Difference between revisions of "FHNManager Installation"
(→Target definition) |
(→Target definition) |
||
| Line 40: | Line 40: | ||
To achieve that, please edit vmproviders.yml file (available to ../classes/ folder) and insert data as follows: | To achieve that, please edit vmproviders.yml file (available to ../classes/ folder) and insert data as follows: | ||
| − | + | - | |
credentials: {type: x509, | credentials: {type: x509, | ||
encodedCredentails: /tmp/x509up_u1004} | encodedCredentails: /tmp/x509up_u1004} | ||
| Line 49: | Line 49: | ||
nodeTemplates: | nodeTemplates: | ||
- refId: 3-1 | - refId: 3-1 | ||
| − | + | - | |
Credentials will specify the path to the Proxy certificate, the typology (x509), the endpoint (please refer to AppDb for a list of sites exposing occi and supporting gCube smartExecutor Virtual Appliance) the provider ID, the provider name and the reference to node template. | Credentials will specify the path to the Proxy certificate, the typology (x509), the endpoint (please refer to AppDb for a list of sites exposing occi and supporting gCube smartExecutor Virtual Appliance) the provider ID, the provider name and the reference to node template. | ||
Revision as of 12:47, 3 May 2016
to be inserted some sign to portlet and the service details (installation, where the packages are located, how to add a cloud and so on)
The Federated Hosting Node Manager (FHNM) is the core part of the gCube-external infrastructures integration.
Contents
Usage
Maven coordinates
The maven artifact coordinates are:
<dependency> <groupId>org.gcube.resources.federation</groupId> <artifactId>fhn-manager-service</artifactId> <version>1.0.0-SNAPSHOT</version> <packaging>war</packaging> </dependency>
Deploy
- Deploy war file to selected SmartGears Container (tomcat Webapp folder)
Authentication
In order to use the Federated Cloud, it is necessary to register a certificate to join a Virtual Organisation (VO) of the cloud. In case of integration with EGI it is necessary to generate a VOMS proxy in order to obtain authorization attributes to be embedded in X.509 proxy certificates, needed to access FedCloud sites.
Ideally, the VRE Manager should have to import the credentials related to own VRE directly from the gCube IS; actually the service foresees an interface for the future integration with the IS, but currently we're using VRE Manager certificates (actually a second-level proxy of the manager's cert. The first one is stored, encrypted, in the gCube information system; the second one is generated by the service just before accessing FedCloud and it's really short-lived; usually it is available at /tmp folder).
Most, if not all, gCube users do not own a x509 certificate; they access the gCube portal with username/password and the usage of external infrastructures is completely transparent to them. Basically the gCube Information System will contain the .pem certificated associated to each VRE or Infrastructure Manager. Such certificates will be used by the service to create a runtime VOMS proxy in order to interact with FedCloud. If any certificates is provided, no interaction with FedCloud will be allowed.
Set the host environment
- Edit the YAML service.properties file available in WEB.INF/classes folder and replace the STORAGE_DIR: /home/"user_name"/fhnmanager path with user home path (e.g., STORAGE_DIR: /home/ngalante/fhnmanager); such file will contain the persistency of nodes created by using the service.
- An example of running REST service is accessible here: http://fedcloud.res.eng.it/fhn-manager-service/rest/*
Configuration Steps
For a correct configuration of the service, please refer at subsection below:
Target definition
First, it is necessary to configure the target cloud platform to add to configuration. To achieve that, please edit vmproviders.yml file (available to ../classes/ folder) and insert data as follows:
- credentials: {type: x509, encodedCredentails: /tmp/x509up_u1004} endpoint: https://carach5.ics.muni.cz:11443/ id: 4-1 name: Cesnet-Metacloud resourceTemplates: nodeTemplates:
- refId: 3-1
-
Credentials will specify the path to the Proxy certificate, the typology (x509), the endpoint (please refer to AppDb for a list of sites exposing occi and supporting gCube smartExecutor Virtual Appliance) the provider ID, the provider name and the reference to node template. The resource templates is currently taken directly from the occi-connector and stored manually in ResourceTemplates.yml file; in the next releases, the development of a caching system could be considered.
==
