credential delegator server cds as a system …...docker, i need your help. setup cds server...

CDS AS A SYSTEM INSPECTOR - INSTALL & DEPLOY WITH CONTAINER

CREDENTIAL DELEGATOR SERVER

Pongpat Poapetch

Senior System Engineer

iThesis Research & Development Team

Development of Standard Procedures of Thesis/Dissertation/Independent-Study

Quality Management Framework & Implementation for Thai’s Higher Education,

Thai Library Integrated System (ThaiLIS)

WHAT IS CDS?Credential Delegator Server is a server who gave permission server instead of another servers. It is similar to a proxy server but it has especially functions.

src: http://www.dailymail.co.uk/

SETUP CDS SERVER WORKSHOP 3

I am CDS.

“Can i see my profile?”

Sure, here is his profile.

Okay.

Thank!“Can i have a meal?”

Okay.

Send him a cheese burger.

Yummy !!

SETUP CDS SERVER WORKSHOP

CDS ON-PREMISE STRUCTURE

4

SETUP CDS SERVER WORKSHOP

CDS SAAS STRUCTURE

5

SETUP CDS SERVER WORKSHOP

CREDENTIAL DELEGATOR SERVER

▸ provide data service

▸ central data transition

▸ mapping database pattern

▸ medium authentication service

▸ etc.

STRONG !!!

6

HOW TO BE LIKE I AM ? (CDS)

SETUP CDS SERVER WORKSHOP

STRONG !!!

PREREQUISITES (1)

SETUP CDS SERVER WORKSHOP

▸ 1 server instant (virtual or physical machine)

▸ Pre-installed OS: Centos 7.2.x.x (clean install)

▸ Create user admin: cdsgw

▸ Insert user cdsgw to sudoer file

▸ Internet and Intranet is required

▸ * Optional: Disable root login

▸ * Optional: Key-based SSH authentication

8

LET ME INTRODUCE MYSELF.

SETUP CDS SERVER WORKSHOP

BO BO

PREREQUISITES (2)

SETUP CDS SERVER WORKSHOP

WHAT IS DOCKER?

▸ Docker containers wrap up a piece of software in a complete filesystem that contains everything it needs to run: code, runtime, system tools, system libraries, or else.

▸ This guarantees that it will always run the same, regardless of the environment it is running in.

See more: https://www.docker.com

10

DOCKER, I NEED YOUR HELP.

SETUP CDS SERVER WORKSHOP

IS IT GOOD ? WHY DOCKER?

YOUR SERVERS ARE READY, SIR.See more: https://www.docker.com

HELP ME !! I NEED A SERVER THAT CONTAINS APACHE,

PHP, JAVA, TOMCAT, NODE.JS, PROXY, MYSQL, POSTGRES, ORACLE-DB, MSSQL, DB2 AND THE BLA BLA BLA BLA BLA…

I NEED IT TOO.YOUR SERVER IS READY.

OH MY GOD !!!!

11

(8 HRS LATER…)

▸ You can build, ship, run any app, anywhere.

▸ For example: Old-school step, you may need 8 + 6 hrs for 2 servers. But Docker step, you need 8 + 0.5 hrs for 2 servers.

SETUP CDS SERVER WORKSHOP

WHY DO NOT JUST USE VIRTUAL MACHINE AND DUPLICATE IT?

▸ Can not control everything. (hardware or else.)

▸ Everyone are not in one site.

▸ Different OS may not suitable for all.

▸ A different version on single app may cause fatal error.

▸ It’s not portable.

LET ME SHOW YOU, HOW TO GET US ?

SETUP CDS SERVER WORKSHOP 13

STRONG !!!

BO BO

RUN IT !

SETUP CDS SERVER WORKSHOP 14

I WANT TO BE A CDS.

I’m a clean install server.

I’m a iThesis setup server.

YES, YOU CAN.

FIRST, YOU NEED TO CALL “INIT-SERVER”.

curl -s http://install.ithesiscloud.com/script/init-server | sh

OK, CATCH IT !

Loading…

I GOT DOCKER ENGINE AND READY TO GET ANY CONTAINER.WHAT NEXT?

NOW, YOU NEED TO CALL “MAKE-BUNDLE”.

curl -s http://install.ithesiscloud.com/script/make-bundle | sh -s cds

OK, CATCH IT !

I’m a server with docker-engine.

CONFIG FILES

DOCKERFILE SCRIPT DEPLOY

SOURCECODE

ARGS.INI

Configuring args.ini and pre-config files…

STRONG !!! HERE I AM.

NOW, YOUR CDS IS READY !

SETUP CDS SERVER WORKSHOP

CHART SET-UP CDS SERVER

15

OK, LET DO IT TOGETHER.

SETUP CDS SERVER WORKSHOP

BO BO

SETUP CDS SERVER WORKSHOP

OPEN PUTTY, TERMINAL, CONSOLE

LinuxWindows

17

Mac

SETUP CDS SERVER WORKSHOP

CONNECT TO YOUR CDS-GW-INSPECTOR.

