Professional Documents
Culture Documents
CCL Manual
CCL Manual
CCL Manual
Theory: Cloud computing refers to applications and services that run on a distributed network
using virtualized resources and accessed by common Internet protocols and networking
standards.
Virtualization: resources are shared. System and storage can be provisioned as needed
from a centralized infrastructure, costs are on metered basis, and resources are scalable.
Implementation Models:
Description:
Amazon Elastic Compute Cloud is a central part of Amazon.com's cloud computing platform,
Amazon Web Services. EC2 allows users to rent virtual computers on which to run their own
computer applications. Amazon Web Services (AWS), a subsidiary of Amazon.com,offers a
suite of cloud computing services that make up an on-demand computing platform. These
services operate from 16 geographical regions across the world. They include Amazon Elastic
Compute Cloud, also known as "EC2", and Amazon Simple Storage Service, also known as
"S3". As of 2016 AWS has more than 70 services, spanning a wide range, including compute,
storage, networking, database, analytics, application services, deployment, management,
mobile, developer tools and tools for the Internet of things. Amazon markets AWS as a
service to provide large computing capacity quicker and cheaper than a client company
building an actual physical server farm.
List of products
Compute
Networking
Content delivery
Storage and content
delivery Database
Deployment
Management
Application
services Analytics
1. https://en.wikipedia.org/wiki/Amazon_Web_Services
2. https://aws.amazon.com/
2. The Identity Service uses a database to store information. Specify the location of
the database in the configuration file. In this guide, we use a MySQL database
on the controller node with the username keystone. Replace KEYSTONE_DBPASS
with a suitable password for the database user.
...
[database]
connection =
mysql://keystone:KEYSTONE_DBPASS@controller/keystone
...
# rm /var/lib/keystone/keystone.db
4. Use the password that you set previously to log in as root. Create
a keystone database user:
$ mysql -u root -p
mysql> CREATE DATABASE keystone;
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
[DEFAULT]
admin_token = ADMIN_TOKEN
...
[DEFAULT]
...
log_dir = /var/log/keystone
10. By default, the Identity Service stores expired tokens in the database indefinitely.
While potentially useful for auditing in production environments, the accumulation
of expired tokens will considerably increase database size and may decrease
service performance, particularly in test environments with limited resources. We
recommend configuring a periodic task using cron to purge expired tokens
hourly.
a. Run the following command to purge expired tokens every hour and log
the output to /var/log/keystone/keystone-tokenflush.log:
b. # (crontab -l -u keystone 2>&1 | grep -q token_flush) || \
echo '@hourly /usr/bin/keystone-manage token_flush
>/var/log/keystone/keystone-tokenflush.log 2>&1' >>
/var/spool/cron/crontabs/keystone
Cloud Computing CCL 801
Experiment: 6
Aim: Study and installation of Storage as a Service.
Objective: We will be able to understand the concept of SaaS , and how it is implemented
using ownCloud which gives universal access to files through a web interface.
OwnCloud (stylized ownCloud) is a suite of client-server software for creating file hosting
services and using them. OwnCloud is functionally very similar to the widely used Dropbox,
with the primary functional difference being that OwnCloud is free and open-source, and
thereby allowing anyone to install and operate it without charge on a private server, with no
limits on storage space (except for disk capacity or account quota) or the number of
connected clients.
Steps :
Objective: To understand how to create, manage user and group of users accounts.
Scope: Installing and using Administrative features of ownCloud
Description: User Management
The Group filters on the left sidebar lets you quickly filter users by their group memberships,
and create new groups.
Full Name
The user’s display name that appears on file shares, the ownCloud Web interface, and emails.
Admins and users may change the Full Name anytime. If the Full Name is not set it defaults
to the login name.
Password
The admin sets the new user’s first password. Both the user and the admin can change the
user’s password at anytime.
Groups
You may create groups, and assign group memberships to users. By default new users are
not assigned to any groups.
Group Admin
Group admins are granted administrative privileges on specific groups, and can add and
Cloud Computing CCL 801
remove users from their groups.
Quota
The maximum disk space assigned to each user. Any user that exceeds the quota cannot
upload or sync data. You have the the option to include external storage in user quotas.
• Enter the new user’s Login Name and their initial Password
Login names may contain letters (a-z, A-Z), numbers (0-9), dashes (-), underscores (_),
periods (.) and at signs (@). After creating the user, you may fill in their Full Name if it is
different than the login name, or leave it for the user to complete.
If you have checked Send email to new user in the control panel on the lower left sidebar, you
may also enter the new user’s email address, and ownCloud will automatically send them a
notification with their new login information. You may edit this email using the email
template editor on your Admin page (see Email Configuration).
You cannot recover a user’s password, but you can set a new one:
• Enter the user’s new password in the password field, and remember to provide the user with
their password
If you have encryption enabled, there are special considerations for user password resets.
Please see Encryption Configuration.
Renaming a User
Each ownCloud user has two names: a unique Login Name used for authentication, and a Full
Name, which is their display name. You can edit the display name of a user, but you cannot
Cloud Computing CCL 801
change the login name of any user.
ownCloud has two types of administrators: Super Administrators and Group Administrators.
Group administrators have the rights to create, edit and delete users in their assigned groups.
Group administrators cannot access system settings, or add or modify users in the groups that
they are not Group Administrators for. Use the dropdown menus in the Group Admin column
to assign group admin privileges.
Super Administrators have full rights on your ownCloud server, and can access and modify all
settings. To assign the Super Administrators role to a user, simply add them to the admin group.
Managing Groups
You can assign new users to groups when you create them, and create new groups when you
create new users. You may also use the Add Group button at the top of the left pane to create
new groups. New group members will immediately have access to file shares that belong to
their new groups.
Click the gear on the lower left pane to set a default storage quota. This is automatically
applied to new users. You may assign a different quota to any user by selecting from the
Quota dropdown, selecting either a preset value or entering a custom value. When you create
custom quotas, use the normal abbreviations for your storage values such as 500 MB, 5 GB, 5
You now have a configurable option in config.php that controls whether external storage is
counted against user’s quotas. This is still experimental, and may not work as expected. The
default is to not count external storage as part of user storage quotas. If you prefer to include
it, then change the default false to true.:
Metadata (such as thumbnails, temporary files, and encryption keys) takes up about 10% of
disk space, but is not counted against user quotas. Users can check their used and available
space on their Personal pages. Only files that originate with users count against their quotas,
and not files shared with them that originate from other users. For example, if you upload
files to a different user’s share, those files count against your quota. If you re-share a file that
another user shared with you, that file does not count against your quota, but the originating
user’s.
Encrypted files are a little larger than unencrypted files; the unencrypted size is calculated
against the user’s quota.
Deleted files that are still in the trash bin do not count against quotas. The trash bin is set at
50% of quota. Deleted file aging is set at 30 days. When deleted files exceed 50% of quota
then the oldest files are removed until the total is below 50%.
When version control is enabled, the older file versions are not counted against quotas.
When a user creates a public share via URL, and allows uploads, any uploaded files count
against that user’s quota.
Deleting users
Deleting a user is easy: hover your cursor over their name on the Users page until a
trashcanicon appears at the far right. Click the trashcan, and they’re gone. You’ll see an undo
button at the top of the page, which remains until you refresh the page. When the undo button
is gone you cannot recover the deleted user.
All of the files owned by the user are deleted as well, including all files they have shared. If
you need to preserve the user’s files and shares, you must first download them from your
ownCloud Files page, which compresses them into a zip file, or use a sync client to copy
them to your local computer.
A web feed (or news feed) is a data format used for providing users with frequently
updated content. Content distributors syndicate a web feed, thereby allowing users to
subscribe to it. Making a collection of web feeds accessible in one spot is known as
aggregation, which is performed by an aggregator. A web feed is also sometimes referred to
as a syndicated feed. A typical scenario of web feed use is: a content provider publishes a
feed link on their site which end users can register with an aggregator program (also called a
feed reader or a news reader) running on their own machines; doing this is usually as simple
as dragging the link from the web browser to the aggregator. When instructed, the aggregator
asks all the servers in its feed list if they have new content; if so, the aggregator either makes
a note of the new content or downloads it. Aggregators can be scheduled to check for new
content periodically. Web feeds are an example of pull technology, although they may appear
to push content to the user. The kinds of content delivered by a web feed are typically HTML
(webpage content) or links to webpages and other kinds of digital media. Often when
websites provide web feeds to notify users of content updates, they only include summaries
in the web feed rather than the full content itself. Web feeds are operated by many news
websites, weblogs, schools, and podcasters.
Benefits
Web feeds have some advantages compared to receiving frequently published content via an
email:
Users do not disclose their email address when subscribing to a feed and so are not increasing
their exposure to threats associated with email: spam, viruses, phishing, and identity theft.
Users do not have to send an unsubscribe request to stop receiving news. They simply
remove the feed from their aggregator.
The feed items are automatically sorted in that each feed URL has its own sets of entries
(unlike an email box where messages must be sorted by user-defined rules and pattern
matching).
<?php
$Fname = $_POST["Fname"];
$Lname = $_POST["Lname"];
$gender = $_POST["gender"];
$food = $_POST["food"];
$quote = $_POST["quote"];
$education = $_POST["education"];
$TofD = $_POST["TofD"];
if (!isset($_POST['submit'])) { // if page is not submitted to itself echo the form
?>
<html>
<head>
<title>Personal INFO</title>
</head>
<body>
<form method="post" action="<?php echo $PHP_SELF;?>">
First Name:<input type="text" size="12" maxlength="12" name="Fname"><br />
Last Name:<input type="text" size="12" maxlength="36" name="Lname"><br />
Gender:<br />
Male:<input type="radio" value="Male" name="gender"><br />
Female:<input type="radio" value="Female" name="gender"><br />
Please choose type of residence:<br />
Steak:<input type="checkbox" value="Steak" name="food[]"><br />
Pizza:<input type="checkbox" value="Pizza" name="food[]"><br />
Chicken:<input type="checkbox" value="Chicken" name="food[]"><br />
<textarea rows="5" cols="20" name="quote" wrap="physical">Enter your favorite
quote!</textarea><br />
Select a Level of Education:<br />
<select name="education">
<option value="Jr.High">Jr.High</option>
<option value="HighSchool">HighSchool</option>
<option value="College">College</option></select><br />
Select your favorite time of day:<br />
<select name="TofD" size="3">
<option value="Morning">Morning</option>
<option value="Day">Day</option>
<option value="Night">Night</option></select><br />
<input type="submit" value="submit" name="submit">
</form>
<?
} else {
echo "Hello, ".$Fname." ".$Lname.".<br />";
echo "You are ".$gender.", and you like ";
Cloud Computing CCL 801
foreach ($food as $f) {
echo $f."<br />";
}
echo "<i>".$quote."</i><br />";
echo "You're favorite time is ".$TofD.", and you passed ".$education."!<br />";
}
?>
Output
Objective: is to understand the concept of access control in cloud and single sign on(SSO), use
SSO and advantages of it, and also students should able to implement it.
Scope: Installing and using JOSSO
Description: Single sign on
Single sign-on (SSO) is a session/user authentication process that permits a user to enter one name
and password in order to access multiple applications. The process authenticates the user for all
the applications they have been given rights to and eliminates further prompts when they switch
applications.
Traditional install
Prerequisites
Make sure you have Java Runtime Environment (JRE) 8 or newer installed before executing the
self-extracting installer. The Java Runtime Environment can be downloaded from:
http://www.java.com/getjava
The first step is to download the JOSSO distribution.
To download the latest JOSSO Community Edition release, go to:
https://sourceforge.net/projects/josso/files/latest/download?source=files
To request a trial version of the JOSSO Enterprise Edition, use this link:
http://www.atricore.com/get-started . Follow the instructions to enable your JOSSO Enterprise
Edition installation.
Install and Launch
After downloading the self-extracting installer, run it and start JOSSO by running the "atricore"
command located within the "bin" directory.
Now you're ready to run the Atricore Console. In order to launch it, hit the following URL:
http://jossoserver:8081/atricore-console . You should be able to access the server directly from
your local system (localhost) as follows (for the default port 8081): http://localhost:8081/atricore-
console
Next, sign in using the default credentials: 'admin' as the username and 'atricore' as the password.
The reference documentation for JOSSO can be found at this location:
Cloud Computing CCL 801
http://docs.atricore.com/josso2/2.4/josso-reference-guide/html/en-US/JOSSO_Reference.html
uultimately the SSO works on claims based authentication irrespective of what authentication you
use in your application. My MainApp (SSOBase1) has a MainLogin page and a MainApppage.
Step 2: Create a second Forms application which can represent a Vendor or Client application.
Main app:
Client App 1:
Step 5: Now coming to user switching between cross domain applications. SSO uses a
authentication provider typically called as STS (Secure Token System).
Objective: To create own cloud using different features which are learned in previous
practices.
Theory: