You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Release notes for version 1.0

A few words on VirtualBox

  • If you are not familiar with VirtualBox, you can read the documentation and download the software from Oracle's web site.
  • Once VirtualBox is installed and running, you import the .ovm distribution image using the File / Import Appliance function.
  • The default network connection for the Shibboleth IdP packaged Virtual Machine is NAT. This will work well for the case of logging in and examing the VM and containers. To connect to services hosted by the VM from the outside and more easily interconnect with the TIER Testbed, you'll likely want to switch the network to bridged mode. Bridge Mode will provide the VM its own IP address from your network's DHCP server. Remember, if you are on a public network, the VM will be exposed to the world and we publish the password on this web site.  Note that Virtual Box bridge mode can not work with many wireless network adapters since the don't support promiscuous mode.  A wired network connection is generally better for use with Bridge Mode. Note that is possible to complete a test in NAT mode, but involves the inclusion of port numbers into the process.
  • When you complete the process below, you will see a set of attributes supplied by your test Shibboleth IdP displayed by the testbed's Shibboleth SP.

Initial Testing Process

A quick test of the environment includes the following steps:

  1. Download the TIER-Shib-IdP-20160501.ova file (or the most recent version) from the distribution site.
  2. Import the image into virtual box.
  3. Potentially change the network setting from NAT to Bridged - see above comments on VirtualBox.
  4. Start the virtual machine.
  5. Login to the VM:
    1. LoginId: shibboleth
    2. password: shibboleth
  6. Note the IP address or FQDN of your VM.  You will need this information later.
    1. The standard Linux command: ip addr is available.
  7. Edit the file: docker-compose.yml
    1. The simplest next step is to replace the two CHANGE_ME_DOMAN_IP locations with the IP address of your virtual machine
    2. Save the file.
  8. Build and start the environment
    1. docker-compose up -d
    2. Wait for the process to complete and delay an additional 30 to 60 seconds for Shibboleth to start.
  9. Run: docker ps to verify that the system has started.
  10. Obtain the metadata certificate
    1. Chrome formats the display better than Safari
    2. Browse to https://CHANGE_ME_DOMAIN_IP/idp/shibboleth
    3. The second certificate in the displayed metadata is the one that you need.
  11. In a separate browser
    1. Browse to: https:// testbed.tier.internet2.edu
    2. select the option to Manage testbed metadata
    3. Login via your campus InCommon credentials
  12. If you enabled bridge mode described above
    1. Obtain the IP address of your virtual machine if you haven't done so already.
      1. ip addr | grep -i "inet" and look for and address from your campus network
    2. With a web browser, connect to:https://ip_addr/registry/
    3. Ignore the SSL warnings.
    4. You should connect to a login page.  Do not expect the login function to actually work, that requires InCommon integration and this quick test does not perform any InCommon integration.

Full Testing Process

Planning for a full deployment of COmanage is beyond the scope of these release notes but the work starts the same way as above.  You will need a fixed ip address for the VM along with a hostname in DNS, a certificate from a commercial CA, and the addition of the SP into the InCommon metadata.  Once these components are in place and the configuration and startup scripts run, you will be able to login and work with COmanage. Please refer to the COmanage documentation for how to proceed after your inital login.

 

  • No labels