perfsonar wg 2006 spring member meeting n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
perfSONAR WG 2006 Spring Member Meeting PowerPoint Presentation
Download Presentation
perfSONAR WG 2006 Spring Member Meeting

Loading in 2 Seconds...

play fullscreen
1 / 28

perfSONAR WG 2006 Spring Member Meeting - PowerPoint PPT Presentation


  • 148 Views
  • Uploaded on

perfSONAR WG 2006 Spring Member Meeting. Jeff W. Boote 24 April 2006. Agenda. Introduction Agenda bashing perfSONAR overview/status perfSONAR multi-LS solution (Jason Z.) perfSONAR AuthN/Z plans Open Discussion. perfSONAR: Overview. Joint effort of ESnet, G É ANT2 JRA1 and Internet2

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'perfSONAR WG 2006 Spring Member Meeting' - hestia


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
perfsonar wg 2006 spring member meeting

perfSONAR WG2006 Spring Member Meeting

Jeff W. Boote

24 April 2006

agenda
Agenda
  • Introduction
  • Agenda bashing
  • perfSONAR overview/status
  • perfSONAR multi-LS solution (Jason Z.)
  • perfSONAR AuthN/Z plans
  • Open Discussion
perfsonar overview
perfSONAR: Overview
  • Joint effort of ESnet, GÉANT2 JRA1 and Internet2
  • Webservices network performance framework
    • Network measurement tools
    • Network measurement archives
    • Distributed scheduling/authorization
    • Multi-domain policy
perfsonar credits
perfSONAR is a joint effort

Participants: ESnet, GEANT2 JRA1, Internet2, RNP, Fermilab

Internet2 includes:

University of Delaware

Georgia Tech

Internet2 staff

My apologies if I have overlooked someone (still working on the credits process)

GEANT2 JRA1 includes:

Arnes

Belnet

Carnet

Cesnet

DANTE

DFN

FCCN

GRNet

ISTF

PSNC

Nordunet (Uninett)

Renater

RedIRIS

Surfnet

SWITCH

perfSONAR: Credits
perfsonar project activity meter
perfSONAR: Project Activity Meter
  • 1-2 conf calls/week
  • 1 new service/month (accelerating)
  • 3-4 development workshops/year
  • 3-4 paper submissions/year
perfsonar system description
perfSONAR: System Description
  • Domains represented by a set of services
  • Each domain can deploy services important to the domain
  • Analysis clients interact with service across multiple domains
perfsonar services 1
perfSONAR: Services (1)
  • Lookup Service
    • Allows the client to discover the existing services and other LS services.
    • Dynamic: services registration themselves to the LS and mention their capabilities, they can also leave or be removed if a service gets down.
  • AuthN/Z Service
    • Internet2 MAT, GN2-JRA5 (eduGAIN)
    • Authorization functionality for the framework
    • Users can have several roles, the authorisation is done based on the user role.
    • Trust relationships defined between users affiliated with different administrative domains.
perfsonar services 2
perfSONAR Services (2)
  • Transformation Service
    • Transform the data (aggregation, concatenation, correlation, translation, etc).
  • Topology Service
    • Make the network topology information available to the framework.
    • Find the closest MP, provide topology information for visualisation tools
  • Resource protector
    • Arbitrate the consumption of limited resources between multiple services.
inter domain perfsonar example interaction
Inter-domain perfSonar example interaction

Useful graph

Client

Token MA

Here is who I am, I’d like to access MA B

Here is who I am, I’d like to access MA A

Token MB

a,b,c : Network A, MA A, AA A

Where Link utilisation along - Path a,b,c?

AA A

Here you go

Get Link utilisation a,b,c

Get link utilisation c,d,e,f

AA B

Here you go

a,b,c: Network A – LS A,

c,d,e,f : Network B, MA B, AA B

Where Link utilisation along - Path a,b,c,d,e,f?

LS A

LS B

MA B

MA A

a

b

f

e

c

d

Network A

Network B

perfsonar status update
perfSONAR: Status Update
  • Production release of base package expected by June (code freeze next week)
  • Will include:
    • Single domain LS solution
    • RRD MA
    • (no AS)
  • Additional services and client applications supporting this version will soon follow:
    • BWCTL MP
    • perfSONAR UI
perfsonar hot topics
perfSONAR: Hot Topics
  • Multi-domain hierarchical LS
  • AuthN/Z development plan with JRA-5 (eduGAIN)
  • SSH MP (LookingGlass) service
  • Topology Services
  • L2 specific MA service
perfsonar current developments
MPs

SSH/Telnet (Looking Glass)

ABW (bandwidth packet capture cards)

BWCTL

NMS (SDH status)

SNMP

Command line (OWAMP, Ping, Traceroute)

MAs

RRD

SQL

TopS

BWCTL

Hades (owd, jitter, owpl)

Flow replicator

Visualization Clients

CNM

perfSONAR UI

Visual perfsonar

Looking glass

perfSONAR: Current Developments
agenda1
Agenda
  • Introduction
  • Agenda bashing
  • perfSONAR overview/status
  • perfSONAR multi-LS solution (Jason Z.)
  • perfSONAR AuthN/Z plans
  • Open Discussion
agenda2
Agenda
  • Introduction
  • Agenda bashing
  • perfSONAR overview/status
  • perfSONAR multi-LS solution (Jason Z.)
  • perfSONAR AuthN/Z plans
  • Open Discussion
perfsonar authn z plans
perfSONAR: authN/Z plans
  • perfSONAR(JRA-1)/JRA-5 sub-group
  • Group tasked with determining how to leverage JRA-5 authentication system (eduGAIN) in perfSONAR infrastructure
    • Jeff Boote (Internet2)
    • Diego Lopez (RedIRIS)
    • Maurizio Molina (Dante)
    • Andreas Solberg (Uninett)
perfsonar background
perfSONAR: Background
  • Designed with Federated authentication in mind
  • AS becomes a ‘proxy’ for Authorization requests
edugain background
eduGAIN: Background
  • JRA-5 provided authentication “interface”
  • Provides “bridging” to other authentication systems
    • Shibboleth
    • PAPI
    • Others…
  • Designed mostly with web-browser interaction in mind
current status
Current Status
  • Group has come to general consensus on how this should work
  • Paper is currently underway describing interaction of perfSONAR with eduGAIN API
perfsonar trust relationship entities
perfSONAR: Trust relationship entities
  • Client
  • idP (identity provider)
  • pSR (perfSONAR resource “service”)
  • AS (perfSONAR AS service)
  • HLS (Home Location Service)
implications for jra 5
Implications for JRA-5
  • Future extensibility for multiple X.509 root CA certificates
  • Non-web profile for authN attribute request
  • Current identity provider servers (attribute stores) may need to hold attributes for non-human clients
  • Others???
implications for jra 1
Implications for JRA-1
  • AS has slightly different role
    • Clients never directly interact with AS
    • AS is effectively a ‘proxy’ between services and the eduGAIN ‘bridging elements’
  • Attribute requests from services to RP’s and from RP’s to AS need to be made in a ‘boolean’ fashion to protect the privacy of clients
  • Automated clients MUST have X.509 client certificates
questions concerns
Questions/Concerns
  • Let me know if you would like a copy of the ‘document’ when it is complete
  • Please feel free to send further questions/comments to Maurizio and Jeff

boote@internet2.edu

maurizio.molina@dante.org.uk

agenda3
Agenda
  • Introduction
  • Agenda bashing
  • perfSONAR overview/status
  • perfSONAR multi-LS solution (Jason Z.)
  • perfSONAR AuthN/Z plans
  • Open Discussion