CDS AS A SYSTEM INSPECTOR - INSTALL & DEPLOY WITH CONTAINER
CREDENTIAL DELEGATOR SERVER
Pongpat Poapetch
Senior System Engineer
iThesis Research & Development Team
Development of Standard Procedures of Thesis/Dissertation/Independent-Study
Quality Management Framework & Implementation for Thai’s Higher Education,
Thai Library Integrated System (ThaiLIS)
WHAT IS CDS?Credential Delegator Server is a server who gave permission server instead of another servers. It is similar to a proxy server but it has especially functions.
src: http://www.dailymail.co.uk/
SETUP CDS SERVER WORKSHOP 3
I am CDS.
“Can i see my profile?”
Sure, here is his profile.
Okay.
Thank!“Can i have a meal?”
Okay.
Send him a cheese burger.
Yummy !!
SETUP CDS SERVER WORKSHOP
CDS ON-PREMISE STRUCTURE
4
SETUP CDS SERVER WORKSHOP
CDS SAAS STRUCTURE
5
SETUP CDS SERVER WORKSHOP
CREDENTIAL DELEGATOR SERVER
▸ provide data service
▸ central data transition
▸ mapping database pattern
▸ medium authentication service
▸ etc.
STRONG !!!
6
HOW TO BE LIKE I AM ? (CDS)
SETUP CDS SERVER WORKSHOP
STRONG !!!
PREREQUISITES (1)
SETUP CDS SERVER WORKSHOP
▸ 1 server instant (virtual or physical machine)
▸ Pre-installed OS: Centos 7.2.x.x (clean install)
▸ Create user admin: cdsgw
▸ Insert user cdsgw to sudoer file
▸ Internet and Intranet is required
▸ * Optional: Disable root login
▸ * Optional: Key-based SSH authentication
8
LET ME INTRODUCE MYSELF.
SETUP CDS SERVER WORKSHOP
BO BO
PREREQUISITES (2)
SETUP CDS SERVER WORKSHOP
WHAT IS DOCKER?
▸ Docker containers wrap up a piece of software in a complete filesystem that contains everything it needs to run: code, runtime, system tools, system libraries, or else.
▸ This guarantees that it will always run the same, regardless of the environment it is running in.
See more: https://www.docker.com
10
DOCKER, I NEED YOUR HELP.
SETUP CDS SERVER WORKSHOP
IS IT GOOD ? WHY DOCKER?
YOUR SERVERS ARE READY, SIR.See more: https://www.docker.com
HELP ME !! I NEED A SERVER THAT CONTAINS APACHE,
PHP, JAVA, TOMCAT, NODE.JS, PROXY, MYSQL, POSTGRES, ORACLE-DB, MSSQL, DB2 AND THE BLA BLA BLA BLA BLA…
I NEED IT TOO.YOUR SERVER IS READY.
OH MY GOD !!!!
11
(8 HRS LATER…)
▸ You can build, ship, run any app, anywhere.
▸ For example: Old-school step, you may need 8 + 6 hrs for 2 servers. But Docker step, you need 8 + 0.5 hrs for 2 servers.
SETUP CDS SERVER WORKSHOP
WHY DO NOT JUST USE VIRTUAL MACHINE AND DUPLICATE IT?
▸ Can not control everything. (hardware or else.)
▸ Everyone are not in one site.
▸ Different OS may not suitable for all.
▸ A different version on single app may cause fatal error.
▸ It’s not portable.
LET ME SHOW YOU, HOW TO GET US ?
SETUP CDS SERVER WORKSHOP 13
STRONG !!!
BO BO
RUN IT !
SETUP CDS SERVER WORKSHOP 14
I WANT TO BE A CDS.
I’m a clean install server.
I’m a iThesis setup server.
YES, YOU CAN.
FIRST, YOU NEED TO CALL “INIT-SERVER”.
curl -s http://install.ithesiscloud.com/script/init-server | sh
OK, CATCH IT !
Loading…
I GOT DOCKER ENGINE AND READY TO GET ANY CONTAINER.WHAT NEXT?
NOW, YOU NEED TO CALL “MAKE-BUNDLE”.
curl -s http://install.ithesiscloud.com/script/make-bundle | sh -s cds
OK, CATCH IT !
I’m a server with docker-engine.
CONFIG FILES
DOCKERFILE SCRIPT DEPLOY
SOURCECODE
ARGS.INI
Configuring args.ini and pre-config files…
STRONG !!! HERE I AM.
NOW, YOUR CDS IS READY !
SETUP CDS SERVER WORKSHOP
CHART SET-UP CDS SERVER
15
OK, LET DO IT TOGETHER.
SETUP CDS SERVER WORKSHOP
BO BO
SETUP CDS SERVER WORKSHOP
OPEN PUTTY, TERMINAL, CONSOLE
LinuxWindows
17
Mac
SETUP CDS SERVER WORKSHOP
CONNECT TO YOUR CDS-GW-INSPECTOR.
