grouper-users - Re: [grouper-users] containerized grouper noob questions
Subject: Grouper Users - Open Discussion List
List archive
- From: "Hyzer, Chris" <>
- To: Baron Fujimoto <>
- Cc: Grouper Users <>
- Subject: Re: [grouper-users] containerized grouper noob questions
- Date: Fri, 3 Jul 2020 19:25:54 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=isc.upenn.edu; dmarc=pass action=none header.from=isc.upenn.edu; dkim=pass header.d=isc.upenn.edu; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZDPgJea1YV6sP1D2F8hv3HUAGtOfx01pGezunIUirzc=; b=V0q9MCVlJ/6EAFnrfpGufDhSUyWWMKj2uLVpfFZYOg+r0PanST1uOKBeSxh8gXLpqQtQJd5iNzMthhSyOVnBnULR/BbhXM6hO7UOAaMXBNm/jtYEnn/YpPlJ25+BS+O/Vuvm9y07QgY3sbw+ALWHnLMA7zfgfN4CCEbF2heZ393zOEALSW9IIsEBbg+4cAKEhFNlX1Ur3pxISZC4BWFSC/yQ9gFVtNQkPruOO+1rjR28w7Yk4fk2NobJuF1LDpscXF2NfqcXD1/IyodhliiisdxHYI0oQIdQJs5ZafiDvS+fcUsMVMsc71Tfc1xG3iu2+Oe1tgRL4v4U2vTPeAwVvg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mI9Phln2/zIHehen5xIHow3AfRQY4KQzeCHBN4JjEP70ZiPRBRckyrDDNbEGM4e+SgsTlA8n00UQ05TaXUObheUOC4mw5STdulQ0ILm/oc8z8jvKWysNkp2/4fgtKbzcAAutgl6FrRCN+n2nJyGEce0MPxwz/B2dggLW8/vt+Oa/3k+Q7TqF8reLAJSgiCjccE3dF8ppe/7PvnYr9t4XU1okvtiJLHBKVzj6K3xD2HY2U6asJTC41BF+n1/N7Ds6c9xNasESfWiG2IAVH9eobih82yOJjimtXNH3RafYl0lQYqu1w6JoU6y9o1TsO+zRK5Nd0iMUup0B3RlVhxBcdA==
we could list this on the release notes page if you like so its easy to see, but yeah, right now you would have to go in and look. if you wanted to maintain that in subimage you could yum update the java, and you could unzip the latest 7.0.* tomee. ok?
thanks
Chris
From: Baron Fujimoto <>
Sent: Friday, July 3, 2020 1:27 PM
To: Hyzer, Chris <>
Cc: Grouper Users <>
Subject: Re: [grouper-users] containerized grouper noob questions
Sent: Friday, July 3, 2020 1:27 PM
To: Hyzer, Chris <>
Cc: Grouper Users <>
Subject: Re: [grouper-users] containerized grouper noob questions
On Fri, Jul 03, 2020 at 06:25:23AM +0000, Hyzer, Chris wrote:
>>
>> As I understand it on a really high level, the container is a collection of all of the
>> components that Grouper will need. With out current deployment, we independently manage
>> those components, such as Tomcat and Java. A significant part of managing those components
>> is tracking their versions, particularly with an eye towards relevant bug and security
>> patches. How do we do we identify and track these versions with the Grouper containers?
>
>1. If there is an issue that is not addressed in a container, tell me about it and we can make a new container
>2. -or- you can make a subimage that upgrades or replaces part of the container
>
>As soon as 2.5.30 is released (which is delayed since its substantial, and should be out in the next week or two), we will go back to release approximately every other week
>
>> I think I understand that any such patches get incorporated into new container versions,
>> but how do we perform the risk assessment for currently deployed containers? Generally I'm
>> trying to determine how we respond to our security groups when they come asking about vulnerabilities.
>
>Was this answered in the above answer? Its similar to what you would do today I would think... if you want a schedule for upgrades, then you need to make a new image on that schedule I think
Not quite I'm afraid. I mean, currently, as new vulnerabilities are disclosed in say Java or Tomcat, there's typicaly some way to perform a risk assessment for your deployments based on the version #s and other supplementantary information they provide. But how do you determine what versions of these components are included in the Grouper containers (say, short of looking for logged information on startup or something like that)? Or perhaps non-securitywise, some features or configuration options may only be available for certain versions of Tomcat for example.
