1 / 17

Openlab major review Marek Denis Openlab research fellow

Openlab major review Marek Denis Openlab research fellow. CERN & Rackspace collaboration. Collaboration project Started 1st October 2013 Full time research fellow (Marek Denis) working together with the OpenStack community. Joint research and work on the Cloud Federation

zagiri
Download Presentation

Openlab major review Marek Denis Openlab research fellow

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Openlab major review Marek Denis Openlab research fellow

  2. CERN & Rackspace collaboration • Collaboration project • Started 1st October 2013 • Full time research fellow (Marek Denis) working together with the OpenStack community. • Joint research and work on the Cloud Federation • Referential architecture for building cloud federations • Blueprints, code contributions, code reviews, active participation in design and implementation process • Whitepapers and presentations to allow others to build on our findings Marek Denis- CERN openlab

  3. Rackspace • OpenStack founder (together with NASA) • More than 5000 rackers • Over 205,000 customers • 98,000+ SERVERS • 26 000 VMs • 70PB storage • 120+ countries • 9 global data centres • Chicago, Washington, Dallas, London, Hong Kong, Sydney .... Marek Denis- CERN openlab

  4. The Rackspace Vision „To be recognised as one of the world’s greatest service companies.” Marek Denis - CERN openlab

  5. Meet our team... Tim Bell Lee Kimber Toby Owen Senior Product Technologist Rackspace Lives in Cambridge, UK lee.kimber@rackspace.co.uk Head of Infrastructure Services, CERN Lives in Geneva, Switzerland tim.bell@cern.ch Head of Technical Strategy Rackspace Lives in London, UK toby.owen@rackspace.com Joe Savak Product Manager for Identity Rackspace Lives in Austin, TX joe.savak@rackspace.com Marek Denis - CERN openlab

  6. ...and the rest of the communityinvolved in federation work • Dolph Matthews (Rackspace) – Keystone PTL • Steve Martinelli (IBM) • Adam Young (RedHat) • David Chadwick(University of Kent) • Kristy Siu (University of Kent) • .....and many more! Marek Denis - CERN openlab

  7. How do we work on the OpenStack? • OpenStack is Open Source – everybody can contribute • Very powerful community • Rackspace, IBM, RedHat, AT&T, Cisco, HP, Intel, Ubuntu... • (full list: http://www.openstack.org/foundation/companies/) Marek Denis - CERN openlab

  8. How do we work on the OpenStack? • Blueprints • Proposals for new features, high level designs • Summits (every 6 months) • Choose blueprints for the next release • We can work in one room, with a real whiteboard • Design phase (markdowns, IRC discussions, mailing list threads, design sessions, hackathons) • Implementation/code reviews • Code merge • Bugfixing Marek Denis - CERN openlab

  9. How do we work on the OpenStack? Marek Denis - CERN openlab

  10. Cloud Federation – the basics Cloud resources are isolated IN2P3 Lyon Brookhaven National Labs NecTAR Australia Many Others on Their Way Public Cloud such as Rackspace CERN Private Cloud Marek Denis - CERN openlab

  11. Cloud Federation – Single Sign On • As a user I want to use my single set of existing credentials to access services across multiple clouds. Marek Denis - CERN openlab

  12. Cloud Federation – technical details • Use existing protocol – SAML2 • Use established software for handling communication between federated peers (at the OpenStack side) • We are building mechanisms that map SAML assertion parameters into local users/groups/roles Marek Denis - CERN openlab

  13. Our aim for the Icehouse release (Spring 2014) • Implement all parts required to handle federated authn/authz in the Keystone • Identity Providers and Protocols CRUD operations (already merged) • Mapping rules CRUD operations (already merged) • Rules mapping algorithm (work in progress) • Consuming SAML assertions (work in progress) • Token generation after the local groups are returned (work in progress) Marek Denis - CERN openlab

  14. Next steps • Extend basic federation use-case so clients can experience a real cloud of clouds • Work on image cloud federation (project glance) • Prepare a working federated cloud infrastructure Marek Denis - CERN openlab

  15. Cloud federation – image sharing Cloud A Image1 Image2 Cloud B Image3 Image4 Cloud C Image 5 VM1(Image5) VM2(Image1) VM3(Image3) Marek Denis - CERN openlab

  16. Questions Q & A Marek Denis - CERN openlab

  17. If you are interested... • SAML2 specification • http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf • Shibboleth • http://shibboleth.net/ • Extenal Identity Providers blueprint • https://blueprints.launchpad.net/keystone/+spec/identity-providers • Identity Providers and Mapping rules CRUD specification • https://review.openstack.org/#/c/59848/ First Name and Family Name - CERN openlab

More Related