# Installing OpenIAM in RPM environment

{% hint style="info" %}
The instructions below are valid for all OpenIAM v4.2.2.x deployments on CentOS 9 Stream, Red Hat Enterprise Linux (RHEL) 9 and related distributions such as Rocky Linux 9 and Alma Linux 9.
{% endhint %}

OpenIAM provides an RPM distribution which includes all the dependencies and MariaDB to simplify the installation process. The completeness of the RPM file also enables deployments in locked-down environments where there is no network. The Oracle, SQL Server, and PostgreSQL databases are not included in the distribution.

You may download CentOS or RHEL from the following locations.

<table><thead><tr><th width="170">Operating System</th><th>URL</th></tr></thead><tbody><tr><td>CentOS 9</td><td>https://www.centos.org/download/</td></tr><tr><td>RHEL</td><td>https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux</td></tr></tbody></table>

The installation instructions below require `root` level privileges on the host where OpenIAM will be deployed. The person or team installing OpenIAM **must** be familiar with the RHEL operating system, databases and services.

{% hint style="info" %}
*The procedures described in this guide **must** be performed in the order that they have been presented below.*
{% endhint %}

### Minimum system requirements

For non-production use, the Linux Host or VM **must** have the following `minimum` configuration:

<table><thead><tr><th width="142.66668701171875">Configuration</th><th width="155">Non-Production</th><th>Production (may increase based on sizing)</th></tr></thead><tbody><tr><td>Memory</td><td>48 GB</td><td>64 GB</td></tr><tr><td>CPU</td><td>8 CPUs</td><td>12 CPUs</td></tr><tr><td>Disk</td><td>80 GB</td><td>200 GB</td></tr></tbody></table>

{% hint style="info" %}
Please ensure that your environment is aligned with the minimum system requirements described above. These parameters are **not optional**. OpenIAM will not start if system resources are below the minimum levels.
{% endhint %}

**For production use**: Customers with active subscriptions and partners should contact OpenIAM Support (<techsupport@openiam.com>) for assistance with sizing requirements.

### Software requirements

<table><thead><tr><th width="188" valign="top">Specification</th><th valign="top">Requirement</th></tr></thead><tbody><tr><td valign="top">OS</td><td valign="top">Centos8/Centos9/RHEL8/RHEL9/RockyLinux8/RockyLinux9</td></tr><tr><td valign="top">Supported browsers</td><td valign="top">Google Chrome (v89.0.4389.114 and later), Microsoft Edge, Mozilla Firefox (v87 and later).</td></tr></tbody></table>

{% hint style="info" %}
Internet Explorer (IE) is not supported.
{% endhint %}

Infrastructure components, compatible with the current version of OpenIAM:

```
OPENSEARCH_VERSION="2.19.1"
ELASTICSEARCH_VERSION="7.17.26"
ERLANG_VERSION="26.2.5.15"
RABBITMQ_VERSION="4.1.6"
HTTPD_VERSION="2.4.63"
TOMCAT_VERSION="9.0.111"
VAULT_VERSION="1.18.1"
MEDUSA_VERSION="0.7.2"
CONSUL_VERSION="1.20.5"
FLYWAY_VERSION="10.22.0"
JANUSGRAPH_VERSION="1.1.0"
MARIADB_VERSION="11.7.2"
PROMETHEUS_VERSION="3.5.0"
```

#### Validate your environment

Log in to your VM as `root` or a privileged user.

* To check the CPUs on your VM use: `lscpu`
* To check the memory on your VM use: `free -m`

{% hint style="info" %}
*The result of each of these commands **MUST** align with the above minimum requirements.* *For sizing assistance for a production deployment, either open a support ticket or contact your OpenIAM point of contact.*
{% endhint %}

Example of output from the above command.

```
[root@li1262-180 ~]# lscpu
Architecture:             x86_64
  CPU op-mode(s):         32-bit, 64-bit
  Address sizes:          48 bits physical, 48 bits virtual
  Byte Order:             Little Endian
CPU(s):                   16
  On-line CPU(s) list:    0-15
Vendor ID:                AuthenticAMD
  BIOS Vendor ID:         QEMU
  Model name:             AMD EPYC 7713 64-Core Processor
    BIOS Model name:      pc-q35-7.2
    CPU family:           25
    Model:                1
    Thread(s) per core:   1
    Core(s) per socket:   16
    Socket(s):            1
    Stepping:             1
    BogoMIPS:             3999.99
    Flags:                fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse ss
                          e2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm rep_good nopl cpuid extd_apicid tsc_known_fr
                          eq pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes x
                          save avx f16c rdrand hypervisor lahf_lm cmp_legacy cr8_legacy abm sse4a misalignsse 3dnowprefet
                          ch osvw perfctr_core ssbd ibrs ibpb stibp vmmcall fsgsbase tsc_adjust bmi1 avx2 smep bmi2 rdsee
                          d adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves clzero xsaveerptr wbnoinvd ara
                          t umip pku ospke vaes vpclmulqdq rdpid arch_capabilities


[root@li1262-180 ~]# free -m
               total        used        free      shared  buff/cache   available
Mem:           64300         847       63754          16         314       63452
Swap:            511           0         511

[root@li1262-180 ~]#
```

You may also run the following supporting commands to prepare the system for installation.

