SlideShare a Scribd company logo
1 of 20
Download to read offline
20150924 rda federation_v1
Tim Bell
tim.bell@cern.ch
24/09/2015 2Tim Bell - RDA
CERN Tool Chain
24/09/2015 Tim Bell - RDA 3
OpenStack Status
• 4 OpenStack clouds at CERN
• Largest is ~120,000 cores in ~4,000 servers in
two data centres
• 3 other instances with 45,000 cores total
• Currently running Juno release of
OpenStack
• Migrating to Kilo in next two months
24/09/2015 4Tim Bell - RDA
24/09/2015 5
Microsoft Active
Directory
Database
Services
CERN Network
Database
Account mgmt
system
Horizon
Keystone
Glance
Network
Compute
Scheduler
Cinder
Nova
Block Storage
Ceph & NetApp
CERN
Accounting
Ceilometer
Tim Bell - RDA
IN2P3
INFN
…
Onwards the Federated Clouds
Public Cloud such
as Rackspace
CERN Private
Cloud
120K cores
ATLAS Trigger
28K cores
CMS Trigger
12K cores
Brookhaven
National Labs
NecTAR
Australia
Many Others on
Their Way
24/09/2015 Tim Bell - RDA 6
ALICE Trigger
12K cores
Open Design Process
24/09/2015 Tim Bell - RDA 7
• Started at OpenStack Hong Kong design summit
• Iterative design using open blueprints
• Source code under Apache 2 license
• Continuous integration to ensure maintainability
• Diverse team
Implementation
24/09/2015 Tim Bell - RDA 8
Keystone authentication options
• Password
• Active Directory
• OpenID Connect
• X.509
• Kerberos
• Tivoli Federated Identity Manager
• … plug in architecture for extensions
24/09/2015 Tim Bell - RDA 9
Usage Modes
• OpenStack with Web GUI handled by
Federated Single Sign On
• OpenStack with Keystone authentication
service validating against a SAML IdP
• OpenStack with Keystone authentication
service validating against another Keystone
24/09/2015 Tim Bell - RDA 10
Policy
24/09/2015 Tim Bell - RDA 11
LOGIN: madenis
LANGUAGE: EN
DEPARTMENT: IT/OIS
FULLNAME: Marek Denis
Assertion Keystone
credentials
{
name:
madenis
groups: [
“devs”,
“openlab”
]
}
[
{ "local":
[ { "user": { "name": "{0}" } } ],
"remote":
[ { "type": "ADFS_LOGIN" } ]
},
{
"local":
[ { "group": { "id": “devs" } } ,
{“group”: {ïd”:”openlab”} } ],
"remote":
[ { "type":"DEPARTMENT",
"any_one_of": ["IT/OIS"] } ]
}
]
OpenStack Identity Federation in 2015
24/09/2015 Tim Bell - RDA 12
Examples of potential use #1
• Federation with a cloud provider such as Rackspace
• Scenario
• Project with quota on an external cloud
• Define role mapping in external cloud using attributes
• User authenticates against private cloud IdP
• Accesses public cloud project
• Demo’d at the OpenStack summit in Paris in Autumn 2014
• http://cern.ch/go/h98B
24/09/2015 Tim Bell - RDA 13
Examples of potential use #2
• Indigo dataclouds project
• H2020 funded
• Needs build and test resources
• CERN defines an OpenStack project
• Maps INFN role to project members
• Web SSO
• Federates with EduGain
• API/CLI
• Federates with INFN Keystone using Keystone-to-Keystone
24/09/2015 Tim Bell - RDA 14
Experiences
• Watch out for non-federated services
• Who owns the resources at the site ?
• How to ssh into a VM behind a firewall when no
account on the central login services ?
• Traceability for ephemeral accounts
• CADF logs need to be kept to map user UUID to
originator
24/09/2015 Tim Bell - RDA 15
Summary
• OpenStack now includes Federated Identity as standard
• Web SSO
• CLI
• Pluggable for authentication methods
• SAML and OpenID connect most popular
• Significant commercial interest and investment
• Partner networks such as Cisco and HP
• Easy to miss non-federated services when deploying production
uses
24/09/2015 16Tim Bell - RDA
Questions ?
24/09/2015 17
• OpenStack FIM
links at
http://clouddocs.web.cern.ch/c
louddocs/additional/README.
html
• CERN OpenStack
technical details at
http://openstack-in-
production.blogspot.fr
Tim Bell - RDA
24/09/2015 18Tim Bell - RDA
The Worldwide LHC Computing Grid
Tier-1:
permanent storage, re-
processing,
analysis
Tier-0 (CERN): data
recording,
reconstruction and
distribution
Tier-2:
Simulation,
end-user analysis
> 2 million jobs/day
~350’000 cores
500 PB of storage
nearly 170 sites,
40 countries
10-100 Gb links
1924/09/2015 Tim Bell - RDA
24/09/2015 20Tim Bell - RDA

