Introduc>on
Alessandro M. Martellone | IT engineer I am an IT engineer at Create-‐Net[1]. In August 2013 I joined Smart Infrastructures Area where I work on Future Internet infrastructures and cloud plaOorms (I’m an enthusias>c user of OpenStack). Previously, I’ve worked in several ICT companies, dealt of web developing, soVware product design and of cri>cal financial soVware. I’m currently involving on an OpenStack cloud infrastructure to support the European project XIFI [2]. If you want more informa>on about me, you may see my Linkedin profile [3] and my Github page [4].
Useful links: [1] Create-‐Net h]p://www.create-‐net.org/people/amartellone [2] XiFi project: h]ps://fi-‐xifi.eu/home.html [3] Linkedin profile: h]p://www.linkedin.com/in/alessandromartellone [4] Github page: h]ps://github.com/amartellone
Create-‐Net
• CREATE-‐NET is an interna>onal research centre recognized as one of Europe's leading ins>tu>ons in ICT and telecommunica>ons technologies. – 90+ people – 20+ na>onality – 6 interna>onal patent – 32 research projects founded (18 european project) – 3 spin-‐off
• Its mission is: – achieve research excellence in ICT, with focus on telecommunica>ons; – promote technology transfer towards the industry through Engineering of technologies &
solu>ons; – promote Innova>on to improve European high-‐tech compe>>veness; – focus on key applica>on areas and services with impact on quality of life for the global society.
• In April 2014 CREATE-‐NET becomes Miran>s’ training partner • It will soon offer OpenStack training courses and maintain the proven quality and rigor of the Miran>s curriculum.
Smart Instrastructures Area
• The main research topic of Smart Infrastructures applica>on area includes – Highly available and automated cloud environments;
– SoVware-‐defined networks for cloud and data centers;
– Green and Zero CO2 emissions data centers
XIFI project
• What is XIFI? – XIFI (h]ps://fi-‐xifi.eu/) is a project of the European Public-‐Private-‐Partnership on Future Internet (h]p://www.fi-‐ppp.eu/) programme.
– +30 Partners – Sustainable federa>on of FI-‐WARE core plaOorm enabled infrastructures.
A collec>ons of tools that ease the deployment, setup, and opera>on of FI-‐WARE instances. h]p://www.fi-‐ops.org
FI-‐WARE is an innova>ve, open cloud-‐based infrastructure based on OpenStack for cost-‐effec>ve crea>on and delivery of Future Internet applica>ons and services. h]p://www.fi-‐ware.org/
The official instance of FI-‐WARE plaOorm open to use cases projects ( conceptual prototypes) and third party developers. Backed by a Community Cloud of 5 nodes that will become 17. h]ps://account.lab.fi-‐ware.org/home
The ecosystem
XIFI: core concepts
• XIFI as showcase for promo>on of FI-‐PPP technologies for developers.
• XIFI as a community cloud and a federa3on of resources offered to the FI-‐PPP developer community (FI-‐Lab)
• XIFI as a flexible pla8orm: the need to integrate and federate different exis>ng infrastructures
• XIFI as an opportunity for FI infrastructures to a]ract new communi>es of developers through FI-‐PPP services
FI-‐Lab and the cloud community • Availability of 5
nodes (End of March 2014) with 500+ cores, 1TB+ Ram, 100TB+ HD
• Additional 12 nodes (April / September 2014) with 1000+ cores, 2TB+ Ram, 200TB+ HD
• Showcases for developers, infrastructures, smart businesses
What should we federate?
• Network Federa>on – Datacenters – VMs on different environments
• Services Federa>on – Instance VMs, create and manage networks, use image and block storage services on every environment according to user's access control policy.
Internode connec>on
• Connect not only datacenters but dis>nct OpenStack infrastructures (VMs)
• Solu>on: Mul>-‐domain VPN (MD-‐VPN). – Service provided by GÉANT (the GÉANT pan-‐European backbone and the connec>ng NREN -‐ Na>onal Research and Educa>on Network centers )
• L3 or L2 VPNs spanned over several domains only by configuring the edge routers.
• There is transparent traversal of the backbone and other domains.
GÉANT MD-‐VPN
• The MD-‐VPN service is reliant upon MPLS and BGP technology.
• To data packets are assigned labels. Packet-‐forwarding decisions are made on the label, without the need to examine the packet itself.
Use case: FI-‐Lab Cloud
• Two external networks. – Tenant – Federa>on
• Using OS Networking L3 agents is possible to use mul>ple floa>ng IP pools – Added a new bridge to
a physical eth interface.
– Duplicated quantum-‐l3-‐agent
• Private IP, private federa>on IP, public IP(via OpenStack floa>ng IP process)
Use case: FI-‐Lab Cloud
Trento - Italy
Berlin - Germany
Santander - Spain
Cloud Portal
Keystone Proxy
OpenStack services
Cloud Portal
OpenStack services
Keystone Proxy
IDM
Keystone Proxy
OpenStack services
Services catalog
Services catalog
Services catalog
• Cloud portal (an extension of Horizon*): DNS load balancing with geographic algorithm; • Keystone-‐proxy (a Keystone wrapper) replicated on every zone; • currently, we have only an instance of the IDM to cause of user privacy issues.
Users, Organizations, Roles,Regions
* Mul3-‐region, blueprint architecture template, Oauth 2.0
Trento’s datacenter
• Deployment in HA • 3 controller nodes • 5 compute nodes (+1 deployment planned for June/July)
• 1 service node (monitoring) • 1 ITBox node • 4 storage nodes (deployment planned for June/July)
• 160 cores, 320 GB RAM, + 40 VMs
Problem: deploy a distributed infrastructure • The deployment of a large distributed infrastructure is a complex task that requires automa>on to scale.
• Why Fuel? – It supports na>vely OpenStack (required to create a new FI-‐WARE Cloud instance) ;
– The graphical interface is very intui>ve; – It is a mature an stable solu>on; – Open source (Apache License Version 2.0); – Customizable.
• Why ITBox? – In order to joint into federa>on, a node should install addi>onal and customized soVware components.
What is ITBox?
Physical resources
Opera>ng system & Core components
Cloud infrastructure, GEs
APIs, Cloud Portal, user’s extensions
What is ITBox?
• Based on Fuel 3.2.1 (in the next July -‐> Fuel 4.1)
• 4 extra modules integrated (monitoring, compute schedulers, security)
• HA with an even number of controllers (+ Galera Arbitrator)
• Nagios, NodeJs ( > 0.10) • h]ps://github.com/SmartInfrastructures?query=itbox
Meet Us: FI-‐PPP Day Trento
• 80 Millioni di euro per PMI, start-‐up e imprenditori del Web
• Il Tren>no è coinvolto dire]amente in 4 acceleratori: CREATI-‐FI, Fabulous, FINODEX, Fron>erCi>es
• h]p://fi-‐ppp-‐trento.fi-‐infinity.eu
References
• XIFI: h]ps://fi-‐xifi.eu/ • European Public-‐Private-‐Partnership on Future Internet: h]p://www.fi-‐ppp.eu • FI-‐WARE: h]p://www.fi-‐ware.org/ • FI-‐LAB: h]ps://account.lab.fi-‐ware.org/home • FI-‐OPS: h]p://www.fi-‐xifi.eu/fi-‐ops • GÉANT MD-‐VPN: h]p://www.geant.net/Resources/Deliverables/Documents/
D7.1_DS%203%203%201-‐MDVPN-‐service-‐architecture.pdf