You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 28 Next »

 

     

TIER: Production Candidate

December 19, 2016
(Continuous Release Pipeline)

Synopsis of Trust and Identity in Education and Research (TIER) Package Delivery

The ultimate goal of TIER is the integration of community-developed open-source trust and identity software components into a manageable and complete identity and access management suite, supported by common campus practices.

Standard TIER Component Distributions

These are the standard production distributions for the three TIER components. These are recommended for production environments.

April 2016 TIER Release Report

If you wish, you can review the comprehensive report on the April 2016 TIER release.

Who's Trying TIER?

Several campuses are TIER tire kickers; downloading and testing the container-based versions of the software. If you'd like contact information for the appropriate folks at these institutions, or if you want to add your organization to the tire-kicking list, email emily@internet2.edu

  • Duke University

  • Indiana University

  • The Ohio State University

  • University of Pennsylvania

  • University of Virginia

  • University of Wisconsin-Madison

Virtual Machine Images

These are virtual machine images preloaded with the appropriate set of Docker containers. These are made available for testing and for your feedback to the TIER component architects. The VMs are intended for campuses that do not currently operate container-based applications. Production deployment of these virtual machines is not recommended at this time.  

The TIER team appreciates everyone who downloads and "kicks the TIER tires." Please provide your feedback using the links here.

Virtual Machine Images and Documentation


COmanage Registry

Grouper

Shibboleth IdP VM

If you intend to download these VMs, a few suggestions:

  • If you are not familiar with VirtualBox, you can read the documentation and download the software from the Oracle's web site.
  • Once VirtualBox is installed and running, you import the .ova distribution using the File / Import Appliance function.
  • The default network connection for some of the Virtual Machines is NAT. This works well for the case logging into and examing the VM and containers. To connect to services hosted by the VM, you'll likely want to switch the network to bridged mode. This will give the VM an IP address from your network's DHCP server and provide you with the ability to access services from a browser.
  • Please review the Release Notes for installation instructions and additional information on VirtualBox setup.
  • Remember to change the login password before you place the VMs on a public network.

Campus Practices Included in TIER

Structures of the Container-Based Files

The structures generally follow the pattern shown on the image to the left.

Each container has its own start-up configuration requirements but the team’s goals have been to provide as consistent an experience as possible. Because of the zero-cost and highly versatile deployment choices available in Oracle’s Virtualization Software (VirtualBox), we chose to describe installation and configuration in those terms. For more information about VirtualBox, please refer to the information on Oracle’s website: https://www.virtualbox.org/wiki/Downloads

Packaging is delivered in the Open Virtualization Format (OVF) and the container is called an Open Virtual Appliance (sometimes also called Open Virtual Application, but we prefer the use of “Appliance”) (OVA).

The OVF format standard was formed by the Distributed Management Task Force, or DMTF, which is an industry working group comprised of over 160 member companies and organizations. The DMTF board is comprised of 15 technology companies and includes Dell, EMC, VMware, Oracle, and Microsoft. As announced at VMworld 2010, DMTF’s OVF standard was adopted as a National Standard by ANSI.

An OVF package structure consists of a number of files: a descriptor file, optional manifest and certificate files, optional disk images, and optional resource files (such as ISOs). The optional disk image files can be VMware vmdk’s, or any other supported disk image file. More information about the OVF format standard can be found at DMTF.Org’s web site (http://www.dmtf.org/standards/ovf).

Formative Work

In order to package and deliver the software in the TIER Production Candiate, considerable work had to be coordinated across myriad constituencies and disciplines. To meet the primary objective of Durable Standards and Practices identified by the community, campus practitioners and Internet2 staff produced the comprehensive set of work packages and convened the necessary conversations to ensure that needs of the primary recipients (campus adopters) would be met.

To properly align the efforts, resources such as assigned university staff, contractors and consultants had to be properly engaged. Levels of engagement range from one-third time to full-time equivalents.  Additional partner relationships and resources will be retained as funding and a persistent scope of work evolves throughout the course of the program.

TIER relies heavily on several working groups to get the specification work done, involving more than 100 active, contributing participants from the community. These teams work to ensure complete and comprehensive software development, documentation, partner engagement, and campus engagement. Internet2 has also hired software developers, a project manager, and a vice president for trust and identity thanks to the funds provided by the 49 TIER investor institutions.

 

  • No labels