Embed Size (px)
Citation preview
ISOD-RG Discussion
Infrastructure Services Definition
ISOD-RG
Slat Lake City, Utah
17 July 2011
ISoD-RG, OGF32, 17 July
2011, Salt Lake City Discussion Infrastructure Services 1
Outline
• General use cases for InterCloud Architecture and Infrastructure Services
provisioning
– Provisioning Cloud based project oriented infrastructures on-demand and
distributed virtualised applications mobility
• Standardisation on Cloud architecture and components
– NIST Cloud collaboration
• Infrastructure services definition
• Additional Information
– Architectural Framework of the Cloud IaaS Provisioning Model (by UvA)
Cloud Federation @OGF32 - 16 July
2011, Salt Lake City InterCloud Architecture and Security Slide_2
SNE Cloud Research Directions
(1) Generic Cloud IaaS Architecture, Release 1, 15 April 2011 Published as http://staff.science.uva.nl/~demch/worksinprogress/sne2011-techreport-2011-03-clouds-iaas-architecture-release1.pdf
• Infrastructure Services Modeling Framework (ISMF)
• Composable Services Architecture (CSA)
• Service Delivery Framework (SDF)
(2) InterCloud (OS/Middleware) • Targeting for InterCloud BGP-like protocol
• Merging (1) and (2) under InterCloud Architecture • Network infrastructure provisioning as part of Cloud infrastructure
provisioning
(3) Security Infrastructure for Cloud (dynamically provisioned) • Dynamic Access Control Infrastructure (DACI)
• Following Cloud standardisation and contributing to NIST Cloud collaboration
Cloud Federation @OGF32 - 16
July 2011, Salt Lake City InterCloud Architecture and Security 3
General use cases for Cloud based
Infrastructure Services provisioning
• Clouds are evolving as a common way of provisioning
infrastructure services on-demand
– In this way, Clouds add a new type of services in addition and on the
top of currently existing network based and distributed services
– Using real life analogy like “moving house or office” from one location
to another
• Pack- Move – Unpack – (connect to local infrastructure)
• InterCloud Architecture (ICA) provide a framework to support
provisioning Cloud based project oriented infrastructures on-
demand and distributed virtualised applications mobility
– Hybrid Cloud/Grid e-Science collaborative environment
– Educational Lab deployment in Clouds
• Other use cases to be defined
Cloud Federation @OGF32 - 16
July 2011, Salt Lake City InterCloud Architecture and Security 4
Use case 1: Cloud based e-Science infrastructure
InterCloud Architecture and Security 5
Control &
Monitoring
Sc. Instrument
(Manufactrg)
Grid
Storage T1
Grid CE
Data Filtering
Grid
Storage T0
Grid VO-A
Visuali-
sation
User
Group A
User
CE
Campus A
Visuali-
sation
User
CE User
Group B
Campus B
CE CE CE
SE SE
CSE CSE CSE CSE CloudSE
T1
CE
Processed Data
Experimental
Data
Specialist
Data
Processing
Project based
Cloud Infrastructure
Data Filtering Ctrl&Mngnt
Plane
Project based Collaborating
user groups located in remote
campuses on data intensive
projects requiring high performance
computing and rich visualisation
Grid based core eScience
Infrastructure including
data intensive scientific
instrument
Campus
infrastructure
including
visualisation tools
Cloud
infrastructure
provisioned on
demand
Cloud Federation @OGF32 - 16
July 2011, Salt Lake City
Use case 2: Educational Lab (mobility)
• Educational lab is created for a specific course in one
university
– A course is computing intensive and has periodicity of one semester
• The required infrastructure is expensive and is deployed on Cloud
(generally multiple)
– First installation requires significant efforts that need to preserved
• Between periodic course runs the Lab will be dormant or
should be suspended and resumed for the next term
– Used/required Cloud resources may change/evolve
• The Lab may need to be moved to another university with
different campus network installation and available Cloud
providers
– Requires Cloud services standardisation and interoperability
Cloud Federation @OGF32 - 16
July 2011, Salt Lake City InterCloud Architecture and Security 6
Defining InterCloud Architecture
• The prospective InterCloud Architecture should allow
interoperability and integration of existing models and Cloud
providers frameworks
– Should be supersede to Cloud Federation
• Be compatible and provide multi-layer integration of existing
Cloud service models – IaaS, PaaS, SaaS and Apps clouds
• Presumably following the same architecture patterns as
