Skip to content
Snippets Groups Projects
Commit 7bc2bd01 authored by Goik Martin's avatar Goik Martin
Browse files

Basic Sdi start

parent a8f3227c
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Doc/Sdi/Fig/ldaptree.fig 0 → 100644
+ 101
0
View file @ 7bc2bd01
#FIG 3.2 Produced by xfig version 3.2.5a
Landscape
Center
Metric
Letter
100.00
Single
-2
1200 2
0 32 #9c0000
0 33 #8c8c8c
0 34 #8c8c8c
0 35 #424242
0 36 #8c8c8c
0 37 #424242
0 38 #8c8c8c
0 39 #424242
0 40 #8c8c8c
0 41 #424242
0 42 #8c8c8c
0 43 #424242
6 2205 405 6435 945
2 4 0 2 0 7 900 -1 -1 0.000 0 0 7 0 0 5
6390 900 6390 450 2250 450 2250 900 6390 900
4 0 0 900 -1 30 24 0.0000 4 390 3795 2430 810 dc=betrayer;dc=com\001
-6
6 7695 2205 10485 2745
2 4 0 2 0 7 900 -1 -1 0.000 0 0 7 0 0 5
10440 2700 10440 2250 7740 2250 7740 2700 10440 2700
4 0 0 900 -1 30 24 0.0000 4 300 2400 7875 2610 ou=financial\001
-6
6 3960 4005 6345 4590
2 4 0 2 0 7 900 -1 -1 0.000 0 0 7 0 0 5
6300 4545 6300 4050 4005 4050 4005 4545 6300 4545
4 0 0 900 -1 30 24 0.0000 4 390 1995 4095 4410 ou=testing\001
-6
6 2520 1485 6030 2025
2 4 0 2 0 7 900 -1 -1 0.000 0 0 7 0 0 5
5985 1980 5985 1530 2565 1530 2565 1980 5985 1980
4 0 0 900 -1 30 24 0.0000 4 390 3090 2745 1890 ou=departments\001
-6
6 2835 2655 5670 3195
2 4 0 2 0 7 900 -1 -1 0.000 0 0 7 0 0 5
5625 3150 5625 2700 2880 2700 2880 3150 5625 3150
4 0 0 900 -1 30 24 0.0000 4 300 2355 3015 3060 ou=software\001
-6
2 2 0 2 7 7 900 -1 -1 0.000 0 0 -1 0 0 5
0 0 10800 0 10800 6750 0 6750 0 0
2 4 0 2 0 7 900 -1 -1 0.000 0 0 7 0 0 5
3915 5490 3915 4950 2250 4950 2250 5490 3915 5490
2 4 0 2 0 7 900 -1 -1 0.000 0 0 7 0 0 5
3915 6120 3915 5670 2250 5670 2250 6120 3915 6120
2 4 0 2 0 7 900 -1 -1 0.000 0 0 7 0 0 5
2970 4545 2970 4050 900 4050 900 4545 2970 4545
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 2
3 1 2.00 120.00 240.00
3780 3150 1800 4050
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 2
3 1 2.00 120.00 240.00
4680 3150 5085 4050
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 2
3 1 2.00 120.00 240.00
5265 1980 7740 2475
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 2
3 1 2.00 120.00 240.00
4365 1980 4365 2700
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 2
3 1 2.00 120.00 240.00
4365 900 4365 1530
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 3
3 1 2.00 120.00 240.00
4545 4545 4545 4995 5310 4995
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 3
3 1 2.00 120.00 240.00
4545 4995 4545 5445 5310 5445
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 3
3 1 2.00 120.00 240.00
4545 5445 4545 5850 5310 5850
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 3
3 1 2.00 120.00 240.00
1350 4545 1350 5175 2250 5175
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 3
3 1 2.00 120.00 240.00
1350 5175 1350 5895 2205 5895
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 3
3 1 2.00 120.00 240.00
8145 2700 8145 3150 8820 3150
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 3
3 1 2.00 120.00 240.00
8145 3150 8145 3645 8775 3645
2 1 0 2 0 7 900 -1 -1 0.000 0 0 -1 1 0 3
3 1 2.00 120.00 240.00
8145 3645 8145 4095 8775 4095
4 0 0 900 -1 30 24 0.0000 4 285 1755 1080 4410 ou=devel\001
4 0 0 900 -1 30 24 0.0000 4 270 1470 2340 6075 A. Bean\001
4 0 0 900 -1 30 24 0.0000 4 375 1515 2340 5355 J. Smith\001
4 0 0 900 -1 30 24 0.0000 4 60 315 2385 6525 ...\001
