Minutes from GENI Control Framework WG Meeting at GEC-3 on 10/29/08
|
View:
New views
1 Messages
—
Rating Filter:
Alert me
|
 |
Minutes from GENI Control Framework WG Meeting at GEC-3 on 10/29/08
by Harry Mussman
::
Rate this Message:
All members of the Control Framework WG,
The Control Framework WG met at GEC-3 on 10/29/08. The overall agenda of GEC-3 can be found at: http://www.geni.net/GEC3/GEC3-Agenda.pdf All talks presented at GEC-3 can be found at: http://groups.geni.net/geni/wiki/presentations All Control Framework WG meeting presentations (plus related presentations) can be found at: http://groups.geni.net/geni/wiki/CFWGGEC3 DRAFT minutes of the Control Framework WG meeting are at http://groups.geni.net/geni/attachment/wiki/CFWGGEC3/110508c%20%20GEC3_Cntrl FrameWG_Minutes.pdf and are attached below. Please forward any changes or additions to me. Please use this mailing list to continue discussions from the meeting, or to start new threads. And, please encourage your colleagues to join the mailing list! Best wishes, Harry Harry E. Mussman Sr. Systems Engineer - GENI Project Office BBN Technologies 10 Moulton Street Cambridge, MA 02138 (617) 873-4282 - Office (781) 266-8479 - Mobile (617) 873-4888 - Fax hmussman@... www.bbn.com ________________________________________________________________________ 3rd GENI Engineering Conference Control Framework Working Group Meeting Minutes Prepared by Control Framework Systems Engineer: Harry Mussman at GENI Project Office hmussman@..., November 5, 2008 ________________________________________________ Content: The agenda for the conference can be found at: http://www.geni.net/GEC3/GEC3-Agenda.pdf All slides from the conference can be found at: http://groups.geni.net/geni/wiki/presentations On the first day of the conference, there were six talks in plenary session that introduced the GENI control framework, and summarized the five projects implementing different control framework approaches for Spiral 1. Notes on these talks are presented first. Then, on the second day of the conference, the Control Framework WG met in plenary session. It heard some additional Spiral 1 project talks, three short lightning talks, the system engineering report, and had a period of open discussion. Notes from this meeting conclude this report. There were no action items identified in the WG meeting. ________________________________________________________________________ Plenary Session Tuesday, October 28, 10am 12:30pm. Building 20 Auditorium, Hewlett Packard, Palo Alto, CA For an audio recording of this session, go to: TBD ________________________________________________ Overview: GENI Spiral 1 Control Frameworks Speaker: GENI Engineering Architect: Aaron Falk at GENI Project Office afalk@... Slides: http://groups.geni.net/geni/attachment/wiki/presentations/1%20-%20Tuesday%20 -%202.%20%20GEC3%20Control%20Framework%20Context.ppt Related document: GENI Spiral 1 Overview at: http://www.geni.net/docs/GENIS1Ovrvw092908.pdf This talk reviewed the GENI system decomposition, and particularly the control framework; provided a summary of each of the five control frameworks being implemented by Spiral 1 projects, and their associated clusters A D; and provided a quick summary of what all projects must do to develop, integrate, test and demo the control structures needed in Spiral 1. ________________________________________________ Cluster D: Open Resource Control Architecture, ORCA-BEN Cluster D PIs: Ilia Baldine at Renaissance Computing Institute and Jeff Chase at Duke University Speaker: Jeff Chase at Duke University chase@... Slides: http://groups.geni.net/geni/attachment/wiki/presentations/chase-clusterD-orc aben-control.pdf This talk reviewed the use of ORCA in GENI as a control framework, and its use by BEN and three other Spiral 1 projects. ________________________________________________ Cluster E: Control, Measurement and Resource Management Framework for Heterogeneous and Mobile Wireless Testbeds PIs: Marco Gruteser and Ivan Seskar at WINLAB, and Max Ott and Thierry Rakotoarivelo and NICTA Speaker: Marco Gruteser at WINLAB gruteser@... Slides: http://groups.geni.net/geni/attachment/wiki/presentations/GEC-ControlFramewo rk-ProjectOverview_Gruteser_Oct08.pdf This talk summarized the Control, Measurement and Resource Management Framework designed for the ORBIT testbed, and its use as a GENI control framework by the ORBIT project and by one other Spiral 1 project. ________________________________________________ Cluster B: PI