Uploaded image for project: 'Acumos'
  1. Acumos
  2. ACUMOS-2049

system-integration toolset use by non-admin users

    XMLWordPrintable

    Details

      Description

      As a normal (non-privileged) user, I need to be able to deploy/manage the Acumos platform using the system-integration toolset without depending upon the ability to do things that only a host or cluster-admin can do, or that would typically not be allowed for normal users or cluster tenants. In this case I may have the role of an Acumos platform admin, without the role of being a host or k8s cluster admin. Examples include: users with role as a developer on a VM where the AIO will be tested, who do not have sudo permission; users with role as a k8s cluster tenant and project/namespace admin, but not a cluster-admin role.

      Examples to be delivered as sub-tasks of this story:

      • consider developer instance vs production instance "modes" recommendations in the following, and add documentation for them
      • document host/VM ports that need to be opened for use of the Acumos platform in a developer/production mode
      • separate privileged/prerequisite operations from unprivileged operations, e.g.
        • host package installs or other configuration is factored out into a admin prerequisite script
        • docker should be runnable by users (add user to "docker" group)
      • provide a set of umbrella scripts that serve developers and admins, allowing
        • admin to run the prequisites script only, or both it and the platform deployment script
        • developer to run the platform deployment script
      • for k8s
        • authenticate under my assigned namespace for the k8s cluster
        • use persistent volumes vs host-mapped volumes
        • avoid any host customizations
      • tools to create a pre-built, ready-to-use AIO VM image with each release
        • developers can just launch the VM e.g. using virsh

        Attachments

          Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Activity

              People

              Assignee:
              blsaws Bryan Sullivan
              Reporter:
              blsaws Bryan Sullivan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated: