Windriver Cgl Whitepaper
-
Upload
fireboya2004 -
Category
Documents
-
view
217 -
download
0
Transcript of Windriver Cgl Whitepaper
8/8/2019 Windriver Cgl Whitepaper
http://slidepdf.com/reader/full/windriver-cgl-whitepaper 1/4
Executive SummaryThis paper discusses the maturation o Carrier Grade Linux(CGL) and how open source and commercial o -the-shel (COTS) solutions are gaining ground by providing a str ategicadvantage in the telecommunications industry.
IntroductionTelecommunications service providers are rapidly moving tobuild out their network in rastructure to deploy and supportnew revenue-generating services. Based on widely adoptedindustry standards, the IP Multimedia Subsystem (IMS) wasarchitected or the highest standards in reliability andmaximum scalability. This enables the in rastructure to meetthe demands o Super 3G and 4G high-bandwidthapplications or ixed and mobile communications.
Most o the net work elements that make up the IMS, andeven some that reside at the edge o the in rastructure, mustadhere to rigid carrier-grade requirements that mandateextreme high availability—levels that consistently provide99.9999% upt ime. Telecommunications equipm entmanu acturers (TEMs) and network equipment providers(NEPs) have been tasked with building the carrier-gradenetwork elements to support this new IP-based in ra-structure. And with global competition and increased pricepressure, companies are being prompted to ind ways todeliver cost-e ective and high-value solutions.
To meet this need for high availability in a comp etitive market,many equipment providers are adopting open source andstandards-based COTS hardware and software solutions.
Virtually every NEP has created plans to move its operatingsystems over to Linux, and sp ecifically to a CGL platform. A
clear indicator of the success of CGL is the adoption andsupport for Ad vanced Telecommunications ComputingArchitecture (ATCA) solutions using CGL. A recent surveyconducted by the International Data Corporation (IDC)showed nearly 100% of the respondents t hat are deployingATCA have either adopted L inux or will do so in the very nearfuture.
Industry Consortia’s Role in the Advancement o CGLOver the past ive years a number o telecommunicationsindustry consortia and special interest groups have joined
orces to support the creation, adoption, and advancemento standards-based solutions. It has been one o the most
success ul e orts by any industry to evolve technologies.Each one o these organizations has a very clear boundaryaround what they are creating standards or requirements or;very o ten, the requirements include the integration o theother standards. As an example, the CGL speci icationincludes a pro ile or ATCA that speci ies requirements t hatare unique to ATCA as well as a requirement o r APIs basedon the Service Availability Fo rum’s (SA Forum) APIs.
Three o the most in luential orces contributing to theadvancement and maturity o the CGL speci ication are theLinux Foundation ( ormerly the Open Source DevelopmentLab), the SCOPE Alliance, and the SA Forum. The Linux
Foundation manages the de inition and prioritization o therequirements that are included in the CGL speci ication. TheSCOPE Alliance creates pro iles or how the equipmentproviders should use a standard or speci ication to buildnetwork elements. One o the biggest advancements in thelatest CGL speci ication, version 4.0, is the incorporation o prioritized requirements identi ied in a SCOPE pro ile.
Basing the CGL speci ication on SCOPE pro iles ensures thatby utilizing CGL in their solutions, equipment providers andservice providers are meeting requirements speci ied by the
Table of Contents
Executive Summary ............................................................ 1Introduction ........................................................................ 1
Industry Consortia’s Role in the Advancemento CGL ................................................................................1Setting Specifcations vs. Mandating Standards ................ 2CGL’s Seven Categories o Requirements .......................... 3Wind River’s CGL Solutions ................................................ 3Looking Forward ................................................................4Re erences .......................................................................... 4
Carrier Grade Linux: The OS o Choice orNext-Generation NetworksGlenn Seiler, Director of Networking Strategic InitiativesWind River Systems
8/8/2019 Windriver Cgl Whitepaper
http://slidepdf.com/reader/full/windriver-cgl-whitepaper 2/4
2 | Carrier Grade Linux: The OS o Choice or Next-Generation Networks
leading equipment providers. The tight alignment andcooperation by the industry consortia has resulted in broadersupport o CGL standards and speci ications, signi icantlyaccelerating the adoption o COTS solutions.
Setting Speci ications vs. Mandating StandardsNow in the ourth generation o its evolution, CGL was
deliberately planned as a specification rather t han a standard.This designation as a “specification”—a set of agreed uponcommon requirements—r ather than a “standard” is animportant distinc tion and a key component of the successCGL has enjoyed since its inception in January 2002.
Standards tend to be binar y. For example, APIs are eitherincluded in so tware or they are not. With a speci ication, arequirement can be approached rom a number o di erentways. This provides maximum flexibility within the opensource community, and typically the bes t implementation willbe the one that is adopted. This t ype of environment fostersinnovation and drives technology for ward. By design, CGLguidelines have been created so that different Linux provid erscan meet the specification in a number of different ways.
Today there are approximately 250 requirement s in the CGL4.0 speci ication. Each requirement, through the help o theSCOPE Alliance pro ile, has been separated into priorities:P1, P2, and P3. P1 requirements are mandator y and must existfor CGL distribution to be in compliance with the speci fication.All the P1 and P2 requirements in the specification have atleast one project that ca n be found in open source. This
ensures that the specification is viable and can actually beimplemented by Linux providers. Many of the requirement sidentified in the CGL specification have become mainstreamtechnologies for network equi pment of all kinds. In fact, manyof the original top priority requirement s in the earlier CGLspecifications have been integrated into the Linux kernel itself.
How CGL Is Different from Enterprise Linux
CGL is capable o being con igured as embedded Linux,supporting the cross-development o applications on ahost environment with the run-time on a target device.But CGL can also be used in a standard ser ver-basedcon iguration, installing on typical x86-based server
blades. CGL has the advantage o being used o n multipletypes o processor architectures, not just x86. There arealso di erences in how CGL handles security. O tentimes,telecommunications devices do not even have hard drivesand may need to boot rom las h memory. This meansthat a carrier-grade system o ten needs hardwaremanagement and monitoring support. In the end, CGL ismuch more lexible than an enterprise operating systembecause it can be con igured or any kind o networkdevice and networking architecture. CGL is o ten theoperating system o choice or equipment providers whoneed to save costs and standardize on a singledistribution or all their devices.
ID
SEC. 4.6
Name
PKI Certi icate Authority (CA)
Category
Security
Priority
P1
Description: OSDL CGL speci ies that Carrier Grade Linux shall provide a basic PKI CA service. This service shall con orm to theIETF PKIX standards, speci ically RFC 2527, 3279, and 3280. Support or the management o certi ication revocation lists (CRLs) isrequired. Certi icate management and request protocols as de ined by RFC 2527, 3279, and 3280 are not requirements.
Objectives Satis ied: O.APPLICATION-TOOLS, O.NETWORK
Security Objective Description
O.APPLICATION-TOOLS The system must provide a reasonable, up-to-date set of security tools and libraries for use byapplications.
O.NETWORK The system must be able to meet its security objectives in a distributed environment.
Proof of Concept Reference
OpenSSL: www.openssl.org
OpenCA Project: http://sourceforge.net/projects/openca
pyCA: www.pyca.de
TinyCA: http://tinyca.sm-zone.net
Example of a Priority 1 Security Requirement and Proof of Concept (POC) References (Source: The Linux Foundation)
8/8/2019 Windriver Cgl Whitepaper
http://slidepdf.com/reader/full/windriver-cgl-whitepaper 3/4
3 | Carrier Grade Linux: The OS o Choice or Next-Generation Networks
CGL’s Seven Categories o RequirementsThe carrier-grade speci ication covers seven areas o
unctionality:
1. Standards: Standards are a key requirement or drivingCOTS-based applications. The Linux Standards Base (LSB)is a set o APIs, libraries, and profles defned by the LinuxFoundation designed to enable application binary
portability. The LSB ensures that applications written to itwill run on any CGL distribution. Another key within thiscategory is the specifcation o many key POSIX-basedstandards. Since many o the current systems havemigrated to Linux rom Solaris, the POSIX UNIX-basedoperating system has been retained to support many o those system calls and POSIX-based unctions. Otherstandards address the networking, communications, andplat orm needs o carrier environments.
2. Availability: These requirements address the robustnesso a single computing node and ocus on so twarereliability and the elimination o single points o ailure inhardware and so tware. Single node requirements in thiscategory cover issues such as application monitoring atthe kernel level and user space and storage and volumemanagement, as well as the orced unmount o disks andapplications. These requirements are designed tomaintain the integrity o networking and the integrity o the disk storage, all within a single system.
3. Clustering: The most important aspect o theserequirements is the adoption o the SA Forum ApplicationInter ace Specifcation (AIS). This identifes the key areas o a clustering system, such as membership services andcheckpointing. These types o unctions ensure inclusiono service availability APIs or application availability.
4. Security: The security category is one o the newestadditions to CGL, added in the 3.2 specifcation. Theprimary ocus o these requirements is on areas o securitythat are di erent rom those in an enterprise system. In anenterprise system, or example, multiple users might logon to use a customer relationship management (CRM)application or to use an enterprise resource application.
In a carrier-grade embedded environment, especially inthe core and the edge, the type o security requirement isvery di erent. Instead o users, there would typically be ablack box that is only accessed by maintenance users andadministrators. Where there is concern is withinapplications. By segmenting applications with wings o security or trust zones, applications can only execute andaccess certain resources. Since the threats are di erent,
there needs to be more security around resourcemanagement that delineates who can actually accessdi erent devices and di erent resources on the system.
