Virtualization as Architecture - GENI

Virtualization as Architecture - GENI

Virtualization as Architecture GENI Rudra Dutta Special Topic on SDN, Spring, 2017 Some slides from GENI Project Office Network Integration Vision Single network infrastructure which carries traffic for various types of use But of integrated services network requirements are very different Integrating networks requires making greatest of all networks (ATM) rather than least of all networks Raises barrier to entry Separate networks are good For banking and videochat and telesurgery, e.g. But frustrating that solved problems reappear,

old solutions cannot be easily applied Copyright Spring 2017, Rudra Dutta, CSC, NCSU Motivation for Virtualization Approach similar to compute virtualization A substrate that provides basic capabilities A method to identify smallest units (slivers) of Resources that make up substrate must each be sliverable Easiest when slivering is along physical lines (NICs, switches) Collection of slivers makes up a virtual network (slice) Bandwidth Switching ??? Similar to a virtual machine

Advantage of integrated network without (some of) the drawbacks Copyright Spring 2017, Rudra Dutta, CSC, NCSU GENI In late 2000s, an NSF initiative to create a nationalscale sharable network testbed Allow researchers to experiment with a national atscale footprint Allow experimentation with different architectures, fundamentally incompatible Virtualized underlying infrastructure indispensable for such a testbed Different experiments would be completely isolated Would use completely different stacks, hops Also the thought: maybe virtualization is the next architecture Copyright Spring 2017, Rudra Dutta, CSC, NCSU GENI Current User View Something

May be easier to think of it as VCL, but with some differences Ability to define nodes Provided as VMs by GENI Option (in some cases) of requesting bare metal Option (in some cases) to bind to specific substrate Ability like a virtualization platform to define links Between nodes already defined Characterize link metrics Install/develop software on nodes, run Leave running unattended, access as needed Copyright Spring 2017, Rudra Dutta, CSC, NCSU Using GENI (First steps)

Must complete, in HW4: Must be member of a GENI project (done in HW3) Request to become member of ncsu_teaching Receive approval from instructor Now, you can log into the GENI portal Configuration and setup A simple exercise Visit portal.geni.net, click Use GENI This is the authentication step (you are who you say you are) GENI uses a single sign-on system with federation Copyright Spring 2017, Rudra Dutta, CSC, NCSU

Shibboleth will bring up a list of authentication (login) domains Choose NC State University if not already pre-selected Log in with your UNITY ID/PW Creating a Slice GENI returns, upon request, a slice certificate This is the authorization to use resources from aggregates Now, you can create slices A slice is a virtual network Each node is a VM, on which you have root access Each link is a virtual circuit, L2 (VLAN) or L3 (OF) Can use for any processing, including forwarding packets You should not have to understand distinction, or allow for any differences GENI provides: Various aggregates (see previous slides from GPO) Various tools to view and access those aggregates All tools access all aggregates, but some pairs match better

We shall use ExoGENI aggregates with Flukes Copyright Spring 2017, Rudra Dutta, CSC, NCSU This combination supported some extra functionalities we shall try to keep within GENI set Creating and Using Slices Clearinghouse Login (UNITY credentials) Web Request GENI certificate (X509 (PEM) file) Login (GENI certificate) Issue certificate Flukes Aggregate Manager Request slice Provide personal login credentials (ssh key)

Provision slice Install login credentials Confirm Login (personal credentials) (ssh key) Use ssh Aggregate Copyright Spring 2017, Rudra Dutta, CSC, NCSU Designing a Slice with Flukes Very simple add nodes and links by point-and- click Nodes are VMs Can choose types (what OS will be loaded initially) Can install software after it boots up or even automate through startup scripts Can choose what blade VM physically comes from All are optional accept default unless specific need ExoGENI enforces secure login Provide Links

