Open Infrastructure: Integrating OpenStack and Kubernetes

Slides:

Advertisements

Similar presentations

Introduction to Office 365

Advertisements

Azure AD & Office Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

Introduction to Office 365

Moodle Integration with Microsoft Seree Chinodom Kittisak Onuean BURAPHA UNIVERSITY Powerful Tool for MoodlePowerful Tool for Moodle.

Alfresco – An Open Source Content Management System - Bindu Nayar, Bhavana Mohanraj.

External Identity and Authorization in GENI. Topics Federated identity and virtual organizations ABAC Creating and transporting attributes.

Microsoft Virtual Academy.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

Installation and Development Tools National Center for Supercomputing Applications University of Illinois at Urbana-Champaign The SEASR project and its.

Office 365 Directory Synchronization Update: Deploying Password Sync.

WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.

Cloud federation Are we there yet? Marek Denis CERN openlab Major Review Geneva, Switzerland › October

SharePoint in the Education Space Presented by: Daniel Petersen Director of Business Solutions Applied Tech.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Report and plans Attribute.

Using Heat to Deploy and Manage Applications in OpenStack Trevor Roberts Jr, VMware, Inc. CNA1763 #CNA1763.

Federating PL-Grid Computational Resources with the Atmosphere Cloud Platform Piotr Nowakowski, Marek Kasztelnik, Tomasz Bartyński, Tomasz Gubała, Daniel.

EUDAT receives funding from the European Union's Horizon 2020 programme - DG CONNECT e-Infrastructures. Contract No B 2 DROP User.

User and Device Management

Windows 8 Application Microsoft Word with an app for Office Internal O365 SharePoint Site Windows Azure Web Sites Windows Azure Workflow Service.

SME in the Cloud Awingu Edition Partner presentation Rolan Linsen Combined Solutions Design | Solutions IT

Authentication and Authorisation for Research and Collaboration Peter Solagna, Davide Vaghetti, et al. Topics for PY2 activities.

What is Cloud Computing 1. Cloud computing is a service that helps you to perform the tasks over the Internet. The users can access resources as they.

Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD

ABOUT COMPANY Janbask is one among the fastest growing IT Services and consulting company. We provide various solutions for strategy, consulting and implement.

Project Cumulus Overview March 15, End Goal Unified Public & Private PaaS for GlassFish/Java EE Simplify deployment of Java EE Apps on top of.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Data Management Interface: CDMI for CMF Ilja Livenson PDC KTH.

PaaS services for Computing and Storage

4/24/ :07 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Open OnDemand: Open Source General Purpose HPC Portal

Campus IdP Status and plans GARR Mario Reale

The PaaS Layer in the INDIGO-DataCloud

Enterprise Hybrid Cloud

Supporting Services for Campus Identity Providers Plans

Revamping IdP in the Cloud pilot activities

Data Virtualization Demoette… Salesforce.com Data Source

In-Memory Performance

IT Connects: Lync and Box Staff Association Council

My Settings allows a user to manage their Business Banking personal information and preferences, including: Contact information Username and Password Security.

Cloud Connect Seamlessly

Managing Development Projects Across Oracle Cloud Services: A Guide

Securing Cloud-Native Applications Jason Schmitt CEO

First-time Login to Business Banking:

Confidential – Oracle Internal/Restricted/Highly Restricted

Intro to Docker Containers and Orchestration in the Cloud

Alan Chalker and Eric Franz Ohio Supercomputer Center

ENTER THE TITLE OF YOUR OPENSTACK

Getting Started.

SharePoint Online Hybrid – Configure Outbound Search

Getting Started.

From Source to Production: The Latest in Container Dev

Microsoftofficesupport.org  Technical expert studying and writing helpful articles on antivirus and other security products.

Vonk FHIR Engine Christiaan Knaap 27 September 2018.

SharePoint Online Authentication Patterns

OpenShift vs. Vanilla k8s on OpenStack IaaS

SharePoint 2019 Overview and Use SPFx Extensions

ASP.NET Core 2.0 Identity and Azure Active Directory

Fundamental Concepts and Models

IBM Empowering businesses to transform with blockchain

OpenStack Summit Berlin – November 14, 2018

Salesforce.com Salesforce.com is the world leader in on-demand customer relationship management (CRM) services Manages sales, marketing, customer service,

Introduction to Portal for ArcGIS

Microsoft 365 Business Technical Fundamentals Series

ONAP and ONAP Edge Orchestration Cloud Native Proposal

Ready Pre-day Azure Monitoring Workshop

Authentication and Authorisation for Research and Collaboration

Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.

ADMINISTRATION A guide to setup and manage your innovation platform…

LifeWatch AARC Pilot Fernando Aguilar 13th FIM4R Workshop

What Can It Do For You? Spira | #InflectraCon

Presentation transcript:

Open Infrastructure: Integrating OpenStack and Kubernetes Giuseppe Attardi Department CSD, GARR TNC19 Tallinn 18/6/2019

GARR Federated Cloud OpenStack IaaS Deployment as a Service (Juju) WorkPlace OnlyOffice Collaboration Suite Document editing, project management Kubernetes Bare metal cluster (MaaS) Package deployment (Helm) Now the challenge is: let the one thousand GARR Cloud users, and the future ones, access both Cloud and Container platform using the same personal account. As an additional complication, we enabled Federated authentication on GARR Cloud: users authenticate with their institutional Identity providers (members of IDEM/EduGain) or OIDC. We deprecate basic authentication via keystone username and password, which would have made things easier. Nevertheless, we kept on with the idea to use Keystone as the external identity provider for Kubernetes, leveraging the mechanism of Webhook authentication. What we present here is a joint work between GARR and SWITCH within GEANT project GN4-2, carried on mainly by Roberto di Lallo at GARR and Saverio Proto at Switch. Roberto unfortunately left GARR so Saverio will give some more details.

Deployment as a Service (Juju) Select app from catalog Deploy on private cloud Scale Deploy on public cloud

Helm Package deployment for Kubernetes Helm chart is a collection of YAML template files Single command deployment > helm install --set replicas=3 app

WebHook token authenticator Kubernetes Authentication via Keystone New GN4-2 contribution Allows OpenStack users to access Kubernetes Innovative solution based on Keystone Application Credentials Code contributed to OpenStack Extension to OpenStack dashboard 1. kubectl config 10. user, group 8. Token 4. Token 7. Token 5. Token 6. Token 9. user, group 3. Application Credential 2. kubectl exec args kubectl credential plugin client-go WebHook token authenticator New OpenStack feature

Full Instructions See article on Superuser magazine: https://superuser.openstack.org/articles/strengthening-open-infrastructure- integrating-openstack-and-kubernetes/

Getting Credentials from OpenStack Dashboard The user then goes to the dashboard, signs in, and creates an Application Credential. You can see here the patches we applied on the dashboard: a box with the user namespace, generated from the username, and the button to download the kubeconfig.

Let's share solutions. Thank you.