Orchestrating Trusted Cloud Serviced Using TOSCA Simon Moser Cloud Computing Architect & co-chair...
-
Upload
michael-pope -
Category
Documents
-
view
215 -
download
0
Transcript of Orchestrating Trusted Cloud Serviced Using TOSCA Simon Moser Cloud Computing Architect & co-chair...
Orchestrating Trusted Cloud Orchestrating Trusted Cloud Serviced Using TOSCA Serviced Using TOSCA
www.oasis-open.org
Simon Moser
Cloud Computing Architect & co-chair of the TOSCA Technical Committee
IBM Research & Development GmbH, Boeblingen, Germany
Agenda Introduction to TOSCA TOSCA and Security Get Involved!
Even simple cloud services sometimes have complex software and hardware infrastructures backing them. Think about today's Cloud Standards: How do we ensure portability?
© 2012 IBM Corporation
What are the Technical Problems ?
No interoperable description exists of what your application is and what it requires
Virtual images do not suffice at all They are “just” snapshots of the actual state of your
application
Another provider might not have a clue how to install, deploy, run & manage your application
Deep detailed skills about the application and its underlying stack is needed that “arbitrary” providers typically don’t have
Let alone other application aspects like security, QoS and the like ..
4
TOSCA: Topology and Orchestration Specification for Cloud ApplicationsDefine composite, high-value services – once!
© 2012 IBM Corporation
TOSCA Service Templates have expert knowledge for management and orchestration throughout the complete service life cycle built in!
© 2012 IBM Corporation
Portability between Cloud providers using the very same Service Templates
© 2012 IBM Corporation
A declarative model spanning software applications to virtual and physical infrastructure
Enables the migration between Cloud providers using Service Templates
Service specific best practices for their management and orchestration built into the model
Service Template includes:•The structure and composition of the application and its infrastructure•The relationships between the parts•The operational behavior (deploy, patch, shutdown, etc.) •The association of that behavior with cloud infrastructure management
N1
N2 N3
N4
Structural Model
Build Plan
Management Plans
Service Template
TOSCA at a Glance....
© 2012 IBM Corporation
TOSCA & Security
provide/use
Sponsored by
Parent Project
Projektträger
Service-Marketplace
Customers
Cloud-Hoster
Addon-ServiceProvider
Solution-Provider
Manufacturer of Cloud-Platforms
use
provide/use
set up provide
buy
provide/ use
• Today’s Cloud-Solutions
> provider-lock-in (TOSCA will change)
> little amount of standards
> rudimentary interfaces
> no compliance
> no certifications
> little acceptance of users
Cloud Cycle: Defining Trusted Service Templates Project funded by the German Government Work started in October 2011, based on TOSCA Goals of Cloud Cycle:
Develop Portable and interoperable definitions of security- and compliance aspects.
Work on Guidelines that define the concrete security and compliance-requirements of the cloud services
Work on ways how compliance with the guidelines will be assured through proper integration with the Cloud-Management System (e.g. TOSCA runtime).
Develop an open Plug-In-Mechanism, allowing for the extension by new aspects, especially security and compliance (also by third parties).
Sponsored by
Parent Project
Projektträger
What’s needed from a technical perspective Develop the grammar to describe …
… Security requirements for Cloud Services … Governance aspects for Cloud Services … Compliance requirements for Cloud Services
Develop extension mechanisms how to plug that grammar into TOSCA Service Definitions
Extend TOSCA runtime infrastructures by providing “plug-ins” that handle Security / Governance / Compliance during deployment & runtime of the cloud service
Interested ? We need help!
<Policies>? <Policy name="string" type="anyURI">+ policy specific content </Policy> </Policies>
Potential technical mean: TOSCA Node Types Policy
Get Involved!
0 - H
3M Health Information Systems ActiveState Software, Inc. ASG Software Solutions Axway Software Beijing Sursen Electronic Technology Co, Ltd CA Technologies Capgemini CenturyLink China Internet Network Information
Center(CNNIC) Cisco System Citrix Systems Cloudsoft Corporation Limited EMC Fujitsu Limited Gale Google Inc. Hewlett-Packard Hitachi Ltd. Huawei Technologies Co., Ltd.
I – Z
IBM Jericho Systems Mitre Corporation Morphlabs, Inc. NetApp Nokia Siemens Networks GmbH & Co. KG Oracle PricewaterhouseCoopers LLP Primeton Technologies, Inc. Progress Software Red Hat rPath Inc. SAP AG Siemens Enterprise Comm. GmbH & Co. KG Software AG, Inc. VCE VNomic WSO2 Yaana Technologies, LLC Zenoss
Members in the TOSCA TC
Medium Business and public Sector
Proposers
Associated Partners
Research and Teaching
Research and Cloud-Technology and Standardisation
Sponsors
Cloud Cycle Consortium
THANK YOU FOR YOUR ATTENTION.
© 2012 IBM Corporation