standardisation in cloud-based infrastructure services provisioning
TRANSCRIPT
Standardisation in Cloud-based
Infrastructure Services Provisioning
Yuri Demchenko
SNE Group, University of Amsterdam
ISOD BoF at TNC2011
16 May 2011, Prague
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 1
Outline
• Background projects
• OGF Infrastructure Services On-Demand Research Group (ISOD-RG) – Including Cloud IaaS scope
• Cloud standardisation initiatives activities and initiatives – OGF – Open Cloud Computing Interface (OCCI)
– OASIS – Identity Management for Cloud
– DMTF – OVF (+ OCCI)
– IEEE - WGs on InterCloud issues and Cloud Profiles • Chaired by David Bernstein
• NIST – Collaboration on Cloud Computing Reference Architecture development – http://collaborate.nist.gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 2
Cloud industry standardisation
• NIST – Collaboration on Cloud Computing Reference Architecture development – http://collaborate.nist.gov/twiki-cloud-computing/bin/view/CloudComputing/WebHome
• OGF – Open Cloud Computing Interface (OCCI)
– http://occi-wg.org/doku.php?id=start
• Storage Networking Industry Association (SNIA)
– Cloud storage - http://www.snia.org/cloud
– SNIA Cloud Data Management Interface (CDMI) v1.0 http://www.snia.org/tech_activities/standards/curr_standards/cdmi/CDMI_SNIA_Architecture_v1.0.pdf
• OASIS – Identity Management for Cloud – http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=id-cloud
• Distributed Management Task Force (DMTF)
– Cloud Management - http://www.dmtf.org/standards/cloud
– DMTF Virtualization Management (VMAN) - http://www.dmtf.org/standards/vman
• IEEE - WGs on InterCloud issues and Cloud Profiles
– IEEE ICWG/2302 WG - Intercloud WG (ICWG) Working Group http://standards.ieee.org/develop/wg/ICWG-2302_WG.html
– CPWG/2301 WG - Cloud Profiles WG (CPWG) Working Group http://standards.ieee.org/develop/wg/CPWG-2301_WG.html
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 3
ISoD BoF, OGF31, 21 March 2011,
Taipei ISOD RG Chapter Discussion Slide_4
OGF ISOD RG - Summary
ISOD-RG Gridforge page
http://forge.gridforum.org/sf/sfmain/do/viewProject/projects.isod-rg
Charter (updated after OGF31) http://www.ogf.org/OGF30/materials/2209/isod-charter-draft-v14-ogf31.pdf
• The On-demand Infrastructure Services Provisioning (ISOD) Research Group (RG) will explore frameworks that support on-demand infrastructure services provisioning, and new emerging business models for infrastructure virtualisation, including Cloud Infrastructure as a Service (IaaS) provisioning model.
• The proposed effort will investigate architecture and components that reflect the requirements and capabilities of both infrastructure and applications providers.
• The recommendations will define a general approach to building dynamically provisioned composable services and corresponding service delivery framework and workflow.
• The ISOD WG will also explore frameworks for providing consistent security services for dynamically provisioned combined network and IT/applications.
ISoD BoF, OGF31, 21 March 2011,
Taipei ISOD RG Chapter Discussion Slide_5
Scope ISOD RG
• The scope of the ISOD RG will includes the following areas
of research
– Infrastructure services definition
– Infrastructure services virtualization issues
– Existing on-demand infrastructure resource provisioning system and
frameworks
– Requirements and recommendations to on-demand infrastructure
resources virtualisation and provisioning systems
– Service delivery frameworks and provisioned services lifecycle
management
– Atomic services required to build an on-demand infrastructure
services framework
– Security issues, e.g. security context and session management,
dynamic security services deployment and operation.
ISoD BoF, OGF31, 21 March 2011,
Taipei ISOD RG Chapter Discussion Slide_6
ISOD RG Purpose
• The main purpose of the ISOD RG is to investigate and understand the
necessary components to build an on-demand infrastructure services
provisioning framework (in particular, generic IaaS Cloud provisioning model) that
can support new emerging business and operational models for virtualised
infrastructure providers. The expected results should create a basis for
developing heterogeneous services inter-operation and creation of the new
interoperable and composable services.
