cloud connect - occi & cloudaudit standards update
DESCRIPTION
An overview of the Open Grid Forum's Open Cloud Computing Interface standards effort and the (non-OGF) CloudAudit ("A6") working group. Presented at CloudConnect on 17 March 2010.TRANSCRIPT
The OGF Open Cloud Computing Interface andCloudAudit
Shlomo Swidler
OGF OCCI WG Member, CloudAudit WG Member
March 17, 2009
Common OCCI & CloudAudit Vision:Open Cloud Ecosystem
OpenCloud
Open Formats
OpenInterfaces
OpenData
Open Source
Goal of OCCI
• Interoperability• Let different cloud systems
work together
• Portability• Move services between clouds
• Integration• Wire up cloud with legacy
At all levels of the stack
Who is OCCI
• Open Grid Forum Working Group
• OGF IP umbrella for copyrights, patents, trademarks
• More than 200 participants
• Industry: Rackspace, GoGrid, Sun/Oracle, RESERVOIR, …
• Academia: UCMadrid (OpenNebula), SLA@SOI w/Intel, …
• Service providers: CohesiveFT, RabbitMQ, …
• End users, developers
Current Status of OCCI
• Infrastructure layer spec finalized, in public review• Reference implementation underway
• OpenNebula, other implementations in the works, too…
• Working on Extensions (reservations, snapshots, etc.)• Building demo integrations with other standards
• SNIA CDMI - storage
• Proposed Roadmap:• Draft Platform spec – October 2010• Final – late 2011
20,000-foot Look at OCCI
• Protocol
• Lightweight, extensible
• Format-agnostic
• Built on HTTP, RESTful
Create: HTTP POST
Retrieve: HTTP GET
Update: HTTP GET & HTTP PUT
Delete: HTTP DELETE
OCCICore
OCCI Infrastructure
HT
TP
Hea
der
Ren
derin
g
XH
TM
L5 +
RD
Fa
Ren
derin
g
OCCI Platform
OCCI Application
Extensions
5,000-foot Look at OCCI
Provider
Compute
Storage
Network
AttributesOperations
Instance
Links
GET http://abc.com/uid123foobar/
OCCI
*
*
*
*
*
*
HTTP LINK
header
Atom-like categories
RE
SP
ON
SE
RE
QU
ES
T
Eye-level Look at OCCI> GET /us-east/webapp/vm01 HTTP/1.1 > User-Agent: occi-client/1.0 (linux) libcurl/7.19.4 OCCI/1.0 > Host: cloud.example.com > Accept: */* > < HTTP/1.1 200 OK < Date: Sat, 10 Oct 2009 12:56:51 GMT < Content-Type: application/ovf < Link: </us-east/webapp/vm01;start>; < rel="http://purl.org/occi/action/start"; < title="Start" < Link: </us-east/webapp/build.pdf>; < rel="related"; < title="Documentation"; < type="application/pdf" < Category: compute; < label="Compute Resource”; < scheme="http://purl.org/occi/kind/" < Server: occi-server/1.0 (linux) OCCI/1.0 < Connection: close < < <?xml version="1.0" encoding="UTF-8"?> < <Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" < xmlns:ovf="http://schemas.dmtf.org/ovf/envelope/1" < xmlns="http://schemas.dmtf.org/ovf/envelope/1" < xml:lang="en-US”< ...
Get the resource,in whatever
format
It’s in OVFformat
You can “start” it
Related “documentation”
It’s a “compute” resource
The OVF payload
Goal of CloudAudit (“A6”)
• Provide a common interface that allows cloud computing providers to automate the audit, assertion, assessment, and assurance (“A6”) of their infrastructure (IaaS), platform (PaaS), and application (SaaS) environments.
• Allow authorized consumers of these services to do the same via an open, extensible, and secure interface and methodology.
Who is CloudAudit
• Over 250 participants across the industry• Cloud operators
• Auditors
• Security professionals
• Developers, Integrators
• Affiliations include
CloudAudit Current Status
• Currently standardizing the data footprint
• Allows consistent automation for provider and consumer
• HTTP chosen as the protocol
• Format-agnostic, human or machine client
• Inspired by OCCI
• First draft expected in 90 days
A Look at CloudAudit Thinking
• http://www.cloudaudit.net/.well-known/cloudaudit/com/rackspace
A Look at CloudAudit Thinking
• http://www.cloudaudit.net/.well-known/cloudaudit/com/rackspace
The OGF Open Cloud Computing Interface and CloudAudit
Shlomo Swidler
@ShlomoSwidler
Copyright Notice
Copyright (C) Open Grid Forum (2009). All Rights Reserved.
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works.
The limited permissions granted above are perpetual and will not be revoked by the OGF or its successors or assignees.