Moonshot-enabled Federated Access to Cloud Infrastructure Terena Networking Conference, Reykjavik. May 2012 David Orrell, Eduserv.

Slides:

Advertisements

Similar presentations

Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.

Advertisements

Project Moonshot February Background Project Moonshot 2.

CTS PRIVATE CLOUD Quarterly Customer Meeting October 23, 2013 Kay Metsker.

System Center 2012 R2 Overview

4 TIME IT CAPACITY Actual Load Allocated IT-capacities Too Much Power = Unhappy CFO Not Enough Power = Grumpy Customers & Unhappy CEO Load Forecast.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

© Janet 2012 Project Moonshot Technology, use cases & pilot 17 January, 2012 Haka conference, Helsinki 1.

© 2010 VMware Inc. All rights reserved Cloud Andy Steven: Enterprise Cloud Architect Northern EMEA

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

Session Agenda Introducing the Serverquarium for 2013.

BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.

FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.

© 2010 VMware Inc. All rights reserved Confidential VMware Vision Jarod Martin Senior Solutions Engineer.

EUROPEAN UNION Polish Infrastructure for Supporting Computational Science in the European Research Space User Oriented Provisioning of Secure Virtualized.

VMware vCloud Director

Introduction to DoC Private Cloud

Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.

M.A.Doman Model for enabling the delivery of computing as a SERVICE.

Accelerate adoption, provide customer insights to engineering, and deliver knowledge to the IT Pro community.

VMware vCenter Server Module 4.

Project Moonshot TF-MNM. Use cases Project Moonshot 2.

1 Virtualization Services. 2 Cloud Hosting –Shared Virtual Servers –Dedicated Servers Managed Server Options Multiple Access Methods –EarthLink Business.

SUNY IT Master's Project Using Open Source Virtualization Technology In Computer Education By: Ronny L. Bull Advised By: Geethapriya Thamilarasu, Ph.D.

VMware vSphere 4 Introduction. Agenda VMware vSphere Virtualization Technology vMotion Storage vMotion Snapshot High Availability DRS Resource Pools Monitoring.

Data Center Network Redesign using SDN

© 2009 VMware Inc. All rights reserved VMworld Update Ian Moore - Country Manager Ireland ie.linkedin.com/in/iantmooreiantmoore.

© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.

Extreme Networks Confidential and Proprietary. © 2010 Extreme Networks Inc. All rights reserved.

Software to Data model Lenos Vacanas, Stelios Sotiriadis, Euripides Petrakis Technical University of Crete (TUC), Greece Workshop.

Windows Azure Virtual Machines Speaker Title Organization.

Planning and Designing Server Virtualisation.

M.A.Doman Short video intro Model for enabling the delivery of computing as a SERVICE.

Niagara Framework in the Clouds Scott Boehm. … what the heck does that mean??

JASMIN and CEMS: The Need for Secure Data Access in a Virtual Environment Cloud Workshop 23 July 2013 Philip Kershaw Centre for Environmental Data Archival.

Stu Fox Datacom Systems Ltd. ON-PREMISES SERVICE PROVIDERMICROSOFT CONSISTENT PLATFORM Modern platform for the world’s apps 1.

Introduction Moonshot workshop

Looking Ahead: A New PSU Research Cloud Architecture Chuck Gilbert - Systems Architect and Systems Team Lead Research CI Coordinating Committee Meeting.

Virtualisation & Cloud Computing at RAL Ian Collier- RAL Tier 1 HEPiX Prague 25 April 2012.

ON-PREMISES SERVICE PROVIDERMICROSOFT CONSISTENT PLATFORM Modern platform for the world’s apps 1.

Visual Studio Windows Azure Portal Rest APIs / PS Cmdlets US-North Central Region FC TOR PDU Servers TOR PDU Servers TOR PDU Servers TOR PDU.

Windows Azure Virtual Machines Anton Boyko. A Continuous Offering From Private to Public Cloud.

Windows Azure for scalable compute and storage SQL Azure for relational storage for the cloud AppFabric infrastructure to connect the cloud.

Zvezdan Pavković. Storage Non-Persistent Storage Persistent Storage Easily add additional storage. Networking Internal and Input Endpoints configured.

20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.

Nagender Vedula & Bradley Bartz ON-PREMISES SERVICE PROVIDERMICROSOFT CONSISTENT PLATFORM Modern platform for the world’s apps 1.

3 TIME IT CAPACITY Actual Load Allocated IT-capacities Too Much Power Not Enough Power Load Forecast.

Enabling the Cloud OS Today  New high-density Web Sites with elastic cloud scaling and complete dev-ops experiences  New rich IaaS experience for self-service.

IETF 78 Maastricht 27 July 2010 Josh Howlett, JANET(UK)

ALL INFORMATION PRESENTED AS WELL AS ALL SESSIONS ARE MICROSOFT CONFIDENTIAL AND UNDER YOUR NON-DISCLOSURE AGREEMENT (NDA) AND\OR TECHNOLOGY PREVIEW.

