The standards landscape in cloud PRESENTATION computing TITLE GOES HERE Vincent Franceschini CTO Distributed Architectures, Hitachi Data System Chairman Emeritus, SNIA Governing Board Member, SNIA Cloud Storage Initiat
Forewords The Cloud gold rush has generated a flurry of new Cloudrelated industry initiatives. Some of them are driven by regular Standards Development Groups or by established Industry Associations. Others have been launched by new industry groups, consortia, individual companies or research institutes. If Technology Vendors / IT specialists can take advantage of such industry momentum, it is much harder for IT Users and even for product/solution developers to benefit from these initiatives at least initially. Cloud is such a broad topic from both technical & business angles that it deserves a more user-friendly approach to encourage the global IT eco-system embrace it. Page 2
Page 3
NIST Cloud Computing Conceptual Model Page 4
DataStorage as a Service (DaaS) Another Perspective Of the Cloud Stack Functional: Data storage interfaces used by any of the other types Management: Data Requirements and Storage usage Functional: End user interaction with the Application s function Management: Metering and billing based on number of users Software as a Service (SaaS) Platform as a Service (PaaS) Functional: Application development and deployment environment Management: Manage scale out of Application, Metering and billing based on application QoS Source: cloud-standards.org Infrastructure as a Service (PaaS) Functional: Virtual Machine for hosting OS based stacks Management: Manage lifecycle of guest machines, Metering and billing based on infrastructure usage Page 5
Cloud Use Cases For Standardization End-User to Cloud (e.g. Public Services) Applications running on the cloud and accessed by end users Enterprise to Cloud to End User (e.g. Enhanced Services) Applications running in the public cloud and accessed by employees and customers Enterprise to Cloud (e.g. Outsourced Services) Cloud applications integrated with internal IT capabilities From http://cloud-computing-use-cases.googlegroups.com/ Page 7
Cloud Use Cases For Standardization Cont d Enterprise to Cloud to Enterprise (e.g. Shared Services) Private Cloud (e.g. Private Services) Cloud applications running in the public cloud and interoperating with partner applications (supply chain) A cloud hosted by an organization inside that organization s firewall. &&6! < &. 6 / 6E( 1( (! 1!, %6! 6(E(! 1 * + '! (( 6! =! 166( 66#!, 2! (, ((6 Changing Cloud Vendor (e.g. Resource Migration) An organization using cloud services decides to switch cloud providers or work with additional providers. &&6! < &. 6 Hybrid Cloud (e.g. Multi-Cloud Services; Including Community Clouds) From http://cloud-computing-use-cases.googlegroups.com/ Multiple clouds work together, coordinated by a cloud broker that federates data, applications, user identity, security and other details. Page 8 ' ((((! E1!!! E &3 ) ' ( E((!,
Some Possible Standards Beyond Existing Projects Federated security (e.g. identity) across Clouds Metadata and data exchanges among Clouds Standards for moving applications between Cloud platforms Standards for describing resource/performance capabilities and requirements Standardized outputs for monitoring, auditing, billing, reports and notification for Cloud applications and services Common representations (abstract, APIs, protocols) for interfacing to Cloud resources Cloud-independent representation for policies and governance Portable tools for developing, deploying, and managing Cloud applications and services Orchestration and middleware tools for creating composite applications across Clouds Page 9
Cloud Standards Landscape Association for Retail Technology Standards (ARTS) Cloud Security Alliance (CSA) Distributed Management Task Force (DMTF) European Telecommunications Standards Institute (ETSI) INCITS DAPS38 International Telecommunications Union (ITU) Internet Engineering Task Force (IETF)Open Grid Forum (OGF) ISO/IEC JTC1 SC38 (SGCC) Object Management Group (OMG) Open Cloud Consortium (OCC) The Open Group Organization for the Advancement of Structured Information Standards (OASIS) Storage Networking Industry Association (SNIA) TM Forum Page 10
Provider Interface Service Catalog Clouds Need a Strong Standards Landscape Cloud Service Consumer Cloud Service Developer SLA - Elasticity Rules - Performance - Adjacency - Compliance - Isolation - Availability TM-Forum CMDB Security Services Authentication Authorization Identity Key Mgt OASIS Resource Management Services Compute Network Storage Functional Interfaces DMTF Reporting SLA Mgt Billing Metering Monitoring Broker Federation Interface Cloud Service Broker OGF (OCCI) SNIA (CDMI) Cloud Service Provider Source: Cloud-Standards.org Page 11
intended to begin the discussion on how to map the CC standards. Another look at CC standards Landscape SaaS PaaS IaaS Data Communication Security SOAP REST SCAP POP3/IMAP WS-Addressing XACML SPML SaaS Aplication JEE SQL WSDL XML JSON HTML SAML OpenID OAuth PaaS Platform Architecture OCCI CDMI HTTP FTP SMTP GridFTP XML DSig XML Encrypt IaaS OVF Virtualized Infrastructure SSL/TLS TCP DNS PKI Asymmetric Crypto Hardware IPV4 IPV6 Symmetric Crypto Facility Consumer Interface and Visibility Cloud Computing Capabilities and Resources Provider Control and Responsibility Draft from: NIST Cloud Computing Standards Roadmap Fifth Working Draft February 23, 2011 Page 12
Future Industry Steps: Cloud Peering Source: SNIA Cloud Storage Initiative Page 13
Users Developers Formulating Clear Requirements Common VM Formats, Data Formats and APIs: Virtual machines, data and applications created for one cloud provider should run on another cloud provider without changes. Cloud Management: Cloud computing is not feasible without service management, governance, metering, monitoring, federated identity, SLAs and benchmarks, data and application federation, deployment, and lifecycle management. Security: Security in cloud computing is vital, although the requirements for security will vary widely depending on the application and data types. Location awareness : A way of identifying the location of the physical machine hosting the cloud infrastructure is an absolute requirement for many government regulations. From http://cloud-computing-use-cases.googlegroups.com/ Page 14 APIs for Services: The API requirements for databases, messaging(both point-topoint and publishsubscribe), raw computing power and storage all relate directly to cloud services. Support APIs: The API requirements for caching, logging, identity management, service discovery, session management and SLAs are necessary to use cloud services effectively.
Other efforts that matter Public discussion groups Voice-in and contribute to cloud build-up efforts cloud-standards.org wiki Adhere & post relevant cloud standards information NIST SAJACC I/F Testing Use cases SIENA E-Infrastructure Roadmap Leveraging European programs & communities (EGI, GEANT, PRACE ) ISO/IEC JTC1 SC38 SGCC Home for cloud standards Liaisons with many national groups Page 15
Some final thoughts It s only the beginning Clarify Standard Requirements IaaS, PaaS, SaaS and don t forget about best practices and regulatory needs Address national/pan-national requirements Encourage further testing and demonstrations of Cloud standards, technologies, interoperability Security, Federation, Monitoring, Management, Mobility Standards are necessary but not enough to enable expected Cloud interoperability Let s educate the next generation of IT professionals to live the Cloud experience Page 16
Page 17
snia.org/cloud THANK YOU Page 18