| 1 | [[PageOutline]] |
| 2 | |
| 3 | = ProtoGENI Project Status Report = |
| 4 | |
| 5 | Period: 2Q 2009 |
| 6 | |
| 7 | == I. Major accomplishments == |
| 8 | |
| 9 | === A. Milestones achieved === |
| 10 | |
| 11 | While we have not finished any milestones this quarter, we have made |
| 12 | significant progress towards may of them. This progress is detailed throughout |
| 13 | this report. |
| 14 | |
| 15 | === B. Deliverables made === |
| 16 | |
| 17 | We have continued to make our software available under open source licenses |
| 18 | (the GENI Public License and the GPL). This software includes not only our |
| 19 | component manger, clearinghouse, etc., but also example scripts demonstrating |
| 20 | and documenting the use of this software. (This supports the milestone "Support |
| 21 | experiments on ProtoGENI cluster".) |
| 22 | |
| 23 | We continue to release documentation and design decisions on our wiki at |
| 24 | http://www.protogeni.net/ . Many design discussions take place on an open |
| 25 | mailing list, linked to from the ProtoGENI wiki. Some important recent |
| 26 | additions to the wiki: |
| 27 | |
| 28 | * Significant progress on our RSpec, including the first stages of |
| 29 | extensibility, some examples, and modifications for our Manifest. http://www.protogeni.net/trac/protogeni/wiki/RSpec [[BR]] |
| 30 | * Updates to the Component Manager and Slice Authority APIs[[BR]] |
| 31 | * New Slice Embedding Service API (see below for more details on this)[[BR]] |
| 32 | * Details about our backbone deployment (see below for more details) |
| 33 | |
| 34 | == II. Description of work performed during last quarter == |
| 35 | |
| 36 | === A. Activities and findings === |
| 37 | |
| 38 | A major focus of our activity this quarter has been on the deployment of the |
| 39 | ProtoGENI backbone with Internet2. Details of our plans can be found on these |
| 40 | pages: |
| 41 | |
| 42 | http://www.protogeni.net/trac/protogeni/wiki/Backbone [[BR]] |
| 43 | http://www.protogeni.net/trac/protogeni/wiki/BackboneNode |
| 44 | |
| 45 | We have acquired almost all of the hardware we need for the deployment, which |
| 46 | has been a very difficult process. (This addresses the milestone "Integrate, |
| 47 | install 3 nodes in I2".) |
| 48 | |
| 49 | First, Dell is end-of-lifing the servers we had planned to use at the backbone |
| 50 | sites, and the replacement does not suit our needs (it us unable to support the |
| 51 | NetFPGA cards.) Thus, we have purchased (through other funding) the PCs for all |
| 52 | backbone sites expected to be deployed over the next three years. We did |
| 53 | extensive testing of these PCs to ensure that they would work in the |
| 54 | configuration needed, and that the remote access capabilities (console and |
| 55 | power control over IP) are sufficient for recovery in case of problems. We also |
| 56 | re-worked our boot process to be more robust, since getting physical access |
| 57 | will be difficult and costly. Our usual wide-area PCs boot from a single USB |
| 58 | flash drive that is write-protected; this way, experimenters cannot maliciously |
| 59 | or accidentally interfere with the boot process. However, we were concerned |
| 60 | that this did not provide enough flexibility: if we ever needed to update the |
| 61 | boot code, that would be very hard to do, since it would require a physical |
| 62 | swap of the flash drive. However, we were not willing to make the boot device |
| 63 | read-write, as it would not be possible to prevent it from being overwritten by |
| 64 | experimenters (since we intend to give full control over some machines to |
| 65 | them.) Our solution now involves two USB drives, one of which is write |
| 66 | protected, and one of which is not. This way, we can normally boot from the |
| 67 | read-write drive, but if there is some problem, we can boot from the read-only |
| 68 | drive, which can be used to re-flash the read-write drive. These PCs are |
| 69 | spec'ed to be very sliceable: they have eight cores, sixteen GB of RAM, four |
| 70 | disks, and six network interfaces. (We will be able to meet the milestone |
| 71 | "Control Plane integration of backbone nodes" shortly after these nodes are |
| 72 | installed.) |
| 73 | |
| 74 | Second, the nature of our relationship with HP changed (see the "project |
| 75 | participants" section for more details). This delayed the purchase of the |
| 76 | switches. A number of other issues conspired to delay the purchase, including |
| 77 | getting organizational approval on both sides, some confusion over quantities, |
| 78 | and the fact that the purchase was not done through usual channels. A piece of |
| 79 | good news, however, is that due to the change in our relationship with HP, we |
| 80 | were able to purchase equipment without being subject to F&A charges from the |
| 81 | University. This allowed us to purchase the set of equipment included in our |
| 82 | original proposal, rather than the reduced amount in our amended proposal due |
| 83 | to budget cuts in the subcontract awarded. This will give us additional ports |
