[GSoC]: Added Ian Duffy's proposal to guide
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/cc7e9eed Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/cc7e9eed Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/cc7e9eed Branch: refs/heads/object_store Commit: cc7e9eed7e1340729109983f79200557df22296b Parents: c0d8943 Author: Sebastien Goasguen <[email protected]> Authored: Thu Jun 6 09:29:57 2013 -0400 Committer: Sebastien Goasguen <[email protected]> Committed: Thu Jun 6 09:29:57 2013 -0400 ---------------------------------------------------------------------- docs/en-US/CloudStack_GSoC_Guide.xml | 1 + docs/en-US/gsoc-imduffy15.xml | 395 ++++++++++++++++++++++++++++++ 2 files changed, 396 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/cc7e9eed/docs/en-US/CloudStack_GSoC_Guide.xml ---------------------------------------------------------------------- diff --git a/docs/en-US/CloudStack_GSoC_Guide.xml b/docs/en-US/CloudStack_GSoC_Guide.xml index 91c2967..b7ba61f 100644 --- a/docs/en-US/CloudStack_GSoC_Guide.xml +++ b/docs/en-US/CloudStack_GSoC_Guide.xml @@ -47,6 +47,7 @@ <xi:include href="Author_Group.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> </bookinfo> <xi:include href="gsoc-tuna.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> + <xi:include href="gsoc-imduffy15.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> </book> http://git-wip-us.apache.org/repos/asf/cloudstack/blob/cc7e9eed/docs/en-US/gsoc-imduffy15.xml ---------------------------------------------------------------------- diff --git a/docs/en-US/gsoc-imduffy15.xml b/docs/en-US/gsoc-imduffy15.xml new file mode 100644 index 0000000..652152f --- /dev/null +++ b/docs/en-US/gsoc-imduffy15.xml @@ -0,0 +1,395 @@ +<?xml version='1.0' encoding='utf-8' ?> +<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [ +<!ENTITY % BOOK_ENTITIES SYSTEM "CloudStack_GSoC_Guide.ent"> +%BOOK_ENTITIES; +]> + +<!-- Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<chapter id="gsoc-imduffy15"> + <title>Ians's 2013 GSoC Proposal</title> + <para>This chapter describes Ians 2013 Google Summer of Code project within the &PRODUCT; ASF project. It is a copy paste of the submitted proposal.</para> + <section id="ldap-user-provisioning"> + <title>LDAP user provisioning</title> + <para> + "Need to automate the way the LDAP users are provisioned into cloud stack. This will mean better + integration with a LDAP server, ability to import users and a way to define how the LDAP user + maps to the cloudstack users." + </para> + </section> + <section id="abstract"> + <title>Abstract</title> + <para> + The aim of this project is to provide an more effective mechanism to provision users from LDAP + into cloudstack. Currently cloudstack enables LDAP authentication. In this authentication users + must be first setup in cloudstack. Once the user is setup in cloudstack they can authenticate + using their LDAP username and password. This project will improve Cloudstack LDAP integration + by enabling users be setup automatically using their LDAP credential + </para> + </section> + <section id="deliverables"> + <title>Deliverables</title> + <itemizedlist> + <listitem> + <para>Service that retrieves a list of LDAP users from a configured group</para> + </listitem> + <listitem> + <para>Extension of the cloudstack UI "Add User" screen to offer user list from LDAP</para> + </listitem> + <listitem> + <para>Add service for saving new user it details from LDAP</para> + </listitem> + <listitem> + <para>BDD unit and acceptance automated testing</para> + </listitem> + <listitem> + <para>Document change details</para> + </listitem> + </itemizedlist> + </section> + <section id="quantifiable-results"> + <title>Quantifiable Results</title> + <informaltable> + <tgroup cols="2"> + <tbody> + <row> + <entry>Given</entry> + <entry>An administrator wants to add new user to cloudstack and LDAP is setup in cloudstack</entry> + </row> + <row> + <entry>When</entry> + <entry>The administrator opens the "Add User" screen</entry> + </row> + <row> + <entry>Then</entry> + <entry>A table of users appears for the current list of users (not already created on cloudstack) from the LDAP group displaying their usernames, given name and email address. The timezone dropdown will still be available beside each user</entry> + </row> + </tbody> + </tgroup> + </informaltable> + <para/> + <informaltable> + <tgroup cols="2"> + <tbody> + <row> + <entry>Given</entry> + <entry>An