GitBook: [#84] Added doc to enable security in docker based deployments

deploy/deploy-on-bare-metal/enable-security/README.md

@@ -2,4 +2,4 @@
 
 OpenMetadata has support for Google SSO and Okta SSO as identity providers. Please see the next sections about how to configure them.
 
-Enabling Security is only required for your production installation. If you are testing OpenMetadata it will be easier and faster to set up without security. To get up and running quickly with OpenMetadata (without security), please follow the [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) guide.
+Enabling Security is only required for your production installation. If you are testing OpenMetadata it will be easier and faster to set up without security. To get up and running quickly with OpenMetadata (without security), please follow the [Run OpenMetadata](../../../docs/try-openmetadata/run-openmetadata/) guide.

deploy/deploy-on-kubernetes/enable-security/README.md

@@ -2,4 +2,4 @@
 
 OpenMetadata has support for Google SSO and Okta SSO as identity providers. Please see the next sections about how to configure them.
 
-Enabling Security is only required for your production installation. If you are testing OpenMetadata it will be easier and faster to set up without security. To get up and running quickly with OpenMetadata (without security), please follow the [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) guide.
+Enabling Security is only required for your production installation. If you are testing OpenMetadata it will be easier and faster to set up without security. To get up and running quickly with OpenMetadata (without security), please follow the [Run OpenMetadata](../../../docs/try-openmetadata/run-openmetadata/) guide.

docs/SUMMARY.md

@@ -5,7 +5,8 @@
 * [Roadmap](roadmap.md)
 * [Try OpenMetadata](../try-openmetadata/README.md)
   * [Try OpenMetadata in our Public Sandbox](../try-openmetadata/take-it-for-a-spin.md)
-  * [Try OpenMetadata in Docker](../try-openmetadata/run-openmetadata.md)
+  * [Try OpenMetadata in Docker](try-openmetadata/run-openmetadata/README.md)
+    * [Enable Security](try-openmetadata/run-openmetadata/enable-security.md)
 * [Tutorials](tutorials/README.md)
   * [Tutorial: Data Discovery with OpenMetadata](tutorials/tutorial-data-discovery-with-openmetadata.md)
 

docs/integrations/connectors/azure-sql.md

@@ -19,7 +19,7 @@ You must have a running deployment of OpenMetadata to use this guide. OpenMetada
 * MySQL as the backing store for all metadata
 * Airflow for metadata ingestion workflows
 
-If you have not already deployed OpenMetadata, please follow the instructions to [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) to get up and running.
+If you have not already deployed OpenMetadata, please follow the instructions to [Run OpenMetadata](../../try-openmetadata/run-openmetadata/) to get up and running.
 
 ### Python (version 3.8.0 or later)
 
@@ -448,6 +448,6 @@ Max retries exceeded with url: /api/v1/services/databaseServices/name/local_azur
 Failed to establish a new connection: [Errno 61] Connection refused'))
 ```
 
-To correct this problem, please follow the steps in the [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) guide to deploy OpenMetadata in Docker on your local machine.
+To correct this problem, please follow the steps in the [Run OpenMetadata](../../try-openmetadata/run-openmetadata/) guide to deploy OpenMetadata in Docker on your local machine.
 
 Then re-run the metadata ingestion workflow in [Step 12](azure-sql.md#run-manually).

docs/integrations/connectors/databricks.md

@@ -19,7 +19,7 @@ You must have a running deployment of OpenMetadata to use this guide. OpenMetada
 * MySQL as the backing store for all metadata
 * Airflow for metadata ingestion workflows
 
-If you have not already deployed OpenMetadata, please follow the instructions to [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) to get up and running.
+If you have not already deployed OpenMetadata, please follow the instructions to [Run OpenMetadata](../../try-openmetadata/run-openmetadata/) to get up and running.
 
 ### Python (version 3.8.0 or later)
 
@@ -442,6 +442,6 @@ Max retries exceeded with url: /api/v1/services/databaseServices/name/local_data
 Failed to establish a new connection: [Errno 61] Connection refused'))
 ```
 
-To correct this problem, please follow the steps in the [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) guide to deploy OpenMetadata in Docker on your local machine.
+To correct this problem, please follow the steps in the [Run OpenMetadata](../../try-openmetadata/run-openmetadata/) guide to deploy OpenMetadata in Docker on your local machine.
 
