Speaker
Description
Following up on 20 years of successful development and operation of the largest Italian research e-infrastructure through the Grid, the Italian National Institute for Nuclear Physics (INFN) recently created INFN-Cloud, an integrated and comprehensive cloud-based set of solutions, delivered through distributed and federated infrastructures. INFN-Cloud consists of two main types of resources: the “INFN-Cloud backbone”, spanning the two main INFN computing sites of CNAF and Bari, and a set of distributed, federated cloud infrastructures connected to the backbone. It provides a large and customizable set of services, ranging from simple IaaS to specialized SaaS solutions, centered through a PaaS layer built upon flexible authentication and authorization services offered via INDIGO-IAM, and optimized resources and services orchestration.
This talk will describe the INFN-Cloud architecture and implementation. Services offered via INFN-Cloud are instantiated through TOSCA templates. Currently, INFN-Cloud provides a set of about 20 ready-to-use templates that can be used to deploy services to any of its federated cloud resources. This is implemented via a PaaS Layer based on the INDIGO-DataCloud Orchestrator. All services are presented to the users via an easy-to-use web dashboard, but can also be instantiated via a Command Line Interface.
The INFN-Cloud PaaS Layer also handles the federation of resources, based on a lightweight approach minimizing the technical barriers for joining the INFN-Cloud federation. Using this approach, INFN-Cloud solutions address data-locality, SLAs, auto-scalability and elastic allocation of the resources even in widely distributed environments. In fact, INFN-Cloud can easily federate with other Cloud infrastructures, such as the EGI FedCloud, other research or academic resources or projects in the context of the EOSC, HPC resources, as well as with public Cloud providers, such as Amazon Web Services, and is being proposed as a blueprint to the Italian Cloud and Data Infrastructure (ICDI) to create the Italian national research cloud.
The INFN-Cloud architecture is designed to exploit highly heterogeneous cloud resources in terms of hardware (including CPUs, GPUs, low-latency networks and disks), cloud technologies (such as OpenStack, Mesos and Kubernetes), deployment models (supporting private and public clouds) and service delivery (supporting generic workloads, as well as GDPR-related and sensitive data processing). The talk will discuss the general technical solutions adopted to implement PaaS-level automation, federation mechanisms, the web dashboard and the services already implemented. More details are provided in other contributions proposed to the EGI conference, tailored to describe some specific operational and technical solutions.
The talk will also describe the organizational and operational structure of INFN-Cloud, as well as its Rules of Participations, defining the operational and security requirements, policies, processes and procedures that must be implemented by all sites joining the INFN-Cloud federation. These rules aim at implementing service provisioning best practices and common procedures in order to guarantee the high quality of the INFN-Cloud provisioned services.
Finally, the expected evolutions and the potential impact of the INFN-Cloud architecture will be covered, especially in the context of the ongoing integration and collaboration between the public and private sectors and of multi-disciplinary trans-national federation of heterogeneous resources.