diff --git a/tierMPpackage.adoc b/tierMPpackage.adoc new file mode 100644 index 0000000..a8f7e78 --- /dev/null +++ b/tierMPpackage.adoc @@ -0,0 +1,680 @@ +=== TIER/tierMPpackage.utf http://bit.ly/evosow +54.214.116.59 dev1.testbed.tier.internet2.edu + +- - - + +_2018-11-14 10:00 Develop dB table PoC using complex demo as base_ + +* http://bit.ly/apiRegWG-8 (See Notes for 14-Nov-2018) +* https://spaces.at.internet2.edu/display/MID/Dockerized+midPoint +* https://github.internet2.edu/docker/midPoint_container/tree/master/demo +* https://wiki.evolveum.com/display/midPoint/DatabaseTable +* https://github.com/Evolveum/midpoint/tree/master/samples/resources/databasetable + +- - - + +_2018-11-12 16:55 fix Shib IdP, Grouper, midPoint SAML metadata_ + +``` +alias mdata='cd ~/opt/midPoint_container/demo/complex/configs-and-secrets' +mdata +. +khazelton@dev1 configs-and-secrets]$ tree -L 3 +. +├── grouper +│   ├── application +│   │   ├── database_password.txt +│   │   ├── grouper.client.properties +│   │   ├── grouper.hibernate.properties +│   │   ├── grouper-loader.properties +│   │   ├── grouper.properties +│   │   ├── rabbitmq_password.txt +│   │   └── subject.properties +│   ├── httpd +│   │   ├── cachain-cer.pem +│   │   ├── host-cert.pem +│   │   └── host-key.pem +│   └── shibboleth +│   ├── idp-metadata.xml +│   ├── shibboleth2.xml +│   ├── sp-cert.pem +│   └── sp-key.pem +└── midpoint + ├── application + │   ├── database_password.txt + │   └── keystore_password.txt + ├── httpd + │   ├── host-cert.pem + │   └── host-key.pem + └── shibboleth + ├── idp-metadata.xml + ├── shibboleth2.xml + ├── sp-cert.pem + └── sp-key.pem +. +[khazelton@dev1 shibboleth-idp]$ pwd +/home/khazelton/opt/midPoint_container/demo/complex/idp/shibboleth-idp +. +[khazelton@dev1 shibboleth-idp]$ tree -L 3 +. +├── conf +│   ├── attribute-filter.xml +│   ├── attribute-resolver.xml +│   ├── idp.properties +│   ├── ldap.properties +│   └── metadata-providers.xml +├── credentials +│   ├── idp-backchannel.crt +│   ├── idp-backchannel.p12 +│   ├── idp-browser.p12 +│   ├── idp-encryption.crt +│   ├── idp-encryption.key +│   ├── idp-signing.crt +│   ├── idp-signing.key +│   ├── sealer.jks +│   └── sealer.kver +└── metadata + ├── grouper-sp.xml + ├── idp-metadata.xml + └── midpoint-sp.xml +``` +. +- Inside the containers +``` +docker exec -it /bin/bash + +- - - +_2018-11-11 09:59 Continue configuration of dev1.testbed mP complex demo_ + +===== Pick up with "Complex midPoint integration demo", "Uploading initial objects" + +https://spaces.at.internet2.edu/display/MID/Complex+midPoint+integration+demo#ComplexmidPointintegrationdemo-Uploadinginitialobjects + +``` +$ cd demo/complex +$ ./upload-objects +Uploading midpoint-objects/objectTemplates/template-org-course.xml (objectTemplates, d35bdec6-643b-41d8-ad5d-8eeb701169d1) +Uploading midpoint-objects/objectTemplates/template-org-department.xml (objectTemplates, 0caf2f69-7c72-4946-b218-d84e78b2a057) +Uploading midpoint-objects/objectTemplates/template-role-affiliation.xml (objectTemplates, d87aa04f-189c-4d6f-b6e1-216dad622142) +Uploading midpoint-objects/objectTemplates/template-role-generic-group.xml (objectTemplates, 804f8658-0828-4dab-a2ed-f13985e4f80b) +Uploading midpoint-objects/orgs/org-courses.xml (orgs, 225e9360-0639-40ba-8a31-7f31bef067be) +Uploading midpoint-objects/orgs/org-departments.xml (orgs, bee44c51-2469-411d-bac7-695728e9c241) +Uploading midpoint-objects/resources/ldap-main.xml (resources, 0a37121f-d515-4a23-9b6d-554c5ef61272) +Uploading midpoint-objects/resources/scriptedsql-grouper2.xml (resources, 6dcb84f5-bf82-4931-9072-fbdf87f96442) +Uploading midpoint-objects/resources/scriptedsql-sis-courses.xml (resources, 13660d60-071b-4596-9aa1-5efcd1256c04) +Uploading midpoint-objects/resources/scriptedsql-sis-persons.xml (resources, 4d70a0da-02dd-41cf-b0a1-00e75d3eaa15) +Uploading midpoint-objects/roles/metarole-affiliation.xml (roles, fecae27b-d1d3-40ae-95fa-8f7e44e2ee70) +Uploading midpoint-objects/roles/metarole-course.xml (roles, 8aa99e7b-f7d3-4585-9800-14bab4d26a43) +Uploading midpoint-objects/roles/metarole-department.xml (roles, ffa9eaec-9539-4d15-97aa-24cd5b92ca5b) +Uploading midpoint-objects/roles/metarole-generic-group.xml (roles, c691e15a-f30b-4e15-8445-532db07ceeeb) +Uploading midpoint-objects/roles/role-grouper-sysadmin.xml (roles, d48ec05b-fffd-4262-acd3-d9ff63365b62) +Uploading midpoint-objects/roles/role-ldap-basic.xml (roles, c89f31dd-8d4f-4e0a-82cb-58ff9d8c1b2f) +Uploading midpoint-objects/systemConfigurations/SystemConfiguration.xml (systemConfigurations, 00000000-0000-0000-0000-000000000001) +[khazelton@ip-172-31-32-222 complex]$ +. +docker exec -it /bin/bash +``` + + +- - - +_2018-11-10 14:48 Clone the fork of midPoint_container onto both xps and dev1.testbed_ + +- change saml metadata endpoints from localhost to dev1.testbed.tier.internet2.edu +- forked repo: https://github.internet2.edu/tierwg/midPoint_container + +** xps clone: khazelton@khazelton-XPS-13-9370:~/opt/midPoint_container +** dev1.testbed: [root@ip-172-31-32-222 midPoint_container]# ls -la /home/khazelton/opt/midPoint_container + +- New standard workflow for midPoint complex demo +** Goal: Change saml metadata endpoints from localhost to dev1.testbed.tier.internet2.edu. +** Used Intellij IDE to edit the xps clone of fork, then pushed changes back to github.internet2. +** Ssh'd to dev1 and pulled the changes from github.internet2 +** End state: Changes made, synced to all replicas + +``` +[root@ip-172-31-32-222 midPoint_container]# git pull +remote: Counting objects: 39, done. +remote: Compressing objects: 100% (18/18), done. +remote: Total 39 (delta 21), reused 39 (delta 21), pack-reused 0 +Unpacking objects: 100% (39/39), done. +From https://github.internet2.edu/tierwg/midPoint_container + 2a76973..0e5c4f9 master -> origin/master +Updating 2a76973..0e5c4f9 +Fast-forward + demo/complex/configs-and-secrets/grouper/shibboleth/idp-metadata.xml | 16 ++++++++-------- + demo/complex/configs-and-secrets/midpoint/shibboleth/idp-metadata.xml | 16 ++++++++-------- + demo/complex/idp/shibboleth-idp/metadata/grouper-sp.xml | 22 +++++++++++----------- + demo/complex/idp/shibboleth-idp/metadata/idp-metadata.xml | 16 ++++++++-------- + demo/complex/idp/shibboleth-idp/metadata/midpoint-sp.xml | 22 +++++++++++----------- + 5 files changed, 46 insertions(+), 46 deletions(-) + + cd ../demo/complex + docker-compose up --build +``` +Successfully reached midPoint admin screen on "dev1.testbed.tier.internet2.edu", the AWS VM running Docker: https://dev1.testbed.tier.internet2.edu:8443/midpoint + +NEXT: pick up with "Complex midPoint integration demo", "Uploading initial objects" + +https://spaces.at.internet2.edu/display/MID/Complex+midPoint+integration+demo#ComplexmidPointintegrationdemo-Uploadinginitialobjects + +- - - +_2018-11-09 18:04 Build and run mP demos on I2 VM with code base forked from repo at https://github.internet2.edu/docker/midPoint_container_ + + +https://github.internet2.edu/tierwg/midPoint_container + + +- remove earlier midPoint clone, then restart from the forked midPoint repo + +``` +$ ssh khazelton@54.214.116.59 +. +[khazelton@ip-172-31-32-222 ~]$ sudo bash +. +ls -la /opt/midPoint_container +total 92 +drwxrwxr-x 6 khazelton khazelton 4096 Nov 9 19:58 . +drwxrwxr-x 35 khazelton khazelton 4096 Nov 9 19:58 .. +-rwxrwxr-x 1 khazelton khazelton 1355 Nov 9 19:58 build.sh +-rw-rw-r-- 1 khazelton khazelton 52 Nov 9 19:58 common.bash +drwxrwxr-x 8 khazelton khazelton 4096 Nov 9 19:58 container_files +drwxrwxr-x 7 khazelton khazelton 4096 Nov 9 19:58 demo +-rw-rw-r-- 1 khazelton khazelton 4223 Nov 9 19:58 Dockerfile +-rw-rw-r-- 1 khazelton khazelton 16 Nov 9 19:58 .dockerignore +-rwxrwxr-x 1 khazelton khazelton 626 Nov 9 19:58 download-midpoint +drwxrwxr-x 8 khazelton khazelton 4096 Nov 9 19:58 .git +-rw-rw-r-- 1 khazelton khazelton 4639 Nov 9 19:58 Jenkinsfile +-rw-rw-r-- 1 khazelton khazelton 19816 Nov 9 19:58 library.bash +-rw-rw-r-- 1 khazelton khazelton 11345 Nov 9 19:58 LICENSE +-rw-rw-r-- 1 khazelton khazelton 1588 Nov 9 19:58 README.md +drwxrwxr-x 2 khazelton khazelton 4096 Nov 9 19:58 tests +. +[root@ip-172-31-32-222 opt]# docker stop a28da35a3e22 79b036b92fde 230026c1d294 6b4c0a3e9345 be3e0f62280c 3b466defa9a1 0970a6f64f8f bee66b84ea62 4dc9616b894d 155de7b76e3b +a28da35a3e22 +79b036b92fde +230026c1d294 +6b4c0a3e9345 +be3e0f62280c +3b466defa9a1 +0970a6f64f8f +bee66b84ea62 +4dc9616b894d +155de7b76e3b +. +[root@ip-172-31-32-222 opt]# docker container prune +WARNING! This will remove all stopped containers. +Are you sure you want to continue? [y/N] y +Deleted Containers: +a28da35a3e22ef854817bf681752897845d2c9e8aaa52e913ef95f3752f00a03 +79b036b92fde7b925b1d3b008c4259e67b508b245dcc4b7481ea9740542b48dc +230026c1d2940796a818fa2434f62f75bbc11b926f06b10ef6c9dd04fb877601 +6b4c0a3e9345a3591f1e9a521978107649bb82744079540bf32429eedfcd3fcb +be3e0f62280cac3918629c1fe5c7749657f7bbe6ce23fffe51ae1496b64a1fc1 +3b466defa9a187486448ae3353d5d972c2e35dd76d3280b164936398b65b20df +0970a6f64f8ff44e392fe6b1d6f279df1a5ad565d43e87b64448a830a0962fdf +bee66b84ea62f98c86a3fb9105ee778596afe91c84215190830346aedfac9a50 +4dc9616b894d4e46819479bfcd13b06deaac2df1797c82a4345867cb906c8d57 +155de7b76e3b5386a1219f65752fb9d4d36273cab83069719618ba9700dd0577 +. +[root@ip-172-31-32-222 opt]# docker images +REPOSITORY TAG IMAGE ID CREATED SIZE +complex_grouper_daemon latest ffe221366215 10 hours ago 1.3GB +complex_grouper_ui latest 956855630846 10 hours ago 1.3GB +complex_idp latest e4c4ed823107 10 hours ago 731MB +complex_directory latest 15be8a948c36 10 hours ago 376MB +complex_midpoint_server latest 107145fb6d74 10 hours ago 1.55GB +complex_sources latest 4d23b5689190 10 hours ago 1.18GB +complex_targets latest 74065f454fef 10 hours ago 1.18GB +complex_grouper_data latest 7535747eca3e 10 hours ago 1.51GB +complex_mq latest eb684342116f 10 hours ago 149MB +tier/midpoint latest a5689fd11b9e 10 hours ago 1.55GB +tier/grouper-training-env ex401.4.end dff1bfeeab9d 6 days ago 4.16GB +. +docker rmi 17d31a2207a7 e70daa1ff25c d1ec304c48dc d5eaa4d718e4 c4a699174734 ec0bcbca2fdf 320a5e3ea13b ab020e341330 3a3334704a54 7535747eca3e + + +complex_idp latest 17d31a2207a7 22 hours ago 731MB +complex_sources latest e70daa1ff25c 22 hours ago 1.18GB +complex_grouper_daemon latest d1ec304c48dc 22 hours ago 1.3GB +complex_grouper_ui latest d5eaa4d718e4 22 hours ago 1.3GB +complex_directory latest c4a699174734 22 hours ago 376MB +complex_mq latest ec0bcbca2fdf 22 hours ago 149MB +complex_midpoint_server latest 320a5e3ea13b 22 hours ago 1.55GB +complex_targets latest ab020e341330 22 hours ago 1.18GB +tier/midpoint latest 3a3334704a54 22 hours ago 1.55GB +complex_grouper_data latest 7535747eca3e +. +[root@ip-172-31-32-222 opt]# docker rmi ffe221366215 956855630846 e4c4ed823107 15be8a948c36 107145fb6d74 4d23b5689190 74065f454fef eb684342116f a5689fd11b9e +Untagged: complex_grouper_daemon:latest +Deleted: sha256:ffe221366215381db92ebcf0d4a57f1c75e0967f55ad558fca35af7a5891247d +Untagged: complex_grouper_ui:latest +Deleted: sha256:9568556308462926dfa48f50eb75636d3f6f398bc0e2e8e478e6ee923dff5cb6 +Untagged: complex_idp:latest +Deleted: sha256:e4c4ed8231079b203a99bff89e5434cadb64e30d425bf2298cf748d9f0df3c8a +. +[root@ip-172-31-32-222 opt]# git clone https://github.internet2.edu/tierwg/midPoint_container.git +Cloning into 'midPoint_container'... +remote: Counting objects: 1945, done. +remote: Compressing objects: 100% (19/19), done. +remote: Total 1945 (delta 9), reused 9 (delta 5), pack-reused 1921 +Receiving objects: 100% (1945/1945), 1.00 MiB | 0 bytes/s, done. +Resolving deltas: 100% (1017/1017), done. +. +[root@ip-172-31-32-222 opt]# cd midPoint_container +drwxr-xr-x. 6 root root 236 Nov 10 02:51 . +drwxr-xr-x. 6 root root 109 Nov 10 02:51 .. +-rwxr-xr-x. 1 root root 1355 Nov 10 02:51 build.sh +-rw-r--r--. 1 root root 52 Nov 10 02:51 common.bash +drwxr-xr-x. 8 root root 106 Nov 10 02:51 container_files +drwxr-xr-x. 7 root root 86 Nov 10 02:51 demo +-rw-r--r--. 1 root root 4223 Nov 10 02:51 Dockerfile +-rw-r--r--. 1 root root 16 Nov 10 02:51 .dockerignore +-rwxr-xr-x. 1 root root 626 Nov 10 02:51 download-midpoint +drwxr-xr-x. 8 root root 163 Nov 10 02:51 .git +-rw-r--r--. 1 root root 4639 Nov 10 02:51 Jenkinsfile +-rw-r--r--. 1 root root 19816 Nov 10 02:51 library.bash +-rw-r--r--. 1 root root 11345 Nov 10 02:51 LICENSE +-rw-r--r--. 1 root root 1588 Nov 10 02:51 README.md +drwxr-xr-x. 2 root root 23 Nov 10 02:51 tests +[root@ip-172-31-32-222 midPoint_container]# +. +[root@ip-172-31-32-222 complex]# pwd +/opt/midPoint_container/demo/complex +. +ls -la idp/shibboleth-idp/metadata +total 28 +drwxr-xr-x. 2 root root 75 Nov 10 02:51 . +drwxr-xr-x. 5 root root 53 Nov 10 02:51 .. +-rw-r--r--. 1 root root 6066 Nov 10 02:51 grouper-sp.xml <== +-rw-r--r--. 1 root root 10857 Nov 10 02:51 idp-metadata.xml <== +-rw-r--r--. 1 root root 6231 Nov 10 02:51 midpoint-sp.xml +. +[root@ip-172-31-32-222 complex]# ls -la configs-and-secrets/midpoint/shibboleth +total 28 +drwxr-xr-x. 2 root root 90 Nov 10 02:51 . +drwxr-xr-x. 5 root root 56 Nov 10 02:51 .. +-rw-r--r--. 1 root root 10866 Nov 10 02:51 idp-metadata.xml <== +-rw-r--r--. 1 root root 6840 Nov 10 02:51 shibboleth2.xml +-rw-r--r--. 1 root root 1330 Nov 10 02:51 sp-cert.pem +-rw-r--r--. 1 root root 1704 Nov 10 02:51 sp-key.pem +. +----- pick up tomorrow from here +. +-rw-r--r--. 1 root root 10857 Nov 9 16:57 idp/shibboleth-idp/metadata/idp-metadata.xml +location of IdP metadata to be edited to change the entityId and protocol endpoint URLs +. +-rw-r--r--. 1 root root 10866 Nov 9 16:57 configs-and-secrets/midpoint/shibboleth/idp-metadata.xml +location of SP metadata to be edited to change the entityId and protocol endpoint URLs +``` + +- - - +_2018-11-06 17:27 Build mP demos from https://github.internet2.edu/docker/midPoint_container_ + +- initial test passed: on localhost: browse to https://localhost:8443/midpoint and got back the html for the midPoint login pager + +- challenge of changing metadata to point at actual IP for container rather than localhost; But metadata xml files appear in multiple locations. + +I want to make midPoint accessible from a remote host; The documentation seems to say that I should put the real metadata in /etc/shibboleth/idp-metadata.xml on the host with docker and docker-compose on it before running ./build.sh. There is metadata for the Apache proxy too, right? Where should I put that? + +IMPORTANT: Metadata for shibboleth is in link:~/opt/midPoint_container/demo/complex/...[] + +link:idp/shibboleth-idp/metadata/idp-metadata.xml[] + +Metadata for apache (shibboleth sp) is in +link:~/opt/midPoint_container/demo/complex/...