and speaker: Larry Pederson llp@... PlanetLab Based Control Framework for GENI Slides: http://groups.geni.net/geni/attachment/wiki/presentations/planetLab_geni.ppt This talk summarized the PlanetLab-based GENI control framework, and its use by seven other Spiral 1 projects. Initial code of reference designs is now available. ________________________________________________ Cluster C: PI and speaker: Rob Ricci ricci@... ProtoGENI Control Framework Slides: http://groups.geni.net/geni/attachment/wiki/presentations/protogeni_Ricci_ge c3.pdf This talk summarized the ProtoGENI control framework for GENI, based on Emulab, and its use by four other Spiral 1 projects. The talk included a live demonstration of setting up an experiment using this control framework. ________________________________________________ Cluster A: PI and speaker: John Wroclawski at USC/ISI jtw@... Trial Integration Environment Built on DETER Slides: http://groups.geni.net/geni/attachment/wiki/presentations/TIED-GEC3.ppt This talk presented this one project cluster, based on the DETER testbeds, which were initially established to focus on security issues. This project will concentrate on extending federation mechanisms in GENI. ________________________________________________________________________ Control Framework Working Group Breakout Session Wednesday, October 29, 9am 12noon. Building 20 Auditorium, Hewlett Packard, Palo Alto, CA For an audio recording of this session, go to: TBD ________________________________________________ 1) WG Co-Chair: John Wroclawski at USC/ISI jtw@... Review of agenda Introductions Brief remarks on scope and goals of the Control Framework WG: See WG website for more information: http://www.geni.net/wg/control-wg.html ________________________________________________ 2) Talks about Spiral 1 projects: ________________________________________________ a) Instrumentation and Measurement for GENI. PIs: Paul Barford at University of Wisconsin Madison, Mark Crovella at Boston University and Joel Summers at Colgate University. Speaker: Joel Summers at Colgate University jsummers@... Slides: http://groups.geni.net/geni/attachment/wiki/presentations/2a%20%20gec3.pdf This project is part of the ProtoGENI control framework, Cluster C. It will provide a measurement system, including a measurement service and repository module plus measurement modules for inclusion in substrate components. Questions from the audience: Q: What is plan for binding data to an experiment, by adding metadata and/or annotations, to avoid confusion later? A: Expect to have automatically added metadata, plus user-defined metadata. Q: What is the schema for metadata? A: Note yet specified; expect experience from other projects to guide it. Q: What about privacy policy to control dissemination of data? A: Expect it to be affected by deployment location. ________________________________________________ b) Sensor Virtualization and Slivering in an Outdoor Wide-Area Wireless GENI Sensor/Actuator Network Testbed. PIs: Prashant Shenoy, Deepak Ganesan, Jim Kurose and Michael Zink at University of Massachusetts Amherst. Speaker: Michael Zink at University of Massachusetts Amherst. Slides: http://groups.geni.net/geni/attachment/wiki/presentations/2b%20%20vise.ppt This project is part of the ORCA control framework, Cluster D. It will integrate the ORCA control framework into an existing and widely-deployed outdoor, wide-area sensor/actuator network, including virtualization of the sensor/actuator system. (No questions from the audience) ________________________________________________ c) Digital Object Architecture. PI and speaker: Larry Lannom at CNRI llannom@... Slides: http://groups.geni.net/geni/attachment/wiki/presentations/2c%20%20GEC3LWL.pp t This project is focused on analyzing how the Digital Object Architecture could be used to realize a GENI software repository, and also study whether it could be used to realize a GENI clearinghouse registry. It is expected to pick one of the control frameworks. (No questions from the audience) ________________________________________________ d) "Mid-Atlantic Crossroads (MAX)". PI is Peter O'Neil at University of Maryland / Mid-Atlantic Crossroads poneil@... First speaker: Peter O'Neil at University of Maryland / Mid-Atlantic Crossroads Slides: http://groups.geni.net/geni/attachment/wiki/presentations/2d_1%20102908-MidA tlanticCrossroads-Overview-POneil-CTracy.pdf Second speaker: Jarda Flidr at University of Maryland / Mid-Atlantic Crossroads. Slides: http://groups.geni.net/geni/attachment/wiki/presentations/2d_2%20102908-MidA tlanticCrossroads-DRAGON-API-JFlidr.ppt Third speaker: Chris Tracy at University of Maryland / Mid-Atlantic Crossroads Slides: http://groups.geni.net/geni/attachment/wiki/presentations/2d_1%20102908-MidA tlanticCrossroads-Overview-POneil-CTracy.pdf This project will provide access to an operational, regional, multi-wavelength optical network, and this first talk provides an overview of the MAX network, and its ability to provide Dynamic Resource Allocation via GMPLS Optical Network (DRAGON). The second speaker described the DRAGON API in detail. The third speaker described the key components and standards used in DRAGON. (No questions from the audience) ________________________________________________ 4) Lightning talks and topics relevant to WG. (Invited by WG Chairs) ________________________________________________ a) Federated Identity and Shibboleth Concepts Speaker: Rick Summerhill at Internet2 rrsum@... Slides: http://groups.geni.net/geni/attachment/wiki/presentations/4a%20%202008-10-28 %20Federated%20Identity%20and%20Shibboleth.ppt This talk summarized the approach that Internet 2 has utilized federated identity based on Shibboleth software, and SAML protocols. This approach may be useful in the GENI environment to utilize existing identity providers, i.e., those already established at research universities. Questions from the audience: Q: In the service chaining example, when resolving at the 2nd stage, what ID do you use? A: Use ID from the user, via a trust relationship. ________________________________________________ b) Beyond Federated Identity: Federated Access Speaker: Marc Stiegler at HP Labs marc.d.stiegler@... Slides: http://groups.geni.net/geni/attachment/wiki/presentations/4b%29%20%20faccm5m in.ppt This talk described an approach to streamlined federated access management that can avoid the need to provide federated identity management, and tis use of a self-authorizing browser bookmark known as the web-key. (No questions from the audience) ________________________________________________ 3) CF System Engineering Report Speaker: Harry Mussman at GENI Project Office hmussman@... Slides: http://groups.geni.net/geni/attachment/wiki/presentations/3%20%20102908%20%2 0SE_Report_CntrlFrameWG_GEC3.ppt Related DRAFT document: GENI Control Framework High-Level Design at http://groups.geni.net/geni/attachment/wiki/GeniControlFrameworkArchitecture /102008_GENI-ARCH-CP-01.4.pdf This talk provided an introduction to the role of the Control Framework WG system engineer, and an overview of associated Spiral 1 projects. GENI Spiral 1 Integration: Five Control Framework Clusters Spiral 1 Projects Five Spiral 1 projects are focused on control frameworks for different clusters of projects: 1609 DETER (Cluster A) 1600 Planetlab (Cluster B) 1579 ProtoGENI (Cluster C) 1582 ORCA (Cluster D) 1660 ORBIT (Cluster E) Four Spiral 1 projects are highly relevant to the CFs: 1621 GUSH tools 1622 Provisioning Service 1632 Security Architecture 1663 Digital Object Registry continued (2) CF is highest risk item for Spiral 1. Having five CFs: Will bring unique contributions to the table. Prevents the loss of good ideas. Will mitigate risks. Expect consolidation over time, but no sudden death. How do we: Clearly describe each CF, with a common vocabulary? Understand common choices, and differences? Identify common issues, and get them resolved? Work towards defining a final CF? (or possibly multiple CFs) Next, the current effort to draft a Control Framework High-Level Design document was summarized, including the common choices, current differences and identified issues in the current control framework implementations. Control Framework HLD DRAFT Document Now ready for review by CF WG: http://groups.geni.net/geni/attachment/wiki/GeniControlFrameworkArchitecture /102008_GENI-ARCH-CP-01.4.pdf Intent: Clearly describe each CF, with a common vocabulary. Understand common choices, and differences. Identify common issues. A way towards defining a final CF-HLD, but a long way to go . Approach: Utilize a linear structure to decompose the CF-HLD. Describe the CF-HLD as one design, focusing on common choices, but noting differences. Provide multiple worked examples for clarity. continued (2) Structure of document: Start with system design overview to understand structure and concepts. (Section 3) List features and functions that must be included. (Section 4) Present control framework structure, including