Federating the Cloud

HP Labs and European partners look to better integrate public and private cloud systems.

From left to right: Luis Miguel Vaquero Gonzalez, Paul Murray, Suksant Sae Lor

"A lot of technology in cloud computing was created by quickly establishing something that works. That's great, but it means we've often bypassed or avoided the hard problems," says HP Labs researcher Paul Murray.

For the last two years, Murray has led a team of fellow engineers from HP's Cloud and Security laboratory in addressing one of the hardest cloud computing problems of all: how to move from the world of large but mostly independent cloud networks to a system that allows all those networks to easily, safely, and automatically interconnect.

It's a challenge the Bristol, UK-based group has been pursuing as part of a consortium of 25 leading European telecommunication operators, technology vendors, and research institutions, funded by a €13m grant from the European Union. The project, known as SAIL (Scalable & Adaptive Internet Solutions), is nearing completion and has made impressive progress towards its goal.

HPL Bristol_CSL

The problem with private clouds

Incremental improvements have got us to a point where private clouds work pretty well, acknowledges Murray. But try and connect them together, he says, and the quality of service you can expect immediately sinks. Beyond that, it's much harder to make those connections than it should be.

"Think of how telephony works," Murray suggests. "You dial a phone number with your local provider and they automatically route it through all the providers needed to set up the call. We want to be able to do the same for cloud networks. Today, though, it's as if I still had to first call every telecom provider between Bristol and China in order to have a conversation with one of my colleagues in Beijing."

As a result cloud computing isn't working nearly as well as it could. Enterprises might be able to connect with an external cloud provider like Amazon, for example, to integrate what's known as a Virtual Private Cloud, but they can't do it automatically, with much flexibility, or at scale – thus missing out on the efficiencies that a truly integrated cloud would offer.

A major focus of the SAIL project has thus been to research how different cloud systems can talk with each other and then seamlessly and safely connect, and then connect on again to other networks in the same way. It's a question both of creating new infrastructure models that work better than before, and at the same time making sure that old systems will still work with the new. Murray and his colleagues call it Cloud Federation.

New frameworks

As most private cloud systems can't automatically 'dial' each other up, the researchers have been looking to create a framework that sits between the different systems and allows each to plug in both securely and automatically. Do that, says Murray, "and you can start bringing different cloud operators in into the architecture and then everything can happen seamlessly. So it's a federated infrastructure that goes across multiple providers."

There are other problems to address, too. Systems need to agree on their definitions of services, for example, so that they can all deliver the right service, in the right location, with the right kind of security when requested. And customers need a reliable system of assurances that they are getting what they asked for. "That's a big issue that is just unaddressed at the moment," Murray explains, "and that's a big inhibitor for people to use cloud services."

Murray's team has been testing ideas for how this might all work on a pair of trial systems installed across Europe, built in connection with the SAIL project. Both connect multiple, large data centers with emulated and real operator networks.

"We've used three different software stacks for doing the data center virtualization and about seven different network technologies for doing the networking in between," Murray reports. "There's no escaping that real providers use different network technologies, so until we actually build something on top of all these new and existing protocols and try to stitch them all together, you're not positively sure that what you are doing works, or what problems you'll run in to."

The full promise of the cloud

As SAIL nears its January 2013 completion date, HP's Federated Cloud team is happy with what they've managed to achieve. "We've built systems and made them work," says Murray. "We've deployed some cloud services on top that span across the different data centers – and we've tried scaling them. We're now working with some more advanced demonstrators that do automatic scaling of things like content distribution networks, which dynamically make use not only of scaling up and down capacity, but also spanning out across geographies according to demand."

The research gleaned from the test systems will be shared in technical papers and offered to standards organizations as the basis for new cloud protocols. It has also produced new open source platform software.

Just connecting with the other members of SAIL – which included researchers from Ericsson, Nokia Siemens Networks, NEC, France Telecom, Portugal Telecom, Telefonica, INIRA, the University of Bremen, and Trinity College Dublin – has been an advance, adds HP team member Luis Vaquero Gonzalez. "Bringing together such a diversity of partners has been huge," he says. "You get to know what the vendors, the network providers, and the network gear and equipment people are saying, and you understand as a software developer what they do. I think it will help us help businesses because we now understand each other better."

It's businesses and their customers that will ultimately benefit from a fully federated cloud infrastructure, notes HP Cloud and Security Lab director Martin Sadler.

"It's clear to organizations that there is value in the huge amounts of data they are now producing," he says, "but it's proving difficult for them to monetize it."

Businesses don't want to give their data away, Sadler suggests, but neither do they want to keep it locked inside their firewalls.

"A single cloud can allow for information to flow efficiently and controllably between the various parties." he notes. "But right now, most companies aren't using the same systems as the companies up- and downstream of them. As we begin to understand how to federate the clouds together easily, we'll be able to put in place the kind of infrastructure to achieve this controlled data flow – and then organizations will finally be able use their data as they'd like."