Demonstrator Tutorial Demonstrator Tutorial

Overview of the Contrail system, components and usage
Bringing data centre style versatility to the Cloud

Contrail - Bringing data centre versatility to the Cloud
Cloud computing is en vogue today. However, what it exactly is and how it can help your business is not always obvious. This White Paper provides a global overview of Contrail and is intended for IT managers that want to quickly get an idea about how they can take advantage of federated Clouds at an Infrastructure-as-a-Service or Platform-as-a-Service level. In this White Paper we describe how the software that is being developed by the Contrail project can bring data centre style versatility to the Cloud that includes scalability, flexibility, security, and reliability. In this context a Cloud can be a private, public or hybrid Cloud. A Cloud can be a set of infrastructures (Infrastructure-as-a-Service) or platforms (Platform-as-a-Service) managed as one single entity by system management software, commonly referred to as Cloud middleware (OpenNebula, OpenStack, etc.). Contrail also enables and supports Software-as-a-Service (SaaS), even if SaaS itself is not in the scope of Contrail.
Contrail focuses on several aspects that will make Cloud computing more versatile:

  • Contrail provides federation of all types of Clouds
  • Contrail provides interoperability (VEP)
  • Contrail provides federated identity management, security and SLA support
  • Contrail provides an industry grade Cloud file system
  • Contrail provides Platform-as-a-Service layers, allowing easy management and deployment of applications and data storage.

In several use cases Contrail will demonstrate how this technology can be used to set up distributed Cloud environments that offer the kind of versatility that today can only be found in data centres.

[about the cloud]
Cloud computing is booming. Running applications "In the Cloud" has become big business. However, running applications in the Cloud - Software-as-a-Service (SaaS) as it is commonly called - is just one part of Cloud computing.
Beneath this Software-as-a-Service, there are several other layers of Cloud computing. There is the Platform-as-a-Service layer. What you get as service here is a computing platform. This could be a PHP web platform or an SQL database. This layer is typically used by application developers or providers that provide Software-as-a-Service to the masses.
But in the end all of it needs computers to run on. This is provided by the next Cloud level: the Infrastructure-as-a-Service layer. Here the offer is a Virtual Machine or many Virtual Machines, that each are  complete systems, working under Windows, MacOS or Linux. Infrastructure-as-a-Service  is  the alternative to buying your own machine(s).
There are some more Cloud Computing layers that recently gained interest. Networking-as-a-Service is one of them.
From a business perspective Cloud computing is about renting software and infrastructure instead of buying it. So you pay as you use. Cloud computing is also about reducing complexity of maintenance of IT. You do not have to maintain systems yourself. You just use them and always have the most recent version available. Because you rent hardware and software, you can easily rent more when you need it, and release it again when you do not need it anymore. This is what is called elasticity.
So what is your Cloud? What is your interest? Read on and find out about opportunities, problems and answers.

First and foremost inspiration for decision makers to turn to the Cloud is changing investment costs into renting cost, thus freeing up capital. Migration to the Cloud saves cost on in-house IT infrastructure, maintenance, and licenses. And that is not a vague promise, it's a fact. 97 percent of SMEs that have put some operations in the Cloud report they got what they wanted in terms of cost savings and increased flexibility (CompTIA survey 2011). Yet less than 50 percent of small business owners do expect cost savings from a switch to Cloud (Newtek survey 2011).
This comes as no surprise. Cloud opportunities are less evident than they appear. And they are flanked by Cloud threats. Since both lack common understanding, the uncertainty of economics and the fear of the unknown make business owners wait to see which way the cat jumps. Their fear to act upon the provided Cloud opportunities is not helping the economy.
Rather than budget driven migration, opportunity driven innovations could propel SMEs into the auspicious environment of the Cloud. Let's investigate the opportunities.

Flexibility, agility, scalability
Virtualization technology makes the Cloud tremendously flexible. In a matter of minutes you can multiply capacity, improve performance or share resources and data.

Cloud availability comes in two ways: in accessibility and in capacity. You can use your Cloud resources from wherever you are and you can choose to use it as much as you like.

Speed to implement
No slower than you set up your Cloud services you are up and running. Business start-ups with brilliant ideas accelerate from nil to 100 virtual machines in a day. And 200 the next. And maybe 3000 the week after?

From a global point of view, Cloud outsmarts all other solutions because resources are shared optimally.

Cost reduction
With the Cloud there is no need for upfront investments in hardware, software and IT staff. You pay for what you use. So you can free up capital and can use it in another way.
Depending on your requirements the list of opportunities and advantages can grow or shrink. And maybe that is the biggest advantage of Cloud. Because so does your use of the Cloud.

[common problems]
Of all barriers that Cloud critics can raise, security is the most heard of. You have to depend on your Cloud provider's security standards, or suffer the lack thereof. Yes, your corporate data seems easily accessible in the Cloud. But perhaps the average on-premise infrastructure is not much more secure, and only feels safer.
Less prominent is the fact that Cloud services, other than the easy to use SaaS solutions, demand for highly capable staff and continuous monitoring. And the Cloud is not that homogenous as one would wish, so for each and every new Cloud environment a new set of interfaces has to be developed. Let us investigate the common Cloud problems.

Vendor lock-in
Most vendors want you to use their Cloud; their specific implementation of a Cloud layer. There is no easy way to switch from one Cloud vendor to the other. If you want to change vendors you need to adapt to a new management interface to manage your Cloud applications; you have to adhere to a different security model, you have to use different storage structures and data access methods. Another critical problem for business is relying on a Cloud provider which might run out of business and you cannot escape easily this situation.

Data control, transparency and monitoring
Where's your data? Who owns it? Who else has access to it? Can you get it back? And can you monitor the performance of your Cloud service? For many organizations these are critical issues. A special problem is posed by legal issues. If you cannot control where your data is actually located, it may well be on a server to which foreign government officials have access.

Reliability, availability
Cloud availability is typically lower than what is offered by large data centres. Can you always access your Cloud services? Can your users? Even the largest Cloud providers occasionally have times their service is not available. And how redundant is your data. How soon can you recover?

Security and identities
How many different usernames and passwords do you have on the Internet? Probably too many. Cloud computing makes it even worse, because you need to get an "identity" on each Cloud service. Your identity needs to be secured. And your data needs to be secured too, since it is no longer protected by being on a local machine in your office. Security policies and identity management still are far from standardized in the Cloud.

Service Level Agreements (SLAs)
When your business depends on the availability of your applications and your data, you want to be sure you and your users can (nearly) always use it. However, Service Level Agreements (SLAs), for Cloud services are either non-existent or very basic.

Difficult to set up and administer
For a local machine in your office, your local system administrator knows what to do. IT is a relatively static environment. Providing services in the Cloud is much more dynamic. It requires set-up that is more complex. The environment changes when the Cloud provider upgrades or changes his systems. System administration in the Cloud requires a different set of skills.

[common answers]
Surely Cloud providers are eager to subduct the common obstacles for Cloud users. But the fact is: they are not that easy to tackle. So what are the common answers you get today when you ask for solutions to the common Cloud problems?

Vendor lock-in
There is not a real answer to this yet. Some companies offer an interface to several Cloud providers. Advantage is that you can use resources from several Cloud providers, be it most of the time in a rather primitive way, but still: you get locked in by the company that offers the Cloud interface.

Control your own data
Some companies now offer the service that they promise to store data in data centres in a specific region of the world, say Europe. However, this is not very fine grained, unless you go to a local data centre yourself, but then it is not the Cloud anymore, is it? Who really has access to your data often remains unclear.

Service availability
For high availability, you have to pay more, sometimes so much more that it makes sense to either just buy your own systems or go to a regular data centre. Or you can choose several Cloud providers and distribute data and services by hand, taking care you always have a shadow service running. Which makes things rather complicated.

There is not much you can do about multiple sign-ons and security vulnerabilities. There are some efforts, like OpenID to move towards simplifying identity management, but it is all very much in its infancy.

To know what is really happening with your services, applications and data in the Cloud, you need to set up extensive monitoring and notification services. Different solutions are available, but they come at a cost.
Cloud computing offers ample opportunities, but all in all, with current Cloud computing offerings the issues, problems and uncertainties impede many businesses in the adoption of Cloud technology. And that is where Contrail comes in.

[contrail vision]
Contrail will tackle a number of the problems in today's Cloud computing. As a result you will have access to a Cloud environment as versatile as if it were your own data centre.
So, Contrail will bring data centre versatility to the Cloud by developing a software stack that enables:

Federation is at the heart of Contrail. Federation allows to combine services from different Cloud providers and use them as one federated set of services. You get to combine the best services.

Identity management
Identity management is federated. This means you only need one set of credentials, for instance a single username/password to use all the different services from the different providers. As a result security is also federated: a user may use his preferred means of identification, Contrail will translate it into the credentials a Cloud provider needs.

Services level agreements are federated. The user only has to express his service level requirements once. Contrail then decomposes and translates it to requirements that can be matched with individual resource providers' offerings.

File system
Availability of data and services is improved by using a reliable and distributed Cloud file system as basis of the storage.

The federated services can be packaged in easy to use Platforms-as-a-Service. These platforms can use the complex federated Cloud, but the complexity is shielded from the user that only sees familiar platforms.

An interoperability layer is used to ease the management of the infrastructure and the deployment of the application.
All these aspects lead to a federated Cloud in which you can put your trust. A Cloud that delivers what it promises; where your data is always available, and where you can choose the options that fit your needs and budget. The Cloud becomes your Cloud.
Contrail is delivered as open source software and supported by several service companies that can help you with setting up and maintaining Contrail based federated Clouds.

[contrail system overview]

Contrail component What this component does What you need before you can install it How it fits in Contrail Can be used independently from Contrail
Contrail PaaS (ConPaaS) Platform-as-a-Service for web applications (Java, PHP), NoSQL, SQL, Task Farming, MapReduce. Access to Amazon EC2 or a working OpenNebula Cloud. Builds on XtreemFS to store data and applications. Interfaces with the federation layer. yes.
Contrail XtreemFS Highly available cloud file system with policy-based customization e.g., to control the placement of data. File system clients are available for Linux, MacOSX and Windows. Can also be used in Hadoop or directly through client libraries for Java and C++. Can be used as a component at several levels, PaaS and IaaS, where reliable storage is needed. yes.
Contrail Security Federated support for identity management. Security for SLA support.   Provides federated identity management for users and resources providers. Provides security at all levels of the federation. Perhaps, but it needs a federation to be useful.
Contrail SLA Definition of SLA's at federation level. Splitting SLA's to resource providers. Monitoring of SLA's. Cloud federation. Provides SLA definition, monitoring and enforcement at all levels of the federated Cloud. Perhaps. But it would need adoption. It could be used by a Cloud provider to manage the SLAs. It should not need the federation.
Contrail VEP Virtualized Execution platform. IaaS infrastructure with resource providers using OpenNebula or other supported Cloud. Virtualizes re source providers at the IaaS level and presents them to the PaaS level. VEP can work as a standalone component.
Contrail VIN Virtualized Infrastructure Network. IaaS infrastructure with resource providers using OpenNebula or other supported Cloud. It integrates (federated) IaaS resources of an application by providing a virtual private network. VIN could be integrated in other Cloud solutions.
Contrail Federation Integrates all components of Contrail into a single federated Cloud. Cloud providers. Turns a number of individual Clouds from resource providers into a single Cloud. Allows users to execute services on this federated Cloud. Federation is a core Contrail service, that can be used as a separate component by relying on SLA technology and the availability of suitable Cloud providers.

[contrail system diagram]

[contrail federation]

Cloud issues addressed
Today's Clouds all run in isolation. Combining services from several Clouds has to be done by hand, by writing scripts that are difficult to maintain. Credentials have to be entered many times, as each Cloud has different authentication procedures. Combining different services automatically would give flexibility to users to customize the Cloud according to their business needs.
Both Cloud providers and their users would really be pleased to use the Cloud with one identity, having Cloud capacity made to measure, dynamically scaled to suit the tasks and with automatic SLA management. And it would drastically boost the use of Cloud solutions.
But it can't be done yet. It's not a homogenous Cloud we're dealing with. The Cloud is as versatile as you can imagine. Deploying in the current Cloud needs customization to various providers and users unavoidably get entangled in commitments to particular providers, that lock them in for strategic purposes. Within the context of evolving Cloud technology this market situation impedes the desirable evolution to a common, integrated Cloud.
Ideally, one could merge all Clouds, allowing for individual providers' business models and yet coordinate SLA management provided by single Cloud providers. It would be a federated Cloud and it is at hand.

Contrail's Solution today
Contrail enables interoperability amongst Cloud providers. The best provider for the job, according to the requirements and type of application, is dynamically chosen and for any one job, providers can be combined. Operations can be migrated, scaled and secured. And with all this the Contrail federation also handles SLA management. Contrail turns multiple heterogeneous Clouds into one federated Cloud that, as a single Cloud, can be exploited.
Contrail federation provides the following functionality:

  • Dynamical match between job and provider(s)
  • Deployment in time and at runtime
  • Allowing provider collaboration
  • Migration and elasticity
  • Security and privacy framework
  • Quality of Service: Minimal SLA support
  • SLA, Quality of Protection and other
  • Provider selection and integration
  • Enforced mechanisms
  • Interoperability
  • Federation as a mediator and a 3rd party for security and SLA management
  • Basic adapters for XtreemFS, SLA, VEP and VIN.

Federating the Cloud will lower the barriers for Cloud providers, big or small, and Cloud users alike and greatly improve usability and reliability.