More Related Content

What's hot

Cern Cloud Architecture - February, 2016
Cern Cloud Architecture - February, 2016Cern Cloud Architecture - February, 2016
Cern Cloud Architecture - February, 2016Belmiro Moreira
 
Moving from CellsV1 to CellsV2 at CERN
Moving from CellsV1 to CellsV2 at CERNMoving from CellsV1 to CellsV2 at CERN
Moving from CellsV1 to CellsV2 at CERNBelmiro Moreira
 
20190620 accelerating containers v3
20190620 accelerating containers v320190620 accelerating containers v3
20190620 accelerating containers v3Tim Bell
 
CERN OpenStack Cloud Control Plane - From VMs to K8s
CERN OpenStack Cloud Control Plane - From VMs to K8sCERN OpenStack Cloud Control Plane - From VMs to K8s
CERN OpenStack Cloud Control Plane - From VMs to K8sBelmiro Moreira
 
OpenStack at CERN : A 5 year perspective
OpenStack at CERN : A 5 year perspectiveOpenStack at CERN : A 5 year perspective
OpenStack at CERN : A 5 year perspectiveTim Bell
 
Operators experience and perspective on SDN with VLANs and L3 Networks
Operators experience and perspective on SDN with VLANs and L3 NetworksOperators experience and perspective on SDN with VLANs and L3 Networks
Operators experience and perspective on SDN with VLANs and L3 NetworksJakub Pavlik
 
20121017 OpenStack CERN Accelerating Science
20121017 OpenStack CERN Accelerating Science20121017 OpenStack CERN Accelerating Science
20121017 OpenStack CERN Accelerating ScienceTim Bell
 
OpenContrail Implementations
OpenContrail ImplementationsOpenContrail Implementations
OpenContrail ImplementationsJakub Pavlik
 
Multi-Cell OpenStack: How to Evolve Your Cloud to Scale - November, 2014
Multi-Cell OpenStack: How to Evolve Your Cloud to Scale - November, 2014Multi-Cell OpenStack: How to Evolve Your Cloud to Scale - November, 2014
Multi-Cell OpenStack: How to Evolve Your Cloud to Scale - November, 2014Belmiro Moreira
 
OpenStack Ousts vCenter for DevOps and Unites IT Silos at AVG Technologies
OpenStack Ousts vCenter for DevOps and Unites IT Silos at AVG Technologies OpenStack Ousts vCenter for DevOps and Unites IT Silos at AVG Technologies
OpenStack Ousts vCenter for DevOps and Unites IT Silos at AVG Technologies Jakub Pavlik
 
OpenContrail Experience tcp cloud OpenStack Summit Tokyo
OpenContrail Experience tcp cloud OpenStack Summit TokyoOpenContrail Experience tcp cloud OpenStack Summit Tokyo
OpenContrail Experience tcp cloud OpenStack Summit TokyoJakub Pavlik
 
The OpenStack Cloud at CERN
The OpenStack Cloud at CERNThe OpenStack Cloud at CERN
The OpenStack Cloud at CERNArne Wiebalck
 
Manila on CephFS at CERN (OpenStack Summit Boston, 11 May 2017)
Manila on CephFS at CERN (OpenStack Summit Boston, 11 May 2017)Manila on CephFS at CERN (OpenStack Summit Boston, 11 May 2017)
Manila on CephFS at CERN (OpenStack Summit Boston, 11 May 2017)Arne Wiebalck
 
Evolution of Openstack Networking at CERN
Evolution of Openstack Networking at CERNEvolution of Openstack Networking at CERN
Evolution of Openstack Networking at CERNBelmiro Moreira
 
Integrating Bare-metal Provisioning into CERN's Private Cloud
Integrating Bare-metal Provisioning into CERN's Private CloudIntegrating Bare-metal Provisioning into CERN's Private Cloud
Integrating Bare-metal Provisioning into CERN's Private CloudArne Wiebalck
 
Tips Tricks and Tactics with Cells and Scaling OpenStack - May, 2015
Tips Tricks and Tactics with Cells and Scaling OpenStack - May, 2015Tips Tricks and Tactics with Cells and Scaling OpenStack - May, 2015
Tips Tricks and Tactics with Cells and Scaling OpenStack - May, 2015Belmiro Moreira
 
Operational War Stories from 5 Years of Running OpenStack in Production
Operational War Stories from 5 Years of Running OpenStack in ProductionOperational War Stories from 5 Years of Running OpenStack in Production
Operational War Stories from 5 Years of Running OpenStack in ProductionArne Wiebalck
 
Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015Belmiro Moreira
 
OpenCloud - A Research Cloud
OpenCloud - A Research CloudOpenCloud - A Research Cloud
OpenCloud - A Research CloudON.Lab
 

What's hot (20)

Cern Cloud Architecture - February, 2016
Cern Cloud Architecture - February, 2016Cern Cloud Architecture - February, 2016
Cern Cloud Architecture - February, 2016
 