[] + +link:configs-and-secrets/midpoint/shibboleth/idp-metadata.xml[] + + -- Lukas + +- - - +_2018-11-06 13:57 build from https://github.internet2.edu/docker/midPoint_container/tree/3.9-SNAPSHOT-stable_ + +- x + +``` +$ git clone https://github.internet2.edu/docker/midPoint_container.git -b 3.9-SNAPSHOT-stable +Cloning into 'midPoint_container'... +remote: Counting objects: 1949, done. +remote: Compressing objects: 100% (13/13), done. +remote: Total 1949 (delta 5), reused 6 (delta 2), pack-reused 1934 +Receiving objects: 100% (1949/1949), 1.00 MiB | 0 bytes/s, done. +Resolving deltas: 100% (1023/1023), done. +Checking connectivity... done. +. +cd midPoint_container +khazelton@khazelton-XPS-13-9370:~/opt/midPoint_container$ ls -la +total 80 +drwxrwxr-x 6 khazelton khazelton 4096 Nov 6 14:06 . +drwxrwxr-x 34 khazelton khazelton 4096 Nov 6 14:06 .. +-rwxrwxr-x 1 khazelton khazelton 1355 Nov 6 14:06 build.sh +-rw-rw-r-- 1 khazelton khazelton 65 Nov 6 14:06 common.bash +drwxrwxr-x 8 khazelton khazelton 4096 Nov 6 14:06 container_files +drwxrwxr-x 7 khazelton khazelton 4096 Nov 6 14:06 demo +-rw-rw-r-- 1 khazelton khazelton 4223 Nov 6 14:06 Dockerfile +-rw-rw-r-- 1 khazelton khazelton 16 Nov 6 14:06 .dockerignore +-rwxrwxr-x 1 khazelton khazelton 626 Nov 6 14:06 download-midpoint +drwxrwxr-x 8 khazelton khazelton 4096 Nov 6 14:06 .git +-rw-rw-r-- 1 khazelton khazelton 4645 Nov 6 14:06 Jenkinsfile +-rw-rw-r-- 1 khazelton khazelton 19816 Nov 6 14:06 library.bash +-rw-rw-r-- 1 khazelton khazelton 1614 Nov 6 14:06 README.md +drwxrwxr-x 2 khazelton khazelton 4096 Nov 6 14:06 tests +``` + +- Follow https://github.internet2.edu/docker/midPoint_container/blob/3.9-SNAPSHOT-stable/README.md + +- Oops: Attempting to install on Ubuntu fails because build is for Centos, uses yum instead of apt, etc. + +``` +Step 3/9 : RUN yum install -y epel-release && yum update -y && yum install -y mariadb-server mariadb && yum clean all && rm -rf /var/cache/yum + ---> Running in 3c11659607a9 +Loaded plugins: fastestmirror, ovl +Determining fastest mirrors + + + One of the configured repositories failed (Unknown), + and yum doesn't have enough cached data to continue. At this point the only + safe thing yum can do is fail. There are a few ways to work "fix" this: + + 1. Contact the upstream for the repository and get them to fix the problem. + + 2. Reconfigure the baseurl/etc. for the repository, to point to a working + upstream. This is most often useful if you are using a newer + distribution release than is supported by the repository (and the + packages for the previous distribution release still work). + + 3. Run the command with the repository temporarily disabled + yum --disablerepo= ... + + 4. Disable the repository permanently, so yum won't use it by default. Yum + will then just ignore the repository until you permanently enable it + again or use --enablerepo for temporary usage: + + yum-config-manager --disable + or + subscription-manager repos --disable= + + 5. Configure the failing repository to be skipped, if it is unavailable. + Note that yum will try to contact the repo. when it runs most commands, + so will have to try and fail each time (and thus. yum will be be much + slower). If it is a very temporary problem though, this is often a nice + compromise: + + yum-config-manager --save --setopt=.skip_if_unavailable=true + +Cannot retrieve metalink for repository: epel/x86_64. Please verify its path and try again +``` + +- - - + +_2018-11-05 21:19 midPoint complex demo setup_ + +- https://github.internet2.edu/docker/midPoint_container/tree/master/demo/complex +-- $ ../../build.sh & docker-compose up --build +- https://spaces.at.internet2.edu/display/MID/Complex+midPoint+integration+demo + +IMPORTANT: This is a work in progress. Currently, it is based on version 1.0 of the midPoint dockerization. Please use the following command to checkout the repository: + +git clone --branch v1.0 https://github.internet2.edu/docker/midPoint_container.git + +- - - +_2018-10-12 21:13 grouper training env. install on xps13_ + +``` +khazelton@khazelton-XPS-13-9370:~$ service apache2 stop +. +khazelton@khazelton-XPS-13-9370:~$ wget http://localhost +. +--2018-10-12 21:03:09-- http://localhost/ +Resolving localhost (localhost)... 127.0.0.1 +Connecting to localhost (localhost)|127.0.0.1|:80... failed: Connection refused. +. +khazelton@khazelton-XPS-13-9370:~$ docker kill $(docker ps -q) +"docker kill" requires at least 1 argument. +See 'docker kill --help'. +Usage: docker kill [OPTIONS] CONTAINER [CONTAINER...] +Kill one or more running containers +. +khazelton@khazelton-XPS-13-9370:~$ docker rm $(docker ps -a -q) +f4c43fa8d6db +khazelton@khazelton-XPS-13-9370:~$ docker rmi $(docker images -q) +Untagged: tier/grouper-training-env:ex101.1.1 +Untagged: tier/grouper-training-env@sha256:592d52b4bf23a05f154a255182b814b137281ad19c9d20d38cf0f450a077c1d4 +Deleted: sha256:e7fbabe41d410353766023dd3abaf87742a3aa6a62dfbcfddebb5c62cc63d6a6 +... +Deleted: sha256:f59b7e59ceaafc8c2c7e340f5831b7e4cf36203e3aeb59317942b9dec9557ac5 +. +khazelton@khazelton-XPS-13-9370:~$ docker run -d -p 80:80 -p 389:389 -p 8443:443 -p 3306:3306 --name gte tier/grouper-training-env:ex101.1.1 +. +Unable to find image 'tier/grouper-training-env:ex101.1.1' locally +ex101.1.1: Pulling from tier/grouper-training-env +3d8673bd162a: Pulling fs layer +... +e4e9c3132834: Pull complete +Digest: sha256:592d52b4bf23a05f154a255182b814b137281ad19c9d20d38cf0f450a077c1d4 +Status: Downloaded newer image for tier/grouper-training-env:ex101.1.1 +8d3420faee75397f3384c6bfe7523e0dbfc2d62214c85f4f7108229cb903690d +. +khazelton@khazelton-XPS-13-9370:~$ sudo docker ps +. +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +8d3420faee75 tier/grouper-training-env:ex101.1.1 "/usr/local/bin/entr…" 27 minutes ago Up 27 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:389->389/tcp, 0.0.0.0:3306->3306/tcp, 4443/tcp, 0.0.0.0:8443->443/tcp gte +``` + +- - - + +_2018-10-06 12:41 docker training installation on cerif.org_ + +``` +[kh@metazome ~]$ sudo docker ps +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +a5e9b537a890 ubuntu-mid101:2018.A.docker "/midpoint-entrypoin…" 4 months ago Up 4 weeks 0.0.0.0:18080->8080/tcp mp-training +4a64183fc9f___________________ +2018-10-06 12:41 a postgres-mid101:2018.A.docker "docker-entrypoint.s…" 4 months ago Up 4 weeks 0.0.0.0:15432->5432/tcp mid101_postgres_1 +3474234bbf6d openldap-mid101:2018.A.docker "/container/tool/run" 4 months ago Up 4 weeks 0.0.0.0:10389->389/tcp, 0.0.0.0:10636->636/tcp mid101_openldap_1 +. +[kh@metazome ~]$ sudo docker info +Containers: 21 + Running: 3 + Paused: 0 + Stopped: 18 +Images: 92 +Server Version: 18.06.1-ce +Storage Driver: overlay2 + Backing Filesystem: extfs + Supports d_type: true + Native Overlay Diff: false +Logging Driver: json-file +Cgroup Driver: cgroupfs +Plugins: + Volume: local + Network: bridge host macvlan null overlay + Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog +Swarm: inactive +Runtimes: runc +Default Runtime: runc +Init Binary: docker-init +containerd version: 468a545b9edcd5932818eb9de8e72413e616e86e +runc version: 69663f0bd4b60df09991c08812a60108003fa340 +init version: fec3683 +Security Options: + seccomp + Profile: default +Kernel Version: 4.17.17-x86_64-linode116 +Operating System: CentOS