210 likes | 220 Views
Explore the architecture, services, and goals of perfSONAR network measurement infrastructure, focusing on empowering the community for improved network performance and diagnostics. Learn about key services and deployment strategies.
E N D
perfSONAR WG Meeting(06FMM) Jeff W. BooteMartin Swany Internet2 6 Dec 2006
Overview • motivations/overview • NMWG Schema Overview (Martin Swany) • Discovery (Martin Swany) • AuthN/Z • Current Status • Open Discussion
Vision: Performance Information is … • Available • People can find it (Discovery) • “Community of trust” allows access across administrative domain boundaries (AA) • Ubiquitous • Widely deployed (Paths of interest covered) • Reliable (Consistently configured correctly) • Valuable • Actionable (Analysis suggests course of action) • Automatable (Applications act on data)
Getting There: Build & Empower the Community Decouple the Problem Space: • Analysis and Visualization • Performance Data Sharing • Performance Data Generation Grow the Footprint: • Clean APIs and protocols between each layer • Widespread deployment of measurement infrastructure • Widespread deployment of common performance measurement tools
Result: No more mystery … • Increase network awareness • Set user expectations accurately • Reduce diagnostic costs • Performance problems noticed early • Performance problems addressed efficiently • Network engineers can see & act outside their turf • Transform application design • Incorporate network intuition into application behavior
perfSONAR Overview • What: Measurement infrastructure for exchanging data under development • How: Webservices network performance framework • Network measurement tools • Network measurement archives • Distributed scheduling/authorization • Multi-domain policy • Common language (GGF NMWG Schema) • Where: Deployed / to be deployed across: • Network Backbones (Abilene, ESNet, GÉANT) • Regional Networks (NRENs, RONs, Gigapops) • Universities • When: First product release happened summer ‘06
perfSONAR: What is it? • Service Oriented Architecture (discovery, AuthN/Z, federation…) • Base schema (NMWG) to allow any performance data type with a defined extensibility
perfSONAR: Services (1) • Lookup Service • Allows the client to discover the existing services and other LS services. • Dynamic: services registration themselves to the LS and mention their capabilities, they can also leave or be removed if a service gets down. • AuthN/Z Service • Internet2 MAT, GN2-JRA5 (eduGAIN) • Authorization functionality for the framework • Users can have several roles, the authorisation is done based on the user role. • Trust relationships defined between users affiliated with different administrative domains.
perfSONAR Services (2) • Transformation Service • Transform the data (aggregation, concatenation, correlation, translation, etc). • Topology Service • Make the network topology information available to the framework. • Find the closest MP, provide topology information for visualisation tools • Resource protector • Arbitrate the consumption of limited resources between multiple services.
Inter-domain perfSonar example interaction Useful graph Client Token MA Here is who I am, I’d like to access MA B Here is who I am, I’d like to access MA A Token MB a,b,c : Network A, MA A, AA A Where Link utilisation along - Path a,b,c? AA A Here you go Get Link utilisation a,b,c Get link utilisation c,d,e,f AA B Here you go a,b,c: Network A – LS A, c,d,e,f : Network B, MA B, AA B Where Link utilisation along - Path a,b,c,d,e,f? LS A LS B MA B MA A a b f e c d Network A Network B
Overview • motivations/overview • NMWG Schema Overview (Martin Swany) • Discovery (Martin Swany) • AuthN/Z • Current Status • Open Discussion
perfSONAR: Core Team Status Update • First production release of Java Sample Implementation (July 06) • Includes: • Single domain LS solution • RRD MA • Other closely integrated implementations/applications: • BWCTL MP • perfSONAR UI
perfSONAR: authN/Z plans • perfSONAR(JRA-1)/JRA-5 sub-group • Group tasked with determining how to leverage JRA-5 authentication system (eduGAIN) in perfSONAR infrastructure • Jeff Boote (Internet2) • Diego Lopez (RedIRIS) • Maurizio Molina (Dante) • Andreas Solberg (Uninett)
AuthN/AuthZ Background • Designed with Federated authentication in mind • AS becomes a ‘proxy’ for Authorization requests
eduGAIN: Background • JRA-5 provided authentication “interface” • Provides “bridging” to other authentication systems • Shibboleth • PAPI • Others… • Designed mostly with web-browser interaction in mind
Current Auth Status • Group has come to general consensus on how this should work
perfSONAR: Trust relationship entities • Client • idP (identity provider) • pSR (perfSONAR resource “service”) • AS (perfSONAR AS service) • HLS (Home Location Service)
Overview • motivations/overview • NMWG Schema Overview (Martin Swany) • Discovery (Martin Swany) • AuthN/Z • Current Status • Open Discussion
MPs SSH/Telnet (Looking Glass) ABW (bandwidth packet capture cards) BWCTL NMS (SDH status) SNMP Command line (OWAMP, Ping, Traceroute) MAs RRD SQL TopS BWCTL Hades (owd, jitter, owp) Flow replicaton (CARNet) Hybrid MP/MA Link Status Visualization Clients CNM perfSONAR UI Visual perfsonar Looking glass perfSONAR: Current Developments