• It is intended that ISOD RG will provide use cases and recommendations for
development of upper layer service frameworks for a number of currently running
related initiatives at OGF, such as NSI WG, NML WG, OCCI WG, CDMI at SNIA,
and will use (or adopt for OGF user community) standardisation work done by
ITU-T and TeleManagement Forum (TMF).
ISoD BoF, OGF31, 21 March 2011,
Taipei ISOD RG Chapter Discussion Slide_7
ISOD RG Deliverables
• Deliverable 1 - BCP/taxonomy in existing and on-demand resources/services provisioning technologies – Including existing Network Resource Provisioning Systems (NRPS) systems and
virtualisation platforms – Including definition of basic terms in infrastructure services
• Deliverable 2 - Usecases for On-demand Infrastructure Services provisioning – This deliverable may be combined with the Requirements deliverable
• Deliverable 3 (2a) - Requirements to On-demand Infrastructure Services provisioning – Delivered in two deliverables as an initial requirements set and updated based on
the feedback from contributing projects and activities
• Expected deliverables (to be reviewed depending on the progress and community interest)
• Deliverable 4 – Generic Infrastructure as a Service (IaaS) provisioning model – This deliverable will include review and analysis of the existing definitions and
frameworks • Deliverable 5 – Services Lifecycle Management to On-demand
Infrastructure Services provisioning (overview existing frameworks and practices) – This deliverable will also describe Security Services Lifecycle Mngnt (SSLM)
model
NIST Activity on Cloud Computing
• NIST – Collaboration on Cloud Computing Reference Architecture development – http://collaborate.nist.gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome
• Draft SP 800-145 The NIST Definition of Cloud Computing (Draft) – http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145_cloud-
definition.pdf
• DRAFT Cloud Computing Synopsis and Recommendations – http://csrc.nist.gov/publications/drafts/800-146/Draft-NIST-SP800-146.pdf
• Draft SP 800-144 Guidelines on Security and Privacy in Public Cloud Computing – http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-
computing.pdf
• DRAFT Cloud Computing Synopsis and Recommendations – http://csrc.nist.gov/publications/drafts/800-146/Draft-NIST-SP800-146.pdf
• SP 800-125 Guide to Security for Full Virtualisation Technologies – http://csrc.nist.gov/publications/nistpubs/800-125/SP800-125-final.pdf
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 8
NIST Cloud definition – Draft SP 800-145 (1)
Draft SP 800-145 The NIST Definition of Cloud Computing (Draft) http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145_cloud-
definition.pdf
• Five Cloud characteristics
– On-demand self-service
– Broad network access
– Resource pooling
– Rapid elasticity
– Measured Service
• 3 service/provisioning models
– Software as a Service (SaaS)
– Platform as a Service (PaaS)
– Infrastructure as a Service (IaaS)
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 9
NIST Cloud definition – Draft SP 800-145 (2)
• NIST Definition of Cloud – missing network provisioning, just “limited control over network”
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access
to a shared pool of configurable computing resources (e.g., networks, servers, storage,
applications, and services) that can be rapidly provisioned and released with minimal
management effort or service provider interaction. This cloud model promotes availability and
is composed of five essential characteristics, three service models, and four deployment
models.
Service/provisioning models: SaaS – PaaS - IaaS
Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to
provision processing, storage, networks, and other fundamental computing resources
where the consumer is able to deploy and run arbitrary software, which can include
operating systems and applications. The consumer does not manage or control the
underlying cloud infrastructure but has control over operating systems, storage,
deployed applications, and possibly limited control of select networking components
(e.g., host firewalls).
