CACTI Call August 4, 2020
Attending
Members
- Tom Jordan, University of Wisc - Madison (chair)
- Jill Gemmill, Clemson (vice chair)
- Margaret Cullen, Painless Security
- Matthew Economou, InCommon TAC Representative to CACTI
- Michael Grady, Unicon
- Christos Kanellopoulos, GEANT
- Les LaCroix, Carleton College
- Chris Phillips, CANARIE
- Bill Thompson, Lafayette College
Internet2
- Kevin Morooney
- Ann West
- Steve Zoppi
- Nic Roy
- Jessica Fink
- Emily Eisbruch
- Mike Zawacki
Regrets
- Marina Adomeit, SUNET
- Rob Carter, Duke
- Nathan Dors, U Washington
- Karen Herrington, Virginia Tech
Intellectual Property reminder https://www.internet2.edu/policies/intellectual-property-framework/
Action Items:
- AI Tom J will share these Aug. 4, 2020 meeting notes related to the packaging survey with the Software Integration Working Group and will chat with them.
- AI ChrisP share recommendations he plans to send out to his community around containers.
- AI Jessica - help coordinate a quarterly update from CACTI to community on best practices, trends and directions (coordinate with other InCommon governance groups)
Discussion
Of Interest in the Community
- Some organizations are registering collaborative research portals in InCommon
- EDUCAUSE Security Conference 2021 Planning Committee met - Jill
- Heather Flanagan did a Twitter livestream, including Mary McKee of Duke
- focus on differences between healthcare identity management and academic identity management.
- See Heather’s twitter feed https://twitter.com/sphcow
- IDPro: Chris P noted that Heather’s advocacy and the work we are doing with IDPro is making a difference, having the R&E voice in IDPro is important
- Azure - ChrisP doing a deep dive on how to get IDP as a proxy, how do you get eduperson in Azure
Talk to ChrisP if you are interested - WebID efforts
- regular calls are spinning up on WebID
- people involved include Heather Flanagan, Leif Johansson of SUNET, Sam Gotto of Google, Jeff Hodges, George Fletcher of Verizon Media, Nic Roy
- It is helpful to get Browser people directly involved in the discussion
- ChrisP: there is some re-creation of existing material
- Looking at older patterns, discussion of 3rd party trust tokens to be implemented in Chrome
- “Must build it it our own backyard” approach
- Leif and Heather posted on Github issue tracker https://github.com/WICG/WebID/issues/25
- Related to SameSite Cookie issue
- Nic will keep CACTI updated on this effort
- Recruiting & Developing IAM Resources Working Group - Jessica is working on launching this CACTI-chartered Working Group
Virtual BaseCAMP, July 20-24, 2020, report-out
- https://meetings.internet2.edu/2020-basecamp/
- 65 community members attended
- Also opened it up to interested Internet2 staff
- 4 hour chunks over 5 days
- TomJ: It was an interesting and engaging virtual conference
- Hit the level and content right
- Happy to see feedback that attendees got Internet2 and community vibe even in the virtual setting
- Successful engagement
- AnnW: from the evaluations, positive feedback
- 100% of attendees said they’d recommend BaseCAMP to others
- Nice walkthrough of material at the right level
- Split for 101 and 102 levels worked well
- Breakout sessions at end of the day worked well
- Engagement done during the sessions
- At last session, the ACAMP-style thank you, folks could thank each other verbally or in Zoom chat, there was an outpouring of appreciation
- Community is still interested in this kind of info that’s presented at baseCAMP. Identity Management is of great interest
- People want to know how the components fit it
- Some attendees were there to learn, not ready to adopt
- There was one advanced federation session, went into nuances of supporting research, got some pushback, may have been a bit advanced
- Did not see dropoff during sessions
- Zoom breakout rooms worked well
- There was good NIH representation at baseCAMP
- NIST participated
- Canvas was used for the delivery
- Lots of staff work up front, kudos to Dean and Jessica and the team
- It will be less work if this is done again
- Some “tiny” items make a big difference to attendees
- More coordination up front went into curriculum versus an in person conference
- Presenters knew how their session related to other sessions
- What sorts of standing resources should we make available to organizations in onboarding?
- We can potentially make some curriculum available
- Connecting people to community is key
- Ann: After the pandemic, how should we leverage online conferences, or streaming programs
- Advantage is potentially providing content delivery to more people
- Getting people together Face to Face when possible is still crucial
- It is possible to engage another organization, contract out, to help with curriculum development
- The CACTI-chartered Recruiting & Developing IAM Resources Working Group that is now spinning up may have input
Packaging - CACTI / Component architects discussion on community requirements for packaging (Tom)
- Background: CACTI notes of June 23, 2020: https://spaces.at.internet2.edu/x/gxUOCg
- Packaging Surveys from 2016 and 2018: https://spaces.at.internet2.edu/x/CwuVBQ
- Bill: proposed survey looks good, comment on AWS, call out the particular service
- Self hosted versus using Amazon AWS
- ChrisP: oblique ask on how to do sustainable configuration
- Survey targeted to how do you deliver
- Assess maturity of market space
- Not much on config management, on how not to mess up on the next Docker update
- People need to learn more on the techniques: Version control, change management, etc.
- Term “DevOps” does not appear in the survey
- Reflect on the Jim Jokl packaging survey from a few years back?
- Matthew: need to ask about those using a manual process to build the containers
- People/orgs using older Shib versions
- Capture info on those at a more beginning level
- ITAP requires some advanced level of infrastructure that some lack
- Need to ask about the “We Don’t Do This Yet, need additional guidance” people/organizations
- SteveZ:
- six years ago there were discussions in which some community members said “we can’t be ready, “ for containers
- But in most cases the community shifted to the container approach successfully
- InCommon changed advocacy for how people onboard
- Tried to match learning curve in the community
- Providing education and training
- BillT: Lafayette is farther along in the Docker journey, the Shib Docker container is not hard to deploy
- Grouper project sketches out adoption maturity levels
- Install the Grouper v2.5 container maturity level -1 quick start
- Install the Grouper v2.5 container with maturity level 0 manually
- Install the Grouper v2.5 container with maturity level 0 using installer
- Install the Grouper v2.5 container with maturity level 1 manually
- BillT: in the survey is too much “niche” technology mentioned?
- Background for this packaging survey is that CACTI decided to do this after a discussion on how to operate in different environments.
- Try to focus the community via cookbooks etc.
- ChrisP: survey is for predicting where I want to be and see how well I hit the target
- And to see the wisdom of the masses
- But we may not see any one approach
- We may need to express a preference
- ChrisP: in same boat as Matt regarding deployment level. Trying to get partners to update their Shib, some doing patches to VMs
- Automation and delivery cycle around Docker should be included in survey
- CACTI / InCommon should express opinions for optimal approach
- SteveZ:
- things optimize to what is being sought
- We can lead the witness in the survey process to get people on the right track
- Some hypotheses are being tested through the survey and this will help the working groups
- Christos: Matthew suggests to open up to other possibilities. In same camp with Matthew and Chris.. Some of the survey questions are asking about advanced options that don’t apply
- SteveZ:
- We did a packaging survey twice in last 6 years.
- Some orgs don’t want to share info on their infrastructure.
- Had hoped for BEACON quality feedback, but some orgs feared privacy invasion.
- NEXT STEPS
- Take this feedback to Software Integration Working Group.
- To be sure the survey is meeting their needs but also make it more inclusive / expansive.
- Need a broader context / goal
- Need to try to capture where the community is, what they are running.
- Ask the Software Integration Working Group to propose a more inclusive survey.
- AI Tom J will share these Aug 4, 2020 meeting notes related to the packaging survey with the Software Integration Working Group and will chat with them.
- AI ChrisP share recommendations he plans to send out to his community around containers.
- ChrisP: there is an underwater item on all these — secret management (be it certs, saml private keys, passwords to dbs etc)
To Be discussed next CACTI call, TomJ will start discussion on the CACTI mailing list
- Quarterly Update to Community - Are there new technologies / issues to which we should be calling the community's interest? (All)
- Solidifying our position with regard to a centralized "Higher Ed Registry" and next steps (Tom)
Parking Lot
- (From June 9, 2020 call) TomJ - Add as an agenda item for a future CACTI call: Operationalizing containers
Next Meeting: Tuesday, August 18th, 2020