- 09 Oct 2024
- 2 Minutes to read
- DarkLight
- PDF
Prerequisites
- Updated on 09 Oct 2024
- 2 Minutes to read
- DarkLight
- PDF
Support for on-premises deployments, including those using Containers, ended on December 31, 2023.
For more information, please see our OneSpan Product Life Cycle page, and consult the OneSpan End of Life policy.
For any additional questions contact your Customer Service Representative.
This release of OneSpan Sign consists of Docker containers that run on Kubernetes. To download images of these containers, you need an internet connection.
The following sections describe the prerequisites required to use OneSpan Sign's containers:
Minimum Hardware Requirements
The following table lists the minimum RAM and CPU requirements for a healthy system:
Total | Memory (G) | # of CPUs |
---|---|---|
Components Alone | 36 | 15 |
DB Setup + initContainers | 6 | 6 |
Everything | 42 | 21 |
For more information on choosing appropriate RAM and CPU values, see Resource Management for Pods and Containers. For more information on customizing these resources, see Customizing Resource Requests and Limits.
Certified Components
The following hosted platform is certified:
Amazon's Elastic Kubernetes Service (EKS)
Foundational Infrastructure
The following foundational infrastructure is required.
Kubernetes
Any supported version of Kubernetes. For more information on supported Kubernetes versions, see Kubernetes Releases.
A conformant version of Kubernetes. For more information, see Software Conformance.
Access to a Kubernetes cluster. For more information, see Organizing Cluster Access Using kubeconfig Files.
A supported version of Helm. For more information about supported Helm versions and their release cycle, see Installing Helm.
Access to the OneSpan Sign Helm Repository.
Access to the OneSpan Sign component registry.
A functional default storage class that can provision RWO (ReadWriteOnce) volumes.
A functional storage class that can provision RWX (ReadWriteMany) volumes.
Storage
A storage class that supports RWO (ReadWriteOnce) volumes.
Networking
A functional ingress controller that routes to the https endpoint on our gateway. Note: The https redirect must happen before it reaches our gateway.
Supported Configurations
Orchestration & Deployment: Kubernetes + Helm
Hosting: AWS
Infrastructure Requirements
The following must be available:
A pre-existing database: For more information, see Database Requirements.
Email: To send and receive email, the containers need to access an SMTP/SES service. This is not provided by OneSpan Sign.
SMS: A Twilio account is needed to send SMS notifications.
Certificate Authority: If you are using a Certificate Authority not provided by OneSpan, you must provide OneSpan Sign with access to the issuing Certificate Authority.
Identify Provider (optional): If you are using Single Sign On (SSO), a SAML identity provider must be provided.
A Redis cluster (optional): This can enable faster session handling.
A Redis separate cluster (optional): If you are using a remote-signing authenticator (JTSP), a separate Redis cluster is required. Note: Testing for this was done using a Bitnami redis-cluster chart.
Database Requirements
Containers must have access to one of our supported databases. OneSpan Sign currently supports the following databases:
Oracle 19c
MySQL 5.7
MS SQL Server 2019 cumulative update 14
OneSpan Sign supports pre-configured external databases, provided they are among the supported databases.