Deployment with packages
IAM can be deployed from packages on the CentOS 7 platform. Packages and repo files are hosted on the INDIGO IAM package repository.
Warning
We no longer maintain packages for the Ubuntu platform.CENTOS 7
- Install the INDIGO IAM release key:
$ sudo rpm --import https://indigo-iam.github.io/repo/gpgkeys/indigo-iam-release.pub.gpg
- Install the repo files:
$ sudo yum-config-manager --add-repo https://indigo-iam.github.io/repo/repofiles/rhel/indigoiam-stable-el7.repo
- Install packages:
$ sudo yum makecache
$ sudo yum install -y iam-login-service
IAM service configuration
The IAM service is configured via a configuration file named iam-login-service
which holds the settings for the environment variables that drive its
configuration (as described in the configuration reference
section).
The file is located in the following path:
/etc/sysconfig/iam-login-service
Run the service
The IAM login service is managed by systemd.
To enable the service use the following command:
$ sudo systemctl enable iam-login-service
To start the service use the following command:
$ sudo systemctl start iam-login-service
To access the service logs, use the following command:
$ sudo journalctl -fu iam-login-service
Deployment Tips
In headless servers, running haveged daemon is recommended to generate more entropy.
Before running the IAM login service, check the available entropy with:
$ cat /proc/sys/kernel/random/entropy_avail
If the obtained value is less than 1000, then haveged daemon is mandatory.
Install EPEL repository:
$ sudo yum install -y epel-release
Install Haveged:
$ sudo yum install -y haveged
Enable and run the haveged daemon with:
$ sudo systemctl enable haveged
$ sudo systemctl start haveged