T. Fisher Internet Draft P. Walsh Intended status: Informational Jackpine Technolgies Corp. Expires: March 18, 2017 September 19, 2016 Cloud Assets draft-fisher-cloudassets-00 Abstract There is no standardized method to describe assets used in a cloud such that they can be moved from one cloud to the next independent of the underlying architecture. This document defines Cloud Assets as a lightweight description of cloud resources and proposes a standardization of Cloud Assets into three major categories: Resource Assets, Component Assets, and Composite Assets. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on March 18, 2017. Copyright Notice Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this T. Fisher, P. Walsh Expires March 9, 2017 [Page 1] Internet-Draft Cloud Assets September 2016 document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction...................................................3 1.1. Terminology...............................................3 1.2. Background................................................4 2. Requirements...................................................4 3. Use Cases......................................................4 4. Cloud Assets...................................................5 4.1. Resource Assets...........................................5 4.1.1. Clouds...............................................5 4.1.2. Cloudspaces..........................................5 4.1.3. Cloud Networks.......................................5 4.1.4. Templates............................................5 4.1.5. Devices..............................................5 4.1.6. Appliances...........................................5 4.2. Component Assets..........................................5 4.2.1. Software: Applications...............................6 4.2.2. Software: Source Code................................6 4.2.3. Software: Data.......................................6 4.2.4. Test Cases...........................................6 4.2.5. Virtual Services.....................................6 4.2.6. Networks.............................................6 4.3. Composite Assets..........................................6 4.3.1. Systems..............................................6 4.3.2. Scenarios............................................7 4.3.3. Deployments..........................................7 4.3.4. Test Bundles.........................................7 5. Usage Example..................................................7 5.1. Resource Assets...........................................7 5.1.1. Cloud................................................7 5.1.2. Cloudspace...........................................8 5.1.3. Cloud Network........................................8 5.1.4. Template.............................................8 5.1.5. Device...............................................8 5.1.6. Appliance............................................9 5.2. Composite Assets..........................................9 5.2.1. System...............................................9 5.2.2. Scenario............................................10 5.2.3. Deployment..........................................10 5.2.4. Test Bundle.........................................10 6. Sample........................................................10 7. Security Considerations.......................................12 8. IANA Considerations...........................................13 T. Fisher, P. Walsh Expires March 9, 2017 [Page 2] Internet-Draft Cloud Assets September 2016 9. References....................................................13 9.1. Normative References.....................................13 9.2. Informative References...................................13 10. Acknowledgments..............................................13 1. Introduction 1.1. Terminology The following terms are used in this document: o Cloud Assets - The basis for building provisioning, and testing of cloud-based environments. o Cloud Environments - The user implementation of a cloud infrastructure. o Cloud Infrastructure - Infrastructure as a servcie that a user can consume from anywhere over the Internet. The cloud focuses on providing consumers the required capabilities rather than specific backend compute resources. o Infrastructure as a Service (IAAS) - a standardized, highly automated offering, where compute resources, complemented by storage and networking capabilities are owned and hosted by a service provider and offered to customers on-demand. Users are able to self-provision this infrastructure, using a Web-based graphical user interface that serves as an IT operations management console for the overall environment. API access to the infrastructure may also be offered as an option. [2] o Resource Assets - Elements of a cloud infrastructure registered by the cloud administrator. o Cloud Administrator - An entity that administers the infrastructure supporting the cloud. o Component Assets - Elements of a cloud environment imported by the user. o Composite Assets - Combinations of resource and component assets into defined entities o Virtual Machine - a software implementation of a complete system platform that supports the execution of a complete operating system and corresponding applications in a cloud. [1] T. Fisher, P. Walsh Expires March 9, 2017 [Page 3] Internet-Draft Cloud Assets September 2016 1.2. Background As more and more cloud infrastructure choices become available for consumers, the difficulty in choosing the cloud that best supports the customers needs throughout their application lifecycle becomes increasingly difficult. No cloud is a "one size fits all" and enabling use of different cloud providers at different points in the application lifecycle will better enable consumers to focus on meeting user requirements rather than infrastructure dependencies. This document describes a method to help standardize how assets are used in clouds so that they can be more easily migrated from one cloud to the next as needs dictate. 2. Requirements This document assumes the following requirements: o Cloud agnostic - usable by any underlying cloud technology o Loosely coupled - cloud updates will not break the asset o Human readable - configurable by any text editor o Flexible - supports wide range of use cases o Lightweight - does not include underlying OS itself o Reusable - well documented so that others can leverage 3. Use Cases The following use cases drove the development of the proposed standard: o Moving assets to/from commercial cloud provider from/to private cloud provider o Moving assets from one commercial cloud provider to another o Moving assets from one security classification level to another o Common assets enabling security compliance across clouds o Leveraging knowledge across teams working in different clouds o Migration from data center to cloud T. Fisher, P. Walsh Expires March 9, 2017 [Page 4] Internet-Draft Cloud Assets September 2016 4. Cloud Assets We propose the definition and structure of Resource, Component, and Composite Assets. 