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 10
NIST Cloud Computing Reference Architecture
(CCRA) 2.0 - Main Roles (1)
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 11
NIST Cloud Computing Reference Architecture
(CCRA) 2.0 - Provider Functions (2)
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 12
Add:
Service Delivery
(Framework)
• Request&SLA
• Reservation/
Composition
• Deployment
• Operation
• Decommissioning
Provider functions
• Defined ambiguously
• Need clear separation between Delivery
process, Operation and Control&Mngnt
functions
• Service Orchestration is a Control function
NIST Cloud Computing Reference Architecture
(CCRA) 2.0 – Consolidated View (3)
• txt
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 13
Future meetings and conferences
• ISOD-RG next meetings and deliverables focus
– OGF32 Salt Lake City, USA (16-18 July 2011)
– OGF33 Lyon, France (19-23 September 2011)
– Infrastructure services definition
• CloudCom2011 Conference November 29 –December 2,
2011, Athens
– Focus on Cloud Architecture research
• SuperComputing 2011 Conference and exhibition
– UvA and partners will present demo on the dynamically provisioned
Cloud based infrastructure services
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 14
Additional information
• Useful links on Cloud standardisation and practice
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 15
Cloud related links (1)
Additional NIST links
• NIST on Cloud - Standards Acceleration to Jumpstart Adoption of Cloud
Computing (SAJACC)
– http://www.nist.gov/itl/cloud/sajacc.cfm
– http://csrc.nist.gov/groups/SNS/cloud-computing/index.html
• NIST Cloud Computing Collaboration Site
– http://collaborate.nist.gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome
• NIST Cloud Computing Reference Architecture, v1.0
– http://collaborate.nist.gov/twiki-cloud-
computing/bin/view/CloudComputing/ReferenceArchitectureTaxonomy
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 16
Cloud related links (2)
• Federal Cloud Computing Strategy - this quite useful to read http://www.cio.gov/pages.cfm/page/IT-Reform-Series-Federal-Cloud-Computing-Strategy-
Published
– http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf
• IETF internet-draft, “Cloud Reference Framework”
– http://www.ietf.org/id/draft-khasnabish-cloud-reference-framework-00.txt
• OGF OCCI - http://occi-wg.org/
• GSA, “Cloud Computing Initiative Vision and Strategy Document
(DRAFT)”,
– http://info.apps.gov/sites/default/files/Cloud_Computing_Strategy_0.ppt
• Cloud Taxonomy
– http://cloudtaxonomy.opencrowd.com/
• Open Security Architecture (OSA), “Cloud Computing Patterns”
– http://www.opensecurityarchitecture.org/cms/library/patternlandscape/251-
pattern-cloud-computing
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 17
Cloud related links (3)
• ENISA Cloud Computing Risk Assessment (2010)
http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-
risk-assessment
• Collection of cloud identity management usecases by OASIS Identity in
the Cloud TC
– http://wiki.oasis-open.org/id-cloud/MemberSubmissions
• IBM, “Cloud Computing Reference Architecture v2.0”
– http://www.opengroup.org/cloudcomputing/doc.tpl?CALLER=documents.tpl&d
cat=15&gdid=23840
• Good collection of up-to-date links
– http://cloud-standards.org/wiki/index.php?title=Main_Page
• Cloudscape III meeting presentations (may require registration)
– http://www.sienainitiative.eu/Pages/Static.aspx?id_documento=1d585f0b-
2b65-45b7-8f56-a1f1e93dbde9
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 18
Cloud related links (4)
• Cloud reality blogs – http://www.rationalsurvivability.com/blog/?p=1672
– http://www.rationalsurvivability.com/blog/?p=2850
– http://www.rationalsurvivability.com/blog/?p=1717
– However they are mostly discussing what companies do or what they think about minor technical solutions, not approaching the problem from more conceptual view
• Extreme Networks – http://www.extremenetworks.com/solutions/datacenter_openstackcloud.a
spx
– http://www.extremenetworks.com/blog/?p=83
• Juniper Networks, “Cloud-ready Data Center Reference Architecture”, – www.juniper.net/us/en/local/pdf/reference-architectures/8030001-en.pdf
• Cisco and Clouds – http://www.cisco.com/en/US/netsol/ns976/index.html
ISOD BoF @ TNC2011 Cloud IaaS Architetcure Framework 19