Community-Lab introduction

Check-in [ac7a3325ab]
Login
Home Timeline Files Branches Tags Tickets Wiki
Overview
Comment:Some more streamlining of architecture sections.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:ac7a3325ab0bb1c06ee819d1c03094936855bb4e
User & Date: ivan on 2012-09-20 22:34:21
Other Links: manifest | tags
Context
2012-09-21
11:16
Slight rewording of EU support and research challenge. check-in: c06b51da48 user: ivan tags: trunk
2012-09-20
22:34
Some more streamlining of architecture sections. check-in: ac7a3325ab user: ivan tags: trunk
12:25
Text for the testbeds slide. check-in: 2ecd6c7451 user: ivan tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Modified script.txt from [0df14cd02b] to [9c5a856712]. 

88
89
90
91
92
93
94
95
96
97
98
99
100
101

102
103
104
105
106
107
108
...
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130

131
132
133
134
135
136
137
138

- A testbed consists of a set of nodes managed by the same server.
  - Server managed by testbed admins.
  - Network and node managed by CN members.
  - Node admins must adhere to testbed terms and conditions.
  - This decouples testbed management from infrastructure ownership and mgmt.
- Testbed management traffic uses a tinc mesh VPN:
  - Avoids problems with firewalls and private networks in nodes.
  - Mgmt network uses IPv6 to avoid address scarcity and incompatibility
    between CNs.
  - Short-lived mgmt connections make components mostly autonomous and
    tolerant to link instability.
- Gateways allow a testbed to span multiple CNs.
  - Bridging the mgmt net over external means (e.g. FEDERICA, the Internet).
  - Gateways can route the management network to the Internet.

- A researcher runs the experiments of a slice in slivers each running in a
  different node.

** Nodes, slices and slivers
# Diagram: Slices and slivers, two or three nodes with a few slivers on them,
# each with a color identifying it with a slice.)
- These concepts are inspired in PlanetLab.
................................................................................
# Node simplified diagram, hover to interesting parts.
- The community device
  - Completely normal CN device, so existing ones can be used.
  - Routes traffic between the CN and the node's wired local network (which
    runs no routing protocol).
- The research device
  - Usually more powerful than CD, since experiments run here.
  - Separating CD/RD makes integration with any CN simple and safe:
    - Little CONFINE-specific tampering with CN infrastructure.?!
    - Little CN-specific configuration for RDs.?!
    - Misbehaving experiments can't crash CN infrastructure.
  - Runs OpenWrt firmware customized by CONFINE.
  - Slivers are implemented as Linux containers.
    - Lightweight virtualization supported mainstream.
    - Provides a familiar and flexible env for researchers.
  - Direct interfaces allow experiments to bypass the CD when interacting with

    the CN.
  - Control software
    - Uses LXC tools on containers to enforce resource limitation, resource
      isolation and node stability.
    - Uses traffic control, filtering and anonymization to ensure network
      stability, isolation and privacy (partialy implemented).
- The recovery device (not implemented) can force a remote hardware reboot of
  the RD in case it hangs.  It also helps with upgrade and recovery.








|
<
|
<

|
<
>







 







<
|
<
|

|
<
|
<
>
|








88
89
90
91
92
93
94
95

96

97
98

99
100
101
102
103
104
105
106
...
113
114
115
116
117
118
119

120

121
122
123

124

125
126
127
128
129
130
131
132
133

- A testbed consists of a set of nodes managed by the same server.
  - Server managed by testbed admins.
  - Network and node managed by CN members.
  - Node admins must adhere to testbed terms and conditions.
  - This decouples testbed management from infrastructure ownership and mgmt.
- Testbed management traffic uses a tinc mesh VPN:
  - Avoids problems with firewalls and private networks in nodes.
  - IPv6 is used to avoid address scarcity and incompatibility between CNs.

  - Link instability is tolerated by using short-lived mgmt connections.

- Gateways allow a testbed to span multiple CNs.
  - Connecting the mgmt net over external means (e.g. FEDERICA, the Internet).

  - Gateways can make the management network available to the Internet.
- A researcher runs the experiments of a slice in slivers each running in a
  different node.

** Nodes, slices and slivers
# Diagram: Slices and slivers, two or three nodes with a few slivers on them,
# each with a color identifying it with a slice.)
- These concepts are inspired in PlanetLab.
................................................................................
# Node simplified diagram, hover to interesting parts.
- The community device
  - Completely normal CN device, so existing ones can be used.
  - Routes traffic between the CN and the node's wired local network (which
    runs no routing protocol).
- The research device
  - Usually more powerful than CD, since experiments run here.

  - A separated RD minimizes tampering with CN infrastructure.

    - Also experiments can't crash the CD.
  - Runs OpenWrt firmware customized by CONFINE.
  - Slivers are implemented as lightweight Linux containers.

    - Provide a familiar and flexible env for researchers.

  - Direct interfaces allow low-level interaction of experiments with the CN
    bypassing the CD.
  - Control software
    - Uses LXC tools on containers to enforce resource limitation, resource
      isolation and node stability.
    - Uses traffic control, filtering and anonymization to ensure network
      stability, isolation and privacy (partialy implemented).
- The recovery device (not implemented) can force a remote hardware reboot of
  the RD in case it hangs.  It also helps with upgrade and recovery.

This page was generated in about 0.011s by Fossil 2.8 [d3bc4ee903] 2019-02-22 10:58:05