dear thierry, not sure your approach preserves the distributed nature of fiware lab which is guaranteed by the federation concept. as you know at the moment a user can have different vms in different nodes (actually i do have) the approach you are proposing seems, may be i'm wrong, making this more complicated. i think this is a value we cannot loose as it is still a differentiator fiware has and not possesd by other platforms. so we have to find a solution which shares the idm, but also keeps the federation notion fully implemented. as juanjo was suggesting i agree a dedicate task, most likely to me in fi-ops, should be created. i even think that fi-ops should be a fiware chapter, i mean not the operations themesleves, but the implementation of the federation technologies. ciao, stefano ciao, stefano 2015-05-21 10:41 GMT+02:00 <thierry.nagellen at orange.com>: > Hi all, > > > > I would propose a solution to go a step further because using Geant it is > impossible to do any business. For sustainability matter and to avoid what > happened recently we should go for FIWARE Lab has a global portal hosting > links to access local platforms. In this case we should not need delegation > of IdM and just a local IdM to manage local accounts. > > > > To have a global view of what are resources consumed by FIWARE Lab is just > a matter of dashboard and does not need IdM features. > > > > In addition, with this system, a local platform could easily provide a > commercial offer, using the same local IdM, switching a trial user into a > commercial user. > > > > BR > > Thierry > > > > *De :* fiware-lab-recovery-tf-bounces at lists.fiware.org [mailto: > fiware-lab-recovery-tf-bounces at lists.fiware.org] *De la part de* Juanjo > Hierro > *Envoyé :* mercredi 20 mai 2015 17:17 > *À :* Federico Michele Facca; fiware-lab-rec. > *Objet :* Re: [Fiware-lab-recovery-tf] question from arian > > > > Hi Federico, > > I was aware about the issue, that's why I explained that my assumption > was that not all the issues had been solved with the new IdM version. > > In my opinion, this is one of the major points that should be tackled > within FI-Core. Indeed trying to get the solution ready for the > integration of new nodes in September (selected through the Open Call or > deciding to join FIWARE Lab on their own). > > Let's start the discussion during the coming weeks. Where do we want > it to be tackled? Within the FI-Ops the or the FIWARE Cloud chapter? > Probably a good approach would be to kick-off this in one of our monday > regular architects meeting we have just started and then follow up. Next > Monday it was planned to discuss about dockers and stuff like this. I > wonder whether we can collocate it there or call for a specif meeting. > Suggestions? > > Best regards, > > -- Juanjo > > On 20/05/15 15:36, Federico Michele Facca wrote: > > dear juanjo, > > my 2 cents on arian's question: > > > > The problem mentioned by arian is not solved, since idm/keystone is a > single central service not high available in multiple locations beyond > spain (such as the portal) - which does not reflect openstack usual > architecture deployment for multi-region openstack. The default > architecture for multi region keystone could not be applied since it > requires to host user data outside spain. > > > > CREATE-NET proposed a solution (which was having a single keystone per > node) using delegation to authenticate users using oauth2 from the "main" > keystone, the advantages of such solution would have been: > > a - nodes don't fail when central keystone is not available. > > b - nodes can support both local users and FIWARE Lab users making > "entering in the game" for without funding much cheaper > > > > the solution would require anyhow: > > - requires some changes in portal > > - requires some changes in blueprint engine > > > > thus basically - eventhough developed and partially tested - it was not > moved ahead. > > > > alternative solutions may be based on saml, but i have the feeling this > will get more complex for the portal and blueprints. > > > > best, > > federico > > > > > > -- > > -- > Future Internet is closer than you think! > http://www.fiware.org > > Official Mirantis partner for OpenStack Training > https://www.create-net.org/community/openstack-training > > -- > Dr. Federico M. Facca > > CREATE-NET > Via alla Cascata 56/D > 38123 Povo Trento (Italy) > > P +39 0461 312471 > M +39 334 6049758 > E federico.facca at create-net.org > T @chicco785 > W www.create-net.org > > > > -- > > > > ______________________________________________________ > > > > Coordinator and Chief Architect, FIWARE platform > > CTO Industrial IoT, Telefónica > > > > email: juanjose.hierro at telefonica.com > > twitter: @JuanjoHierro > > > > You can follow FIWARE at: > > website: http://www.fiware.org > > twitter: @FIWARE > > facebook: http://www.facebook.com/pages/FI-WARE/251366491587242 > > linkedIn: http://www.linkedin.com/groups/FIWARE-4239932 > > > ------------------------------ > > > Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, > puede contener información privilegiada o confidencial y es para uso > exclusivo de la persona o entidad de destino. Si no es usted. el > destinatario indicado, queda notificado de que la lectura, utilización, > divulgación y/o copia sin autorización puede estar prohibida en virtud de > la legislación vigente. Si ha recibido este mensaje por error, le rogamos > que nos lo comunique inmediatamente por esta misma vía y proceda a su > destrucción. > > The information contained in this transmission is privileged and > confidential information intended only for the use of the individual or > entity named above. If the reader of this message is not the intended > recipient, you are hereby notified that any dissemination, distribution or > copying of this communication is strictly prohibited. If you have received > this transmission in error, do not read it. Please immediately reply to the > sender that you have received this communication in error and then delete > it. > > Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, > pode conter informação privilegiada ou confidencial e é para uso exclusivo > da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário > indicado, fica notificado de que a leitura, utilização, divulgação e/ou > cópia sem autorização pode estar proibida em virtude da legislação vigente. > Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique > imediatamente por esta mesma via e proceda a sua destruição > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. > > > _______________________________________________ > Fiware-lab-recovery-tf mailing list > Fiware-lab-recovery-tf at lists.fiware.org > https://lists.fiware.org/listinfo/fiware-lab-recovery-tf > > -- Stefano De Panfilis Chief Innovation Officer Engineering Ingegneria Informatica S.p.A. via Riccardo Morandi 32 00148 Roma Italy tel (direct): +39-06-8759-4253 tel (secr.): +39-068307-4513 fax: +39-068307-4200 cell: +39-335-7542-567 skype: depa01 twitter: @depa01 -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.fiware.org/private/fiware-lab-recovery-tf/attachments/20150521/d3a74a48/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy