Upload
others
View
10
Download
0
Embed Size (px)
Citation preview
ETSI SR 003 382 V2.0.0 (2015-11)
Cloud Computing Standards and Open Source
Optimizing the relationship between standards and Open Source in Cloud Computing
Analysis, conclusions and recommendations from Cloud Standards Coordination Phase 2
CAUTION: This document is provided for information and is for approval within the ETSI Technical Committee NTECH only.
ETSI and its Members accept no liability for any further use/implementation of this Special Report.
Approved and published specifications and reports shall be obtained exclusively via the ETSI Documentation Service at
http://pda.etsi.org/pda/queryform.asp
<
SPECIAL REPORT
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 2
ReferenceDSR/NTECH-00031
KeywordsCloud, Cloud Computing, Open Source Software,
Open Source Communities, Standards, Standards Setting Organizations
ETSI
650 Route des Lucioles F-06921 Sophia Antipolis Cedex – FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 – NAF 742 C
Association à but non lucratif enregistrée à la Sous-préfecture de Grasse (06) N° 7803/88
Important notice
The present document can be downloaded from: http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 2015.
All rights reserved.
DECTTM, PLUGTESTSTM, UMTSTM and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners. GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 3
Contents
IntellectualPropertyRights.........................................................................................................5
Foreword....................................................................................................................................5
Introduction................................................................................................................................5
1 Scope....................................................................................................................................6
2 References............................................................................................................................62.1 Normativereferences..............................................................................................................................62.2 Informativereferences............................................................................................................................6
3 Definitions,symbolsandabbreviations.................................................................................73.1 Definitions...............................................................................................................................................73.2 Abbreviations...........................................................................................................................................7
4 StandardsandOpenSource...................................................................................................94.1 Context....................................................................................................................................................94.2 Objectives................................................................................................................................................94.3 Approach...............................................................................................................................................104.4 Contentofthereport............................................................................................................................10
5 StandardsandOpenSource:definitions,objectivesandinteractionchallenges...................115.1 Definitionsandobjectives.....................................................................................................................115.1.1 Standards........................................................................................................................................115.1.2 OpenSource....................................................................................................................................12
5.2 Differentobjectives,differentapproaches............................................................................................125.3 Mainchallengestoanefficientinteraction...........................................................................................135.3.1 Technicalchallenges........................................................................................................................135.3.2 Organizationalchallenges...............................................................................................................145.3.3 Intellectualpropertychallenges......................................................................................................15
6 StandardsandOpenSource:Interactionscenarios..............................................................166.1 Anoverallview......................................................................................................................................166.2 Thescenarios.........................................................................................................................................166.2.1 AnOpenSourcecommunityimplementsstandards.......................................................................166.2.2 AnSSOdevelopsanOpenSourcereferenceimplementation.........................................................176.2.3 AnSSOdevelopsstandardsbasedontheresultsofanOpenSourcecommunity...........................176.2.4 Acollaboration(“jointproject”)isestablishedbetweenaStandardOrganizationandanOpenSourcecommunity.......................................................................................................................................18
6.3 Currentandfuturesituation..................................................................................................................18
7 BetteraligningthestandardsandOSScommunities............................................................187.1 Alignment:ifandwhenneeded............................................................................................................187.2 Strategies...............................................................................................................................................197.3 Solutions................................................................................................................................................19
8 ConclusionsandRecommendations.....................................................................................19
9 Areasforfurtherstudy........................................................................................................20
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 4
AnnexA: StandardsRelatedOrganizationsApproaches.........................................................22
AnnexB: OpenSourceCommunitiesApproaches..................................................................25B.1 OpenSourceCloudmiddlewareprojects..............................................................................................25B.2 Standardsusagesummarytable...........................................................................................................27
AnnexC: InteractionscenariosinpracticeinCloudComputing..............................................28C.1 Sharingspecifications:NFVandOPNFV................................................................................................28C.1.1 Theactors........................................................................................................................................28C.1.2 Workingtogether:opportunities,issues.........................................................................................29
C.2 OpenSourceandStandards:OpenStack..............................................................................................29C.2.1 Theactors........................................................................................................................................30C.2.2 Supportofstandards.......................................................................................................................31
C.3 DistributedManagementTaskForce(DMTF).......................................................................................31C.3.1 DMTFStandards..............................................................................................................................31C.3.2 DMTFstandardsandOpenStack.....................................................................................................31
AnnexD: ChangeHistory.......................................................................................................32History.............................................................................................................................................................32
Tables TABLE1:OPENSTACKSERVICESINSUPPORTOFOPENSTACKARCHITECTURE.................................................ERREUR!SIGNETNONDÉFINI.TABLE2:STRATEGIESOFSSOSTOWARDSOPENSOURCECOMMUNITIES....................................................ERREUR!SIGNETNONDÉFINI.TABLE3:STRATEGIESOFOPENSOURCEORGANIZATIONSTOWARDSSSOS........................................................................................25TABLE4:OPENSOURCEPRODUCTSADHERENCETOSTANDARDS......................................................................................................27TABLE5:AWS-RELATEDSPECIFICATIONS..............................................................................................ERREUR!SIGNETNONDÉFINI.
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 5
Intellectual Property Rights IPRsessentialorpotentiallyessentialtothepresentdocumentmayhavebeendeclaredtoETSI.TheinformationpertainingtotheseessentialIPRs,ifany,ispubliclyavailableforETSImembersandnon-members,andcanbefoundinETSISR000314:"IntellectualPropertyRights(IPRs);Essential,orpotentiallyEssential,IPRsnotifiedtoETSIinrespectofETSIstandards",whichisavailablefromtheETSISecretariat.LatestupdatesareavailableontheETSIWebserver(http://ipr.etsi.org).PursuanttotheETSIIPRPolicy,noinvestigation,includingIPRsearches,hasbeencarriedoutbyETSI.NoguaranteecanbegivenastotheexistenceofotherIPRsnotreferencedinETSISR000314(ortheupdatesontheETSIWebserver)whichare,ormaybe,ormaybecome,essentialtothepresentdocument.
Foreword ThisSpecialReport(SR)hasbeenproducedbyETSISpecialistTaskForce486"CloudStandardsCoordinationPhase2"astheresultofWorkItemNTECH(15)000007"STF486WIonCloudComputingstandardsandOpenSource".ThepresentreportisoneoffourspecialreportsthatformtheoutputofSTF486:
WP1: ETSISR003381:"CloudComputingUsersNeeds";WP2: ETSISR003382:"CloudComputingStandardsandOpenSource";WP3: ETSISR003391:"InteroperabilityandSecurityinCloudComputing";WP4 ETSISR003392:"CloudComputingStandardsMaturityAssessment".
InthispresentRelease,itisproposedtotheNTECHTechnicalCommitteeforapprovalandtopublicationontheCloudStandardsCoordinationwebsite(http://csc.etsi.org).
Introduction CloudComputingisincreasinglyusedastheplatformforICTinfrastructureprovisioning,application/systemsdevelopmentandendusersupportofawiderangeofcoreservicesandapplicationsforbusinessesandorganizations.CloudComputingisdrasticallychangingthewayICTisdeliveredandused.However,manychallengesremaintobetackled.Concernssuchassecurity,vendorlock-in,interoperabilityandaccessibility,servicelevelagreementsmoreorientedtowardsusersareexamplesofissuesthatneedtobeaddressed.InFebruary2015,theCloudStandardsCoordinationPhase2(CSC-2)waslaunchedbyETSItoaddressissuesleftopenaftertheinitialCloudStandardsCoordinationPhase1(CSC-1)workwascompletedattheendof2013,withaparticularfocusonthepointofviewoftheCloudComputingusers(e.g.,SMEs,Administrations).ThepresentreportinvestigatestherelationshipandtheinteractionsbetweenstandardizationandOpenSourcebasedsoftwareandsolutionsinCloudComputing.ThisquestionwasnotaddressedinCloudStandardsCoordinationPhase1(see[i.1]).Inthemeantime,CloudComputinghasemergedasoneofthedomainsofInformationandCommunicationTechnologywhereOpenSourcedevelopmentplaysaveryimportantroleandchangessignificantlythestatusquoand,amongstother,thetraditionalapproachtostandardization.
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 6
1 Scope InFebruary2015,theCloudStandardsCoordinationPhase2(CSC-2)waslaunchedbyETSItoaddressissuesleftopenaftertheCloudStandardsCoordinationPhase1(CSC-1)workwascompletedattheendof2013.CloudStandardsCoordinationPhase2isinvestigatingsomespecificaspectsoftheCloudComputingstandardizationlandscape,inparticularfromthepointofviewoftheCloudComputingusers(e.g.,SMEs,Administrations).ItwillalsogenerateanewsnapshotregardingthestateofstandardsandinvestigatetheinteractionandrelationbetweenstandardizationandOpenSourcebasedsoftwareandsolutions.ThepresentreportpresentstheresultsofCloudStandardsCoordinationPhase2regardingtheanalysisoftherelationshipbetweenStandardsandOpenSourceinthecontextofCloudComputing.
2 References 2.1 Normative references Thefollowingreferenceddocumentsarenecessaryfortheapplicationofthepresentdocument.Notapplicable.
2.2 Informative references Referencesareeitherspecific(identifiedbydateofpublicationand/oreditionnumberorversionnumber)ornon-specific.Forspecificreferences,onlythecitedversionapplies.Fornon-specificreferences,thelatestversionofthereferenceddocument(includinganyamendments)applies.
NOTE: Whileanyhyperlinksincludedinthisclausewerevalidatthetimeofpublication,ETSIcannotguaranteetheirlongtermvalidity.
Thefollowingreferenceddocumentsarenotnecessaryfortheapplicationofthepresentdocumentbuttheyassisttheuserwithregardtoaparticularsubjectarea.
[i.1] CloudStandardsCoordination,FinalReport,November2013.http://csc.etsi.org/resources/CSC-Deliverable-008-Final_Report-V1_0.pdf
[i.2] Regulation(EU)No1025/2012oftheEuropeanParliamentandoftheCouncil,onEuropeanstandardization,25October2012.http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32012R1025
[i.3] ImplementingFRANDstandardsinOpenSource:Businessasusualormissionimpossible?,EuropeanCommission,November2012http://ec.europa.eu/enterprise/sectors/ict/files/ict-policies/report-from-frand-os-conference-22nov12_en.pdf
[i.4] Openrequirementsforstandards,OpenSourceInitiativehttp://opensource.org/osr
[i.5] ETSISR002960v1.0.1"WorkinginETSIwithinanOSScontext",12/2012[i.6] Comparisonoffreeandopen-sourcesoftwarelicenses,Wikipedia
https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses[i.7] Top20OpenSourcelicenses,BlackDuck
https://www.blackducksoftware.com/resources/data/top-20-open-source-licenses[i.8] ThearchitectureofOpenSourceApplications,A.Brown&G.Brown,TheAOSAeditors[i.9] TheOPNFVRelease1'Arno':
https://www.opnfv.org/sites/opnfv/files/opnfv_arno_overview_diagram.jpg[i.10] ISO/IECGuide2:2004"Standardizationandrelatedactivities–Generalvocabulary"[i.11] OpenStackApplicationProgrammingInterface(API),http://developer.openstack.org/api-ref.html[i.12] UKGovernmentOpenStandardsPrinciples
https://www.gov.uk/government/publications/open-standards-principles/open-standards-principles
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 7
[i.13] "CompatibilityOfTheLicensingOfEmbeddedPatentsWithOpenSourceLicensingTerms",IainG.MitchellQC,StephenMason,http://www.ifosslr.org/ifosslr/article/view/57
[i.14] ISO/IECDraft19941"CloudComputing–InteroperabilityandPortability"[i.15] “OpenStandardsandOpenSource:EnablingInteroperability”,F.Almeida,J.Oliveira,J.Crux
http://airccse.org/journal/ijsea/papers/0111ijsea01.pdf
3 Definitions, symbols and abbreviations 3.1 Definitions Forthepurposesofthepresentdocument,thefollowingdefinitionswillapply:
opensourcelicense:CopyrightlicenseforOpenSourcesoftware
opensourcesoftware(OSS):ComputersoftwarethatisavailableinsourcecodeformNote:Thesourcecodeandcertainotherrightsnormallyreservedforcopyrightholdersareprovidedunderanopen-sourcelicensethatpermitsuserstostudy,change,improveandattimesalsotodistributethesoftware
sourcecode:Anycollectionofcomputerinstructionswrittenusingsomehuman-readablecomputerlanguage,usuallyastext
standardssettingorganization(SSO):Anyentitywhoseprimaryactivitiesaredeveloping,coordinating,promulgating,revising,amending,reissuing,interpreting,orotherwisemaintainingstandardsthataddresstheinterestsofawidebaseofusersoutsidethestandardsdevelopmentorganization
standard:AStandardisanoutputfromanSSONote:forthesakeofsimplicity,themeaningsof"standard"and"specification"arenotdifferentiatedinthepresentreport,unlikeintheotherCSC-2reports
3.2 Abbreviations Forthepurposesofthepresentdocument,the[following]abbreviations[givenin...andthefollowing]apply:
3GPP ThirdGenerationPartnershipProjectAPI ApplicationProgrammingInterfaceCC CloudComputingCCSL CloudCertificationSchemesListCSA CloudSecurityAlliance CSC-1 CloudStandardsCoordinationPhase1CSC-2 CloudStandardsCoordinationPhase2CSMIC CloudServicesMeasurementInitiativeConsortiumDMTF DistributedManagementTaskForceEC EuropeanCommission ENISA EuropeanUnionAgencyforNetworkandInformationSecurityEPO EuropeanPatentOffice IaaS InfrastructureasaService ICT InformationandCommunicationsTechnologyIEC InternationalElectrotechnicalCommissionIETF InternetEngineeringTaskForce ISG IndustrySpecificationGroup(anETSIstructureforopenmembershipprojects)ISO InternationalOrganizationforStandardization IT InformationTechnology ITU InternationalTelecommunicationUnion
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 8
ITU-T ITUTelecommunicationStandardizationSector NFV NetworkFunctionVirtualizationNIST NationalInstituteofScienceandTechnologyOASIS AdvancingOpenStandardsfortheInformationSociety OCF OpenCertificationFrameworkODCA OpenDataCenterAllianceOGF OpenGridForumOMA OpenMobileAllianceOPNFV OpenPlatformforNFVOSS OpenSourceSoftware PaaS PlatformasaService SaaS SoftwareasaService SDO StandardsDevelopmentOrganizationSLA ServiceLevelAgreementSME SmallorMediumEnterpriseSNIA StorageNetworkingIndustryAssociationSSO StandardsSettingOrganizationSTF SpecialistTaskForce(anETSIstructureforinternalprojects)TMF TeleManagementForumW3C WorldWideWebConsortium
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 9
4 Standards and Open Source 4.1 Context TheCloudStandardsCoordinationproject(CSC)Cloud Standards Coordination Phase 1 (CSC-1) took place in 2013 as a community effort supported by ETSI andprimarilyaddressedtheCloudComputingstandardsroadmap.InDecember2013theresultswerepubliclypresentedinaworkshoporganizedbytheEuropeanCommission(EC).The CSC-1 Final Report [i.1] provides a snapshot on the Cloud Computing standardization landscape at the end of2013.Itisavailableat:
http://csc.etsi.org/resources/CSC-Deliverable-008-Final_Report-V1_0.pdfCloudStandardsCoordinationPhase2GiventhedynamicsoftheCloudComputingmarketandstandardization,CloudStandardsCoordinationPhase2(CSC-2) was launched in February 2015 with, in particular, the main objective of producing an updated version of thesnapshotof theCloudComputing standardization landscape.CSC-2aimsatbetter taking intoaccount theneedsofCloudComputingcustomersontheirCloudrelatedrequirementsandpriorities.ThiswillhelpCSC-2tofurtherassessthematurityofCloudComputingstandardsandevaluatehowstandardscansupporttheCloudComputingcustomers’priorities.AnalyzingtherelationshipofStandardsandOpenSourceThequestionofOpenSourcehasbeenalludedto intheCloudStandardsCoordinationPhase1report [i.1],butnotdirectlyaddressed:
"AnotheraspectofthecloudcomputingenvironmentthatisworthyofconsiderationistheroleofthevariousOpenSourceprojectswhichareaddressingmanyofthetopicsdiscussedinthisreport.Whilenotformalstandards,theOpenSourceprojectsarecreatingtried-and-testedAPIs,protocolsandenvironmentswhichaddressaspectsofinteroperability,portabilityandsecurityrelatingtocloudcomputing.ItispossiblethatfuturespecificationsandstandardsmayderivefromoneormoreoftheOpenSourceprojects.SomeexamplesofpositiveinteractionhavealreadybeenseenbetweenstandardsbodiesandOpenSourceprojectsthatshouldbeencouraged.TheroleofOpenSourceprojectswasnotaddressedinthisreport."(see[i.1]section6.1)
Thepresentreportaddressessomeofthepointsmentionedabove,inparticularregardingthepositiveinteractionofStandardsSettingOrganizations(SSO)andOpenSourcecommunities.
4.2 Objectives ThepresentreportwillelaborateonthedifferencesandoverlapsbetweenOpenSourceandstandardizationwiththepurposeofoutliningareaswhere,despitethesedifferences,OpenSourcecommunitiesandStandardsSettingOrganizationsmightcometogethertofurtheraddvaluetotheCloudComputingspace.Themainobjectivesareto:
• UnderstandtherelationshipbetweenOpenSourceandstandardsandvice-versaviatheidentificationofanumberofinteractionscenariosinvolvingStandardSettingOrganizationsandOpenSourcecommunities.ThesescenariosarenotspecifictoCloudComputing.Someofthemarealreadyvisibleandsomeonlyemerging.
• ClarifyhowthesescenariosapplytoCloudComputing.• CollectinformationupontheperceivedstrategiesandvisibleactionsoftheSSOsregardingOpenSource,and
howtheymatchtheabovescenarios;• CollectinformationupontheperceivedstrategiesandinteractionsoftheOpenSourceprojectstowards
standardization,especiallywhentheinteractionscenarioinvolvesoneormoreoftheSSOsrelevantinCloudComputing;
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 10
• Proposerecommendationstofosterpositiveinteraction,tosuggestareasforcollaborationbetweenbothcommunitiesonwaystosupportthisinteraction(e.g.technicalframeworks,interoperability,intellectualproperty).
4.3 Approach Asitwillbeoutlinedanumberoftimesintheremainderofthepresentreport,standardizationandOpenSourceareservingratherdifferentpurposesandhavedevelopeddifferentwaystoachievetheirowngoals.Therefore,thefollowingisnotgoingtobeadebateontherespectivemerits(orlackof)ofeachapproach.ThereportismostlyfocusedontherelationshipbetweenstandardizationandOpenSourceinCloudComputing.Theunderstandingofthisrelationshipmayrequirethatsomeconsiderationwillbemadeoftopicsoutsidethisprecisescope.However,thishasbeenlimitedtothemaximumandthereportisnotaddressingthefollowingquestions:
• Thedebateonthedifferentmeaningsof"open".Differentapproachesto"openness"arecoexisting,inparticularregarding"openstandards".ThepresentreportwillrefertotheEUregulation(see[i.2]),aswasalsothecaseforCloudStandardsCoordinationPhase1.
• Thedebateonthemanyoptionsforintellectualpropertylicensing.DifferentapproachesarecoexistinginOpenSourcecommunitiesaswellasinstandardization.Despiteitsimportance,thisquestionhasbeenconsideredasoutsideofthescopeofthepresentreport.
• ThedebateontherespectivemeritsofOpenSourcelicenses.Thesameremarkasaboveapplies.• ThecontributionsoforganizationsthatarenotdirectlyinvolvedinstandardsmakingorOpenSourceprojects
inCloudComputingthatareoutsidethescopeofthework.,eveniftheyareaddressingimportantquestionssuchaspromotion,marketing,etc.
4.4 Content of the report Section5ofthisreportisageneralanalysisofthemaindifferencesbetweenstandards-makingandOpenSource(Software)andtherelatedchallenges.ThoughthisanalysisisnotaddressingCloudComputingspecifically,theremarksmadeapplyalsointhiscontext.Section6ispresentingaframeworkfortheanalysisoftheinteractionsbetweenstandards(andinparticularStandardsSettingOrganizations)andOpenSource(andinparticularOpenSourceorganizationsorprojects).ThisframeworkisnotspecifictoCloudComputingbutmaybeusedinthiscontext.Itisusedinthefollowingsections.Section7outlinessometrendsandopenquestionsregardingtheevolutionofSSOs’andOpenSourcecommunities'expectations,strategiesandperceivedevolutions.Section8highlightsconclusionsandrecommendationsfromtheanalysisdoneinthepresentreport.Section9suggestssomeareasforfurtherwork.AnnexAisacompilationofinformationrelatedtotheundertakingsofmajorSSOsinCloudComputingrelatedtoOpenSource.AnnexBisacompilationofinformationrelatedtotheundertakingsofmajorOpenSourcecommunitiesandprojectsinCloudComputingrelatedtostandardization.AnnexCintroducesseveralexamplesofthescenariosoutlinedinSection6inthecontextofCloudComputing.
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 11
5 Standards and Open Source: definitions, objectives and interaction challenges
ThissectionpresentssomegenericcharacteristicsofstandardsandOpenSource(i.e.nonspecifictoCloudComputing)andhowstandardsandOpenSourcesolutionstogethercanhelpdrivethedevelopmentanduptakeofCloudComputing.
5.1 Definitions and objectives 5.1.1 Standards DefinitionAstandardisdefinedas“adocument,establishedbyconsensusandapprovedbyarecognizedbody,thatprovides,forcommonandrepeateduse,rules,guidelinesorcharacteristicsforactivitiesortheirresults,aimedattheachievementoftheoptimumdegreeoforderinagivencontext”(see[i.10]).ThisdefinitionisinfactamplifiedbyETSI’srulesfordraftingstandards(availableviatheETSIPortal).Standardsaretypicallymanifestedasspecificationsthatcanbeusedasisoraselementsoflargerproducts,solutionsorotherstandards.Astandardcanbecomparedtoorsaidtoconstituteareferencebasedonwhichonecanbuildproductsorservicesthatallsharethesamespecifications,andthusare“compatible”atsomelevel.Standardsareofvariousnatures,mayapplytodifferentcontextsandarenotalwaysdirectlyrelatedtoanimplementation. Astandardmaybeuniversalinnature,andisoftenusedinternationallyand/orindependentofaparticularindustryorverticaldomain.Standardscanalsobedevelopedtosupportaparticulardomain,verticalorindustrysector. Standardstendtobestableovertime.Anotherfrequentlymentionedcharacteristicisthatastandardshouldbetechnicallyagnostic/neutral,unlessdevelopedinsupportforaparticulartechnologyplatform.Thisallowsinnovationtotakeplaceinimplementations. StandardsSettingOrganizationsAStandardsSettingOrganization(SSO)referstoanyorganizationthatdevelopsandmaintainsstandards.SomeessentialelementsoftheoperationofanSSO(see[i.2],[i.4]or[i.12])are:
• Transparentandpubliclyaccessibledecision-makingprocesses;• Collaborativeconsensusbuilding,extensiveconsultation&reviewefforts;• Formalproceduresandmatureprocesses;• Fairaccesstostandardsatzeroornominalcost;• Deliberateselectionoffuturestandardsthroughprestudies,studygroupsorsimilarprecedinganydecision
todevelopastandard;• Marketsupportandusage.