| 84 | in some switches for connections to other projects, some of which we are |
| 85 | already planning uses for. These switches have *almost* all arrived at Utah at |
| 86 | this point; we are missing two power supplies, which are still on their way |
| 87 | from HP. We have spares from another project that can be used if the ones on |
| 88 | order do not arrive in time. Before shipping equipment for the first site, we |
| 89 | have done extensive testing in our lab of the software for controlling the |
| 90 | switches. (This testing ensures that we will be able to meet the milestone "L2 |
| 91 | control in backbone nodes" shortly after installation.) |
| 92 | |
| 93 | We moved from using UUIDs to identify resources in ProtoGENI to URNs. URNs |
| 94 | offer the advantage of a hierarchical namespace, mirroring the hierarchical |
| 95 | set of authorities we plan to deploy. This scheme was proposed by the GMOC, |
| 96 | with refinements based on our feedback. Our current software supports both |
| 97 | UUIDs and URNs for backwards compatibility, but UUIDs will be faded out over |
| 98 | time. |
| 99 | |
| 100 | (The following text describes important progress made under other funding.) |
| 101 | |
| 102 | We have added support for native shared nodes to the Emulab and ProtoGENI |
| 103 | software. This enables us to create VLAN-based virtual networks on sliced |
| 104 | nodes. Specifically, we have added support for Linux-based virtual nodes using |
| 105 | OpenVZ. OpenVZ is a Linux kernel modification that provides lightweight, |
| 106 | container-based virtualization by contextualizing the kernel's operation on |
| 107 | many namespaces and objects on a per-container basis. When using OpenVZ-based |
| 108 | virtual nodes, Emulab provides the user with one OpenVZ container per logical |
| 109 | node. OpenVZ is an excellent match for ProtoGENI since it virtualizes much of |
| 110 | the network stack down to Layer 2, meaning that it can present virtual MAC |
| 111 | layer devices to containers, allowing users to configure device and protocol |
| 112 | properties fully above that layer (i.e., each container has its own private, |
| 113 | configurable IPv4 routing table). Currently, we provide a Fedora 8 Linux file |
| 114 | system inside each container. In the future, we will support multiple Linux |
| 115 | distributions and user-customizable container "disk" imaging and loading like |
| 116 | we provide for physical nodes. |
| 117 | |
| 118 | While developing the OpenVZ support itself, we also explored and prototyped a |
| 119 | standard API for configuring Emulab and ProtoGENI virtual nodes, called |
| 120 | libvnode. Eventually, we believe Emulab should support more vitualization |
| 121 | technologies, since each can expose a different point along the realism versus |
| 122 | cost spectrum (i.e., heavyweight Xen or VMWare that provide a fully emulated |
| 123 | machine, or lightweight process-level virtualization like Linux Vservers or |
| 124 | OpenVZ that provide only a customizable user space environment). libvnode |
| 125 | provides a single Emulab virtual node configuration API that can support |
| 126 | multiple back-end virtualization technologies. We have used and modified the |
| 127 | libvnode API to add preliminary Xen virtual node support to Emulab. |
| 128 | |
| 129 | We have deployed a Slice Embedding Service: Emulab' resource mapping program, |
| 130 | assign, has many of the key properties required for a GENI slice embedding |
| 131 | service. A slice embedding service takes a description of the experimenter's |
| 132 | desired virtual network and a description of the facility's physical resources, |
| 133 | and then selects an appropriate set of components on which to instantiate the virtual topology. The assign program fills this role in Emulab, and we |
| 134 | have extended it to become a prototype Slice Embedding Service (SES). |
| 135 | |
| 136 | Our SES runs as a service, not tightly coupled to any of the federated |
| 137 | facilities. It is an optional step in the process of creating a slice, taking |
| 138 | two parameters in RSpec format: a description of the topology that the user has |
| 139 | designed, and the set of resources available at some Component manager. The SES |
| 140 | annotates the user's requested topology, filling in the identities of nodes and |
| 141 | links that can be used to satisfy it. By offering the SES as a standalone |
| 142 | service, we make it possible for multiple SESes to exist; some could specialize |
| 143 | in embeddings for particular types of hardware or topologies. The user may also |
| 144 | give a "partial solution": part of the topology could already be embedded by |
| 145 | the user himself or by another SES. This enables the use of multiple embedding |
| 146 | services, in serial, on a single request topology. |
| 147 | |
| 148 | Currently, our SES supports only embedding to a single aggregate at a time. |
| 149 | Future work on this service will enable it to map slices across multiple |
| 150 | aggregates. |
| 151 | |
| 152 | === B. Project participants === |
