Versions Compared

Old Version 22

changes.mady.by.user Bill Kaufman

Saved on

compared with

New Version 23

changes.mady.by.user Jim Jokl (virginia.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Background & Requirements
    1. The migration of a Grouper installation to new platform typically requires:
      1. Full database backup and restore.
      2. Filesystem configuration files backup and restore
        1. Hopefully sites have some form of configuration management in place.  How to leverage this in a TIER context is a question.
    2. High vs. Standard Availability
      1. While we believe that the majority of schools operate Grouper without High Availability, some schools do operate the web services components of Grouper in HA mode.
      2. The production TIER-version will account for high availability.
    3. Expandability
      1. Users will need the ability to install additional modules
      2. Provisioning and Integration
    4. Consider the use of supervisord for multi-process containers.  We are using this in the COmanage TIER implementation and the COmanage team has used it in other projects.
    5. Scripting will exist, when practical, to guide users through the startup process.  Documentation can cover scripting gaps, especially in early versions.  The scripting is focused on Grouper and not building the Docker Swarm environment. 

  2. TIER Production Distribution Components
    The Grouper components listed below will be included in the TIER distribution at the indicated availability levels.
    1. Grouper Database (HA)
      1. The database may be supplied by the campus.
      2. A TIER MARIADB implementation will be available.
      3. Configuration options to either use the TIER-provided database or (perhaps manually) configure a campus database will exist.
    2. Grouper Web Services (HA)
    3. Grouper user interface (HA)
    4. Grouper message bus to AMQP (soon) HA
      1. TIER will select a product, likely RabbitMQhas selected RabbitMQ for the reference build.
      2. We need to nail down the reference AMQP implementation once implementation starts.
    5. Grouper PSPNG (HA) for LDAP provisioning
    6. Shibboleth SP for authentication to Grouper UI (HA)

  3. Configuration Defaults and Options
    1. Web Services Authentication
      1. Apache basic
      2. LDAP
      3. future: certificate


  4. Implementation
    This section contains the preferred implementation structure for the application.
    1. Containers
      1. Grouper UI Container
        1. Grouper UI
        2. Apache
        3. Shibboleth SP
          1. Preconfigured for InCommon; simple scripting
      2. Grouper Web Services Container
        See also 3.a above
        1. Grouper Web Services
        2. Apache
        3. Shibboleth SP
      3. Database
        1. TIER-provided MARIADB
        2. Ability via documentation or scripting to use campus-provided database.
      4. Grouper Loader
        1. Grouper Loader
        2. Just needs Java
        3. Include jars for: PSPNG, AWS, RabbitMQ, ActivMQ
      5. Load Balancing
        1. Docker swarm native vs. haproxy
        2. Sticky sessions are needed for the Grouper UI
    2. Misc
      1. All containers need to run ntp
      2. Externally exposed ports
        1. Goal: 443 for UI only
        2. Can use second port for web services
        3. May be some other ports in the future
      3. Logging
        1. Goal: send logs to Docker stdout
          1. Swarm log aggregationPrefix log entries from each component for ease of parsing
          2. Logs will be formatted as per the TIER container logging definition.
        2. Short term: potentially logging to files in containers.
    3. Default Configuration
      1. Goal is to include default settings based on the Grouper Deployment Guide.