ZCF Unified Portal
ZCF Unified Portal provides a unified access interface for ZCF. After login, users can switch management views, open ZCF Cloud Federation, ZCF Observability, ZCF Network Service, or other connected component pages, and perform management and viewing operations based on their permissions.
This chapter introduces key concepts of Unified Portal, login methods, navigation, user and tenant management, and cross-component access paths. SSO on the login page corresponds to the SSO capability. For platform access and SSO configuration, see the ZCF Cloud Federation chapter.
Key Concepts
Before using ZCF Unified Portal, learn the following concepts related to access methods, authentication, users and tenants, and navigation scope.
Access and Authentication
| Concept | Description |
|---|---|
| Unified Portal | The unified access interface that users use after logging in to ZCF. It is used to switch management views and open ZCF features and connected component pages. |
| SSO | A ZIAM-based unified authentication login method. After SSO is configured, users can complete authentication through SSO on the login page and access components or environments with SSO enabled. |
| Local Login | A login method that uses the ZStack Cloud local account of the Default Region. Use local login to access ZCF with a local administrator account or to enter the management UI when SSO is temporarily unavailable. |
| Unified Identity Source | A source that stores user accounts and authentication information, such as ZIAM. After an identity source is connected, users can sign in through SSO with the corresponding account. |
| SSO Access Configuration | The authentication configuration that administrators select when enabling SSO for target platforms. After the configuration is applied to a target platform, users can log in to that platform through SSO. |
Users and Tenants
| Concept | Description |
|---|---|
| User | A user account that logs in to ZCF and accesses resources. A user can enter ZCF through SSO or local login and access resources based on project membership and permissions. |
| Organization | A structure for organizing users by department or hierarchy. It is used to maintain user affiliation relationships. |
| Member Group | A collection of users. Member groups are used to maintain membership relationships and can be used with permission management when required. |
| Project | A management unit for business or resource usage scenarios. It is used to organize project members and control the resources that members can access. |
Access Scope and Navigation
| Concept | Description |
|---|---|
| Default Region | The region view that users enter by default after login. In this view, users can access ZStack Cloud resources and tenant management pages of the corresponding region. After SSO is configured, users, projects, and membership relationships are mainly maintained in the Default Region. |
| Global Management | A global view for cross-component management. After switching to Global Management, users can access global pages such as Home, Dashboards and Reports, Operations, ZCF Cloud Federation, and ZNS Network Center. |
| Unified Navigation | The menu system in Unified Portal. Menus display accessible pages based on the current management view and user permissions. Available pages may differ between Global Management and region views. |
| Component Page | A page in Unified Portal for accessing component capabilities, such as ZCF Cloud Federation, ZCF Observability, and ZCF Network Service. Different component pages may appear in Global Management or region views. |
Login and Authentication
After ZCF is installed, access the ZCF UI address in a browser to open the login page. The login page provides two login methods: local login and SSO.
| Login Method | Scenario |
|---|---|
| SSO | Applies to environments where ZIAM-based SSO has been configured. Users can authenticate through SSO on the login page and enter ZCF. |
| Local Login | Applies to local account access. Administrators can use local login to enter ZCF when they need to use the local account of the Default Region. |
Local Login
About this task
Local login uses the ZStack Cloud local account system of the Default Region. This login method includes the Account Login and Tenant Login tabs. Administrators typically use account login to enter the management UI. Tenant users can select tenant login based on tenant account configuration in the environment.
Procedure
- On the login page, select Local Login.
- Select Account Login or Tenant Login based on the account type.
- Enter the local account and password.
- Click Login.
- After login succeeds, enter ZCF Unified Portal.
SSO
About this task
After SSO access is configured, users can select SSO on the login page and complete identity authentication through ZIAM.
Procedure
- On the login page, select SSO.
- Click the SSO login button.
- Complete account authentication as prompted.
- After authentication succeeds, enter ZCF Unified Portal.
What to do next
Note: SSO login depends on ZIAM-based SSO configuration. If SSO has not been configured in the current environment, use local login or contact the administrator to complete authentication configuration.Unified Navigation and Access
After logging in to ZCF, users can switch management views in Unified Portal and open Home, ZCF Cloud Federation, ZCF Observability, ZCF Network Service, and other pages from the menu.
