Architecture
The FIBRE testbed is a research facility focused on network experimentation operated independently by Brazilian academic institutions and lead by the National Education and Research Network (RNP). As of today (May 2019), FIBRE is a federation of 18 experimentation islands and hosts over 700 users from at least 55 different organizations. Each island has a common nucleus of OpenFlow-capable switches and servers which are connected through the FIBREnet.
At the year of 2016, the FIBRE steering committee decided to adopt OMF6 as the sole control framework running in the FIBRE testbed, replacing the old controllers.
The basic idea behind the design of OMF6 is that “everything is a resource”, this approach allowed a more natural and generic architecture. However, specific requirements of the FIBRE environment demanded the development of additional components complementary to OMF6, namely the Experimentation Portal and the Clearinghouse (CH).
The figure below depicts the main components of the new generation of the FIBRE architecture, which we describe next.
The components of the architecture are structured in two categories: local components, that run in each experimentation island enabling them to have direct control of local resources, and management components that interact with the underlying infrastructure to expose interfaces for experimenters and other federated testbeds compatible with a SFA Aggregate Manager API (SFA AM).
The highest-level components of the architecture run at the management layer. Together, both Experimentation Portal and CH deal with user interaction and credential management, establishing an interface between experimenters and OMF6 components. While the Experimentation Portal was developed specifically to the FIBRE testbed, the CH was implemented according to GENI’s Clearinghouse specification.
The Central Broker is responsible for aggregating and advertising resources available in the testbed. It is also responsible for resource reservation and provision in due time. The AM Liaison implements the core functionality of the Central Broker. It acts as the communication interface between Central Broker and Local Brokers by using their
respective SFA Aggregate Manager API.
The Experiment Controller (EC) is the control entity responsible for orchestrating experiments described by scripts written in OMF Experiment Description Language (OEDL). A publish-and-subscribe message system is adopted for handling communications between resources and the entities interacting with them. Participants can create topics, subscribe to them and publish messages to them using AMQP, an open standard application layer protocol for message-oriented middlewares.
The Local Brokers expose a SFA AM API that allows discovering, aggregating and advertising local resources to the Central Broker. Each island must deploy their Local Broker to schedule and create reservations of its resources in the Experimentation Portal.
Resource Controllers (RCs) are proxies that intermediate message exchange between EC and local resources. They are responsible for controlling the life cycle of resources under their governance. They create instances of resources and send arbitrary control messages to them. These local resources may represent virtual machines, dedicated wireless enabled nodes, specialized sensors or OpenFlow resources (R1, R2 and R3).
The Experimentation Portal is a web interface built specifically to the FIBRE testbed that allows users to allocate and interact with the resources of each available island through a browser. Experimenters may create and manage shared projects, build experiments and add supported resources to them through the portal. The Experimentation Portal simplifies the use of the federation because it mediates the required interactions among CH, Broker and experimenters.
To use its services, experimenters must be authenticated. Given the diversity of users we intend to reach with FIBRE, experimenters may use the authentication granted by the Brazilian academic identity federation called CAFe (Comunidade Academica Federada), however, the portal supports local authentication to researchers who are not contemplated with a federated account. The Experimentation Portal is also designed to be compatible with other Shibboleth identity federations.
The Experimentation Portal interacts with OMF6 Central Broker both for resource discovery and reservation through a REST API exposed by the Central Broker. OMF6 resources are only available for use during the period reserved and granted to experimenters by the local broker.
The FIBRE Clearinghouse provides a collection of related services supporting the federation among experiments, resource aggregates and the underlying services of the testbed, offering services for federated authentication, user authorization and accountability. Its purpose is to manage user information and certificates, acting as the trust anchor in the federation, as it generates the credentials that grant user authorization across the other modules of the FIBRE architecture.
The CH manages projects and experimenters identities, as well as their privileges in each project context. The highest-level authentication and authorization processes are performed via the exchange of credentials between Experimentation Portal and CH.
The communication between the Experimentation Portal and the CH is again done through a REST API, which enables the management of accounts, projects and slices in the portal web interface. This API allows experimenters to retrieve their credentials necessary to access the OMF6 Central Broker and the OMF6 Experiment Controller.
For further information about the infrastructure, visit these pages: