Presentation is loading. Please wait.

Presentation is loading. Please wait.

Moonshot-enabled Federated Access to Cloud Infrastructure Terena Networking Conference, Reykjavik. May 2012 David Orrell, Eduserv.

Published byStella Williams Modified over 8 years ago

Similar presentations

Presentation on theme: "Moonshot-enabled Federated Access to Cloud Infrastructure Terena Networking Conference, Reykjavik. May 2012 David Orrell, Eduserv."— Presentation transcript:

1 Moonshot-enabled Federated Access to Cloud Infrastructure Terena Networking Conference, Reykjavik. May 2012 David Orrell, Eduserv

2 Objectives Enable end-to-end federated access to cloud infrastructure. Ease the management of cloud infrastructure. Path to federated cloud platform services. o Federated access by default.

3 Eduserv Not for profit IT services company o Based in Bath, UK. o 115 staff. o New datacentre. Key business areas o IAM software and services. o Web hosting and development for government. Charitable mission to encourage the effective use of ICT in ‘public good’ organisations.

4 Eduserv cloud platform Infrastructure as a Service (IaaS) for UK Education community o Currently offered as a beta service Infrastructure to support existing products and services

5 Eduserv Education Cloud: Hardware Cisco UCS blade infrastructure o Dual 6-core 3.06GHz processors with 64GB RAM. o Initial deployment will scale to >1,500 cores, 8 TB of RAM. Isilon storage o Clustered NAS solution with near-SAN performance. o Initial deployment will scale to 10 PB usable. Connectivity o 2-tier Cisco switched network (core and distribution). o Fully resilient with no single point of failure (including dual path to JANET PoP). o All ports running at 10 Gbit/s.

6 Eduserv Education Cloud: Software VMWare vCloud Compute o Good fit with vSphere provision. o Provides burst capacity at times of high demand. File/object storage vCloud Director o vCloud REST APIs. Eduserv Cloud Portal o Billing, usage etc.

7 Virtual Organisation vCloud Architecture Virtual Datacentre (vDC) vApp Virtual Datacentre (vDC) vApp Catalog vApp Template ISO media Network Users + groups Public Catalog vApp Template ISO media

8 vApps Package of multiple VMs (as an OVF). How VMs connect to the network(s). Boot sequence. vApp networks o NATed, firewalled. o May be fenced. Network

9 Virtual Organisation vCloud Director Eduserv Education Cloud Web Portal vCloud API Federated SSO via UKAMF … Virtual Organisation 3 rd party applications

10 Moonshot JANET-led project. Federated access to any application. Builds on eduroam technologies o RADIUS for federated authentication. o EAP for mutual authentication. Integrates with standard OS security APIs o GSS-API (RFC 2078 – Other OS). o SASL (RFC 4422 – Windows + Other OS). o SSPI (Windows).

11 11 SSH clientSSH serverRADIUS server (2) SSH negotiation(4) RADIUS (3) Authentication (1) Credentialing (5) Attributes (6) SSH session OpenSSH used as example of application; many others also apply SSH using Moonshot

12 Moonshot on Education Cloud Deploy Moonshot-ready appliances. Linux server as an example o CentOS 6.2. o Moonshot-enabled SSHD.

13 Moonshot on Education Cloud Automatic allocation of ‘local’ Linux users. NSS module o Automatic user/group allocation. PAM module o Auditing. moonbind daemon.

14 vApp VM PAM module NSS module moonbind Education Cloud Portal User/group allocation SSHD RADIUS server RADIUS server SAML user + group(s)

15 Virtual Organisation Education Cloud Portal Guest customisation vApp Instantiation vApp VM Catalog vApp Template ISO media Network configuration Custom script(s) Configure moonbind

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30 Future work Proper authorisation. Integration with vApp OVF descriptor. Integration with file/object storage o Via WebDAV. Windows/Exchange PaaS o Cloud Foundry.

31 www.eduserv.org.uk @eduserv david.orrell@eduserv.org.uk Thanks to… Eduserv colleagues Andy Powell, Richard Annett, Charlie Llewellyn, Tim Lawrence JANET Education Cloud blog + further information http://support.cloud.eduserv.org.uk

Download ppt "Moonshot-enabled Federated Access to Cloud Infrastructure Terena Networking Conference, Reykjavik. May 2012 David Orrell, Eduserv."

Similar presentations

Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.

Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.
Project Moonshot February 2012. Background Project Moonshot 2.

Project Moonshot February Background Project Moonshot 2.
CTS PRIVATE CLOUD Quarterly Customer Meeting October 23, 2013 Kay Metsker.

CTS PRIVATE CLOUD Quarterly Customer Meeting October 23, 2013 Kay Metsker.
System Center 2012 R2 Overview

System Center 2012 R2 Overview
4 TIME IT CAPACITY Actual Load Allocated IT-capacities Too Much Power = Unhappy CFO Not Enough Power = Grumpy Customers & Unhappy CEO Load Forecast.

4 TIME IT CAPACITY Actual Load Allocated IT-capacities Too Much Power = Unhappy CFO Not Enough Power = Grumpy Customers & Unhappy CEO Load Forecast.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
© Janet 2012 Project Moonshot Technology, use cases & pilot 17 January, 2012 Haka conference, Helsinki 1.

© Janet 2012 Project Moonshot Technology, use cases & pilot 17 January, 2012 Haka conference, Helsinki 1.
© 2010 VMware Inc. All rights reserved Cloud Andy Steven: Enterprise Cloud Architect Northern EMEA

© 2010 VMware Inc. All rights reserved Cloud Andy Steven: Enterprise Cloud Architect Northern EMEA
“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.
Session Agenda Introducing the Serverquarium for 2013.

Session Agenda Introducing the Serverquarium for 2013.
UMF Cloud

UMF Cloud
BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.

BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.
FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.

FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.
© 2010 VMware Inc. All rights reserved Confidential VMware Vision Jarod Martin Senior Solutions Engineer.

© 2010 VMware Inc. All rights reserved Confidential VMware Vision Jarod Martin Senior Solutions Engineer.
EUROPEAN UNION Polish Infrastructure for Supporting Computational Science in the European Research Space User Oriented Provisioning of Secure Virtualized.

EUROPEAN UNION Polish Infrastructure for Supporting Computational Science in the European Research Space User Oriented Provisioning of Secure Virtualized.
VMware vCloud Director

VMware vCloud Director
Introduction to DoC Private Cloud

Introduction to DoC Private Cloud
Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.

Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.
M.A.Doman 2011. Model for enabling the delivery of computing as a SERVICE.

M.A.Doman Model for enabling the delivery of computing as a SERVICE.
Accelerate adoption, provide customer insights to engineering, and deliver knowledge to the IT Pro community.

Accelerate adoption, provide customer insights to engineering, and deliver knowledge to the IT Pro community.

Similar presentations

Ads by Google