Contrail Solution in 2013
Runtime state watcher image manager - complete version
Complete SLA support
Complete adapters for: SLA, XtreemFS, provisioning manager (PM), and VIN full PaaS support

[contrail xtreemfs]
A distributed and replicated file system for the Cloud

Cloud issues addressed
It is all about data, and file systems are the most basic data storage systems in existence. However, with Cloud services spread all over the world, data location and data availability are more and more becoming barriers to further adoption of Cloud technology.

Contrail's Solution today
Cloud data storage capacity seems endless. Numerous virtual resources offer distributed and redundant pay for what you use capacity at a bargain. Reliable, elastic and always accessible. But where is your data? Somewhere invisible in the Cloud or on a private Cloud of your competitor? How reliable is your provider and how secure is your data?
Best would be to set up your own distributed storage, using XtreemFS. It is a distributed and replicated file system for the Cloud and offers significant leverage compared to other solutions.
First: XtreemFS is POSIX compliant. From a user's point of view, it looks and behaves like a local file system. Any application can therefore access XtreemFS without having to be adapted to a specific Cloud storage systems and APIs. This can considerably reduce development and maintenance costs of applications for the Cloud. You are by no means limited to POSIX, since XtreemFS also provides alternative Cloud storage interfaces.
Second: XtreemFS offers high availability and data safety through replication. Unlike most other Cloud storage systems, it offers strong replica consistency and provides different replication mechanisms. Read-only replication can e.g. be used to prevent I/O bottlenecks in Content Distribution Network (CDN)-like scenarios, in which large chunks of data (e.g., virtual machine images) are accessed by many users at the same time. Alternatively, read-write replication can be used to ensure that any written data is safely stored in the face of storage device failures.
Third: Locality of data. You can tell XtreemFS for every file, which resource providers can be used, depending on your business needs.

Features of the XtreemFS file system:

  • SPOF-free: No single point of failure since all services are replicated;
  • Efficient Read-Only Replication to increase I/O throughput for immutable files;
  • POSIX compatibility; Support for SSL and X.509 certificates (no need for VPN);
  • Global distributed (Cloud) installations;
  • Elasticity & scalability; Extensible through policies and plug-ins;
  • Striping for Parallel I/O; Asynchronous MRC backups and files system snapshots;
  • Metadata caching on the client side;
  • Network and geo location awareness; Data integrity.

Contrail Solution in 2013

  • Single-point-of failure-free: All services will be replicated;
  • Support for Apache Hadoop; Windows client;
  • Integration with Contrail e.g., provide user storage for federation users
  • XtreemFS service in ConPaaS: Create an XtreemFS service deployment within minutes and easily add and remove storage nodes;
  • Revised/improved file system maintenance tools.

[contrail paas|conpaas]
ConPaaS, integrated runtime environment for elastic Cloud applications

Cloud issues addressed
When you have a new idea for an Internet based business, you need to write an application, make sure you have a database for transactions and other information, and a place to run it so your customers can access it. The "place to run" today is the problem in the Cloud. You can get Virtual Machines and manage them quite easily. But putting your application and databases in there can be difficult when you need many load balanced Virtual machines.
Somewhere in the Cloud lies an abundance of computer capacity. It offers both storage and computing power. It is available, scalable and right there for grabs. Or isn't it?
Well, it is, but it is not so easy to get your web application or service running in a Cloud environment. Setting up and configuring your desired environment requires specialized skills and precise coding. And for each and every new infrastructure (on the web or elsewhere) you would need to adapt to different specifications. And once you're up and running comes the monitoring and maintenance. Let us face it: deploying your application in the Cloud is rather complicated, time-consuming and costly.
That was before ConPaaS. The Contrail Platform-as-a-Service is an open source environment for easy application hosting in the federated Cloud.

Contrail's Solution today
Contrail's PaaS component provides a zero-configuration running and load-balancing of a set of applications and databases. You can compose your complex application out of these.
Application platforms supported by ConPaaS:

  • Web hosting, supporting static HTML documents, PHP programs and Java servlets
  • MapReduce data processing
  • Task farming (Bag-of-Tasks) computational programs

Database storage platforms supported by ConPaaS:

  • MySQL database
  • Scalarix, NoSQL data store

ConPaaS today runs on top of both Amazon EC2 and OpenNebula based Clouds. To make use of the platforms you need to install the ConPaaS system only once. For fine tuning ConPaaS supports Python and Django and allows the upload of custom instance startup scripts.
ConPaaS makes it really simple to get your application running in the Cloud. Click a few buttons, actually specifying your needs, and you're on. Need more servers? You can add any number on the fly. And of course it's just as easy to scale down. ConPaaS is very simple to use and it makes 'your platform' totally scalable. And it is open source and thus extensible.

Contrail Solution in 2013

  • Scratch disks, start-up script and performance monitoring
  • XtreemFS service; MySQL cluster service
  • ConPaaS runs over VEP, Contrail federations and uses VIN to interconnect the VMs deploying the service

[contrail security]

Cloud issues addressed
Security forms an important part of the Contrail Cloud infrastructure. This is partly to address existing general security concerns in distributed collaborations, such as for a resource provider: "how do I know who my users are", or for a user: "how do I protect my data against being modified/stolen", or concerns specific to the Cloud, such as "how do I know where my data is" and "how do I know I can trust the provider?". Most commonly a user's identity has to be known to the resource provider in a way it allows him to determine whether to grant access to resources or not. In a federated Cloud, each resource provider can have his own set of identity checking rules and tools. That rather complicates things.

Contrail's Solution today
Contrail security consists of two parts: the first is a federation which binds together users and resources. The federation part, in general, allows users to log in both via a portal and using command line tools. Users have a single login to the federation, normally using an existing identity, but it can also be a password managed within the federation. Once logged in, they have access to resources from multiple providers with a single identity, and their accounting data is aggregated at the federation level.
The second part of Contrail security consists of evaluations of the levels of protection of data inside the Cloud in a way which is meaningful not just to users but also to services that are looking for resources on behalf of the user. In other words, the protection must be understood by both humans and machines. One common example is restrictions on the geographic region in which the data is stored, but it could extend to higher levels of protection which also worry about how data is transferred and processed. By expressing the security levels within SLAs, we enable a marketplace of Cloud security, where a provider offering more secure processing of data can cover the extra costs associated with implementing this security. More secure services will simply be slightly more expensive, and users who do not worry about their data security can just look for the cheapest provider.

Contrail Solution in 2013
Update database with external SAML attributes; OAuth2 services, including log-in, and certificates; VIN CA - CA as a service, integrated with VIN; Multiple front ends to federation.


Cloud issues addressed
Current Cloud offerings are mostly at the level of best effort. This may or may not be sufficient for your application needs. Service Level Agreements (SLAs) can help here, as they would allow for a more differentiated approach to get Cloud services that fit requirements. In a federated Cloud, with different resources providers, each with a different SLA offering, and probably different pricing structures, a way to select the correct ones becomes even more urgent.

Contrail's Solution today
Contrail-SLA implements basic SLA functionality for Cloud computing on resource provider level and on a Cloud federation level. It implements SLA template creation, browsing and querying. It also provides SLA execution planning and adjustment. Contrail SLA is based on SLA@SOI, which is compliant to WS-Agreement, and extends it by integrating with Open Virtualization Format (OVF) which is used to describe the application. Accounting is implemented at all levels.

Contrail Solution in 2013
SLA template browsing; automatic SLA negotiation and coordination, SLA based provider selection, support for OpenStack IaaS and for SLA violation detection.

[contrail virtual infrastructure network|vin]

Cloud issues addressed
In today's Clouds, hardware systems are virtualized into Virtual Machines (VMs). The networking addresses for these Virtual Machines are provided by the resources providers, e.g. the Cloud providers. When federating multiple resources from multiple Cloud providers, also the networking has to be abstracted - virtualized - as do the resource providers. An important feature is the isolation and compartmentalization of the applications.

Contrail's Solution today
VIN integration in the Contrail software stack serves as enabler for other Contrail components. It virtualizes the network and the resource providers, generating a virtualized infrastructure. The Virtual Infrastructure Network allows authenticated and encrypted communication via IPSec and the possibility to choose the level of protection. Virtual networks are dynamically created per user/application and contain a control network. Also the VIN serves within a Cloud and extends to other infrastructures (for Cloud federation), to a global autonomous file system (Contrail XtreemFS), and to external machines.

Contrail Solution in 2013

  • Integration with VEP, XtreemFS, security prototypes
  • Final feature set

[contrail virtual execution platform|vep]

Cloud issues addressed
A typical Contrail Virtual Execution Platform uses open standards, provides support for SLA negotiation and elasticity via advanced reservation and also provides monitoring data to higher level services. It manages computational resources in the Cloud(s), integrates both file storage and remote client machines. VEP provides the proper means for interoperability and easy management of the resources at the IaaS level, hiding all the complexity. Moreover it is SLA aware and it is an important component to deploy application requirements.