Lattelecom | Cloud Pakalpojums. 2 | Lattelecom Cloud Platform: Competitive Advantages 3 Hardware infrastructure User Control Panel Customer self-service.

KAASHIV INFOTECH – A SOFTWARE CUM RESEARCH COMPANY IN ELECTRONICS, ELECTRICAL, CIVIL AND MECHANICAL AREAS

© 2014 kCura. All rights reserved. vCloud Hybrid Services VMUG

FlexPod Converged Solution. FlexPod is… A prevalidated flexible, unified platform featuring: Cisco Unified Computing System™ Programmable infrastructure.

Non Web-based Identity Federations - Moonshot Daniel Kouril, Michal Prochazka, Marcel Poul ISGC 2015.

Federated Access to Storage EGI CF 2012 Luke Howard, Daniel Kouril, Michal Prochazka.

Unit 3 Virtualization.

StratusLab Final Periodic Review

StratusLab Final Periodic Review

Chapter 21: Cloud Computing and Related Security Issues

Chapter 22: Cloud Computing Technology and Security

20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.

Cloud computing mechanisms

Cloud Computing: Concepts

UCP v2 Software Infrastructure

Basics of Cloud Computing

PerformanceBridge Application Suite and Practice 2.0 IT Specifications

06 | SQL Server and the Cloud

Presentation transcript:

Moonshot-enabled Federated Access to Cloud Infrastructure Terena Networking Conference, Reykjavik. May 2012 David Orrell, Eduserv

Objectives Enable end-to-end federated access to cloud infrastructure. Ease the management of cloud infrastructure. Path to federated cloud platform services. o Federated access by default.

Eduserv Not for profit IT services company o Based in Bath, UK. o 115 staff. o New datacentre. Key business areas o IAM software and services. o Web hosting and development for government. Charitable mission to encourage the effective use of ICT in ‘public good’ organisations.

Eduserv cloud platform Infrastructure as a Service (IaaS) for UK Education community o Currently offered as a beta service Infrastructure to support existing products and services

Eduserv Education Cloud: Hardware Cisco UCS blade infrastructure o Dual 6-core 3.06GHz processors with 64GB RAM. o Initial deployment will scale to >1,500 cores, 8 TB of RAM. Isilon storage o Clustered NAS solution with near-SAN performance. o Initial deployment will scale to 10 PB usable. Connectivity o 2-tier Cisco switched network (core and distribution). o Fully resilient with no single point of failure (including dual path to JANET PoP). o All ports running at 10 Gbit/s.

Eduserv Education Cloud: Software VMWare vCloud Compute o Good fit with vSphere provision. o Provides burst capacity at times of high demand. File/object storage vCloud Director o vCloud REST APIs. Eduserv Cloud Portal o Billing, usage etc.

Virtual Organisation vCloud Architecture Virtual Datacentre (vDC) vApp Virtual Datacentre (vDC) vApp Catalog vApp Template ISO media Network Users + groups Public Catalog vApp Template ISO media

vApps Package of multiple VMs (as an OVF). How VMs connect to the network(s). Boot sequence. vApp networks o NATed, firewalled. o May be fenced. Network

Virtual Organisation vCloud Director Eduserv Education Cloud Web Portal vCloud API Federated SSO via UKAMF … Virtual Organisation 3 rd party applications

Moonshot JANET-led project. Federated access to any application. Builds on eduroam technologies o RADIUS for federated authentication. o EAP for mutual authentication. Integrates with standard OS security APIs o GSS-API (RFC 2078 – Other OS). o SASL (RFC 4422 – Windows + Other OS). o SSPI (Windows).

11 SSH clientSSH serverRADIUS server (2) SSH negotiation(4) RADIUS (3) Authentication (1) Credentialing (5) Attributes (6) SSH session OpenSSH used as example of application; many others also apply SSH using Moonshot

Moonshot on Education Cloud Deploy Moonshot-ready appliances. Linux server as an example o CentOS 6.2. o Moonshot-enabled SSHD.

Moonshot on Education Cloud Automatic allocation of ‘local’ Linux users. NSS module o Automatic user/group allocation. PAM module o Auditing. moonbind daemon.

vApp VM PAM module NSS module moonbind Education Cloud Portal User/group allocation SSHD RADIUS server RADIUS server SAML user + group(s)

Virtual Organisation Education Cloud Portal Guest customisation vApp Instantiation vApp VM Catalog vApp Template ISO media Network configuration Custom script(s) Configure moonbind

Future work Proper authorisation. Integration with vApp OVF descriptor. Integration with file/object storage o Via WebDAV. Windows/Exchange PaaS o Cloud Foundry.

Thanks to… Eduserv colleagues Andy Powell, Richard Annett, Charlie Llewellyn, Tim Lawrence JANET Education Cloud blog + further information