18
$> ssh cdsgw@<ip-address> [-i path/to/rsa-key]
SETUP CDS SERVER WORKSHOP
RUN SCRIPT INIT-SERVER WITH SUDO AND WAIT UNTIL IT FINISH.
19
$> sudo curl -s http://install.ithesiscloud.com/script/init-server | sh
SETUP CDS SERVER WORKSHOP
AFTER INIT-SERVER IS FINISH, SU YOURSELF WITH NEW ENV.
20
$> su - cdsgw
SETUP CDS SERVER WORKSHOP
HELLO-WORLD.
21
$> docker run hello-world
SETUP CDS SERVER WORKSHOP
LET WORK WITH “ TMUX ”
22
$> tmux
learn more about tmux: https://tmux.github.io/
SETUP CDS SERVER WORKSHOP
LET GET A CDS BUNDLE.
23
$> curl -s http://install.ithesiscloud.com/script/make-bundle | sh -s cds <secret-key>
06101603
SETUP CDS SERVER WORKSHOP
IT WILL DOWNLOAD A BUNDLE AS ZIP, AFTER THAT EXTRACT IT.
24
$> unzip {hashcode}.zip
SETUP CDS SERVER WORKSHOP
CHANGE DIRECTORY TO BUNDLE DIR.
25
$> cd {hashcode}
SETUP CDS SERVER WORKSHOP
LIST IT TO SEE WHAT WE GOT.
26
$> ls
SETUP CDS SERVER WORKSHOP
WE NEED PRE-CONFIGURATION. LET EDIT ARGS.INI
27
$> vim args.ini
SETUP CDS SERVER WORKSHOP
IF YOU DON’T LIKE VIM, USE SFTP APPLICATION WHAT EVER YOU WANT.
28
FileZilla WinSCP Cyberduck
SETUP CDS SERVER WORKSHOP
ARGS.INI
29
IMAGE_NAME CONTAINER_NAME PORT_HOST PORT_CONTAINER
BASE_VOL PATH_VOLx
SETUP CDS SERVER WORKSHOP
SAVE ARGS.INI, AND RUN IT.
30
$> sudo sh docker_init.sh
SETUP CDS SERVER WORKSHOP
WAIT FOR A WHILE.
31
SETUP CDS SERVER WORKSHOP
AFTER RUN FINISH, CHECK CONTAINER STATUS.
32
$> docker ps
SETUP CDS SERVER WORKSHOP
CHECK IT ON WEB BROWSER.
33
url: http://<your-hostname>:<port>/master-db/public/CDS
OOPS ! HELP ME DO POST-CONFIG.
LEARN MORE ABOUT POST-CONFIG.
SETUP CDS SERVER WORKSHOP
BO BO
SETUP CDS SERVER WORKSHOP
POST-CONFIGURATION CHART
cds-allow-ips.conf
status_CDS.conf
conf
app-cds
ldap / confighost_x.conf
… (add what ever you want.)master-db
35
app / controllers / config / sync
ETC.
faculty.ini
major.ini
degree.ini
advisor.ini
student.ini
department.ini
qualification.ini
officer.ini
* the other config files might not configure. (default configuration is ready to use)
db-connection.php
SETUP CDS SERVER WORKSHOP
APP-CDS / CONF
36
cds-allow-ips.conf
LIST OF IP-ADDR FOR TDCAPP
IP-ADDR FOR MASTERDB
SETUP CDS SERVER WORKSHOP
APP-CDS / CONF
37
status_CDS.conf
IP-ADDR OR HOSTNAME OF IR
DEFAULT: LDAP
YOU CAN ADD OTHER SERVICE DOWN HERE…
SETUP CDS SERVER WORKSHOP
APP-CDS / CONF
38
db-connection.php
…
CHOOSE DBMS.
CONFIG YOUR DATABASE PARAMS.
SETUP CDS SERVER WORKSHOP
APP-CDS / LDAP / CONFIG /
39
host_student.conf host_staff.confSERVER NAME
EX: 100.20.30.40 OR EXAMPLE.LDAP.COM
LDAP PORT
USERNAME
PASSWORD
BASE DN
IDENTITY ATTR.
REQUIRED ATTR.
ROLE: STUDENT OR STAFF
OU=STUDENT OR OU=STAFF
MAPPING ATTR.
SETUP CDS SERVER WORKSHOP
APP-CDS / LDAP / CONFIG /
40
extra: host_staff.conf
SUPER-ADMIN USER
KEY FORM ITHESIS
SETUP CDS SERVER WORKSHOP
APP-CDS / MASTER-DB/ APP / CONTROLLERS / CONFIG / SYNC
41
DBMS *.ini
DATABASE NAME
TABLE / VIEW NAME
PK OR UNIQUE ID
MAPPING FIELDS …
…VALIDATE FIELDS
OK, LET DO IT TOGETHER.
SETUP CDS SERVER WORKSHOP
BO BO
WORKSHOP IN PROGRESS…
THANK YOU.
iThesis Research & Development Team