Operation of fedcloud integration components for selected providers.
This repo consists of the main configuration for the fedcloud
catchall operations. For every endpoint, a file in the sites
directory should describe its configuration with a format as
follows:
gocdb: <name in gocdb of the site>
endpoint: <keystone endpoint of the site>
# optionally specify a protocol for the Keystone V3 federation API
protocol: openid | oidc (default is openid)
vos:
# List of VOs defined as follows
- name: <vo name>
auth:
project_id: <project id supporting the VO vo name at the site>
# any other optional configuration for cloud-info-provider, e.g:
defaultNetwork: private | public | private_only | public_only
publicNetwork: <name of the public network>Componets are run as docker containers, which if not available upstream, are generated in this repo.
Deployment is managed on a separate private repository that includes several secrets. Deployment is done with ansible using a dedicated role with:
ansible-playbook -i inventory.yaml --extra-vars "@secrets.yaml" playbook.yamlwhere:
inventory.yamlcontains the ansible inventory with the host to configuresecrets.yamlcontains the credentials for every configured VO and a valid token for the AMSplaybook.yamlis an ansible playbook that just uses thefedcloud-catchall-opsrole to configure the host