Download presentation
Presentation is loading. Please wait.
Published byLynn Cunningham Modified over 9 years ago
1
StratusLab is co-funded by the European Community’s Seventh Framework Programme (Capacities) Grant Agreement INFSO-RI-261552 StratusLab: Marketplace EGI User Forum (Vilnius, Lithuania) 12 April 2011
2
2 StratusLab Marketplace Machine image creation is a barrier to cloud adoption Creating virtual machine images is time-consuming Ensuring that machines are secure and correct is difficult Sharing existing machines lowers this barrier Marketplace facilitates sharing of images Registry of metadata for machine & disk images Image contents are kept in cloud, grid, or web storage Benefits End-users: browse and use existing images for their analyses Creators: publicize their work and attract larger user base Cloud Admins.: Use metadata to evaluate trustworthiness of images
3
3 Interfaces REST interface Exposes a simple HTTP-based REST interface Easy to program against in all languages Web interface REST interface also allows browsing via a web browser Signed entries can also be uploaded via the browser Endpoints: Standard: http://appliances.stratuslab.eu/marketplace/http://appliances.stratuslab.eu/marketplace/ Tutorial: http://onehost-4.lal.in2p3.fr:8080/http://onehost-4.lal.in2p3.fr:8080/
4
4 Web Portal
5
5 Metadata Entries
6
6 Metadata Image metadata Must conform to a defined schema Uses the RDF-XML format Must be cryptographically signed with a (grid) certificate Must contain image ID and checksums to make connection to image May contain location elements with image content URL(s)
7
7 Workflow Typical Marketplace workflow: Create image from scratch or based on existing image Upload the image to cloud, grid, or web storage area Create the metadata for the image Sign the metadata with your (grid) certificate Upload the signed metadata to the Marketplace
8
8 Creating & Uploading Image Creating an image is a time consuming process… Cheat (!) and just create a file with random contents: This "image" certainly will never run: Also bypass the uploading… Normally, it would be transferred to cloud, grid, or web storage. Images must be accessible via http(s) at the moment. Location URL(s) would usually be part of the metadata. Pretend that we've created and uploaded an image. $ dd of=dummy.img if=/dev/random bs=1024 count=10 10+0 records in 10+0 records out 10240 bytes transferred in 0.001459 secs (7017920 bytes/sec)
9
9 Create Metadata Description Create the metadata description for the image: stratus-build-metadata "ttylinux-9.3-i686-base-1.0.xml" Wait for the unknown state, then kill (remove) the instance: Look at the contents of the file: Identifier is based on SHA-1 checksum and looks like "LJaGVOfKSRZLVmq5RP1ZUAO68bn" Checksums ensure that downloaded images match the metadata Normal file would have location elements; this one does not Empty endorser element and no signature element $ stratus-build-metadata \ --author='Charles Loomis' \ --os=ttylinux \ --os-version=9.3 \ --os-arch=i686 \ --version=1.0 \ dummy.img
10
10 Create Metadata Description Try to validate the unsigned metadata file: There is no signature so the file should not be valid Sign the contents of the file with a grid certificate: ttylinux-9.3-i686-base-1.0.xml ttylinux-9.3-i686-base-1.0.xml.orig ttylinux-9.3-i686-base-1.0.xml contains endorser and signature elements $ stratus-validate-metadata ttylinux-9.3-i686-base-1.0.xml Invalid: ttylinux-9.3-i686-base-1.0.xml no signature $ stratus-sign-metadata \ --p12-cert grid.p12 \ --p12-password xxxxxx \ ttylinux-9.3-i686-base-1.0.xml Manifest file successfully signed: ttylinux-9.3-i686-base-1.0.xml $ stratus-validate-metadata ttylinux-9.3-i686-base-1.0.xml Valid: ttylinux-9.3-i686-base-1.0.xml
11
11 Upload Metadata Description File can be uploaded via the command line: stratus-upload-image NOTE: Email address may be validated before entry is added to database! $ stratus-upload-image \ --marketplace-endpoint=http://localhost:8080/metadata \ --marketplace-only \ ttylinux-9.3-i686-base-1.0.xml ::::::::::::::::::::::::::::::: :: Starting appliance upload :: ::::::::::::::::::::::::::::::: :: Parsing manifest :: Uploading metadata ::::::::::::::::::::::::::::::::::::: :: Appliance uploaded successfully :: :::::::::::::::::::::::::::::::::::::
12
12 Web Upload of Metadata
13
13 Querying Marketplace with SPARQL
14
14 Querying Marketplace with SPARQL PREFIX dcterms: PREFIX slterms: select distinct ?os ?identifier where { ?x dcterms:identifier ?identifier. ?x slterms:os ?os }
15
15 Querying Marketplace with SPARQL PREFIX dcterms: PREFIX slreq: select distinct ?identifier ?email ?created where { ?x dcterms:identifier ?identifier; slreq:endorsement ?endorsement. ?endorsement slreq:endorser ?endorser; dcterms:created ?created. ?endorser slreq:email ?email. FILTER (?email = "me@example.com") }
16
16 Using an Image in the Marketplace Pass the URL for metadata entry when starting instance. stratus-run-instance … http://marketplace/id/email/datehttp://marketplace/id/email/date Use normal machine lifecycle to control machine. StratusLab cloud will validate image before running it: stratus-policy-image: invokes site policy to determine if the referenced image can be used; includes endorser white lists, checksum black lists, etc. stratus-download-image: will download a validated image to be used by a VM instance; uses the location URL(s) in the metadata entry
17
Copyright © 2011, Members of the StratusLab collaboration: Centre National de la Recherche Scientifique, Universidad Complutense de Madrid, Greek Research and Technology Network S.A., SixSq Sàrl, Telefónica Investigación y Desarrollo SA, and The Provost Fellows and Scholars of the College of the Holy and Undivided Trinity of Queen Elizabeth Near Dublin. This work is licensed under the Creative Commons Attribution 3.0 Unported License http://creativecommons.org/licenses/by/3.0/
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.