Internet DRAFT - draft-fisher-cloudassets
draft-fisher-cloudassets
<Working Group Name> T. Fisher
Internet Draft P. Walsh
Intended status: Informational Jackpine Technolgies Corp.
Expires: March 18, 2017 September 19, 2016
Cloud Assets
draft-fisher-cloudassets-00
Abstract
There is no standardized method to describe assets used in a cloud
such that they can be moved from one cloud to the next independent
of the underlying architecture. This document defines Cloud Assets
as a lightweight description of cloud resources and proposes a
standardization of Cloud Assets into three major categories:
Resource Assets, Component Assets, and Composite Assets.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 18, 2017.
Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
T. Fisher, P. Walsh Expires March 9, 2017 [Page 1]
Internet-Draft Cloud Assets September 2016
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Table of Contents
1. Introduction...................................................3
1.1. Terminology...............................................3
1.2. Background................................................4
2. Requirements...................................................4
3. Use Cases......................................................4
4. Cloud Assets...................................................5
4.1. Resource Assets...........................................5
4.1.1. Clouds...............................................5
4.1.2. Cloudspaces..........................................5
4.1.3. Cloud Networks.......................................5
4.1.4. Templates............................................5
4.1.5. Devices..............................................5
4.1.6. Appliances...........................................5
4.2. Component Assets..........................................5
4.2.1. Software: Applications...............................6
4.2.2. Software: Source Code................................6
4.2.3. Software: Data.......................................6
4.2.4. Test Cases...........................................6
4.2.5. Virtual Services.....................................6
4.2.6. Networks.............................................6
4.3. Composite Assets..........................................6
4.3.1. Systems..............................................6
4.3.2. Scenarios............................................7
4.3.3. Deployments..........................................7
4.3.4. Test Bundles.........................................7
5. Usage Example..................................................7
5.1. Resource Assets...........................................7
5.1.1. Cloud................................................7
5.1.2. Cloudspace...........................................8
5.1.3. Cloud Network........................................8
5.1.4. Template.............................................8
5.1.5. Device...............................................8
5.1.6. Appliance............................................9
5.2. Composite Assets..........................................9
5.2.1. System...............................................9
5.2.2. Scenario............................................10
5.2.3. Deployment..........................................10
5.2.4. Test Bundle.........................................10
6. Sample........................................................10
7. Security Considerations.......................................12
8. IANA Considerations...........................................13
T. Fisher, P. Walsh Expires March 9, 2017 [Page 2]
Internet-Draft Cloud Assets September 2016
9. References....................................................13
9.1. Normative References.....................................13
9.2. Informative References...................................13
10. Acknowledgments..............................................13
1. Introduction
1.1. Terminology
The following terms are used in this document:
o Cloud Assets - The basis for building provisioning, and testing
of cloud-based environments.
o Cloud Environments - The user implementation of a cloud
infrastructure.
o Cloud Infrastructure - Infrastructure as a servcie that a user
can consume from anywhere over the Internet. The cloud focuses on
providing consumers the required capabilities rather than
specific backend compute resources.
o Infrastructure as a Service (IAAS) - a standardized, highly
automated offering, where compute resources, complemented by
storage and networking capabilities are owned and hosted by a
service provider and offered to customers on-demand. Users are
able to self-provision this infrastructure, using a Web-based
graphical user interface that serves as an IT operations
management console for the overall environment. API access to the
infrastructure may also be offered as an option. [2]
o Resource Assets - Elements of a cloud infrastructure registered
by the cloud administrator.
o Cloud Administrator - An entity that administers the
infrastructure supporting the cloud.
o Component Assets - Elements of a cloud environment imported by
the user.
o Composite Assets - Combinations of resource and component assets
into defined entities
o Virtual Machine - a software implementation of a complete system
platform that supports the execution of a complete operating
system and corresponding applications in a cloud. [1]
T. Fisher, P. Walsh Expires March 9, 2017 [Page 3]
Internet-Draft Cloud Assets September 2016
1.2. Background
As more and more cloud infrastructure choices become available for
consumers, the difficulty in choosing the cloud that best supports
the customers needs throughout their application lifecycle becomes
increasingly difficult. No cloud is a "one size fits all" and
enabling use of different cloud providers at different points in the
application lifecycle will better enable consumers to focus on
meeting user requirements rather than infrastructure dependencies.
This document describes a method to help standardize how assets are
used in clouds so that they can be more easily migrated from one
cloud to the next as needs dictate.
2. Requirements
This document assumes the following requirements:
o Cloud agnostic - usable by any underlying cloud technology
o Loosely coupled - cloud updates will not break the asset
o Human readable - configurable by any text editor
o Flexible - supports wide range of use cases
o Lightweight - does not include underlying OS itself
o Reusable - well documented so that others can leverage
3. Use Cases
The following use cases drove the development of the proposed
standard:
o Moving assets to/from commercial cloud provider from/to private
cloud provider
o Moving assets from one commercial cloud provider to another
o Moving assets from one security classification level to another
o Common assets enabling security compliance across clouds
o Leveraging knowledge across teams working in different clouds
o Migration from data center to cloud
T. Fisher, P. Walsh Expires March 9, 2017 [Page 4]
Internet-Draft Cloud Assets September 2016
4. Cloud Assets
We propose the definition and structure of Resource, Component, and
Composite Assets.
4.1. Resource Assets
Resource assets are elements of a cloud infrastructure that are
registered to be available for use. The Cloud Administrator controls
which resources they want to allow access to. Resource assets
include the following: Clouds, Cloudspaces, Cloud Networks,
Templates, Devices, and Appliances
4.1.1. Clouds
The account used to access a portion of IaaS cloud provider (e.g.,
Amazon Web Services, Google, Azure, or private cloud).
4.1.2. Cloudspaces
A private space within a cloud with separate security boundary &
access control (e.g. VMware Virtual Data Center or AWS Virtual
Private Cloud).
4.1.3. Cloud Networks
The networks in a Cloud that are accessible to the Cloudspace.
4.1.4. Templates
Base installation of operating system into a virtual machine. Also
known as images.
4.1.5. Devices
A device or service that is accessible from the cloud.
4.1.6. Appliances
A preconfigured (aka not configurable) virtual machine that is
accessible from the cloud.
4.2. Component Assets
Component Assets are imported by a user with appropriate permissions
and used as building blocks for the construction, configuration and
validation of cloud environments. Components assets include the
T. Fisher, P. Walsh Expires March 9, 2017 [Page 5]
Internet-Draft Cloud Assets September 2016
following: Software: Applications, Software: Source Code, Software:
Data, Test Cases, Virtual Services, and Networks.
4.2.1. Software: Applications
Applications include software installers, utilities and
configurations.
4.2.2. Software: Source Code
Software that is used to check out, build and install un-compiled
code.
4.2.3. Software: Data
Data assets are data sets available for use by other assets. Fewer
required components; optional encryption.
4.2.4. Test Cases
Description and properties used to perform functional, performance,
and/or security validation tasks.
4.2.5. Virtual Services
Virtual services are models representing the data inputs and outputs
of a service.
4.2.6. Networks
New networks created in the Cloud that are accessible in the
Cloudspace.
4.3. Composite Assets
Composite assets are combinations of resource and component assets
that define how and environment will be built, configured and
deployed (often referred to as recipes, blueprints, or manifests).
Composite assets include: Systems, Scenarios, Deployments, and Test
Bundles.
4.3.1. Systems
A single system (e.g. virtual machine) that includes:
o One template
T. Fisher, P. Walsh Expires March 9, 2017 [Page 6]
Internet-Draft Cloud Assets September 2016
o Zero or more Software: Application assets
o Zero or more Software: Source Code assets
o Zero or more Software: Data assets
o One or more Network assets
4.3.2. Scenarios
A Scenario asset includes one or more System assets and zero or more
Virtual Service assets.
4.3.3. Deployments
A Deployment asset includes at least one Scenario asset and zero or
more Test Bundle assets.
4.3.4. Test Bundles
A Test Bundle asset includes at least one Test Case asset.
5. Usage Example
All assets have minimum required fields:
<asset>
<name>String</name>
<description>String</description>
<assetType>String</assetType>
</asset>
5.1. Resource Assets
5.1.1. Cloud
#Required
<cloudURL>String</cloudURL>
<cloudAccount>String</cloudAccount>
<cloudCredentials>String</cloudCredentials>
T. Fisher, P. Walsh Expires March 9, 2017 [Page 7]
Internet-Draft Cloud Assets September 2016
5.1.2. Cloudspace
#Required
<cloudspaceName>String</cloudspacekName>
5.1.3. Cloud Network
#Required
<cloudNetworkName>String</cloudNetworkName>
5.1.4. Template
#Required
<operatingSystem>String</operatingSystem>
<maxRam>Integer</maxRam>
<maxDisk>Integer</maxDisk>
<bootDiskSize>Integer</bootDiskSize>
<numberNICs>Integer</numberNICs>
<osUsername>String</osUsername>
<osPassword>String</osPassword>
#Optional
<additionalDisks>Integer</additionalDisks>
<license>String</license>
<remoteAccessType>String</remoteAccessType>
# 0 = no, 1 = yes
<vGPUAvailable>Integer</vGPUAvailable>
5.1.5. Device
#Required
<osUsername>String</osUsername>
T. Fisher, P. Walsh Expires March 9, 2017 [Page 8]
Internet-Draft Cloud Assets September 2016
<osPassword>String</osPassword>
<deviceURL>String</deviceURL>
5.1.6. Appliance
#Required
<osUsername>String</osUsername>
<osPassword>String</osPassword>
<maxRam>Integer</maxRam>
<maxDisk>Integer</maxDisk>
5.2. Composite Assets
5.2.1. System
#Required
<systemID>Integer</systemID>
# specs used to select a template
<requestedOS>Integer</requestedOS>
<minCPU>Integer</minCPU>
<minNICs>Integer</minNICs>
# in MBytes
<minRAM>Integer</minRAM>
<minDisk>Integer</minDisk>
# 0 = no, 1 = yes
<vGPUAvailable>Integer</vGPUAvailable>
#Optional
<softwareAssetID>Integer</softwareAssetID>
<softwareLoadOrder>Integer</softwareLoadOrder>
T. Fisher, P. Walsh Expires March 9, 2017 [Page 9]
Internet-Draft Cloud Assets September 2016
# 0 = no, 1 = yes
<softwareReboot>Integer</softwareReboot>
5.2.2. Scenario
#Required
<scenarioID>Integer</scenarioID>
<systemID>Integer</systemID>
<systemLoadOrder>Integer</systemLoadOrder>
#Optional
<virtualserviceID>Integer</virtualserviceID>
5.2.3. Deployment
#Required
<scenarioID>Integer</scenarioID>
#Optional
<testBundleID>Integer</testBundleID>
<deploymentProperties>String</deploymentProperties>
5.2.4. Test Bundle
#Required
<testBundleID>Integer</testBundleID>
<testCaseID>Integer</testCaseID>
6. Sample
The sample xml below is for a Red Hat server with Java and JBoss
installed.
<system>
<systemID>5</systemID>
T. Fisher, P. Walsh Expires March 9, 2017 [Page 10]
Internet-Draft Cloud Assets September 2016
<requestedOS>Red Hat 6</requestedOS>
<minCPU>1</minCPU>
<minNICs>1</minNICs>
<minRAM>8192</minRAM>
<minDisk>1024</minDisk>
<vGPUAvailable>0</vGPUAvailable>
<softwareAsset>
<name>Java</name>
<despcription>Java JDK 8u101</description>
<assetType>software</assetType>
<softwareAssetID>1</softwareAssetID>
<softwareLoadOrder>1</softwareLoadOrder>
<softwareReboot>0</softwareReboot>
<softwareAssetType>Application</softwareAssetType>
<installScript>install.sh</installScript>
<mediaDirectory>/media</mediaDirectory >
<licenseFile>license.txt</licenseFile>
<documentationFile>readme.txt</documentationFile>
<instanceLimit></instanceLimit>
<pocEmail>john.do@example.com</pocEmail>
<pocPhone>6175555555</pocPhone>
<pocName>John Doe</pocName>
<pocOrganization>"Example, Inc."</pocOrganization>
</softwareAsset>
T. Fisher, P. Walsh Expires March 9, 2017 [Page 11]
Internet-Draft Cloud Assets September 2016
<softwareAsset>
<name>JBoss</name>
<despcription>JBoss 7</description>
<assetType>software</assetType>
<softwareAssetID>23</softwareAssetID>
<softwareLoadOrder>2</softwareLoadOrder>
<softwareReboot>0</softwareReboot>
<softwareAssetType>Application</softwareAssetType>
<installScript>install.sh</installScript>
<mediaDirectory>/media</mediaDirectory >
<licenseFile>license.txt</licenseFile>
<documentationFile>readme.txt</documentationFile>
<instanceLimit></instanceLimit>
<pocEmail>john.do@example.com</pocEmail>
<pocPhone>6175555555</pocPhone>
<pocName>John Doe</pocName>
<pocOrganization>"Example, Inc."</pocOrganization>
</softwareAsset>
</system>
7. Security Considerations
One should be aware of and consider the variety of security best
practices when working with XML and implement methods that best
support your application of Cloud Asset descriptions. Consider
especially using checksums to detect errors and verify data
integrity.
T. Fisher, P. Walsh Expires March 9, 2017 [Page 12]
Internet-Draft Cloud Assets September 2016
8. IANA Considerations
Namespace is managed by the underlying cloud infrastructure.
9. References
9.1. Normative References
[RFC3470] Hollenbeck, S., et al., "Guidelines for the Use of
Extensible Markup Language (XML) within IETF Protocols",
BCP 70, RFC 3470, January 2003.
9.2. Informative References
[1] Karmel, A., Chandramouli, R., and Iorga, M., "NIST Definition
of Microservices, Application Containers and System Virtual
Machines", NIST Special Publication 800-180 (DRAFT),
http://csrc.nist.gov/publications/drafts/800-180/sp800-
180_draft.pdf, February 2016
[2] http://blogs.gartner.com/it-glossary/infrastructure-as-a-
service-iaas/
10. Acknowledgments
This document was prepared using 2-Word-v2.0.template.dot.
T. Fisher, P. Walsh Expires March 9, 2017 [Page 13]
Internet-Draft Cloud Assets September 2016
Authors' Addresses
Todd Fisher
Jackpine Technolgies Corp.
Email: todd.fisher@jackpinetech.com
Peter Walsh
Jackpine Technolgies Corp.
Email: peter.walsh@jackpinetech.com
T. Fisher, P. Walsh Expires March 9, 2017 [Page 14]
