The primary deployment element of the OOI Integrated Observatory is the Cyberinfrastructure Point of Presence (CyberPoP).
A Terrestrial CyberPoP is the primary physical hardware and software deployment location of the OOI Integrated Observatory. it is a geographical deployment site of the OOI Integrated Observatory Network with physical plant operations providing computation, storage and network resources.Terrestrial CyberPoPs are OOI Configuration Items and are commissioned according to the Transition to Operations plan, including 2 Observatory Acquisition Points (OAP), 3 Observatory Distribution Points (ODP), 1 Operations Management Point (OMP). A special form of Terrestrial CyberPoPs is the Observatory Execution Point (OEP), which is operated on the infrastructure of external computation and cloud providers.
Marine CyberPoPs are OOI deployment sites in the Marine Networks, operated by the CGSN and RSN Marine Observatories (see External Interfaces), hosting CI developed Integrated Observatory Network software deployments, such as Instrument and Platform agents.
CyberPoPs provide the central connection points to the OOI National Internet Infrastructure (NII), as specified in the network architecture.
There are three functions of Terrestrial CyberPoPs:
- Observatory Acquisition Point (OAP)
- Observatory Distribution Point (ODP)
- Operations Management Point (OMP)
The Observatory Acquisition Point (OAP) is a hardware environment to be deployed within a protected data center facility, comprising a CI capability container configuration that provides the primary point of access for Marine observatories to the CI and all the necessary computational, storage and network resources in a redundant layout. It provides a highly reliable, scalable and secure environment for data acquisition, initial data processing such as segmentation and QA/QC and data preservation.
The Observatory Distribution Point (ODP) is a hardware environment comprising a CI capability container configuration for OOI data distribution across the distribution network and for peering with external network providers, cloud execution and storage environments such as the Amazon Elastic Cloud and the Teragrid.
The Operations Management Point (OMP) is an environment comprising hardware and a CI capability container configuration deployed at various physical locations close to marine observatory and CI control centers, providing observatory network and resource operations and state of health monitoring capabilities.
In addition, there is one kind of Terrestrial CyberPoP on infrastructure of computation and cloud providers, not operated by OOI:
- Observatory Execution Point (OEP)
The Observatory Execution Point (OEP) is CI capability container configuration to be deployed either on OOI operated hardware or in cloud execution environments. OEPs can be provisioned on demand when required for the execution of user processes, such as numerical models and data visualizations. The CI provides Common Execution Infrastructure services for the elastic provisioning of such CyberPoPs in cloud environments, such as the Amazon EC2 and Scientific Clouds based on the TeraGrid.
There is one function of Marine CyberPoP:
- Marine Execution Point (MEP)
The Marine Execution Point (MEP) is a hardware environment and a CI capability container configuration to be deployed in science payload hardware environments of marine observatory infrastructure, such as aboard global buoys and AUVs. MEPs interface with proprietary instrument and platform controller software and represent their resources and capabilities to the OOI network. MEPs do not modify or replace existing software and hardware installations but instead provide a layer on top of them with direct connectivity to the OOI integrated observatory network. The hardware configuration in a MEP deployment is limited in terms of available computational, storage, power and bandwidth resources. The MEP is designed to be independent of the computational and storage hardware environments embedded in off-the-shelf marine infrastructure and instrumentation components. However, the software environment around the CI capability container supports the direct deployment on available hardware, providing sufficient power, computational and storage resources are provided.
In addition, there is CI configuration items with CI software, supporting the development of Instrument Agents and Drivers:
- Instrument Development Kit (IDK)
The Instrument Development Kit (IDK) is an environment comprising hardware and a CI capability container configuration that will be used for dry and wet system testing of sensors and instrument platforms and their driver software, before their actual deployment on marine observatory OOI infrastructure in the field.
The National Internet Infrastructure (NII) provides the communication network environment for the OOI integrated observatory. For its high bandwidth (data) distribution network, it is based on the CI IO operated exclusive Layer-2 10 Gigabit Ethernet network loop around the US using National Lambda-Rail infrastructure. Furthermore, it makes use of routed Internet-2 IP network infrastructure to provide access to the public Internet and as redundant lower bandwidth management network for the distributed OOI installation sites. The different CyberPoP configurations are clients to these networks.
Figure 1 shows dependencies of the various types of CyberPoPs
Figure 1. 2660-00013 Types of physical CI deployments, CyberPoPs (SV-1)
Figure 2 shows a high level overview of the deployment sites of Integrated Observatory CyberPoPs, their CyberPoP function and National Internet Infrastructure connectivity.
Figure 2. 2660-00014 CyberPoP Deployments (SV-1)
The CyberPoP is a collection of capabilities dispersed across multiple networks. These networks are implemented via physical isolation (e.g. dedicated switches), or virtualization (e.g., tagged VLANs).
From a 3rd-party external perspective, the CI provides a number of distribution points (CyberPoPs from San Diego, Seattle and Chicago) that interface with the Internet and provide classic services, such as web-based access, VPN, or more advanced messaging capabilities via the AMQP protocol (subject to deep message inspection and filtering). Hence, these CyberPoPs provide a firewalled public-facing network as depicted in Figure 3, i.e. the ONLY entry points into the OOI network from the outside world.
All CyberPoPs feature the so-called peering network, which operates over L2 circuits at the physical level and messages at the application level (via a private message router). The peering network spans across all OOI-CI for data distribution. The Marine IO capabilities are integrated within the CI at this level though appropriate interfaces/processing. This strategy is essential for the implementation of the security concerns presented by the US Navy, i.e. the acquisition points are isolated from all Internet connectivity and all CI traffic flows through well-formed messages subject to deep inspection, policy, and filtering.
Services Network and Underlying Technologies
The Services Network accommodates traffic for ION services, which may interface with other implementation technologies via the implementation network. This layered approach provides separation of concerns and traffic isolation that improves overall system security and performance.
Figure 3. 2660-00015 SV1 CI CyberPoP Components