Transcript Document

DjNRO: Django-based
application for National Roaming
Operators
…OR HOW TO (NOT ONLY) MANAGE YOUR
EDUROAM DATABASE
TNC2014 - DUBLIN
Leonidas Poulopoulos
[email protected]
GRNET NOC
(@leopoul)
TNC 2014 - Dublin
Zenon Mousmoulas
[email protected]
GRNET NOC
(@zmousm)
DjNRO - GRNET
Discussion?

Short: Twitter


More elaborate: IRC (during this session):


#djnro
#djnro on irc.freenode.net
After this session: E-mail
TNC 2014 - Dublin
2
DjNRO - GRNET
eduroam “keepers”
 National Roaming Operators (NROs)
 Administrative
Responsibilities
 Technical
 eduroam database
 NROs
eduroam.org
 Service Providers (SPs)
 Identity Providers (IdPs)
XML
XML
 Service Locations
 Accounting Data
}
}
TNC 2014 - Dublin
3
XML
DjNRO - GRNET
eduroam.gr oldies… not goodies
 Semi-static
 Manual updates
 Detached from db
TNC 2014 - Dublin
4
DjNRO - GRNET
Extreme Makeover - eduroam db edition
Institution
administrators
TO
NROs
Web Application - Framework
eduroamdb
FROM
eduroamdb
TNC 2014 - Dublin
5
DjNRO - GRNET
Development framework
Python
Django
Source: Wikimedia Foundation
TNC 2014 - Dublin
6
DjNRO - GRNET
“Step-by-step” *NKOTB
Django
db
TNC 2014 - Dublin
7
DjNRO - GRNET
Goggles anyone?
TNC 2014 - Dublin
8
DjNRO - GRNET
First stable release
 Migration script
 XML to Django models to database entries
DjNRO
Django
db
institution.xml
realm.xml
realm_usage.xml
XML import
migration
TNC 2014 - Dublin
9
eduroam.org
DjNRO - GRNET
DjNRO
 Bootstrap UI
 Google maps “on steroids”
 SAML-based federated authentication
 GRNET AAI
 Social media authentication
 Open source project – https://djnro.grnet.gr
 (Not only a) distributed eduroam db management
platform
TNC 2014 - Dublin
10
DjNRO - GRNET
Core functionality
 Institution administrators

Keep their institution data up-to-date
Service locations
 Contact points
 Institution information
 Infrastructure information

 NROs


Initial authorization – Link potential admin with institution
Platform administrative tasks
 Web front




