Networks ∙ Services ∙ People www.geant.org Galway, 11th November Working with GÉANT and global cloud service providers for Irish R&E Sector GÉANT IAAS Cloud Update Garvan McFeeley, HEAnet Robert Hackett, HEAnet
Networks ∙ Services ∙ People www.geant.org
Galway, 11th November
Working with GÉANT and global cloud service providers
for Irish R&E Sector
GÉANT IAAS Cloud Update
Garvan McFeeley, HEAnet
Robert Hackett, HEAnet
Networks ∙ Services ∙ People www.geant.org
• Overview of GEANT and the IAAS Cloud framework
• Benefits for HEAnet clients
• Vendor details
• Procurement
• How to avail of new GÉANT Framework
• HEAnet onboarding approach
• Q&A
2
Agenda
Collective size
10.000 organisations
50 million users 40 EuropeanNational Research and Education Networks(NRENs) Collaborate in their European association GÉANT
on- Network- Identity Management
- Online applications and clouds
1 community
1 market=
of GÉANT NRENs are(planning to get) involved with clouds*
* GÉANT Compendium 2015
78%
IaaS in high demand by community
36 NRENsestablishing framework agreements with suitable suppliers
Not winner takes all, but provide choice
EC Procurement Directive (2014/24/EU)• Framework Agreement use• Cross-border procurements
• Centralised Purchasing Bodies
NRENs bring the agreements to institutions for consumption 4
Joint NREN IaaS tender in GÉANT
Adoption and service support.Strategic collaboration.
Network: No data traffic charges.Connect to GÉANT and NRENs networks over public IP.Direct connect to institutions, Layer 2 point-to-point connections.
Exit support.Data portability.
Identity Management: SAML2 and eduGAIN.
Compliance with EU Data Security Directives.Ability to offer IaaS from inside the EC / EEA.
General security policies. Handling of sensitive data (including public health or military research).Certifications.
Volume discount (initial discount and additional tiered discounted pricing). No price increase.Purchase order and post-paid billing.Recognising aggregated spending, combined for all participating institutions.Accommodating capital expenditure (upfront commitment).
Mechanisms to reduce costs for underutilised (or paused) cloud resources. Support for Bring Your Own License (use existing educational licenses).Migration of existing contracts.
Admin management portal.Customer self service portal.Order placement, reporting and group management.
API support.
Networks ∙ Services ∙ People www.geant.org 6
Scope of the GEANT IAAS Framework
• IAAS Cloud Compute services – Compute, Storage, Network,
Support and related cloud provider services
• Cloud provider additional services
• Reseller value added services
• Design,
• Implementation,
• Migration,
• Managed IAAS
• Out of Scope
• SAAS
• Private Cloud
Networks ∙ Services ∙ People www.geant.org
Benefits of the GEANT IAAS FrameworkProcurement Compliant Consumption• Use a PO or mini-competition
• Legal due diligence completed
Commercial• Better discounts through aggregation
• Bring your own license (byol)
• Limit network traffic costs – Egress charges
• Predictable cost models (prevent bill shock)
Performance & Manageability• Peering with Cloud Providers
Useability & Support - Federation• Log in with institutional account – SAML/Edugate
Data Protection• Ensure data is handled safely and meets
European and national regulations.
• Be able to to move data (to another provider)
Networks ∙ Services ∙ People www.geant.org
• Amazon, through resellers: Arcus, Comparex, Telecom Italia,
• Cloudsigma
• Dimension Data
• Interoute
• itSoft
• KPN
• Lattelecom
8
Evaluation completedFramework agreements being signed with…
• Microsoft, through resellers: Atea, Cacttus, Comparex, Dom-Daniel, Infosoft, Micromail, Nextsense, Novabase, SoftwareOne, Span and Ymens
• NTT Europe
• T-Systems
• Telecom Italia
• Vancis
9
Cloud Vendors for Ireland
OIP
Networks ∙ Services ∙ People www.geant.orgNetworks ∙ Services ∙ People www.geant.org
1. Direct call off – if happy with GÉANT requirements and ranking
2. Mini-competition – for tailor-made solutions;• Technical
• Operational (reporting requirements, etc.)