4 0 0 900 -1 30 24 0.0000 4 60 315 5265 6480 ...\001
4 0 0 900 -1 30 24 0.0000 4 60 315 8415 4410 ...\001
4 0 0 900 -1 30 24 0.0000 4 285 1335 9000 3375 Entries\001
4 0 0 900 -1 30 24 0.0000 4 285 1335 5580 5175 Entries\001
Doc/Sdi/apache.xml 0 → 100644
+ 13
0
View file @ 7bc2bd01
<?xml version="1.0" encoding="UTF-8"?>
<chapter version="5.0" xml:id="sdiApache"
xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
xmlns:db="http://docbook.org/ns/docbook">
<title></title>
<para/>
</chapter>
Doc/Sdi/ldap.xml 0 → 100644
+ 370
0
View file @ 7bc2bd01
<?xml version="1.0" encoding="UTF-8"?>
<chapter version="5.0" xml:id="sdiLdap" xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
xmlns:db="http://docbook.org/ns/docbook">
<title>LDAP</title>
<section xml:id="ldapPrepare">
<title>Recommended Preparations</title>
<para>Introductory Material</para>
<itemizedlist>
<listitem>
<para><uri xlink:href="http://www.zytrax.com/books/ldap">LDAP for
Rocket Scientists</uri></para>
</listitem>
<listitem>
<para><uri
xlink:href="http://www.novell.com/coolsolutions/feature/15359.html">An
Introduction to LDAP: Part 1</uri></para>
</listitem>
<listitem>
<para><uri
xlink:href="http://quark.humbug.org.au/publications/ldap/ldap_tut.html">Introduction
to LDAP</uri></para>
</listitem>
<listitem>
<para><uri
xlink:href="http://www-cs-students.stanford.edu/~hgberg/Links/LDAP.pdf">Slides
ldap.pdf</uri></para>
</listitem>
<listitem>
<para><uri
xlink:href="http://ldapman.org/articles/intro_to_ldap.html">ldapman.org,
An Introduction to LDAP</uri></para>
</listitem>
</itemizedlist>
<para>Since we use the <uri
xlink:href="http://www.openldap.org">OpenLDAP</uri> server during the
exercises a lot of useful material can be collected from <uri
xlink:href="http://www.openldap.org">http://www.openldap.org</uri>.</para>
<para>The following questions might arise when starting practical
work:</para>
<itemizedlist>
<listitem>
<para>What is the <acronym>LDAP</acronym> Protocol? What is the
difference between the two protocols <acronym>ldap</acronym> and
<acronym>ldaps </acronym>?</para>
</listitem>
<listitem>
<para>What does the acronym <acronym>dc</acronym> in
<acronym>dc=somedomain, dc=org</acronym> stand for?</para>
</listitem>
<listitem>
<para>What is the role of <acronym>LDAP</acronym> objectclass
definitions? How do they relate to <acronym>LDAP</acronym> schema
definitions?</para>
</listitem>
<listitem>
<para>Describe the relationship between <acronym>LDAP</acronym>
entries and <code>objectClass</code> values.</para>
</listitem>
<listitem>
<para>Is it possible to dynamically change an entries
structure?</para>
</listitem>
<listitem>
<para>What does the term <quote>bind to an
<acronym>LDAP</acronym></quote> server mean? Which two types of bind
operations are generally being distinguished?</para>
</listitem>
<listitem>
<para>Do <acronym>LDAP</acronym> servers in general support database
features like transactions, ACID semantic etc. ?</para>
</listitem>
<listitem>
<para>Explain the term <quote>replication</quote> in an
<acronym>LDAP</acronym> server context.</para>
</listitem>
<listitem>
<para>Why do organizations sometimes prefer <acronym>LDAP</acronym>
data repositories rather than using relational database
systems?</para>
</listitem>
<listitem>
<para>How is the <acronym>LDIF</acronym> format being organized?
