Developed and maintained by:
.
This repository, maintained by ENG, contains the Open ICT Platform developed in the WP5 of the HYPERRIDE EU co-funded Project.
cUrl commands are used throughout to access the REST APIs.
- CPU: 16+ core
- RAM: 32+ GB
- HD: 20+ GB
- Ubuntu 20+
Windows and Mac have not been tested, but it should be supported, thanks to the adoption of the Docker technology. Windows users may also download cygwin to provide a command-line functionality similar to a Linux distribution on Windows. Similarily, also Mac users can take advantage of emulation tools. This is the support methods suggested and derived directly from FIWARE.
The final release of the Open ICT Platform of the HYPERRIDE project uses Keycloak as IdM in replacement of Keyrock, to address D5.7 outcomes in terms of enhanced security.
The new stack is depicted in the following figure.
To keep things simple all the HYPERRIDE ICT Platform components run using Docker. Docker is a container technology which allows to different components isolated into their respective environments.
- To install Docker on Windows follow the instructions here
- To install Docker on Mac follow the instructions here
- To install Docker on Linux follow the instructions here
Docker Compose is a tool for defining and running multi-container Docker applications. A YAML file is used configure the required services for the application. This means all container services can be brought up in a single command. Docker Compose is installed by default as part of Docker for Windows and Docker for Mac, however Linux users will need to follow the instructions found here
You can check your current Docker and Docker Compose versions using the following commands:
docker-compose -v
docker versionPlease ensure that you are using Docker version 20.10 or higher and Docker Compose 1.29 or higher and upgrade if necessary.
A strong focus in the Open ICT Platform design and development has been given to security. All credentials and sensitive information about the configuration of the stack are included in a classic .env file not included in the repository. A sample .env.template file (not directly usable) was included to help writing it from scratch with your own configuration. An encrypted .env.enc file was included for a default configuration as well, which needs a password. Please contact [email protected] for access requests.
The final release of the Open ICT Platform of the HYPERRIDE project comes with an automatic HTTPS dynamic configurations, using certificates obtained by Let's Encrypt + Certbot. It uses DuckDNS service to obtain dynamically a free public domain. If you have your own public domain, please change the following parts in the followinf files:
docker-compose.yaml:
nginx:
...
environment:
- FULL_DOMAIN=mycustomdomain.com
...
certbot:
...
entrypoint: ["/bin/sh", "-c", "trap exit TERM; while :; do certbot certonly --webroot -w /var/www/certbot/ -d mycustomdomain.com ..."]
...nginx/default.conf.template:
server_name mycustomdomain.com;
...
ssl_certificate /etc/letsencrypt/live/mycustomdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mycustomdomain.com/privkey.pem;
-
Initialize the Platform:
./init.sh
This will create initial certificates and cofnigurations. In case a passord is requested, please see the previous paragraph for instructions.
-
Start the Containers: Run one of the two interchangeable following commands:
docker compose up -d
or
./run.sh
This will start all the required services, including Keycloak and the application components.
-
Check the running Containers: Run one of the two interchangeable following commands:
docker ps
or
./list.sh
After 1-2 minutes at most, all the containers should be running showing
(healthy)in the status. -
Test the Application: Run the test scripts, which include both public and protected
curlrequests:- Public
./scripts/versions.sh
- Protected
./scripts/create-entity.sh ./scripts/read-entity.sh ./scripts/update-entity.sh ./scripts/delete-entity.sh
There is also an all-in-one verification tool which can be conveniently used to fire them all:
- All-in-one
./verify-all-tests.sh
-
Stop the Containers: When you need to stop all services, tun one of the interchangeable following commands:
docker compose down
or
./stop.sh
- Visual Environment: Access the editor at https://localhost/editor and the dashboard at https://localhost/dashboard.
- SIEM with MITRE ATT&CK support: Access Wazuh at https://localhost:5601/wazuh to see the security platform.
- Keycloak Management: Access the Keycloak admin console at http://localhost/idm with the admin credentials provided in your
.envfile ordocker-compose.yml. - Docker admininstration: Access Portainer at http://localhost:9000 to start and stop Containers in a visual way, if needed. In production, the container is suggested to be removed from
docker-compose.yml. - Logs and Debugging: Check the logs of the Docker containers for troubleshooting:
docker logs <container-name>
The Open ICT Platform is based Orion-LD and fully compliant with the FIWARE API.
Orion-LD is a Context Broker and CEF building block for context data management, implementting both the NGSI-LD API and the NGSIv2 API.
For this reason, the Open ICT Platform fully supports NGSI-LD, an extended subset of JSON-LD for use with context management systems. The NGSI-LD Specification is regularly updated and published by ETSI: please refer to the official documentation available through ETSI GS CIM Official document.
The API documentation is available also as Swagger at https://localhost/swagger/ngsi-ld/ for Orion-LD API.
For any further reference, please see HYPERRIDE resources, in particular D5.6 and D5.8.
This work has been developed by Engineering, in the framework of the HYPERRIDE EU co-funded project, grant n. 957788.
The Open ICT Platform is distributed without any warrancy under MIT license.