Web Services

Download Report

Transcript Web Services

UCLPv2 Update
Sergi Figuerola
Fundació i2CAT
[email protected]
16 th GGF
Athens, Fabruary 2006
i2CAT Foundation
•
i2CAT Foundation : private non-profit Foundation created by the local government and
•
Funding : Department of Research and Universities of the local Government, private
•
Goals : boost of Research & Innovation on the Internet second generation environment
•
the UPC (Universitat Politècnica de catalunya)
sector and pre-competitive projects
– Promote advanced networks research, innovation and broadband applications
– Create new cooperation platforms
Research
Model : based on the collaboration between
the public, private sectors and the universities
Innovation
Universities
Administration
Private Sector
UCLPv2: CANARIE’s Directed Research Program
• UQAM/Uottawa
• Solana Networks
• CRC/UofO/Inocybe Tech. /i2CAT
Technology
Transfer
Dissemination
Internet
Driver for User Controlled Networks
• Increasingly more and more organizations are acquiring their own
fiber networks
– Universities, schools, hospitals, businesses
• Acquiring fiber in the long haul is very expensive to light and obtain
– Alternative is to use “dim fiber” – point to point wavelengths
– But want flexibility to do configuration and change management as with
dark fiber
• Increasingly science needs dedicated networks for specific
applications and disciplines for high data volume grids
– Want to be able to manipulate the network in the same way they can
manipulate the application
• SOA and networks
− SOA has the potential to provide the same user control over networks
as with applications
CAnet 4 design principles (UCLP)
• Occam’s rule of networking:
–
“The simplest network is the best network”
• Provide users with tools to do their own traffic engineering including
changing topology and bandwidth
– “Articulated Private Networks”
• Allow users to create IP networks for their own community of interest
– Most importantly allow extension of network into campus to specific
servers and bypass campus firewall
• Use Service Oriented Architecture (web services and workflow) to
allow users to do their own provisioning and configuration of the
network
– Also allows easy integration of application
- Bill St. Arnaud -
What is UCLP?
• User Controlled LightPaths – a configuration and provisioning tool
built around grid technology using Web Services
• Allow third parties concatenate cross connects together from various
links, routers and switches to produce a wide area network that is
under their control
– Articulated Private Network (APN)
– Next generation VPN
• Uses Service Oriented Architecture (SOA) and so network can be
integrated with other Web Service applications
• To extend the network into the application
• End of the project, March/April 2006
Is UCLP an Automated management system?
NO it is a toolbox used to create customized services.
UCLP Concept
APN
Instrument
WS
Substrate
Router
Substrate
Switch
Parent
Lightpath
WS
GMPLS
Daemon WS
Child Lightpath WS
(may run over IP
Ethernet, MPLS, etc
Virtual
Router
WS
Timeslice
WS
Wireless Sensor
Network
UCLPv2: High Level “Architecture”
Eclipse Main Panel
Ressource Explorer
My Canada APN #1
Import
Ressources
Physical View
Model View
BPEL Source
My Canada APN #1
SCSWS
ons-ott01
ons-tor01
ons-mon01
ons-nyc01
LPWS
Ott-Hal LP
User Access Layer
Endpoints
gigE - ons-tor01
gigE - ons-mon01
BPEL Engine
Canarie Engine
Deployed Services
Ott-Mon LP
Mon-Hal LP
Problems
Status
CRC Engine
Deployed Services
Ott-Hal LP
LP-WS
XC-WS
802.1q-WS
ITF-WS
GMPLS-WS
Université d’Ottawa
University of Ottawa
Service Orchestration Layer
(BPEL)
APN-WS
VR-WS
INS-WS
Resource Management
Layer
NE-WS (I) - RML
• NE-WS (Network Element Web Service)
– A family of network element WSs
– Axis Web Service
– Different types of NE-WSs exist depending on the network element it is
controlling
– Deployed on carrier’s side
• INS-WS (INStrument Web Service)
– Web Service that controls a third party device (sensors, instruments, etc.)
– Deployed on the APN side
Université d’Ottawa
University of Ottawa
NE-WS (II) - RML
• XC-WS (Cross Connect Web Service)
XC PortType
XC-WS
GUINode
PortType
– SONET, SDH, Fibre, Lambda Cross
Connects
GMPLS PortType
GMPLS-WS
802.1q-WS
MPLS-WS
Router-WS
• GMPLS-WS
GUINode
PortType
– GMPLS Cloud
802.1q PortType
GUINode