4.1. Resource Assets Resource assets are elements of a cloud infrastructure that are registered to be available for use. The Cloud Administrator controls which resources they want to allow access to. Resource assets include the following: Clouds, Cloudspaces, Cloud Networks, Templates, Devices, and Appliances 4.1.1. Clouds The account used to access a portion of IaaS cloud provider (e.g., Amazon Web Services, Google, Azure, or private cloud). 4.1.2. Cloudspaces A private space within a cloud with separate security boundary & access control (e.g. VMware Virtual Data Center or AWS Virtual Private Cloud). 4.1.3. Cloud Networks The networks in a Cloud that are accessible to the Cloudspace. 4.1.4. Templates Base installation of operating system into a virtual machine. Also known as images. 4.1.5. Devices A device or service that is accessible from the cloud. 4.1.6. Appliances A preconfigured (aka not configurable) virtual machine that is accessible from the cloud. 4.2. Component Assets Component Assets are imported by a user with appropriate permissions and used as building blocks for the construction, configuration and validation of cloud environments. Components assets include the T. Fisher, P. Walsh Expires March 9, 2017 [Page 5] Internet-Draft Cloud Assets September 2016 following: Software: Applications, Software: Source Code, Software: Data, Test Cases, Virtual Services, and Networks. 4.2.1. Software: Applications Applications include software installers, utilities and configurations. 4.2.2. Software: Source Code Software that is used to check out, build and install un-compiled code. 4.2.3. Software: Data Data assets are data sets available for use by other assets. Fewer required components; optional encryption. 4.2.4. Test Cases Description and properties used to perform functional, performance, and/or security validation tasks. 4.2.5. Virtual Services Virtual services are models representing the data inputs and outputs of a service. 4.2.6. Networks New networks created in the Cloud that are accessible in the Cloudspace. 4.3. Composite Assets Composite assets are combinations of resource and component assets that define how and environment will be built, configured and deployed (often referred to as recipes, blueprints, or manifests). Composite assets include: Systems, Scenarios, Deployments, and Test Bundles. 4.3.1. Systems A single system (e.g. virtual machine) that includes: o One template T. Fisher, P. Walsh Expires March 9, 2017 [Page 6] Internet-Draft Cloud Assets September 2016 o Zero or more Software: Application assets o Zero or more Software: Source Code assets o Zero or more Software: Data assets o One or more Network assets 4.3.2. Scenarios A Scenario asset includes one or more System assets and zero or more Virtual Service assets. 4.3.3. Deployments A Deployment asset includes at least one Scenario asset and zero or more Test Bundle assets. 4.3.4. Test Bundles A Test Bundle asset includes at least one Test Case asset. 5. Usage Example All assets have minimum required fields: String String String 5.1. Resource Assets 5.1.1. Cloud #Required String String String T. Fisher, P. Walsh Expires March 9, 2017 [Page 7] Internet-Draft Cloud Assets September 2016 5.1.2. Cloudspace #Required String 5.1.3. Cloud Network #Required String 5.1.4. Template #Required String Integer Integer Integer Integer String String #Optional Integer String String # 0 = no, 1 = yes Integer 5.1.5. Device #Required String T. Fisher, P. Walsh Expires March 9, 2017 [Page 8] Internet-Draft Cloud Assets September 2016 String String 5.1.6. Appliance #Required String String Integer Integer 5.2. Composite Assets 5.2.1. System #Required Integer # specs used to select a template Integer Integer Integer # in MBytes Integer Integer # 0 = no, 1 = yes Integer #Optional Integer Integer T. Fisher, P. Walsh Expires March 9, 2017 [Page 9] Internet-Draft Cloud Assets September 2016 # 0 = no, 1 = yes Integer 5.2.2. Scenario #Required Integer Integer Integer #Optional Integer 5.2.3. Deployment #Required Integer #Optional Integer String 5.2.4. Test Bundle #Required Integer Integer 6. Sample The sample xml below is for a Red Hat server with Java and JBoss installed. 5 T. Fisher, P. Walsh Expires March 9, 2017 [Page 10] Internet-Draft Cloud Assets September 2016 Red Hat 6 1 1 8192 1024 0 Java Java JDK 8u101 software 1 1 0 Application install.sh /media license.txt readme.txt john.do@example.com 6175555555 John Doe "Example, Inc." T. Fisher, P. Walsh Expires March 9, 2017 [Page 11] Internet-Draft Cloud Assets September 2016 JBoss JBoss 7 software 23 2 0 Application install.sh /media license.txt readme.txt john.do@example.com 6175555555 John Doe "Example, Inc." 7. Security Considerations One should be aware of and consider the variety of security best practices when working with XML and implement methods that best support your application of Cloud Asset descriptions. Consider especially using checksums to detect errors and verify data integrity. T. Fisher, P. Walsh Expires March 9, 2017 [Page 12] Internet-Draft Cloud Assets September 2016 8. IANA Considerations Namespace is managed by the underlying cloud infrastructure. 9. References 9.1. Normative References [RFC3470] Hollenbeck, S., et al., "Guidelines for the Use of Extensible Markup Language (XML) within IETF Protocols", BCP 70, RFC 3470, January 2003. 9.2. Informative References [1] Karmel, A., Chandramouli, R., and Iorga, M., "NIST Definition of Microservices, Application Containers and System Virtual Machines", NIST Special Publication 800-180 (DRAFT), http://csrc.nist.gov/publications/drafts/800-180/sp800- 180_draft.pdf, February 2016 [2] http://blogs.gartner.com/it-glossary/infrastructure-as-a- service-iaas/ 10. Acknowledgments This document was prepared using 2-Word-v2.0.template.dot. T. Fisher, P. Walsh Expires March 9, 2017 [Page 13] Internet-Draft Cloud Assets September 2016 Authors' Addresses Todd Fisher Jackpine Technolgies Corp. Email: todd.fisher@jackpinetech.com Peter Walsh Jackpine Technolgies Corp. Email: peter.walsh@jackpinetech.com T. Fisher, P. Walsh Expires March 9, 2017 [Page 14]