perfsonar wg meeting (06fmm)
DESCRIPTION
perfSONAR WG Meeting (06FMM). Jeff W. Boote Martin Swany Internet2 6 Dec 2006. Overview. motivations/overview NMWG Schema Overview (Martin Swany) Discovery (Martin Swany) AuthN/Z Current Status Open Discussion. Vision: Performance Information is …. Available - PowerPoint PPT PresentationTRANSCRIPT
perfSONAR WG Meeting(06FMM)
Jeff W. BooteMartin Swany
Internet26 Dec 2006
Jeff W. Boote: 4 Dec 06
Overview
• motivations/overview
• NMWG Schema Overview (Martin Swany)
• Discovery (Martin Swany)
• AuthN/Z
• Current Status
• Open Discussion
Jeff W. Boote: 4 Dec 06
Vision: Performance Information is …
• Available• People can find it (Discovery)• “Community of trust” allows access across administrative
domain boundaries (AA)
• Ubiquitous• Widely deployed (Paths of interest covered)• Reliable (Consistently configured correctly)
• Valuable• Actionable (Analysis suggests course of action)• Automatable (Applications act on data)
Jeff W. Boote: 4 Dec 06
Getting There: Build & Empower the Community
Decouple the Problem Space:•Analysis and Visualization•Performance Data Sharing•Performance Data GenerationGrow the Footprint:•Clean APIs and protocols between each layer•Widespread deployment of measurement infrastructure•Widespread deployment of common performance measurement tools
Analysis & Visualization
Measurement Infrastructure
Performance Tools Performance
Tools
Analysis & Visualization
Measurement Infrastructure
API
API
Jeff W. Boote: 4 Dec 06
Result: No more mystery …
• Increase network awareness• Set user expectations accurately
• Reduce diagnostic costs• Performance problems noticed early • Performance problems addressed efficiently• Network engineers can see & act outside their turf
• Transform application design• Incorporate network intuition into application behavior
Jeff W. Boote: 4 Dec 06
perfSONAR Overview
• What: Measurement infrastructure for exchanging data under development
• How: Webservices network performance framework• Network measurement tools• Network measurement archives• Distributed scheduling/authorization• Multi-domain policy• Common language (GGF NMWG Schema)
• Where: Deployed / to be deployed across:• Network Backbones (Abilene, ESNet, GÉANT)• Regional Networks (NRENs, RONs, Gigapops)• Universities
• When: First product release happened summer ‘06
Jeff W. Boote: 4 Dec 06
perfSONAR: What is it?
• Service Oriented Architecture (discovery, AuthN/Z, federation…)• Base schema (NMWG) to allow any performance data type with a
defined extensibility
Jeff W. Boote: 4 Dec 06
perfSONAR: Services (1)• Lookup Service
• Allows the client to discover the existing services and other LS services.
• Dynamic: services registration themselves to the LS and mention their capabilities, they can also leave or be removed if a service gets down.
• AuthN/Z Service• Internet2 MAT, GN2-JRA5 (eduGAIN)• Authorization functionality for the framework• Users can have several roles, the authorisation is done based
on the user role.• Trust relationships defined between users affiliated with
different administrative domains.
Jeff W. Boote: 4 Dec 06
perfSONAR Services (2)
• Transformation Service• Transform the data (aggregation, concatenation, correlation,
translation, etc).
• Topology Service• Make the network topology information available to the framework.• Find the closest MP, provide topology information for visualisation
tools
• Resource protector• Arbitrate the consumption of limited resources between multiple
services.
Jeff W. Boote: 4 Dec 06
Here is who I am, I’d like to access MA B
Where Link utilisation along - Path a,b,c,d,e,f?a,b,c: Network A – LS A, c,d,e,f : Network B, MA B, AA B
Inter-domain perfSonar example interaction
Client
Network A Network B
LS A LS BMA A MA B
AA A AA B
a b
c de f
Where Link utilisation along - Path a,b,c?a,b,c : Network A, MA A, AA A Token MBHere is who I am, I’d like to access MA A
Get link utilisation c,d,e,fHere you go
Token MA
Get Link utilisation a,b,cHere you go
Useful graph
Jeff W. Boote: 4 Dec 06
Overview
• motivations/overview
• NMWG Schema Overview (Martin Swany)
• Discovery (Martin Swany)
• AuthN/Z
• Current Status
• Open Discussion
Jeff W. Boote: 4 Dec 06
perfSONAR: Core Team Status Update
• First production release of Java Sample Implementation (July 06)
• Includes:• Single domain LS solution• RRD MA
• Other closely integrated implementations/applications:• BWCTL MP• perfSONAR UI
Jeff W. Boote: 4 Dec 06
perfSONAR: authN/Z plans
• perfSONAR(JRA-1)/JRA-5 sub-group• Group tasked with determining how to
leverage JRA-5 authentication system (eduGAIN) in perfSONAR infrastructure
• Jeff Boote (Internet2)• Diego Lopez (RedIRIS)• Maurizio Molina (Dante)• Andreas Solberg (Uninett)
Jeff W. Boote: 4 Dec 06
AuthN/AuthZ Background
• Designed with Federated authentication in mind
• AS becomes a ‘proxy’ for Authorization requests
Jeff W. Boote: 4 Dec 06
eduGAIN: Background
•JRA-5 provided authentication “interface”•Provides “bridging” to other authentication systems
•Shibboleth•PAPI•Others…
•Designed mostly with web-browser interaction in mind
Jeff W. Boote: 4 Dec 06
Current Auth Status
• Group has come to general consensus on how this should work
Jeff W. Boote: 4 Dec 06
perfSONAR: Trust relationship entities
•Client•idP (identity provider)•pSR (perfSONAR resource “service”)•AS (perfSONAR AS service)•HLS (Home Location Service)
Jeff W. Boote: 4 Dec 06
Automated Client Interaction
Jeff W. Boote: 4 Dec 06
Normal User Interaction
Jeff W. Boote: 4 Dec 06
Overview
• motivations/overview
• NMWG Schema Overview (Martin Swany)
• Discovery (Martin Swany)
• AuthN/Z
• Current Status
• Open Discussion
Jeff W. Boote: 4 Dec 06
perfSONAR: Current Developments
•MPs• SSH/Telnet (Looking Glass)• ABW (bandwidth packet
capture cards)• BWCTL• NMS (SDH status)• SNMP• Command line (OWAMP,
Ping, Traceroute)
•MAs• RRD• SQL• TopS• BWCTL• Hades (owd, jitter, owp)• Flow replicaton (CARNet)
•Hybrid MP/MA• Link Status
•Visualization Clients• CNM• perfSONAR UI• Visual perfsonar• Looking glass