Moving from CellsV1 to CellsV2 at CERN
Moving from CellsV1 to CellsV2 at CERNMoving from CellsV1 to CellsV2 at CERN
Moving from CellsV1 to CellsV2 at CERN
 
20190620 accelerating containers v3
20190620 accelerating containers v320190620 accelerating containers v3
20190620 accelerating containers v3
 
CERN OpenStack Cloud Control Plane - From VMs to K8s
CERN OpenStack Cloud Control Plane - From VMs to K8sCERN OpenStack Cloud Control Plane - From VMs to K8s
CERN OpenStack Cloud Control Plane - From VMs to K8s
 
OpenStack at CERN : A 5 year perspective
OpenStack at CERN : A 5 year perspectiveOpenStack at CERN : A 5 year perspective
OpenStack at CERN : A 5 year perspective
 
Operators experience and perspective on SDN with VLANs and L3 Networks
Operators experience and perspective on SDN with VLANs and L3 NetworksOperators experience and perspective on SDN with VLANs and L3 Networks
Operators experience and perspective on SDN with VLANs and L3 Networks
 
20121017 OpenStack CERN Accelerating Science
20121017 OpenStack CERN Accelerating Science20121017 OpenStack CERN Accelerating Science
20121017 OpenStack CERN Accelerating Science
 
OpenContrail Implementations
OpenContrail ImplementationsOpenContrail Implementations
OpenContrail Implementations
 
Multi-Cell OpenStack: How to Evolve Your Cloud to Scale - November, 2014
Multi-Cell OpenStack: How to Evolve Your Cloud to Scale - November, 2014Multi-Cell OpenStack: How to Evolve Your Cloud to Scale - November, 2014
Multi-Cell OpenStack: How to Evolve Your Cloud to Scale - November, 2014
 
OpenStack Ousts vCenter for DevOps and Unites IT Silos at AVG Technologies
OpenStack Ousts vCenter for DevOps and Unites IT Silos at AVG Technologies OpenStack Ousts vCenter for DevOps and Unites IT Silos at AVG Technologies
OpenStack Ousts vCenter for DevOps and Unites IT Silos at AVG Technologies
 
OpenContrail Experience tcp cloud OpenStack Summit Tokyo
OpenContrail Experience tcp cloud OpenStack Summit TokyoOpenContrail Experience tcp cloud OpenStack Summit Tokyo
OpenContrail Experience tcp cloud OpenStack Summit Tokyo
 
The OpenStack Cloud at CERN
The OpenStack Cloud at CERNThe OpenStack Cloud at CERN
The OpenStack Cloud at CERN
 
Manila on CephFS at CERN (OpenStack Summit Boston, 11 May 2017)
Manila on CephFS at CERN (OpenStack Summit Boston, 11 May 2017)Manila on CephFS at CERN (OpenStack Summit Boston, 11 May 2017)
Manila on CephFS at CERN (OpenStack Summit Boston, 11 May 2017)
 
Evolution of Openstack Networking at CERN
Evolution of Openstack Networking at CERNEvolution of Openstack Networking at CERN
Evolution of Openstack Networking at CERN
 
Integrating Bare-metal Provisioning into CERN's Private Cloud
Integrating Bare-metal Provisioning into CERN's Private CloudIntegrating Bare-metal Provisioning into CERN's Private Cloud
Integrating Bare-metal Provisioning into CERN's Private Cloud
 
Tips Tricks and Tactics with Cells and Scaling OpenStack - May, 2015
Tips Tricks and Tactics with Cells and Scaling OpenStack - May, 2015Tips Tricks and Tactics with Cells and Scaling OpenStack - May, 2015
Tips Tricks and Tactics with Cells and Scaling OpenStack - May, 2015
 
Operational War Stories from 5 Years of Running OpenStack in Production
Operational War Stories from 5 Years of Running OpenStack in ProductionOperational War Stories from 5 Years of Running OpenStack in Production
Operational War Stories from 5 Years of Running OpenStack in Production
 
Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015Unveiling CERN Cloud Architecture - October, 2015
Unveiling CERN Cloud Architecture - October, 2015
 
Openstack SAGE-AU
Openstack SAGE-AUOpenstack SAGE-AU
Openstack SAGE-AU
 
OpenCloud - A Research Cloud
OpenCloud - A Research CloudOpenCloud - A Research Cloud
OpenCloud - A Research Cloud
 

Viewers also liked

Webinaire REACH-valeurs par défaut de Science & Environnement
Webinaire REACH-valeurs par défaut de Science & EnvironnementWebinaire REACH-valeurs par défaut de Science & Environnement
Webinaire REACH-valeurs par défaut de Science & EnvironnementScience & Environnement
 
Dr. Einstein onderzoekt de dieren
Dr. Einstein onderzoekt de dierenDr. Einstein onderzoekt de dieren
Dr. Einstein onderzoekt de dierenVoorwegschool
 
I've learned in life...
I've learned in life...I've learned in life...
I've learned in life...slides2407
 
Presentatie ouderavond
Presentatie ouderavondPresentatie ouderavond
Presentatie ouderavondVoorwegschool
 
