Posted By: Amira ben Hamida|
Date: 2013-10-04 14:27
Summary: Contrail 1.3~RC1 is out
What's new in the release?
- Support for external Identity Providers (for example allowing login over Google)
- Support for SAML (exchange of attributes during login)
- Support for OAuth2 standard (securing API with OAuth tokes between the component calls)
- Authorization Server (fine grained control of token usage for the users and administrators)
- Dynamic-CA (for temporary services such as software defined networks SDNs for applications)
- Bug fixes of existing components
The release is made for the security enthusiasts who wish to know more about securing the access to a federated cloud infrastructure. The focus of this release is to provide the building blocks that will enable fine-grained security and which will be used in the final release of the Contrail platform. We demonstrate the usage of external Identity Providers with a Single Sign On (SSO) feature and the usage of OAuth tokens as a basis for next release. The detailed description about what new security components can provide can be found at [S1], [S2] and [S3] wiki pages, while [OauthDemo] link provides a quick overview of OAuth functionality. [PortalDemo] demonstrates how to use IdPs and SSO.
Release R1.3 builds upon a previous release which introduced:
- SLA Manager on the provider level,
- Virtual Infrastructure Network (VIN),
- Federation updates to reflect additional functionality (SLA and VIN support)
- Updates have been made to the security part as well, adding basic OAuth 2.0 functionality.
Contrail previous releases allow a cloud administrator to offer basic SLA functionalities at the provider level on top of the deployment of applications on a data center. Virtual networks are also possible with proper OVFs.
This release of the Contrail software stack only indicates some basic workflow of SLA passing between the federation and the provider.
See the Installation Guide  for full details.
Please look at the Administration Guide  for further administration details.
For further information, please visit the download page on the Wiki of the project .
We currently support the following systems:
- Debian 6.0
- Ubuntu 12.04 LTS
- current version supports virtualization on OpenNebula clusters only.
The User's Guide  describes the basic usage and functionality of the system.
For contact and any help, please send an e-mail to the firstname.lastname@example.org.
Contrail <http://contrail-project.eu/> develops an integrated approach to virtualization, offering Infrastructure as a Service services (IaaS), services for federating IaaS clouds and Contrail Platform as a Service services (ConPaaS) on top of federated clouds. The aim of the project is designing, implementing, evaluating and promoting an open source computational cloud wherein users can limitlessly share resources.
[S1] Security services: http://contrail.projects.ow2.org/xwiki/bin/view/Documentation/+InstallationContrailSecurityServices+
[S2] OAuth Authorization Server: http://contrail.projects.ow2.org/xwiki/bin/view/Documentation/common-oauth-as
[S3] Dynamic-CA: http://contrail.projects.ow2.org/xwiki/bin/view/Documentation/dynamic-ca-server
 Installation Guide: http://contrail.projects.ow2.org/xwiki/bin/download/Documentation/WebHome/InstallationGuide.pdf
 Administration Guide: http://contrail.projects.ow2.org/xwiki/bin/download/Documentation/WebHome/AdminGuide.pdf
 Wiki Download page: http://contrail.projects.ow2.org/xwiki/bin/view/Main/Download
 User's Guide: http://contrail.projects.ow2.org/xwiki/bin/download/Documentation/WebHome/UserGuide.pdf