Single VM Install

The instructions below are valid for all OpenIAM v4.2.1.3.x deployments on CentOS 8 Stream and Red Hat Enterprise Linux (RHEL) 8.5

This section describes how to install OpenIAM on either CentOS 8 Stream / RedHat Enterprise Linux (RHEL) 8.5+ using a RPM distribution.

OpenIAM provides a RPM distribution which includes all of the dependencies except for the database and system tools to simplify the installation process. The completeness of the RPM file also enables deployments in locked down environments where there is no network.

You may download CentOS or RHEL from the following locations:

Operating SystemURL
CentOS 8 streamhttp://mirror.math.princeton.edu/pub/centos/8.2.2004/isos/x86_64/
RHEL 8.5https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux

The installation instructions below require root level privileges on the host where OpenIAM will be deployed. The person or team installing OpenIAM must be familiar with the CentOS/RHEL operating system, databases and services.

The procedures described in this guide must be performed in the order that they have been presented below.

Minimum System requirements

For non-production use, the Linux Host or VM must have the following minimum configuration:

ConfigurationNon-ProductionProduction
Memory48 GB64 GB
CPU8 CPUs12 CPUs
Disk80 GBs200 GB

Validate your environment

Login to your VM as root or a privileged user. To check the CPUs on your VM use: lscpu To the memory on your VM use: free -m

The result of each of these commands MUST align with the above minimum requirements. For sizing assistance for a production deployment, either open a support ticket or contact your OpenIAM point of contact.

Example of output form the above command:

[root@li1262-180 ~]# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 8
On-line CPU(s) list: 0-7
Thread(s) per core: 1
Core(s) per socket: 1
Socket(s): 8
NUMA node(s): 1
Vendor ID: AuthenticAMD
BIOS Vendor ID: QEMU
CPU family: 23
Model: 1
Model name: AMD EPYC 7601 32-Core Processor
BIOS Model name: pc-q35-3.1
Stepping: 2
CPU MHz: 2199.994
BogoMIPS: 4399.98
Hypervisor vendor: KVM
Virtualization type: full
L1d cache: 64K
L1i cache: 64K
L2 cache: 512K
L3 cache: 16384K
NUMA node0 CPU(s): 0-7
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm rep_good nopl cpuid extd_apicid tsc_known_freq pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core ssbd ibpb vmmcall fsgsbase tsc_adjust bmi1 avx2 smep bmi2 rdseed adx smap clflushopt sha_ni xsaveopt xsavec xgetbv1 xsaves virt_ssbd arat
[root@li1262-180 ~]# free -m
total used free shared buff/cache available
Mem: 31959 221 31473 16 264 31341
Swap: 511 0 511
[root@li1262-180 ~]#

SSH into your VM

To ssh into your newly created VM, follow the steps below: a) First get the IP address of your VM. You can do this using:

ip addr

b) Next use a tool such Putty or the terminal window on Mac and SSH to this linux host:

ssh [username]@[IP address of your VM]

Example: ssh root@172.16.101.128

Prepare the host system for installation

The OpenIAM application requires a few configurations to be performed prior to installing the application. These steps are described below.

Install required packages

Before installing OpenIAM, please execute the commands below to install the required packages. If you have already logged in as “root”, you do not need to prefix them with “sudo”. If you have used another account, then you need to use “sudo”

DescriptionCommand CentOS 8+Command CentOS 7+
Install tardnf install taryum install tar

tar utility. It is usually included in el7 CentOS, but not in el8.

Modifying file descriptor limits for RabbitMQ.

OpenIAM uses RabbitMQ for messaging. Most of the services in OpenIAM communicate with each other using this message. RabbitMQ requires file descriptor limits which are much higher than the default limits found on many Linux distributions.

Note: OpenIAM requires RabbitMQ version from 3.8.x. Please use the RabbitMQ which has been provided with the distribution.

By default, CentOS and RHEL, set a soft limit (the current allowed) of 1024 file descriptors and a hard limit (the maximum allowed) of 4096 file descriptors for each user. These limits are inadequate for using RabbitMQ in an OpenIAM deployment. A soft limit of 1024 open file descriptors can cause the RabbitMQ service to quickly run out of allocated files, preventing the operating system from accepting new connections.

Perform the following steps to increase limits for file descriptors:

  1. Open a command terminal and log in as the root user or use sudo to gain super user privileges
  2. Edit the /etc/pam.d/login file using an editor such as nano or vi.
sudo nano /etc/pam.d/login
  1. Add the following line at the end of of the file and then save. If you are using nano, use [Ctrl+x] to save:
session required pam_limits.so
  1. Next, edit the /etc/security/limits.conf file
  2. Add the following lines to the end of the file and then save, using [Ctrl+x]
* soft nofile 65536
* hard nofile 65536
  1. Restart the system for the new settings to take effect.
sudo reboot -h 0
  1. Verify the new limits by opening a command terminal and typing the following command:
ulimit -n

The system should respond with 65536

You may also run the following supporting commands to prepare the system for installation.

Command to check VM Operating System:

cat /etc/os-release

Example of output form the above command

NAME="CentOS Stream"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Stream 8"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_SUPPORT_PRODUCT_VERSION="CentOS Stream"

Command to get system disk space:

#df -H

Example of output form the above command:

Filesystem Size Used Avail Use% Mounted on
devtmpfs 17G 0 17G 0% /dev
tmpfs 17G 0 17G 0% /dev/shm
tmpfs 17G 8.9M 17G 1% /run
tmpfs 17G 0 17G 0% /sys/fs/cgroup
/dev/mapper/cs-root 52G 2.4G 49G 5% /
/dev/mapper/cs-home 25G 209M 25G 1% /home
/dev/sda1 1.1G 295M 769M 28% /boot
tmpfs 3.4G 0 3.4G 0% /run/user/0

vi editor commands:

to edit -- type i
to escape -- hit esc
to save and quit -- type :wq

Next steps