Contrail's Solution today
The Contrail Virtual Execution Platform (VEP) helps a Cloud service provider to participate in the Contrail federation. It allows the provider to partly or fully provision its infrastructure resources for the federation. The software provides support for open standards such as DMTF OVF standard and in future would provide a full OCCI restful interface which would enable the Cloud provider resources to be easily integrable in third party complex Cloud services, thus opening up more monetary avenues for the provider. VEP, when fully integrated with other Contrail components, would help the Cloud provider to support Service Level Agreements (SLAs) and more advance Quality of Protection (QoP) requirements of user applications.

Contrail Solution in 2013

  • VIN integration with VEP, XtreemFS, security prototypes
  • Deployment Document (DD) creation / OVF provisioning
  • Deployment SLA verifier module. The SLA enforcement will be done via the SLA components at the provider layer. VEP will take only inputs and corrective actions like adding more VMs.
  • REST authentication and authorisation
  • VEP OCCI and full OVF support, including SLA compliance

[summary of contrail releases]

Contrail current release
The current release described here is Release 1.1 of the Contrail software stack. It is a complete alpha version of good quality. It has been extensively tested by the developers, but it needs more testing in real use applications to become industry grade software. However, if you want to be on the forefront of Cloud computing, Contrail might be the right choice for you. Some components are already better tested than others.

Contrail 2013 release
The 2013 release of the Contrail software stack will contain updates to the 2012 release, and hence be beta quality for those components. In addition there will be a number of new features added, as we described with each component. However, these list our current intentions. We expect these features to be ready by 2013. But it could well be that some are not, and that during the year, and as a result of the feedback on our first release, other features will be added.

Contrail component Current release (1.1) Comment 2013 release (1.7/2.0) Comment
Contrail PaaS (ConPaaS) Platform-as-a Service for Web applications (Java, PHP), NoSQL, SQL, Task Farming, MapReduce. Not yet integrated with other Contrail components. Can be used independently. MySQL Cluster and integration with VEP and VIN. 2013 release of Contrail PaaS will be integrated in the full Contrail stack.
Contrail XtreemFS Cloud high availability file system. With localization based storage. Integrated in the Contrail software stack for storage of components and data. Can also be used independently of other Contrail components. No single point of failure anymore. Integration with Hadoop and a Windows client.  
Contrail Security Federated support for identity management. Security for SLA support. Integrated with other Contrail components. Can be used as component in other types of (non-Contrail) Cloud federations too. Uses external standard SAML Attributes. Could be used as a component in other systems.
Contrail SLA Definition of SLA's at federation level. Monitoring of SLA's. Integrated in the Contrail software stack. Needs adaptation to be used as a component in other systems. SLAs will be available in 1.3 and there will only be support at the provider level.  
Contrail VEP Virtualized Execution platform. Integrated in the Contrail software stack. OCCI based REST interface. Could be used as a component in other systems.
Contrail VIN Virtualized Infrastructure Network. Integrated in the Contrail software stack.   Could be used as a component in other systems.
Contrail Federation Integrates all components of Contrail into a single federated Cloud. Integrates Infrastructure as a Service from different re source providers. Integrated with Contrail PaaS. Allows dynamic al location of resources for different platforms.

[use case|distributed provision of geo-referenced data]

Problem addressed
Map sites are among the most popular services available on the Web today: people use them for locating places, planning trips, finding points of interest and so on. Maps would be even more useful if they could be augmented dynamically with all kinds of location specific data, so the map user can make his specific selection and combination. This data can be provided by many different data providers. Although there are some map providers that offer access to data providers, they mainly are located outside Europe and use closed source platforms. Hence there is a need for a European based open source platform for geo-referenced data. However, the use case does not use open source technology only and it is not bound contractually to use it.

Contrail solution
The Distributed Provision of Geo-referenced Data implements a 3D Virtual Tourist Guide (VTG) through Web access to interactive digital maps and geo-referenced multimedia content.
Users can zoom maps on a specific area of the globe and visualize them at different levels of detail, depending on available detailed information about the region. Layers can cover the territory partially or completely.
Added value is given by Points Of Interest (POIs) related to tourism (like hotels, restaurants, museums), historical information about monuments or places, weather forecasts, images shared by users, etc. The Virtual Tourist Guide service relies on the concept of Federation offered by the Contrail framework. It enables an open and distributed platform where companies and institutions, that are willing to share their maps or geo-referenced content, are allowed to add new terrain layers and POIs to VTG infrastructure. This will greatly enrich the quality of experience of the final users.
The service is managed by an Application Provider that monitors the quality of the overall service. Several Data Providers (including both Content Providers and Spatial Data Infrastructures) can join the service federating their private or public IT infrastructure: still maintaining full control over their data they can provide geo-spatial data and geo-referenced content from different sources to a single viewing environment.