Linux 7 (Core) +OSType: linux +Architecture: x86_64 +CPUs: 6 +Total Memory: 15.65GiB +Name: metazome.info +ID: NXFI:PVW2:VUAZ:JJLA:3FJZ:BMVP:JGRF:7JVP:5CXU:KTFJ:5EI4:XYUJ +Docker Root Dir: /var/lib/docker +Debug Mode (client): false +Debug Mode (server): false +Registry: https://index.docker.io/v1/ +Labels: +Experimental: false +Insecure Registries: + 127.0.0.0/8 +Live Restore Enabled: false +. +WARNING: bridge-nf-call-iptables is disabled +WARNING: bridge-nf-call-ip6tables is disabled +. +[kh@metazome ~]$ sudo docker ps +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +a5e9b537a890 ubuntu-mid101:2018.A.docker "/midpoint-entrypoin…" 4 months ago Up 4 weeks 0.0.0.0:18080->8080/tcp mp-training +4a64183fc9fa postgres-mid101:2018.A.docker "docker-entrypoint.s…" 4 months ago Up 4 weeks 0.0.0.0:15432->5432/tcp mid101_postgres_1 +3474234bbf6d openldap-mid101:2018.A.docker "/container/tool/run" 4 months ago Up 4 weeks 0.0.0.0:10389->389/tcp, 0.0.0.0:10636->636/tcp mid101_openldap_1 +. +[kh@metazome ~]$ sudo docker stop mp-training +mp-training +[kh@metazome ~]$ sudo docker stop mid101_postgres_1 +mid101_postgres_1 +[kh@metazome ~]$ sudo docker stop mid101_openldap_1 +mid101_openldap_1 +. +[kh@metazome ~]$ sudo docker ps +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +. +[kh@metazome ~]$ sudo docker images +. +REPOSITORY TAG IMAGE ID CREATED SIZE +mp-gr_midpoint-server latest a6fdad3f80cc 4 weeks ago 1.38GB +mp-gr_targets latest 9b020c102988 4 weeks ago 558MB +mp-gr_grouper-daemon latest b6d5528394f1 4 weeks ago 1.3GB +mp-gr_idp latest 7a513ed450b8 4 weeks ago 510MB +mp-gr_grouper-ui latest 928e63ae1bd1 4 weeks ago 1.3GB +mp-gr_directory latest d9469de669ae 4 weeks ago 540MB +mp-gr_midpoint-data latest bf0e4c55e21c 4 weeks ago 1.34GB +mp-gr_sources latest 2493047e0005 4 weeks ago 559MB +mp-gr_grouper-data latest 9fcbc148305f 4 weeks ago 1.51GB +tier/grouper latest 7154dbf895c2 4 weeks ago 1.3GB +rabbitmq management 2888deb59dfc 4 weeks ago 149MB +unicon/shibboleth-idp latest f6004f19aab2 5 weeks ago 509MB +tomcat latest 2d084b11164d 3 months ago 463MB +tier/shibboleth_sp latest 008b7b934200 3 months ago 580MB +ubuntu-mid101 2018.A.docker 009d7b35ab45 4 months ago 487MB +postgres-mid101 2018.A.docker 42c33024b571 4 months ago 38.5MB +openldap-mid101 2018.A.docker d4b860bf2a7f 4 months ago 223MB + c0bcc8489d18 4 months ago 457MB +postgres 9.5-alpine e11b552f723b 4 months ago 38.4MB +osixia/openldap latest a562f6fd60c7 4 months ago 223MB +ubuntu xenial 0b1edfbffd27 5 months ago 113MB +jtgasper3/389ds-basic latest 9a20ae0fb3ca 5 months ago 328MB + 0a7b14dd951e 5 months ago 487MB + 7005190955ce 5 months ago 37.2MB + 6808332a4b47 5 months ago 223MB +centos centos7 e934aafc2206 6 months ago 199MB +osixia/openldap latest 6fedb3135d7d 6 months ago 223MB +ubuntu latest f975c5035748 7 months ago 112MB +ubuntu xenial f975c5035748 7 months ago 112MB +postgres 9.5-alpine e61724866da9 7 months ago 37.1MB +hello-world latest f2a91732366c 10 months ago 1.85kB +``` + +- - - + +_2018-09-08 10:00 mP/Grouper container install on xps13_ + +- per: +- https://spaces.at.internet2.edu/display/MID/midPoint+Packages+for+TIER <== mp packages home page + +``` + https://spaces.at.internet2.edu/display/MID/midPoint+-+Grouper+integration+demo <==standing public Invitation to test a midPoint - Grouper integration demo package +. https://wiki.evolveum.com/display/midPoint/Building+MidPoint+From+Source+Code <== source from /tmp/tier branch of mP repo +- +---------- +cd ~ +git clone https://github.com/Evolveum/midpoint.git +cd midpoint +khazelton@khazelton-XPS-13-9370:~/midpoint$ ls -la +total 168 +drwxrwxr-x 19 khazelton khazelton 4096 