BenefitsWhilstsuccessandadoptionofindividualstandardsmayvary,ingeneraltheknownbenefitsthatcomefromrelyingonstandardsare:
• Stability.ThemorestandardsareincorporatedandusedinICTsolutions,themorelikelyitisthatthesolutionbasedonthemwillbestableovertime.
• Focusonthecorefunctionality.Asaconsequenceofusingstandards,thedevelopersofICTsolutionscanspendthemostoftheireffortsoncreatingsupportforthecorefunctionalitythatisrequestedbytheusers.
• WidespreaduseandInteroperability.Usingstandardsincreasestheprobabilityofinteroperabilitybetweensolutions;standardsforexchangeofinformationforexamplearecommonlybasedonspecificationsthatarebuiltforanytechnologyplatformandwithsupportfordifferentunderlyingtechnologiesinmind.
• Technology/implementationneutrality.Inparticular,thisisasignificantfactortosupportavoidanceoflock-inbyallowingmultipleimplementationsfromdifferentproviders.
• Regulatory/GovernmentalPolicies/Legalaspects.Standardsareoftenusedasupportforregulation.
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 12
5.1.2 Open Source DefinitionOpenSourcereferstoawaytodevelopsolutionscollaboratively.OpenSourcesolutionsrelyona“community”thatisresponsibleforthedevelopment,provisioningandmaintenanceoftheOpenSourcesolution.MostOSSsolutionshavebeendevelopedwithindependencefromtheunderlyingenvironmentasamainobjective.Initially,OpenSourcesolutionswereparticularlyavailableonfreelyavailabletechnologies(suchasLinux,Apache,Javadistributions,etc.)butaretodayavailablealsoonmostcommerciallyavailabletechnologyplatforms. Appliedtothedevelopmentofsolutions,OpenSourceischaracterizedbythefollowing:
• Decentralizedproductionofsourcecode;• Collaborationacrossgeographiesandorganizations;• Variants,knownas“forks”,thatsometimesarebroughtbackintotheoriginatedversionofthesourcecode
productorinothercasesspunoffintoanotherproduct;• UsageofOpenSourcelicenses(see[i.6]and[i.7]).
OpenSourcecommunitiesTherearemanyOpenSourcecommunitiesinCloudComputing.SomeofthemarelistedandanalyzedinAnnexBofthepresentreport.BenefitsWhilstsuccessandadoptionofindividualopensourceprojectmayvary,ingeneraltheknownbenefitsthatcomewithOpenSourceare:
• Sharedco-developmentresourcesenablingcollaborationandreducingdevelopmentcosttoeachparticipant;• Availabilityofmanyresourcesduetothecollaborativeandcommunity-basednatureofOpenSource;• Adevelopmentmodelbasedonrecurringandincrementalreleasesandimprovementthatfitswellwith
conceptssuchas“continuousdelivery”,“teambaseddevelopment”and“agiledevelopment”;• Modularandclearlydefinedproductsandserviceswithimprovedflexibilityforcustomization;• Supporttomultipleunderlyingenvironmentsasakeyfactortoavoidanceoflock-in.
5.2 Different objectives, different approaches TheOpenSourceapproachisusefulto,atleast,twocategoriesofstakeholders:
• Developersarebenefittingfromacarefullyelaboratedandfine-tunedinnovationframework:tools,methods,governance,recognition,etc.Thisframeworkisfullysupportivetomajorrequirementsfromthiscommunity:systematicusageofsourcecodeatthecenterofthedevelopment,supportofagilemethodologies,extremelyshortcycletimes,tonameafew.
• Someorganizations(e.g.enterprises,industryassociations,serviceproviders,etc.)havequicklyendorsedtheinnovationpowerofOpenSourceandincorporateditintotheirstrategies.Theyallsharetheobjectiveofcreatingecosystemsaroundinnovationstorapidlytesttheirvalueandshortentheirtime-to-market.The'openinnovation'basedmodelprevalentasaresultofOpenSourceenablesthecreationofvalue-addedservicesontopofthesourcecode.
TheleadingforceinOpenSourceisthe(source)code:"thecodeistheproof"(thattheideaissound,thatitisimplementable,thatitsworks,etc.).Inconsequence,OpenSourcehassomespecificcharacteristicsthatmakeitdifferentfromstandardization:
• ThefocusoftheOpenSourceworkisthedevelopmentofanindependentsetofsourcecodethatcanpossiblybeforkedintoanotherindependentsetofsourcecodethatwillprovideadifferentsolution.Thisapproachtomultipleimplementationsisdifferentthantheoneinstandardization(whichisinmostcaseabasicassumptionforthedevelopmentofstandards).Butinanycase,itmustbeclearthatOpenSourcecommunitiesaswellasSSOsconsidermultipleimplementationsasakeyaspectoftheirworkandareorganizedtosupportthem(e.g.viaawideuseofplugfests);
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 13
• OpenSourcedevelopmentdoesnotnecessarilyrelyonprior(ex-ante)specifications.Insomeextremecases,awrittenspecificationandevendocumentationarehardtofind;
• OSSisconcernedwithinteroperabilityifandwhenitisusefulandneeded,forinstancetoenforcemulti-vendorssupport.
Ontheotherhand,theleadingforceinstandardsisthespecification:
• TheworkinSSOsassumeanex-antepluralityofimplementersandtriestoavoidthechoiceofagiventechnologyagainstotherpossiblecandidateones;
• SSOsensureneutralityvis-à-visimplementationsviastableandwell-controlledspecifications.Themajorobjectiveistoguaranteeinteroperabilityandinmostofthecasestoprovidethemeanstoverifyit(viatestspecifications,validationtools,interoperabilitytesting,etc.);
• SSOsareguaranteeingtheneutralityvis-à-vistechnologiesthroughtheirinternalprocesses,andapermanentsearchforconsensus(witharesulttoreducetheconcernsrelatedtoantitrust).
5.3 Main challenges to an efficient interaction ThissectionidentifieschallengesthatneedtobeaddressedandresolvedtoallowamoreefficientinteractionbetweenOpenSourceandStandards.
5.3.1 Technical challenges ArchitectureWiththedevelopmentofmoreandmorecomplexsystems,standardsnolongerrelyonlyonthedefinitionofprotocoltosupportinteroperability.Theyarealsomoreandmorerelyingonreferencearchitectures,functionaldecompositionsandreferencepointsthatareslowlyevolvingovertime.ForOpenSourceproducts,thesituationiscomparable:todistributetheworkloadbetweenvariouscontributingprogrammersorcodeproducingcommunities,aproperarchitecturalandfunctionaldecompositionofthesoftwareunderdevelopmentismandatoryforOSSdevelopment(see[i.8]).IncrementalreleasesversusupdatesOpenSourceproductsarelargelyevolvingincrementally:newfeaturesareprototyped,testedandadaptedveryrapidly.Thestabilityofthecodeisamajorissueopensourceprojectshavetoaddressbyimplementingpropermeasuresforreleasemanagementandversioning.Standardsontheotherhandaredevelopedonce,andthenupdated(moreorless)regularly,untiltheybecomeobsolete.StandarddocumentandsourcecodeStandardsSettingOrganizationsandOpenSourcecommunitiesproduceanddistributeartifactsthataredifferentinnature:
• StandardsSettingOrganizationsproducestandardsthatarecommonlymanifestedindocumentsthatspecifyrequirements,architectureandprotocols/APIsofasystemorapartofasystem.Theevolutionofastandardisbasedonchangerequeststhatareexaminedduringperiodicreviewsandpossiblyimplementedviaachangerequestinthestandard.Thecoherentdevelopmentofthestandardissupportedbytoolenvironmentsthatareessentiallymanagingdocumentversionsassociatedtoalistofrevisions.NotethatsomeStandardsSettingOrganizationsguidelinesincludetheneedofhavingsourcecodeimplementationsofthestandard(e.g.W3C,OGF).
• OpenSourcecommunitiesproducesourcecode,acollectionofcomputerinstructionswrittenusingsomehuman-readableprogramminglanguage,usuallyastext.Thissourcecodeevolutionisguidedbyapermanentflowofchangerequeststhatareconstantlyexaminedbyreviewersandimplementedon-the-flyifdeemedaccurate.WhilesourcecodeisthemainoutputofOpenSourceProjects,asolidproductdocumentationincludingcodedocumentations,architectureandfunctionalspecificationsbasedonrequirementscollectionsorstandards,anduserandinstallationguides,iscrucialforasuccessfulOSSdevelopment.OpenSourcecommunitiesalsooftenproducedocumentationassociatedwiththeopensourcecode(e.g.architecture,APItextualdescription).
Interoperability
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 14
InteroperabilityisanimportanttopictoconsiderforstandardsandOpenSource,thoughforsomewhatdifferentreasons.Inthedevelopmentofstandards,achievingthehighestdegreeofinteroperabilityforanygivenstandardisnormallyoneofthemainobjectives(see[i.14]fortheworkdoneinISO/IECJTC1SC38oninteroperabilityandportability).ForOpenSourceprojects,achievinginteroperabilityisalsoimportant,buttypicallyonlywithinthetechnologycontextoftheOpenSourceprojectinquestion. ForCloudComputingeffortstobesuccessfulwhenusingstandardsandOpenSource,itissubsequentlyimportanttounderstand,keeptrackofandaddressallaspectsofinteroperabilitythatapplyintheCloudComputingcontextinquestion.Thisreportwillnotgoin-depthintosuggestingconcreteactionstoaddressinteroperabilityaspectsrelatedtostandardsandOpenSource,butsomehighlevelrecommendationsspecifictostandardsandOpenSourcecanbemade:
• StandardsandOpenSourcearenotmutuallyexclusive,butcomplementary.Asaconsequence,implementingCloudComputingsolutionsbasedonstandardsusingOpenSourceasthewaytodevelopandprovisionthesolutionsispossible.Keepingfocusontheparticularcharacteristics,advantagesandweaknessesofstandardsandOpenSourceinordertomitigateanyproblemswillprobablybeimportant;
• UsingOpenSourcetoimplementstandardsasCloudComputingsolutionsisnotenough.OpenSourceandstandardsbythemselvesdonotsolveandaddressallneedsandrequirementsofCloudComputing.Additionally,oneneedstounderstandtheuser-specificneedsandrequirements,processestobesupported,informationanddatatobeprocessed,securitypoliciesinplace,longtermgoals,resourceavailabilityandlimitationandmuchmore.Thecomplexityofcreatingopen,transparent,secureandagilebusinesssupportingICTsolutionsshouldnotbetakenlightly.However,standardsandOpenSourcecantogetherassistinacceleratingtheprovisioningofCloudComputing.
ToolsandframeworksThedifferencesbetweenstandardsandOpenSourceoutlinedintheaboveparagraphhavetheircounterpartinthetoolsandframeworkscurrentlyusedbytheirrespective"developers":
• Thetoolsthatsupportstandardsdevelopmentanddistributionaretypicallywordprocessors(withtheinternalabilitytotrackchanges)aswellasdocumentrepositories(tree-basedrepositories,sharepoints,portals,etc.).Ontheotherhand,thereisthepotentialforaspectsofcertainstandards–e.g.programminginterfaces,datamodelsorontologies,tobedescribedinamachine-readablefashionthatcanbeautomaticallyprocessed(e.g.intoaspecificlibrarywritteninaspecificprogramminglanguage).