Explain the practical use of <acronym>LDIF</acronym> data when running
a <acronym>LDAP</acronym> service.</para>
</listitem>
<listitem>
<para><acronym>LDAP</acronym> filters</para>
<itemizedlist>
<listitem>
<para>How do <acronym>LDAP</acronym> filters work?</para>
</listitem>
<listitem>
<para>What is the meaning of the term <emphasis>scope</emphasis>
?</para>
</listitem>
<listitem>
<para>How do predicate based filters connected by logical
<emphasis role="bold">and/or/not</emphasis> look like?</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para><productname>OpenLDAP</productname> server software specific
questions</para>
<itemizedlist>
<listitem>
<para>What does the term database backend refer to with respect to
<productname>OpenLDAP</productname> server implementation?</para>
</listitem>
<listitem>
<para>Which two ways of <acronym>LDAP</acronym> replication to
slave servers are on offer? Why is replication important?</para>
</listitem>
<listitem>
<para>How do you restrict access to <acronym>LDAP</acronym>
directories?</para>
</listitem>
<listitem>
<para>How do you speed up predicate based queries?</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
</section>
<section xml:id="ldapExercises">
<title>Exercises</title>
<para>Our aim is to set up an <acronym>LDAP</acronym> Server being
populated with thew following company structure of organisational units
and persons:</para>
<figure xml:id="ldapBetrayerComTree">
<title>An example <acronym>LDAP</acronym> Tree</title>
<mediaobject>
<imageobject>
<imagedata fileref="Fig/ldaptree.fig"/>
</imageobject>
</mediaobject>
</figure>
<section xml:id="ldapServerSetup">
<title>Set up an <productname>OpenLdap</productname> server</title>
<para>Log in on your host system and issue:</para>
<programlisting language="shell">yum install openldap-servers</programlisting>
<para>Next we set up the server's configuration
<filename>/etc/openldap/slapd.conf</filename>. We have to define the
root context, the administrator's <acronym>DN</acronym> and its password
hash being obtained by executing <command>slappasswd</command>:</para>
<programlisting language="shell">#######################################################################
# ldbm and/or bdb database definitions
#######################################################################
database bdb
<emphasis role="bold">suffix "dc=betrayer,dc=com"
rootdn "cn=Manager,dc=betrayer,dc=com"</emphasis>
# Cleartext passwords, especially for the rootdn, should
# be avoided. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
<emphasis role="bold">rootpw {SSHA}UkU4rnQFGmRj4wEf/suWuhnG0CMuJIvf</emphasis>
# rootpw {crypt}ijFYNcSNctBYg</programlisting>
<para>In order to enable separate logging of <acronym>ldap</acronym>
related messages in <filename>/var/log/ldap.log</filename> we append the
following lines to <filename>/etc/syslog.conf</filename>:</para>
<programlisting language="shell">#Logging ldap
local4.* /var/log/ldap.log</programlisting>
<para>To activate this configuration we have to restart the
<command>syslog</command> daemon. We should now be able to start the
<acronym>LDAP</acronym> server:</para>
<programlisting language="shell">/etc/init.d/ldap start</programlisting>
</section>
<section xml:id="ldapCompanyLdif">
<title>The <filename>.ldif</filename> file</title>
<para>The following file defines a part of our <code>betrayer.com</code>
directory structure:</para>
<programlisting language="shell">dn:dc=betrayer,dc=com
changetype: add
objectclass: dcObject
objectclass: organizationalUnit
dc: betrayer
ou: config
ou: betrayer Dot com
dn: ou=departments,dc=betrayer;dc=com
changetype: add
objectClass: top
objectClass: organizationalUnit
ou: departments
dn: ou=software,ou=departments,dc=betrayer;dc=com
changetype: add
objectClass: top
objectClass: organizationalUnit
ou: software
dn: ou=devel,ou=software,ou=departments,dc=betrayer;dc=com
changetype: add
objectClass: top
objectClass: organizationalUnit
ou: devel
dn: uid=beam,ou=devel,ou=software,ou=departments,dc=betrayer;dc=com
changetype: add
objectClass: inetOrgPerson
uid: beam
cn: Jim Beam
givenName: Jim
sn: Beam
mail: beam@betrayer.com</programlisting>
<para>For your convenience we have installed the <uri
xlink:href="http://directory.apache.org/studio">Apache Directory
Studio</uri> Eclipse plugin. It provides an <acronym>LDIF</acronym>
editor which may assist you to complete the betryer.com directory
entries. You should also add some more persons to the
<quote>leaf</quote> organisational units.</para>
</section>
<section xml:id="ldapPopulateData">
<title>Populating the <acronym>LDAP</acronym> server</title>
<para>You may use the <uri
xlink:href="http://directory.apache.org/studio">Apache Directory
Studio</uri> to bind to your new <acronym>LDAP</acronym> server by using
<code>cn=Manager,dc=betrayer,dc=com</code> and the corresponding
password.</para>
<para>After successful connecting the previously established
<acronym>LDIF</acronym> file may be used to populate the server with
initial data. This may also be achieved on the server side by omitting
the <code>changetype</code> lines in the <acronym>LDIF</acronym> file
and:</para>
<itemizedlist>
<listitem>
<para>Shutdown the <acronym>LDAP</acronym> server</para>
</listitem>
<listitem>
<para>using <command>slapadd</command> as user <code>ldap</code> to
read the <acronym>LDIF</acronym> data into the server.</para>
</listitem>
<listitem>
<para>Startup the <acronym>LDAP</acronym> server.</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="ldapTest">
<title>Accessing <acronym>LDAP</acronym> data by a mail client</title>
<para>The directory studio allows to reread the directory tree. As a
different approach you shall configure your local mail client (e.g.
