Downloaded 14 times
Uploaded byKatarína Valaliková
Infrastructure Provisioning in the context of organization
The document discusses infrastructure provisioning focusing on automation, user management, and integration of OpenStack with identity management solutions like midpoint. It highlights the importance of reusing existing information and provides a global view of organizational resources, emphasizing flexibility, adaptability, and reliability. A demo showcasing user and project management through OpenStack and LDAP is mentioned, along with its benefits for company operations.
More Related Content
![Jakarta EE Meets NoSQL in the Cloud Age [DEV6109]](https://cdn.slidesharecdn.com/ss_thumbnails/jakarta-nosql-cloud-181025142320-thumbnail.jpg?width=640&height=640&fit=bounds)
![Eclipse JNoSQL: One API to Many NoSQL Databases - BYOL [HOL5998]](https://cdn.slidesharecdn.com/ss_thumbnails/jnosqlhol2018-181025141725-thumbnail.jpg?width=640&height=640&fit=bounds)
Similar to Infrastructure Provisioning in the context of organization
Infrastructure Provisioning in the context of organization
- 1. Katarina Valalikova Infrastructure Provisioning inthe context of organization k.valalikova@evolveum.com @KValalikova
- 2. Agenda ● Cloud, infrastructure,provisioning, OpenStack ● Identity management ● Infrastructure management ● Infrastructure and Identity Management
- 3.
- 4. ● Virtual machines ●Bare metal ● Orchestration ● Containers ● …. Heat Neutron NOVA Magnum
- 5.
- 6. How to automateuser provisioning? ● OpenStack Keystone – Tenant/Project, User provisioning – User tenant assignment – Accesses for Virtual Machines ● Automation in the context of organization? – Reusing of information ● Accesses and possibilities inside Virtual Machine
- 7. DB Application DB HR IDM LDAP UNIX Who amI? What do I do? ● Company Evolveum ● Java Developer & Identity Engineer ● IDM midPoint – Provisioning – Deprovisioning – Identities – Groups – Projects
- 8. Who am I?What do I do? ● Company Evolveum ● Java Developer & Identity Engineer ● IDM midPoint – Provisioning – Deprovisioning – Identities – Groups – Projects DB Application DB HR IDM LDAP UNIX
- 9. Education Insurance Technical Experiences ● Different companies ●Different areas ● Different requirements
- 10. prc = newPropertyResolverConverter(Application.get().getConverterLocator(), Session.get().getLocale()); - if(object instanceof String){ + if (object instanceof String) { String label = (String) object; String key; - if (label == null || label.trim().equals("")){ + if (label == null || label.trim().equals("")) { PropertyResolver.setValue(expression, getInnermostModelOrObject(), null, prc); } else { + if (!isStrict) { // set default value from input and overwrite later if key is found + PropertyResolver.setValue(expression, getInnermostModelOrObject(), label, prc); + } for (LookupTableRowType row : lookupTable.getRow()) { if (label.equals(WebMiscUtil.getOrigStringFromPoly(row.getLabel()))) { key = row.getKey(); - PropertyResolver.setValue(expression, getInnermostModelOrObject(), key, prc); } } } - } else if (object == null){ - PropertyResolver.setValue(expression, getInnermostModelOrObject(), object, prc); + } else if (object == null) { + PropertyResolver.setValue(expression, getInnermostModelOrObject(), object, prc); } } @Override - public void detach() {} + public void detach() { + } } Who and what? ● Technical view
- 11. prc = newPropertyResolverConverter(Application.get().getConverterLocator(), Session.get().getLocale()); - if(object instanceof String){ + if (object instanceof String) { String label = (String) object; String key; - if (label == null || label.trim().equals("")){ + if (label == null || label.trim().equals("")) { PropertyResolver.setValue(expression, getInnermostModelOrObject(), null, prc); } else { + if (!isStrict) { // set default value from input and overwrite later if key is found + PropertyResolver.setValue(expression, getInnermostModelOrObject(), label, prc); + } for (LookupTableRowType row : lookupTable.getRow()) { if (label.equals(WebMiscUtil.getOrigStringFromPoly(row.getLabel()))) { key = row.getKey(); - PropertyResolver.setValue(expression, getInnermostModelOrObject(), key, prc); } } } - } else if (object == null){ - PropertyResolver.setValue(expression, getInnermostModelOrObject(), object, prc); + } else if (object == null) { + PropertyResolver.setValue(expression, getInnermostModelOrObject(), object, prc); } } @Override - public void detach() {} + public void detach() { + } } Who and what? ● Technical view ● Management view