Internet and Grid/OGSA
– Provide functionalities for creating VO based infrastructures
Cloud Federation @OGF32 - 16
July 2011, Salt Lake City InterCloud Architecture and Security 7
Current relation between Cloud services models
• Cloud service
models IaaS, PaaS,
SaaS use
proprietary Physical
Platform and
Resources
Adaptation Layer
Cloud Federation @OGF32 - 16
July 2011, Salt Lake City InterCloud Architecture and Security 8
Cloud SaaS (Apps)
Cloud PaaS (OS, mw)
Cloud IaaS (VM MgntS)
API (Data, C&MP)
API (Data, C&MP)
Customers & Applications
Physical Platform and Resources Adaptation Layer (PPR Adaptation)
User and Application API (Data, C&MP)
Computer Platform
PPR Adaptation
PPR Adaptation
Computer Platform
Prospective InterCloud Architecture
• Standardisation
API’s between
different Cloud
service models
• Cloud/ICA layered
API – For application data
communication
– For Control and
Management
Cloud Federation @OGF32 - 16
July 2011, Salt Lake City InterCloud Architecture and Security 9
Cloud SaaS (Apps)
Cloud PaaS (OS, mw)
Cloud IaaS (VM MgntS)
API (Data, C&MP)
API (Data, C&MP)
Customers & Applications
Physical Platform and Resources Adaptation Layer
User and Application API (Data, C&MP)
Defining InterCloud Architecture API’s
• InterCloud Architecture (ICA) should address interoperability
of different Cloud service platforms and multi-cloud
integration, including with legacy campus infrastructure
• Define InterCloud protocols and API’s stack
– VI-API – IaaS API
– P-API – PaaS API
– SA-API – Software (and applications) API
– OCCI can be a base for defining most of APIs
• Depending on service model, some API’s may be run by
providers and some by customers/users
Cloud Federation @OGF32 - 16
July 2011, Salt Lake City InterCloud Architecture and Security Slide_10
Architectural Framework for Cloud IaaS
Published as SNE Technical Report http://staff.science.uva.nl/~demch/worksinprogress/sne2011-techreport-2011-03-
clouds-iaas-architecture-release1.pdf
• Includes the following main components
– Infrastructure Services Modeling Framework (ISMF)
– Composable Services Architecture (CSA)
– Service Delivery Framework (SDF)
• Additional components (orthogonal)
– Cloud Security Infrastructure
– Control and Management Plane
Cloud Federation @OGF32 - 16
July 2011, Salt Lake City InterCloud Architecture and Security Slide_11
NIST Activity on Cloud Computing
• NIST – Collaboration on Cloud Computing Reference Architecture development – http://collaborate.nist.gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome
• Draft SP 800-145 The NIST Definition of Cloud Computing (Draft) – http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145_cloud-
definition.pdf
• DRAFT Cloud Computing Synopsis and Recommendations – http://csrc.nist.gov/publications/drafts/800-146/Draft-NIST-SP800-146.pdf
• Draft SP 800-144 Guidelines on Security and Privacy in Public Cloud Computing – http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-
computing.pdf
• NIST Cloud Standards Roadmap group – http://collaborate.nist.gov/twiki-cloud-
computing/pub/CloudComputing/StandardsRoadmap/NIST_CCSRWG_092_NIST_SP_500-291_Jul5.pdf
• SP 800-125 Guide to Security for Full Virtualisation Technologies – http://csrc.nist.gov/publications/nistpubs/800-125/SP800-125-final.pdf
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 12
NIST Cloud definition – Draft SP 800-145 (1)
Draft SP 800-145 The NIST Definition of Cloud Computing (Draft) http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145_cloud-
definition.pdf
• Five Cloud characteristics
– On-demand self-service
– Broad network access
– Resource pooling
– Rapid elasticity
– Measured Service
• 3 service/provisioning models
– Software as a Service (SaaS)
– Platform as a Service (PaaS)
– Infrastructure as a Service (IaaS)
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 13
NIST Cloud definition – Draft SP 800-145 (2)
• NIST Definition of Cloud – missing network provisioning, just “limited control over network”
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access
to a shared pool of configurable computing resources (e.g., networks, servers, storage,
applications, and services) that can be rapidly provisioned and released with minimal
management effort or service provider interaction. This cloud model promotes availability and
is composed of five essential characteristics, three service models, and four deployment
models.
