



Feature #15531


[SDK] Migrate federation to central LoginCluster

Added by Peter Amstutz over 5 years ago. Updated about 5 years ago.

Assigned To:
Target version:
Story points:
Release relationship:


Mass user migration to centralized federated user uuids.

  1. Generate a list of all existing users across clusters (fill in the "home" column with "LoginCluster" for every user)
  2. Produce report listing each email address, existing user uuid, if the user owns anything, the cluster that the user will be migrated to
  3. Admin reviews report
  4. Report is fed back in
  5. If no local user exists for a home cluster, create a new user with the email address
  6. Use user merge to redirect all the old user accounts (and reassign all their data) to user on the home cluster. Decide where to relocate ownership (user or a project owned by user) based on which accounts are empty or not.

Note: API server needs to allow migrating objects owned by remote users to federated user, and make the old remote user disappear (currently migrating remote accounts is not supported) (this was specifically requested by the customer).

API merge method allows specifying the owner_uuid

Write some tests (based on mocks) for the tool.

Subtasks 1 (0 open1 closed)

Task #15617: Review 15531-logincluster-migrateResolvedPeter Amstutz09/23/2019Actions

Related issues 5 (0 open5 closed)

Related to Arvados - Idea #15529: [API] [Controller] Share user account database with a group of trusted clustersResolvedPeter Amstutz08/22/2019Actions
Related to Arvados - Task #15208: Migration scriptResolvedPeter Amstutz04/18/2019Actions
Related to Arvados - Feature #15061: Redirect users to log in with correct federated identityResolvedPeter Amstutz04/18/2019Actions
Related to Arvados - Idea #15577: [API] User ownership reassignResolvedPeter Amstutz11/08/2019Actions
Related to Arvados - Idea #15720: [API] Unified user listing across all clusters in a federationResolvedTom Clegg11/19/2019Actions

Also available in: Atom PDF