• AnOpenSourceproductisessentiallydevelopedaroundsourcecodeversionmanagementtoolsembeddedinlargerframeworksofferingpeerreview,collaboration,etc.(suchasGitandGitHub).Thesetoolsareoptimizedforthemanagementofsourcecode,lessforhandlingpaper(whichisnotperceivedingeneralasadrawbackbytheusers).Therefore,opensourceprojectsrelyinadditionondocumentmanagementsystemsforproductandprojectdocumentations.Moreover,toolsforqualityassurance(e.g.,overnighttesting),automatedlicensecompatibilitychecking,projectmaturityvalidation,softwaremetrics,etc.,areusedbymanyopensourceprojects.
SomeSSOshavedevelopedveryeffectivetools,frameworksandprocessesforthestandardstheymaintain.Forinstance,theproofofinteroperabilityrequiresalotofproceduralandtechnicalsolutions(e.g.testmethods,descriptionlanguages,testenvironments,etc.)thatSSOscanpotentiallyoffertootherorganizations.OSScommunitiesmaybenefitfromusingthetestorQualityAssuranceservicesofSSOs,providedthattheseserviceshavebeenadaptedtotherequirementsofOpenSource,e.g.byOpenSourcerepositories,OpenSource-basedtestdevelopmentorconformancetesting.
5.3.2 Organizational challenges (Long-term)MaintenanceMaintenance(evenlong-term)ispartofthebasicoperationsoftheSSOs,especiallytheSDOsthatareinchargeofensuringthatcriticalstandardsremainavailableoverlongperiodoftimeandcanbeadaptedtothechangesintheiroperatingenvironment.WhenitcomestoOSS,thisobjectiveisnotalwaystakenintoaccountwhentheprojectsarelaunched,thoughsomeOpenSourcecommunitiesintheICTdomainarewillingandabletodomaintenanceoveralongperiodoftime.However,insomecases,thismaintenanceisnotpossible,forinstancebecause:
• SomeOSSprojectshavetobediscontinued,e.g.forlackofresourcesorlossofbasicexperts;
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 15
• Inlong-livedsystems,suchastheonesthataredeployedintelecommunications,some"de-facto"productsmaybedeployedonthefieldfordurationsthatexceedthecapabilitiesoftheoriginatingOpenSourcecommunities.
Inthiscase,thelong-termmaintenancemayhavetobetakenoverbyadifferentorganization.ThiscanpotentiallybedonebySSOs,providedthattheyareorganizedtoprovidethecorrespondingservicetoOpenSourcecommunities.GovernanceInallorganizations,acleargovernancemodel,withexplicitandwell-documentedrulesfordecision-making,isapre-conditionforwell-motivatedandefficientparticipationoftheactors.Therearemanygovernanceschemesthatfitthispurpose,andnoneisparticularlybetterthantheotherones.Inanycase,clarityisamust.Ingeneral,thegovernanceofSSOshasbeenorganizedaroundtheneedtocreateandmanageconsensusasthebasisformakingwidelyacceptedandrelevantstandards.Thetechnicaldecisionsare,inmostcases,delegatedto"TechnicalGroups"(orcommittees,etc.)whereastheglobalandstrategicdecisionsareundertheresponsibilityofaBoard(orsimilargroup),ingeneralcomposedofelectedmembers.InOpenSourcecommunities,twomodelsarewellestablished(withalotofvariantsthatsharesomeelementsofboth):theso-called"benevolentdictatorship"wherecontrolisunderasingleentity(personorgroup),andthedistributedcontrolwherepartsofthegovernanceisallocatedtoindividualsthathavebeenrecognizedascapableofthetask.AnotherdifferencebetweenSSOsandOpenSourcecommunitiesregardinggovernanceisitsfocus:whileSSOsgovernanceisdirectedtowardsachievingconsensusontechnicalissuesandaddressesarelativelyclosedsetofstakeholders,thegovernanceofOpenSourcecommunitiesmayaddressalargercollectionofstakeholders.Therefore,additionalrequirementsonthetransparencyofdecision-makingprocessesaddressingacommunitywithfluidborders(bothintermsofcontributingpersonsandofrelevantopinions)havetobetakenintoaccount.WhenaddressingtheinteractionbetweenOpenSourcecommunitiesandSSOs,thequestionofgovernancemustnotbeunderestimated.Adiscussionbetweenbothpartiesforthedefinitionofsolutions,workprograms,etc.willrequireaclearandtransparentdecisionpointonbothsides,basedonwelldefinedprocesseswithactorsinwelldefinedroles.
5.3.3 Intellectual property challenges DifferentissuesareatstakewhenitcomestoIntellectualPropertyRights(IPR).Thisisafieldofveryactiveandsometimeshighlycontroversialdebates.SomeaspectsareverysignificantfortheSSOs,inparticularthosewithanIPRpolicythatraisepatentlicensingquestionsorissues.SomeaspectsareverysignificanttoOpenSourcecommunitiesthatwanttoensurethattheuseoftheirOSSproductisnotimpactedbypatentclaimsholdersinparticulartheabsenceofalicenseorunreasonablelicensingtermsandconditions.ThequestionsofOpenSourcelicensesandofSSOs'IPRpoliciesareamongstthosethatrequireclarificationinordertoensureanefficientinteractionbetweenSSOsandOpenSourcecommunities.OpenSourceLicensesThelicensesapplicabletoanOpenSourceproductorcommunityareextremelyvaried(see[i.6]).Evenifavastmajorityofthembelongtoalimitedset(the6mostusedlicensesrepresent81%ofOpenSourceprojects,see[i.7]),thequestionofthelicenseapplicabletoanOpenSourceproductorwithinanOpenSourcecommunitycannotbeignoredifproposedforinclusioninaStandardorasanimplementationofaStandard.PatentandcopyrightpoliciesFirst,anSSOwillhavetoensurethattheOpenSourcematerialthattheywanttoincludeintheirstandardsshouldnotbeassociatedwithusagerestrictionsattachedtoanOpenSourcelicense,e.g.restrictionsuponthedistributionofcommercialproductsandservicesthatcomeinconflictwiththeSSOIntellectualPropertyRightspolicy(see[i.5]).
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 16
Second,thequestionofwhetherornottheIntellectualPropertyRights(IPR)policiesoftheSSOsarecompatiblewiththeimplementationoftheirstandardsbyOpenSourcecommunitiesishighlydebated.Inparticular,itisoftenperceived(thoughnoconsensusofthispointhasbeenreached)thatimplementationofstandardsavailableunderaFRANDlicenseinOpenSourcemaybedifficult(see[i.3],[i.13]or[i.15]).Severalexamplesofdifferentapproachescanbenoticed:
• TheETSISpecialReporton"WorkinginETSIwithinanOSScontext"[i.5]addressesthequestionofFRAND,providessomerecommendationsandlistssomeactualimplementationsofStandardsbyOpenSourceprojectsthatcomplywiththeETSIIPRpolicy;
• TheOpenStandardsRequirement(see[i.4]bytheOpenSourceInitiative)definescriteriatoensurethatan"openstandard"willnotprohibitimplementationsinOSSconformingtothestandard;
• SomeSSOspoliciesonlysupporttheuseof"royalty-free"policyforimplementationoftheirstandards.
6 Standards and Open Source: Interaction scenarios 6.1 An overall view TheinteractionbetweenStandardsSettingOrganizationsandOpenSourcecommunitieshasitsorigininareciprocalneedtobenefitfromeachother'sproducts(e.g.standardsfromanSSO,orsoftwarefromanOpenSourcecommunity)andservices(e.g.QualityInsuranceorInteroperabilityTesting).Afewexemplaryscenariosareusedbelowtodifferentiateandclassifysometypicalinteractions.Thesescenariosarebasedinmostcasesonactualexamples,sometimeswithalongpastexperiencethatallowsforrelevantassessment.Ontheotherhand,somearerelatedtoinitialundertakingsorperceivedintentionsoftheactorsbutmaynotbeyetentirelyvalidated.Itisexpectedthat,incaseOpenSourcecommunitiesandSSOswanttoengageacollaboration,theywillhavetodiscussalongthelinesofoneormoreofthesescenariosandaddresstheissuesthathavebeendefinedintheprevioussection.
6.2 The scenarios 6.2.1 An Open Source community implements standards Thisinteractionscenario(Scenario1)includestwovariantsdependingonwhetherthestandardsarealreadyexistingpublishedstandards(Scenario1a)orareemergingstandards(Scenario1b).
6.2.1.1 An Open Source community implements existing standards from a Standards Setting Organization
Inthisscenario(Scenario1a):• AnSSOTechnicalGrouphasdevelopedandpublishedasetofstandards–thatwillbemaintainedandmaybe
furtherevolved.Thissetincludesdetailedprotocol/APIstandardsthatcanbeusedforimplementationpurposes;
• AnOpenSourcecommunityoutsidetheSSOwantstomakeareferenceimplementationofthesestandards–thatwillbefurtherdistributed(bytheOpenSourcecommunityitselforbyspecializeddistributors)andintegratedintocommercialproductsunderconditionsdefinedbyanOpenSourceLicense;
• TheOSSimplementationissettobefully"compliant"withthesestandardsorcanleadtoevolutionsofthestandardspublishedandmaintainedbytheSSO.
ExamplesofsuchimplementationscanbefoundintheETSI2012report[i.5].ForCloudComputing,anexampleofthisscenarioincludestheOpenStackimplementationofDMTFCADFspecification(seeAnnexCforfurtherinformation).
6.2.1.2 An Open Source community implements emerging standards from an SSO
Inthisscenario(Scenario1b):
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 17
• AnSSOTechnicalGroupisdevelopingasetofstandardsthatisnotyetstableandpublished.Thissetincludesstandardsatvariousstagesofthestandardsdevelopmentchain(e.g.standardsonrequirements,architecture,protocols/APIs);
• AnOpenSourcecommunityoutsidetheSSOwantstoundertakeanimplementationofthissetofstandards;• TheOSSimplementationmaybeonly"inspiredby"theon-goingworkoftheSSOandcan:
• SignificantlydivergefromitiftheprogressoftheOpenSourceimplementationisnotfedbacktotheSSO.Insomecase,theresultoftheOpenSourcecommunityworkisaproductimplementingasubsetofthestandardsunderpreparationintheSSO.
• ProvideearlyfeedbackonthestandardsunderelaborationintheSSOspecificationbyrapidlyprototypingsomeaspectsofit,inordertocomemorerapidlytoastableversionoftherelevantstandards.
Scenario1bisavariantofScenario1a,withpotentiallysignificantimpactsontheemergingstandardsunderpreparationintheSSO.AnexampleofScenario1bistheinteractionbetweentheIndustrySpecificationGroup"NetworkFunctionVirtualization"inETSI(ISGNFV)andtheOpenPlatformforNFV(OPNFV)(seemoredetailsinAnnexC).
6.2.2 An SSO develops an Open Source reference implementation Inthisscenario(Scenario2):
• AnSSOTechnicalGrouphasdevelopedandpublishedasetofstandards–thatwillbemaintainedandmaybefurtherevolved;
• Tospeed-upthemarketadoption,theTechnicalGroupdecidestodevelopareferenceimplementationofthesestandardsorofasubsetofthem,usinganOpenSourcemethodologyandenvironment(includingfortestingpurpose).
