Operation of fedcloud integration components for selected providers.
This repository consists of the main configuration for the fedcloud catchall
operations. For every endpoint, a file in the sites directory should describe
its configuration with a format as follows:
gocdb: <name in gocdb of the site>
endpoint: <keystone endpoint of the site>
# optional: use central image sync
images:
# true, get sync, false do not
sync: true
# a list of supported formats of the site can be specified
# if not available, no conversion will be done, so whatever format
# is available in AppDB will be used
formats:
- qcow2
- raw
# optionally specify a protocol for the Keystone V3 federation API
protocol: openid | oidc (default is openid)
# optionally specify a region name if using different regions
region: myregion
vos:
# List of VOs defined as follows
- name: <vo name>
auth:
project_id: <project id supporting the VO vo name at the site>
# any other optional configuration for cloud-info-provider, e.g:
# not really used for now
defaultNetwork: private | public | private_only | public_only
publicNetwork: <name of the public network>Components are run as docker containers, which if not available upstream, are generated in this repository.
Deployment is managed with GitHub actions, there is a VM for the cloud-info-provider and one VM for the image sync. Check the deploy directory for details. Configuration is done with ansible using a dedicated role:
ansible-playbook -i inventory.yaml --extra-vars "@secrets.yaml" playbook.yamlwhere:
inventory.yamlcontains the ansible inventory with the host to configuresecrets.yamlcontains the credentials for every configured VO and a valid token for the AMSplaybook.yamlis an ansible playbook that just uses thecatchallrole to configure the host