5. Serviceability: Put simply, this is the ability to provideservice to a system. Telecommunications carriers
requently say that or every $100 that they spend on highavailability, they spend $1,000 on serviceability, becauseit’s one thing to keep the system up, it’s another thing toget it back up once it’s gone down. These specifcationscover issues such as boot cycle detection when a system istrying to reboot. I it takes too long, the reboot will ail andanother system will boot up. What’s most important is thatthe system is running again as soon as possible.
Another key part o serviceability is gaining access toapplication crash in ormation and debug. It also enablesthe patching o an application in the feld so that thesystem can either continue running or get up and runningvery quickly.
6. Per ormance: Although key to any system, per ormance o CGL unctionality has certain unique characteristics.Carrier-grade systems o ten have to support tens o thousands o calls or transmit hundreds o thousands o packets through a single network element, which requiresa high degree o responsiveness that may not be required
in an enterprise or customer resource managementsystem. These include the ability to provide predictableCPU scheduling, latencies, and protection against priorityinversion. Resource scheduling and the actual scheduleritsel are very critical to a carrier-grade class o system.
7. Hardware: Although systems are including more and morehigh-end multicore devices, the hardware requirements inthe specifcation support a range o scalability. Forexample, a carrier-grade class system might actually be asmall access device that doesn’t have a lot o memory orCPU power. A network element can range rom a verysmall device with only 4 or 8 megabytes all the way up to alarge core switch. CGL must support each o these
di erent types o devices while also providing equalper ormance and scalability as systems grow. In addition,the carrier-grade specifcation acknowledges that there isnot a single hardware standard that should be used. ATCA,rack mount servers, and proprietary orm actors are allsupported by the carrier-grade specifcation.
Wind River’s CGL SolutionsWind River has taken a leadership posit ion to de ine anddrive the advancement o the CGL speci ication. Thecompany is an active, contributing member o both the LinuxFoundation and the SCOPE Alliance.
Wind River is committed to delivering commercial-grade
solutions that con orm to t he CGL speciation. Wind RiverPlat orm or Network Equipment is the irst Linux distributionto register as CGL 4.0–compliant. Plat orm or NetworkEquipment is the most advanced and comprehensive CGLsolution available or network application developers today.The plat orm is based on the 2.6.21 version o the Linux
8/8/2019 Windriver Cgl Whitepaper
http://slidepdf.com/reader/full/windriver-cgl-whitepaper 4/4
kernel. It includes the P1 and many o the P2 and P3requirements in th e CGL 4.0 speci ication, as well as opensource packages or advanced networking and security.Plat orm or Network Equipment is ully integrated with theindustry-leading open development environment, Wind RiverWorkbench.
Plat orm or Network Equipment has been integrated,optimized, and validated with the leading networkinghardware and processor systems and plat orms, as well as abroad array o so tware and middleware technologies. WindRiver o ers integrated solutions through partnerships withleading companies, including Emerson, Kont ron, RadiSys, SunMicrosystems, Cav ium, Freescale, Intel, Enea, GoAhead, andOpenClovis.
Wind River has the deepest and broadest device so twareexperience in the networking industry. Wind River is the onlycompany to o er a dual carrier-grade OS solution—Linuxand VxWorks—to meet the complex and dynamicrequirements or networking. Wind River’s comprehensive
device so tware solutions are backed with industry bestpractices, expert support, and global services capabilities.
Because o Wind River’s deep expertise in both hardware andso tware support, Plat orm or Network Equipment hasbecome the plat orm o choice or leading industryequipment manu acturers and suppliers. Companies such asNortel, Motorola, Airv ana, Itatel, Avaya, and other leadingTier 1 and 2 TEMs and NEPs have standardized their CGLoperating systems with the Wind River product.
Looking ForwardAs the adoption o CGL 4.0 gains momentum and mature s,
the Linux Foundation is starting to de ine the speci icationor a 5.0 version. The great bene it o t hese CGL re inementsis how easily they can be introduced into current systems.With telecommunications companies and individuals workingtogether with industry consortia, evolving speci icationsmake it easier or all the major players to work togethertoward meeting a common goal: creating products thatcan scale to meet growing demand or global telecommuni-cations services.
Re erencesLinux Foundation, http://www.linux- oundation.org/en/Registration.
Mountain View Alliance, ht tp://www.mountainviewalliance.org/.
SCOPE Alliance, http://www.scope-alliance.org/index.html.
Wind River, http://www.windriver.com/products/plat orms/network_equipment/.
Wind River is the global leader in Device So tware Optimization (DSO). We enable companies to develop,run, and manage device so tware aster, better, at lower cost, and more reliably. www.windriver.com
© 2008 Wind River Systems, Inc. The Wind River logo is a trademark o Wind River Systems, Inc., and Wind River and VxWorks are registered trademarks o Wind River Systems, Inc.Other marks used herein are the property o their respective owners. For more in ormation, see www.windriver.com/company/terms/trademark.html. Rev. 02/2008