1 Open Cloud eXchange (OCX): Bringing Cloud Services to NRENs and UniversitiesDamir Regvart - CARNET Yuri Demchenko - UvA Sonja Filiposka - UKIM Migiel de Vos - SURFnet Kurt Baumann - SWITCH Tasos Karaliotas - GRNET Daniel Arbel - IUCC Tony Breach - NORDUNET Alex Mavrin - Apteriks Taras Matselyukh - Opt-Net BV Eduard Escalona - I2CAT Jeroen van der Ham, Cees de Laat - UvA TERENA Networking Conference May 2014 Dublin Ver. 1.2

2 Agenda GN3+ JRA1: Network Architectures for Horizon 2020General use cases and scenarios for Cloud services delivery to NRENs and universities Cloud and Intercloud Infrastructure and Services Geant Open Cloud eXchange (gOCX) Requirements to OCX OCX design principles and suggestions Geant3plus JRA1 demo University of Amsterdam, Okeanos, CloudSIGMA Additional information

3 JRA1: Network Architectures for Horizon 2020Task 0: Activity Leadership Task 1: Future Network Architectures Task 2: Network Architectures for Cloud Services Task 3: Network Architecture for Aggregating High-Speed Mobile Networking Short talk about Horizont 2020 & importance of network cloud arch.

4 Use Cases for delivering Cloud services to campus based usersScientific application and scientific (Big) data LHC/HEP, genomics, astronomy, climate, video, etc. (+long tail science) Streaming high-speed high volume experimental data to labs in campus location Direct links through campus network Distributed (Big) Scientific Data processing with MPP tools on distributed facilities Data distributed between few locations next to local datacenters CSP and campus L0-L2 (L3) network peering Dark fiber with termination as campus network or as CSP network VoIP – approach with mobile data access Support mobile access network (LTE) and tunnel access to campus network

5 Resource/ Service ProviderGeneral use case for infrastructure provisioning: Workflow => Logical (Cloud) Infrastructure Input Data Instrum. Data Data Filtering Special Proc 1 Storage Data Proc 2 Data Archive Visual Present Enterprise/Scientific workflow Visuali- sation User Group A Campus A CE Group B Campus B CN Cloud IaaS Provider Cloud PaaS Provider Resource/ Service Provider VR1 VR3 VR5 VR4 VR2 VR6 VR7 Enterprise/Project based Intercloud Infrastructure Cloud 1 IaaS Cloud 2 PaaS General look at the „cloud”, cloud service providers Enterprise/Scientific workflow Is mapped to heterogeneous cloud infrastructure containing IaaS, PaaS components

6 Resource/ Service ProviderMulti/inter- cloud infrastructure provisioning: => ICADI and gOCX functions Input Data Instrum. Data Data Filtering Special Proc 1 Storage Data Proc 2 Data Archive Visual Present Enterprise/Scientific workflow Visuali- sation User Group A Campus A CE Group B Campus B CN Cloud IaaS Provider Cloud PaaS Provider Resource/ Service Provider VR1 VR3 VR5 VR4 VR2 VR6 VR7 Enterprise/Project based Intercloud Infrastructure Cloud 1 IaaS Cloud 2 PaaS Open Cloud eXchange (OCX) interconnects CSP and Customer (campus) infrastructures OCX assumes collocation or collapsed backbone for connecting all OCX members OCX as a part of GÉANT infrastructure OCX at NREN OCX is a needed bridge between user and CSP…

7 gOCX Definition and Operational PrinciplesDirect service/inter-member peering Re-use and leverage Internet eXchange Point (any-to-any connection, free) Physical Point of Presence (PoP) for providers and customers Scalability for growing number of members Controlled network parameters (QoS) L0-L2 network interconnection facility Associated service should allow topology information exchange between providers and customers in a secure and consistent way No third party (intermediary/broker) services Transparency for cloud based services No involvement into peering or mutual business relations Trusted Third Party (TTP) To support dynamic service agreements and/or federation establishment Trusted Introducer for dynamic trust establishment

8 OCX Topological model and ConnectivityOCX L0-L2/L3 topology Any-to-any Distributed or collapsed backbone Hierarchical Topology information exchange L0-L2 (+ L3?) between members SDN control over OCX switching QoS parameters Bandwidth Speed, latency Jitter, impairment OCX Nodes: Providers and customers OCX OCX Facilities OCX OCX backbone links/connectivity (Lo-L2) CloudCom2013 Open Cloud eXchange (OCX)

9 OCX Trusted Third Party servicesTTP goals and services Enable dynamic federations establishing Trusted Certificates and CA’s Repository Similar to TACAR (TERENA Academic CA Repository) Trusted Introducer Service Trusted Introduction Protocol Service Registry and Discovery Intercloud policy clearinghouse Repository of CSP policies Common policy template SLA repository and clearinghouse OCX TTP Pre-established trust relation with OCX as TTP Trust relations established as a part of dynamic federation between OCX members CloudCom2013 Open Cloud eXchange (OCX)

10 OCX location options: GN3, NREN (+University?)CSP GÉANT NREN University L0 L1 DFlow IP/L3 L2 OCX VR3 VR5 VR4 VR6 VR7 Visuali- sation User CE CloudCom2013 Open Cloud eXchange (OCX)

11 OCX Hierarchical Topology ModelCSP L0 L1 DFlow IP/L3 L2 OCX VR3 VR5 VR4 VR6 VR7 Visuali- sation User CE GÉANT NREN University CloudCom2013 Open Cloud eXchange (OCX)

12 gOCX Development – Next StepsDesign and implementation Started November 2013 Followed by implementation March – May 2014 SDN based control and management over OCX Update based on the public draft discussion Whitepaper GN3plus-JRA1-task2 (published) Security, topology, protocols, use cases Planned demos TNC2014, Dublin (May 2014) SC2014, USA (November 2014) Standardization contribution – OGF, IETF, ITU-T, IEEE, NIST IEEE Intercloud Testbed Initiative as a dissemination and validation channel The OCX is current entering the stage of the network interconnection design. As a conceptually new component of the inter-cloud infrastructure, the OCX will require definition of new service, control and management interfaces that should integrated with the current cloud management services. This opens a possibility to use the basic SDN (Software Defined Network) design principles the data plane can be optimized for applying forwarding rules efficiently at any layer (L0-L2) while the SDN controller will implement features such as routing, data filtering, policy enforcement, TTP services, etc. CloudCom2013 Open Cloud eXchange (OCX)

13 gOCX Demo @TNC2014 Demo Scenario: HD video editing and streamingThe University of Amsterdam (UvA) has some 4K movies that need efficient transcoding. Using their local OCX (NetherLight) the UvA can easily get access to necessary compute resources at different Cloud Service Providers via high performance dedicated network links. In the demo we use Okeanos (connected via GRNET OCX) and Cloud Sigma (connected via SWITCH OCX). The UvA created scheduling software that is able to spawn virtual machines at Okeanos or Cloud Sigma. The machines are spawned inside the L2-domain of the UvA, which gives the UvA full control.

14 gOCX Demo @TNC2014 Demo presentation(s): CloudCom2013GÉANT booth, Wenesday 13:00 – 14:00 TNC poster area CloudCom2013 Open Cloud eXchange (OCX)

15 Thank you Any questions?Demo presentation(s): GÉANT booth, Wednesday 13:00 – 14:00 TNC poster area

16 Example: General SURFnet Lightpath interconnectionUniversities GeenQloud: cloud services OneXS: unified services of fixed and mobile telephony CloudCom2013 Open Cloud eXchange (OCX)