entities, interfaces, principals, services and objects. (Section 5) Consider each interface, plus major concepts, and present examples of usage that walks through key scenarios. (Sections 6 11) Include sections to summarize five current control frameworks being implemented for Spiral 1. (Sections 12 16) Common CF-HLD Choices Common to all current CF implementations. Some exceptions? Choice 1: Control interfaces include APIs that follow a web services model, using SOAP and https (for a secure channel). Plus separate interfaces for loading software, etc. Choice 2: Principals (and services) have global identities. Are identified and authenticated with certificates from a PKI Choice 3: Authorization is handled with signed tokens (certificates) Passed from registry, to researcher, to aggregate, etc. Based on an underlying trust management system. Finally, the documents planned for the next year were reviewed. Planned Control Framework Documents Architecture: CF Architecture, v1 DRAFT compete 10/17/08 CF Architecture, v2 DRAFT due 6/16/09 Subsystems: Clearinghouse Subsystem Technical Description, v1 DRAFT due 2/15/09 Clearinghouse Subsystem Technical Description, v2 DRAFT due 7/16/09 Clearinghouse Subsystem Intfc Cntrl Doc, v1 DRAFT due 3/1/09 Clearinghouse Subsystem Intfc Cntrl Doc, v2 DRAFT due 8/1/09 (No questions from the audience) ________________________________________________ 4) Lightning talks continued. 4c) Essential GENI Speaker, and also Co-Chair of the WG: Larry Pederson at Princeton llp@... Slides: http://groups.geni.net/geni/attachment/wiki/presentations/4c%29%20%20llp_sim ple.ppt Related DRAFT document: Slice-Based Facility Architecture at http://groups.geni.net/geni/attachment/wiki/GeniControlBr/v1.10%20%20080808% 20%20sfa.pdf This talk outlined an approach to using the Slice-Based Facility Architecture for GENI control, including its use for an aggregate/component manager and a user service. It listed three areas that are still hard problems, and suggested approaches to solving them: resource specifications, resource allocation and identity or access control. Essential GENI Less is More Slice-based Facility Architecture (SFA) if you encounter ambiguity, it doesnt matter if youre sure it matters, read the code If you are building a component or aggregate ignore all matters security-related focus on six simple operations ä CreateSlice, DeleteSlice, StartSlice, StopSlice ä ResetSlice, ListComponentResources design your own rspec ä keep it low-level (design for the component, not the user) ä focus on activity that requires privilege If you are building a user-level service focus on the user pick a platform, any platform (preferably one that has users) Some Problems are Hard Resource Specifications (rspecs) keep it real on-going synthesis (standardization-like activity) permit multiple user-oriented variants Resource Allocation enable the market to decide Identity or Access Control enable the market to decide influenced by policy considerations ________________________________________________ 5) Discussion, including comments and questions from the audience: Comment by Rob Ricci at University of Utah: The ProtoGENI project has an Rspec that should be useful for GENI. Comment by Rick McGeer at HP Labs: Regarding identity and access control, we have no best practices. We should start with the requirements and work towards a bakeoff. Comment by ?: By saying identity and access control, we are making assumptions. We should decouple identity from authorization and access control. Comment by Ted Faber at USC/ISI: Identity and access control are based on a trust structure. Comment by Rick McGeer at HP Labs: Writing best practices will clarify solutions. Comment by John Wroclawski at USC/ISI and Co-Chair of WG: We should have different solutions for different circumstances and we should put appropriate abstraction into the HLD. Comment by Rick McGeer at HP Labs: The GRIP failed because its authorization approach didnt work, and the fixes only made it worse. Comment by ?: When working back up chain of trust, the last party is the responsible party. Comment by John Wroclawski at USC/ISI and Co-Chair of WG: We should separate mechanisms and policies, and work to understand policies. ________________________________________________________________________ _______________________________________________ control-wg mailing list control-wg@... http://lists.geni.net/mailman/listinfo/control-wg |
| Free embeddable forum powered by Nabble | Forum Help |
