* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Slides - TERENA Networking Conference 2010
Net neutrality law wikipedia , lookup
Deep packet inspection wikipedia , lookup
Distributed firewall wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Computer network wikipedia , lookup
TV Everywhere wikipedia , lookup
Network tap wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Airborne Networking wikipedia , lookup
Service-oriented architecture implementation framework wikipedia , lookup
MANTICORE II: IP Network as a Service pilots at HEAnet, NORDUnet and RedIRIS Eduard Grasa Fundació i2CAT Motivation: Separate infrastructure ownership and maintenance from usage • Today’s example: cloud computing I need more computing power to run my business Option A: Buy hardware Option B: Get some VMs from a cloud provider 2 What if I want to provide network services? Option A: Buy hardware Option B: Get some sort of VPN Network Service Provider (It’s ok, but I loose features compared to Option A) Option C: Any equivalent of “just get some VMs from a cloud provider”? 3 A possible option C (I) I want a network with POPs @ sites A, B, C: • POP A requirements: … • POP B requirements: … • POP C requirements: … Interconnection between POPs at X Gbps, maximum delay of Y ms. Ok, I’ll see what I can find! Network Service Provider Marketplace 4 A possible option C (II) Let’s search the infrastructure providers offerings Infrastructure Provider Infrastructure Providers have previously published their offerings at the market, with the usage conditions (Price, SLA) Infrastructure Provider Marketplace 5 A possible option C (III) Cool! I’ll configure the network addressing, internal routing, firewalls and external routing policies, and will be ready for my customers! Ok, here’s your network, it will cost you X € per day, let’s go to Paypal to finish the transaction. You’ll receive an email with the details about your network, with the contact information of your providers and a link to a management application. Network Service Provider Marketplace 6 A possible option C (IV) Brilliant! I can setup a new VPN through a web page, I don’t even have to send an email to the network admin! Nice! My customers can request the setup of their own services and administer them without annoying me… Thanks automation! Customer A Cool, We can configure our own routing policies in our virtual CPE… Without buying any hardware! Network Service Provider Customer B 7 So it’s all about IaaS and automation Infrastructure Provider Customer Network Service Provider Marketplace Infrastructure Provider • Is this scenario possible? practical? • What sort of tools would be required to help this scenario become a reality? • What use cases would this technology make possible? • What relationships would the different actors have? • Is this feasible in a research environment? And in a commercial environment? 8 Overview • MANTICORE research timeline • Current work: MANTICORE II • (Near) Future work: MANTYCHORE FP7 9 MANTICORE Projects Timeline MANTICORE I Definition of the scenario for a NREN use case Proof of concept of the management tools – IP Networks with routers only Demo at TNC 2008 2007 2008 Self funded: 120 k€ + equipment loans 10 MANTICORE II Robust, modular implementation of the management tools Pilot tests at 3 NRENs: HEAnet, NORDUnet and RedIRIS Initial marketplace design and simulation First commercial study 2009 2010 Self funded: 200 k€ + equipment donation MANTYCHORE ? Tools enhancement to increase scope to layer 2 and layer 1 (complete IP Network) Pre-operational services with real users. Initially 3 user communities: e-health, Grid, Media. In depth commercial feasibility study by an operator Marketplace implementation Research on zero-carbon infrastructures, collaborate with GSN 2011 2012 2013 In negotiations with EC (FP7): 1.4 M€ 2014 Overview • MANTICORE research timeline • Current work: MANTICORE II • (Near) Future work: MANTYCHORE FP7 11 Manage parallel networks sharing the same substrate Each user’s IP network is represented by a different color Physical Router User Site Router Instance (may be a physical router) Physical Link Logical Link (may be a full physical link) Each router instance can be temporarily owned by a different user (router instances offered as IaaS) IP Networks can be made of router instances from different providers Other user’s IP Network or the Internet 12 Actors in Manticore II • Infrastructure Provider: The infrastructure owner. Assigns permissions to the infrastructure resources so that external users can control them. In MANTICORE II, infrastructure providers are NRENs (HEAnet, NORDUnet, RedIRIS) providing control over physical or virtual routers. • Service Provider: Gains access to several infrastructure instances and aggregates them under his management domain, providing an IP Network Service to their users. – – 13 E.g. Can be the NREN E.g. Can be someone that wants to provide an IP Network Service for a specific task (e.g. to carry out a research project, to support a distributed research community). • End user: Uses the IP Network Service. Has access to modify the characteristics of the service: addressing, internal routing, external routing, • Marketplace: Acts as a broker between the different actors. They can also interact directly, but marketplaces facilitate multiple parties interaction. How does the tool look like? Inventory view 14 How does the tool look like? Creating a router instance 15 How does the tool look like? Managing permissions 16 How does the tool look like? IP Network View / IP Network Permissions 17 How does the tool look like? Configuring BGP 18 Pilot plans: HEAnet • Goal: Use MANTICORE software to provide a virtualized CPE to a pseudo-customer site. Timeframe: June 14th – July 26th • Physical CPEs land the BGP session from the NREN and provide a service demarcation point. Configuration of the CPE is mainly owned by the customer. • The CPE will be provided through logical routers, and MANTICORE will allow authenticated customers to modify its configuration HEAnet test lab HEAnet Core Access router (MANTICORE) 19 End Station (Pseudo customer site) Pilot plans: HEAnet (II) To HEAnet core To HEAnet core Virtual CPE End Station (Pseudo customer site) • First scenario: Single virtual CPE. The CPE will have 2 uplinks to the core, will advertise the customer address space and will accept a default route on each interface. • Steps that will be accomplished in this scenario: 20 – HEAnet admin will use MANTICORE with administrative privileges to provision the virtual CPE on the access router – HEAnet admin will delegate control of the virtual CPE to the pseudo customer user – The pseudo customer user will configure the logical router to meet the functionality of a single CPE as specified above, including BGP session to the core, and addressing for the end station – Demonstrate connectivity between the end station and the Internet Pilot plans: HEAnet (III) Virtual CPE To HEAnet core End Station (Pseudo customer site) To HEAnet core Virtual CPE • Second scenario: Two virtual CPEs. Each CPE will have an uplink to the core, advertise the address space and accept a default route each one. They will peer with iBGP, and provide each one a link to the end station, and use VRRP to provide resilient access. • Steps that will be accomplished in this scenario: 21 – HEAnet admin will use MANTICORE with administrative privileges to provision the virtual CPEs on the access router – HEAnet admin will delegate control of the virtual CPE to the pseudo customer user – The pseudo customer user will configure the logical router to meet the functionality of the CPEs as specified – Demonstrate connectivity between the end station and the Internet, even in the case of the failure of one of the two virtual CPEs Pilot plans: NORDUnet • Goal: MANTICORE as a NOC tool for provisioning virtual network elements and provide virtual network resources for for customers. Timeframe: July 1st – August 15th • Phased approach: – Phase 1: The tools will primarily be used in our lab setup for managing our courses and other activities that need easy deployment of virtual test networks (MANTICORE II scope) – Phase 2: Trials for advanced users and projects will be run lab resources and the pan-Nordic dynamic end-2-end services testbed. – Later phases we will involve Nordic NREN networks. 22 Pilot plans: NORDUnet (II) • Initial setup and introduction – Install the software – Enable provisioning on lab equipment – Investigate authentication options • Document and simulate service deployment within NORDUnet NOC – Document the setup – Create procedures for the NOC – Trial allocation of network elements, provisioning of virtual networks, and virtual network administration • Provision virtual network to a test customer – Simulate a customer order – Run through the deployment process created in the last step – Simulate customer traffic on the virtual network. – Evaluate and write pilot report 23 Pilot plans: RedIRIS • Goal: Use MANTICORE to enable PASITO partners to control the routing hardware in the testbed. Timeframe: June 14th – July 16th • PASITO (Plataforma de Ánalisis de Servicios de Telecomunicaciones) is a spanish platform dedicated to the testing and validation of new Internet services and protocols. • RedIRIS is going to integrate MANTICORE in the RedIRIS POP of the PASITO network, providing virtualised equipment to all the partners involved in such network. 24 Pilot plans: RedIRIS (II) • The pilot test will showcase: – PASITO Administrator (RedIRIS) creates a logical router – PASITO Administrator (manually still) configures L2 connectivity to the logical router – PASITO Administrator gives permissions to the PASITO partner (i2CAT) to control the router – PASITO partner uses the PASITO router to extend its test network, therefore it configures the PASITO router to talk to the router at i2CAT’s premises 25 Overview • MANTICORE research timeline • Current work: MANTICORE II • (Near) Future work: MANTYCHORE FP7 26 MANTYCHORE FP7 Overview • What? Main goal – Provide the European research community with IP Networks as a Service over the NRENs e-Infrastructure for the benefit of their research activities, enhancing the quality of the tools available for European Research and increasing the research capabilities and participation of researchers. • Who? 7 partners – – – – • Project Coordinator and tool developer: i2CAT Foundation 2 NRENs: HEAnet , NORDUnet 3 users: UNI-C , University of Essex , Trinity College Dublin 1 commercial operator: Telefónica I+D How? Requested to the EC ~1.4M€ in funding to perform 7 activities – 3 NAs: NA1-Project Management; NA2-Dissemination, Exploitation, Standardization and Liaisons; NA3-Consolidating the user community and users training. – 2 SAs: SA1-MANTICORE software refinement; SA2-MANTICORE services for virtual research communities – 2 JRAs: JRA1-Infrastructure resources marketplace; JRA2-Zero Carbon emission virtual infrastructures. 27 Initial users: e-Health, Media and Grid V M V M V M VMs V M VMs V M Grid Site 5 V M V M V M VMs V M Grid Site 6 Grid Site 3 IP Network as a Service V M V M VMs V M Grid Site 1 V M V M VMs V M V M V M VMs V M Grid Site 4 Grid Site 2 Grid-Ireland “Cloud Layer”, TCD Improving the Health Data Network, Dedicated IP Networks to support media services, router Authorized User Connection Agreement System Health Data Network Hub router router router Fixed connections + VPNs + MANTICORE managed IP Networks Site 1 router Site 2 28 Project Outcomes • MANTICORE Toolset (binaries + source code): – MANTICORE Server – Web application for administrators and users • Operational experience on providing IP Networks as a Service in NRENs • User experience and feedback on using the service in 3 different areas (eHealth, Media, Grid) and evaluation of the commercial potential of the service (Telefónica I+D) • Research and Experimentation results: – Clean energy powered e-Infrastructures, energy metering, impact of virtual infrastructure relocation on the user experience. – Resource marketplaces as a mechanism for automatically negotiating and allocating infrastructure resources. • • 29 Results delivered by a mature consortium that has been working since 2007 to deploy operational IaaS network services. IP Network as a Service fully encompasses the vision of a Future Internet built on services and virtualization technologies. Objective 1: IP Network as a Service Enable HEAnet and NORDUnet to provide IP Network Services to their customers through the MANTICORE tools, enhancing their service portfolio; thus providing virtual research communities with a useful service that can improve their research activities and optimize the efficiency of use of e-Infrastructures. • How it will be achieved: – HEAnet and NORDUnet will offer pre-operational services to virtual research communities – 3 different research communities (e-Health in Denmark, Grid in Ireland and media in the UK) will use the IP Network services and evaluate how they facilitate their research activities (in terms of flexibility, efficiency, budget savings, …) – Telefonica I+D will carry out a study on the feasibility of using MANTICORE services in a commercial environment, from an operator’s point of view – Collaboration with other projects and NRENs to bring MANTICORE services to the maximum number of users (letters of support from redIRIS, DANTE, SURFnet, JAnet, Sigmanet, OSAMI-commons, Clarin, IBBT) 30 Objective 2: Integrated Layer 1-3 services Refine and expand the MANTICORE services provided by means of integrating the results of the privately funded MANTICORE II project with the IaaS Framework based solutions for optical (Argia) and Ethernet/MPLS networks (Ether); thus being able to provide integrated services at levels 1-3 to the research community. • How it will be achieved: – Integration of MANTICORE II results with Argia and Ether • Integration of all the engine drivers: The IaaS Framework