ITU Workshop on Cloud Computing Standards Today

ITU Workshop on “Cloud Computing Standards – Today and the Future” (Geneva, Switzerland 14 November 2014) Cloud computing reference architecture Olivier Le Grand, Standardization Senior Manager on Future Networks, Orange (France) olivier. legrand@orange. com Yongshun Cai Research Engineer, China Telecommunications Corporation caiysh@ctbri. com. cn Geneva, Switzerland, 14 November 2014

Y. 3502 - Introduction June 2012: Establishment of Collaborative Teams (CT) between ITU-T and ISO/IEC JTC 1 to produce common international standards: Vocabulary and Overview (ITU-T Y. 3500 | ISO/IEC 17788) Cloud Computing Reference Architecture (ITU-T Y. 3502 | ISO/IEC 17789) Leverage the work done in ITU-T SG 13 and ISO/IEC JTC 1 SC 38 6 Experts meetings: 09/2012, 10/2012, 02/2013, 04/2013, 09/2013, 05/2014 Co-conveners (CT-CCRA): J. Chawki (Orange) and A. Kingstedt (SWE) Co-editors: L. Lindsay (Microsoft) and O. Le Grand (Orange) Geneva, Switzerland, 14 November 2014 2

Y. 3502 - Architectural views Cloud computing systems described using a Viewpoint approach Top down approach User view Deployment view Geneva, Switzerland, 14 November 2014 In scope Functional view Implementation view 3

From User View to Functional View Party Aspect Cross-cutting aspects: Security, Privacy, Interoperability, Portability, Reversibility, Performance, SLA, Resiliency, Auditability, Governance, … Role Functional component Role Sub-Role Activity User view Geneva, Switzerland, 14 November 2014 Layer Functional component Multi-layer functions Layer Functional component Functional view 4

User View: Roles and Sub-roles Geneva, Switzerland, 14 November 2014 5

User View: Customer activities Cloud service customer (CSC) CSC: cloud service user Use cloud service CSC: cloud service administrator Perform service trial CSC: cloud service business manager CSC: cloud service integrator Perform business administration Connect ICT systems to cloud services Monitor service Administer service security Select and purchase service Provide billing and usage reports Handle problem reports Request audit report Administer tenancies Geneva, Switzerland, 14 November 2014 6

Functional View: Layering and functional components Multi-layer functions User layer User function Administrator function Access layer Integration Security systems Operational support systems Business support systems Development support Security integration Business function Authentication and identity management Service catalogue Product catalogue Developer environment Connection management Access control Provisioning Monitoring integration Service layer Service capabilities Business capabilities Authorization and security policy management Service integration Service orchestration Resource abstraction and control Physical resources Geneva, Switzerland, 14 November 2014 Service policy management Service automation Administration capabilities Resource layer Monitoring and reporting Encryption management Service level management Incident and problem management Peer service integration Account management Subscription management Build management Billing Accounts Test management Platform and virtualization management Peer service management 7

CSC: cloud service user User View and Functional View (1): “Use cloud service” Use cloud service User layer User function Multi-layer functions Integration Access layer Security systems Operational support systems Business support systems Development support Authentication and identity management Service access Authorization and security policy management Service layer Service capabilities Service Integration Resource layer Resource abstraction and control Physical resources Geneva, Switzerland, 14 November 2014 8

User View and Functional View (2): “Inter-cloud” relationship for “Use cloud service” User layer User function Service access Multi-layer functions User layer Integration Access layer Service access Service layer Access layer Service capabilities Resource layer Primary cloud service provider Geneva, Switzerland, 14 November 2014 Peer service integration Resource layer Secondary cloud service provider 9

Conclusions and Recommendations First ICT Cloud architecture (collaboration between ISO and ITU-T) reusing definitions provided in the Cloud vocabulary Rec. ITU-T Y. 3500 | ISO/IEC 17888 Published as a Recommendation Y. 3502 | International Standard ISO/IEC 17789 in Q 3 2014 (freely available) Viewpoint approach methodology: User view (eco-system, roles, sub-roles, activities) Functional view (layering framework and functional components) Generic architecture for the support of major cloud service categories (Iaa. S, Paa. S, Saa. S, Naa. S, …. ) in different deployment models such as private, public, hybrid cloud (intercloud) Geneva, Switzerland, 14 November 2014 A reference architecture to be used : in ITU-T SG 13 on topics such as architecture for Naa. S, Daa. S, Big Data, cloud management in ISO/IEC JTC 1: SC 27 on ISO/IEC 27017 (security controls) SC 38 on SLA framework Paving the way for possible reference and reuse together with the Cloud Vocabulary in other organizations (e. g. IETF, DTMF, ETSI NFV, …) dealing with Cloud computing and virtualization related aspects Need to communicate and publicize outside ITU-T 10

Y. 3510 (Y. CCInfra) - Introduction User layer Access layer Service layer Multi-layer functions Resource abstraction and control Physical & virtual Resources VN Storage Compute ① Physical machine ② Virtual machine ③ Software assets VS VM Computing Software & Platform Assets Intra Cloud Network Virtual Path Virtual Circuit Core Transport Network Storage ① Storage Interface ② Storage management ③ Storage availability Geneva, Switzerland, 14 November 2014 Inter Cloud Network ① Intra-datacenter network ② Inter-datacenter network ③ Access and core transport network 11

Requirements for Compute Resource—Y. 3510 Virtualization Physical machine p. Hardware assisted virtualization p. Horizontal scalability and vertical scalability p. Energy consumption optimization Virtual machine p. VM Migration and HA Software provision p. Automated provisioning p. CPU/Mem/IO virtualization and deployment p. Unified software license p. Duplication of VM p. Management automation Geneva, Switzerland, 14 November 2014 management 12

Requirements for Storage Resource—Y. 3510 ØStorage interface pblock storage protocol pfile system protocol pdatabase protocol pweb service interfaces ØStorage management p. Client authorization p. Request dispatching p. Configuration and provision p. Monitoring and alerting p. Replication and archiving ØStorage availability pdata backup and recovery p. Data verification, p. Data synchronization ØData de-duplication Geneva, Switzerland, 14 November 2014 13

Requirements for Network Resource —Y. 3510 Intra-DC network p. Elastic addressing for multi -tenant users p. Dynamic migration of VMs across DC p. Virtual network services (e. g. , DND, FW, LB, VPN) for multi-tenant users Inter-DC network p. Deal with VM network addresses overlapping p. Resilient to topology changes p. Support different logical networks Geneva, Switzerland, 14 November 2014 Access and Core transport network p. Support delivery of cloud services in terms of performances, scalability and agility p. Support multiple addressing, such as. IPv 4 and 14 IPv 6

Conclusions and Recommendations In the first batch of ITU published cloud computing recommendation with the number of Y. 3501, Y. 3510, Y. 3520 Fully covered main categories of cloud infrastructure, consisting of compute resources, storage resources and network resources Covering most types and scenarios of the resources: Compute : physical machine, virtual machine Storage : block storage, object starge, database, xml, . . Network: Intra-datacenter, Inter-datacenter, Access and core transport network From infrastructure and network level, fully support major cloud service categories (Iaa. S, Paa. S, Saa. S, Naa. S, …. ) As a base standard for reference or reuse by other organizations, such as ETSI NFV, MEF, DMTF, CCSA, etc. Geneva, Switzerland, 14 November 2014 15