 Then re-run the metadata ingestion workflow in [Step 12](databricks.md#run-manually).

docs/integrations/connectors/delta-lake.md

@@ -19,7 +19,7 @@ You must have a running deployment of OpenMetadata to use this guide. OpenMetada
 * MySQL as the backing store for all metadata
 * Airflow for metadata ingestion workflows
 
-If you have not already deployed OpenMetadata, please follow the instructions to [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) to get up and running.
+If you have not already deployed OpenMetadata, please follow the instructions to [Run OpenMetadata](../../try-openmetadata/run-openmetadata/) to get up and running.
 
 ### Python (version 3.8.0 or later)
 
@@ -418,6 +418,6 @@ Max retries exceeded with url: /api/v1/services/databaseServices/name/local_delt
 Failed to establish a new connection: [Errno 61] Connection refused'))
 ```
 
-To correct this problem, please follow the steps in the [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) guide to deploy OpenMetadata in Docker on your local machine.
+To correct this problem, please follow the steps in the [Run OpenMetadata](../../try-openmetadata/run-openmetadata/) guide to deploy OpenMetadata in Docker on your local machine.
 
 Then re-run the metadata ingestion workflow in [Step 12](delta-lake.md#run-manually).

docs/integrations/connectors/ibm-db2.md

@@ -19,7 +19,7 @@ You must have a running deployment of OpenMetadata to use this guide. OpenMetada
 * MySQL as the backing store for all metadata
 * Airflow for metadata ingestion workflows
 
-If you have not already deployed OpenMetadata, please follow the instructions to [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) to get up and running.
+If you have not already deployed OpenMetadata, please follow the instructions to [Run OpenMetadata](../../try-openmetadata/run-openmetadata/) to get up and running.
 
 ### Python (version 3.8.0 or later)
 
@@ -438,6 +438,6 @@ Max retries exceeded with url: /api/v1/services/databaseServices/name/local_db2
 Failed to establish a new connection: [Errno 61] Connection refused'))
 ```
 
-To correct this problem, please follow the steps in the [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) guide to deploy OpenMetadata in Docker on your local machine.
+To correct this problem, please follow the steps in the [Run OpenMetadata](../../try-openmetadata/run-openmetadata/) guide to deploy OpenMetadata in Docker on your local machine.
 
 Then re-run the metadata ingestion workflow in [Step 12](ibm-db2.md#run-manually).

docs/integrations/connectors/singlestore.md

@@ -19,7 +19,7 @@ You must have a running deployment of OpenMetadata to use this guide. OpenMetada
 * MySQL as the backing store for all metadata
 * Airflow for metadata ingestion workflows
 
-If you have not already deployed OpenMetadata, please follow the instructions to [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) to get up and running.
+If you have not already deployed OpenMetadata, please follow the instructions to [Run OpenMetadata](../../try-openmetadata/run-openmetadata/) to get up and running.
 
