Skip to content

Infrastructure

The technology platform proposed under HBD consists of a federated Community Cloud between INFN and the IRCCSs participating in the project. The Federated Cloud consists of the extension of the INFN Cloud, as described below.

Specifically, INFN Cloud is a production Cloud based entirely on open source components, which consists of an ISO/IEC 27001 27017 27018 certified region currently deployed at the INFN-CNAF in Bologna and several other Cloud infrastructures deployed at numerous INFN sites distributed throughout Italy, and integrated according to a federated model inspired by NIST Cloud Federation Reference Architecture.

There is thepossibility of federating other Cloud infrastructures available in IRCCSs participating in HBD or networks of IRCCSs that wish to maintain and manage a certain amount of computing and storage resources locally, while participating in the HBD federation and sharing data and metadata to which they have ownership.

Cloud federation is implemented in the INFN Cloud through the following four key components.

  • INDIGO-IAM authentication and authorisation system, through which, in addition to normal local authentication with a username and password, it is possible to build Single-Sign-On federations with any OpenID-Connect compatible Identity Provider (IDEMEDUGAIN, Google IdP, SPID, etc.).
  • Data management system through RUCIO, which enables the processing of huge amounts of data (in the order of tens of PB), distributed across data centres worldwide, by implementing storage, backup and replication policies in a declarative and standards-based (JSON) manner.
  • Data transfer system through FTS, which enables data to be transferred between various cloud instances via REST API, managing and monitoring transfers with graphical dashboards and monitoring systems capable of sending real-time notifications.
  • PaaS-level resource orchestration system through the INDIGO-PaaS Orchestrator, which is responsible for the automatic selection of resources taking into account access policies, user requirements and resource availability.

The indicated components are fully integrated, enabling the management of role-based data access policies (RBAC) defined in INDIGO-IAM. The federated HBD infrastructure is implemented technologically from the INFN Cloud, expanded in terms of resources (e.g. storage, CPU, GPU) that are made available to the project and middleware components used to implement the use cases of HBD itself.

Contattaci

Contact Us

Stay tuned to the news on our site.
Sign up to our newsletter.