Informatie Leiden in de Zorg 24 mei - (Ont)Regel de Zorg!
Informatie Leiden in de Zorg 24 mei - (Ont)Regel de Zorg! Informatie Leiden in de Zorg 24 mei - (Ont)Regel de Zorg!
Informatie Leiden in de Zorg 24 mei - (Ont)Regel de Zorg! MariekeBos
 
Phillips Academy Leading While Asian
Phillips Academy Leading While AsianPhillips Academy Leading While Asian
Phillips Academy Leading While AsianRosetta Eun Ryong Lee
 
Who Is SignUp4?
Who Is SignUp4?Who Is SignUp4?
Who Is SignUp4?SignUp4
 
Phillips Academy Identity and Inclusion
Phillips Academy Identity and InclusionPhillips Academy Identity and Inclusion
Phillips Academy Identity and InclusionRosetta Eun Ryong Lee
 
Phillips Academy Cultural Competency
Phillips Academy Cultural CompetencyPhillips Academy Cultural Competency
Phillips Academy Cultural CompetencyRosetta Eun Ryong Lee
 
Virtually Staging your house for sale
Virtually Staging your house for saleVirtually Staging your house for sale
Virtually Staging your house for saleKJAY
 
Data, Big Data and Communication - Ki-byoung Kim
Data, Big Data and Communication - Ki-byoung KimData, Big Data and Communication - Ki-byoung Kim
Data, Big Data and Communication - Ki-byoung KimCreative Commons Korea
 
Piping Farsi Manual
Piping Farsi ManualPiping Farsi Manual
Piping Farsi ManualHadi Karimi
 
Institutional CC adoption in GLAM
Institutional CC adoption in GLAMInstitutional CC adoption in GLAM
Institutional CC adoption in GLAMAndres Guadamuz
 
Présentation sur le traitement des déchets
Présentation sur  le traitement des déchetsPrésentation sur  le traitement des déchets
Présentation sur le traitement des déchetsprojetadan
 
Exploring Magnum and Senlin integration for autoscaling containers
Exploring Magnum and Senlin integration for autoscaling containersExploring Magnum and Senlin integration for autoscaling containers
Exploring Magnum and Senlin integration for autoscaling containersTon Ngo
 
Unconscious Bias: A Brief Introduction
Unconscious Bias: A Brief IntroductionUnconscious Bias: A Brief Introduction
Unconscious Bias: A Brief IntroductionSeán Stickle
 

Viewers also liked (20)

Webinaire REACH-valeurs par défaut de Science & Environnement
Webinaire REACH-valeurs par défaut de Science & EnvironnementWebinaire REACH-valeurs par défaut de Science & Environnement
Webinaire REACH-valeurs par défaut de Science & Environnement
 
Dr. Einstein onderzoekt de dieren
Dr. Einstein onderzoekt de dierenDr. Einstein onderzoekt de dieren
Dr. Einstein onderzoekt de dieren
 
I've learned in life...
I've learned in life...I've learned in life...
I've learned in life...
 
Presentatie ouderavond
Presentatie ouderavondPresentatie ouderavond
Presentatie ouderavond
 
M@tematicasDiscrtau2repaso
M@tematicasDiscrtau2repasoM@tematicasDiscrtau2repaso
M@tematicasDiscrtau2repaso
 
Informatie Leiden in de Zorg 24 mei - (Ont)Regel de Zorg!
Informatie Leiden in de Zorg 24 mei - (Ont)Regel de Zorg! Informatie Leiden in de Zorg 24 mei - (Ont)Regel de Zorg!
Informatie Leiden in de Zorg 24 mei - (Ont)Regel de Zorg!
 
Phillips Academy Leading While Asian
Phillips Academy Leading While AsianPhillips Academy Leading While Asian
Phillips Academy Leading While Asian
 
Who Is SignUp4?
Who Is SignUp4?Who Is SignUp4?
Who Is SignUp4?
 
Phillips Academy Identity and Inclusion
Phillips Academy Identity and InclusionPhillips Academy Identity and Inclusion
Phillips Academy Identity and Inclusion
 
Phillips Academy Cultural Competency
Phillips Academy Cultural CompetencyPhillips Academy Cultural Competency
Phillips Academy Cultural Competency
 
Virtually Staging your house for sale
Virtually Staging your house for saleVirtually Staging your house for sale
Virtually Staging your house for sale
 
Data, Big Data and Communication - Ki-byoung Kim
Data, Big Data and Communication - Ki-byoung KimData, Big Data and Communication - Ki-byoung Kim
Data, Big Data and Communication - Ki-byoung Kim
 
Ancien ACV
Ancien ACVAncien ACV
Ancien ACV
 
Piping Farsi Manual
Piping Farsi ManualPiping Farsi Manual
Piping Farsi Manual
 
De kunst van het verleiden
De kunst van het verleidenDe kunst van het verleiden
De kunst van het verleiden
 