| 153 | |
| 154 | University of Utah[[BR]] |
| 155 | Internet2[[BR]] |
| 156 | The subcontract with Internet2 has been successfully signed, and we have |
| 157 | been working closely with Internet2 staff (as well at the GPO) to plan |
| 158 | and deploy our backbone nodes. |
| 159 | |
| 160 | HP Labs[[BR]] |
| 161 | The exact nature of our relationship with HP has changed. Originally, HP |
| 162 | was going to be a sub-contractor to us. This turned out to require some |
| 163 | legal arrangements that didn't seem necessary for what was essentially |
| 164 | a hardware purchase. Thus, at HP's suggestion, we purchased the equipment |
| 165 | from them using a purchase order (at the steeply discounted price |
| 166 | originally agreed to), as well as consulting services for HP |
| 167 | representatives to attend GECs, participate in GENI-related activities, |
| 168 | etc. This change was approved by the GPO. |
| 169 | |
| 170 | === C. Publications (individual and organizational) === |
| 171 | |
| 172 | === D. Outreach activities === |
| 173 | |
| 174 | We participated in the second GENI-FIRE Workshop in Seattle, giving a talk |
| 175 | about the current state of federation in ProtoGENI and the future possibilities |
| 176 | for international federation. |
| 177 | |
| 178 | We have kept in touch with several projects that proposed to join our control |
| 179 | framework cluster under Solicitation 2. |
| 180 | |
| 181 | Robert Ricci served on three program committees that received GENI-related |
| 182 | papers:[[BR]] |
| 183 | * The First ACM SIGCOMM Workshop on Virtualized Infrastructure Systems and |
| 184 | Architectures (VISA), held in conjunction with SIGCOMM 2009 [[BR]] |
| 185 | * The 2009 workshop on Cyber Security Experiment and Test (CSET), held in |
| 186 | conjunction with the USENIX security conference [[BR]] |
| 187 | * The Fourth Workshop on Real Overlays and Distributed Systems (ROADS), to be |
| 188 | held alongside SOSP 2009 |
| 189 | |
| 190 | === E. Collaborations === |
| 191 | |
| 192 | We have continued to organize bi-weekly Cluster C conference calls, which |
| 193 | have helped our cluster members to make progress together. In addition to |
| 194 | the members assigned to our cluster, the Security Architecture project has been |
| 195 | a frequent participant, and some calls have featured members of the GPO and |
| 196 | other invited projects. (These collaborations are in support of the milestone |
| 197 | "control plane integration of cluster-mates".) |
| 198 | |
| 199 | Two new projects have joined our cluster this quarter, the Million Node GENI |
| 200 | project from Washington and the Digital Object Repository from CNRI. |
| 201 | |
| 202 | In addition to the existing members of our federation (Utah, Wisconsin, CMU, |
| 203 | Kentucky), two new facilities have joined our federated clearinghouse: [[BR]] |
| 204 | Programmable Edge Node (UMass-Lowell) [[BR]] |
| 205 | BBN (test facility being set up by intern Evan Zhang) |
| 206 | |
| 207 | We have also interacted with a number of other GPO-funded projects outside of |
| 208 | our cluster, including:[[BR]] |
| 209 | __SPP Overlay Nodes:__ Will be connected through the Internet2 donated wave, using equipment from our project.[[BR]] |
| 210 | |
| 211 | __GMOC:__ Have adopted a proposal by the GMOC for using URNs to identify users and resources in GENI. Ongoing discussions about the [[BR]] |
| 212 | |
| 213 | __Million-Node GENI:__ Many design discussion about how the Seattle abstractions are not perfectly matched to our APIs, and we are working on refining some of our design to encompass Seattle-like resources.[[BR]] |
| 214 | |
| 215 | __Mid-Atlantic Network:__ Have worked out connectivity at 10GB between our equipment in the Washington, DC POP and the MAX equipment in the same POP. Will be used to connect to Cluster B projects (such as SPP) as well as Cluster C projects.[[BR]] |
| 216 | |
| 217 | __Great Plains Network:__ Are talking about possible connectivity to our equipment, so that they can connect to SPP, MAX, and Cluster C projects[[BR]] |
| 218 | |
| 219 | __GUSH:__ Have given them accounts on Emulab to experiment with using GUSH on Emulab[[BR]] |
| 220 | |
| 221 | |
| 222 | We have held talks with our campus and regional networks, who have been very |
| 223 | supportive of our efforts. The expected outcome of these talks is dedicated |
| 224 | connectivity between the Utah Emulab facility and the donated Interet2 wave. |
| 225 | Our campus is also being supportive of the BGPMux project, agreeing to provide |
| 226 | a BGP feed for experimenter use. |
| 227 | |
| 228 | We participated in two GPO-sponsored workshops: one about the RSpec and |
| 229 | connections between substrates, in Chicago, and another about measurement |
| 230 | hosted in Madison. |
| 231 | |
| 232 | Robert Ricci has been named incoming co-Chair of the Control Framework |
| 233 | Working Group. |
| 234 | |
| 235 | We have continued to work with the GPO and EDJ Associates to plan GEC6 in |
| 236 | Salt Lake City. |
| 237 | |
| 238 | === F. Other Contributions === |