Presentation is loading. Please wait.

Presentation is loading. Please wait.

EXperimental Infrastructures for the Future Internet www.fi-xifi.eu Training Session “Service Integration” Álvaro Alonso Joaquín Salvachúa UPM-DIT.

Published byIsaac Stevens Modified over 8 years ago

Similar presentations

Presentation on theme: "EXperimental Infrastructures for the Future Internet www.fi-xifi.eu Training Session “Service Integration” Álvaro Alonso Joaquín Salvachúa UPM-DIT."— Presentation transcript:

1 eXperimental Infrastructures for the Future Internet www.fi-xifi.eu Training Session “Service Integration” Álvaro Alonso Joaquín Salvachúa UPM-DIT

2 Objectives Understand Federation architecture Components installation overview –Keyrock IdM –Keystone-proxy –Cloud Portal Federate a new node –Installing Openstack Services –Configuring Openstack Services –Adding the node to the Federation

3 www.fi-xifi.eu FEDERATION ARCHITECTURE Training Session “Service Integration”

4 Architecture Proxy Keystone Cloud Server OS Service IdM Cloud Portal OS Service Region1 Region2 Region3

5 Step 1. Service Catalogue Proxy Keystone Cloud Server OS Service IdM Cloud Portal getCatalogue Service catalogue OS Service Region1 Region2 Region3

6 Step 2. Getting an access token Proxy Keystone Cloud Server OS Service IdM Cloud Portal OS Service Region1 Region2 Region3 1 redirect 2 access-code 3 request access-token 4 access-token 5 request orgs 6 orgs

7 Step 3. Getting OS token Proxy Keystone Cloud Server IdM Cloud Portal access-token + tenant OS token OS Service Region1 Region2 Region3

8 Step 4. Using an OS service Proxy Keystone Cloud Server Keystone Middleware OS Service IdM Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant 8, 13 access- token 9, 14 user info

9 www.fi-xifi.eu COMPONENTS INSTALLATION OVERVIEW Training Session “Service Integration”

10 Keyrock IdM Github repository –https://github.com/ging/fi-ware-idmhttps://github.com/ging/fi-ware-idm Installation Guide: –https://github.com/ging/fi-ware-idm/wiki/Installation- guidehttps://github.com/ging/fi-ware-idm/wiki/Installation- guide Training demo host: –http://130.206.82.198:3000/

11 Keystone-proxy (1) Github repository –https://github.com/ging/fi-ware-keystone-proxyhttps://github.com/ging/fi-ware-keystone-proxy Installation Guide: –https://github.com/ging/fi-ware-keystone- proxy/blob/master/README.mdhttps://github.com/ging/fi-ware-keystone- proxy/blob/master/README.md Training demo host: –http://130.206.82.198:4730/

12 Keystone-proxy (2) Register cloud as an IdM Application Config.js var config = {}; config.adminUsers = {"user": {password: "pass", isAdmin: "false"}}; config.accountServer = '130.206.82.198'; // OAUTH Cloud credentials in the Account server config.client_id = ‘'; config.client_secret = ‘’'; //Mysql db config: config.db = { host : 'localhost', user : 'root', password : '1234', database : 'keystone_proxy' };............

13 Keystone-proxy (3) Config.js …. config.serviceCatalog = [ {"endpoints": [ {"adminURL": "http://localhost:8774/v2/$(tenant_id)s", "region": "RegionOne", "internalURL": "http://localhost:8774/v2/$(tenant_id)s", "publicURL": "http://localhost:8774/v2/$(tenant_id)s"} ], "endpoints_links": [], "type": "compute", "name": "nova" }, …..

14 Cloud Portal (1) Github repository –https://github.com/ging/fi-ware-cloud-portal Installation Guide: –https://github.com/ging/fi-ware-cloud- portal/blob/master/README.mdhttps://github.com/ging/fi-ware-cloud- portal/blob/master/README.md Training demo host: –http://130.206.82.198

15 Cloud Portal (2) Config.js config.oauth = { account_server: http://130.206.82.198:3000'', client_id: '', client_secret: '', callbackURL: 'http://130.206.82.198/login' }; config.keystone = { host: '130.206.82.198', port: 4730, admin_host: '130.206.82.198', admin_port: 4731, username: ’cloud', password: ’cloud', tenantId: '12345678901234567890123456789012' };

16 Summary Proxy Keystone Cloud Server IdM Cloud Portal

17 Summary Proxy Keystone Cloud Server IdM Cloud Portal OS Service Region1 Region2 Region3

18 www.fi-xifi.eu FEDERATE A NEW NODE Training Session “Service Integration”

19 Installing OS Services Using a virtual machine: –Install virtual box :: https://www.virtualbox.org/wiki/Downloads –Install Vagrant :: http://www.vagrantup.com/downloads.html This allow installation into virtual machines via scripts (Chef recipes).

