Grouper
Child pages
  • Grouper Call 10-Feb-2016
Skip to end of metadata
Go to start of metadata

  


Wiki Home

Download Grouper

Grouper Guides

Community Contributions

Developer Resources

Deployment Guide

Notes: Grouper Call of  Wed. 10-Feb-2016 

  

Grouper Call, Wed. Feb  10, 2016


Attending:

Chris Hyzer, Penn, (Chair)

Shilen Patel, Duke

Jim Fox, University of Washington

Bert Bee-Lindgren, Georgia Tech

Tom Barton, U. Chicago

Emily Eisbruch, Internet2

 

New Action Items

 

[AI] (Chris) capture the TIER packaging direction in a Grouper wiki page, including environment variable strategy

 

[AI] (Shilen) email Chris re the Oracle situation regarding hibernate work (and empty-string values instead of nulls)

 

[AI] (Bert) respond to U. Toronto PSP email

 


 Action Items  from Jan 27, 2016


 

[AI] (All) think about TIER Packaging survey  results and items that we could fix with  relatively  low effort (see discussion below)

 

[AI] (Shilen) remind Chris on hibernate info and HSQL DONE, and it worked, see details below

[AI] (Chris) make hibernate work w HQL (DONE)

[AI] (Shilen) create wiki page on the hibernate work (mysql problem)

 

[AI] (Shilen) create  log with warning for GSH (based on input from packaging survey)

 

[AI] (Chris) make patching and upgrading work on a source directory (based on input from packaging survey)

 

[AI] (Bert) email DaveL to clarify the conflict handling issue in Post PSP Provisioning wiki (DONE, see notes below for more)

 

[AI] (Chris) get rules into new UI, for inheriting privileges

[AI] ( Misagh) look on Grouper wiki for Java doc links and change them to grouper.io

[AI] (Shilen) create a wiki documenting the Loader work



DISCUSSION 


Post PSP Provisioning Conflict Handling (Bert)


Possibilities when Grouper is out of sync with a provisioning target:

  • A) override the target & force things into sync
  • B) report an error and leave the extra/missing things alone [Really, don’t provision missing?]
  • C) add missing, but don't remove extra
  • D) don't add missing, but remove extra [Really?]
  • E) something customizable & pluggable (maybe copy the extra into Grouper to put grouper in sync with the target to try to meet the multi-master use-case)

 

Followup question: If we’re not removing Extra memberships, how can a full sync remove the memberships that were added from provisioning?


 

Decision: Just make the destination correct in the first release (remove extra, add missing). See what people’s requirements might be after that first release.

 

HSQL work

Update from Shilen

  • Shilen updated the code in master and tested in all the databases

  • HSQL is still a bit slow

  • MSQL previously did not reply but the problem has been solved

  • Oracle had some other issues

  • Oracle treats empty strings and nulls as same thing



Discussion  of Actions that could emerge based on TIER Packaging Survey

 

Bert: deployment procedure -- Would a production all-on-one-system look the same as the Install result?


  1. Duplication of config files and jar files. Could the components be configured to point to single copies of them? Perhaps use config overlays to point to config files

  2. Tarballs left in the resulting directory (Could they be put into a subdirectory (dist/?)?)

  3. Could multiple log directories be symlinked together (logs/api/, logs/ui/, logs/tc/)?

 

Chris: the installer could be cleaner

with web apps you need copies of JARS

but don’t need duplicated config files

Penn runs things on different servers

need recipe to run things on one server cleanly

TIER Packaging WG wants to work w Docker

But how many Docker images? To be decided

but want to minimize duplications of config files

 

Tom: suggests  common config repo

U. Chicago has such a set up

One location for config files

 

Chris: Penn has something similar

one change to ant script generates all the war files

 

there should be a single answer to this problem

this was part of the TIER Packaging survey

 

right now need one sources xml for each environment

 

need config overrides to simplify this

 

[AI] (Chris) capture the TIER packaging direction in a Grouper wiki page, including environment variable strategy

 

Bert suggests (limited (not everything)) environment variables

Chris agrees

 

Chris would like to make improvements based on TIER packaging survey and have continuous feedback loop -- future surveys


Current work tasks

·         
Chris: GSH export/import, Messaging changelog consumer

·         
Shilen: Loader, Hibernate?  Other? - see notes above

·         
Bert: PSP-NG

·     

  • building changelog receivers,

  • keeping consistent provisioner class in memory

  • hopes to do test group provisioning in next few weeks

  • ask for others to test in early March, to prepare for April release

  • Chris: how is caching done?

  • Bert: changelog listener has statics for each of the provisioners

  • Grouper Loader says what provisioning to do

  • Changelog receiver get the info and passes them on to the provisioner

  • Provisioner will be a daemon listening to the message queue

  • configured in properties of Grouper Loader, could be moved

  • Chris: best to have cache settings in one place eventually

  • Chris: Use quartz to manage provisioner lifecycle and incremental/full processes

    • (esp for failover and scale)

  • Need to start community testing late Feb or VERY early March


Misagh: Building and packaging

·         
Vivek: WS

TIER update

·         Plan for April release

·         APIs and COmange integration

  Basic SCIM provisioner

·         APIs and subject source

  focus is on a small set of APIs for the TIER April release

  group membership, subject-searching

·         Federated Jira

           hope to migrate Grouper JIRA to the Federated JIRA instance, might cause some temporary disruption. Might need to update pointers

·         Code freeze in 4-6 weeks?

on Feb 24 Grouper call we need detailed plan/schedule for testing

Issue roundup

 

[AI] (Bert) respond to U. Toronto PSP email

 

Bert - no such identifier pair, unable to calculate the difference , is that a subject searching problem? Bert will track this down.  Chris: does not sound like a subject source issue. Could it be trying to find the group in LDAP, but can’t find it?



·         Accessibility of UI

·         SQL queries for hibernate?

·         Grouper daemon note (no criticism)

·         Diagnostics and various daemon jobs (Chris made a patch for this)

·         Opt out group not displayed in my membership (Chris made a patch for this)

·         Subject.jar gives error on startup (Chris made patch for this)

·         Monitoring Grouper - use status page

·         Error running rules on a stem (Chris made a patch)

·         Question about attributes on a group - Chris followed up to get more info

·         UI timeout problems - tell Chris if you have thoughts on this



Next Grouper Call: Wed. Feb. 24 at noon ET

 

 

  • No labels