Pilot 2 – test environments preparation

Pilot 2 – test environments preparation

by Natalia Sobieska (CloudFerro) at 22 November, 2024

Pilot 2 Architecture

The first step of Pilot 2 was architecture preparation and it has been achieved (details in https://www.emerald-he.eu/pilot-2-description-cloudferros-role-in-emerald/). The next step was to prepare the test environments.
Pilot 2 is intended to demonstrate the operation of EMERALD for Infrastructure as a Service (IaaS) and Platfrom as a Service (PaaS) on a public cloud.
All Cloudferro’s public clouds are based on OpenStack. OpenStack is an open-source solution that enables organizations to build and manage scalable cloud infrastructure. It has several core components designed to handle specific cloud services. Resources tested by Emerald are managed by OpenStack components. For example, Virtual Machine (IaaS) is managed by OpenStack Nova component, Storage (IaaS) is managed by OpenStack Cinder while Kubernetes (PaaS) is managed by OpenStack Mangnum.
As shown in the diagram below EMERALD access to OpenStack components (e.g. Nova) and applications deployed on it (e.g. Kubernetes) is provided by APIs. Emerald will collect evidence for technical controls using these APIs. Organizational controls will be verified using CloudFerro’s documentation (policies and procedures).

environment

Figure 1. Pilot 2 architecture.

 

 

IaaS environment

The preparation of the test environment began with creating a dedicated organization for EMERALD and a project in OpenStack for this organization on one of our public clouds – WAW3-1.

environment2

Figure 2. Created project visible in Tenant Manaer.

As an example of using IaaS in the pilot, a virtual machine (VM) was created with the flavor ‘eo2.large’ (8GB RAM, 2 VCPUs and 32GB Disk) and the Ubuntu 22.04 LTS system. The machine has a pair of public and private keys and floating IP which allows to connect to the VM via SSH. The VM has access to EOData and two attached storage volumes: HDD and SSD. For this purpose, two volumes were created: a 50 GiB SSD and a 50 GiB HDD. An object storage container has also been prepared and filled with sample files.

environment3

Figure 3. Virtual machine created in the project.

environment4

Figure 4. SSD and HDD volume created in the project.

environment5

Figure 5. Object Storage container created in the project.

 

 

PaaS environment

An example of using PaaS in the pilot is the created Kubernetes cluster. The cluster has 3 nodes of type ‘eo1.large’ (including 1 master node).

environment6

Figure 6. Virtual machines which were created for master and worker nodes.

The environments will be expanded throughout the project to enable integration with EMERALD and verification of the requirements for the chosen security scheme. Fraunhofer will soon receive access to start testing the functionality of the Clouditor component with OpenStack.

Links:
https://creodias.docs.cloudferro.com/en/latest/
https://www.openstack.org/

[ TECHNICAL ADVANCEMENTS ]