engine module provides a model to manage and configure any device model of any vendor. This integration will allow the management and configuration of devices at layers 1, 2 and 3 of the OSI model. • Integration of all web services: This integration will provide a unified remote interface to be able to access layer 1-3 based network services. • Integration of all UI modules: Users and administrators will be able to request the integrated layer 1-3 services or manage them by using a single GUI. – Software refinement based on requirements of the NRENs and user communities • The software will be customized to make sure it fulfils the needs of all the project stakeholders 31 Objective 3: Marketplace for resource trading Innovate in the business model used in services based on IaaS, establishing a marketplace where all Infrastructure Providers can publish their available resources with their usage conditions (SLA, price), and all customers can automatically negotiate the SLAs getting the best resource combination for their needs. • How it will be achieved: – Study and simulation of the different mechanisms required to implement the resource marketplace (resource publication, request submission and resource matchmaking and allocation mechanisms) – Implementation of a marketplace prototype, and integration with the SA1 software. – Deployment of the prototype, and use of it as a means for the user communities to discover and access HEAnet’s and NORDUnet’s resources. 32 The Green Star Network (GSN) Canadian consortium to research how to lower ICT CO2 emissions • GSN project deliverables: – GSN: An open architecture ICT service delivery network – Sales of Carbon credits by relocation of service implementation within GSN – Open source middleware that optimizes the use of ICT resource powered by renewable energy sources – Use cases, white papers, and business resources for GSN dissemination, sustainability and growth 33 Objective 4: Carbon neutral e-infrastructures Use MANTICORE services to contribute to the research performed in the GreenStar Network (GSN) project to enable carbon-neutral infrastructures. • How it will be achieved: – GSN uses virtualization technologies to allow the nodes in a network (both hosts and network devices) to change its location based on renewable energy availability (hidro, solar, wind). – MANTICORE and GSN will collaborate in a joint experimentation to identify and try to address the issues of having the nodes in the network powered by unreliable power sources. – MANTICORE and GSN will use a joint infrastructure, with some nodes powered by renewable energy sources, to experiment with and validate the scenarios identified by both projects. 34 MANTICORE Commercial Exploitation TID Feasibility study of commercial MANTICORE services (I) • Target: – Evaluate the likehood of success of MANTICORE services in a commercial environment and elaborate a business plan. • Activities: 1. Analyze market situation for IaaS services (commodities, prices, supply and demand, trends, revenue models, size …) 2. Identify: • Market actors: – Stakeholders: e.g. network providers, infrastructure providers, vendors, … – Potential Users: e.g. academic communities, scientific corporations, distributed business, … – Incoming actors: e.g. city councils, virtual operators, … • MANTICORE services: – Direct: Router as a Service and IP Network as a Service. – Derivative: new customized and dynamic connectivity services. • Competitors and Risks. 35 MANTICORE Commercial Exploitation TID Feasibility study of commercial MANTICORE services (II) 3. Analyze applicability in an operator’s ecosystem. • Suitability • Applicability • Feasibility 4. Elaborate business model based on: • Developed marketplace (JRA1) where all infrastructure providers can announce available resources and all customers can automatically negotiate SLAs in order to get the best combination of resources. – Short term business case: NRENs announce resources and conditions of usage to researchers – Mid/long term: Porting MANTICORE tools and services to commercial plane, i.e., European ICT businesses. • 36 The study of deployment and operation of MANTICORE services (SA2) Thank you for your attention Questions? MANTICORE II Team i2CAT: Sergi Figuerola, Pau Minoves, Xavier Barrera, Carlos Baez, Laia Ferrao, Eduard Grasa University of Essex: Dimitra Simeonidou, Chinwe Abosi, Reza Nejabati HEAnet: Victor Reijs, Dave Wilson NORDUnet: Lars Fischer, Per Nihlen, Linus Nordberg RedIRIS: Alberto Escolano, Tomás P. de Miguel Telefonica I+D: Isidro Cabello, Cristina Peña, David Ortega Juniper: Jean Marc Uzé Cisco: Klaas Wierenga, Chris Lonvick, Steve Wolff