 ### Python (version 3.8.0 or later)
 
@@ -447,6 +447,6 @@ Max retries exceeded with url: /api/v1/services/databaseServices/name/local_sing
 Failed to establish a new connection: [Errno 61] Connection refused'))
 ```
 
-To correct this problem, please follow the steps in the [Run OpenMetadata](../../../try-openmetadata/run-openmetadata.md) guide to deploy OpenMetadata in Docker on your local machine.
+To correct this problem, please follow the steps in the [Run OpenMetadata](../../try-openmetadata/run-openmetadata/) guide to deploy OpenMetadata in Docker on your local machine.
 
 Then re-run the metadata ingestion workflow in [Step 12](singlestore.md#run-manually).

docs/try-openmetadata/run-openmetadata/README.md

@@ -31,7 +31,7 @@ docker --version
 If you need to install Docker, please visit [Get Docker](https://docs.docker.com/get-docker/). You also need the latest `docker-compose` installed, please visit [Install Docker Compose](https://docs.docker.com/compose/install/).
 
 {% hint style="warning" %}
-Note: You must **allocate at least 4GB of memory to Docker** in order to run OpenMetadata. To change the memory allocation for Docker, please visit:
+Note: You must **allocate at least 6GB of memory to Docker** in order to run OpenMetadata. To change the memory allocation for Docker, please visit:
 
 Preferences -> Resources -> Advanced
 {% endhint %}
@@ -119,7 +119,7 @@ This will create a docker network and four containers for the following services
 * Apache Airflow which OpenMetadata uses for metadata ingestion
 * The OpenMetadata UI and API server
 
-After starting the Docker containers, you should see output similar to the following.
+After starting the Docker containers, you should see an output similar to the following.
 
 ```
 [2021-11-18 15:53:52,532] INFO     {metadata.cmd:202} - Running Latest Release Docker
@@ -173,7 +173,7 @@ Username: `admin`
 
 Password: `admin`
 
-![](../docs/.gitbook/assets/airflow-login.png)
+![](../../.gitbook/assets/airflow-login.png)
 
 ### 10. Begin using OpenMetadata
 
@@ -185,13 +185,13 @@ http://localhost:8585
 
 You should see a page similar to the following as the landing page for the OpenMetadata server.
 
-![](../docs/.gitbook/assets/om-local-landing-page.png)
+![](../../.gitbook/assets/om-local-landing-page.png)
 
 ### Next Steps
 
-1. Visit the [Features](../docs/features.md) overview page and explore the OpenMetadata UI.
-2. Visit the [Connectors](../docs/integrations/connectors/) documentation to see what services you can integrate with OpenMetadata.
-3. Visit the [API](../docs/openmetadata-apis/apis/overview.md) documentation and explore the OpenMetadata APIs.
+1. Visit the [Features](../../features.md) overview page and explore the OpenMetadata UI.
+2. Visit the [Connectors](../../integrations/connectors/) documentation to see what services you can integrate with OpenMetadata.
+3. Visit the [API](../../openmetadata-apis/apis/overview.md) documentation and explore the OpenMetadata APIs.
 
 ### Troubleshooting
 
@@ -203,7 +203,7 @@ ERROR: Could not find a version that satisfies the requirement openmetadata-inge
 ERROR: No matching distribution found for openmetadata-ingestion[docker]
 ```
 
-If you see the above when attempting to install OpenMetadata, this can be due to using older version of Python and pip. Please check the [Requirements](run-openmetadata.md#requirements) section above and confirm that you have supported versions installed.
+If you see the above when attempting to install OpenMetadata, this can be due to using older version of Python and pip. Please check the [Requirements](./#requirements) section above and confirm that you have supported versions installed.
 
 If you need support please get in touch on Slack: [https://slack.open-metadata.org/](https://slack.open-metadata.org).
 
@@ -224,7 +224,7 @@ sudo apt upgrade
 sudo apt install python3-pip  python3-venv
 ```
 
-Follow the [OSX instructions](run-openmetadata.md#1.-create-a-directory-for-openmetadata)
+Follow the [OSX instructions](./#1.-create-a-directory-for-openmetadata)
 
 ## Upgrade OpenMetadata
 
@@ -232,7 +232,7 @@ If you would like to upgrade your OpenMetadata deployment installed following th
 
 ### 1. Ensure your Python virtual environment is activated
 
-The procedure for [installing OpenMetadata](run-openmetadata.md) asks you to create a new directory and Python virtual environment. The procedure then asks you to install the `openmetadata-ingestion[docker]` Python module in this virtual environment.
+The procedure for [installing OpenMetadata](./) asks you to create a new directory and Python virtual environment. The procedure then asks you to install the `openmetadata-ingestion[docker]` Python module in this virtual environment.
 