TheresultoftheSSOworkisabundleoftheStandardsandthereferenceimplementationsourcecode.Thereferenceimplementation:
• Isoneofmanyimplementationsinlinewiththepublishedset(orsubset)ofstandards.• CanbeusedbyanOpenSourcecommunityforinclusioninitsproductanddistributionordirectlyincludedin
commercialproducts(e.g.somevendors/integrators)underconditionsdefinedbyanOpenSourceLicense.Tomakethishappens,theSSOmusthaveimplementedinternallyanOpenSourcehostingframework.ExamplesofthisscenarioincludetheOpenSourceimplementationbyOMAoftheRCSspecification,whichisintegratedintocommerciallyavailableproducts.SimilarinitiativesarestartinginoneM2Mand3GPPpartnershipprojects.,ForCloudComputing,oneexampleistheDMTFStandardsSettingOrganization,whichisdevelopinganOpenStackimplementationoftheCIMIspecification.(SeeAnnexCforfurtherinformation).
6.2.3 An SSO develops standards based on the results of an Open Source community
Inthisscenario(Scenario3):• AnOpenSourcecommunityisdesigninganddevelopingasoftwareimplementationthatfulfillstheneedsof
anSSO,e.g.providinganimplementationcoveringthefunctionalandarchitecturalrequirementsexpressedinstandardspublishedorunderdevelopmentbythatStandardsOrganization;
• TheStandardOrganizationdecidestoendorsetheresultsoftheOpenSourcecommunityanddevelopsstandardsbasedonthedocumentedAPIsdevelopedbytheOpenSourcecommunity;
• TheOpenSourcecommunityhasoptedforanOpenSourcelicense.Theresultingstandardisasetof"triedandtested"APIsactingasareferenceinitsindustrysegment.AnexampleinCloudComputingistheDMTFspecificationofanOpenStackprofileforCADF(SeeAnnexCforfurtherinformation).
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 18
6.2.4 A collaboration (“joint project”) is established between a Standard Organization and an Open Source community
Inthisscenario(Scenario4):• Ajointcollaboration(“jointproject”)betweenaStandardsOrganizationTechnicalGroupandanOpenSource
communityisestablishedwiththeobjectivesofdevelopingtogetherasetofstandardsandanOpenSourceimplementationofthesestandards.
• Thesetofstandardsincludesstandardsatvariousstagesofthestandardsdevelopmentchain(e.g.standardsonrequirements,architecture,protocols/APIs)whiletheOpenSourceimplementationprovidesareferenceimplementationofthesestandards.
• ThiscollaborationincludestheestablishmentofajointsteeringTechnicalCommitteewhosetasksistocoordinatethedevelopmentofstandardsbytheStandardOrganizationandthedevelopmentoftheOpenSourceimplementation.ThisTechnicalCommitteewilldrivetheroadmapintermsofusecases,requirementsandarchitecturethatshouldbesupportedbytheOpenSourceimplementation.
Scenario4canbeviewedasacombinationofScenario1bandScenario3withtheadditionofaformal“jointproject”betweenaStandardOrganizationandanOpenSourcecommunitytohelpfosteringandcoordinatingeffortsinacoherentandagilemanner.IthastobenotedthoughthatanequivalentscenarioexistinthefieldofstandardizationwherecollaborationbetweenStandardOrganizationsarepossible,e.g.partnershipprojectsbetweenregionalStandardOrganizationssuchas3GPPorOneM2MorcollaborativeteamsbetweenISO/IECJTC1sub-committeesandITU-Tstudygroups.
6.3 Current and future situation Someoftheabovescenariosarewellestablishedwhereassomearemoreintheirearlydiscussionphasewithintheconcernedorganizations(OpenSourcecommunitiesaswellasSSOs).WiththeexpectedclarificationoftheinteractionsbetweenSSOsandOpenSourcecommunities,moreexamplesoftheabovescenariosaswellasnewscenariosarelikelytoemergeinthecomingyears.
7 Better aligning the standards and OSS communities 7.1 Alignment: if and when needed Regardingalignment,itisnotintendedheretofindawaytocomeupwithsimilarwaysofworkingandexpectedoutcome(whichwouldbeimpossibleconsideringthemajordifferencesinpurposeidentifiedinsection5).Actually,thereisadifferencebetweentheexpectationsofSSOsandOpenSourcecommunitiesfromthisstandpoint:SSOsarerealizingthat,inordertorespondbettertotheneedsofthestandardizationstakeholders,theyneedtofindwaystoincorporateOpenSourceintheirverygenes.ThisisnotthecaseforOpenSourceorganizationsthatdonotfeelthesamepressingneedforcooperation.ThisasymmetrybetweentheviewofSSOsandOSSisinparticularvisibleinthescenariosidentifiedinsection6,whereamajoritystemsfromtheneedsofSSOsratherthantheopposite.AlignmentwillcomefromtherealizationbybothSSOsandOpenSourcecommunitiesthattheyhavegoodopportunitiestoimprovetheeffectivenessoftheirrespectiveresults(morespeed,betterquality,moretesting,improvedmaintainability,etc.),ThisisespeciallytrueintheCloudComputingindustrysegment.Theprogresswillcomewiththeidentificationofmutuallysatisfactorysolutionstospecificproblems.ItisnotexpectedthateachSSOwillsetupacompleteOpenSourcestrategyimplementingallthescenariosofsection6(thoughsomemaywanttodoit).
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 19
7.2 Strategies Asaresultofthedifferentexpectationspointedoutabove,thematurityofstrategiestoaddressStandardsandOpenSourceinteractionisdifferentforSSOsandOpenSourceorganizations.TheSSOsstrategiesareregardingOpenSourcearecurrentlyatdifferentstages:
• Manyarejuststartingtodiscusstheissueandidentifytheirobjectives;• Somehavealreadyapreviousexperienceandhaveclearlyoutlinedobjectives;• Afewhavestartedtoanalyzehowtheirassetsmaybeimpactedbythisnewapproach(e.g.technical
organization,membershippolicy,IntellectualPropertypolicy);• Onlyafewhaveaverycompleteanddetailedapproach.
TheOpenSourceorganizationsstrategiesregardingstandardsarelargelyconditionedbytheanswertoafirstquestion:howcantheybenefitfromcollaboratingwiththeSSOs?AnnexAofthisreportisoutliningtheroleofsomeSSOsinvolvedinCloudComputingstandardization(e.g.thosewhohavebeenidentifiedduringCloudStandardsCoordinationPhase1)andthestatusoftheirOpenSourcestrategies.AnnexBhasasimilarobjectiveforsomeOpenSourceorganizationsinvolvedinCloudComputing.
7.3 Solutions Somepossiblesolutionshavebeenhighlightedintheprevioussectionsbutafirstanalysisshowsthattherearenotsomanyinplaceatthisstage.However,thefollowingapproachescanbehighlighted.1/ChangethesettingofSSOstoaccommodateOpenSourceprojectswithintheexistingorganization.Thiscantakeseveralforms,possiblycomplementary:
• DefinitionofspecifictechnicalorganizationswithintheSSO,differentfromtheirregulartechnicalcommittees.Forinstance,thecreationofTechnicalCommitteeswithspecialruleswithintheSSO(e.g.specificmembershiprules,differentIPRpolicies).
• DefinitionofspecificmembershipconditionsmeanttoattractregularparticipantofOpenSourceprojectswithinanSSOcontext(e.g.specialconditionstoacademics,tomicro-enterprise,etc.)
• Investigationofthebenefits,risksandrequiredchangesassociatedtotheadaptationoftheIPRpolicieswhenitbecomesnecessarytoaccommodatesomeoftheexpectedlicensingschemesintheOpenSourcecommunity(providedthereisareal–inparticularbusiness–advantage).
2/DefineOSS-orientedservicesinSSOsToofferattractiveservices,someelementsmustbedefined:
• ListofservicesinsupportofOpenSourcecommunities:o HostingofOSSproject,includingtheavailabilityofanOSSplatform;o Testingsupport,nparticularinteroperabilitytesting,plugfests,etc.o QualityAssurance;o Maintenance;o …
• Conditionsforuse:legalframework,ServiceLevelAgreement,etc.
8 ConclusionsandRecommendationsThegoalsofstandardsaredifferentfromthoseofOpenSourceSoftware(OSS).Standardizationaimsatproducingspecificationsthatcanbeimplementedinanyappropriatetechnology.Thisisessentialtoavoidvendorlock-insituationsaswellasforpromotinginnovativeimplementations.OpenSourceprojectsaimtofavortherapiddevelopmentofhighqualitysoftwareorreferenceimplementationsallowingforthediscoveryandvalidationofconceptsorprovidingsolutionsthatrespondtogivenusecasesandderivedfunctionalandarchitecturalrequirements.OpenSourceisalsopotentiallyanimportantvectorofgrowthandinnovationintheCloudComputingspace.
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 20
StandardsandOpensourceapproacheshaveanimportantroletoplayincomplementingeachother,andinfact,tosomeextent,moreandmoreICTprojectsdocombinethetwoapproaches.However,onlystandardsprovidethestabilityandtechnologyneutrality,inparticularrequiredforpublicpoliciesthatseektoimproveinteroperabilitywhilereducinglock-intoanyparticulartechnologysolution.InitsroleofsupportingStandards,OpenSourcecan:
• HelpovercomelimitationsinthedevelopmentandimplementationofStandards;• SpeedthedevelopmentandimprovethequalityofStandards;• Facilitatetheunderstandingofstandardsforimplementers;• ImprovetheStandardinteroperabilitybyusingOpenSourcereferencetest-bedimplementationandtesting
software.ThereforeinorderforstandardsandOpenSourcetoadequatelysupporteachother,thefollowingrecommendationsareproposed.Collaboration
• EncouragecollaborationbetweenOSScommunitiesandSSOsworkingonsimilarorcloselyrelatedtopics,e.g.NFVandOPNFV,possiblythroughjointeventslikeworkshops,plugtests;
• Encouragethecreationof“jointprojects”betweentheSSOswherethestandardsaredevelopedandOpen
Sourcecommunitiesinordertopushforcloserelationship,interaction,exchangeandcooperation;Roadmaps
• MakesurethatcollaborationbetweenSSOsandOpenSourcecommunitiesaddresstheknownCloudComputing(standards)gaps,e.g.inServiceLevelAgreement,Security,PrivacyandIntegrity;
• EncourageOpenSourceinitiativestostandardizetheirspecificationsthatareimportantforinteroperability
(e.g.APIs:DataModel,Protocol,Format).Organization
• FacilitatetheimplementationofOpenSourcesolutionsbasedonStandards(developedorunderdevelopmentinaSSO),inparticularbynarrowingthegapbetweendifferentapproachesofPatentandCopyrightpolicies;
• Ensurethatpre-standardizationactivities(e.g.thoseemanatingfromresearchprojects)canbesustained
overalongerperiodinordertoallowforasmoothtransitionofresultswithinCloudComputingstandardization.
Education,dissemination,promotion
• EncourageSSOsforearlyandincreasedeffortinthedisseminationofplansfor/workonnewCloudrelatedspecificationstowardstheOpenSourcecommunitiesintheCloudarea;
• EngageindustrialusersofCloudComputingOpenSourcecommunities;
9 Areas for further study Someareasforfurtherstudyhavebeenoutlinedintheprevioussectionsofthisreport:
• ClarificationoftheStandardsandOpenSourceinteractionscenarios:o Content,o Completeness,o Operationalworkingprocedures,o Methodsandtools.
• ClarificationoftheimpactonSSOorganizationsofgreatercompatibilityofFRANDandOpenSourcelicenses.
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 21
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 22
Annex A: Standards Related Organizations Approaches ThisannexispresentingsomeinitiativesofSSOsandafewrelatedorganizationsinthefieldofCloudComputingthatrelatetotheirinteractionswithOpenSourcecommunities.
