Sailpoint IIQ contains UI and Task servers. it can be hosted via various application servers. If you have deployment using Apache Tomcat, then below performance tuning parameters are for you.
Sailpoint IdentityIQ UI Server :
Create a file with name setenv.sh inside /tomcat/bin Directory:
# Begin settings to support SailPoint IdentityIQ application.
export CATALINA_OPTS=”$CATALINA_OPTS -Xms512m”
export CATALINA_OPTS=”$CATALINA_OPTS -Xmx4096m”
export CATALINA_OPTS=”$CATALINA_OPTS -XX:MaxGCPauseMillis=200″
export CATALINA_OPTS=”$CATALINA_OPTS -XX:+UseG1GC”
# Support time-out of LDAP pooled connections for 3 seconds to all LDAP servers.
export CATALINA_OPTS=”$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.timeout=3000″
export CATALINA_OPTS=”$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.protocol=’plain ssl'”
export CATALINA_OPTS=”$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.authentication=’none simple DIGEST-MD5′”
export CATALINA_OUT=/logs/tomcat/catalina.out
# -End- settings to support SailPoint IdentityIQ application.
export JAVA_OPTS=”$JAVA_OPTS -Dhttp.proxyHost=<proxy server>”
export JAVA_OPTS=”$JAVA_OPTS -Dhttp.proxyPort=<port>”
export JAVA_OPTS=”$JAVA_OPTS -Dhttp.nonProxyHosts=*.company.com\|abcd”
Task Server:
Create a file with name setenv.sh inside /tomcat/bin Directory:
# Begin settings to support SailPoint IdentityIQ application.
export CATALINA_OPTS=”$CATALINA_OPTS -Xms1024m”
export CATALINA_OPTS=”$CATALINA_OPTS -Xmx6144m”
export CATALINA_OPTS=”$CATALINA_OPTS -XX:+UseParallelGC”
# Support time-out of LDAP pooled connections for 3 seconds to all LDAP servers.
export CATALINA_OPTS=”$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.timeout=3000″
export CATALINA_OPTS=”$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.protocol=’plain ssl'”
export CATALINA_OPTS=”$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.authentication=’none simple DIGEST-MD5′”
export CATALINA_OUT=/logs/tomcat/catalina.out
# -End- settings to support SailPoint IdentityIQ application.
export JAVA_OPTS=”$JAVA_OPTS -Dhttp.proxyHost=<proxy server>”
export JAVA_OPTS=”$JAVA_OPTS -Dhttp.proxyPort=<port>”
export JAVA_OPTS=”$JAVA_OPTS -Dhttp.nonProxyHosts=*.company.com\|abcd”
All Servers:
Remove docs and examples directory from /apps/tomcat/webapps
Set tomcat/conf/tomcat-users.xml with proper username and password
Create Directory /logs/tomcat
Increase dataSourceMaxActive:
The iiq.properties file contains a property called maxConnections, which controls the maximum number of connections IIQ can open to the repository at any one time. The default is 50 connections, but most databases can handle many more times that many without seeing any detrimental side effects. I’ve used values up to 250 without seeing any problems. One thing to remember is that if you have multiple IIQ servers, make sure your database can accept the total number of connections from all of the servers.
open iiq.properties file and update the dataSourceMaxActive count from 50 to 250 or upto the load on the servers.
Designate UI and Task servers:
Some IIQ environments have multiple servers. It is often preferable to have some servers act as UI servers and others act as task servers. This is accomplished by setting the Task and Request service definitions to include only the names of the task servers. This ensures that users going to the UI servers don’t get a slow response because of back-end tasks like aggregations and refreshes are using system resources. This can help the response times for users. Since these values can be changed without having to restart IIQ, rules can be developed that switch UI to task servers and vice versa.
Setup partitioning: