SUCRE Workshop Open Source Clouds in the public sector 16-17 April, 2013 Poznan, Poland Peter Szegedi Project Development Officer szegedi@terena.org www.terena.org TERENA Trusted Cloud Drive Unleashing the NREN clouds
About TERENA TERENA offers a forum to collaborate, innovate and share knowledge in order to foster the development of Internet technology, infrastructure and services to be used by the research and education community. Slide 2 TERENA is first and foremost a collaborative organisation. Its core business is to bring together managers, technical specialists and other people in the research networking community with their counterparts from other countries in Europe, mobilising the expertise and experience of hundreds of professionals in the research and education networking area.
What TERENA does Since 2010, TERENA has been actively looking into how NRENs can offer cloud services Task Force on the Management of Service Portfolios (TF- MSP) has investigated business aspects of NRENs offering clouds or cloud brokerage services. Task Force on Storage (TF-Storage) covers the technical aspects, providing a forum for exchanging and promoting ideas. At the pan-european level, TERENA has published the ASPIRE foresight study, which includes the adoption of cloud services within the research and education community.
What TERENA does Strategic points are: provide support and coordination for NRENs in submitting proposals in response to European Commission and other calls; develop a pilot activity for NRENs to experiment and gain experience with clouds and applications; contribute to the ASPIRE study on the adoption of cloud services by the community; agree, document and disseminate information on best practice in the area of clouds and cloud services. Slide 4
What s in tne clouds for HEI Many researchers and educators are already using commercial clouds far less hassle than applying for permission to their own cluster for humanities, health sciences, biology sciences, civil engineering, etc. with occasional computational data analysis paid out of their own pockets Build or buy...? While a fully loaded university private cloud may be cheaper than commercial facilities, most small and medium research teams only need occasional use of such facilities and so often a commercial cloud is more convenient. Traffic to commercial clouds from R&E networks at major peering is sky rocketing Slide 5
What s happening at HEI Outsourcing of commodity application services (e.g., student e-mails, document sharing) to public clouds can be done with low risk (SaaS) NREN as a buying syndicates Outsourcing of infrastructure related services (e.g., storage, computing) to public clouds has more risks for individual universities (IaaS) concerning the service operation, data protection, authentication and access control issues NREN as an infrastructure service provider or an infrastructure service proxy to public clouds Slide 6
What s happening at NRENs Outsourcing of commodity application services (e.g., calendar system) to commercial clouds seems to be okay (SaaS) NRENs should get rid of the commodity services and concentrate on new service development and innovation for the benefit of their users Infrastructure-related services (e.g., network operation, videoconferencing, storage, computing) the mixing of NRENs own infrastructure service with public clouds seems to be a value-added IaaS scenario. NRENs can hide the non-attractive features of public clouds and provide commodity cloud service to universities with tailor-made features (including federated access, data protection assurance, etc.) exploiting public cloud backends. Slide 7
ASPIRE Study: The Adoption of Cloud Services There are two routes to take: the consumption of services offered by commercial vendors in the public cloud (commodity services); the production of services, together at NREN level, in a community cloud (services for the specific needs and special requirements of the higher education and research community). Both routes are valid and relevant, but call for a different organisational approach. There is a chance for the NRENs to lead in the field of cloud brokering and cloud middleware infrastructures consuming the public cloud: aggregating demand, vendor management and cloud brokering; producing community clouds: business cases; connecting the clouds, by means of collaboration infrastructures and federations; legal issues (on EU level), standardisation, and interoperability. http://www.terena.org/activities/aspire/docs/aspire-clouds.pdf
NRENs strategy in application services a) BULID: Collaborative development of application services FileSender (file transfer) b) BUY: Joint procurement of commodity services SURFnet s contract with Microsoft and Google (sync&share) TERENA TCS (security) Slide 9
Biggest concerns about clouds Slide 10 The Open Group Cloud Computing Survey, May 2011
The task of the NREN To provide useful IT services to academic institutions those are either not found on the market or at least not at a reasonable price. Let end-users choose Give IT departments control Exploit cost reductions Consired energy savings Be safe and secure (security, privacy, legal aspects) Remain open (interoperability, standards) Slide 11
Example I full cloud stack GRNET ~Okeanos IaaS Slide 12
Example II - middleware SURFnet SURFconext Slide 13
Example III infrastructure NIIF Cloud Infrastructure Slide 14
Example IV networking SURFnet - GreenQloud Slide 15
Example V data privacy Unhosted.org Slide 16
TERENA Trusted Cloud Drive pilot Aim and scope take a small pragmatic step Explore possible deployment scenarios for a trusted storage service for NRENs longer term sustainability for a potential service; legal aspects and perceived trust issues related to the storage and management of the encryption keys and metadata; software scalability and performance; Unique selling points: trust, privacy, security, federation, open-source, flexible
Metadata Idea... encryption Cloud Storage Provider End-user domain Storage data Public Cloud NREN clouds CAMPUS Trusted party University NREN
Trusted Cloud Drive service architecture Slide 19
TERENA strategy for TCD Focus on its main asset; maintaining trust and privacy of the client domain by separating metadata and encryption keys (to be kept in a trusted place) from the storage data (to be exported to back-end storage) at the domains' boundary. Not compete with the feature-rich front-end sync&share applications available on the market (such as PowerFolder or OwnCloud platforms) instead, broker them to various public and/or NREN-provided storage back-ends in a trusted way. Be a lightweight, thin layer (preferably controlled and operated by NRENs) separating/interfacing end-user application domains and cloud service provider domains; considered to be a "storage middleware". Ensure the interoperability with some selected private storage service platforms (throughout strategic partnership) at the frontend as well as aggregating demands and relaying storage data to public cloud storage offerings (procured by TERENA under framework agreements) at the back-end.
Conclusions Consuming the public cloud: aggregating demand, vendor management and cloud brokering Federated identity Producing community clouds: business cases Share resources and cooperate to produce specialized services together, efficiently, in a community cloud Connecting the clouds, by means of collaboration infrastructures Open, data exchange and social networking Legal issues (on EU level), standardization and interoperability Slide 21
Links and events Links: TERENA Cloud Services and Activities http://www.terena.org/activities/clouds/ TERENA Trusted Cloud Drive pilot wiki http://terena.org/clouddrive Events: TERENA Networking Conference 2013 3-6 June, 2013, Maastricht, Netherlands https://tnc2013.terena.org/ TERENA TF-Storage task force meeting 18-19 September 2013, Brussels, Belgium http://www.terena.org/activities/tf-storage/ Slide 22
Contacts Peter Szegedi Project Development Officer szegedi@terena.org John Dyer Business and Technology Strategist dyer@terena.org Mailing lists nren-clouds@terena.org storage@terena.org Slide 23