Laniakea Dashboard

The Laniakea Dashbaord is built on top of the INDIGO Orchestrator Dashboard.

Note

Current Dahsboard version: stable version

VM configuration

Create VM for Dashboard. The VM should meet the following minimum requirements:

OS	Ubuntu 16.04
vCPUs	2
RAM	4 GB
Network	Public IP address.

Warning

In this tutorial we will use the same VM for vault and the dashbord, being the two services strictly connected.

This is not requred.

Warning

All the command will be run from the control machine VM.

IAM client configuration

1. Login on IAM as Administrator User.

2. Navigate to MitreID Dashboard and select from the left panel Self-service client registration.

3. Create a New client and fill the form with the following paramethers

   Client name = dashboard_client
   
   redirect URI(s) = https://<dashboard_vm_dns_name>/login/iam/authorized
   

   

4. In the Access tab select the follwing Scopes

   Scopes: openid, profile, email, address, phone, offline_access
   

   and for Grant Types select:

   Grant types: authorization code
   

   

5. Save.

6. Save Client ID, Client Secret and Registration Access Token or the full output json in the JSON tab for future access.

Installation

The Laniakea dashboard can be installed in three different ways: Stateless, with MySQL database and with MySQL and Vault integration.

The one with MySQL and Hashicorp Vault is the one used in Laniakea.

• Install Laniakea dashboard (database and vault version)
  • Update the dashboard IAM client configuration
  • IAM client configuration for Vault
  • Installation
  • Video Tutorial

Post installation steps to enable the callback

If the callback is enabled, the PaaS Orchestrator (PaaS Orchestrator) needs to be configured accordingly.

In particular, the dashboard CA certificate has to be copied on the PaaS Orchestrator Virtual Machine in /etc/orchestrator/trusted_certs.

For Let’s Encrypt certificats, those used in this wiki:

1. Connect through SSH to the Dashboard VM and copy the content of the file /etc/letsencrypt/live/<orchestrator_dashboard_dns_name>/chain.pem.

2. Connect through SSH to the PaaS Orchestrator VM and paste the chain.pem to /etc/orchestrator/trusted_certs/dashboard-cert.pem

3. Restart the PaaS Orchestrator with:

   # docker restart orchestrator
   

4. Once the Orchestrator is started the chain file can be removed:

   # rm /etc/orchestrator/trusted_certs/dashboard-cert.pem
   

Appendix A. Stateless version

This is a simple graphical User interface of the INDIGO PaaS orchestrator. The automated storage encryption will not work.

• Install Laniakea dashboard (stateless version)

Appendix B. Database version

This version comes with a MySQL database support.

• Install Laniakea dashboard (database version)