Versions Compared

Old Version 1

changes.mady.by.user Vadim Polyakov

Saved on

compared with

New Version Current

changes.mady.by.user Vadim Polyakov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Send a pull request

Deployment

The output of the configuration process is:

Input the the deployment is a definitions of services in the environment - install.json

...

/

Install.json defines instances for services in the environment and their connections to each other.  Right now it defines only the instances.  It is up to the user to define the connections by appropriately matching settings.   In future iterations, we will be able to infer settings by examining service dependencies.

...

Configure value.yaml files:

The output of the configuration process is:

  • a set of value.yaml files to setup each chart
  • deploy.sh script to run all of the helm commands

Using the script execute:

    go run rialto/src/rialto.go --install-file install.json

This will examine install.json and pull service config (hspc.json and value.template.yaml) from each service and prompt the user for services values.  

Setup the environment:

Execute deploy.sh

...

  1. Spin up kubernetes cluster (kube-up.sh)  - see http://kubernetes.io/docs/getting-started-guides/aws/
    1. Add security groups to allow port 389 (ldap) and port 80 (http) access to kubernetes-minion nodes
  2. Install helm in kubernetes (helm init)
  3. Add hspc repo to the helm (

    helm repo add hspc-helm http://hspc-helm.preparedmind.net).  Once we have DNS, we'll move this to an HSPC url.

  4. Optionally, remove preconfigured "local" and "stable" repos using helm repo remove stable and helm repo remove local

  5. Find out External IPs for your nodes that we'll use for service configuration. 

    1. In EC2 console, this will be the "Private IP"

    2. Using kubectl:  kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="LegacyHostIP")].address}'

  6. From rialto directory
    1. execute: go run src/rialto.go --install-file test/examples/ldap-mitreidconnect/install.json 
    2. Enter IPs one a time and except the defaults
    3. execute deploy.sh
  7. Test by adding a user and authenticating
    1. Using one of your minion's Public IP addresses connect a LDAP client (e.g. Apache Directory Studio)
    2. Import test user (username: test, password: test).  ldif file in rialto/test/examples/ldap-mitreidconnect/test-user.ldif
    3. Using web browser, navigate to http://<minion-ip>/ldap-openid-connect-server/ and login with test/test.