- 12. prc = newPropertyResolverConverter(Application.get().getConverterLocator(), Session.get().getLocale()); - if(object instanceof String){ + if (object instanceof String) { String label = (String) object; String key; - if (label == null || label.trim().equals("")){ + if (label == null || label.trim().equals("")) { PropertyResolver.setValue(expression, getInnermostModelOrObject(), null, prc); } else { + if (!isStrict) { // set default value from input and overwrite later if key is found + PropertyResolver.setValue(expression, getInnermostModelOrObject(), label, prc); + } for (LookupTableRowType row : lookupTable.getRow()) { if (label.equals(WebMiscUtil.getOrigStringFromPoly(row.getLabel()))) { key = row.getKey(); - PropertyResolver.setValue(expression, getInnermostModelOrObject(), key, prc); } } } - } else if (object == null){ - PropertyResolver.setValue(expression, getInnermostModelOrObject(), object, prc); + } else if (object == null) { + PropertyResolver.setValue(expression, getInnermostModelOrObject(), object, prc); } } @Override - public void detach() {} + public void detach() { + } } Who and what? ● Technical view ● Management view ● Business view
- 13. Group A Group CGroup B Is IDM sufficient? ● Companies with big fluctuation ● Quickly growing companies ● Companies providing servicies for wider population ● Users, Account, Projects, ● Organization units, Services, Groups, Infrastructure,...
- 14. What is thehardest thing for me? ● Interacting with people ● Get agreement ● Get help (whithin a reasonable time) ● Effectivity ● Infrastructure settings ● Application installation ● Gain accesses and permissions
- 15. Is there away how to solve it? ● midPoint and OpenStack together? ● Can it work somehow? ● Are there any advantages? ● Positive impacts? Web Application HR IDM LDAP UNIX
- 16. Use case –New employee
- 17. Use case –New employee HR
- 18. Use case –New employee HR IDM
- 19. Use case –New employee DB Application DB HR IDM LDAP UNIX
- 20. Use case –New project DB Application DB HR IDM LDAP UNIX Project
- 21. Use case –New component OpenStack DB Application DB HR IDM LDAP UNIX Project
- 22. MidPoint and OpenStacktogether? ● Connector ● Run/Stop VM ● User management ● Tenant Management ● User (in Role) for Tenant Connector DB HR IDM LDAP UNIX
- 23. Demo ● New Employee ●New Project ● midPoint – OpenStack integration ● Different views
- 24. Pre-configured demo resources ●OpenLDAP – User management – Group management – based on project – Group membership management ● OpenStack – User management – Tenant management – User to Tenant (in Role)
- 25. Demo Organizational Structure ●Project – Create new tenant in OpenStack, run/stop virtual machine – Define project structure – LDAP groups ● Organization – Different divisions of organization ● Cooperation – Partners, Customers,...
- 26. Demo Roles ● LDAPRoles – Create users – Create groups ● OpenStack Roles – Tenant – Virtual Machine
- 27. Demo Resources fornew VM ● LDAP – installed inside new VM ● Unix – users to the VM
- 28. What are thebenefits? ● One tool ● All about organization under one roof ● Global view of organization – Resource – VMs – Users – Projects – ... One tool All information under one roof
- 29. Thank you foryour attention @KValalikova k.valalikova@evolveum.com
- 30. Summary ● MidPoint andOpenStack ● Reusing existing information ● Global view of organization ● Automation of some processes ● Security ● Flexibility ● Adaptability ● Reliability Web Application HR IDM LDAP UNIX