Copyright Spring 2017, Rudra Dutta, CSC, NCSU keys through Flukes are stitched adjacencies treat as links Create and Use Your Slice The previous step only designed the slice Still just a picture on a screen no actual resources Submit Should succeed if you have authorization, aggregate has available resources, and all goes well Can check in Flukes if provisioning successfully finished or not When Copyright Spring 2017, Rudra Dutta, CSC, NCSU this design to be instantiated finished, can log in using ssh X11 display pushback may be possible When used is finished, release slice

Will eventually expire even without release Summary GENI has completed Spirals 1 5, and has started transition to use model Original thinking and positioning has been questioned and revisited GENI research council has been set up Architectural vision also evolved common Aggregate Manager API Overall broad goal remains to enable isolated experiments deep into the network stack Future Internet architectural insights and/or partial realizations might emerge We will use GENI as an instructional lab facility Increasing set of common access tools, API

For many groups, may be project platform Some informational slides from GENI follow Copyright Spring 2017, Rudra Dutta, CSC, NCSU Global networks are creating extremely important new challenges Science Issues Innovation Issues We cannot currently understand or predict the behavior of complex, large-scale networks Substantial barriers to at-scale experimentation with new architectures, services, and technologies Society Issues We increasingly rely on the Internet but are unsure that can trust its security, privacy or resilience Credit: MONET Group at UIUC Sponsored by the National Science Foundation March 31, 2009 12

GENI Conceptual Design Infrastructure to support at-scale experimentation Virtualized Deeply programmable Programmable & federated, with end-to-end virtualized slices Sensor Network Federated International Infrastructure Wireless Network March 31, 2009 Sponsored by the National ScienceMobile Foundation Edge Site Heterogeneous, and evolving over time via spiral development 13 Federation GENI grows by gluing together heterogeneous infrastructure My experiment runs across the evolving GENI federation. Wireless #1 Corporate GENI suites

Backbone #1 Compute Cluster #1 Compute Cluster #2 My GENI Slice Access #1 Backbone #2 NSF parts of GENI Other-Nation Projects Other-Nation Projects This approach looks remarkably familiar . . . Wireless #2 Goals: avoid technology lock in, add new technologies as they mature, and potentially grow quickly by incorporating existing infrastructure into the overall GENI ecosystem Sponsored by the National Science Foundation March 31, 2009 14

Resource discovery Aggregates publish resources, schedules, etc., via clearinghouses What resources can I use? GENI Clearinghouse These Researcher Components Components Components Aggregate A Aggregate B Aggregate C Computer Cluster Backbone Net Metro Wireless Sponsored by the National Science Foundation March 31, 2009 15

Slice creation Clearinghouse checks credentials & enforces policy Aggregates allocate resources & create topologies Create my slice GENI Clearinghouse Components Components Components Aggregate A Aggregate B Aggregate C Computer Cluster Backbone Net Metro Wireless Sponsored by the National Science Foundation March 31, 2009 16 Experimentation Researcher loads software, debugs, collects measurements Experiment Install my software,

debug, collect data, retry, etc. GENI Clearinghouse Components Components Components Aggregate A Aggregate B Aggregate C Computer Cluster Backbone Net Metro Wireless Sponsored by the National Science Foundation March 31, 2009 17 Slice growth & revision Allows successful, long-running experiments to grow larger Make my slice bigger ! GENI Clearinghouse Components

Components Components Aggregate A Aggregate B Aggregate C Computer Cluster Backbone Net Metro Wireless Sponsored by the National Science Foundation March 31, 2009 18 Federation of Clearinghouses Growth path to international, semi-private, and commercial GENIs Make my slice even bigger ! GENI Clearinghouse Federated Clearinghouse Components

Components Components Components Aggregate A Aggregate B Aggregate C Aggregate D Computer Cluster Backbone Net Metro Wireless Non-NSF Resources Sponsored by the National Science Foundation March 31, 2009 19 Operations & Management Always present in background for usual reasons Will need an emergency shutdown mechanism Stop the experiment immediately ! GENI

Clearinghouse Oops Federated Clearinghouse Components Components Components Components Aggregate A Aggregate B Aggregate C Aggregate D Computer Cluster Backbone Net Metro Wireless Non-NSF Resources Sponsored by the National Science Foundation March 31, 2009

20 Viewing GENI at Different Planes Topology Plane: Nodes, links Resource Plane: Racks, switches, PCs Link-1 VM-1 VM-2 TOR Switch TOR Switch Rack Node Rack Node Rack Node Rack Node Rack Node Rack Node Rack Node Rack Node Rack Node

Rack Node SA MA AM-1 Control Plane: Aggregates [AM API], Authorities [Federation API], Tools, Slices, Slivers, Projects Sponsored by the National Science Foundation AM-2 Tool March 31, 2009 This talk will focus on the entities comprising the GENI control plane and their relationships. 21 Architecture Schematic: Tools interacting with Aggregates 2) SSL connection validated, user authorized, slice credential constructed User certificate and slice credential are used to authenticate and authorize the experimenter at the AM Clearinghouse SA (Slice Authority)

1) Federation API (SA): get_credentials XMLRPC/SSL : Experimenters cert sent, request encrypted by experimenters SSL private key 3) Slice credential returned 4) AM API: listresources XMLRPC/SSL PLUS slice credential Aggregate Manager Experimenter Tool (omni) 5) SSL connection validated, user authorized, manifest constructed 6) Manifest Rspec returned omni.py a test-agg listresources myslice

Sponsored by the National Science Foundation March 31, 2009 22 Huh? Slow down! What is a Slice Authority? Why do I need to go from the Tool to the Slice Authority when I really want to go straight to the Aggregate? What are all these Credentials and Certificates for? I just want some resources! Sponsored by the National Science Foundation March 31, 2009 23 GENI: Trying to give Experimenters the Resources they Need Experimenter Resource Owner Who is this guy? What should I allow him to have? What happens if something goes wrong?

Sponsored by the National Science Foundation March 31, 2009 24 Expanding Resource Owners Concerns Who is this guy?: Authentication We need to know that the person asking for resources is who they claim to be. What should I allow him to have?: Authorization We need to be able to determine which users are entitled to which resources in which context. What happens if something goes wrong?: Accountability We need to be able to tell when an experiment is behaving in a way that risks my resources, and if so, shut it down and keep it from happening it again. Providing experimenters with authenticated, authorized, accountable access to resources is the foundation of the GENI architecture. Sponsored by the National Science Foundation March 31, 2009 25 Wanted: A Trusted Third Party In general, the experimenter and the resource owner dont know each other and dont trust each other. Moreover, requiring that they do wont scale to large numbers of users and resources. For the resource owner to be willing to allocate resources to the experimenter, a mutually trusted

third party is needed who can: Vouch for the experimenters identity Provide information about the experimenter from which to make authorization decisions Monitor experiments, provide alert, shutdown and forensics services, revoke privileges when needed These trusted third parties are the Slice and Member Authorities Sponsored by the National Science Foundation March 31, 2009 26 Participants in a GENI Federation Federation: A collection of people and institutions who agree to share resources and abide by common procedures in order to share resources in a reliable, mutually beneficial manner. Clearinghouse: Set of services establishing federationlevel authentication, authorization and accountability of experimenter use of federation resources. Esp. contains one or more Slice Authorities and Member Authorities Monitoring: Processes and tools monitoring activity on GENI resources for health, performance, adherence to policies. Tools: Software capabilities that interact with federation resources on behalf of experimenters Aggregates: Software entities that represent federated resources in transactions with experimenter tools. Resources: Physical resources

(compute, network, storage) made available to the federation by means of a participating aggregate. Experimenter: A researcher seeking to perform network experiments on customized data plane. Real-world entities Sponsored by the National Science Foundation March 31, 2009 Software entities 27 Looking at Credentials A credential is a signed statement. In GENI, we have many different kinds of credentials that are used in different ways A Certificate is an identity credential: The person bearing the private key associated with this public key has these attributes: UUID, URN, email In GENI, these are in X509 format, signed by a Federation Member Authority. Certificates are the basis of Authentication in GENI. All API calls (to aggregates through the AM API or to the Clearinghouse through the Federation API) are made via SSL using the callers certificate and private key Sponsored by the National Science Foundation March 31, 2009

28 Looking at Credentials [2] Slice and User Credentials Slice credentials are statements from the SA regarding rights and roles of a user with respect to a given slice User credentials are statements from the MA regarding rights and roles of a user independent of a slice The aggregate uses these to inform its own Authorization decisions Attributes Statements about a user: User is a Project Lead or Operator or Faculty at X institute These may be things that are true outside of GENI or within GENI Sponsored by the National Science Foundation March 31, 2009 29 The Authorization Pipeline Authentication Authentication: An API (AM or Federation) call is made using users certificate and private key. If the public key in cert matches private key, user is authenticated. Identity Identity: The callers certificate contains some key identity attributes: URN, UUID, email.

Attributes Attributes: The call may contain other credentials (e.g. slice credential or PI attribute). Policy Policy: The server (SA, MA, AM) has rules determining what attributes are required to allow actions in a given context (e.g. slice). Rights Rights: Attributes crossed with policies leads to a specific set of rights in a given context. Authorization Authorization: The call is (or is not) authorized if user has sufficient rights based on policy. GENI does not apply independent reasoning to authorization: all the logic is in attributes and policies. Sponsored by the National Science Foundation March 31, 2009 30 Trust Relationships in GENI The elements of GENI (users, tools, federation services, aggregates) have different degrees of trust that allow them to interoperate We mean different things by trust, and represent them differently in the GENI architecture

CREDIBILITY: If you claim it, I believe it Accepting your statements as true Incorporation of your root cert into my trusted root bundle ENDORSEMENT: I vouch for you to others Directory services, membership, credential granting RELIANCE: I believe you can do something as I would want it done Delegation or Speaks-for credentials Implied in using a tool, connecting to a service Sponsored by the National Science Foundation March 31, 2009 31 Who trusts whom? What relationships are privileged? Trusted entity USER Trusting entity TOOL CH USER Reliance Reliance TOOL

Reliance CH Endorsement AM Endorsement Credibility AM We will review these different trust relationships, which may be represented and supported in different ways in the architecture. Sponsored by the National Science Foundation March 31, 2009 32 Trust Credentials at work: Getting a slice manifest (Desktop tool) 2) SSL connection validated, user authorized, slice credential constructed User certificate and slice credential are used to authenticate and authorize the experimenter at the AM Clearinghouse SA (Slice Authority)

1) Federation API (SA): get_credentials XMLRPC/SSL : Experimenters cert sent, request encrypted by experimenters SSL private key 3) Slice credential returned 4) AM API: listresources XMLRPC/SSL PLUS slice credential Aggregate Manager Experimenter Tool (omni) 5) SSL connection validated, user authorized, manifest constructed 6) Manifest Rspec returned omni.py a test-agg listresources myslice

Sponsored by the National Science Foundation March 31, 2009 33 Trust Credentials at work: Getting a slice manifest (Hosted tool) 2) SSL connection validated, speaks-for validated, user authorized, slice credential constructed Tool Speaks For the experimenter, supplying an extra 'speaks for' credential Clearinghouse SA (Slice Authority) 1) Federation API (SA): get_credentials XMLRPC/SSL; tool speaks for experimenter, supplying an extra speaks-for credential 3) Slice credential returned Hosted Experimenter Tool

(GENI Portal) 4) AM API: listresources XMLRPC/SSL tool speaks for experimenter, supplying an extra speaks-for credential 6) Manifest Rspec returned Sponsored by the National Science Foundation March 31, 2009 Aggregate Manager 5) SSL connection validated, speaks-for validated, user authorized, manifest constructed 34 Trust Relationships: Tool trusts Tool This is a RELIANCE trust relationship The GENI Portal serves as

