root / docs / astakos.rst @ 71053581
History | View | Annotate | Download (1.3 kB)
1 |
.. _astakos: |
---|---|
2 |
|
3 |
Identity Management Service (Astakos) |
4 |
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
5 |
|
6 |
Astakos is the Identity management component which provides a common user base |
7 |
to the rest of Synnefo. Astakos handles user creation, user groups, resource |
8 |
accounting, quotas, projects, and issues authentication tokens used across the |
9 |
infrastructure. It supports multiple authentication methods: |
10 |
|
11 |
* local username/password |
12 |
* LDAP / Active Directory |
13 |
* SAML 2.0 (Shibboleth) federated logins |
14 |
|
15 |
|
16 |
|
17 |
|
18 |
Users can add multiple login methods to a single account, according to |
19 |
configured policy. |
20 |
|
21 |
Astakos keeps track of resource usage across Synnefo, enforces quotas, and |
22 |
implements a common user dashboard. Quota handling is resource type agnostic: |
23 |
Resources (e.g., VMs, public IPs, GBs of storage, or disk space) are defined by |
24 |
each Synnefo component independently, then imported into Astakos for accounting |
25 |
and presentation. |
26 |
|
27 |
Astakos runs at the cloud layer and exposes the OpenStack Keystone API for |
28 |
authentication, along with the Synnefo Account API for quota, user group and |
29 |
project management. |
30 |
|
31 |
Please also see the :ref:`Admin Guide <admin-guide>` for more information and the |
32 |
:ref:`Installation Guide <quick-install-admin-guide>` for installation instructions. |