Sponsored by the National Science Foundation 1January 7, 2013

CC-NIE workshop : Campus Infrastructure

GENI racks

Heidi Picher DempseyJanuary 7, 2013

www.geni.net

Sponsored by the National Science Foundation 2January 7, 2013

Outline

• GENI Racks and Connections• Campus Requirements• GENI Rack Installation and Support

Sponsored by the National Science Foundation 3January 7, 2013

GENI Racks and Connections

• Racks provide reservable, sliceable compute and network resources using Aggregate Managers (AM).

• Comply with GENI AM API• Support GENI RSpec v3• Support federation with

existing Slice Authorities (GENI Project Office (GPO), ProtoGENI (University of Utah), and PlanetLab Central (Princeton University) for access now

Sponsored by the National Science Foundation 4January 7, 2013

Racks and Connections (cont.)• Racks are GENI Aggregates• GENI MetaOperations (Indiana

University) provides support, monitoring and escalation

• Internet2 and NLR provide core data plane resources that experimenters can control

• Regionals provide more network resources that experimenters can control (CENIC, GpENI, KanREN, MOXI, MAX, NYSERNET, SOX, UEN)

• GENI network resources interconnect and coexist with with other research networks (e.g. StarLight)

Experimenter Tools

IdentityProvider

GENI Clearinghouse

* Includes GENI racks and (if desired) designated campus resources

Aggregates*

GMOC

Sponsored by the National Science Foundation 5January 7, 2013

GENI PG

GENI PG

GENI PG

GENI PG

GENI PG

GENI PG

NLR (5-8 nodes)

Peering

Core Connections: Layer 2 Now

GENI AL2S

GENI AL2S

GENI AL2S

GENI AL2S

• Multiple 1G and 10G connections with VLANs connecting experimenter nodes• Campus access to Internet2 via ION/DYNES or direct connection (existing or AL2S)• Campus access to NLR via FrameNet or direct connection I2 map with GPO edits

Sponsored by the National Science Foundation 6January 7, 2013

Core Connections: Internet 2 AL2S

Sponsored by the National Science Foundation 7January 7, 2013

Core Connections Coming Soon (starting 2013)

• Full GENI implementation on AL2S• Peering with multiple SDN networks possible (e.g. NLR, Southeast

Network Access Point)• Campus access via stitching or direct connection to AL2S (see CC-

NIE architecture slides)• Support experimenter control of nodes or access to AL2S production

services

Sponsored by the National Science Foundation 8January 7, 2013

GENI Rack Campus Requirements

• Provide space, power, security (as with other campus IT resources)

• Provide at least 1Gbps OpenFlow/SDN path from rack to campus boundary

• Connect campus resources to GENI rack for faculty/experimenter use

• Operate with up-to-date GENI-specified software (e.g. AM API, OpenStack)

• Provide no-cost access to rack resources for GENI authorized users at other campuses

• Provide points of contact for GENI response team (see http://groups.geni.net/geni/attachment/wiki/ComprehensiveSecurityPgm/Aggregate Provider Agreement v3.pdf )

Sponsored by the National Science Foundation 9January 7, 2013

Installation and Support: GENI Rack Teams

• InstaGENI: University of Utah (software and engineering), partnered with HP Labs (commercial hardware/firmware), Northwestern University (deployment coordination and engineering) and Princeton (PlanetLab integration).

• ExoGENI: RENCI and Duke (software and engineering), IBM (commercial hardware/firmware and on-site installation)

• GENI also provides OpenFlow developer support for both teams via Open Network Labs

• All teams support open source development and share via their project and GENI wikis and repositories

Sponsored by the National Science Foundation 10January 7, 2013

GENI Rack Installation and Support Flow

Sponsored by the National Science Foundation 11January 7, 2013

Support: GPO Testing• Acceptance Tests for experimenter, administrator, and monitoring

functions still underway– ExoGENI experimenter functions good, shared monitoring and administration in

progress – InstaGENI network and administration tests delayed by delivery logistics,

monitoring just added• Confirmation Tests for each installation• Interoperability testing for GENI AM API and RSPECs with Omni

command-line tool releases• Latest Statushttp://groups.geni.net/geni/wiki/GENIRacksHome/ExogeniRacks/AcceptanceTestStatus http://groups.geni.net/geni/wiki/GENIRacksHome/InstageniRacks/AcceptanceTestStatushttp://groups.geni.net/geni/wiki/GENIRacksHome/ExogeniRacks/ConfirmationTestStatushttp://groups.geni.net/geni/wiki/GENIRacksHome/InstageniRacks/ConfirmationTestStatus

Sponsored by the National Science Foundation 12January 7, 2013

Support: Access and Usage Policies

• GENI Slice Authorities currently used for control plane access to GENI rack, clearinghouse in progress -- more on this in Marshall’s talk

• Campus sets policies for GENI rack connections to campus data plane before installation

• Rack teams, GPO and campus staff configure security policy control points for data plane during installation and test (e.g. in campus, GENI rack and Science DMZ switches/routers)

• Campus staff uses FOAM (with or without automated approval) for per-service operations control of GENI rack OpenFlow connections to campus data plane (no admin needed for others).

Sponsored by the National Science Foundation 13January 7, 2013

GENI Rack Campuses

• 43 racks planned this year• Track on GENI wiki

Fundsin hand

Needsfunding

Oct. 24, 2012

Sponsored by the National Science Foundation 14January 7, 2013

GENI Rack Spiral 5 Installations

• 43 GENI-sponsored racks with integrated OpenFlow, compute nodes, and some support for dynamic VLANS deploying this year

• More campuses adding racks independently (e.g. CC-NIE, commercial projects)

• Software updates expected for each rack, will retest to verify

• Schedules subject to change based on campus readiness – looking for early adopter interest from this workshop

Sponsored by the National Science Foundation 15January 7, 2013

ExoGENI Draft Deployments

DRAFT ONLYSubject to Change

Sponsored by the National Science Foundation 16January 7, 2013

InstaGENI Draft Deployments

Location City State Arrival Month Regional Net

Northwestern University Chicago IL Jan-13 MREN

Clemson University Clemson SC Feb-13 SOX

Georgia Institute of Technology Atlanta GA Feb-13 SOX

Princeton University (temporary) Princeton NJ Feb-13 MAGPI

New York University New York NY Mar-13 NYSERNET

University of Kansas Lawrence KS Mar-13 KanREN

Carnegie Mellon University Pittsburgh PA Apr-13 3ROX

Rutgers New Brunswick NJ Apr-13 MAGPI

Southern Crossroads (SOX) Atlanta GA Apr-13 SOX

Stanford University Stanford CA May-13 CENIC

University of California, Berkley Berkley CA May-13 CENIC

University of Maryland College Park College Park MD May-13 MAX

Corporation for Education Network Initiatives in California (CENIC) La Mirada CA Jun-13 CENIC

University of California, San Diego San Diego CA Jun-13 CENIC

University of Washington Seattle WA Jun-13 PNWGigaPOP

New York State Education and Research Network (NYSERNet) Syracuse NY Jul-13 NYSERNet

University of Illinois-Urbana Champaign IL Jul-13 MREN

University of Southern California Los Angeles CA Jul-13 CENIC

Cornell University Ithaca NY Aug-13 NYSERNET

University of Missouri Kansas City MO Aug-13 GPN

University of Wisconsin Madison WI Aug-13 WiscNet

Case Western Reserve University Cleveland OH Sep-13 OARnet

Indiana University Bloomington IN Sep-13 I2

University of Chicago Chicago IL Sep-13 MREN

Midwest OpenFlow Crossroads Initiative (MOXI) Bloomington IN Oct-13 MOXI

Naval Postgraduate School Monterey CA Oct-13 DREN

University of Michigan Ann Arbor MI Oct-13 MOXI

Ohio State University Columbus OH Nov-13 OARnet

University of Colorado at Boulder Boulder CO Nov-13 Front Range GigaPoP

University of Hawaii Honolulu HI Nov-13 PNWGigaPOP

University of Kentucky Lexington KY Nov-13

University of Missouri-Columbia Columbia MO Nov-13 GPN

DR

AFT O

NLY

Subject to C

hange

Sponsored by the National Science Foundation 17January 7, 2013

Current Support

• Help for campuses and experimenters– GMOC helpdesk (call, ticket, or email 24x7x365)

http://gmoc.grnoc.iu.edu/gmoc/index/support.html– help@geni.net mailing list– IRC/chat (informal)

http://groups.geni.net/geni/wiki/HowTo/ConnectToGENIChatRoom• GMOC support for racks and OpenFlow campus infrastructure

– Monitoring and status for GENI sites and rackshttp://gmoc-db.grnoc.iu.edu https://gmoc-db.grnoc.iu.edu/protected/ requires admin password– Scheduled/unscheduled outage reporting and calendars– Emergency Stop– Escalation, tracking, some troubleshooting for reported problems– Draft workflows

• Security related support (Legal, Law Enforcement and Regulatory Reps)http://groups.geni.net/geni/attachment/wiki/ComprehensiveSecurityPgm/LLR Responsibilities of GENI.pdf

Sponsored by the National Science Foundation 18January 7, 2013

Current GENI Monitoring Examples

Virtual Machines on Racks

Slivers on RacksFOAM aggregates

* Open Source monitoring client available in Python* Updated monitoring software running on all racks, backbones, and most OpenFlow aggregates* Monitoring uses URNs for resource names for better interoperabilty* Format for InstaGENI and ExoGENI reported data is similar

Sponsored by the National Science Foundation 19January 7, 2013

Current Vendor Experience Examples

• Vendors often don’t implement full OpenFlow spec

• Hybrid mode support varies significantly

• The Quilt RFP for SDN vendors

http://www.thequilt.net/index.php/quilt-news/231-quilt-announces-openflow-switch-authorized-quilt-providers