Table1:StrategiesofSSOstowardsOpenSourcecommunities
Organization Type ScopeinCC Strategy,position,initiativeswithOpenSource
3GPP SDO Transparentfilesharingovermobilenetworks
ThereareanumberofOpenSourceimplementationsof3GPPspecification
ATIS SDO ATIShasdevelopedanumberofCloudComputingrelatedstandards;somehavebeenretainedinthelistofStandardsofCSC(phase1).
ATIShasdevelopedacompleteframework,inparticularlegal,toallowforstandarddevelopersandOpenSourcedeveloperstoworktogether,takingintoaccountdifferentmodelsforbusiness,licensingorIPprotection
CSMIC SSO TheCSMICaimstocontributetothesolutionofthecloud-basedservicemeasurementproblem.IncludingdevelopmentofaServiceMeasurementIndex(SMI)andaframeworkfororganizingandclassifyingservicemeasures.Thegoalisastandardwayofdescribinganddocumentingservicemeasures.
DMTF SSO DMTFdevelopedtheOpenVirtualizationFormat(OVF)thatisbroadlyusedtodescribevirtualmachineimagesinaportableway.DMTFalsospecifiedtheCloudInfrastructureManagementInterface(CIMI)whichisaself-serviceIaaSmanagementinterfaceandtheCloudAuditDataFederation(CADF)specificationdefinesanormativeeventdatamodelalongwithacompatiblesetofinterfacesforfederatingevents,logsandreportsbetweencloudprovidersandcloudcustomers.
DMTFhasalonghistorysupportingOpenSourceimplementationsofitsstandards.DMTFDSP2038definesaCADFrepresentationforusewiththeOpenStackCloudManagementPlatform
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 23
Organization Type ScopeinCC Strategy,position,initiativeswithOpenSource
ENISA EuropeanAgency
ENISAaspartoftheactivitiesundertheEUcloudstrategydevelopedalistofdifferentcertificationschemesthatcouldberelevantforpotentialCloudComputingcustomers.ThecreationofthislistisexplicitlymentionedasakeyactionintheEuropeanCloudStrategy.ThislistwasdevelopedbyENISAintightcollaborationwiththeEuropeanCommissionandtheprivatesector.
Thecertificationschemeslistcanbefoundat:https://resilience.enisa.europa.eu/cloud-computing-certification(WereferinterestedreaderstoapaperENISApublishedlastyearthatgivesanoverviewofarangeofinformationsecuritycertificationschemes,usedindifferentsectors.)
ETSI SDO ETSIisthehomeoftheNetworkFunctionVirtualization(NFV)IndustrySpecificationGroup(ISG)
TheETSIBoardhasdevelopedafirstframeworkforStandardsandOpensourcein2012.Theyarecurrentlyintheprocessofexpandingittotakeintoaccountmorescenarios.
IEEE SSO P2301isaworkinggroupforcreatingaGuideforCloudPortabilityandInteroperabilityProfiles.P2302–StandardforIntercloudInteroperabilityandFederation(SIIF)isthefirstCloudstandardizationactivityofIEEE
IEEEexpectstheseneweststandardswillnotonlyfollowtheconsensus-basedprocesschampionedbyIEEE,butwillalsoleveragethelatestintechnologydevelopmentbestpractices,suchasliveglobaltestbedsandOpenSourcereferences.
IETF SSO TheactualtechnicalworkoftheIETFisdoneinitsworkinggroups(WGs),whichareorganizedbytopicintoseveralareas(e.g.,routing,transport,security,etc.).IETFisspecifyingprotocolsanddatamodelsfor:
-SDN(NETCONF/Yangdatamodels,PCEP,ServiceFunctionChaining,…),
-RTCWeb,-HTTP
IETFhasstartedtodiscussaframeworktosupportOpenSource.Duringitsmeetings,IETFisholdingaHackathontoencouragedeveloperstodiscuss,collaborateanddeveloputilities,ideas,samplecodeandsolutionsthatshowpracticalimplementationsofIETFstandards.IETFindividualsstartusingGitHubforeditingIETFdrafts,prototyping,testsuites(e.g.https://github.com/http2)
OASIS SSO TopologyandOrchestrationSpecificationforCloudApplications(TOSCA)
LeadingOpenSourceorganizationshavealsoembracedTOSCAwithnumerousprojectsalreadyactive,e.g.integrationwithOpenStackHEAT,OpenNebula.
ODCA SSO
OGF SSO OGFhasdevelopedtheOpenCloudComputingInterface(OCCI)specificationandotherspecificationsthatareusefulinCloudenvironmentsthoughnotspecificallydevelopedforClouds,e.g.,WS-AgreementforCloudServiceLevelAgreements
ThereareanumberofOpenSourceimplementationsofOGFspecifications.IngeneralOGFencouragestheuseofOpenSourceimplementationsforevaluatingspecificationsandfortestinginteroperability.OpenSourceimplementationsmaybeusedtodevelopextensionstospecifications.OGFregularlyorganizesplugfeststosupportthis
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 24
Organization Type ScopeinCC Strategy,position,initiativeswithOpenSource
OMA SSO TheOpenMobileAlliance(OMA)deliveredthetechnicalspecificationforUnifiedCloudDisk(UCD)EnablerV1.0.TheUCDEnablerprovidesunifiedcloudstoragesysteminmobilecloudcomputingenvironments
OMAhasbeenaddressingthequestiononhowSSOscanadapt/evolvesuchthattheybetterenabletheapplicationdevelopertotakeadvantageofthestandardspecificationstheyproduce.SomeOMAeffortsintheareaofOpenSourceareongoingsuchastheadoptionofspecifictoolsforspecifications,theusageofGithubrepository,etc.
SNIA SSO TheSNIACloudDataManagementInterface(CDMI)isanISO/IECstandardthatenablescloudsolutionvendorstomeetthegrowingneedofinteroperabilityfordatastoredinthecloud.TheCDMIstandardisapplicabletoalltypesofclouds–private,publicandhybrid.
SNIA’sCloudStorageInitiative(CSI)promotescloudstorageadoptionwithopenstandardsthatprovidevendorsandenduserswithchoice,interoperability,andportability.CSIleadsasanindustryneutralauthorityoncloudstorageenvironmentsandiscommittedtoeducatingvendorandendusercommunitiesoncloudstorage&industrystandardizationbenefits.SNIAalsosupportsOpenSourceprojectsinstorage
TMF SSO TheprimaryobjectiveofTMForum’sCloudServicesInitiativeistohelptheindustryovercometoday’sbarriersaroundCloudservicesandassistinthegrowthofacommercialmarketplaceforcloudbasedservices.Thecenterpieceofthisinitiativeisanecosystemofmajorbuyersandsellerswhowillcollaboratetodefinearangeofcommonapproaches,processes,metricsandotherkeyserviceenablers.
AspartofitsZOOM(Zero-touchOrchestration,OperationsandManagement)project,TMFhasproducedaZOOMpositiononOpensource(seeTMFIG1119,Release14.5)
W3C SSO W3CitselfhasnotyetdevelopedaspecificstandardforCloudcomputing.However,asmost(ifnotall)oftheWS-*specificationsaretargetingweb-based
W3CconsidersOpensourcesneedOpenstandardsandCloudservicesneedOpenStandards.W3Cishappytocontributeandcollaborate•OpenPlatformCapabilities•DataandSemanticSupport•AdvancedServiceManagement
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 25
Annex B: Open Source Communities Approaches B.1 Open Source Cloud middleware projects InthissectionweanalyzethemajorOpenSourceCloudmiddlewareprojectsregardingtheirsupportforCloudstandards,theirrelationtoStandardsDevelopmentOrganizationsandtheirpossibleinvolvementinthedevelopmentofCloudstandards.
Table2:StrategiesofOpenSourceorganizationstowardsSSOs
Organization WhattheydoinCC Strategy,position,initiativeswithSSOs
Ceph Opensourcesoftwarestorageplatformdesignedtodeliverobject,block,andfilestoragefromasingledistributedunifiedsystem
CloudStack CloudStackisdevelopingCloudcomputingsoftwareforcreating,managing,anddeployinginfrastructurecloudservices.
CloudStacksupportstheOCCICloudComputingstandard.CloudStackasacommunityisnotparticipatinginthedevelopmentofstandards.However,individualmembersoftheCloudstackcommunitymaybeactiveinSSOs,inparticularVerizoneTerremarkclaimstobe,maybeactiveinthedevelopmentofopenstandards
CompatibleOneBroker
CompatibleOneisacloudbrokerbasedonopenstandards
CompatibleOnesupportstheOCCIandWS-Agreementstandards.CompatibleOneasacommunityisnotparticipatinginthedevelopmentofstandards.However,individualmembersoftheCompatibleOnecommunitymaybeactiveinSSOs
Contrail TheCONTRAILprojectdeliveredisanOpenSourcesysteminwhichresourcesthatbelongtodifferentoperatorsareintegratedintoasinglehomogeneousFederatedCloud.Afollow-upactivityisOpenContrail
ContrailsupportsanumberofCloudComputingstandards:OCCI,OVF,CDMIandWS-Agreement.MembersoftheContrailprojectparticipatedinthedevelopmentofOCCIduringthelifetimeoftheproject.
Eucalyptus EucalyptusisasoftwareforbuildingAmazonWebServices(AWS)-compatibleprivateandhybridCloudComputingenvironments
EucalyptussupportstheOCCICloudComputingstandard.Eucalyptusasacommunityisnotparticipatinginthedevelopmentofstandards.However,individualmembersoftheEucalyptuscommunity,especiallyHP,maybeactiveinSSOs.
KVM OpensourcesoftwarevirtualizationsolutionforLinuxonx86hardwarecontainingvirtualizationextensions.
Nimbus TheNimbusPlatformisanintegratedsetoftoolsthatdeliverIaaSCloudstoscientificusers;theNimbusInfrastructureisanOpenSourceEC2/S3-compatibleInfrastructure-as-a-Serviceimplementationalsowithafocusonscientificusers.
NimbussupportstheOCCIandstandard.Nimbusasacommunityisnotparticipatinginthedevelopmentofstandards.However,individualmembersoftheNimbuscommunitymaybeactiveinSSOs
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 26
Organization WhattheydoinCC Strategy,position,initiativeswithSSOs
OpenDaylight OpensourceSDNcontrollerplatformfornetworkprogrammabilitytoenableSDNandcreateasolidfoundationforNFVfornetworksatanysizeandscale.
TheSDNcontrollersupportsmultiplesouth-boundinterfacesandprotocolsdevelopedintheIETF(OVSDB,Netconf/Yang,PCEP,LISP,BGP,Opflex,CoAP…),ONF(OpenFlow).
OpenNebula OpenNebulaisacloudcomputingplatformformanagingheterogeneousdistributeddatacenterinfrastructures
OpenNebulasupportsanumberofCloudComputingstandards:OVF,CDMIandOCCI.OpenNebulaasacommunityisnotparticipatinginthedevelopmentofstandards.However,individualmembersoftheOpenNebulacommunitymaybeactiveinSSOs.
OpenStack OpenStackisdevelopingacloud-computingsoftwareplatform.MostoftenusedforIaaS
OpenStacksupportsanumberofCloudComputingstandards:OVF,CDMI,OCCI.OpenStackasanorganization(representedbytheOpenStackFoundation)isnotparticipatinginthedevelopmentofstandards.However,individualmembersoftheOpenStackcommunity,especiallyindustrialmembers,maybeactiveinSSOs.
OpenvSwitch(OvS) OpenSourceSoftwareswitchdesignedtobeusedasavswitchinvirtualizedserverenvironments.OpenvSwitchhasalsobeenintegratedintovariouscloudcomputingsoftwareplatformsandvirtualizationmanagementsystems,includingOpenStack,OpenNebula…
OpenvSwitchsupportsstandardmanagementinterfaces(e.g.sFlow,NetFlow,IPFIX…),andisopentoprogrammaticextensionandcontrolusingOpenFlowandtheOVSDBmanagementprotocol.