administrator wants to add new user to cloudstack and LDAP is not setup in cloudstack</entry> + </row> + <row> + <entry>When</entry> + <entry>The administrator opens the "Add User" screen</entry> + </row> + <row> + <entry>Then</entry> + <entry>The current add user screen and functionality is provided</entry> + </row> + </tbody> + </tgroup> + </informaltable> + <para/> + <informaltable> + <tgroup cols="2"> + <tbody> + <row> + <entry>Given</entry> + <entry>An administrator wants to add new user to cloudstack and LDAP is setup in cloudstack</entry> + </row> + <row> + <entry>When</entry> + <entry>The administrator opens the "Add User" screen and mandatory information is missing</entry> + </row> + <row> + <entry>Then</entry> + <entry>These fields will be editable to enable you to populate the name or email address</entry> + </row> + </tbody> + </tgroup> + </informaltable> + <para/> + <informaltable> + <tgroup cols="2"> + <tbody> + <row> + <entry>Given</entry> + <entry>An administrator wants to add new user to cloudstack, LDAP is setup and the user being created is in the LDAP query group</entry> + </row> + <row> + <entry>When</entry> + <entry>The administrator opens the "Add User" screen</entry> + </row> + <row> + <entry>Then</entry> + <entry>There is a list of LDAP users displayed but the user is present in the list</entry> + </row> + </tbody> + </tgroup> + </informaltable> + <para/> + <informaltable> + <tgroup cols="2"> + <tbody> + <row> + <entry>Given</entry> + <entry>An administrator wants to add a new user to cloudstack, LDAP is setup and the user is not in the query group</entry> + </row> + <row> + <entry>When</entry> + <entry>The administrator opens the "Add User" screen</entry> + </row> + <row> + <entry>Then</entry> + <entry>There is a list of LDAP users displayed but the user is not in the list</entry> + </row> + </tbody> + </tgroup> + </informaltable> + <para/> + <informaltable> + <tgroup cols="2"> + <tbody> + <row> + <entry>Given</entry> + <entry>An administrator wants to add a group of new users to cloudstack</entry> + </row> + <row> + <entry>When</entry> + <entry>The administrator opens the "Add User" screen, selects the users and hits save</entry> + </row> + <row> + <entry>Then</entry> + <entry>The list of new users are saved to the database</entry> + </row> + </tbody> + </tgroup> + </informaltable> + <para/> + <informaltable> + <tgroup cols="2"> + <tbody> + <row> + <entry>Given</entry> + <entry>An administrator has created a new LDAP user on cloudstack</entry> + </row> + <row> + <entry>When</entry> + <entry>The user authenticates against cloudstack with the right credentials</entry> + </row> + <row> + <entry>Then</entry> + <entry>They are authorised in cloudstack</entry> + </row> + </tbody> + </tgroup> + </informaltable> + <para/> + <informaltable> + <tgroup cols="2"> + <tbody> + <row> + <entry>Given</entry> + <entry>A user wants to edit an LDAP user</entry> + </row> + <row> + <entry>When</entry> + <entry>They open the "Edit User" screen</entry> + </row> + <row> + <entry>Then</entry> + <entry>The password fields are disabled and cannot be changed</entry> + </row> + </tbody> + </tgroup> + </informaltable> + <para/> + </section> + <section id="the-design-document"> + <title>The Design Document</title> + <para> + <emphasis role="bold"> + LDAP user list service + </emphasis> + </para> + <para> + <emphasis role="bold">name:</emphasis> ldapUserList + </para> + <para> + <emphasis role="bold">responseObject:</emphasis> LDAPUserResponse {username,email,name} + </para> + <para> + <emphasis role="bold">parameter:</emphasis> listType:enum {NEW, EXISTING,ALL} (Default to ALL if no option provided) + </para> + <para> + Create a new API service call for retreiving the list of users from LDAP. This will call a new + ConfigurationService which will retrieve the list of users using the configured search base and the query + filter. The list may be filtered in the ConfigurationService based on listType parameter + </para> + <para> + <emphasis role="bold"> + LDAP Available Service + </emphasis> + </para> + <para> + <emphasis role="bold">name:</emphasis> ldapAvailable + </para> + <para> + <emphasis role="bold">responseObject</emphasis> LDAPAvailableResponse {available:boolean} + </para> + <para> + Create a new API service call veriying LDAP is setup correctly verifying the following configuration elements are all set: + <itemizedlist> + <listitem> + <para>ldap.hostname</para> + </listitem> + <listitem> + <para>ldap.port</para> + </listitem> + <listitem> + <para>ldap.usessl</para> + </listitem> + <listitem> + <para>ldap.queryfilter</para> + </listitem> + <listitem> + <para>ldap.searchbase</para> + </listitem> + <listitem> + <para>ldap.dn</para> + </listitem> + <listitem> + <para>ldap.password</para> + </listitem> + </itemizedlist> + </para> + <para> + <emphasis role="bold"> + LDAP Save Users Service + </emphasis> + </para> + <para> + <emphasis role="bold">name:</emphasis> ldapSaveUsers + </para> + <para> + <emphasis role="bold">responseObject:</emphasis> LDAPSaveUsersRssponse {list<![CDATA[<UserResponse>]]>} + </para> + <para> + <emphasis role="bold">parameter:</emphasis> list of users + </para> + <para> + Saves the list of objects instead. Following the functionality in CreateUserCmd it will + <itemizedlist> + <listitem> + <para>Create the user via the account service</para> + </listitem> + <listitem> + <para>Handle the response</para> + </listitem> + </itemizedlist> + It will be decided whether a transation should remain over whole save or only over individual users. A list of UserResponse will be returned. + </para> + <para> + <emphasis role="bold"> + Extension of cloudstack UI "Add User" screen + </emphasis> + </para> + <para> + Extend account.js enable the adding of a list of users with editable fields where required. The new "add user" screen for LDAP setup will: + <itemizedlist> + <listitem> + <para>Make an ajax call to the ldapAvailable, ldapuserList and ldapSaveUsers services</para> + </listitem> + <listitem> + <para>Validate on username, email, firstname and lastname</para> + </listitem> + </itemizedlist> + </para> + <para> + <emphasis role="bold"> + Extension of cloudstack UI "Edit User" screen + </emphasis> + </para> + <para> + Extend account.js to disable the password fields on the edit user screen if LDAP available, specifically: + <itemizedlist> + <listitem> + <para>Make an ajax call to the ldapAvailable, ldapuserList and ldapSaveUsers services</para> + </listitem> + <listitem> + <para>Validate on username, email, firstname and lastname. Additional server validation will nsure the password has not changed</para> + </listitem> + </itemizedlist> + </para> + </section> + <section id="approach"> + <title>Approach</title> + <para> + To get started a development cloudstack environment will be created with DevCloud used to verify changes. Once the schedule is agreed with the mentor the deliverables will be broken into small user stories with expected delivery dates set. The development cycle will focus on BDD, enforcing all unit and acceptance tests are written first. + </para> + <para> + A build pipe line for continious delivery environment around cloudstack will be implemented, the following stages will be adopted: + </para> + <informaltable> + <tgroup cols="2"> + <thead> + <row> + <entry>Stage</entry> + <entry>Action</entry> + </row> + </thead> + <tbody> + <row> + <entry>Commit</entry> + <entry>Run unit tests</entry> + </row> + <row> + <entry>Sonar</entry> + <entry>Runs code quality metrics</entry> + </row> + <row> + <entry>Acceptance</entry> + <entry>Deploys the devcloud and runs all acceptance tests</entry> + </row> + <row> + <entry>Deployment</entry> + <entry>Deploy a new management server using Chef</entry> + </row> + </tbody> + </tgroup> + </informaltable> + </section> + <section id="about-me"> + <title>About me</title> + <para> + I am a Computer Science Student at Dublin City University in Ireland. I have interests in virtualization, +automation, information systems, networking and web development + </para> + <para> + I was involved with a project in a K-12(educational) environment of moving their server systems over +to a virtualized environment on ESXi. I have good knowledge of programming in Java, PHP and +Scripting langages. During the configuration of an automation system for OS deployment I experienced +some exposure to scripting in powershell, batch, vbs and bash and configuration of PXE images based +of WinPE and Debian. +Additionally I am also a mentor in an opensource teaching movement called CoderDojo, we teach kids +from the age of 8 everything from web page, HTML 5 game and raspberry pi development. It's really +cool. + </para> + <para> + Iâm excited at the opportunity and learning experience that cloudstack are offering with this project. + </para> + </section> +</chapter>