Institutional CC adoption in GLAM
Institutional CC adoption in GLAMInstitutional CC adoption in GLAM
Institutional CC adoption in GLAM
 
Franglais
FranglaisFranglais
Franglais
 
Présentation sur le traitement des déchets
Présentation sur  le traitement des déchetsPrésentation sur  le traitement des déchets
Présentation sur le traitement des déchets
 
Exploring Magnum and Senlin integration for autoscaling containers
Exploring Magnum and Senlin integration for autoscaling containersExploring Magnum and Senlin integration for autoscaling containers
Exploring Magnum and Senlin integration for autoscaling containers
 
Unconscious Bias: A Brief Introduction
Unconscious Bias: A Brief IntroductionUnconscious Bias: A Brief Introduction
Unconscious Bias: A Brief Introduction
 

Similar to 20150924 rda federation_v1

Pairs OpenStack Summit Summary
Pairs OpenStack Summit SummaryPairs OpenStack Summit Summary
Pairs OpenStack Summit SummaryGuangya Liu
 
Améliorer OpenStack avec les technologies Intel
Améliorer OpenStack avec les technologies IntelAméliorer OpenStack avec les technologies Intel
Améliorer OpenStack avec les technologies IntelOdinot Stanislas
 
Using Clocker with Project Calico - Running Production Workloads in the Cloud
Using Clocker with Project Calico - Running Production Workloads in the CloudUsing Clocker with Project Calico - Running Production Workloads in the Cloud
Using Clocker with Project Calico - Running Production Workloads in the CloudAndrew Kennedy
 
Dockerizing OpenStack for High Availability
Dockerizing OpenStack for High AvailabilityDockerizing OpenStack for High Availability
Dockerizing OpenStack for High AvailabilityDaniel Krook
 
Getting started with OpenStack
Getting started with OpenStackGetting started with OpenStack
Getting started with OpenStackKnoldus Inc.
 
EGI TF 2013 / Cloud Interoperability Week – Hands-On Tutorial
EGI TF 2013 / Cloud Interoperability Week – Hands-On TutorialEGI TF 2013 / Cloud Interoperability Week – Hands-On Tutorial
EGI TF 2013 / Cloud Interoperability Week – Hands-On TutorialOpenNebula Project
 
OpenStack London Meetup, 18 Nov 2015
OpenStack London Meetup, 18 Nov 2015OpenStack London Meetup, 18 Nov 2015
OpenStack London Meetup, 18 Nov 2015Jesse Pretorius
 
How to Train Your Docker Cloud
How to Train Your Docker CloudHow to Train Your Docker Cloud
How to Train Your Docker CloudC4Media
 
Deploying your apps in the cloud - the options: an overview
Deploying your apps in the cloud - the options: an overviewDeploying your apps in the cloud - the options: an overview
Deploying your apps in the cloud - the options: an overviewCisco DevNet
 
Simulating Production with Clocker
Simulating Production with ClockerSimulating Production with Clocker
Simulating Production with ClockerAndrew Kennedy
 
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...Secure Your Containers: What Network Admins Should Know When Moving Into Prod...
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...Cynthia Thomas
 
Containers, OCI, CNCF, Magnum, Kuryr, and You!
Containers, OCI, CNCF, Magnum, Kuryr, and You!Containers, OCI, CNCF, Magnum, Kuryr, and You!
Containers, OCI, CNCF, Magnum, Kuryr, and You!Daniel Krook
 
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...Daniel Krook
 
State of Containers in OpenStack
State of Containers in OpenStackState of Containers in OpenStack
State of Containers in OpenStackopenstackindia
 
State of Containers in Openstack
State of Containers in OpenstackState of Containers in Openstack
State of Containers in OpenstackMadhuri Kumari
 
On CloudStack, Docker, Kubernetes, and Big Data…Oh my ! By Sebastien Goasguen...
On CloudStack, Docker, Kubernetes, and Big Data…Oh my ! By Sebastien Goasguen...On CloudStack, Docker, Kubernetes, and Big Data…Oh my ! By Sebastien Goasguen...
On CloudStack, Docker, Kubernetes, and Big Data…Oh my ! By Sebastien Goasguen...Radhika Puthiyetath
 
Centralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsCentralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsKublr
 

Similar to 20150924 rda federation_v1 (20)

Pairs OpenStack Summit Summary
Pairs OpenStack Summit SummaryPairs OpenStack Summit Summary
Pairs OpenStack Summit Summary
 
Améliorer OpenStack avec les technologies Intel
Améliorer OpenStack avec les technologies IntelAméliorer OpenStack avec les technologies Intel
Améliorer OpenStack avec les technologies Intel
 
OpenStack Marketing Meeting Oct 2
OpenStack Marketing Meeting Oct 2OpenStack Marketing Meeting Oct 2
OpenStack Marketing Meeting Oct 2
 
Using Clocker with Project Calico - Running Production Workloads in the Cloud
Using Clocker with Project Calico - Running Production Workloads in the CloudUsing Clocker with Project Calico - Running Production Workloads in the Cloud
Using Clocker with Project Calico - Running Production Workloads in the Cloud
 