• Legal (e.g. specific legal terms needed in the service agreement)
• Financial
10
Procurement Options for HEAnet Clients
Networks ∙ Services ∙ People www.geant.org
• Solution(s) – OIP, AWS, MS Azure
• Model(s) – Reseller, Referrer, Underwriter
• Only with the Supplier accepted for your country (still, a choice of many solutions, up to 12)
• Only after the SAML2 compliance is announced
• Only possible within first 45 months after the Framework was made available
• Engage with the Supplier on the service commencement agreement (agreement on cost-recovery and role)
• Complete the call-off agreement template – parties, contacts, duration (up to 4 years duration)
• No award publication necessary (?) Article 50: In the case of framework agreements concluded in accordance with Article 33, contracting
authorities shall not be bound to send a notice of the results of the procurement procedure for each contract based on that agreement.
Call-Off Checklist
Networks ∙ Services ∙ People www.geant.org
1. Direct Award – if satisfied with GEANT’s template solutions
• re-scoring according the criteria you find important
2. Mini-competition – for tailor-made solutions, either
• technically
• operationally (e.g. specific reporting requirements)
• legally (e.g. specific legal terms needed in the service agreement)
• financially (e.g. bulk pricing)
Call-Off Options
Networks ∙ Services ∙ People www.geant.org
• This is complex
• This needs to be sustainable
• Cost recovery 1 - 5%
Funding this…
Networks ∙ Services ∙ People www.geant.org
Network Peering with Cloud Providers
• Best, most direct connection between providers and R&E community;
• latency, bandwidth, 2 x 10Gb
• data protection.
• Managed network end to end
• Remove network ingress and egress charges, to achieve more predictable cost models
• Layer3 Peering – IP BGP
• Layer2 Peering – dedicated links
Networks ∙ Services ∙ People www.geant.org 15
Cloud Provider Federation
• SAML/eduGAIN – another key pillar of the IAAS Framework
• Working with major vendors for several years
• Many vendors understand the concepts but need help from GEANT
• Contractual requirement, pragmatic acceptance
• Implementation Details
• 10 Cloud Vendors committed to SAML + eduGAIN
• Microsoft Azure– SAML + commitment to eduGAIN in next 12 months
• Amazon AWS – SAML
• Vendors actively working on implementation plan
• For SAML only vendors, institution IdP configuration is likely
• NREN role for testing to verify for local institutions
2016 October November December January February 2017
Go Live
Start
Normal Operation
Communication & Marketing
Service Preparation
Legal / Procurement / Commercial
NREN Enabling
NREN WorkshopCloud Vendor contacts / Product familiarisation
Verify local legal requirements e.g. DPApprove/implement procurement approach - DirectCommercial processes e.g. billing
Vendor SAML testingInstitution SAML supportCustomer enrolment processes
Develop local NREN communication planClient communication plan e.g. PR, conferences, client meetingsCommunication & Marketing plan with vendors (optional)Client enabling activities
Vendor Onboarding Process – HEAnet Roadmap
Networks ∙ Services ∙ People www.geant.org 17
Next Steps – the HEAnet Roadmap
• Procurement – implement direct awards,
• Marketing & Communications
• Press release – November
• Cloud SIG - November
• HEAnet conference – 11/11/16
• Client meetings
• Joint vendor activities – webinars, workshops,
• Cloud Competency Services
• Client workshop
• Onboarding vendors
• Federation – vendor SAML/eduGAIN testing
• Setup of first customers/accounts
• Quickstart guides / FAQ for clients
• Contact us for more detail and plans
Networks ∙ Services ∙ People www.geant.orgNetworks ∙ Services ∙ People www.geant.org 18
Networks ∙ Services ∙ People www.geant.org 19
Questions