| Petr Michalec | 324f74a | 2017-10-10 10:04:33 +0200 | [diff] [blame] | 1 | |
| 2 | |
| 3 | == AAA / Identity virtual lab |
| 4 | |
| 5 | The purpose of the this lab is to develop full featured AAA / Identity product |
| 6 | that would ship side-by-side our MCP OpenStack / Kubernetes solution. |
| 7 | |
| 8 | We develop this independently to other our products. Expected use-cases for the |
| 9 | final product: |
| 10 | |
| 11 | * integrate with MCP OpenSatack/K8s |
| 12 | * sell/deploy independently as mature AAA/Identity solution |
| 13 | |
| 14 | === Workproducts |
| 15 | |
| 16 | This lab, once implemented is expected to provide: |
| 17 | |
| 18 | * reclass-system (shared model) usable production defaults for apps. |
| 19 | * core/base formulas to support identity features on Ubuntu/RHEL |
| 20 | * updates in exsisting formulas/apps to support SSO, SSSD, SAML etc. |
| 21 | * documentation to enable features for current deployments |
| 22 | * test procedures for QA |
| 23 | |
| 24 | |
| 25 | == Infrastructure |
| 26 | |
| 27 | Virtual lab: |
| 28 | 1x cfg, SaltMaster (Ubuntu) |
| 29 | 3x idm, FreeIPA (Centos) |
| 30 | 2x prx, Nginx, Apps (Ubuntu) |
| 31 | |
| 32 | For production we should assume these types of delivery: |
| 33 | |
| 34 | 1. physical/virtual deployment (current focus) |
| 35 | 2. kubernetes helm charts |
| 36 | |
| 37 | == Components |
| 38 | |
| 39 | TBD |
| 40 | |
| 41 | == Architecture |
| 42 | |
| 43 | TBD |
| 44 | |
| 45 | == Resources |
| 46 | |
| 47 | TBD |
| 48 | |
| 49 | |