The command to check the VM operating system is as follows.

```bash
cat /etc/os-release
```

Example of output from the above command.

```
VERSION="9.5 (Blue Onyx)"
ID="rocky"
ID_LIKE="rhel centos fedora"
VERSION_ID="9.5"
PLATFORM_ID="platform:el9"
PRETTY_NAME="Rocky Linux 9.5 (Blue Onyx)"
ANSI_COLOR="0;32"
LOGO="fedora-logo-icon"
CPE_NAME="cpe:/o:rocky:rocky:9::baseos"
HOME_URL="https://rockylinux.org/"
VENDOR_NAME="RESF"
VENDOR_URL="https://resf.org/"
BUG_REPORT_URL="https://bugs.rockylinux.org/"
SUPPORT_END="2032-05-31"
ROCKY_SUPPORT_PRODUCT="Rocky-Linux-9"
ROCKY_SUPPORT_PRODUCT_VERSION="9.5"
REDHAT_SUPPORT_PRODUCT="Rocky Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="9.5"
```

Get system disk space with

```bash
df -H
```

Example of output from the above command.

```
Filesystem           Size  Used Avail Use% Mounted on
devtmpfs              17G     0   17G   0% /dev
tmpfs                 17G     0   17G   0% /dev/shm
tmpfs                 17G  8.9M   17G   1% /run
tmpfs                 17G     0   17G   0% /sys/fs/cgroup
/dev/mapper/cs-root   52G  2.4G   49G   5% /
/dev/mapper/cs-home   25G  209M   25G   1% /home
/dev/sda1            1.1G  295M  769M  28% /boot
tmpfs                3.4G     0  3.4G   0% /run/user/0
```

`vi` editor commands:

```
to edit -- type i
to escape -- hit esc
to save and quit -- type :wq
```

## Prepare the host system for installation

The OpenIAM application requires a few configurations to be performed prior to installing the application. These steps are described below.

### SSH into your VM

To `ssh` into your newly created VM, follow the steps below:

{% stepper %}
{% step %}

### Get the IP address of your VM

You can get the VM IP address using:

```bash
ip addr
```

{% endstep %}

{% step %}

### SSH to the Linux host

Use a tool such as PuTTY or the terminal window on macOS and SSH to this Linux host.

```bash
ssh [username]@[IP address of your VM]
```

Example:

```bash
ssh root@172.16.101.128
```

{% endstep %}
{% endstepper %}

### Install required packages

Before installing OpenIAM, please execute the commands below to install the required packages. If you have already logged in as `root`, you do not need to prefix them with `sudo`. If you have used another account, then you need to use `sudo`.

| Description | Command CentOS 9+ |
| ----------- | ----------------- |
| Install tar | `dnf install tar` |

### Next steps

* [Install with Internet Access](/installing-openiam/installing-openiam-with-internet-access.md)
* [Install without Internet Access](/installing-openiam/installing-openiam-without-internet-access.md)

### Directory structure

Below, you can see the location and structure of the OpenIAM installation. By default, the application is installed at: **/usr/local/openiam**. Within this directory, files are organized into the following subdirectories.

<table><thead><tr><th width="180.66668701171875" align="center">Directory</th><th>Description</th></tr></thead><tbody><tr><td align="center"><code>conf/</code></td><td><p>Contains configuration-related files and subdirectories:</p><ul><li><code>iamscripts/</code>. Predefined Groovy scripts.</li><li><code>activiti/</code>. Predefined Activiti workflow templates.</li><li><code>device/</code>. Configuration files for push notification service integration used by the OpenIAM mobile application.</li><li><code>properties/</code>. Property files for database connectivity, OpenSearch, Redis, Vault, and other configurations.</li><li><code>schema/</code>. SQL files defining the database schema, used by Flyway.</li></ul></td></tr><tr><td align="center"><code>connectors/</code></td><td>Scripts to start and stop locally installed connectors.</td></tr><tr><td align="center"><code>env.conf</code></td><td>Configuration file defining system-level settings.</td></tr><tr><td align="center"><code>flyway/</code></td><td>Contains Flyway-related configurations and database drivers for schema versioning.</td></tr><tr><td align="center"><code>health/</code></td><td>Stores the output of health check operations for OpenIAM services.</td></tr><tr><td align="center"><code>janusgraph/</code></td><td>Installation directory for JanusGraph.</td></tr><tr><td align="center"><code>jdk/</code></td><td>Java Development Kit (JDK) used by OpenIAM and other services.</td></tr><tr><td align="center"><code>logs/</code></td><td>Stores log files generated by OpenIAM services.</td></tr><tr><td align="center"><code>openiamrepo/</code></td><td>Contains RPM packages for OpenIAM components.</td></tr><tr><td align="center"><code>services/</code></td><td>JAR files for OpenIAM services, along with utilities to start and stop them.</td></tr><tr><td align="center"><code>source-adapters/</code></td><td>Scripts to start and stop source adapters.</td></tr><tr><td align="center"><code>ui/</code></td><td>Files and configurations related to the OpenIAM UI, including Tomcat, IdP, Self-Service, Web Console, and more.</td></tr><tr><td align="center"><code>upload/</code></td><td>Storage location for uploaded files.</td></tr><tr><td align="center"><code>utils/</code></td><td>Utilities for managing OpenIAM infrastructure components.</td></tr><tr><td align="center"><code>vault/</code></td><td>Contains policy files and certificates used by Vault.</td></tr><tr><td align="center"><code>version</code></td><td>File containing the installed version of OpenIAM.</td></tr></tbody></table>

{% hint style="info" %}
To track the current installation logs, please refer to the **init.log** file located in the following directory: **/usr/local/openiam/init.log**.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs-beta.openiam.com/installing-openiam/installing-openiam-in-rpm-environment.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.