Cloud Orchestrators

The CHAIN-REDS vision for a worldwide e-Infrastructure based on several computing paradigms (Grid, Cloud, local HPC clisters, etc.) is made of the two following topics:

1.   A scientist can simultaneously and seamlessly run applications on and access/move data across all the elements of the infrastructure;

2.   The cloud-tenant of a real or virtual organisation can seamlessly and easily manage cloud resources pledged by providers owning/operating infrastructures based on different middleware stacks.

The first topic has been tackled promoting the Science Gatewat model and has been demonstrated by means of the CHAIN-REDS Science Gateway. For a detailed report, have a look at the deliverable "D3.2 - Interoperability guidelines and design".

The second topic has been conceived to show how the cloud-tenant of a real or virtual organisation can sign in on the CHAIN-REDS Science Gateway using his/her federated credentials, select VMs from a geographically shared repository and deploy/move/copy it/them across the “personal virtual-cloud” he/she is entitled to use. The VMs should belong to the same domain name (chain-project.eu in the particular case) independently of the site where it/they are instantiated and of the underlying cloud middleware stack.

While the first topic, described in the deliverable D3.2, is more related to the SaaS functionality of a cloud infrastructure, the one shown here is more related to the IaaS and PaaS functionalities.

The driving idea is a natural extension to clouds of the “Grid-born” concept of Virtual Organisations (VOs) being authorised on Grid resources and VO managers managing users belonging to the VO through the VOMS service. Managers of cloud sites pledge part of their resources to a project/initiative/organisation and the ensemble of these resources are organised in a “personal virtual-cloud” the cloud tenant of the project/initiative/organisation can manage.

A CHAIN-REDS Cloud Testbed has been created in the framework of the project and it has been organised as a “personal virtual-cloud” made so far of resources belonging to 10 sites, from 6 countries, of which one owned by an SME located in Egypt. Four (4) of the 8 sites are also belonging to the EGI Federated Cloud and 3 different and well known cloud stacks have been used, namely Okeanos, OpenNebula and OpenStack.

The CHAIN-REDS Cloud Testbed is managed by a specific service integrated in the CHAIN-REDS Science Gateway that is called MyCloud and uses the CLoud-Enabled Virtual EnviRonment (CLEVER) to orchestrate the cloud services through their OCCI-compliant and rOCCI-enabled interfaces.

A view of the MyCloud service in action is shown in the figure below. The graphic user interface is very intuitive and includes point & click and drag & drop functionalities. The current implementation allows:

  • Federated authentication (inherited from the Catania Science Gateway Framework, CSGF);
  • Fine-grained authorisation (inherited from the CSGF);
  • Single/multi-deployment of VMs on a cloud and across clouds;
  • Single/multi-move of VMs across clouds;
  • Single/multi-deletion of VMs on a cloud and across clouds;
  • SSH connection to VMs;
  • Direct web access to VMs hosting web services.

The VMs are made belonging to the same domain name thanks to a function that allows MyCloud to update the dynamic DNS of the chain-project.eu domain when a VM is instantiated or killed.

If you are interested in either testing MyCloud or deploying it for your organisation/project/initiative, please send an email to proj-office@chain-project.eu.