<productname>thunderbird</productname>) to use your
<acronym>LDAP</acronym> server for email address lookup.</para>
</section>
<section xml:id="ldapFilter">
<title>Filter based search</title>
<para>Execute the following <acronym>LDAP</acronym> filter based
searches:</para>
<itemizedlist>
<listitem>
<para>All users with a <code>uid</code> attribute value starting
with the letter <quote>b</quote>.</para>
</listitem>
<listitem>
<para>All entries either with either a defined <code>uid</code>
attribute or a <code>ou</code> attribute starting with letter
<quote>d</quote>.</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="ldapExtendPosixAccount">
<title>Extending an existing entry</title>
<para>The entry
<code>uid=beam,ou=devel,ou=software,ou=departments,dc=betrayer;dc=com</code>
may be extended by the objectclass <code>posixAccount</code>. Construct
a <acronym>LDIF</acronym> file to add the attributes
<code>uidNumber</code>, <code>gidNumber</code> and
<code>homeDirectory</code> by a modify/add operation.</para>
</section>
<section xml:id="ldapReplication">
<title>Replication</title>
<para>In order to activate <acronym>LDAP</acronym> data replication from
a provider server to a consumer server we need an administrative user o
the server with sufficient read access. This can be achieved by creating
a user <code>cn=SyncAdmin,dc=betrayer;dc=com</code> having structural
objectclass <code>organizationalRole</code> and auxiliary objectclass
<code>simpleSecurityObject</code>.</para>
<para>Follow the <uri
xlink:href="http://www.zytrax.com/books/ldap/ch7/#ol-syncrepl-rap">syncrepl
refreshAndPersist</uri> setup and configure a consumer (replica)
<acronym>ldap</acronym> server of your current master. Define a sync
user <code>cn=SyncAdmin,dc=betrayer;dc=com</code> and a corresponding
password hash. Caveat: In order to avoid access problems un comment and
extend the existing lines in <filename>slapd.conf</filename> rather than
adding a block of your own in a wrong position within the configuration
file:</para>
<programlisting language="shell">access to *
by dn.base="cn=SyncAdmin,dc=betrayer;dc=com" read
by self write
by users read
by anonymous auth</programlisting>
<para>Now add the <acronym>LDAP</acronym> consumer on a different host
and follow the instructions in <uri
xlink:href="http://www.zytrax.com/books/ldap/ch7/#ol-syncrepl-rap">syncrepl
refreshAndPersist</uri> to allow synchronisation to the provider.</para>
<para>Check if provider changes are being propagated to the
consumer.</para>
</section>
</section>
</chapter>
Doc/Sdi/package.xml 0 → 100644
+ 31
0
View file @ 7bc2bd01
<?xml version="1.0" encoding="UTF-8"?>
<chapter version="5.0" xml:id="sdiPackage"
xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
xmlns:db="http://docbook.org/ns/docbook">
<title>Ubuntu / Debian Package management</title>
<section xml:id="sdPackagePrerequisites">
<title>Prerequisites</title>
<para>Suggested readings:</para>
<itemizedlist>
<listitem>
<para><productname>Ubuntu</productname> 14.04 <link
xlink:href="https://help.ubuntu.com/14.04/serverguide/package-management.html">Package
Management</link></para>
</listitem>
<listitem>
<para><link
xlink:href="http://www.tecmint.com/dpkg-command-examples">15 Practical
Examples of “dpkg commands” for Debian Based Distros</link></para>
</listitem>
</itemizedlist>
</section>
