Geneva, Switzerland, 14 November 2014 Cloud computing reference architecture Olivier Le Grand, Standardization Senior Manager on Future Networks, Orange (France) Yongshun Cai Research Engineer, China Telecommunications Corporation ITU Workshop on “Cloud Computing Standards – Today and the Future” (Geneva, Switzerland 14 November 2014)
Geneva, Switzerland, 14 November Y Introduction June 2012: Establishment of Collaborative Teams (CT) between ITU-T and ISO/IEC JTC1 to produce common international standards: Vocabulary and Overview (ITU-T Y.3500 | ISO/IEC 17788) Cloud Computing Reference Architecture (ITU-T Y.3502 | ISO/IEC 17789) Leverage the work done in ITU-T SG13 and ISO/IEC JTC1 SC 38 6 Experts meetings: 09/2012, 10/2012, 02/2013, 04/2013, 09/2013, 05/2014 Co-conveners (CT-CCRA): J. Chawki (Orange) and A. Kingstedt (SWE) Co-editors: L. Lindsay (Microsoft) and O. Le Grand (Orange)
Geneva, Switzerland, 14 November Cloud computing systems described using a Viewpoint approach Top down approach Y Architectural views In scope User view Functional view Implementation view Deployment view
Geneva, Switzerland, 14 November From User View to Functional View Cross-cutting aspects: Security, Privacy, Interoperability, Portability, Reversibility, Performance, SLA, Resiliency, Auditability, Governance, … User view Functional view Aspect Role Party Sub-Role Role Activity Functional component Layer Multi-layer functions Functional component Layer Functional component Layer Functional component
Geneva, Switzerland, 14 November User View: Roles and Sub-roles
Geneva, Switzerland, 14 November User View: Customer activities Cloud service customer (CSC) Use cloud service Connect ICT systems to cloud services Perform business administration Select and purchase service Request audit report CSC: cloud service user Monitor service Provide billing and usage reports Handle problem reports Administer tenancies Administer service security CSC: cloud service administrator CSC: cloud service business manager CSC: cloud service integrator Perform service trial
Geneva, Switzerland, 14 November Functional View: Layering and functional components User layer Multi-layer functions Integration Security systems Operational support systems Business support systems Access layer Service layer Resource layer Development support Administrator function Physical resources Business function User function Service orchestration Resource abstraction and control Business capabilities Administration capabilities Service capabilities Access control Connection management Developer environment Build management Test management Security integration Service integration Monitoring integration Peer service integration Authentication and identity management Authorization and security policy management Encryption management Service level management Service automation Service policy management Monitoring and reporting Provisioning Incident and problem management Platform and virtualization management Peer service management Product catalogue Account management Subscription management Accounts Billing Service catalogue
Geneva, Switzerland, 14 November User View and Functional View (1): “Use cloud service” User layer Multi-layer functions Integration Security systems Operational support systems Business support systems Access layer Service layer Resource layer Development support Physical resources User function Resource abstraction and control Service capabilities Service access Service Integration Authentication and identity management Authorization and security policy management CSC:cloud service user Use cloud service
Geneva, Switzerland, 14 November User View and Functional View (2): “Inter-cloud” relationship for “Use cloud service” Primary cloud service providerSecondary cloud service provider User layer Multi-layer functions Integration Access layer Service layer Resource layer User function Service capabilities Service access Peer service integration User layer Access layer Service layer Resource layer Service capabilities Service access
Conclusions and Recommendations A reference architecture to be used : in ITU-T SG13 on topics such as architecture for NaaS, DaaS, Big Data, cloud management in ISO/IEC JTC1: SC 27 on ISO/IEC (security controls) SC 38 on SLA framework Paving the way for possible reference and reuse together with the Cloud Vocabulary in other organizations (e.g. IETF, DTMF, ETSI NFV,…) dealing with Cloud computing and virtualization related aspects Need to communicate and publicize outside ITU-T Geneva, Switzerland, 14 November First ICT Cloud architecture (collaboration between ISO and ITU-T) reusing definitions provided in the Cloud vocabulary Rec. ITU-T Y.3500 | ISO/IEC Published as a Recommendation Y.3502 | International Standard ISO/IEC in Q (freely available) Viewpoint approach methodology: User view (eco-system, roles, sub-roles, activities) Functional view (layering framework and functional components) Generic architecture for the support of major cloud service categories (IaaS, PaaS, SaaS, NaaS,….) in different deployment models such as private, public, hybrid cloud (inter- cloud)
Y.3510 (Y.CCInfra) - Introduction Geneva, Switzerland, 14 November Physical & virtual Resources Resource abstraction and control VN VS VM Software & Platform Assets Virtual Path Virtual Circuit Virtual Path Virtual Circuit Intra Cloud Network Storage Computing Core Transport Network Inter Cloud Network Service layer Access layer User layer Multi-layer functions ① Physical machine ② Virtual machine ③ Software assets ① Storage Interface ② Storage management ③ Storage availability ① Intra-datacenter network ② Inter-datacenter network ③ Access and core transport network ComputeStorageNetwork
Requirements for Compute Resource—Y Virtualization Physical machineVirtual machine Hardware assisted virtualization Horizontal scalability and vertical scalability Energy consumption optimization VM Migration and HA CPU/Mem/IO virtualization Duplication of VM Management automation Software provision Automated provisioning and deployment Unified software license management Geneva, Switzerland, 14 November 2014
Requirements for Storage Resource—Y Storage interface block storage protocol file system protocol database protocol web service interfaces Storage management Client authorization Request dispatching Configuration and provision Monitoring and alerting Replication and archiving Storage availability data backup and recovery Data verification, Data synchronization Data de-duplication Geneva, Switzerland, 14 November 2014
Requirements for Network Resource —Y Intra-DC networkInter-DC network Access and Core transport network Elastic addressing for multi-tenant users Dynamic migration of VMs across DC Virtual network services (e.g., DND, FW, LB, VPN) for multi-tenant users Deal with VM network addresses overlapping Resilient to topology changes Support different logical networks Support delivery of cloud services in terms of performances, scalability and agility Support multiple addressing, such asIPv4 and IPv6 Geneva, Switzerland, 14 November 2014
Conclusions and Recommendations Geneva, Switzerland, 14 November In the first batch of ITU published cloud computing recommendation with the number of Y.3501, Y.3510, Y.3520 Fully covered main categories of cloud infrastructure, consisting of compute resources, storage resources and network resources Covering most types and scenarios of the resources: Compute :physical machine, virtual machine Storage :block storage, object starge, database, xml,.. Network: Intra-datacenter, Inter-datacenter, Access and core transport network From infrastructure and network level, fully support major cloud service categories (IaaS, PaaS, SaaS, NaaS, ….) As a base standard for reference or reuse by other organizations, such as ETSI NFV, MEF, DMTF, CCSA, etc.