Two big steps towards OpenStack interoperability were made at The OpenStack Summit in Vancouver this week. The first is introduction of vendor certification, built on work by the DefCore committee in defining the core of OpenStack. The second is OpenStack Identity Federation is now supported by over 30 cloud vendors. ID Federation provides an identity management framework across OpenStack clouds, and leads to easier multi- and hybrid cloud scenarios.
When combining ID Federation with the work the DefCore committee is performing, it becomes a one-two punch in a bid to create a worldwide OpenStack cloud. Defining the core of OpenStack and certifying OpenStack offerings means unparalleled interoperability between OpenStack clouds, and ID Federation means unparalleled accessibility between OpenStack clouds worldwide.
The DefCore committee was initially established to define what it means to be an OpenStack cloud and has now introduced a certification program. The program includes a set of interoperability tests for products that want to qualify as "OpenStack Powered".
ID Federation was first introduced in OpenStack Kilo. It comes out of work Rackspace performed with Cern, the European Organization for Nuclear Research and home of the Large Hadron Collider (LHC). Rackspace is Cern’s partner for their cloud.
Cern has a gigantic, interconnected network of cloud sites not run by the same entity – think of Universities and their clouds connected by Cern. “The universities want to use native authentication systems and connect,” said Van Lindberg, VP of Legal at Rackspace and OpenStack board member. “It is one of the largest private clouds in the world. We worked with them to create a means to federate identity.”
ID Federation means clouds like Cern can share a common framework for accessing regardless of where the user resides. As DefCore better defines standards and testing for what it means to be an OpenStack cloud, OpenStack will be better standardized worldwide extending the federation possibilities.
DefCore was formed with the aim of defining the “OpenStack Core” as chartered by the by-laws and guided by governance. DefCore is still just a fledgling effort, according to Van Lindberg, “I think that it represents the real future of where OpenStack is going,” he said. "For the first time we have an executable specification, or what it starts to mean to be an OpenStack cloud.”
By decoupling your ability to use cloud from the vendor you use, it means you have an application that runs just fine no matter what data center you use. “It all runs on one cloud, that is why this is so significant,” said Lindberg. “All those companies have more capabilities, more bandwidth to compete with Amazon.”
The DefCore Committee was formed during the OpenStack Summit in Hong Kong. Lindberg said defining OpenStack's core has been tricky. “For a year and a half, the difficulty was deciding how we were going to decide,” he said. “There were lots of ways to create a system that benefits one party more than others, and we don’t want that.”
After figuring out the process, DefCore worked on figuring out implementation. By the OpenStack Paris Summit, a draft specification was released. In a recent board meeting in March, it released the full specification.
“We have not only the theoretical framework but the seed,” said Lindberg. "Is DefCore as big as we want it to be? No. Not by a longshot. It will take two or three years. I believe that we will get to a place where we have a growing body of core functionality. This core functionality just works everywhere – I believe we will start to see a time where people will use OpenStack cloud owned by different people, in relatively transparent regions similar to AWS regions.”
Lindberg also believes we will see huge amounts of innovation and work at higher levels in the stack once the core is defined. “All of these companies will try to solve it so they can say they do it better than anyone else.”
Several cloud providers will announce certification week.