Country points
Country participants
World points
Closest point
TNC 2014 - Dublin
11
DjNRO - GRNET
User/Management Interface
Country
World
Frontend
Management
Closest
A
d
m
i
n
Django
institution.xml
DjNRO db
DjNRO core
realm.xml
realm_usage.xml
all.kml
XML import
migration
TNC 2014 - Dublin
12
eduroam.org
DjNRO - GRNET
Management – From NROs to institutions
TNC 2014 - Dublin
13
DjNRO - GRNET
Database insider
address transp_
SSID
_city
proxy
instituti
ts
onid_id
longitu
wired
de
enc_lev
NAT
el
IPv6
latitude
port_re address
id
strict
_street
AP_no
Athens 0
eduroam 2
2012-1123.76577
19
0
200
23:14:19
WPA2/A
0
ES
1
37.98709
1
500
Mesogio
2
n 56
3
Athens 0
eduroam 2
2012-1123.76647
19
0
500
23:15:11
WPA2/A
0
ES
1
37.98795
1
000
Arkadias
4
31
3
40.6300
0
7600
Panepisti
moupoli
6
Universit
y
Campus
200
188
13
Thessal
0
oniki
eduroam 4
2012-1122.9588
05
0
0800
11:50:43
WPA2/A
ES,
0
WPA/TK
IP
1
eduroam 4
2012-1122.9600
05
1
4200
11:50:43
0
1
40.6272
0
8300
Panepisti
moupoli
8
Universit
y
Campus
Thessal
0
oniki
eduroam 4
2012-1123.0018
05
0
0900
11:50:43
WPA2/A
ES,
0
WPA/TK
IP
1
40.56715
0
500
Thermi
Veria
eduroam 4
2012-1222.23834
10
0
500
15:55:06
WPA/TK
IP,WPA2 0
/AES
1
40.4960
0
8100
Varvares 12
Thessal
0
oniki
0
TNC 2014 - Dublin
14
10
4
DjNRO - GRNET
Database insider
contact_email
zm@adm....
support@a...
help@no....
noc@no....
eduroam@he...
noc@g....
noc@d.....
address_city
Athens
Thessaloniki
Athens
Athens
Athens
Crete
id
2
4
6
8
10
14
16
contact_phone
+302100000000
+30231000000
+3021000000
+30210000000000
+3021000000
+3025000000
+302500000000
contact_name
Zenon …
AU…
Uo…
NTU…
Hel…
G…
DU…
number_user institution_id ts
2014-05-16
80
2
15:15:19
2014-04-26
65
4
21:23:04
2012-11-19
80
6
13:20:19
2012-11-18
77
8
20:34:34
2012-11-19
120
10
13:31:58
2012-11-19
128
12
13:33:29
TNC 2014 - Dublin
oper_name
number_id
admin.grnet.gr 80
address_str
id
Mesogion 56
2
AUTh main
campus
UoA main
campus
NTUA main
campus
auth.gr
1
uoa.gr
1
ntua.gr
1
hellasgrid.gr
1
Mesogion 56
10
uoc.gr
1
UoC campus
12
15
4
6
8
DjNRO - GRNET
User interface (www.eduroam.gr)
TNC 2014 - Dublin
16
DjNRO - GRNET
We want more!
 Extras!
 eduroam CAT API client
 Geolocation API
 External Applications
 Domain data
 Infrastructure monitoring
 Contacts
 Mailing lists
TNC 2014 - Dublin
17
DjNRO - GRNET
Bring in the CAT
Country
World
Frontend
Management
Closest
A
d
m
i
n
Django
institution.xml
DjNRO db
DjNRO core
TNC 2014 - Dublin
realm.xml
realm_usage.xml
all.kml
XML import
CAT provisioning
API
migration
eduroam.org
18
DjNRO - GRNET
eduroam CAT integration
TNC 2014 - Dublin
19
DjNRO - GRNET
Monitoring, contacts, mailing lists
Country
World
Frontend
Management
Closest
Monitoring data
Django
Servers data
Mailing lists
institution.xml
DjNRO db
DjNRO core
domain data
TNC 2014 - Dublin
A
d
m
i
n
realm.xml
realm_usage.xml
all.kml
XML import
CAT provisioning
API
migration
eduroam.org
20
DjNRO - GRNET
Infrastructure Configuration & Monitoring
clients:
client_10_radius2ccfauthgr:
host: <redacted>
label: radius2.ccf.auth.gr
secret: <redacted>
institutions:
- clients:
- client_10_radius2ccfauthgr
id: auth.gr
realms:
auth.gr:
proxy_to:
- server_10_radius2ccfauthgr
type: 3
servers:
server_10_radius2ccfauthgr:
acct_port: 1813
auth_port: 1812
host: <redacted>
label: radius2.ccf.auth.gr
rad_pkt_type: auth+acct
secret: <redacted>
status_server: true
...
TNC 2014 - Dublin
21
config files
freeradius,
nagios, etc.
templates
config generator
YAML/JSON
DjNRO database
puppet
DjNRO - GRNET
FLRS Configuration (radsecproxy)
include auto.radsecproxy.conf
TNC 2014 - Dublin
#{{{ auth.gr
rewrite rewrite-client_10_radius2ccfauthgr-sp {
include /etc/radsecproxy.conf.d/rewrite-default-sp.conf
addAttribute 126:1auth.gr
}
client client_10_radius2ccfauthgr {
host <redacted>
IPv4Only on
type udp
secret <redacted>
fticksVISCOUNTRY GR
fticksVISINST 1auth.gr
rewriteIn rewrite-client_10_radius2ccfauthgr-sp
}
rewrite rewrite-server_10_radius2ccfauthgr-idp {
include /etc/radsecproxy.conf.d/rewrite-default-idp.conf
}
server server_10_radius2ccfauthgr {
host <redacted>
IPv4Only on
type udp
port 1812
secret <redacted>
StatusServer on
rewriteIn rewrite-server_10_radius2ccfauthgr-idp
}
realm auth.gr {
server server_10_radius2ccfauthgr
}
#}}}
22
DjNRO - GRNET
APIs and applications – DjNRO today
APIs/Apps
Country
A
World
Frontend
Management
Closest
Monitoring data
Django
Servers data
Mailing lists
TNC 2014 - Dublin
Closest Point
Service
Mobile /
Wearable Apps
institution.xml
DjNRO db
DjNRO core
domain data
D
M
I
N
realm.xml
realm_usage.xml
all.kml
XML import
CAT provisioning
API
migration
eduroam.org
23
DjNRO - GRNET
With a bit help from eduroam.org
 Fetch, Parse , Cache
lat = float(request_data['lat'])
lng = float(request_data['lng'])
R = 6371
distances = {}
closestMarker = {}
closest = -1
points = getPoints()
for (counter, i) in enumerate(points):
pointname = i['text']
pointlng = i['lng']
pointlat = i['lat']
pointtext = i['text']
plainname = i['name']
dLat = rad(float(pointlat)-float(lat))
dLong = rad(float(pointlng)-float(lng))
a = math.sin(dLat/2) * math.sin(dLat/2) + math.cos(rad(lat)) *
math.cos(rad(float(pointlat))) * math.sin(dLong/2) * math.sin(dLong/2)
c = 2 * math.atan2(math.sqrt(a), math.sqrt(1-a))
d = R * c
distances[counter] = d
if (closest == -1 or d < distances[closest]):
closest = counter
closestMarker = {"name": pointname, "lat": pointlat, "lng": pointlng, "text":
pointtext, 'plainname':plainname}
24
DjNRO - GRNET
TNC 2014 - Dublin
• Geolocate API
• Build Applications
Closest Point/Geolocate API
https://www.eduroam.gr/closest?lat=53.3078&lng=-6.2234061
TNC 2014 - Dublin
25
DjNRO - GRNET
Wearables: Pebble watch application
 pebduroam
 Get current location
(navigation.geolocation.getCurrentPosition)
 Query DjNRO API for closest
 Query Google Directions API
TNC 2014 - Dublin
26
UP/DOWN BUTTONS
Scroll through steps
SHAKE/TAP
Run again
DjNRO - GRNET
Future developments/ideas
 CRM/OSS
 Helpdesk support
 REST API – Integration with other apps
 Monitoring dashboard
 Flexible user roles
 Multi-tenancy support
 Open to suggestions
TNC 2014 - Dublin
27
DjNRO - GRNET
Support/Adoption
 https://djnro.grnet.gr
 Powers https://www.eduroam.gr
 Mailing list: https://lists.grnet.gr/wws/info/djnro
 Australia
 Austria
NO
KANGAROOS
 New Zealand
 Interested:
 Finland
 South Africa
IN AUSTRIA
TNC 2014 - Dublin
28
DjNRO - GRNET
Try before deploying
DjNRO demo site (old stable)
https://demo.djnro.grnet.gr
TNC 2014 - Dublin
29
DjNRO - GRNET
Questions?
42: “The Answer to the Ultimate Question of
Life, The Universe, and Everything.”
Douglas Adams, The Hitchhiker's Guide to the Galaxy
TNC 2014 - Dublin
30
DjNRO - GRNET
Thank you
Leonidas Poulopoulos
[email protected]
GRNET NOC
(@leopoul)
TNC 2014 - Dublin
Zenon Mousmoulas
[email protected]
GRNET NOC
(@zmousm)
DjNRO - GRNET