Dockerizing OpenStack for High Availability
Dockerizing OpenStack for High AvailabilityDockerizing OpenStack for High Availability
Dockerizing OpenStack for High Availability
 
Getting started with OpenStack
Getting started with OpenStackGetting started with OpenStack
Getting started with OpenStack
 
EGI TF 2013 / Cloud Interoperability Week – Hands-On Tutorial
EGI TF 2013 / Cloud Interoperability Week – Hands-On TutorialEGI TF 2013 / Cloud Interoperability Week – Hands-On Tutorial
EGI TF 2013 / Cloud Interoperability Week – Hands-On Tutorial
 
OpenStack London Meetup, 18 Nov 2015
OpenStack London Meetup, 18 Nov 2015OpenStack London Meetup, 18 Nov 2015
OpenStack London Meetup, 18 Nov 2015
 
How to Train Your Docker Cloud
How to Train Your Docker CloudHow to Train Your Docker Cloud
How to Train Your Docker Cloud
 
Deploying your apps in the cloud - the options: an overview
Deploying your apps in the cloud - the options: an overviewDeploying your apps in the cloud - the options: an overview
Deploying your apps in the cloud - the options: an overview
 
Simulating Production with Clocker
Simulating Production with ClockerSimulating Production with Clocker
Simulating Production with Clocker
 
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...Secure Your Containers: What Network Admins Should Know When Moving Into Prod...
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...
 
Containers, OCI, CNCF, Magnum, Kuryr, and You!
Containers, OCI, CNCF, Magnum, Kuryr, and You!Containers, OCI, CNCF, Magnum, Kuryr, and You!
Containers, OCI, CNCF, Magnum, Kuryr, and You!
 
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
The Containers Ecosystem, the OpenStack Magnum Project, the Open Container In...
 
spring-cloud.pptx
spring-cloud.pptxspring-cloud.pptx
spring-cloud.pptx
 
State of Containers in OpenStack
State of Containers in OpenStackState of Containers in OpenStack
State of Containers in OpenStack
 
State of Containers in Openstack
State of Containers in OpenstackState of Containers in Openstack
State of Containers in Openstack
 
On CloudStack, Docker, Kubernetes, and Big Data…Oh my ! By Sebastien Goasguen...
On CloudStack, Docker, Kubernetes, and Big Data…Oh my ! By Sebastien Goasguen...On CloudStack, Docker, Kubernetes, and Big Data…Oh my ! By Sebastien Goasguen...
On CloudStack, Docker, Kubernetes, and Big Data…Oh my ! By Sebastien Goasguen...
 
Centralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsCentralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container Operations
 
Self-Service Supercomputing
Self-Service SupercomputingSelf-Service Supercomputing
Self-Service Supercomputing
 

More from Tim Bell

CERN IT Monitoring
CERN IT Monitoring CERN IT Monitoring
CERN IT Monitoring Tim Bell
 
CERN Status at OpenStack Shanghai Summit November 2019
CERN Status at OpenStack Shanghai Summit November 2019CERN Status at OpenStack Shanghai Summit November 2019
CERN Status at OpenStack Shanghai Summit November 2019Tim Bell
 
20190314 cern register v3
20190314 cern register v320190314 cern register v3
20190314 cern register v3Tim Bell
 
20181219 ucc open stack 5 years v3
20181219 ucc open stack 5 years v320181219 ucc open stack 5 years v3
20181219 ucc open stack 5 years v3Tim Bell
 
20181219 ucc open stack 5 years v3
20181219 ucc open stack 5 years v320181219 ucc open stack 5 years v3
20181219 ucc open stack 5 years v3Tim Bell
 
OpenStack Paris 2014 - Federation, are we there yet ?
OpenStack Paris 2014 - Federation, are we there yet ?OpenStack Paris 2014 - Federation, are we there yet ?
OpenStack Paris 2014 - Federation, are we there yet ?Tim Bell
 
20141103 cern open_stack_paris_v3
20141103 cern open_stack_paris_v320141103 cern open_stack_paris_v3
20141103 cern open_stack_paris_v3Tim Bell
 
CERN Mass and Agility talk at OSCON 2014
CERN Mass and Agility talk at OSCON 2014CERN Mass and Agility talk at OSCON 2014
CERN Mass and Agility talk at OSCON 2014Tim Bell
 
20140509 cern open_stack_linuxtag_v3
20140509 cern open_stack_linuxtag_v320140509 cern open_stack_linuxtag_v3
20140509 cern open_stack_linuxtag_v3Tim Bell
 
Open stack operations feedback loop v1.4
Open stack operations feedback loop v1.4Open stack operations feedback loop v1.4
Open stack operations feedback loop v1.4Tim Bell
 
CERN clouds and culture at GigaOm London 2013
CERN clouds and culture at GigaOm London 2013CERN clouds and culture at GigaOm London 2013
CERN clouds and culture at GigaOm London 2013Tim Bell
 
20130529 openstack cee_day_v6
20130529 openstack cee_day_v620130529 openstack cee_day_v6
20130529 openstack cee_day_v6Tim Bell
 
Academic cloud experiences cern v4
Academic cloud experiences cern v4Academic cloud experiences cern v4
Academic cloud experiences cern v4Tim Bell
 
Ceilometer lsf-intergration-openstack-summit
Ceilometer lsf-intergration-openstack-summitCeilometer lsf-intergration-openstack-summit
Ceilometer lsf-intergration-openstack-summitTim Bell
 
Havana survey results-final-v2
Havana survey results-final-v2Havana survey results-final-v2
Havana survey results-final-v2Tim Bell
 
Havana survey results-final
Havana survey results-finalHavana survey results-final
Havana survey results-finalTim Bell
 
20121205 open stack_accelerating_science_v3
20121205 open stack_accelerating_science_v320121205 open stack_accelerating_science_v3
20121205 open stack_accelerating_science_v3Tim Bell
 
20121115 open stack_ch_user_group_v1.2
20121115 open stack_ch_user_group_v1.220121115 open stack_ch_user_group_v1.2
20121115 open stack_ch_user_group_v1.2Tim Bell
 
20121017 OpenStack Accelerating Science
20121017 OpenStack Accelerating Science20121017 OpenStack Accelerating Science
20121017 OpenStack Accelerating ScienceTim Bell
 
Accelerating science with Puppet
Accelerating science with PuppetAccelerating science with Puppet
Accelerating science with PuppetTim Bell
 

More from Tim Bell (20)

CERN IT Monitoring
CERN IT Monitoring CERN IT Monitoring
CERN IT Monitoring
 
CERN Status at OpenStack Shanghai Summit November 2019
CERN Status at OpenStack Shanghai Summit November 2019CERN Status at OpenStack Shanghai Summit November 2019
CERN Status at OpenStack Shanghai Summit November 2019
 
20190314 cern register v3
20190314 cern register v320190314 cern register v3
20190314 cern register v3
 
20181219 ucc open stack 5 years v3
20181219 ucc open stack 5 years v320181219 ucc open stack 5 years v3
20181219 ucc open stack 5 years v3
 
20181219 ucc open stack 5 years v3
20181219 ucc open stack 5 years v320181219 ucc open stack 5 years v3
20181219 ucc open stack 5 years v3
 
OpenStack Paris 2014 - Federation, are we there yet ?
OpenStack Paris 2014 - Federation, are we there yet ?OpenStack Paris 2014 - Federation, are we there yet ?
OpenStack Paris 2014 - Federation, are we there yet ?
 
20141103 cern open_stack_paris_v3
20141103 cern open_stack_paris_v320141103 cern open_stack_paris_v3
20141103 cern open_stack_paris_v3
 
CERN Mass and Agility talk at OSCON 2014
CERN Mass and Agility talk at OSCON 2014CERN Mass and Agility talk at OSCON 2014
CERN Mass and Agility talk at OSCON 2014
 
20140509 cern open_stack_linuxtag_v3
20140509 cern open_stack_linuxtag_v320140509 cern open_stack_linuxtag_v3
20140509 cern open_stack_linuxtag_v3
 
Open stack operations feedback loop v1.4
Open stack operations feedback loop v1.4Open stack operations feedback loop v1.4
Open stack operations feedback loop v1.4
 
CERN clouds and culture at GigaOm London 2013
CERN clouds and culture at GigaOm London 2013CERN clouds and culture at GigaOm London 2013
CERN clouds and culture at GigaOm London 2013
 
20130529 openstack cee_day_v6
20130529 openstack cee_day_v620130529 openstack cee_day_v6
20130529 openstack cee_day_v6
 
Academic cloud experiences cern v4
Academic cloud experiences cern v4Academic cloud experiences cern v4
Academic cloud experiences cern v4
 
Ceilometer lsf-intergration-openstack-summit
Ceilometer lsf-intergration-openstack-summitCeilometer lsf-intergration-openstack-summit
Ceilometer lsf-intergration-openstack-summit
 
Havana survey results-final-v2
Havana survey results-final-v2Havana survey results-final-v2
Havana survey results-final-v2
 
Havana survey results-final
Havana survey results-finalHavana survey results-final
Havana survey results-final
 
20121205 open stack_accelerating_science_v3
20121205 open stack_accelerating_science_v320121205 open stack_accelerating_science_v3
20121205 open stack_accelerating_science_v3
 
20121115 open stack_ch_user_group_v1.2
20121115 open stack_ch_user_group_v1.220121115 open stack_ch_user_group_v1.2
20121115 open stack_ch_user_group_v1.2
 
20121017 OpenStack Accelerating Science
20121017 OpenStack Accelerating Science20121017 OpenStack Accelerating Science
20121017 OpenStack Accelerating Science
 
Accelerating science with Puppet
Accelerating science with PuppetAccelerating science with Puppet
Accelerating science with Puppet
 

