Recommended hardware profiles for Airlock IAM (valid for OS installation and deployment with Docker):
Profile | Minimum Requirements | Example |
Minimum (for demo purposes) |
1 CPU 2.0 GHz |
Virtual machine with 4GB RAM and a virtual 10 GB disk |
Small Up to 5 logins/sec |
1 x 4-Core CPU 3.0 GHz |
Virtual machine with 4 vCPUs, 6 GB RAM, and a virtual 80 GB disk HP ProLiant DL20 Gen9 |
Medium Up to 25 logins/sec |
2 x 8-Core CPU 3.0 GHz |
HP ProLiant DL360 Gen10 or equivalent virtual machine |
Large Up to 100 logins/sec |
2 x 16-Core CPU 3.0 GHz |
HP ProLiant DL360 Gen10 or equivalent virtual machine |
Please note that it is very easy to achieve higher performance with horizontal scaling as Airlock IAM is built for active/active setups.
The actual performance depends very much on configured features, defined authentication processes, cryptographic parameters, and load from other functionalities, e.g. self-services, One-Shot authentication, OAuth token exchange, etc. The chosen password hashing has typically the greatest impact since good password hashing algorithms are designed to use high computation costs. The above table bases on the following assumptions:
Airlock IAM scales well with the number of CPUs and cores. However, CPU threads won't help, since the system is CPU-bound (scrypt). CPU threads are beneficial if a CPU core has to wait for I/O.
Please refer to the version-specific Airlock IAM documentation.
The chosen data layer has to be well managed and monitored. IAM is not responsible for the operation and backup/recovery. For productive usage, the data layer should be clustered.
Please refer to the version-specific Airlock IAM documentation.