 In your command-line environment, please navigate to the directory where you installed `openmetadata-ingestion[docker]` and activate the virtual environment by running the following command.
 

docs/try-openmetadata/run-openmetadata/enable-security.md

@@ -0,0 +1,39 @@
+---
+description: This guide helps you enable security in OpenMetadata with Docker
+---
+
+# Enable Security
+
+By default, security is not enabled when bringing up a cluster with the `metadata docker --start` command. To enable authentication and authorization, follow the below-mentioned steps:
+
+1.  Create an env file like the following in your machine and update the values as required. Refer to the [Enable Security](../../../deploy/deploy-on-bare-metal/enable-security/) documentation to set up your preferred authentication provider.
+
+    ```
+    AUTHORIZER_CLASS_NAME=org.openmetadata.catalog.security.DefaultAuthorizer
+    AUTHORIZER_REQUEST_FILTER=org.openmetadata.catalog.security.JwtFilter
+    AUTHORIZER_ADMIN_PRINCIPALS=admin
+    AUTHORIZER_INGESTION_PRINCIPAL=ingestion-bot
+    AUTHORIZER_PRINCIPAL_DOMAIN=open-metadata.org
+    AUTHENTICATION_PROVIDER=google
+    AUTHENTICATION_PUBLIC_KEY=https://www.googleapis.com/oauth2/v3/certs
+    AUTHENTICATION_AUTHORITY=https://accounts.google.com
+    AUTHENTICATION_CLIENT_ID=709849217090-n7s8oc4cvpffubraoi5vbr1s0qfboqvv.apps.googleusercontent.com
+    AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
+    ```
+
+
+2.  Start the Docker containers from metadata CLI with the above env file.
+
+    ```
+    metadata docker -env-file ~/env_open_metadata --start
+    ```
+
+
+3. Do not wait for the sample metadata ingestion to complete. The sample data ingestion will fail since the metadata server starts in a secure mode and will expect credentials to be present in the requests. Follow the [Configure Ingestion](../../../deploy/deploy-on-bare-metal/enable-security/okta-sso/configure-security-ingestion.md) documentation for your preferred SSO to configure ingestion with secure credentials. You can exit the command line with "Ctrl + C".
+4. Visit [http://localhost:8585](http://localhost:8585) to start exploring OpenMetadata in a secure mode\
+    
+
+
+
+
+

metadata-ingestion/ingest-sample-data.md

@@ -18,7 +18,7 @@ OpenMetadata is built using Java, DropWizard, Jetty, and MySQL.
 
 ### Run OpenMetadata Server
 
-Please refer to the [Run OpenMetadata ](../try-openmetadata/run-openmetadata.md#install-on-your-local-machine)section to run the server manually or using [Docker](../try-openmetadata/run-openmetadata.md#run-docker).
+Please refer to the [Run OpenMetadata ](../docs/try-openmetadata/run-openmetadata/#install-on-your-local-machine)section to run the server manually or using [Docker](../docs/try-openmetadata/run-openmetadata/#run-docker).
 
 ### Install from PyPI
 

try-openmetadata/README.md

@@ -4,6 +4,6 @@
 [take-it-for-a-spin.md](take-it-for-a-spin.md)
 {% endcontent-ref %}
 
-{% content-ref url="run-openmetadata.md" %}
-[run-openmetadata.md](run-openmetadata.md)
+{% content-ref url="../docs/try-openmetadata/run-openmetadata/" %}
+[run-openmetadata](../docs/try-openmetadata/run-openmetadata/)
 {% endcontent-ref %}