Recently uploaded

UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 

Recently uploaded (20)

UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 

20150924 rda federation_v1

  • 3. CERN Tool Chain 24/09/2015 Tim Bell - RDA 3
  • 4. OpenStack Status • 4 OpenStack clouds at CERN • Largest is ~120,000 cores in ~4,000 servers in two data centres • 3 other instances with 45,000 cores total • Currently running Juno release of OpenStack • Migrating to Kilo in next two months 24/09/2015 4Tim Bell - RDA
  • 5. 24/09/2015 5 Microsoft Active Directory Database Services CERN Network Database Account mgmt system Horizon Keystone Glance Network Compute Scheduler Cinder Nova Block Storage Ceph & NetApp CERN Accounting Ceilometer Tim Bell - RDA
  • 6. IN2P3 INFN … Onwards the Federated Clouds Public Cloud such as Rackspace CERN Private Cloud 120K cores ATLAS Trigger 28K cores CMS Trigger 12K cores Brookhaven National Labs NecTAR Australia Many Others on Their Way 24/09/2015 Tim Bell - RDA 6 ALICE Trigger 12K cores
  • 7. Open Design Process 24/09/2015 Tim Bell - RDA 7 • Started at OpenStack Hong Kong design summit • Iterative design using open blueprints • Source code under Apache 2 license • Continuous integration to ensure maintainability • Diverse team
  • 9. Keystone authentication options • Password • Active Directory • OpenID Connect • X.509 • Kerberos • Tivoli Federated Identity Manager • … plug in architecture for extensions 24/09/2015 Tim Bell - RDA 9
  • 10. Usage Modes • OpenStack with Web GUI handled by Federated Single Sign On • OpenStack with Keystone authentication service validating against a SAML IdP • OpenStack with Keystone authentication service validating against another Keystone 24/09/2015 Tim Bell - RDA 10
  • 11. Policy 24/09/2015 Tim Bell - RDA 11 LOGIN: madenis LANGUAGE: EN DEPARTMENT: IT/OIS FULLNAME: Marek Denis Assertion Keystone credentials { name: madenis groups: [ “devs”, “openlab” ] } [ { "local": [ { "user": { "name": "{0}" } } ], "remote": [ { "type": "ADFS_LOGIN" } ] }, { "local": [ { "group": { "id": “devs" } } , {“group”: {ïd”:”openlab”} } ], "remote": [ { "type":"DEPARTMENT", "any_one_of": ["IT/OIS"] } ] } ]
  • 12. OpenStack Identity Federation in 2015 24/09/2015 Tim Bell - RDA 12
  • 13. Examples of potential use #1 • Federation with a cloud provider such as Rackspace • Scenario • Project with quota on an external cloud • Define role mapping in external cloud using attributes • User authenticates against private cloud IdP • Accesses public cloud project • Demo’d at the OpenStack summit in Paris in Autumn 2014 • http://cern.ch/go/h98B 24/09/2015 Tim Bell - RDA 13
  • 14. Examples of potential use #2 • Indigo dataclouds project • H2020 funded • Needs build and test resources • CERN defines an OpenStack project • Maps INFN role to project members • Web SSO • Federates with EduGain • API/CLI • Federates with INFN Keystone using Keystone-to-Keystone 24/09/2015 Tim Bell - RDA 14
  • 15. Experiences • Watch out for non-federated services • Who owns the resources at the site ? • How to ssh into a VM behind a firewall when no account on the central login services ? • Traceability for ephemeral accounts • CADF logs need to be kept to map user UUID to originator 24/09/2015 Tim Bell - RDA 15
  • 16. Summary • OpenStack now includes Federated Identity as standard • Web SSO • CLI • Pluggable for authentication methods • SAML and OpenID connect most popular • Significant commercial interest and investment • Partner networks such as Cisco and HP • Easy to miss non-federated services when deploying production uses 24/09/2015 16Tim Bell - RDA
  • 17. Questions ? 24/09/2015 17 • OpenStack FIM links at http://clouddocs.web.cern.ch/c louddocs/additional/README. html • CERN OpenStack technical details at http://openstack-in- production.blogspot.fr Tim Bell - RDA
  • 19. The Worldwide LHC Computing Grid Tier-1: permanent storage, re- processing, analysis Tier-0 (CERN): data recording, reconstruction and distribution Tier-2: Simulation, end-user analysis > 2 million jobs/day ~350’000 cores 500 PB of storage nearly 170 sites, 40 countries 10-100 Gb links 1924/09/2015 Tim Bell - RDA

Editor's Notes

  1. Already 4 independent clouds – federation is now being studied Rackspace inside CERN openlab Cells is a key technology to scale
  2. Account Management Automation CERN legacy network database No Neutron yet
  3. The trigger farms are those servers nearest the accelerator which are not needed while the accelerator is shut down till 2015 Public clouds are interesting for burst load (such as coming up to a conference) or when price drops such as spot market Private clouds allow universities and other research labs to collaborate in processing the LHC data