Difference between revisions of "HOWTO16 How to enable a Virtual Organisation on a EGI Federated Cloud"
Jump to navigation
Jump to search
Line 30: | Line 30: | ||
} | } | ||
} | } | ||
* Restart the Apache server, and it's done. |
Revision as of 13:09, 23 April 2014
Support a new Virtual Organisation in the EGI Federated Cloud
Support an already existing Virtual Organisation in the EGI Federated Cloud
Enable a Virtual Organisation on a EGI Federated Cloud site using OpenNebula
Enable a Virtual Organisation on a EGI Federated Cloud site using OpenStack
Assuming that you are using the Keystone VOMS module the steps needed are listed in the VOMS module documentation.
Keystone V2
The configuration for the Keystone V2 authentitaion is as follows:
- Configure your LSC files according to the VOMS documentation
- Create a tenant for your new VO:
$ keystone tenant-create --name <tenant_name> --description "Tenant for VO <vo>"
- Add the mapping to your
voms.json
mapping. It must be proper JSON (you can check its correctness with online or withpython -mjson.tool /etc/keystone/voms.json
). Edit the file, and add an entry like this:
{ "voname|FQAN": { "tenant": "tenant_name" } }
- Note that you can use the FQAN from the incoming proxy, so you can map a group within a VO into a tenant, like this:
{ "dteam": { "tenant": "dteam" }, "/dteam/NGI_IBERGRID": { "tenant": "dteam_ibergrid" } }
- Restart the Apache server, and it's done.