Main features of VTG are:

  • User-friendly interface for an immersive navigation experience
  • Search and fly to geographic location
  • Dynamic activation of POIs

Data Providers are encouraged to contribute their services, since the Contrail technology guarantees a high level of security, protection, and reliability in data storage and management. The VTG platform could lower the initial investment needed for Data Providers: they could rent IT infrastructure from a Cloud provider in the Contrail Federation or they could easily federate their own private/public Cloud with Contrail. Quality of Service (QoS) is assured by transparent scalability and elasticity mechanisms provided by Contrail Federation. All this at reasonable costs!

Expected benefits of using Contrail

  • Dynamic platform with open API's that can be easily joined by data and content providers.
  • Locality of data assured: content providers can tell where their data may be used and by which user categories
  • Data providers through federation keep full control over their own data.

[use case|multimedia market place]

Problem addressed
Online buying of multimedia content, like movies and audio, is common use today. Mostly this is done through stores. But these are rather limited. Search facilities for the user are limited to key words or simple browsing; moreover, tags manually assigned to contents are often not reliable, thus further impairing the precision of search results. While Query by Humming technologies are being successfully used in some music marketplaces, Query By Image Content technologies (used for instance in many simple free reverse image search engines) haven't been widely applied yet for improving the internal searches of Multimedia Marketplaces, in particular for videos. From the multimedia providers' standpoint - regardless the existence of advanced content search services offered to their customers or not – the problems to be addressed in the application deployment concern scalability, elasticity, performance, security, and reliability. Deploying a multimedia service on the cloud is a clever option in order to satisfy the need of elastic and scalable resources, and together it also offers all the benefits of a pay per use model (no investments on infrastructure), but current cloud IaaS aren't a solid solution for other critical issues: reliability of the storage and of the running instances, overall security of the infrastructure, and quality of service.. Finally, a dynamic multimedia market place can interact with Content providers, offering pure multimedia contents, and Technology providers, offering adaptation and transformation services. While Content providers need trustable storage infrastructures to preserve their data, because their business comes from the commercial value of the contents they sell, Technology Providers need most of all computing power, so their major requirements are for elasticity, CPU performance and quality of service.

Contrail solution
Contrail technology will enable the implementation of such a dynamic multimedia market place. It will use the Contrail Federation components to allow Content and Technology providers to interact with each other's offerings, providing aggregated and focused content to a user. Contrail XtreemFS will assure the reliability of content for all the providers involved. Reliability of applications will be guaranteed by ConPaas and VEP. These aspects, and more, will be negotiated and enforced by a SLA component. Contrail technology will also be used to implement more advanced and refined search methods for the users, in particular MapReduce will be used by the data mining component responsible for content proposition purposes and VEP will support the scalability needed for demanding software in computational terms, such as face recognition processes inside videos.
The multimedia market place needs to be elastic and scalable. The marketplace is expected to grow. This requires an automatic scalability of all its services and components. Contrail PaaS can enable platform elasticity. The Marketplace and the Technology providers can use elastic MapReduce services.

Expected benefits of using Contrail Contrail will allow a real dynamic market place to be put in place at lower costs. It will allow multimedia Technology providers to sell their services immediately without the need to invest on development of final products accessible by end users. Similarly, Content providers will be able to focus on their core business (contents), preserving their data in reliable storage services Reliability will involve not only storage but also virtual machines, and proper SLAs will allow enforcing this important requirement for all the providers. Overall performance, in terms both of network bandwidth availability and system responsiveness, will benefit Technology Providers and the Multimedia Marketplace itself; related SLAs will be defined for this aspect too. Finally, Contrail security will allow confidentiality and protection of users' data and will satisfy legal constraints on data storage, such as geographical location.

[use case|scientific data analysis]

Problem addressed
Some scientific experiments are time consuming, hazardous, or expensive. Hence in these cases, it makes sense to prepare the experiments first "in silico": i.e. run simulations on computers, until the parameters space has been narrowed down to a small interesting set of parameters that can be used in a real experiment. Then a limited experiment can be conducted. Modeling a small angle neutron scattering experiment studying the structure of proteins is the simulation Contrail focuses on in this use case. This simulation software today however, runs on specific systems, that are not dynamically scalable.

Contrail solution
Contrail will be used to implement a complete simulation environment for neutron scattering experiments. (From the ISIS neutron scattering facility, .)The simulation itself will be implemented in a Contrail PaaS environment. Because simulations can sometimes exist of a dynamically changing number of sub-simulations that can run in the hundreds, elasticity as provided by Contrail is important.

