| Version 13 (modified by , 8 years ago) (diff) |
|---|
Services
Docker
Containers
- aai-discovery, tag: docker.clarin.eu/aai-discovery:1.8.2.2
- md-conversion, tag: docker.clarin.eu/aai-md-conversion:1.0.0
- proxy, tag: docker.clarin.eu/aai-discovery-proxy:1.0.4
- IDP (v3.2), tag:
Setup
Discovery service
Pull images from the repository:
docker pull tianon/true docker login docker.clarin.eu docker pull docker.clarin.eu/aai-discovery:1.8.2.2 docker pull docker.clarin.eu/aai-discovery-proxy:1.0.4
Create containers:
docker create \
--name aai-discovery-data \
-v /data \
tianon/true
docker create \
--name aai-discovery \
-p 8080:8080 \
--volumes-from aai-discovery-data \
-v /var/log/docker/aai-discovery/tomcat8:/var/log/tomcat8 \
docker.clarin.eu/aai-discovery:1.8.2.2
docker create \
--name proxy \
-p 80:80 -p 443:443 \
-v /root/certstore:/etc/nginx/ssl \
-v /var/log/docker/proxy/nginx/:/var/log/nginx/ \
--link aai-discovery:tomcat \
docker.clarin.eu/aai-discovery-proxy:1.0.4
Manage containers:
docker start|stop|restart aai-discovery docker start|stop|restart proxy
Crontab
SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root # For details see man 4 crontabs # Example of job definition: # .---------------- minute (0 - 59) # | .------------- hour (0 - 23) # | | .---------- day of month (1 - 31) # | | | .------- month (1 - 12) OR jan,feb,mar,apr ... # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat # | | | | | # * * * * * user-name command to be executed */15 * * * * root docker run -i --rm --volumes-from aai-discovery-data --link aai-discovery:sma docker.clarin.eu/aai-md-conversion:1.0.0
IDP v3.2
Authentication flow configuration:
- https://wiki.shibboleth.net/confluence/display/IDP30/AuthenticationFlowSelection
- https://wiki.shibboleth.net/confluence/display/IDP30/AuthenticationConfiguration
- https://wiki.shibboleth.net/confluence/display/IDP30/PasswordAuthnConfiguration
- https://wiki.shibboleth.net/confluence/display/IDP30/LDAPAuthnConfiguration
Tomcat reverse proxy (X-FORWARDED-* headers):
Building:
cd ~/docker-shibboleth-demo/shibboleth-idp docker build -t docker.clarin.eu/idp:1.0.0 .
Initial run:
docker run \ --restart=always -d \ --name idp2 \ --volumes-from shibboleth-data \ --volumes-from shibboleth-idp-data \ -p 172.17.42.1:8081:8080 \ docker.clarin.eu/idp:1.0.0
