Requirements
This section covers the requirements for the Token Server. It's divided into the following subsections:
- Physical/Virtual Hardware Requirements
- Operating System Requirements
- Onegini user
- Folders
- Software Requirements
- Database Requirements
- Other Requirements
Physical/Virtual Hardware Requirements
The following requirements are the minimum to run the Onegini Token Server.
- CPU: 2 cores
- Memory: 4GB
- Disk: 40 GB
Operating System Requirements
RHEL/CentOS
Minimal: 7.0 - Recommended: 7.2
Other, but not tested
Docker supported Linux distributions
Onegini user
By default Docker runs as root inside the container. At the moment the Docker user
namespace is not supported yet.
To run the container as a different user you need to create a user with predefined uid and gid.
$ groupadd -r -g 5675 onegini && useradd -r -m -u 5675 -g onegini onegini
Folders
Most of the configuration and data are stored in the containers or database. But some small configuration or custom data can be mounted to the containers. There for the following folders are require.
Folder path | Purpose | Folder owner |
---|---|---|
/etc/msp | Onegini configuration folder | onegini:onegini |
/etc/msp/keystore | Token server keystore location | onegini:onegini |
/etc/msp/truststore | Token server truststore location | onegini:onegini |
/var/lib/msp/discovery | Discovery data folder | onegini:onegini |
/var/log/msp | Folder to store logfiles | onegini:onegini |
Software Requirements
Docker
To deploy the Onegini Token Server, you need a prepared Docker environment. Please follow the Docker installation guide from the Docker website.
Minimal: 1.8.2 - Recommended: 1.10.3
Compose
Compose is a tool for defining and running complex applications with Docker. With Compose, you define a multi-container application in a single file, then spin your application up in a single command which does everything that needs to be done to get it running. To install Docker Compose follow the guide on their website.
Minimal: 1.5.2 - Recommended: 1.7.0
Haveged
If the Onegini Token Server runs in a virtual environment you will need a tool to generate entropy. We advise to use Haveged. Entropy is required for strong encryption.
Minimal: 1.7c - Recommended: 1.9.1
Database Requirements
MySQL
Minimal version: 5.6 Recommended encoding: UTF-8 Unicode
Microsoft SQL
Minimal version: 2008 Recommended encoding: UTF-8 Unicode
Oracle Database
Minimal version: 11g Recommended encoding: UTF-8 Unicode
Other Requirements
- Working LDAP server
- Working network connection to the internet for 'Docker pull', 'Apple push' and 'Google push'