Skip to main content

System Requirements

The IQ Server should be deployed on dedicated hardware where the specific requirements depend on the deployment architecture, the primary usage patterns, and the scale of deployment. The following guidelines may differ from your requirements.

Development, test, or evaluation deployments can be scaled smaller than these recommendations and will continue to function, though performance degradation may be observed.

Sonatype offers a managed cloud option. Visit our sales page for details.

Installation Requirements




We recommend at least 8 CPU cores and 16 GB of RAM. A minimum of 6GB of process space should be available. Additional RAM will improve the performance due to decreased disk caching. Deployments with 100 applications or more should be prepared to increase OS resources to 16 CPU cores and 32 GB of RAM.

Examples: Dual Intel Xeon E5620 with 2.4Ghz, 12M Cache, 5.86 GT/s QPI, Turbo, HT

See Estimating Heap Sizes.

Supported CPU Architectures

Intel 64-bit (x86_64)

AMD 64-bit (x86_64)

Arm 64-bit (aarch64)


Lifecycle is preinstalled with an in-memory H2 database suitable for deployments with less than 100 applications.

For larger instances (>10GB), configure to use an external PostgreSQL database or a PostgreSQL-compatible service on a low latency network.


Postgres is required to for SBOM Manager deployments

  • version 10.7 or newer

  • minimum 8 CPU cores and 32GB of RAM

PostgreSQL Database duplicate key value error

After upgrading the PostgreSQL host operating system you may see exceptions with a specific message reporting duplicate key value violations. Refer to the support article "PostgreSQL Index Corruption - duplicate key violation errors" for details on remediating the issue.


We strongly advise against operating Lifecycle with an embedded database within container orchestration environments like Kubernetes. Doing so can lead to severe data corruption.


We recommend starting with 500 GB to 1 TB of free disk space. Storage requirements range with the number of applications and the frequency of reports being generated.

Use Data Retention to keep resource requirements within this range.

H2: The internal H2 database is I/O intensive and disk speed considerably affects performance. We recommend using local drives or SAN usage.

Usage of network-mapped storage via NFS or GlusterFS is not supported.

Consider the I/O load when running in a virtual environment and avoid running other services on the same host.

PostgreSQL: Deployments configured for PostgreSQL may use network storage via NFSv4.1 or similar e.g. AWS EFS.

NFS example: -o vers=4.2, noatime, nodiratime, rsize=1048576, wsize=1048576, timeo=600, retrans=2

Operating Systems
  • Servers that run a supported Sun/Oracle Java or OpenJDK.

  • Linux (commonly available distros)

User Account

It is recommended that an unprivileged service account be created if running as a daemon.



443 TCP to : Secure access to Sonatype Data Services. This hostname and port are not configurable.

Sonatype Data Services must be reachable on the following URL:



8070 TCP: Main HTTP access port used by all clients. The default connector is HTTP, binding to all interfaces on port 8070.

See Configuring Inbound Traffic

8071 TCP: HTTP access for monitoring tools for monitoring and operational functions. The default connector is HTTP, binding to all interfaces on port 8071.

See Operational Menu

Supported Java Versions

Release 175 and later: Java 17

Release 89 and later:

Java 8 and 11 are supported.

Versions of Java 11 older than 11.0.3 are known to have incompatibility issues and should be avoided.

Prior to release 88: The latest available Java 8 is supported.

OpenJDK 8 and 11 are supported in release 63 and later.

Larger Java heap sizes will increase performance and stability. For initial deployments, set the maximum heap size to half of the capacity of your OS RAM with -xmx in your Java startup arguments.

Cloud Installation Requirements

For Amazon EC2 - Secure Cloud Services



EC2 Instance Type


JVM parameters

-Xms24G -Xmx24G -XX:+UseG1GC


Postgres dbms running on an AWS RDS instance (Postgres RDS instance is of the type db.m5.4xlarge, version 10.20, gp2 type)

Browser Requirements

Lifecycle supports the latest version of your OS-supported browser at the time of release date.






ESR (extended support release)




Safari (on OSX)

5.1.9 corresponding to OS X 10.6

6.0.4 corresponding to OS X 10.7 and 10.8

7.1 corresponding to OS 10.9

For the best experience:

  1. Enable JavaScript for all web browsers.

  2. Configure your browser settings to allow notifications from Sonatype sites. You will receive browser notifications when your authenticated session is about to expire and prevent unintended logouts. To learn more about configuring session timeout values, refer to Configuration REST API.

REST API Requirements

The REST APIs are versioned. We recommend using the latest version of Lifecycle in addition to the latest version of the REST APIs. This ensures your system will take advantage of the latest features and improvements.