18

$> ssh cdsgw@<ip-address> [-i path/to/rsa-key]

SETUP CDS SERVER WORKSHOP

RUN SCRIPT INIT-SERVER WITH SUDO AND WAIT UNTIL IT FINISH.

19

$> sudo curl -s http://install.ithesiscloud.com/script/init-server | sh

SETUP CDS SERVER WORKSHOP

AFTER INIT-SERVER IS FINISH, SU YOURSELF WITH NEW ENV.

20

$> su - cdsgw

SETUP CDS SERVER WORKSHOP

HELLO-WORLD.

21

$> docker run hello-world

SETUP CDS SERVER WORKSHOP

LET WORK WITH “ TMUX ”

22

$> tmux

learn more about tmux: https://tmux.github.io/

SETUP CDS SERVER WORKSHOP

LET GET A CDS BUNDLE.

23

$> curl -s http://install.ithesiscloud.com/script/make-bundle | sh -s cds <secret-key>

06101603

SETUP CDS SERVER WORKSHOP

IT WILL DOWNLOAD A BUNDLE AS ZIP, AFTER THAT EXTRACT IT.

24

$> unzip {hashcode}.zip

SETUP CDS SERVER WORKSHOP

CHANGE DIRECTORY TO BUNDLE DIR.

25

$> cd {hashcode}

SETUP CDS SERVER WORKSHOP

LIST IT TO SEE WHAT WE GOT.

26

$> ls

SETUP CDS SERVER WORKSHOP

WE NEED PRE-CONFIGURATION. LET EDIT ARGS.INI

27

$> vim args.ini

SETUP CDS SERVER WORKSHOP

IF YOU DON’T LIKE VIM, USE SFTP APPLICATION WHAT EVER YOU WANT.

28

FileZilla WinSCP Cyberduck

SETUP CDS SERVER WORKSHOP

ARGS.INI

29

IMAGE_NAME CONTAINER_NAME PORT_HOST PORT_CONTAINER

BASE_VOL PATH_VOLx

SETUP CDS SERVER WORKSHOP

SAVE ARGS.INI, AND RUN IT.

30

$> sudo sh docker_init.sh

SETUP CDS SERVER WORKSHOP

WAIT FOR A WHILE.

31

SETUP CDS SERVER WORKSHOP

AFTER RUN FINISH, CHECK CONTAINER STATUS.

32

$> docker ps

SETUP CDS SERVER WORKSHOP

CHECK IT ON WEB BROWSER.

33

url: http://<your-hostname>:<port>/master-db/public/CDS

OOPS ! HELP ME DO POST-CONFIG.

LEARN MORE ABOUT POST-CONFIG.

SETUP CDS SERVER WORKSHOP

BO BO

SETUP CDS SERVER WORKSHOP

POST-CONFIGURATION CHART

cds-allow-ips.conf

status_CDS.conf

conf

app-cds

ldap / confighost_x.conf

… (add what ever you want.)master-db

35

app / controllers / config / sync

ETC.

faculty.ini

major.ini

degree.ini

advisor.ini

student.ini

department.ini

qualification.ini

officer.ini

* the other config files might not configure. (default configuration is ready to use)

db-connection.php

SETUP CDS SERVER WORKSHOP

APP-CDS / CONF

36

cds-allow-ips.conf

LIST OF IP-ADDR FOR TDCAPP

IP-ADDR FOR MASTERDB

SETUP CDS SERVER WORKSHOP

APP-CDS / CONF

37

status_CDS.conf

IP-ADDR OR HOSTNAME OF IR

DEFAULT: LDAP

YOU CAN ADD OTHER SERVICE DOWN HERE…

SETUP CDS SERVER WORKSHOP

APP-CDS / CONF

38

db-connection.php

…

CHOOSE DBMS.

CONFIG YOUR DATABASE PARAMS.

SETUP CDS SERVER WORKSHOP

APP-CDS / LDAP / CONFIG /

39

host_student.conf host_staff.confSERVER NAME

EX: 100.20.30.40 OR EXAMPLE.LDAP.COM

LDAP PORT

USERNAME

PASSWORD

BASE DN

IDENTITY ATTR.

REQUIRED ATTR.

ROLE: STUDENT OR STAFF

OU=STUDENT OR OU=STAFF

MAPPING ATTR.

SETUP CDS SERVER WORKSHOP

APP-CDS / LDAP / CONFIG /

40

extra: host_staff.conf

SUPER-ADMIN USER

KEY FORM ITHESIS

SETUP CDS SERVER WORKSHOP

APP-CDS / MASTER-DB/ APP / CONTROLLERS / CONFIG / SYNC

41

DBMS *.ini

DATABASE NAME

TABLE / VIEW NAME

PK OR UNIQUE ID

MAPPING FIELDS …

…VALIDATE FIELDS

OK, LET DO IT TOGETHER.

SETUP CDS SERVER WORKSHOP

BO BO

WORKSHOP IN PROGRESS…

THANK YOU.

iThesis Research & Development Team