the tierinitiative - internet2...• docker containers • virtual machine images to run the...
TRANSCRIPT
NEW AND EMERGINGTECHNOLOGY AND CONCEPTS
THE TIER INITIATIVE
TechEx Base CAMP
September 25, 2016
Keith Hazelton, UW-Madison
• TIER•
• “TI”: Trust and Identity
• “ER”: of, by and for the Higher Education and Research Communities
• TIER is a community-initiated effort, coordinated by internet2
• …to develop a consistent, rationalized approach to identity and access management
• …that simplifies campus processes and advances inter-institutional collaboration and research
• TIER is both an open source toolset and a campus practice set
• Reference Architecture
• Specifications
• Best Practices Documentation
• Demo Workbench
• Reference Implementations
• Data Models
• Deployment Guides
• Production Workbench
WORKGROUPS / DEVELOPMENT
• APIs and Data Structures
• Entity Registries
• Reference Architecture
• Security and Audit
• Packaging
• Scalable Consent
• Shibboleth
• Grouper
• COmanage
• Instrumentation
Plus Commercial Development Partners
REFERENCE ARCHITECTURE
• https://spaces.internet2.edu/pages/viewpage.action?pageId=98306902
API AND DATA STRUCTURES
https://swaggerhub.com/api/bsavage/grouper_scim/v2
TIER MODEL
PACKAGING STRATEGY
• Component teams retain traditional installers• These will continue to be needed well into the future
• Provide additional release types for the components• Docker containers• Virtual machine images to run the containers
• Focus on automation tools• Build containers and VMs• Automate testing• Over time, goal of weekly builds• Identify and deploy tooling that is able to deliver multiple formats
• Keep pace as technology changes
SHIBBOLETH IDP VM EXAMPLE
• Build
• Shibboleth configuration tree
• Simple tooling for initial IdPconfiguration
• Docker container build
• Scripting for operations
• Operation
Docker Tomcat –ShibIdp_0
Docker Tomcat –ShibIdp_1
Docker HAproxy
Two Functions: Build and Operate
https://testbed.tier.internet2.edu
INCEPTION OF METRICS AND INSTRUMENTATION
HOW TO LEARN MORE, GET INVOLVED
ADDITIONAL TECH EX SESSIONS ON TIER
• Demos and Discussions: M – W, TIER booth in dining area, Biscayne Room
• Grouper Provisioning: Locally and Cloud, Monday, 10:20 – 11:10 am, Bayfront A
• Trust and Identity: Lightning Talks, Monday, 11:20 – 12:10 am, Bayfront A
• What's New & What's Next with TIER, Tuesday, 8:00 am, Bayfront A
• Update on Consent, Tuesday, 10:20 – 11:10 am, Bayfront A
TIER DEVOPS ENVIRONMENT - FIRST VIEW OF NEW TIER COMMUNITY
TESTING AND USABILITY PLATFORM
• Community members will get a first view of the new TIER community testing and usability platform, also known as the Demo Workbench. See schedule for details
• First-hand demonstrations, examples and “showcase explanations” of work products being generated through the efforts of the TIER Working Group teams, including:• An end-to-end implementation of one of the narratives from the Reference
Architecture featuring a small-scale but full-featured TIER IAM infrastructure.
• Consent-informed Attribute Release (CAR) service
• IdMatch service and its integration into the Demo Workbench
• Preview of COmanage v1.1.0 including capabilities for loading external source records
OTHER RESOURCES
• Check out the TIER FAQ•
• Subscribe to the monthly TIER Newsletter•
• Subscribe to one or both of the TIER-Discussion mail lists
• [email protected] is for all general, non-technical discussions about TIER and may be used to contribute any thoughts about the direction or shape of TIER.
• [email protected] is generally focused on the Institutional Technology Architects and Identity Management professionals. This list will primarily focus on the implementation goals and technologies required to make identity components work well within and across participating institutions.
• Address e-mail to [email protected]
• Enter the case-insensitive email subject:
• Subscribe [email protected] or
• Subscribe [email protected]
• Send! (You’ll receive email confirmation of the subscription shortly)
BEST OF ALLJOIN A TIER WORKING GROUP
• TIER Data Structures and APIs WG,
• To subscribe: https://lists.internet2.edu/sympa/subscribe/tier-api
• TIER Entity Registry WG
• To subscribe: https://lists.internet2.edu/sympa/admin/tier-entreg
• TIER Grouper Deployment Guide WG
• To subscribe: https://lists.internet2.edu/sympa/info/tier-deploy-guide
• TIER Packaging WG:
• To subscribe: https://lists.internet2.edu/sympa/subscribe/tier-packaging
• TIER Security and Audit WG:
• To subscribe: https://lists.internet2.edu/sympa/subscribe/tier-security-audit