_CONFIG_ROOTwill be set to/home/airlock/iam.
- The PATH will allow the
- CLI will automatically add and configure either the License Analytics plugin or the Usage Analytics plugin, based on the value of the command line option
-a/--analytics.
Installer customization options
To see all available customization options, run the installer with the -h option:
./airlock-iam-installer-<release_version>.sh -h
The installer can run without interaction/confirmation for automation and scripting, with the -f option.
Unattended installation:
The installation target, configuration directories, and user name can be configured. Run the installer with the -h/--help option to see all available customization options.