>> Is there a difference between the TIER/ITAP(?) containers and those available via the
>> Grouper site? My cursory Googling seems to turn up Grouper 2.4 associated with TIER,
>> but the Grouper site features 2.5? I'm a little unclear on the relationship.
>
>Theres one container for Grouper. Anything else is for training or integration POCs and is a subimage of the Grouper container...
>
>Good luck!
--
UH Information Technology Services : Identity & Access Mgmt, Middleware
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
>>
>> As I understand it on a really high level, the container is a collection of all of the
>> components that Grouper will need. With out current deployment, we independently manage
>> those components, such as Tomcat and Java. A significant part of managing those components
>> is tracking their versions, particularly with an eye towards relevant bug and security
>> patches. How do we do we identify and track these versions with the Grouper containers?
>
>1. If there is an issue that is not addressed in a container, tell me about it and we can make a new container
>2. -or- you can make a subimage that upgrades or replaces part of the container
>
>As soon as 2.5.30 is released (which is delayed since its substantial, and should be out in the next week or two), we will go back to release approximately every other week
>
>> I think I understand that any such patches get incorporated into new container versions,
>> but how do we perform the risk assessment for currently deployed containers? Generally I'm
>> trying to determine how we respond to our security groups when they come asking about vulnerabilities.
>
>Was this answered in the above answer? Its similar to what you would do today I would think... if you want a schedule for upgrades, then you need to make a new image on that schedule I think
Not quite I'm afraid. I mean, currently, as new vulnerabilities are disclosed in say Java or Tomcat, there's typicaly some way to perform a risk assessment for your deployments based on the version #s and other supplementantary information they provide. But how do you determine what versions of these components are included in the Grouper containers (say, short of looking for logged information on startup or something like that)? Or perhaps non-securitywise, some features or configuration options may only be available for certain versions of Tomcat for example.
>> Is there a difference between the TIER/ITAP(?) containers and those available via the
>> Grouper site? My cursory Googling seems to turn up Grouper 2.4 associated with TIER,
>> but the Grouper site features 2.5? I'm a little unclear on the relationship.
>
>Theres one container for Grouper. Anything else is for training or integration POCs and is a subimage of the Grouper container...
>
>Good luck!
--
UH Information Technology Services : Identity & Access Mgmt, Middleware
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
- [grouper-users] containerized grouper noob questions, Baron Fujimoto, 07/03/2020
- RE: [grouper-users] containerized grouper noob questions, Hyzer, Chris, 07/03/2020
- Re: [grouper-users] containerized grouper noob questions, Olivier Salaün, 07/03/2020
- Re: [grouper-users] containerized grouper noob questions, Hyzer, Chris, 07/03/2020
- Re: [grouper-users] containerized grouper noob questions, Baron Fujimoto, 07/03/2020
- Re: [grouper-users] containerized grouper noob questions, Hyzer, Chris, 07/03/2020
- Re: [grouper-users] containerized grouper noob questions, Darren Boss, 07/04/2020
- Re: [grouper-users] containerized grouper noob questions, Baron Fujimoto, 07/04/2020
- RE: [grouper-users] containerized grouper noob questions, Black, Carey M., 07/05/2020
- RE: [grouper-users] containerized grouper noob questions, Black, Carey M., 07/06/2020
- RE: [grouper-users] containerized grouper noob questions, Black, Carey M., 07/05/2020
- Re: [grouper-users] containerized grouper noob questions, Hyzer, Chris, 07/03/2020
- Re: [grouper-users] containerized grouper noob questions, Olivier Salaün, 07/03/2020
- Re: [grouper-users] containerized grouper noob questions, Baron Fujimoto, 07/14/2020
- Re: [grouper-users] containerized grouper noob questions, Darren Boss, 07/14/2020
- RE: [grouper-users] containerized grouper noob questions, Black, Carey M., 07/14/2020
- RE: [grouper-users] containerized grouper noob questions, Coleman, Erik C, 07/14/2020
- Re: [grouper-users] containerized grouper noob questions, Baron Fujimoto, 07/14/2020
- Re: [grouper-users] containerized grouper noob questions, Darren Boss, 07/15/2020
- Re: [grouper-users] containerized grouper noob questions, Darren Boss, 07/14/2020
- RE: [grouper-users] containerized grouper noob questions, Hyzer, Chris, 07/03/2020
Archive powered by MHonArc 2.6.19.