Before you start
Autonomous Identity server software requires the following hardware, storage, and operating system requirements to run in your production environment. Autonomous Identity’s flexible architecture runs in a variety of network environments: on-prem, cloud, multi-cloud, and hybrid.
All production systems differ in many ways. Please discuss with your ForgeRock Professional Services, installers, or partner representatives about your environment specifics. |
ForgeRock Google Cloud registry key
You deploy Autonomous Identity using a Docker image that pulls other dependent images from the ForgeRock Google Cloud Registry (gcr.io) repository and installs the components on a target node.
For specific instructions on obtaining the registry key, see How To Configure Service Credentials (Push Auth, Docker) in Backstage.
Hardware and memory requirements
Autonomous Identity has a number of components that include application, data, and analytics servers, which are all included in the Docker images. The minimum hardware and memory requirements for a single-node target and a separate deployer machine are as follows:
Vendor | Versions |
---|---|
Deployer Node |
32 GB RAM, 8 CPU |
Analytics (Target) Node |
64 GB RAM, 16 CPU |
Storage requirements
Autonomous Identity has a number of components that include application, data, and analytics servers, which are all included in the Docker images. The minimum storage requirements for a single-node deployment are as follows:
Autonomous Identity requires the following minimum storage requirements:
Type | Size |
---|---|
Data Storage |
500 GB (minimum), 1 TB (production) |
Operating systems requirements
Autonomous Identity is supported on the following operating system:
Vendor | Versions |
---|---|
CentOS |
7.0 |
Redhat Enterprise Linux |
7.0 |
Cloud services requirements
Autonomous Identity has been successfully deployed on the following cloud services:
Vendor | Versions |
---|---|
Google Cloud Platform (GCP) |
Latest |
Amazon Web Services (AWS) standard Elastic File System (EFS) shared drive |
Latest |
Java requirements
Autonomous Identity software supports the following Java version:
Vendor | Versions |
---|---|
OpenJDK |
8u262 |
Third-party software
Autonomous Identity uses the following third-party software in the deployment.
You do not need to pre-install these components in your environment. The Autonomous Identity deployer installs these components.
Component | Version | Usage |
---|---|---|
Python |
3.6 |
Scripts |
Docker CE |
20.10.7 |
Container cluster management |
Apache Cassandra |
3.11.2 |
Database for all Autonomous Identity services |
Apache Spark |
3.1 |
Cluster to run Autonomous Identity analytics |
Apache Livy |
0.8.0-incubating |
REST interface to Spark master to run Autonomous Identity analytics |
Mongo DB |
4.4 |
Database for all Autonomous Identity services |
HashiCorp Consul |
1.7 |
Service discovery and configuration server |
nginx |
1.18 |
Reverse proxy for routing HTTPS traffic |
Open Distro for Elasticsearch |
1.9 |
Distributed, open source search engine for all data types. |
Supported browsers
Autonomous Identity supports the following browsers:
Vendor | Versions |
---|---|
Google Chrome |
version 85.0.4183.121 and higher |
Mozilla Firefox |
version 86.0.1 and higher |
Autonomous Identity ports
Autonomous Identity uses the following ports:
Port | Protocol | Machine | Source | Description |
---|---|---|---|---|
2377 |
TCP |
Docker managers |
Docker managers and nodes |
Communication between the nodes of a Docker swarm cluster |
7946 |
TCP/UDP |
Docker managers and workers |
Docker managers and workers |
Communication among nodes for container network discovery |
4789 |
UDP |
Docker managers and workers |
Docker managers and workers |
Overlay network traffic |
7001 |
TCP |
Cassandra |
Cassandra nodes |
Internode communication |
9042 |
TCP |
Cassandra |
Cassandra nodes, Docker managers and nodes |
CQL native transport |
27017 |
TCP |
MongoDB |
MongoDB nodes, Docker managers and nodes |
Default ports for mongod and mongos instances |
9200 |
TCP |
Open Distro for Elasticsearch |
Docker managers and nodes |
Elasticsearch REST API endpoint |
7077 |
TCP |
Spark master |
Spark workers |
Spark master internode communication port |
40040-40045 |
TCP |
Spark Master |
Spark Workers |
Spark driver ports for Spark workers to callback |
443 |
TCP |
Docker managers |
User’s browsers/API clients |
Port to access the dashboard and API |
10081 |
TCP |
Docker managers |
User’s browsers/API clients |
Port for the JAS service. |