collaboration on enterprise file sync & share - apan.net · collaboration on enterprise file...
TRANSCRIPT
Networks ∙ Services ∙ People www.geant.org
Peter Szegedi
APAN45
From concept to reality...Collaboration on Enterprise File Sync & Share
29 March 2018
GÉANT
Networks ∙ Services ∙ People www.geant.org 2
Where we started
Networks ∙ Services ∙ People www.geant.org
• More than 112.000 licenses purchased all together by 2015. We are about 500k licenses now!
3
GÉANT-ownCloud agreement
Networks ∙ Services ∙ People www.geant.org 4
Pricing
Name Package UsersPackage Annual Base Price
Extra users price user per year 1st ownbrander
additional ownbrander, per
SAML Branding Calendar Contacts
Entry 1,000 € 4,500 € 5.00 Yes X € 4,000 € 2,000 € 2,000 Volume 5,000 € 9,250 € 1.85 Yes € 3,000 € 4,000 € 2,000 € 2,000 NREN 20,000 € 32,950 € 1.48 Yes € 1,000 Yes € 2,000 € 2,000 Site License 40,000 € 46,250 X Yes X Yes € 2,000 € 2,000
Min. 7,500 Euro approx. 4000 Users (1.85 Eur/user/year) plus 7,500 Eur branding (Collabora option) 2017
2018
Networks ∙ Services ∙ People www.geant.org 5
Pricing
Min. 7,500 Euro approx. 4000 Users (1.85 Eur/user/year) plus 7,500 Eur branding, SAML included 2017
2018New packages are expected...
Networks ∙ Services ∙ People www.geant.org 6
Larger picture
On-premise Cloud EU Cloud Global
Networks ∙ Services ∙ People www.geant.org 7
OpenCloudMesh API – Community Standard
Networks ∙ Services ∙ People www.geant.org
• Open Cloud Mesh (OCM) is a joint international initiative under the umbrella of the GÉANT Association that is built on the open Federated Cloud Sharing application programming interface (API) - first initiated and implemented by ownCloud Inc.
• Taking Universal File Access beyond the borders of individual clouds and into a globally interconnected mesh of research clouds without sacrificing any of the advantages in privacy, control and security an on-premises cloud provides.
• OCM defines a vendor-neutral, common file access layer across an organization and/or across globally interconnected organizations, regardless of the user data locations and choice of clouds.
8
Interconnected Private Clouds for Universities and Researchers
Networks ∙ Services ∙ People www.geant.org
• Code v.0.002 has been released on 27 July 2015 by ownCloud Inc.
• Kick-off meeting: 22 October, 2015 in Vienna, Austria
• OpenCloudMesh = ownCloudMesh• USE CASE: Uni Münster server-to-server sharing
• During the OCM demonstration, users were able to sync and share files and folders between independent service domains operated by University Münster in Germany, University Vienna in Austria, SWITCH, the national research and education networking (NREN) organisation of Switzerland and AARNet the NREN of Australia.
9
OCM Phase I.
CS3 Workshop, 18-19 January 2016 in Zurich, Switzerland
Networks ∙ Services ∙ People www.geant.org 10
OCM Phase I.
Networks ∙ Services ∙ People www.geant.org
• March, 2016 - Charles du Jeu and David Gillard from Pydio(https://pydio.com/) joined the OCM project.
• Discussion with others: Zettabox, PowerFolder, Nextcloud, ...
• OpenCloudMesh• USE CASE: AARNet (Australia)
uses ownCloud and ASNET-AM (Armenia) uses Pydio.
• DEMONSTRATION ownCloud, Pydio: Interoperability demo at GÉANT booth
• TNC - 13 June 2016
11
OCM Phase II.
Networks ∙ Services ∙ People www.geant.org
This vision is that the OCM spec should be:• compliant: with standard practices of the http world (error codes, conventions,…)• described: using industry-strength documentation/testing system (e.g. swagger.io)• neutral: should not have any artifacts or assumptions stemming directly from particular
implementation or implementation language• modular: allow providers to implement minimal functionality and add optional components of the
spec as they please (or not)• minimal: offload as much as possible of additional functionality to existing mechanisms in the
network, especially for optional modules (e.g. lookup)• secure: compliant with modern security frameworks (e.g. OAuth2, JWT, …) For the modules, I would
consider at first: - auth/autz negotiation - sharing of files - synchronization of files - user discovery (optional)
• robust: implementations should continue to deliver their service even when interacting with a failed implementation/service or malicious intended attempts at federation as attack vector
12
OCM Phase II.
Networks ∙ Services ∙ People www.geant.org
• We found a professional protocol designer(APIwise) who described OCM in a more formalized way (using OpenAPI/Swagger Framework).
• To establish a reference infrastructure and test environment where the implementations can be validated against.
• Implementations at ownCloud, Pydio and Nextcloud (PowerFolder in the pipeline).
• Meeting with Apiwise on 12/07/2016• Make it happen: AARNet, Nextcloud, Sciebo,
ownCloud, Uni Vienna, CESNET, GWDG and CERN• GitHUB: https://github.com/GEANT/OCM-API• API reference documentation
https://rawgit.com/GEANT/OCM-API/v1/docs.html
13
OCM Phase III.
Delivered by 10 February 2017CS3 Workshop in Amsterdam
CALL FOR IMPLEMENTATIONSAND USE CASES
Networks ∙ Services ∙ People www.geant.org
Outcome: What’s next?
1. sharing and federated sharing (this is the CORE)
2. synchronisation and accessing the file using WebDAV or other file transfer protocol (this could be only a starting point for discussion)
3. service/user discovery (next thing)
4. what to do with the files/folders after sharing... (outside of scope)
14
OCM Phase III.
Networks ∙ Services ∙ People www.geant.org
Where we are
Networks ∙ Services ∙ People www.geant.org
• Phase IV. aims at paving the way towards standardization.• Explore patent and IPR issues, as well as the potential fora for initiating the
standardization discussion (IETF, IEEE Intercloud, ...).• Need a reference installation (proxy) fully complaint with the latest specs.
• GÉANT SIG-CISS in Amsterdam• Build a reference proxy/gateway implementation of the agreed OpenCloudMesh
(OCM) federated sharing protocol specification to support the on-boarding of closed-source EFSS solutions as well as the compliance of the current open-source products.
• Being investigated...
16
OCM Phase IV.
Networks ∙ Services ∙ People www.geant.org
File Sync & Share space as we know it...
OCM Natives
Networks ∙ Services ∙ People www.geant.org
File Sync & Share space as we know it...
OCM Natives
Networks ∙ Services ∙ People www.geant.org 19
File Sync & Share space as we know it...
OCM Natives
Networks ∙ Services ∙ People www.geant.org 20
OPTION A. – Become native
OCM Natives
Networks ∙ Services ∙ People www.geant.org 21
OPTION B. – Use a proxy
OCM Natives
OCM Proxy
Networks ∙ Services ∙ People www.geant.org
Thank you and any questions
Networks ∙ Services ∙ People www.geant.org
22