PortType
MPLS PortType
GUINode
PortType
Router PortType
GUINode
PortType
• 802.1q-WS
– VLAN enabled Ethernet switch
• MPLS-WS
– MPLS Cloud
• Router-WS
Université d’Ottawa
University of Ottawa
– Layer 3 router
NE-WS (III) - RML
Interface Binding
XC Port Type
...
...
Interface Binding
GUI Port Type
Memory Hash
ONS 15454
XML
…
XML
Core
Res.
Manager
OPTera 5200
XML
Transport
(TCP, UDP, SSL, etc.)
Université d’Ottawa
University of Ottawa
Partition
Table
LP-WS (I) - SOL
• LP-WS (Light Path Web Service)
– An abstraction that represents a link between one or more
interconnected resources
– A web service composition
– The end points of the LP can be anything that is network enabled
• ITF-WS (InTerFace Web Service)
– A web service composition that represents a single resource on a
network element
• APN-WS (Articulated Private Network Web Service)
– A BPEL workflow script that links together a number of WSs from
an APN resource list and other sources
Université d’Ottawa
University of Ottawa
APN-WS (II) - SOL
• A workflow script that links together a number of lightpath,
interface and instrument Web Services obtained from one or more
providers
• An APN is a single network configuration
• Once an APN is deployed, the topology and bandwidth are fixed
– If the configuration of the network elements wants to be changed, the
APN must be stopped, and a new APN must be created
• A single researcher can have multiple network configurations
defined (APNs), and set/undo each configuration when different
topologies are needed
Université d’Ottawa
University of Ottawa
Web Services: LP-WS (III)
802.1q
OC-192
GMPLS Cloud
GbE
Fiber Channel
STM-64
Satellite Antenna
Server
T1/E1
IEEE 802.11b/g
LP-WS
Sensor
Access Point
“A lightpath represents a link between a pair of network enabled endpoints”
Université d’Ottawa
University of Ottawa
User Roles
• Physical Network (PN) Admin
– Responsible for provisioning the network and creating network
resources (lightpath and interface Web Services) for APNs to use
• APN Admin
– Receives APN Resource Lists from PN or APN Admins
– Responsible for creating the APN network configurations for the
users
• Can partition/bond network resources
– Can give or sublease its resources to other APNs
• Users
– Can use APN configurations that were created by the APN Admin
– Cannot modify network topologies
Université d’Ottawa
University of Ottawa
Security: Implementation Architecture
User CRC-user-A
Certificate Authority
(UCLP.CA)
X.509
DN: CRCuser-A
GUI (Java)
X.509
DN: CRC
UAA
(User to Business)
SOAP Messages
CRC UAA
User Service Container
Certificates involved
DN: CRC
UAA
CRC UCLP Access
Policies
APN-WS (BPEL)
X.509
X.509
DN:
CANARIE
UAA
(Business to Business)
SOAP Messages
CANARIE UAA
NE-WS (Axis)
LP-WS (BPEL)
Provider Service Container
Université d’Ottawa
University of Ottawa
BPEL customized Handler
Axis Handler
UCLP Interoperability Issues
•
We must be able to import and export Lightpaths and Interface web
services between UCLP systems
– Agree on a common PortType for a proxy web service for that will be used when
calling imported resources
• This common PortType is called the Common Data Model (CDM)
• Need 2 proxy webservices; 1for lightpaths, 1 for Interfaces
– The proxy will be used to translate from the CDM to our own implementations
– Must also agree on security conventions for accessing the resources
•
As a minimum, we need to be able to import resources from other UCLP
implementations and use them to make APNs, LPOs, etc.
– Partitioning and bonding imported resources from other UCLP systems is not
required at this point but will be implemented at later time
•
In our opinion, semantic techniques and the tools are not fully mature so it
was decided not to use them for UCLP interoperability. It would also take
too much time for each UCLP team to overcome the learning curve involved
– Implementing a Proxy web service with the CDM is the quickest and easiest way
to support interoperability
•
Can this Work be done within the GHPN
– Like any other W3C community : Math, BIO, Finance
• Consensus WS- Network Service?
• …..
Contact Information:
Fundació i2CAT
Nexus II Building
c/ Jordi Girona 29
08034 Barcelona
Tel. +34.93.413.75.80
Fax: +34.93.413.75.81
www.i2cat.net
[email protected]
[email protected]
UCLPv2 info:
www.uclp.ca
http://grid2.canarie.ca/wiki/index.php/UCLPv2