Sep 8 10:31 . +drwxr-xr-x 64 khazelton khazelton 4096 Sep 8 10:31 .. +drwxrwxr-x 3 khazelton khazelton 4096 Sep 8 10:31 build-system +drwxrwxr-x 6 khazelton khazelton 4096 Sep 8 10:31 config +-rw-rw-r-- 1 khazelton khazelton 7211 Sep 8 10:31 CONTRIBUTING.md +drwxrwxr-x 3 khazelton khazelton 4096 Sep 8 10:31 custom +drwxrwxr-x 5 khazelton khazelton 4096 Sep 8 10:31 dist +drwxrwxr-x 8 khazelton khazelton 4096 Sep 8 10:31 .git +-rw-rw-r-- 1 khazelton khazelton 385 Sep 8 10:31 .gitignore +drwxrwxr-x 4 khazelton khazelton 4096 Sep 8 10:31 gui +drwxrwxr-x 6 khazelton khazelton 4096 Sep 8 10:31 icf-connectors +drwxrwxr-x 11 khazelton khazelton 4096 Sep 8 10:31 infra +-rw-rw-r-- 1 khazelton khazelton 1249 Sep 8 10:31 INSTALL +-rw-rw-r-- 1 khazelton khazelton 758 Sep 8 10:31 INSTALL-dist +-rw-rw-r-- 1 khazelton khazelton 11358 Sep 8 10:31 LICENSE +drwxrwxr-x 2 khazelton khazelton 4096 Sep 8 10:31 maven +drwxrwxr-x 17 khazelton khazelton 4096 Sep 8 10:31 model +-rwxrwxr-x 1 khazelton khazelton 7098 Sep 8 10:31 mvnw +-rwxrwxr-x 1 khazelton khazelton 5839 Sep 8 10:31 mvnw.bat +-rw-rw-r-- 1 khazelton khazelton 2909 Sep 8 10:31 NEWS +-rw-rw-r-- 1 khazelton khazelton 1282 Sep 8 10:31 NOTICE +-rw-rw-r-- 1 khazelton khazelton 8667 Sep 8 10:31 pom.xml +drwxrwxr-x 8 khazelton khazelton 4096 Sep 8 10:31 provisioning +-rw-rw-r-- 1 khazelton khazelton 1967 Sep 8 10:31 README +-rw-rw-r-- 1 khazelton khazelton 2195 Sep 8 10:31 README.md +-rw-rw-r-- 1 khazelton khazelton 100 Sep 8 10:31 RELEASE-NOTES +drwxrwxr-x 18 khazelton khazelton 4096 Sep 8 10:31 repo +drwxrwxr-x 28 khazelton khazelton 4096 Sep 8 10:31 samples +drwxrwxr-x 11 khazelton khazelton 4096 Sep 8 10:31 testing +-rw-rw-r-- 1 khazelton khazelton 795 Sep 8 10:31 testng-integration.xml +-rw-rw-r-- 1 khazelton khazelton 788 Sep 8 10:31 testng-unit.xml +drwxrwxr-x 9 khazelton khazelton 4096 Sep 8 10:31 tools +-rw-rw-r-- 1 khazelton khazelton 937 Sep 8 10:31 .travis.yml +drwxrwxr-x 2 khazelton khazelton 4096 Sep 8 10:31 .tx +drwxrwxr-x 3 khazelton khazelton 4096 Sep 8 10:31 weblogic-build +khazelton@khazelton-XPS-13-9370:~/midPoint +``` + +- - - + +_2018-08-07 21:39 grouper-midpoint demo test_ + +- as far as docker-compose up --build on cerif.org; but trouble connecting + +- next: full install on xps13 + +- - - + +_2018-08-31 17:54 First trial of the Evolveum developed TIER Package-compliant midpoint on cerif.org centos vm_ + +- per Building midPoint From Source Code: https://wiki.evolveum.com/display/midPoint/Building+MidPoint+From+Source+Code + +- install java 10, define $JAVA_HOME + +``` +cat /etc/profile.d/envVars.sh +. +#!/bin/bash +export JAVA_HOME=/opt/jdk-10.0.2 +export PATH=$PATH:$JAVA_HOME +``` + +- install jce for unlimited strength keys + +``` +scp -P 58263 -i ~/.ssh/id_rsa /home/khazelton/Downloads/jce_policy-8.zip kh@cerif.org: +... +[root@metazome UnlimitedJCEPolicyJDK8]# ls -la $JAVA_HOME/lib/security +. +total 116 +drwxr-xr-x 2 root root 4096 Sep 1 02:27 . +drwxr-xr-x 5 root root 4096 Sep 1 01:20 .. +-rw-r--r-- 1 668 668 1253 Jun 28 00:54 blacklisted.certs +-rw-r--r-- 1 668 668 88998 Jun 28 00:54 cacerts +-rw-r--r-- 1 668 668 8192 Jun 28 00:54 default.policy +-rw-rw-r-- 1 668 668 3035 Dec 20 2013 local_policy.jar +-rw-rw-r-- 1 668 668 3023 Dec 20 2013 US_export_policy.jar +``` + +- install maven3 + +``` +[root@metazome opt]# mvn -V +. +Apache Maven 3.0.5 (Red Hat 3.0.5-17) +Maven home: /usr/share/maven +Java version: 10.0.2, vendor: Oracle Corporation +Java home: /opt/jdk-10.0.2 +Default locale: en_US, platform encoding: UTF-8 +OS name: "linux", version: "4.15.13-x86_64-linode106", arch: "amd64", family: "unix" +[INFO] Scanning for projects... +``` + +- - -