323 research outputs found
Opening Up OpenStackâs Identity Service
OpenStack is a relatively new open source cloud computing project. It has rapidly become very popular since its first release on 21st October 2010. It has thousands of members, comprising technologists, developers, researchers, and cloud computing experts from 87 countries and more than 140 organisations.
Despite is openness until the University of Kent started to work with OpenStack, its Keystone identity service had no federated identity management capabilities, and all user accounts and passwords had to be stored in Keystone, usually in a backend LDAP directory.
This talk will describe the way that protocol independent federated access has been integrated into the core release of Keystone
Interoperable geographically distributed astronomical infrastructures: technical solutions
The increase of astronomical data produced by a new generation of
observational tools poses the need to distribute data and to bring computation
close to the data. Trying to answer this need, we set up a federated data and
computing infrastructure involving an international cloud facility, EGI
federated, and a set of services implementing IVOA standards and
recommendations for authentication, data sharing and resource access. In this
paper we describe technical problems faced, specifically we show the designing,
technological and architectural solutions adopted. We depict our technological
overall solution to bring data close to computation resources. Besides the
adopted solutions, we propose some points for an open discussion on
authentication and authorization mechanisms.Comment: 4 pages, 1 figure, submitted to Astronomical Society of the Pacific
(ASP
CYCLONE Unified Deployment and Management of Federated, Multi-Cloud Applications
Various Cloud layers have to work in concert in order to manage and deploy
complex multi-cloud applications, executing sophisticated workflows for Cloud
resource deployment, activation, adjustment, interaction, and monitoring. While
there are ample solutions for managing individual Cloud aspects (e.g. network
controllers, deployment tools, and application security software), there are no
well-integrated suites for managing an entire multi cloud environment with
multiple providers and deployment models. This paper presents the CYCLONE
architecture that integrates a number of existing solutions to create an open,
unified, holistic Cloud management platform for multi-cloud applications,
tailored to the needs of research organizations and SMEs. It discusses major
challenges in providing a network and security infrastructure for the
Intercloud and concludes with the demonstration how the architecture is
implemented in a real life bioinformatics use case
My private cloud--granting federated access to cloud resources
We describe the research undertaken in the six month JISC/EPSRC funded My Private Cloud project, in which we built a demonstration cloud file storage service that allows users to login to it, by using their existing credentials from a configured trusted identity provider. Once authenticated, users are shown a set of accounts that they are the owners of, based on their identity attributes. Once users open one of their accounts, they can upload and download files to it. Not only that, but they can then grant access to their file resources to anyone else in the federated system, regardless of whether their chosen delegate has used the cloud service before or not. The system uses standard identity management protocols, attribute based access controls, and a delegation service. A set of APIs have been defined for the authentication, authorisation and delegation processes, and the software has been released as open source to the community. A public demonstration of the system is available online
Phenomenology Tools on Cloud Infrastructures using OpenStack
We present a new environment for computations in particle physics
phenomenology employing recent developments in cloud computing. On this
environment users can create and manage "virtual" machines on which the
phenomenology codes/tools can be deployed easily in an automated way. We
analyze the performance of this environment based on "virtual" machines versus
the utilization of "real" physical hardware. In this way we provide a
qualitative result for the influence of the host operating system on the
performance of a representative set of applications for phenomenology
calculations.Comment: 25 pages, 12 figures; information on memory usage included, as well
as minor modifications. Version to appear in EPJ
VM Image Repository and Distribution Models for Federated Clouds: State of the Art, Possible Directions and Open Issues
The emerging trend of Federated Cloud models enlist virtualization as a significant concept to offer a large scale distributed Infrastructure as a Service collaborative paradigm to end users. Virtualization leverage Virtual Machines (VM) instantiated from user specific templates labelled as VM Images (VMI). To this extent, the rapid provisioning of VMs with varying user requests ensuring Quality of Service (QoS) across multiple cloud providers largely depends upon the image repository architecture and distribution policies. We discuss the possible state-of-art in VMI storage repository and distribution mechanisms for efficient VM provisioning in federated clouds. In addition, we present and compare various representative systems in this realm. Furthermore, we define a design space, identify current limitations, challenges and open trends for VMI repositories and distribution techniques within federated infrastructure
ooi: OpenStack OCCI interface
In this document we present an implementation of the Open Grid Forumâs Open Cloud Computing Interface (OCCI) for OpenStack, namely ooi (Openstack occi interface, 2015). OCCI is an open standard for management tasks over cloud resources, focused on interoperability, portability and integration. ooi aims to implement this open interface for the OpenStack cloud middleware, promoting interoperability with other OCCI-enabled cloud management frameworks and infrastructures. ooi focuses on being non-invasive with a vanilla OpenStack installation, not tied to a particular OpenStack release version
- âŠ