synfiniway shaping hpc clouds for industry - fujitsu … · synfiniway . shaping hpc clouds for...
TRANSCRIPT
Copyright 2010 FUJITSU LIMITED
SynfiniWay Shaping HPC clouds for industry
What the Cloud means to Fujitsu
Copyright 2010 FUJITSU LIMITED
What the Cloud means to Fujitsu
Copyright 2010 FUJITSU LIMITED
Enabling HPC clouds with SynfiniWay
Enterprise Extended Enterprise Collaborative Cloud
HPC Cloud Issues – Access and Use
Achieving cost-effective cloud performance
Dynamic, adaptive, transparent scalability
Optimised common data delivery, synchronisation, ultra-fast data transfer
Intuitive use
Automatic service discovery, monitoring and auditing
Persistent and recoverable
Leverage for collaboration
Virtual organisations
Extended enterprise
Copyright 2010 FUJITSU LIMITED
Clouds for Industry – Data concerns
Data security and control at the top of users’ list of cloud issues
Security services rank 5.41 out of 6 in importance from a recent Fujitsu survey
HPC cloud applications generate particular data handling needs
Motion – flow, replication
Transformation – conversion, QoS
Compliance – cleanup, traceability
Copyright 2010 FUJITSU LIMITED
Complexity – HPC Cloud adoption barriers
Copyright 2010 FUJITSU LIMITED
Pro
cess
com
plexi
ty
Organisational complexity
Achieving scalable industrial HPC cloud operations means addressing the complexity caused by two interlinked effects
Complexity – HPC Cloud adoption barriers
Copyright 2010 FUJITSU LIMITED
Pro
cess
com
plexi
ty
Organisational complexity
Process sophisticationData motionMulti-organisation IP
Solution scalabilityData securityService agility
Focus on:1.Process optimisation2.Data handling3.Enhanced security
HPC Cloud – SynfiniWay highlights
Copyright 2010 FUJITSU LIMITED
Enterprise
HPC Cloud – SynfiniWay highlights
Copyright 2010 FUJITSU LIMITED
Extended Enterprise
HPC Cloud – SynfiniWay highlights
Copyright 2010 FUJITSU LIMITED
Collaborative Cloud
HPC Cloud – SynfiniWay highlights
Copyright 2010 FUJITSU LIMITED
Resource abstraction, dynamic discovery with full RBAC security
Business process enabled as a scalable adaptable workflow
Efficient and resilient data motion based on a global process schedule
Coherent and integrated cloud usage model
Workflow automation – HPC Services
Copyright 2010 FUJITSU LIMITED
Encode and automate practically any business process – complex conditionals, iterative
Workflow of sub-flows for re-use of tried and tested best practice templates and IP protection
Scale workflows across any IT infrastructure
Fine-grained control over authorisation based on role
Implicit data transfer management, supporting large files and traceability
Workflow automation – HPC Services
Copyright 2010 FUJITSU LIMITED
Consolidated view of HPC services
Dynamic updateUser-specific case profiles
SynfiniWay service architecture
Copyright 2010 FUJITSU LIMITED
SSO entry point into SynfiniWay
frameworkSame view of resources from any location
Data motion
Copyright 2010 FUJITSU LIMITED
SynfiniWay Service pool SynfiniWay Service pool
Site A
Site BSite C
No staging –
end-to-end transferRemote-remote –
no line of sight needed
Data movement coupled to job workflow
Data motion
Data movement implicitly directed by the job workflow – files, variables
Delivered before task submitted to optimise resource efficiency – no wait
Transformations applied during transfer – compress, integrity check, convert, ...
Data replication to multiple locations
Cleanup after task completed
QoS from retry, resume
Copyright 2010 FUJITSU LIMITED
Securing the cloud with RBAC
RBAC = Role-Based Access Control
With RBAC, security or access control is managed in a way that mimics an organization's structure
Role is a set of one or more permissions (eg: project leader, method editor, analyst, ..etc)
Permission is an action that can be applied to a resource (and SynfiniWay object)
In SynfiniWay roles are applied to identities (cf. users, groups),
An identity can contain other identities – thus groups of groups are supported
SynfiniWay implements a hierarchical form of RBAC
Senior roles acquire permissions of their junior and juniors acquire users of their seniors – role inheritance
Copyright 2010 FUJITSU LIMITED
Securing the cloud with RBAC
Assigning permissions in the RBAC system can be done by different members of a distributed environment
Most RBACs are for single servers – SynfiniWay implements RBAC on a grid of resources
SynfiniWay extends the standard RBAC model by enabling permissions for dynamic objects (such as workflow instances and data transfers)
SynfiniWay implements a resource group which factorizes the way permissions are assigned to a set of resources
Copyright 2010 FUJITSU LIMITED
RBAC advantages
Flexible management – central or distributed
Easier human understanding of the security policy and implementation
Simple to add new resources to a resource group for faster user access – big reduction in management overhead, access control is simpler to understand and manage
© Copyright 2010 FUJITSU SYSTEMS EUROPE
SynfiniWay Service pool SynfiniWay Service pool
Global Global identityidentity
RBAC domain
Project leaderEngineer
Designer
SupplierFlexible authentication (CRAM, LDAP, AD, SiteMinder
…)Coarse and fine-grain authorisation
SynfiniWay Features
Copyright 2010 FUJITSU LIMITED
Abstracting, sharing and optimising a global and dynamic infrastructure within and between organisations and service providers
Creating a user environment for improved work organisation, optimised processes, higher security and increased productivity
Shaping HPC Clouds for Industry
Copyright 2010 FUJITSU LIMITED
SynfiniWay
overcomes complexity barriers with a consistent and secure solution for use and operation at any scale
Pro
cess
com
plexi
ty
Organisational complexity
Workgroup
Enterprise
Global Enterprise
Extended Enterprise
Trusted Cloud
Enables industry to safely and flexibly incorporate cloud within the Applications and Activity of their mainstream business processes
Copyright 2010 FUJITSU LIMITED21