Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID


What to Expect in TIER Release One

Mar 24, 2016, by Steven Zoppi
Tags: COmanage, eduPerson and Related Schema, Executive Insights, Grouper, Shibboleth, TIER, TIER Software

TIER Release One is scheduled for mid-April 2016. This baseline release represents a crucial first step in providing structural frameworks upon which the community can build. We are grateful to the many community members who have worked extremely hard in numerous capacities to enable this first release of TIER. Our appreciation also goes to the institutions who have loaned subject matter experts to the TIER Program.

Foundations for the Future

As many already know, the InCommon Federation was built on components that arose (largely) from multiple, one-time grants which provided little consistency of development and support over time. Internet2 members have filled that funding gap, underwriting a portion of the continuity of development, but this initial investment capital represents a small portion of the overall investment necessary to meet the long-term requirements of the TIER Program.

The minimum funding threshold for TIER was reached in early November of 2015 and since that time we have convened working and advisory groups to help shape the roadmap for the future.

Community Experience: Hundreds of Person-Years

The TIER Program has focused on bringing what has been the independent direction of three independent development teams (Shibboleth Consortium, Grouper, COmanage) and two nascent development teams (Community IdP and Scalable Consent), onto a consistent path in delivering a packaged suite of components. Moreover, it was deemed central to the mission that the deliverables be packaged and preconfigured to work well together in the context of the InCommon Federation. These activities also brought into focus a need to tend to the software, services and components upon which the InCommon Federation itself relies.

The TIER working groups (Packaging; APIs and Data Structures; Security and Audit; Registry; Components; Architecture) represent the marshaling of community expertise with more than 100 active, contributing participants with hundreds of years of IAM and campus experience. Without these teams, many important elements may have been overlooked as we developed the container, documentation, community outreach, partner engagement, campus engagement and many other strategies which have arisen from these fast-paced discussions.

The Result: Release Baseline

The first component release serves as the baseline for all future releases. Therefore, finding a container mechanism that would support evolutionary upgrade and uniformity of delivery was paramount. The packaging team, through surveys to the community, concluded that Docker would serve the needs best, as most campuses have identified it as an increasingly important element of their future deployment strategies.

In the midst of validating the architectural intersections of the components, we realized that we have an abundance of registries which would need to be “harmonized” or “unified.” Those discussions concluded that the functionality of COmanage encapsulated a very robust version of a person registry that would serve as a proper starting point for the future entity registry (a container for all entities whether or not they are carbon-based life forms). Therefore the COmanage registry will also be considered part of the first release in April.

The initial release will consist of these components: 

  • ​Shibboleth Identity Provider (Version 3.2.1)
  • Grouper (Version 2.3)
  • COmanage (Version 1.0)
  • COmanage Registry (Version 1.0.2)
  • APIs to enable extension and flexibility 
  • Schema: A new version of eduPerson 
  • … All within the Docker container

Plans continue to

  • Improve and reorganize documentation (by role/activity)
  • Consolidate all development efforts into the GitHub architecture which enables many other capabilities
  • Re-deploy our component tracking and management within a federation-enabled and updated version of JIRA and Confluence

The Secret of Future Success: Community Adoption

While these changes may require a paradigm shift within the campus operations and IAM environments, we believe that it will be a worthy investment for the future. The key to success will be adoption by the campus community. Our efforts to ensure that the container and deployment environments are right can only be measured through campus feedback. The experience of every adopting campus will inform the changes and course corrections as we move forward.

With an eye toward the future, we also need to support the provisioning of a continuously patched and consistent software package. The goal is to move away from “Big Bang” releases and toward a “continuously curated” deliverable, with features and improvements made available as soon as they are ready, without having to wait for a formal release as is done in commercial “shrink wrap” product.

We look forward to speaking with many of you at the 2016 Global Summit 2016 in Chicago.

A Word of Thanks

Our sincere thanks go out to all of the TIER Program contributors, in all forms, for your hard work. It’s amazing that we only reached the minimum funding threshold in early November and we have arrived at this point – now less than one month before initial launch. It’s a testament to the commitment of this community that such things can be accomplished.

While we are not counting chickens yet - this effort has incredible momentum and the credit goes to all of the community members and partners who are leading these efforts in evangelism, technology, architecture, strategy and delivery.