1 / 16

Edinet EVO Meeting August 28, 2008

Edinet EVO Meeting August 28, 2008. VSB-CZ, WP3 Interim Progress Report Prepared by: Petr Gryg áre k. What was done by WP3. Comments on SVC architecture design collected from Architecture Development Board Only minor comments/requests requirements of explanation

nijole
Download Presentation

Edinet EVO Meeting August 28, 2008

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Edinet EVO MeetingAugust 28, 2008 VSB-CZ, WP3 Interim Progress Report Prepared by: Petr Grygárek

  2. What was done by WP3 • Comments on SVC architecture design collected from Architecture Development Board • Only minor comments/requests requirements of explanation • Final detailed SVC architecture specification is now finished • http://edinet.cs.vsb.cz/index.php/SVC_Technical_Infrastructure_Architecture_Design • SVC implementation started • To ensure constant progress and honour deadlines, we organize regular developer’s meeting every Tuesday (leaded by Petr Grygarek) • Implementation of environment for internal WP3 testing • Virtual machine for Common Portal: edinet-cp.cs.vsb.cz • Also used to host OpenVPN gateway and basic tests of authorized access to Lab Management Network • Tools for team development installed • SVC documentation MediaWiki • http://edinet.cs.vsb.cz • Documentation continuously updated as new SVC parts are being developed • SVN • SVN structure defined at http://edinet.cs.vsb.cz/index.php/Edinet_SVC_Implementation_SVN • existing source code imported and further managed there

  3. SVC Implementation What is ready now (1) • Common Portal control application(PHP-MVC Design Pattern + OTP generation scripts) • Design of database structures completed • http://edinet.cs.vsb.cz/index.php/Database_Structures • Specification of Common Portal SOAP API • http://edinet.cs.vsb.cz/index.php/Common_Portal_SOAP_API + source codes in SVN • Activity diagrams of users with individual roles on Common Portal (use cases) • http://edinet.cs.vsb.cz/index.php/Authentication%2C_Authorization_and_Accounting#Activity_Diagrams_of_Individual_Roles_on_Common_Portal • WWW GUI for • definition of partners’ lab parameter • management of user groups • management of tasks and task documents (various meda formats) • management of preconfiguration descriptions and preconfiguration implementations

  4. SVC Implementation What is ready now (2) • Lab Management Network VPN Gateway (Linux + OpenVPN server) • Scripts to validate one-time passwords generated by CP and to verify registered reservation at Common Portal using SOAP API • Automatic creation and applying of access lists to limit user access only to management interfaces of previously reserved devices • Automatic VPN tunnel disconnection at the end of reserved timeslot • Client-side of remote access to lab management networks • Running OpenVPN client from WWW GUI automatically • in unprivileged mode (both Linux and Windows), using Java Webstart • Utilizes one-time passwords generated by CP for authentication and authorization at VPN gateway • Web page with controls to reach management interfaces of individual lab devices • launch of Telnet/SSH/VNC Java applet

  5. SVC Implementation What is ready now (3) • Supporting Lab Maintenance Systems • Power Switch Controller • encapsulates real power switches used to reboot HW devices • provides unified and secure way to control them (may be incorporated to WWW forms easily) • currently APC AP-7952 power switch is supported, but partners may easily modify the code to support other models • See http://edinet.cs.vsb.cz/index.php/Power_Switch_Controller • AAA • Partial installation of experimental Shibboleth Identity Provider (v.1.3) • We need more support from UBE-CH (which suggested usage of Shibboleth) • Addressing plan of Lab Management Networks for production environment • in context of our participation in WP3

  6. Environment for internal WP3 testing • Required for internal testing before of setup of labs among piloting partners • Needed also to test installation procedure descriptions (WP6) and our installation scripts for automated replication • Current testing environment • Common Portal: edinet-cp.cs.vsb.cz (virtual machine) • Also hosts one testing Lab Management Network VPN Gateway currently • Our plan is to implement complete virtualized environment for internal testing • under centralized control • more suitable for primary testing than interconnection of real partner’s labs • Common Portal + 2 or 3 virtualized partners partners’ labs • 2 simulated network devices (for console access) in each lab • 2 simulated PCs (both with Telnet/SSH and Remote Console GUI access) in each lab • One simulated SW-based terminal server, Lab Management Network VPN GW, Configuration Clearing Controller and Power Switch Controller in each lab • VSB-CZ has rich experience with running XEN instances in virtual networking environment • Can any partner provide temporary hosting of a virtualization engine for that purpose ? • Would it be possible to utilize excellent WSHE-PL’s virtualization environment ?