20 OpenStack (DevStack) I mkdir devstack_vagrant cd devstack_vagrant vagrant box add precise32 http://files.vagrantup.com/precise32.box vagrant init precise32 Edit Vagrantfile and change: – vb.customize ["modifyvm", :id, "--memory", "2048"] – config.vm.network :forwarded_port, guest: 8774, host: 8774 – config.vm.network :forwarded_port, guest: 9292, host: 9292 – config.vm.network :forwarded_port, guest: 8776, host: 8776 Vagrant up && vagrant ssh

21 OpenStack (DevStack) II sudo apt-get update && sudo apt-get -y install git vim-gtk libxml2-dev libxslt1-dev libpq-dev python-pip libsqlite3-dev && sudo apt-get -y build-dep python- mysqldb && sudo pip install git-review tox && git clone git://git.openstack.org/openstack-dev/devstack && cd devstack git checkout -b havana origin/stable/havana./stack.sh

22 Amazon version Ask for it if you need it….

23 Configuring OS Services Kesytone Cloud Server Keystone Middleware OS Service Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant

24 Configuring OS Services Kesytone Cloud Server Keystone Middleware OS Service Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant

25 Configuring OS Services Proxy Keystone Cloud Server Keystone Middleware OS Service IdM Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant 8, 13 access- token 9, 14 user info

26 Note Official Fi-lab IP for keystone-Proxy is : –130.206.82.10 We will NOT use it for today training. TODAY keystone-proxy is : 130.206.82.198 YOU must change on all next slides.

27 Nova /etc/nova/nova.conf... quantum_admin_auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 quantum_admin_password=quantum... keystone_ec2_url=http://130.206.82.10:4730/v2.0/ec2tokenshttp://130.206.82.10:4730/v2.0/ec2tokens... [keystone_authtoken] auth_port=4731 admin_password=nova admin_user=nova... auth_host=130.206.82.10 quantum_region_name=[YOUR_REGION_NAME]

28 Quantum (1) /etc/quantum/dhcp_agent.ini... admin_user=quantum... admin_password=quantum... auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 admin_tenant_name=services

29 Quantum (2) /etc/quantum/metadata_agent.ini... auth_url = http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 auth_region = [HERE YOUR REGION'S NAME] admin_tenant_name = services admin_user = quantum admin_password = quantum...

30 Quantum (3) /etc/quantum/quantum.conf... [keystone_authtoken] auth_host = 130.206.82.10 auth_port = 4731 auth_protocol = http admin_tenant_name = services admin_user = quantum admin_password = quantum signing_dir = /var/lib/quantum/keystone-signing auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0

31 Quantum (4) /etc/quantum/l3_agent.ini... admin_user=quantum admin_tenant_name=services admin_password=quantum... auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0

32 Quantum (5) /etc/quantum/api-paste.ini... [filter:authtoken] paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory auth_host=130.206.82.10 admin_password=quantum auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 admin_tenant_name=services admin_user=quantum auth_port=4731

33 Glance (1) /etc/glance/glance-api.conf... swift_store_auth_address=http://130.206.82.10:4730/v2.0/http://130.206.82.10:4730/v2.0/... swift_store_user=services:glance... auth_port=4731 auth_host=130.206.82.10 admin_password=glance admin_tenant_name=services auth_protocol=http auth_uri=http://130.206.82.10:4731http://130.206.82.10:4731 admin_user=glance

34 Glance (2) /etc/glance/glance-registry.conf [keystone_authtoken] signing_dir=/tmp/keystone-signing-glance auth_host=130.206.82.10 admin_password=glance auth_port=4731 signing_dirname=/tmp/keystone-signing-glance auth_protocol=http admin_tenant_name=services admin_user=glance

35 Glance (3) /etc/glance/glance-cache.conf admin_user=glance... admin_tenant_name=services... admin_password=glance... auth_url=http://130.206.82.10:4731http://130.206.82.10:4731

36 Glance (4) /etc/glance/glance.conf filesystem_store_datadir=/var/lib/glance/images/ swift_store_region=[YOUR_REGION_NAME]

37 Cinder /etc/cinder/cinder.conf... admin_password=cinder auth_port=4731 auth_host=130.206.82.10 admin_tenant_name=services auth_protocol=http admin_user=cinder...