This section describes how to switch management views, access Home, and check menu availability.
Switch Management Views
About this task
After login, users can switch between the Default Region and Global Management. The Default Region is used to view and manage resources and tenant-related objects in the current region. Global Management is used to open global pages such as Home, ZCF Cloud Federation, ZCF Observability, and ZCF Network Service.
| View | Description |
|---|---|
| Default Region | View or manage resources, users, and tenant-related objects within the current region. |
| Global Management | Open global pages such as Home, Dashboards and Reports, Operations, ZCF Cloud Federation, and ZNS Network Center. |
Procedure
- Log in to ZCF.
- In the upper-right corner of the main menu, switch to Global Management.
- In the Global Management view, access Home, Dashboards and Reports, Operations, Cloud Federation, or ZNS Network Center as needed.
- To return to resource and tenant-related pages within the current region, switch back to the Default Region from the same location.
What to do next
Note: ZNS Network Center corresponds to ZCF Network Service.Access Home
About this task
Home is located in the Global Management view and is used to view the global overview of ZCF. Resource, health, capacity, and performance data on Home depends on product access and data collection status. If no infrastructure component has been connected, related data might be empty.
Procedure
- Log in to ZCF.
- In the upper-right corner of the main menu, switch to Global Management.
- In the main menu, click Home.
Check Menu Availability
In Unified Portal, if an expected menu is not displayed, or if a page or operation is unavailable after you open a menu, check the following items.
| Check Item | Description |
|---|---|
| Management view | Some menus are displayed only in the Global Management view or in a specified region view. Switch to the view that contains the feature you want to access. |
| Component deployment status | If a component is not deployed or its service is unavailable, the menu might be hidden, or the page might be inaccessible. |
| Component connection status | For resources or data that require a ZCF Cloud Federation connection, complete information might be displayed only after the connection is completed. |
| License status | If the license is unavailable, expired, or does not cover the required capability, the related menu or operation might be unavailable. |
| User permissions | Menus that the current account is not authorized to access might not be displayed. After a page is opened, unauthorized operations might also be unavailable. |
To access ZCF Cloud Federation, ZCF Observability, or ZCF Network Service, first switch to the Global Management view. If the related menu is still unavailable, check the component deployment, license, and account permission status.
User and Tenant Management
Administrators can maintain users, organizations, member groups, and projects in Unified Portal. After SSO is configured, these objects can be included in unified authentication management, and users can access related components based on projects and permissions.
Managed Objects
| Object | Purpose |
|---|---|
| Organization | Maintains user affiliation by organization or department hierarchy. |
| User | Maintains account identities that access ZCF and related components. |
| Member Group | Groups multiple users together for unified membership maintenance. |
| Project | Organizes members and resource access relationships around business or resource usage scenarios. |
Management Method
Administrators can maintain users, organizations, member groups, and projects on tenant management pages in the default region. After ZIAM is connected, changes to these objects are synchronized to ZIAM, and components with SSO configured can use the synchronized user relationships.
When ZIAM is unavailable, create, delete, and update operations on organizations, users, member groups, projects, and other objects might be unavailable. Restore the SSO service before performing related changes.
Component Access and Cross-Component Access
Users can open ZCF functional modules and connected component pages from Unified Portal. Before access, confirm the current management goal and management view.
Access Paths
| Goal | Page | How to Access |
|---|---|---|
| View the global overview | Home | Switch to Global Management, and then open Home to view the overall resource and running status. |
| Connect and manage components | ZCF Cloud Federation | Switch to Global Management, and then open ZCF Cloud Federation pages. |
| View observability data | Dashboards and Reports / Operations | Switch to Global Management, and then open ZCF Observability pages. |
| Manage network resources | ZNS Network Center | Switch to Global Management, and then open ZNS Network Center. |
Access Restrictions
Unified Portal displays only the pages that are available in the current environment and accessible to the current user. If a component is not deployed, not connected, not licensed, or unavailable, the related page might not be displayed. Users might also be unable to open a page from historical links or direct URLs.
To access a component, make sure the component has been deployed, connected, and licensed, and make sure the current account has the required access permissions.