  7. What do we do now • Common Portal • Management of global noticeboard • Placing Preconfiguration Implementation on the noticeboard • Reservation of Lab pods to solve tasks • Reserving parts of advertised timeslots • Design of DTDs of XMLs used in Preconfiguration Description and Preconfiguration Implementation • Supporting Lab Maintenance Systems • Configuration Clearing Controller • SOAP API for clearing requests from common portal scheduler is being defined • Integration with AAA infrastructure • Formulation of ideas how to adapt individual partners’ laboratories for common SVC + unified structure of lab documentation • WP6 will develop detailed adaptation plans (WP6 T1.2)

  8. Relation of the current situation to the WP3 workplan • VSB-CZ’s work is stilll performed according to WP3 workplan • There is a need of negotiating of assignment of some tasks • all partners have 30 WDs in WP3 (UBE-CH has much more) • Some partner’s tasks in original WP3 workplan are little delayed against WP3 workplan or were not negotiated yet • Nearest deadline (30.4.-T5.5) • Authenticated Remote Access – completed • Next planned work (15.5. T5.6) • Reservation System – partially completed

  9. What do we need from other partners/WPs - NOW (1) • UBE-CH (WP3) • More information/hints/examples how to implement Shibboleth components • Concerns mainly Identity Providers which checks passwords against LDAP and provides user attributes stored in MySQL at the same time • Usage of Shibboleth was a proposal of UBE-CH, we have no practical experience and only limited knowledge of Shibboleth now

  10. What do we need from other partners/WPs - NOW (2) • FHJ-AT (WP6) • Installation and customization of bug reporting system (T1.3/2.5) • needed now because of internal testing, will be necessary in later stages also • Trac ? Bugzilla ? Mantis ? • Classification scheme of reported bugs - customization of bug reporting system • based on component suspected to be a source of bug and the partner site • let’s try to use scheme similar to structure of WP3 SVN • http://edinet.cs.vsb.cz/index.php/Edinet_SVC_Implementation_SVNI

  11. What do we need from other partners/WPs - NOW (3) • Virtualization server for SVC internal testing • WSHE-PL ? Other partner ?

  12. What do we need from other partners/WPs – LATER (1) • FHJ-AT • Example configuration of OpenVPN virtual L2 topology link(s) – WP6 T2 • For Linux-based VPN gateways • Probably for our example topology at http://edinet.cs.vsb.cz/index.php/Remote_Access_and_Lab_Interconnection#Lab_Interconnection_Implementation_Example • WP6 will negotiate which partners will participate on distributed virtual topology pre-testing • We suppose VSB-CZ and FHJ-AT at least • UBE-CH • Installation of Shibboleth Identity Provider and user account management application for every partner • Create installation HOWTOs + Bash scripts for automated installation

  13. What do we need from other partners/WPs – LATER (2) • A task assignment suggestion to be discusses: • IT-FI • CSSs for attractive look&feel of Web pages of Common Portal and application for user account management • UBE-CH (there is enough WDs in WP3) • Simple WWW application for management of user accounts • Functionality specification will be provided by WP3 • Probably in PHP (for consistency with CP)

  14. Current WP3/WP6 open questions • Who will host/maintain Common Portal during piloting phase (and later) • Who will prepare printable versions of SVC usage manuals ? • Competence of WP4 ? • WP3 will provide all necessary information

  15. Non-WP3 activities • Dissemination • Article about SVC architecture was submitted to ICETA conference • We were in contact with NEWTON College (Brno, CZ), which is interested in our project from the point of view of our experience concerning virtual mobility • Administration • Accounting department confirmed receiving of first prefinancing • Are there already instructions from WP0 how to report WDs and bussiness trip expenses ?

  16. Thank you for your attention.Questons ?

More Related