root / docs / astakos.rst @ 71053581
History | View | Annotate | Download (1.3 kB)
| 1 |
.. _astakos: |
|---|---|
| 2 |
|
| 3 |
Identity Management Service (Astakos) |
| 4 |
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
| 5 |
|
| 6 |
Astakos is the Identity management component which provides a common user base |
| 7 |
to the rest of Synnefo. Astakos handles user creation, user groups, resource |
| 8 |
accounting, quotas, projects, and issues authentication tokens used across the |
| 9 |
infrastructure. It supports multiple authentication methods: |
| 10 |
|
| 11 |
* local username/password |
| 12 |
* LDAP / Active Directory |
| 13 |
* SAML 2.0 (Shibboleth) federated logins |
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
Users can add multiple login methods to a single account, according to |
| 19 |
configured policy. |
| 20 |
|
| 21 |
Astakos keeps track of resource usage across Synnefo, enforces quotas, and |
| 22 |
implements a common user dashboard. Quota handling is resource type agnostic: |
| 23 |
Resources (e.g., VMs, public IPs, GBs of storage, or disk space) are defined by |
| 24 |
each Synnefo component independently, then imported into Astakos for accounting |
| 25 |
and presentation. |
| 26 |
|
| 27 |
Astakos runs at the cloud layer and exposes the OpenStack Keystone API for |
| 28 |
authentication, along with the Synnefo Account API for quota, user group and |
| 29 |
project management. |
| 30 |
|
| 31 |
Please also see the :ref:`Admin Guide <admin-guide>` for more information and the |
| 32 |
:ref:`Installation Guide <quick-install-admin-guide>` for installation instructions. |