You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Release notes for version 1.0

A few words on VirtualBox

  • If you are not familiar with VirtualBox, you can read the documentation and download the software from Oracle's web site.
  • Once VirtualBox is installed and running, you import the .ovm distribution image using the File / Import Appliance function.
  • The default network connection for the Shibboleth IdP packaged Virtual Machine is NAT. This will work well for the case of logging in and examing the VM and containers. To connect to services hosted by the VM from the outside and more easily interconnect with the TIER Testbed, you'll likely want to switch the network to bridged mode. Bridge Mode will provide the VM its own IP address from your network's DHCP server. Remember, if you are on a public network, the VM will be exposed to the world and we publish the password on this web site.  Note that Virtual Box bridge mode can not work with many wireless network adapters since the don't support promiscuous mode.  A wired network connection is generally better for use with Bridge Mode. Note that is possible to complete a test in NAT mode, but involves the inclusion of port numbers into the process.
  • When you complete the process below, you will see a set of attributes supplied by your test Shibboleth IdP displayed by the testbed's Shibboleth SP.

Initial Testing Process

A quick test of the environment includes the following steps:

  1. Download the COmanage-1.0.ova file (or the most recent version) from the distribution site.
  2. Import the image into virtual box.
  3. Potentially change the network setting from NAT to Bridged - see above comments on VirtualBox.
  4. Start the virtual machine.
  5. Login to the VM:
    1. LoginId: comanage
    2. password: comanage
  6. Create a self-signed certificate for use in the test.  (See this sample output on the right)
  7. Fill in appropriate answers for Country and City.
  8. Be sure to keep track of the domain name that you put into the CN field.
    1. openssl req -x509 -nodes -days 365 -sha256  -newkey rsa:2048 -keyout coman.key -out coman.crt
  9. Copy the certificate files to the appropriate locations for the installer
    1. cp coman.key coman.crt /home/comanage/ssl/httpd
    2. cp coman.crt /home/comanage/ssl/httpd/incommon_chain.pem
  10. Run the configuration script:  ./bin/configure.sh
    1. As you answer the questions, make sure that the FQDN you specify now matches the CN value used when you created the certificate.  For this reason - you may just want to use IP addresses if they will be the same each time you run the virtual machine (as one might on a laptop virtual machine)
    2. You can safely put in fake answers to the email questions as that feature will not work as part of this simple test.
  11. Start comanage: ./bin/comanage.sh
    1. You will see the final build/configuration process.
    2. When this command returns, the Docker version of COmanage will be up and running.
  12. Verify that two containers are running via the command: docker ps
  13. If you enabled bridge mode described above
    1. Obtain the IP address of your virtual machine if you haven't done so already.
      1. ip addr | grep -i "inet" and look for and address from your campus network
    2. With a web browser, connect to:https://ip_addr/registry/
    3. Ignore the SSL warnings.
    4. You should connect to a login page.  Do not expect the login function to actually work, that requires InCommon integration and this quick test does not perform any InCommon integration.

Full Testing Process

Planning for a full deployment of COmanage is beyond the scope of these release notes but the work starts the same way as above.  You will need a fixed ip address for the VM along with a hostname in DNS, a certificate from a commercial CA, and the addition of the SP into the InCommon metadata.  Once these components are in place and the configuration and startup scripts run, you will be able to login and work with COmanage. Please refer to the COmanage documentation for how to proceed after your inital login.

 

  • No labels