38 Swift /etc/swift/proxy-server.conf... [filter:s3token] paste.filter_factory = keystone.middleware.s3_token:filter_factory auth_port = 4731 auth_protocol = http auth_host = 130.206.82.10... [filter:keystone] use = egg:swift#keystoneauth operator_roles = admin, SwiftOperator, member is_admin = true cache = swift.cache... [filter:authtoken] paste.filter_factory = keystone.middleware.auth_token:filter_factory auth_host = 130.206.82.10 auth_port = 4731 auth_protocol = http auth_uri = http://130.206.82.10:4731http://130.206.82.10:4731 admin_tenant_name = services admin_user = swift admin_password = swift

39 Adding the node to Federation Keystone-proxy config.js …. config.serviceCatalog = [ {"endpoints": [ {"adminURL": "http://endopoint/v2/$(tenant_id)s", "region": "RegionOne", "internalURL": "http:/endpoint/v2/$(tenant_id)s", "publicURL": "http:/endpoint/v2/$(tenant_id)s"} ], "endpoints_links": [], "type": "compute", "name": "nova" }, …..

40 eXperimental Infrastructures for the Future Internet www.fi-xifi.eu Thanks! Álvaro Alonso Joaquín Salvachúa UPM-DIT

Download ppt "EXperimental Infrastructures for the Future Internet www.fi-xifi.eu Training Session “Service Integration” Álvaro Alonso Joaquín Salvachúa UPM-DIT."

Similar presentations

Vasinee Siripoonya Kasidit Chanchio

Vasinee Siripoonya Kasidit Chanchio
Presented by W1BAW Bruce Wattendorf. What is a Raspberry PI A $35 computer with out a monitor, keyboard, mouse but they all can be added.

Presented by W1BAW Bruce Wattendorf. What is a Raspberry PI A $35 computer with out a monitor, keyboard, mouse but they all can be added.
FI-WARE Testbed Access Control temporary solution.

FI-WARE Testbed Access Control temporary solution.
© 2012 IBM Corporation Architecture of Quantum Folsom Release Yong Sheng Gong ( 龚永生 ) gongysh #openstack-dev Quantum Core developer.

© 2012 IBM Corporation Architecture of Quantum Folsom Release Yong Sheng Gong ( 龚永生 ) gongysh #openstack-dev Quantum Core developer.
Seamless migration from Nova-network to Neutron in eBay production Chengyuan Li, Han Zhou.

Seamless migration from Nova-network to Neutron in eBay production Chengyuan Li, Han Zhou.
Securing OpenStack with Intel Trusted Computing OpenStack Summit Atlanta 2014 12 May 2014 Christian Huebner Cloud Architect

Securing OpenStack with Intel Trusted Computing OpenStack Summit Atlanta May 2014 Christian Huebner Cloud Architect
“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.
IT:Network:Applications VIRTUAL DESKTOP INFRASTRUCTURE.

IT:Network:Applications VIRTUAL DESKTOP INFRASTRUCTURE.
Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.

Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
Installing and Setting up mongoDB replica set PREPARED BY SUDHEER KONDLA SOLUTIONS ARCHITECT.

Installing and Setting up mongoDB replica set PREPARED BY SUDHEER KONDLA SOLUTIONS ARCHITECT.
Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.

Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.
Esri UC 2014 | Demo Theater | Using ArcGIS for Server in the Microsoft Azure Cloud Nikhil Shampur.

Esri UC 2014 | Demo Theater | Using ArcGIS for Server in the Microsoft Azure Cloud Nikhil Shampur.
Additional SugarCRM details for complete, functional, and portable deployment.

Additional SugarCRM details for complete, functional, and portable deployment.
Hands-on session 2 Monitoring Jose Gonzalez Universidad Politecnica Madrid Attilio Broglio Create-Net

Hands-on session 2 Monitoring Jose Gonzalez Universidad Politecnica Madrid Attilio Broglio Create-Net
Partner Practice Enablement - Overview This session will focus on integration strategies for applications deployed using Microsoft Azure Websites and Microsoft.

Partner Practice Enablement - Overview This session will focus on integration strategies for applications deployed using Microsoft Azure Websites and Microsoft.
Customized cloud platform for computing on your terms !

Customized cloud platform for computing on your terms !
Building service testbeds on FIRE D5.2.5 Virtual Cluster on Federated Cloud Demonstration Kit August 2012 Version 1.0 Copyright © 2012 CESGA. All rights.

Building service testbeds on FIRE D5.2.5 Virtual Cluster on Federated Cloud Demonstration Kit August 2012 Version 1.0 Copyright © 2012 CESGA. All rights.
Nina Drozd Supervisor: Fearghal Morgan Co-Supervisor: Martin Glavin Project Progress Presentation.

Nina Drozd Supervisor: Fearghal Morgan Co-Supervisor: Martin Glavin Project Progress Presentation.
MCDevOps Infrastructure In One Hour. Sponsors Improving Enterprises Software Development.

MCDevOps Infrastructure In One Hour. Sponsors Improving Enterprises Software Development.

Similar presentations

Ads by Google