</chapter>
Doc/Sdi/unixIntro.xml 0 → 100644
+ 165
0
View file @ 7bc2bd01
<?xml version="1.0" encoding="UTF-8"?>
<chapter version="5.0" xml:id="sdiUnixIntro"
xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
xmlns:db="http://docbook.org/ns/docbook">
<title>UNIX / LINUX Basics</title>
<section xml:id="sdiUnixIntroPrerequisites">
<title>Prerequisites</title>
<para>Suggested readings</para>
<glosslist>
<glossentry>
<glossterm>Shell / bash</glossterm>
<glossdef>
<para
xlink:href="http://www.tldp.org/LDP/Bash-Beginners-Guide/html">Bash
Guide for Beginners</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>Secure Shell</glossterm>
<glossdef>
<para><link
xlink:href="http://docstore.mik.ua/orelly/networking_2ndEd/ssh">The
definitive guide</link>, also available at <link
xlink:href="http://proquest.safaribooksonline.com/book/networking/ssh/0596000111">SafariOnline</link></para>
<itemizedlist>
<listitem>
<para>Public/private keys, passphrases</para>
</listitem>
<listitem>
<para>Trusted hosts</para>
</listitem>
<listitem>
<para>Port forwarding</para>
</listitem>
<listitem>
<para>X11 forwarding</para>
</listitem>
<listitem>
<para>ssh agent</para>
</listitem>
</itemizedlist>
</glossdef>
</glossentry>
<glossentry>
<glossterm>Important commands (among with their options)</glossterm>
<glossdef>
<glosslist>
<glossentry>
<glossterm>Files</glossterm>
<glossdef>
<itemizedlist>
<listitem>
<para>rm, rmdir</para>
</listitem>
<listitem>
<para>ls</para>
</listitem>
<listitem>
<para>find</para>
</listitem>
<listitem>
<para>touch</para>
</listitem>
<listitem>
<para>chmod / chown</para>
</listitem>
<listitem>
<para><command>tail</command>,
<command>head</command></para>
</listitem>
<listitem>
<para>grep</para>
</listitem>
</itemizedlist>
</glossdef>
</glossentry>
<glossentry>
<glossterm>Network</glossterm>
<glossdef>
<itemizedlist>
<listitem>
<para><command>ifconfig</command></para>
</listitem>
<listitem>
<para><command>ping</command></para>
</listitem>
<listitem>
<para><command>route</command></para>
</listitem>
<listitem>
<para><command>traceroute</command></para>
</listitem>
</itemizedlist>
</glossdef>
</glossentry>
<glossentry>
<glossterm>Processes</glossterm>
<glossdef>
<itemizedlist>
<listitem>
<para>ps</para>
</listitem>
<listitem>
<para>kill</para>
</listitem>
<listitem>
<para>top / htop</para>
</listitem>
<listitem>
<para>nice</para>
</listitem>
</itemizedlist>
</glossdef>
</glossentry>
</glosslist>
</glossdef>
</glossentry>
<glossentry>
<glossterm>The vi(m) text editor</glossterm>
<glossdef>
<para
xlink:href="https://blog.interlinked.org/tutorials/vim_tutorial.html">Vim
Introduction and Tutorial</para>
</glossdef>
</glossentry>
</glosslist>
</section>
</chapter>
Doc/lectures.xml
+ 15
0
View file @ 7bc2bd01
......@@ -101,6 +101,21 @@
<xi:include href="Sda2/jax-rs.xml" xpointer="element(/1)"/>
</part>
<part xml:id="sdi">
<info>
<title>Software defined infrastructure</title>
</info>
<xi:include href="Sdi/unixIntro.xml" xpointer="element(/1)"/>
<xi:include href="Sdi/package.xml" xpointer="element(/1)"/>
<xi:include href="Sdi/ldap.xml" xpointer="element(/1)"/>
<xi:include href="Sdi/apache.xml" xpointer="element(/1)"/>
</part>
<xi:include href="Common/bibliography.xml" xpointer="element(/1)"/>
<xi:include href="Common/glossary.xml" xpointer="element(/1)"/>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment