Skip to content
This repository has been archived by the owner on Jun 22, 2022. It is now read-only.
/ testbed-gx-iam Public archive
forked from SovereignCloudStack/testbed-gx-iam

GAIA-X SCS Identity and Access Management (IAM) testbed

License

Apache-2.0 license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

plusserver/testbed-gx-iam

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

67 Commits
.github
.github
 
 
environments
environments
 
 
inventory
inventory
 
 
terraform
terraform
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.rst
README.rst
 
 

Repository files navigation

GAIA-X SCS Identity and Access Management (IAM) testbed

This testbed provides a minimized GAIA-X Sovereign Cloud Stack (SCS) environment. By default MariaDB, Keystone, Keyloak and Horizon are deployed.

It focuses on working with Keystone and Keycloak in the context of the GAIA-X MVP WP.

The testbed is based on the testbed of the OSISM project. Documentation is available at https://docs.osism.de/testbed/.

Usage

  • Create clouds.yaml and secure.yaml in the terraform directory

  • Execute make ENVIRONMENT=betacloud deploy within the terraform directory (betacloud is replaced with the CSP to be used)

  • The progress of the deployment can be checked with make ENVIRONMENT=betacloud log

  • After completion of the deployment a login via make ENVIRONMENT=betacloud login is possible

  • For access to the web interfaces and API endpoints a tunnel can be created with make ENVIRONMENT=betacloud tunnel (https://github.com/sshuttle/sshuttle must be installed)

  • Add 192.168.16.9 testbed-gx-iam.osism.test to your local /etc/hosts file

  • It is possible to customize testbed-gx-iam.osism.test, for this purpose add PARAMS="-var endpoint=somehost.example.com"

  • It is possible to import an existing floating IP adress

    $ make ENVIRONMENT=betacloud attach PARAMS=4b041998-7c8d-4058-af01-f164e89c10bc
openstack_networking_floatingip_v2.manager_floating_ip: Importing from ID "4b041998-7c8d-4058-af01-f164e89c10bc"...
openstack_networking_floatingip_v2.manager_floating_ip: Import prepared!
  Prepared openstack_networking_floatingip_v2 for import
openstack_networking_floatingip_v2.manager_floating_ip: Refreshing state... [id=4b041998-7c8d-4058-af01-f164e89c10bc]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

    • After the import the address is managed by Terraform, if it should not be deleted by a make clean, the address must be removed from the Terraform state first

      $ make ENVIRONMENT=betacloud detach
Removed openstack_networking_floatingip_v2.manager_floating_ip
Successfully removed 1 resource instance(s).

Webinterfaces & API endpoints

The web interfaces and API endpoints can be accessed externally via the assigned floating IP address of the instance (run make ENVIRONMENT=betacloud endpoints).

Notes

Keystone mapping combinations

https://docs.openstack.org/keystone/latest/admin/federation/mapping_combinations.html

The mappings can be found in the file /opt/configuration/environments/openstack/files/keycloak_rules.json.

To update the mapping on the Keystone, execute the following command.

$ openstack --os-cloud admin mapping set \
    --rules /configuration/files/keycloak_rules.json \
    keycloak_mapping

About

GAIA-X SCS Identity and Access Management (IAM) testbed

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • HCL 54.8%
  • Shell 15.9%
  • Makefile 14.4%
  • HTML 10.9%
  • Python 4.0%