Channels ▼
RSS

Open Source

Integrating Composite Applications on the Cloud Using SCA


VPN Security

Communication in a hybrid cloud environment happens over the Internet. The VPN secure connection link that is created between the cloud and the enterprise infrastructure provides a secure pathway for information and data to flow between the two. Again, we used OpenVPN to provide a secure communication channel. OpenVPN uses OpenSSH-based security for encrypted communication. It is connected in an SSL/TLS mode with some optional configurations.

[Click image to view at full size]
Figure 4

Table 1 lists the configuration options.

The certificates client.crt and ca.crt and the key client.key is generated and propagated to the client machine. The server machine contains the certificates ca.crt, server.crt and the key server.key. When creating an authorized tunnel between the client and server the validity of these are corroborated and only clients with valid certificates are allowed to communicate with the server.

Results

The composite application we've described here has been deployed on a hybrid infrastructure comprising of Eucalyptus Open Cloud as the cloud infrastructure, and a local physical machine which runs within the enterprise infrastructure.

Domain 1 is hosted on an Apache Tuscany runtime deployed on an instance (Virtual Operating System platform hosted on the IaaS cloud infrastructure). OpenVPN is used to create a secure tunnel between the instance and the local machine present inside the enterprise infrastructure. This creates a secure gateway in which the Cloud instance is accessible by the local machine on the IP 10.8.0.6. The web service that is hosted on the cloud instance uses this secure IP to host itself, and thus it is not visible or accessible to a third party. Having thus established a secure gateway the hybrid application can be tested for integration between the component hosted on the Cloud Domain and component hosted on the Enterprise Domain. Figure 5 shows Domain 1 running on an Apache Tuscany. This Tuscany runtime is hosted on a Centos 5.2 instance running on the Eucalyptus Cloud Infrastructure.

[Click image to view at full size]
Figure 5

Figure 6 shows Domain 2 running on Apache Tuscany. This Tuscany runtime is hosted on a physical machine running from within the Enterprise Infrastructure. This Domain consists of a single Component from which three methods are called. This component references the web service hosted on Domain 1, on the cloud. The method calls are successfully able to retrieve necessary information from this remote service and display the data accordingly.

[Click image to view at full size]
Figure 6

Conclusion

This project illustrates that distributed applications comprising of composite modules (distributed across the cloud and Enterprise Infrastructure) can be integrated and made to function as a single unit using Service Component Architecture (SCA) without compromising on security.

References

Introducing SCA, by David Chappel.

Apache Tuscany homepage

Eucalyptus Open Cloud website

OpenVPN website


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video