A Shibboleth Service Provider (i.e. client to the Shib IdP) An IdP for OpenID clients (e.g. GEE, LabWiki, WiMAX) The tools who use the Portals OpenID IdP trust the Portal to authenticate users properly and return their attributes. Sponsored by the National Science Foundation March 31, 2009 InCommon IdP GPO IdP Caf IdP Shib IdP (Server) GENI Portal Shib Service Provider (Client) OpenID IdP (Server) OpenID Relying Party (Client)

35 GENI Accountability Foundations Monitoring Gather data from Aggregates and Clearinghouse on current system state Relational: Current relationships among users, slices, slivers, aggregates Time Series: real-time network, compute, disk resource metrics Alerting Determining potentially problematic behaviors or metric patterns on or across aggregate resources. Forensics Determine what happened and who is responsible for these resources (experimenter, slice owner, project lead) Response Depending on the severity and time-criticality, there are a number of options including: Sliver isolation Account disabling Certificate non-renewal Certificate revocation GENI has a variety of processes, policies and procedures that ensure that experimenters can, if necessary, be accountable for actions taken on federation resources Sponsored by the National Science Foundation

March 31, 2009 36

Recently Viewed Presentations

  • Memory: Retrieval and Problems - AP Psychology-NWHS

    Memory: Retrieval and Problems - AP Psychology-NWHS

    Memory: Retrieval and Problems . AP Psychology. Memory Retrieval and Forgetting. Let's Test Your LTM! You will see several words, one at a time ... Tip-of-the-tongue, occurs when a retrieval cue is not strong enough to retrieve, or trigger the...
  • Chapter 22 Post WWII and the Cold War

    Chapter 22 Post WWII and the Cold War

    After 1945 the Soviet Union and the U.S. try to rebuild Europe peacefully. The disagreement was over how to run the elections of the post war Poland and the Balkans. The U.S. wanted free elections, The soviet Union wanted to...
  • A simple guide to Mediation

    A simple guide to Mediation

    When β yx.m. does not drop zero the evidence supports partial mediation. This requires researchers to make a priori hypotheses concerning full or partial mediation and transforms confirmatory tests to exploratory data miningWhat counts as significant reduction inβ. yx vs....
  • Relief of the UK Areas +600m: Peaks and

    Relief of the UK Areas +600m: Peaks and

    Case Study - Boscastle flood August 16th2004. Causes of flood - 5 hours of heavy rain (3 inches in 1 hour), Impermeable rock, steep valley sides, thin soils limit vegetation. Buildings narrowing river channel. Narrow bridges trapped debris.
  • History of Art Medieval Postmodern Eras of Art

    History of Art Medieval Postmodern Eras of Art

    Impressionism. Use of light in painting. Attempt to to capture light as seen from the human eye. Artists include. Degas. Monet. Renoir. Post-Modern Art. Impossible to define clearly. Fashion. Novelty. Modern Art. Wide range, anything goes.
  • CHAPTER 13 Capacity and Consent 13 Essentials of

    CHAPTER 13 Capacity and Consent 13 Essentials of

    Capacity and Consent. Click your mouse anywhere on the screen when you are ready to advance the text within each slide. ... "Both parties must have the capacity to make a deal, and both must give genuine consent." ...
  • Northern Cyprus agriculture on the road to Europe - psss.rs

    Northern Cyprus agriculture on the road to Europe - psss.rs

    Dr Stiv Gos, maj 2011. Open questions: How would it work? Where do other ESPs fit in? (38 of 278 trainees = 14%) Note that with a true national service, the issue of licensing & registration largely disappears.
  • www.verespg.hu

    www.verespg.hu

    VERES PÉTER GIMNÁZIUM Tanulmányi eredmények 2005 Az írásbeli felvételi dolgozatok átlagpontszámai és a gimnázium helyezése a országos listán VPG 2005 ...