Volume 488 - International Symposium on Grids & Clouds (ISGC2025) (ISGC2025) - Infrastructure Clouds and Virtualisation
The INFN Cloud platform: state of the art and implementation of services
L. Giommi*, G. Savarese, E. Serra, M. Perniola, M. Gattari, J. Gasparetto, G. Vino, M. Antonacci, A. Costantini, G. Donvito, E. Vianello, B. Martelli and C. Grandi
*: corresponding author
Full text: pdf
Published on: October 20, 2025
Abstract
The National Institute for Nuclear Physics (INFN) has been managing and supporting Italy’s largest distributed research and academic IT infrastructure for decades.
In March 2021, INFN introduced the ``INFN Cloud'', a federated Cloud infrastructure offering a customizable service portfolio designed to meet the needs of the
scientific communities it serves. This portfolio includes standard IaaS solutions as well as more advanced PaaS and SaaS offerings, all tailored to the
specific requirements of individual communities. The PaaS services are defined using an Infrastructure as Code approach, combining TOSCA templates to model
application stacks, Ansible roles for automated configuration of virtual environments, Docker containers to package high-level application software and
runtimes, and Helm charts to manage the deployment of applications in Kubernetes clusters. The INFN Cloud platform’s federation middleware is based on the
INDIGO PaaS Orchestration system, which integrates multiple open-source microservices.
Among these, the INDIGO PaaS Orchestrator handles high-level deployment requests from users and orchestrates the deployment process across various IaaS platforms.

In this contribution, we will present the recently introduced functionalities and newly developed microservices in the INFN Cloud platform. Due to the obsolescence
of certain PaaS components, the development and integration of new microservices became necessary, leveraging modern technologies to replace outdated solutions.
For example, the method for collecting information about the resources made available by the federated Cloud providers has been significantly refactored by
adopting a Neo4j graph database. This enables efficient horizontal scaling to handle high throughput and large datasets, while offering a REST API interface
secured by OpenID Connect/OAuth2 for authentication and authorization. Regarding the PaaS Orchestrator dashboard, an updated version has been released, featuring
an improved graphical interface and enhanced functionalities. In particular, the interaction with deployments has been refined, improving the user experience and
extending the offered capabilities.

Additionally, a new PaaS service has been designed, implemented, and made available to end users: a Kubernetes Cluster service enhanced with a technology (interLink) that extends the capabilities of the cluster through the transparent
offloading of Kubernetes workloads to remote computation systems. As for SaaS services in the portfolio, we offer an object storage solution based on the Ceph
Rados Gateway backend, complemented by a custom web Graphical User Interface developed in-house.
DOI: https://doi.org/10.22323/1.488.0017
How to cite

Metadata are provided both in article format (very similar to INSPIRE) as this helps creating very compact bibliographies which can be beneficial to authors and readers, and in proceeding format which is more detailed and complete.

Open Access
Creative Commons LicenseCopyright owned by the author(s) under the term of the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.