OPNFV OpensourceprojectfocusedonacceleratingNFV'sevolutionthroughanintegrated,openplatform.
ThescopeofOPNFV’sinitialreleaseisfocusedonbuildingNFVInfrastructure(NFVI)andVirtualizedInfrastructureManagement(VIM)oftheETSINFVarchitecturalframework(ETSIGSNFV002)
OPTIMIS AtoolkitformanagingIaaSCloudsespeciallysupportinghybridClouds,CloudfederationandCloudbursting
OPTIMISsupportstwoCloudComputingstandards:OVFandWS-Agreement.MembersoftheOPTIMISprojectparticipatedinthedevelopmentofWS-AgreementNegotiationduringthelifetimeoftheproject.
OW2 TheOW2communityisengagedinseveralcloudcomputingprojectssuchasCompatibleOnecloudbroker,OpenCloudwaremulti-IaaSPaaS,XLCloudHPCcloudplatform,andOCCIware,aformalframeworkforthemanagementofanydigitalresourceinthecloud.
OW2facilitatesthedevelopmentofOpenSourceSoftwarewithastrongfocusoninfrastructuresoftwareandcloudcomputing.OW2isnotastandardorganizationbutencouragesitsmemberstotakepartinstandardworkgroups.OW2encouragesitsprojectstosupportopenstandardsandisstartingtohavesomeexperiencewithOCCI.
WSO2 HasdevelopedsoftwareforCloudenvironments,e.g.,theCloudGatewayforpublishingservicesanddatatotheCloudfrominsidetheenterprise.HasacommercialofferingforaCloudenvironment
WSO2supportstheOCCIandWS-Agreementstandards.WSO2asacommunityisnotparticipatinginthedevelopmentofstandards.However,individualmembersoftheWSO2communitymaybeactiveinSSOs
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 27
B.2 Standards usage summary table ThefollowingtableliststhesupporttostandardsfortheaboveselectedOpenSourceprojects.
Table3:Opensourceproductsadherencetostandards
Organization OVF CIMI CDMI OCCI WS-Agreement
CompatibleOneBroker
N/A No N/A Yes Yes
CloudStack N/A Yes N/A Yes NoEucalyptus N/A No N/A Yes NoNimbus N/A No N/A Yes No
OpenContrail Yes No (Yes) Yes YesOpenNebula Yes No Yes Yes NoOpenStack Yes (Yes)1 (Yes)2 (Yes)3 NoOPTIMIS Yes No No No YesWSO2 N/A No N/A (Yes) Yes
1(Yes)indicatesthatthereisnofullimplementationbutarudimentaryinterfaceonly.2OpenStacksupportsanumberofCloudComputingstandardsincludingOVF,CDMI,OCCI,butthissupportismostlyviaindependentopen-sourceadd-onprojects.ThecoreOpenStackcommunityhasclarifiedthatiftherewassufficientcommunitydesire,furtherstandardssupportcouldbeincorporatedintothecoreOpenStackprojects.Givenlimiteddevelopmentresources,itisessentiallyamatterofcommunitypriority.(seehttps://github.com/osaddon).
3Seehttps://wiki.openstack.org/wiki/Occiandhttps://github.com/stackforge/occi-os
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 28
Annex C: Interaction scenarios in practice in Cloud Computing
Thedescriptionofthescenariosintheprevioussectionhasraisedsomequestionsthatthissectionwishestoaddress.Todothis,wehaveselectedafewcasestudiesthatserveasamoreconcreteillustrationoftheopportunitiesandissuesraisedbythecollaborationofOpenSourcecommunitiesandSSOs.
C.1 Sharing specifications: NFV and OPNFV SomeofthescenariosabovearerelatedtotheimplementationbyanOpenSourcecommunityofoneormorespecifications(alreadyexistingorunderdevelopment)comingfromanSSO.ThequestionoftheadoptionofanemergingstandardbyanOpenSourcecommunityaddressedinscenario2canbeillustratedbytherelationshipbetweenNFV(anIndustrySpecificationGroupwithinETSI)andOPNFV(anOpenSourceOrganization).
C.1.1 Theactors
NFV(NetworkFunctionVirtualization)TheNFVISG(IndustrySpecificationGroup)wascreatedendof2012undertheauspicesoftheEuropeanTelecommunicationsStandardsInstitute(ETSI),inresponsetoacallforactionfromagroupofmajoroperators[1].NetworkFunctionsVirtualizationaimstotransformthewaythatnetworkoperatorsarchitectnetworksbyevolvingstandardITvirtualizationtechnologytoconsolidatemanynetworkequipmenttypesontoindustrystandardhighvolumeservers,switchesandstorage,whichcouldbelocatedinDatacenters,NetworkNodesandintheenduserpremises.ThefirstNFVISGoutputswerepublishedinOctober2013,includingausecasespecification[ETSINFVGS001],andanNFVArchitecturalFrameworkspecification[ETSINFVGS002]thatidentifiesNFVsystemcomponentsandtheinterfacesbetweenthem.ThenthesefirstoutputswerecomplementedwithnewdeliverablespublishedbyETSIinJanuary2015[2].Altogetherthisfirstspecificationphase(knownasNFVPhase1)setsthefoundationalconceptsandcreatesacommonvocabularyandarchitecturalframeworkwidelysharedintheindustry.TheETSINFVarchitecturalframeworkenablesVirtualizedNetworkFunctions(VNF)tobedeployedandexecutedonadistributedcarrier-gradecloudinfrastructureknownastheNFVInfrastructure(NFVI),whichconsistsofpoolsofcommodityhardwareresources(computing,storageandnetwork)wrappedwithasoftwarelayerthatabstractsandlogicallypartitionsthem.Inhypervisor-baseddeployments,aVNFistypicallymappedtooneVirtualMachine(VM)intheNFVIbutmayalsobesplitintomultipleVNFcomponents(VNFC)loadedonseparatevirtualmachines(e.g.withdifferentscalingrequirements).Thedeployment,executionandoperationofVNFsonanNFVIaresteeredbyaManagement&Orchestration(M&O)system,whosebehaviorisdrivenbyasetofmetadata(a.k.a.NFVdescriptors)describingthecharacteristicsofthenetworkservicesandtheirconstituentVNFs.TheM&OsystemincludesanNFVOrchestrator(NFVO)inchargeofthelifecycleofnetworkservices,asetofVNFmanagersinchargeofthelifecycleoftheVNFs(includingVNFscalingout/in)andaVirtualizedInfrastructureManager(VIM),whichcanbeviewedasanextendedCloudManagementSystemresponsibleforcontrollingandmanagingNFVIresources.AmajorchallengeremainstoachieveinteroperabilityforthekeyinterfacesidentifiedintheNFVarchitecturalframework.TheNFVPhase1specificationsarenotsufficienttomeetthisobjectiveastheyonlyprovideafunctionaldescriptionoftheseinterfaces,whileinteroperabilityusuallyrequiresthespecificationofaprotocoland/oranAPIandoftenadatamodel.OneofthemostimportantgoalsoftheNFVPhase2workprogramistoclosetheaforementionedinteroperabilitygapbyprovidingtherightlevelofspecificationsforthekeyinterfaces.Apre-requisitetoanyprotocolorAPIspecificationworkistocompletethefunctionaldescriptionoftheseinterfacesidentifiedduringNFVPhase1.Oncethisstepisdone,afollow-upspecificationphaseshouldleadtoaprotocolspecification,presumablyintheformofaprofileof–oranextensionto–anexistingbasestandard.Onekeytaskwillbetoselectthemostappropriatebasestandardperinterface.
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 29
CloselyrelatedtointeroperabilityaretheVNFportabilityandVNFmigrationtopics.PortabilityreferstotheabilitytodeployaVNFondifferenttypesofservers,whenlivemigrationreferstotheabilitytomoveanactiveVNFinstancefromoneservertoanotherwhileensuringservicecontinuity.OneoftheworkitemsforNFVPhase2willbethespecificationofasetofinterfacesenablingtheVNFCcodetoaccessaccelerationservicesprovidedbytheinfrastructure,inanimplementation-independentmanner.AnotherprospectiveworkitemforNFVPhase2isareportthatstudiestheinternalarchitecturalstructure/physicalcomponentsofanNFVINodeandprovideasetofguidelinestosupportanNFVenvironment.Thegoalistofacilitatetheavailabilityofthesecomponentsinamulti-vendorenvironment.Besides,thepublicationofareportontheroleofsoftware-definednetworking(SDN)intheNFVarchitecturalframeworkisexpected. OPNFV(OpenPlatformforNFV)TheOpenSourceOpenPlatformforNFV(OPNFV)initiative,ledbytheLinuxFoundation,waslaunchedonthe30thSeptember2014withtheparticipationofseveralITandtelecomvendorsandtelecommunicationsserviceproviders[3].TheobjectiveofOPNFVistoprovideareferenceinfrastructureplatformforNetworkFunctionsVirtualization(NFV).Therefore,largepartsoftheOPNFVarchitecturearedirectlyrelatedtothearchitectureoutlinedinthedocumentsprovidedbyETSIISGNFV.Tostartwith,OPNFVaddressesanintegratedsolutionforNFVIandVIMcomponentsoftheETSINFVarchitecturethattogetherbuildtheinfrastructurelayeroftheNFVframework.Toachievethisgoal,OPNFVwillworkinclosecollaborationwithanumberof“upstream”OpenSourceinitiatives(e.g.OpenStack,OpenDayLight,KVM,OVS…).Inadditiontocodedevelopment,OPNFVincludesanumberofrequirementsprojectsbutalsointegrationandtestingprojects.OPNFVwillexecuteonareleasecadenceofareleaseapproximatelyeverysixmonths.OPNFVRelease1‘ARNO’wasdeliveredinJune2015.ThisfirstOPNFVreleaseincludesthefollowingexistingOpenSourcecomponents(see[i.9]):
• OpenStackReleaseJuno;• OpenDaylightReleaseHeliumforNetworkcontrol;• CephobjectstorageorchestratedbyCinder;• OVSforvirtualswitch;• KVMhypervisorforVirtualMachine.
C.1.2 Workingtogether:opportunities,issues
Attheformallevel,thecurrenttypeofpartnershipengagementiscalled“LetterofIntent"(LoI)allowingthecooperationbetweenETSIandOPNFV[6].ThisestablishesaformalcontactbetweenETSIwithOPNFVandservestoexchangeoperational/promotionalinformationandtoidentifycommonroadmaps.Theintentionistoco-operateinthestandardizationeffortsintheareaofNFVandtoworktogetherforpromotingandencouragingfurtherengagementbetweentherespectivecommunities.Forthispurpose,thepartiesmayseektoencourageanddevelopcollaborativeactivitiesinvariousways,includingtheexchangeofideasandexpertise. Inpractice,itisclearthatkeepingeachorganizationabreastofdevelopmentsofjointinterestischallenging,giventhequitedifferentgovernanceprocessesofETSINFVISGandOPNFV.Asamatteroffact,thedevelopmentofmanyrequirementsprojectsinOPNFVoverlapswithETSINFV.OneoftheimportantgoalsoftheETSINFVphase2workprogramistoprovidefunctionalspecificationsforthekeyinterfacesoftheNFVarchitecturalframework.OPNFVcouldbeconsideredasprovidingde-facto‘specifications’fortheNFVInfrastructureanditsmanager(VIM)whilemoreconventionalstandardsarelikelytobedevelopedbyETSINFVand/orotherSDOsforotherNFVmanagementandorchestrationinterfaces.However,itislikelythatOPNFVwilldevelopthe“de-facto”‘specifications’fortheNFVInfrastructureanditsmanagerfromthedeliverablesofitsownrequirementsprojectsratherthanfromETSINFVspecifications.Moreover,somerecentlyagreedOPNFVrequirementsprojectsareaddressingothermanagementandorchestrationinterfacesaswell,therebyincreasingtheriskofseeingafragmentationoftherequirementsspecificationsintheindustry.
