geneva, switzerland, 14 november 2014 cloud computing reference architecture olivier le grand,...
TRANSCRIPT
Geneva, Switzerland, 14 November 2014
Cloud computing reference architecture
Olivier Le Grand,Standardization Senior Manager on Future Networks,
Orange (France) [email protected]
Yongshun CaiResearch Engineer,
China Telecommunications [email protected]
ITU Workshop on “Cloud Computing Standards – Today and the Future”
(Geneva, Switzerland 14 November 2014)
Geneva, Switzerland, 14 November 2014 2
Y.3502 - Introduction
June 2012: Establishment of Collaborative Teams (CT) between ITU-T and ISO/IEC JTC1 to produce common international standards:
Vocabulary and Overview (ITU-T Y.3500 | ISO/IEC 17788)Cloud Computing Reference Architecture (ITU-T Y.3502 | ISO/IEC 17789)
Leverage the work done in ITU-T SG13 and ISO/IEC JTC1 SC 386 Experts meetings: 09/2012, 10/2012, 02/2013, 04/2013, 09/2013, 05/2014
Co-conveners (CT-CCRA): J. Chawki (Orange) and A. Kingstedt (SWE)Co-editors: L. Lindsay (Microsoft) and O. Le Grand (Orange)
Geneva, Switzerland, 14 November 2014 3
Cloud computing systems described using a Viewpoint approach
Top down approach
Y.3502 - Architectural views
In scope
User view
Functional view
Implementation view
Deployment view
Geneva, Switzerland, 14 November 2014 4
From User View to Functional ViewCross-cutting aspects: Security, Privacy, Interoperability, Portability, Reversibility, Performance, SLA, Resiliency, Auditability, Governance, …
User view Functional view
Aspect
Role
Party
Sub-Role Sub-Role
Role
Activity
Activity
ActivityActivity
Functional component
Layer Multi-layer functions
Functional component
Layer
Functional component
Layer
Functional component
Geneva, Switzerland, 14 November 2014 6
User View: Customer activitiesCloud service customer (CSC)
Use cloud serviceConnect ICT systems
to cloud servicesPerform business
administration
Select and purchaseservice
Requestaudit report
CSC: cloud service
user
Monitor service
Provide billing and usage reports
Handle problemreports
Administer tenancies
Administer service security
CSC: cloud service administrator
CSC: cloud service
business manager
CSC: cloud service
integratorPerform
service trial
Geneva, Switzerland, 14 November 2014 7
Functional View: Layering and functional components
User layer Multi-layer functions
Integration Security systems
Operationalsupportsystems
Businesssupportsystems
Access layer
Service layer
Resource layer
Developmentsupport
Administrator function
Physical resources
Business function
User function
Service orchestration
Resource abstractionand control
Business capabilities
Administration capabilities
Service capabilities
Access control Connection management
Developer environment
Buildmanagement
Test management
Securityintegration
Service integration
Monitoringintegration
Peer serviceintegration
Authenticationand identity
management
Authorization and
security policymanagement
Encryptionmanagement
Service levelmanagement
Serviceautomation
Service policymanagement
Monitoring and reporting
Provisioning
Incident andproblem
management
Platform andvirtualizationmanagement
Peer servicemanagement
Productcatalogue
Accountmanagement
Subscriptionmanagement
Accounts
Billing
Servicecatalogue
Geneva, Switzerland, 14 November 2014 8
User View and Functional View (1): “Use cloud service”
User layer Multi-layer functions
Integration Security systems
Operationalsupportsystems
Businesssupportsystems
Access layer
Service layer
Resource layer
Developmentsupport
Physical resources
User function
Resource abstractionand control
Servicecapabilities
Serviceaccess
Service Integration
Authenticationand identity
management
Authorization and
security policymanagement
CSC:cloud service user
Use cloud service
Geneva, Switzerland, 14 November 2014 9
User View and Functional View (2): “Inter-cloud” relationship for “Use cloud service”
Primary cloud service provider Secondary cloud service provider
User layer Multi-layer functionsIntegration
Access layer
Service layer
Resource layer
User function
Servicecapabilities
Serviceaccess
Peer serviceintegration
User layer
Access layer
Service layer
Resource layer
Servicecapabilities
Serviceaccess
Conclusions and Recommendations
A reference architecture to be used :in ITU-T SG13 on topics such as architecture for NaaS, DaaS, Big Data, cloud managementin ISO/IEC JTC1:
SC 27 on ISO/IEC 27017 (security controls) SC 38 on SLA framework
Paving the way for possible reference and reuse together with the Cloud Vocabulary in other organizations (e.g. IETF, DTMF, ETSI NFV,…) dealing with Cloud computing and virtualization related aspects
Need to communicate and publicize outside ITU-T
Geneva, Switzerland, 14 November 2014 10
First ICT Cloud architecture (collaboration between ISO and ITU-T) reusing definitions provided in the Cloud vocabulary Rec. ITU-T Y.3500 | ISO/IEC 17888
Published as a Recommendation Y.3502 | International Standard ISO/IEC 17789 in Q3 2014 (freely available)
Viewpoint approach methodology:User view (eco-system, roles, sub-roles, activities)Functional view (layering framework and functional components)
Generic architecture for the support of major cloud service categories (IaaS, PaaS, SaaS, NaaS,….) in different deployment models such as private, public, hybrid cloud (inter-cloud)
Y.3510 (Y.CCInfra) - Introduction
Geneva, Switzerland, 14 November 2014 11
Physical & virtualResourcesPhysical & virtualResources
Resource abstraction and control Resource abstraction and control
VNVN VSVS VMVM
Software & Platform Assets
Software & Platform Assets
Virtual Path Virtual Circuit
Virtual Path Virtual Circuit
Intra Cloud
Network
Intra Cloud
NetworkStorageStorage ComputingComputing
Core Transport Network
Core Transport Network
Inter Cloud
Network
Inter Cloud
Network
Service layer
Access layer
User layer
Multi-layer functions
① Physical machine② Virtual machine③ Software assets
① Storage Interface
② Storage management
③ Storage availability
① Intra-datacenter network ② Inter-datacenter network③ Access and core transport
network
Compute Storage Network
Requirements for Compute Resource—Y.3510
12
Virtualization
Physical machine Virtual machine
Hardware assisted virtualization Horizontal scalability and vertical scalabilityEnergy consumption optimization
VM Migration and HACPU/Mem/IO virtualization Duplication of VMManagement automation
Software provision
Automated provisioning
and deploymentUnified software license
management
Geneva, Switzerland, 14 November 2014
Requirements for Storage Resource—Y.3510
13
Infrastructure monitor cluster
NAS DFS Backup
Block Storage Client Filesystem Client Database/Table Client Object Storage Client
user identification & access
application interfacesnetwork access
equipment
The access sub-layer
FC, iSCSI, FCOE, LUNs
CIFS, NFS, WebDAV
JDBC, ODBC, XML
CRUD operations via
HTTP
The presenting sub-layer
SAN service cloud NAS service cloudbackup disaster recovery
service cloud
The infrastructure sub-layer
virtual volume management
file access interfaces : CIFS, NFS, WebDAV
SAN BC Backup
virtual volume management
block service interfaces such as FC, iSCSI, FCOE, LUNs
other Client(e.g. XAM Client)
Other(e.g. XAM
VIM)
Storage interfaceblock storage protocolfile system protocoldatabase protocolweb service interfaces
Storage managementClient authorizationRequest dispatchingConfiguration and provisionMonitoring and alertingReplication and archiving
Storage availabilitydata backup and recoveryData verification,Data synchronization
Data de-duplication
Geneva, Switzerland, 14 November 2014
Requirements for Network Resource —Y.3510
14
IDC-1 IDC-2
1
2
3
User
Intra-DC network Inter-DC network Access and Core transport network
Elastic addressing for multi-tenant usersDynamic migration of VMs across DCVirtual network services (e.g., DND, FW, LB, VPN) for multi-tenant users
Deal with VM network addresses overlappingResilient to topology changes Support different logical networks
Support delivery of cloud services in terms of performances, scalability and agilitySupport multiple addressing, such asIPv4 and IPv6
Geneva, Switzerland, 14 November 2014
Conclusions and Recommendations
Geneva, Switzerland, 14 November 2014 15
In the first batch of ITU published cloud computing recommendation with the number of Y.3501, Y.3510, Y.3520
Fully covered main categories of cloud infrastructure, consisting of compute resources, storage resources and network resources
Covering most types and scenarios of the resources:Compute :physical machine, virtual machineStorage :block storage, object starge, database, xml,..Network: Intra-datacenter, Inter-datacenter, Access and core transport network
From infrastructure and network level, fully support major cloud service categories (IaaS, PaaS, SaaS, NaaS, ….)
As a base standard for reference or reuse by other organizations, such as ETSI NFV, MEF, DMTF, CCSA, etc.