On Срд, 27 жні 2025, Jonathan Aquilina wrote:
Good Morning Alexander,
Thanks for the below. I do not need the AD side of things as I have
nothing on prem. This is more to run on a vm on my proxmox server for
other authentication on other vm's.
Removing the AD side of things, does that change anything in terms of
the system requirements or not really?
You have all the details in my response. It is up to you to make your
decisions because you basically haven't provided any information about
constraints you have (RAM, CPU, etc.). Squeezing RAM and CPU further
down for a domain controller installation is hardly an effective way of
getting stable and predictable environment.
Regards,
Jonathan
-----Original Message-----
From: Alexander Bokovoy <[email protected]>
Sent: 26 August 2025 19:14
To: FreeIPA users list <[email protected]>
Cc: Jonathan Aquilina <[email protected]>
Subject: Re: [Freeipa-users] system requirements
On Аўт, 26 жні 2025, Jonathan Aquilina via FreeIPA-users wrote:
Good Afternoon,
What are the minimum requirements to run freeipa? I am looking at
implementing this on some internal infrastructure in terms of bare
metal servers running in a vm that is setup and managed by proxmox.
Official documentation guidelines:
https://link.edgepilot.com/s/c4ec2deb/bBwcQj5kNUeFjkaKj7Tkww?u=https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/installing_identity_management/preparing-the-system-for-ipa-server-installation_installing-identity-management%23hardware-recomendations_preparing-the-system-for-ipa-server-installation
Absolute minimum is around 2-3GB RAM for a deployment with integrated CA, DNS,
and a domain controller for AD/Samba services. This will be a slow setup.
You can see our gating definitions in
ipatests/prci_definitions/gating.yaml, they are for one giant VM that hosts
nested VMs of the deployed test machines.
master_1repl: &master_1repl
name: master_1repl
cpu: 4
memory: 6750
master_1repl_1client: &master_1repl_1client
name: master_1repl_1client
cpu: 4
memory: 8000
master_2repl_1client: &master_2repl_1client
name: master_2repl_1client
cpu: 5
memory: 10750
ad_master_2client: &ad_master_2client
name: ad_master_2client
cpu: 4
memory: 10596
adroot_adchild_adtree_master_1client: &adroot_adchild_adtree_master_1client
name: adroot_adchild_adtree_master_1client
cpu: 8
memory: 14466
ipaserver: &ipaserver
name: ipaserver
cpu: 2
memory: 2750
For example, a single IPA server above (ipaserver definition) is 2.75GB RAM,
this is for small number of users and groups to test.
For a small lab I'd suggest 8GB RAM, 2-4 CPUs. Disk space available is
typically less relevant once you have 10-20GB available for the VM.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering Red Hat Limited, Finland
Links contained in this email have been replaced. If you click on a link in the
email above, the link will be analyzed for known threats. If a known threat is
found, you will not be able to proceed to the destination. If suspicious
content is detected, you will see a warning.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