Service/provisioning models: SaaS – PaaS - IaaS
Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to
provision processing, storage, networks, and other fundamental computing resources
where the consumer is able to deploy and run arbitrary software, which can include
operating systems and applications. The consumer does not manage or control the
underlying cloud infrastructure but has control over operating systems, storage,
deployed applications, and possibly limited control of select networking components
(e.g., host firewalls).
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 14
NIST Cloud Computing Reference Architecture
(CCRA) 2.0 - Main Roles (1)
• Cloud Carrier as a role to accommodate telco’s interests
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 15
NIST Cloud Computing Reference Architecture
(CCRA) 2.0 - Provider Functions (2)
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 16
Add:
Service Delivery
(Framework)
• Request&SLA
• Reservation/
Composition
• Deployment
• Operation
• Decommissioning
Provider functions
• Defined ambiguously
• Need clear separation between Delivery
process, Operation and Control&Mngnt
functions
• Service Orchestration is a Control function
NIST Cloud Computing Reference Architecture
(CCRA) 2.0 – Consolidated View (3)
• txt
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 17
Dedicated Network Provisioning in Clouds
• This issue is not addressed in details in any of currently
proposed CC architectures
• It can not be consistent infrastructure QoS without
(dedicated) network provisioning
– Specifically for Optical networks
• Telco, network providers and telecom equipment vendors
working in this direction
– GEYSERS project is an example of network+IT infrastructure
virtualisation
•
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 18
Infrastructure definition by Wikipedia (1)
The physical components of interrelated systems providing commodities and
services essential to enable, sustain, or enhance societal living conditions.
• Infrastructure is the basic physical and organizational structures needed for the
operation of a society or enterprise, or the services and facilities necessary for an
economy to function.
– The term typically refers to the technical structures that support a society, such as
roads, water supply, sewers, power grids, telecommunications, and so forth.
• Viewed functionally, infrastructure facilitates the production of goods and
services; for example, roads enable the transport of raw materials to a factory,
and also for the distribution of finished products to markets.
• In military parlance, the term refers to the buildings and permanent installations
necessary for the support, redeployment, and operation of military forces.
• Etymology
– the word infrastructure has been used in English since at least 1927 and meant: The installations
that form the basis for any operation or system.
– The military use of the term achieved currency in the United States after the formation of NATO in
the 1940s, and was then adopted by urban planners in its modern civilian sense by 1970.
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 19
Infrastructure definition by Wikipedia (2)
• “Hard” vs “Soft” infrastructure
– “Hard” infrastructure: Transport, energy, water communication
– “Soft” infrastructure: institutional, industrial, social
• The Internet, including the internet backbone, core routers and server farms, local
internet service providers as well as the protocols and other basic software
required for the system to function.
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 20
Open Group Integrated Information Infrastructure
Reference Model (III-RM)
• Infrastructure support business processes
– Integrated information so that different and potentially conflicting
pieces of information are not distributed throughout different systems
– Integrated access to that information so that staff can access all the
information they need and have a right to, through one convenient
interface
• The following components are involved
– Applications and applications platform
– Operating System and Network services
– Communication infrastructure
– Infrastructure application including management tools
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 21
Infrastructure definition by Sjaak Laan (NL)
From http://www.sjaaklaan.nl/pivot/entry.php?id=142 by Sjaak Laan (NL)
• IT infrastructure consists of the equipment, systems, software, and services used in
common across an organization, regardless of mission/program/project. IT Infrastructure
also serves as the foundation upon which mission/program/project-specific systems and
capabilities are built. (cio.gov - the website for the United States Chief Information Officers
Council)
• All of the components (Configuration Items) that are needed to deliver IT Services to
customers. The IT Infrastructure consists of more than just hardware and software. (ITILv2)
• All of the hardware, software, networks, facilities, etc., that are required to Develop, Test,
deliver, Monitor, Control or support IT Services. The term IT Infrastructure includes all of the
Information Technology but not the associated people, Processes and documentation.
(ITILv3) • Information technology infrastructure underpins the distributed operational and administrative computing environment.
Hidden from the application-based world of end-users, technology infrastructure encompasses the unseen realm of
protocols, networks, and middleware that bind the computing enterprise together and facilitate efficient data flows. Yet
information technology infrastructure involves more than just the mechanics of data systems; it also includes people
providing support and services. (Technology Governance Board Definition of Information Technology Infrastructure)
• Infrastructure is the shared and reliable services that provide the foundation for the enterprise IT portfolio. The
implementation of an architecture includes the processors, software, databases, electronic links, and data centers as well
as the standards that ensure the components work together, the skills for managing the operation etc. (Goethe University
of Frankfurt, http://www.is-frankfurt.de/)
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 22
Infrastructure definition by Sjaak Laan
IT infrastructure is the total set of foundation components and non functional attributes that enables applications to
function.
