Architectural foundations
- Open source, vendor neutral architecture, leveraging many years of INFN leadership, investments and know-how in e-infrastructures and distributed computing projects such as WLCG, INDIGO-DataCloud, eXtreme-DataCloud, DEEP Hybrid-DataCloud, ESCAPE and others.
- Federation of existing Cloud infrastructures for both compute and data.
- Cloud infrastructures federated to INFN Cloud can be private or public. INFN Cloud supports the connection to OpenStack, OpenNebula, Amazon Web Services, Google Compute Cloud, Microsoft Azure, Mesos Clusters, Kubernetes Clusters (planned).
- Consistent authentication and authorization technologies and policies at all Cloud levels (IaaS, PaaS, SaaS) via OAuth and OpenID-Connect, supporting also legacy AAI solutions, via INDIGO-IAM.
- Dynamic orchestration of resources via the INDIGO PaaS Orchestrator across all participating Cloud infrastructures, according to agreed SLAs and Rules of Participation.
The INFN Cloud architecture
- An INFN Cloud backbone spanning the two main INFN computing sites (CNAF and Bari).
- In each of these two sites there is an “INFN Cloud backbone infrastructure”, connected at high speed with each other.
- The backbone is used to host the INFN Cloud core services, such as the PaaS core, the internal DNS, the logging and monitoring services, as well as user services that leverage backbone features, such as automated replication of object storage data across the two sites.
- A set of distributed, federated cloud infrastructures connecting to the backbone. Currently, the cloud infrastructures at CNAF and Bari (which are not the corresponding backbone infrastructures) are already connected to the INFN Cloud backbone, with several other INFN sites in the pipeline.