Expected benefits of using Contrail
The outcome will be a flexible, scalable simulation platform, which will also be applicable for other scientific simulation experiments.

[use case|drug discovery ]

Problem addressed
Electronic Drug Discovery is another example of scientific simulation. Developing new (medicinal) drugs takes a very long time. With limited computational resources, the discovery of one promising solution has to wait for another possible solution. Insufficient computational resources form an obstacle for the life science industry.
In this Contrail use case, we look especially at implementing the bioinformatics application Bioconductor in the Cloud. Bioconductor is an open development software project to provide tools for the analysis and comprehension of high throughput genomic data. These types of simulations take vast amounts of data, and use large computational resources. They also require a secure environment.

Contrail solution
This use case is deployed directly on VEP. It uses VEP to ease the management of the VMs and facilitate the deployment of the application with a customized image. Another strong point is the use of XtreemFS for storing the data.
The Contrail platform provides security at all levels (Contrail Security), secure high-availability storage (Contrail XtreemFS), access to large elastic computational resources (Contrail Federation) and an easy application deployment environment.

Expected benefits of using Contrail
Using Contrail will lead to a more robust and flexible simulation tool for Electronic Drug Discovery. This will lower the costs for these types of simulation, and help lowering the time it takes to discover new drugs.

[other use cases]

Contrail can be used in many other cases, for instance in Community Clouds. Community Clouds are one of the exciting new developments in the Cloud computing area. For instance all major research institutes in Europe form a community to share computing resources and data infrastructures. They call this e-Infrastructures: infrastructures for eScience. Sharing resources from hundreds of institutes requires federation of the institutes' Cloud resources. There has to be a fine grained access mechanism in which scientific users from one institute can get access to resources from another one. Current mechanisms that are used by these e-Infrastructures do not support SLA's. Implementing these would lead to much better usage of the available resources.

Science today requires lots of data, one talks about Big Data, hence efficient and reliable storage, as enabled by Contrail is important.

Another example of Community Clouds are developments in the Health Sector. Stringent security restrictions lead to the need of a closed community of hospitals, medical research centres and medical companies, that each have access to part of the data stored inside the closed community. In the Health Sector a large number of organizations work together, each with their own data, that can be very big when they are for instance research data, processing requirements, ranging from basic data processing to number crunching. A federation of private Clouds - from the participating organizations - and public Clouds for low risk Cloud bursting applications will provide the requested security.

For a Health Sector Community Cloud, federation of Clouds is paramount. This is what Contrail provides, including the fine grained identity management and federated security infrastructure needed in this sector. Contrail PaaS can provide an additional Platform layer, making it easier to deploy and develop applications. The market places developed in the multi-media and geo-data market place use cases, can serve as a basis and starting point for a Health Sector market place. Of course, your situation may be different from the examples we described on these pages. As a rule of thumb: if you want to connect different Clouds together in a federation, the Contrail software is the right solution for your problem. If not the only one available to you.

[open source]

Open Source tools
Contrail components and the overall Contrail software system are available as Open Source. They are hosted on the OW2 open source platform that specializes in infrastructure software. Apart from the software that is available as source code and binary downloads, there are mailing lists and chat channels for developers. There is also a technical Wiki with documentation.
Open Source is interesting, but only if it is backed by service companies that are committed in supporting businesses that want to use Contrail or its components. XLAB from Slovenia, Constellation Technologies from the United Kingdom, HP from Italy, Genias Benelux from the Netherlands, and Linagora from France are experienced service companies supporting Contrail.

Contrail assumes there are basic Clouds available. In the current release, these have to be implemented using OpenNebula. In the 2013 release this will be partially expanded with, most likely, OpenStack based Clouds. If you want to install a Contrail component, like for instance ConPaaS, it may be worth to install an OpenNebula Cloud as part of your business. Contrail XtreemFS as a basic file system, does not need OpenNebula per se. You can run it on any Linux, MacOSX and Windows system.

Testing Contrail
Contrail partners operate several test beds for components of Contrail. These will eventually be merged into a test bed where the full Contrail system can be tested. You can use these test beds too if you want to explore the usefulness of Contrail.


This White Paper is produced by the Contrail Consortium to give insight in the technology and use cases developed by the project in the Cloud computing context. Although we did every effort to provide correct information, the actual working of the Contrail software and use cases could deviate from the descriptions given here.

The Contrail project is managed by the Contrail consortium.
Contrail is partially funded by the FP7 Programme of the European Commission under Grant Agreement

Version 4.0 2012-11-21
© 2012 Contrail project