Nubus for Kubernetes - Architecture Manual 1.0.1

Management UI

3.7. Management UI#

This section describes the components of the Management UI in Nubus for Kubernetes.

Administrators use the Management UI to administer directory objects of Nubus, such as user account objects, user group objects, and asset objects. The following components, represent the Management UI including session management.

  1. UMC Gateway

  2. UMC Server

The UMC Gateway provides and serves the frontend to the user, the administrator. The UMC Server manages the processes for the UMC modules, and takes care of the session handling. Fig. 3.28 shows the application components of the Management UI and their respective functions. The following sections provide detailed information about the components.

Application behavior in the Management UI

Fig. 3.28 Application behavior in the Management UI#

See also

Management UI in interfaces and protocols section

for information about incoming and outgoing interfaces.

Management UI in the deployment view section

for information about Docker images, Kubernetes pods, and Helm Charts used for deployment.

Management UI in the functional components overview section

for information about purpose and tasks.

3.7.1. UMC Gateway#

The UMC Gateway is the interface to the user, usually persons in the administrator role. It provides the user with a graphical and web-based frontend. The UMC Frontend comprises all the assets for the frontend, such as HTML, JavaScript, and CSS files. The UMC Gateway delivers these web frontend assets to the user’s browser. As such, it has an important role in implementing the UI for administration of directory objects.

UMC Gateway application component and its behavior

Fig. 3.29 UMC Gateway application component and its behavior#

3.7.2. UMC Server#

The UMC Server is a central component of the Management UI. Fig. 3.30 shows the UMC Server, its behavior and its relationships to the Identity Store and Directory Service and to the Identity Provider. It has the following tasks:

  • Processes for UMC modules

  • Read and write directory objects

  • Session Handling

Processes for UMC modules

A UMC module stands for a specific functionality. For example, a UMC module presents user objects to the user, and provides functionality to edit user objects. The UMC Server runs each UMC module in a dedicated process.

Read and write directory objects

A UMC module can read and write directory objects. In fact, UMC modules work on the objects’ internal representation, the UDM objects. For this task, they use the UDM Library with its Business logic for UDM objects and ability to Transform UDM objects to and from directory objects. The UMC Server writes data to the Directory Service through the UDM Library.

Session Handling

During sign-in, a user authenticates a session with Keycloak, the Identity Provider. Next, Keycloak informs the UMC Server of the successful sign-in attempt. The UMC Server creates a session itself and provides this session information to the Management UI and the Portal Service. Upon user sign-out, the UMC Server also terminates the active user session for all UMC module processes.

UMC Server application component and its behavior

Fig. 3.30 UMC Server application component and its behavior#

See also

Directory objects in data objects section

for information about Directory objects.

UDM objects in data objects section

for information about UDM objects.

Identity Provider in the components section

for information about Keycloak and the Identity Provider.

Identity Store and Directory Service in the components section

for information about the Directory Service.

On this page