Typical IT infrastructure characteristics are:
• IT infrastructure is usually shared by a multiple applications
• IT infrastructure is more static and permanent than the applications running upon it
• The management of the infrastructure is disconnected from the system management of the applications running on top of it
• The departments owning infrastructure components is different from the department owning the applications running on it
• Foundation components
– Servers, datacenters, networking, virtualisation, OS, end user devices
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 23
Infrastructure definition - Discussion
• Recent discussions in context of Cloud IaaS
– Set of VMs with connecting them network links with
defined characteristics (e.g. QoS)
• Contribution is requested from the meeting
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 24
Additional Information
• Useful links on Cloud standardisation and practice
Cloud Federation @OGF32 - 16
July 2011, Salt Lake City InterCloud Architecture and Security 25
Cloud related links (1)
Additional NIST links
• NIST on Cloud - Standards Acceleration to Jumpstart Adoption of Cloud
Computing (SAJACC)
– http://www.nist.gov/itl/cloud/sajacc.cfm
– http://csrc.nist.gov/groups/SNS/cloud-computing/index.html
• NIST Cloud Computing Collaboration Site
– http://collaborate.nist.gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome
• NIST Cloud Computing Reference Architecture, v1.0
– http://collaborate.nist.gov/twiki-cloud-
computing/bin/view/CloudComputing/ReferenceArchitectureTaxonomy
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 26
Cloud related links (2)
Other standardisation activities
• Federal Cloud Computing Strategy - this quite useful to read http://www.cio.gov/pages.cfm/page/IT-Reform-Series-Federal-Cloud-Computing-Strategy-Published
– http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf
• IETF internet-draft, “Cloud Reference Framework”
– http://www.ietf.org/id/draft-khasnabish-cloud-reference-framework-00.txt
• OGF OCCI - http://occi-wg.org/
• GSA, “Cloud Computing Initiative Vision and Strategy Document (DRAFT)”,
– http://info.apps.gov/sites/default/files/Cloud_Computing_Strategy_0.ppt
• Cloud Taxonomy
– http://cloudtaxonomy.opencrowd.com/
• Open Security Architecture (OSA), “Cloud Computing Patterns”
– http://www.opensecurityarchitecture.org/cms/library/patternlandscape/251-pattern-cloud-computing
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 27
Cloud related links (3)
Other Cloud related initiatives
• ENISA Cloud Computing Risk Assessment (2010)
http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-
risk-assessment
• Collection of cloud identity management usecases by OASIS Identity in
the Cloud TC
– http://wiki.oasis-open.org/id-cloud/MemberSubmissions
• Good collection of up-to-date links
– http://cloud-standards.org/wiki/index.php?title=Main_Page
• Cloudscape III meeting presentations (may require registration)
– http://www.sienainitiative.eu/Pages/Static.aspx?id_documento=1d585f0b-
2b65-45b7-8f56-a1f1e93dbde9
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 28
Cloud related links (4)
Cloud development and frameworks by big IT companies
• IBM, “Cloud Computing Reference Architecture v2.0”
– http://www.opengroup.org/cloudcomputing/doc.tpl?CALLER=documents.tpl&d
cat=15&gdid=23840
• Oracle Cloud Computing
– http://www.oracle.com/us/technologies/cloud/index.html
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 29
Cloud related links (5)
Network vendors and providers
• Cloud reality blogs – http://www.rationalsurvivability.com/blog/?p=1672
– http://www.rationalsurvivability.com/blog/?p=2850
– http://www.rationalsurvivability.com/blog/?p=1717
– However they are mostly discussing what companies do or what they think about minor technical solutions, not approaching the problem from more conceptual view
• Extreme Networks – http://www.extremenetworks.com/solutions/datacenter_openstackcloud.aspx
– http://www.extremenetworks.com/blog/?p=83
• Juniper Networks, “Cloud-ready Data Center Reference Architecture”, – http://www.juniper.net/us/en/local/pdf/reference-architectures/8030001-en.pdf
• Cisco and Clouds – http://www.cisco.com/en/US/netsol/ns976/index.html
ISoD-RG, OGF32, 17 July 2011,
Salt Lake City Discussion Infrastructure Services 30
