Soluble Guide

Introduction

Reference

URN

All soluble entities in the graph have a URN. We found Amazon's ARN naming scheme to be extremely useful and effective for maintaining logical references in the knowledge graph. They are globally unique and have semantic value.

Comparison to UUID

Systems like Kubernetes have unique identifiers (uid) that are for all practical purposes globally unique. These synthetic identifiers are very effective for establishing uniqueness. Unfortunately, when building a knowledge graph, there are many cases where this identity uniquess is not desirable.

To use Kubernetes as an example if we have a cluster mycluster, with a service named auth in the default namespace, it will have a globally unique uid. That is great. However, if we delete that service and recreate the service in the same cluster with the same name and namespace, it will have a new uid. The problem is that for most practical purposes, the new and the old service is the same thing. The fact that the uid is different is largely an implementation detail that is irrelevant for any practical application.

Most Systems Don't Have URN

Most systems don't have native URN as Amazon does but they do have all the necessary attributes. GCP has something similar with its REST URLs for resources, which are easily adapted to a URN format. Others have to be created based on our understanding of the target system.

URN Reference

System URN Format Example
aws AWS ARN
kubernetes urn:kubernetes:<cluster-id>:<kind>:<namespace>:<name> urn:kubernetes:mycluster:service:default:myservice

Authentication

Dashboard Authentication

Form Login

By default form login is enabled. A user named admin will be seeded with a password of admin.

SAML

The dashboard supports SAML authentication.

To configure SAML, you will need to obtain a SAML metadata XML file from your identity provider. You should either make that file available at ${SOLUBLE_HOME}/conf/saml/metadata.xml or set SAMLE_METADATA to the location of the file.

Note that SAML_ENTITY_ID and SAML_RESPONSE_URL are also required for most identity providers. Okta is the notable exception.

Config Var Description
SAML_METADATA Path to SAML metadata XML file. If not specified, ${SOLUBLE_HOME}/conf/saml/metadata.xml will be consulted.
SAML_ENTITY_ID Entity ID of soluble dashboard, as configured in your SAML IDP.
SAML_RESPONSE_URL Assertion response (ACS) URL. This will be ${DASHBOARD_BASE_URL}/saml/response