C.2 OpenSourceandStandards:OpenStackOpenSourceOrganizationsdeveloptheirprojectswiththeirowndynamics.TheirrelationshipwithStandardsSettingOrganizationsmayormaynotexist(dependingonthescenario).ThefollowingsectioninvestigatesthecaseofOpenStackasanexampleofScenario5("AnOSSorganizationimplementsReferenceAPIs").
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 30
C.2.1 The actors OpenStackOpenStack(http://www.openstack.org)isanOpenSourceCloudComputingsoftwarethatprovidesinfrastructureasaservice(IaaS)ClouddeploymentforpublicandprivateClouds.OpenStackwasfirstintroducedinJune2010,bornwithitsinitialcodefromNASA’sNebulaplatformandRackspace’sCloudFilesplatform.Today,theOpenStackprojectismanagedbytheOpenStackFoundationestablishedinSeptember2012.TheOpenStackFoundationisanindependentbodyprovidingsharedresourcestohelpachieveOpenStackmissionbyempowering,protectingandpromotingOpenStacksoftwareandthecommunityarounditincludingusers,developersandtheentireecosystem.OpenStackcommunitywithmorethan500supportingcompaniesishavingaroundsix-monthreleasecycleandtillnowOpenStackhasreleasedelevenmajorOpenStackreleasesfromAustininOctober2010toKiloinApril2015.OpenStackisorganizedaroundthreemainmodulesi.e.compute,storageandnetworking.Alongwiththesethree,dashboardisanotherimportantcomponentprovidinginterfacetoadministratorsandusersforprovisioningandreleaseofresources.Thesecomponentsinteractwithuser’sapplicationandunderlyinghardwareoverwhichotherOpenStackservicesrun.OpenStackCompute(Nova)hasanabstractionlayerforcomputedrivers.Thisiswhatallowschoosingwhichhypervisor(s)touseforanyOpenStackcomputedeployment.OpenStackprovidesanIaaSsolutionthroughasetofinterrelatedservices.EachserviceoffersanApplicationProgrammingInterface(API)(see[i.11])thatfacilitatesthisintegration.TheseRESTfulAPIsandOpenStackcurrentlyconsistofseveraldifferentservicecodeprojectstomakeitmodular,eachhavingitsdifferentcodenamefortheproject.ThiscodenamedescribesthedifferentmodulesofOpenStackandtheirconfigurationfilesrespectively.EachOpenStackprojectalsoprovidesacommand-lineclient,whichenablesaccessingtheprojectAPIthrougheasy-to-usecommands(seehttp://docs.openstack.org/cli-reference/content/).ThefollowingtabledescribestheOpenStackservicesthatprovidetheOpenStackarchitecture.
Table4:OpenStackservicesinsupportofOpenStackarchitecture
Service Codenameofproject
Description
Dashboard Horizon Providesaweb-basedself-serviceportaltointeractwithunderlyingOpenStackservices.
Compute Nova Managesthelifecycleofcomputeinstances.
Networking Neutron EnablesNetwork-Connectivity-as-a-Service.
ObjectStorage Swift StoresandretrievesarbitraryunstructureddataobjectsviaaRESTful,HTTPbasedAPI.
BlockStorage Cinder Providespersistentblockstoragetorunninginstances.
Sharedservices
Identityservice Keystone ProvidesanauthenticationandauthorizationserviceforotherOpenStackservices.
Imageservice Glance Storesandretrievesvirtualmachinediskimages.
Telemetry Ceilometer MonitorsandmeterstheOpenStackcloudforbilling,benchmarking,scalability,andstatisticalpurposes.
Higher-levelservices
Orchestration Heat Orchestratesmultiplecompositecloudapplicationsbyusingtemplates.
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 31
Databaseservice Trove ProvidesscalableandreliableCloudDatabase-as-a-Servicefunctionalityforbothrelationalandnon-relationaldatabaseengines.
Dataprocessingservice
Sahara ProvidescapabilitiestoprovisionandscaleHadoopclustersinOpenStack.
DistributionsTherearemanywaystoinstallanddeployOpenStackthroughsoftwaredistributions.TheOpenStackMarketplaceincludesalistofcommercialsoftwaredistributionspoweredbyOpenStack.Inadditiontocommercialofferings,OpenStackisalsoincludedwithseveralnon-commercialLinuxdistributions.
C.2.2 Support of standards ThedevelopmentoftheOpenStacksoftwarethroughitsthighreleasecyclesisakeyelementoftheoutputoftheOpenStackcommunity.Amongstthedecisionsthathavetobetakenfortheproduct,thechoiceofwhichCloudComputingstandardwillbesupportedisimportant.MoreinformationregardingthesupportofCloudComputingstandardsbyOpenStackandotherimportantCloudComputingOpenSourceprojectscanbefoundinAnnexB.
C.3 Distributed Management Task Force (DMTF) C.3.1 DMTF Standards
DMTF(www.dmtf.org)developsstandardsthatenablethemanagementofdiversetraditionalandemergingtechnologiesincludingCloudComputing,virtualization,networkandinfrastructure.RegardingCloudComputing,DMTFhasproducedseveralspecificationsincluding:
• DSP0243,OpenVirtualizationformat(OVF).OVFisacommonpackagingformattopackageandsecurelydistributevirtualappliances.Thisenablesportabilityofvirtualappliancesacrossmultiplevirtualizationplatformsandproducts.OVFisapackagingstandardandnotaruntimestandard.AnOVFpackagecontainsoneormoreimagefiles,an.ovfXMLmetadatafilethatcontainsinformationaboutthevirtualmachine,andpossiblyotherfilesaswell.OVFdoesnotdictateanyparticulardiskformat(e.g.VHD,VMDK,VDI,QCOW2...)tobeused.AnOVFpackagecanbedistributedindifferentmanners.Forexample,itcanbedistributedasasetofdiscretefiles,orasatararchivefilewithan.ova(openvirtualappliance/application)extension.
• DSP0263,CloudInfrastructureManagementInterface(CIMI).CIMIisaself-serviceIaaSmanagementinterface,allowingCloudcustomerstodynamicallyprovision,configureandadministertheirCloudusageusingahighlevelinterfacethatabstractsawaymuchofthecomplexityofsystemsmanagement.TheinterfaceusestheHyperTextTransferProtocol(HTTP)tosendandreceivemessagesthatareformattedusingeitherJavaScriptObjectNotation(JSON)ortheeXtensibleMarkupLanguage(XML).
• DSP0262,CloudAuditDataFederation(CADF).TheCloudAuditDataFederationspecificationdefinesanormativeeventdatamodelalongwithacompatiblesetofinterfacesforfederatingevents,logsandreportsbetweenCloudprovidersandCloudcustomers.Morethanaformat,theCADFstandarddefinesafulleventmodelanyonecanusetofillintheessentialdataneededtocertify,self-manageandself-auditapplicationsecurityinCloudenvironments.
OVFandCIMIareadoptedasInternationalStandards,respectivelyISO/IEC17203andISO/IEC19831.
C.3.2 DMTF standards and OpenStack TheobjectiveofthisclauseistolookathowtheOVF,CIMIandCADFstandardsdevelopedbyDMTFhavebeenadoptedinmajorOpenSourceprojects,i.e.OpenStackandCloudStack.NotethatDMTFhasrecentlyenteredintoanAlliancePartnerrelationshipwiththeOpenStackFoundation(http://www.dmtf.org/sites/default/files/OpenStack-DMTF-WR-1_1.pdf).BothDMTFandOpenStackarecommittedtocross-bodycollaboration,integratingexisting
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 32
standardstoenhanceinteroperabilityforthegoodoftheindustry.ThisrelationshipinitiallyfocusesonstandardscriticaltoCloudsecurity,improvingcloudauditabilitytoaccelerateenterpriseadoption.OVF:TheOpenStackImageServiceprovidesdiscovery,registrationanddeliveryservicesfordiskandserverimages.WhenaddinganimagetoOpenStackGlance,thevirtualmachineimage’sdiskformatandcontainerformatmustbespecified.Thediskformatofavirtualmachineimageistheformatoftheunderlyingdiskimage.Thecontainerformatreferstowhetherthevirtualmachineimageisinafileformatthatalsocontainsmetadataabouttheactualvirtualmachine.BothOVFandOVAcanbespecifiedasvaluesforthecontainerformat.
CIMI:OpenStackdoesnotsupporttheDMTFCIMIspecification.CIMIonOpenStackNovaprojectinGithub(https://github.com/osaddon/cimi)wasstartedwiththegoalofaddingthesupportofCIMItoOpenStack.Howeverthishasseennoactivitysince2012andwouldneedtobeupdatedtothelatestversionofOpenStack.ApartfromOpenStack,CIMIhashadseveralopensourceprojectsimplementingpartsofitsuchasDeltaCloudandOW2SiroccoprojectsprovidingaproxysystemwithCIMIasthetopAPIandsupportformultiplebackend-clouds.
CADF:CADFiscurrentlyimplementedinpyCADF(https://github.com/openstack/pycadf):APython-basedCADFLibrary,usedbyOpenStack.DMTFDSP2038definesaCADFrepresentationforusewiththeOpenStackCloudManagementPlatform.
References• DMTFDSP0243:OpenVirtualizationFormatSpecification• DMTFDSP0262:CloudAuditingDataFederation(CADF)–DataFormatandInterfaceDefinitionsSpecification• DMTFDSP0263:CloudInfrastructureManagementInterface(CIMI)ModelandRESTfulHTTP-basedProtocol• DMTFDSP2038:CloudAuditDataFederation–OpenStackProfile(CADF-OpenStack)
Annex D: Change History
Date Version Information about changes July2015 1.0.0 FirstpublicationoftheSRforcomments
October2015 2.0.0
Finalpublicationbasedonthechangesprovidedby:-CommentsfromtheNTECHTechnicalCommitteereview-Commentsfromthepublicreviewgatheredonhttp://csc.etsi.org-Additionalchangesproposedduringthefinalreviewworkshop
History Documenthistory
V0.9.0 30/06/2015 DraftforSTFreview.IncorporatesallthecontentalreadydevelopedwithintheSTFintotheappropriatetemplate.
V0.9.1 2/07/2015 Statusofdocumentafterthereviewmeetingon2/07/2015
V0.9.2 23/7/2015 Statusofdocumentafterthereviewmeetingon24/07/2015
V0.9.3 24/07/2015 Statusofdocumentimmediatelyafterthereviewmeetingon24/07/2015
V0.9.99 27/07/2015 Documentforfinal"sanitycheck"beforepublicationon27/07/2015Incorporatesthechangesdecidedduringthereviewmeetingon24/07/2015
V1.9.0 12/10/2015 IncorporatesthechangesdecidedduringtheReviewWorkshopinBrusselson02/10/2015forreviewbytheSTFteam.
V1.9.1 13/10/2015 IncorporatesthechangesagreedduringtheSTFteammeeting
V1.9.2 14/10/2015 AdditionalchangesandalignmentwithotherSTFreports
ETSI
ETSI SR 003 382 V2.0.0 (2015-11) 33
V1.9.8 16/10/2015 For"sanitycheck"(nofurthercommentsallowed)bythereviewersandtheSTFteam