jump to navigation

Leveraging SDC beyond Google cloud with Restlet March 31, 2011

Posted by Jerome Louvel in Restlet, Restlet General, SDC.
trackback

Introduction

When Google announced Secure Data Connector in 2009, it was welcomed with interest as it addressed people concerns regarding public cloud security and especially integration with their private information system.

SDC solves this cloud integration dilemma without requiring to open new ports on your firewall by establishing a reverse web proxy, called SDC Agent, that connects to an SDC Tunnel Server located in Google cloud infrastructure. Once established, the secure tunnel can be used in the opposite direction, from the Google cloud to your secure intranet by Google Sites, Google App Engine applications and Google Docs spreadsheets.

Missing features

While Google SDC is great if you fully live in the Google Apps ecosystem, it comes with several limitations:

  • SDC Agent is available as an open source project, but not the SDC Tunnel Server part
  • Google App Engine SDK doesn’t provide a way to test SDC locally without deploying your application
  • Can’t be used with other cloud platforms such as Amazon EC2 and Microsoft Azure
  • You can’t easily port a GAE application using SDC to another platform, private cloud or public cloud

As one of the Restlet Framework goals is to ensure a maximum portability across various Java based platforms such as GAE, GWT, Android and Java SE/EE those SDC challenges were compelling.

Restlet SDC connector

At the end of 2010, RunMyProcess, a long time Restlet user offering a cloud workflow solution as a cloud computing service, offered us to co-develop a Restlet SDC connector that would emulate Google SDC Tunnel Server and expose it like an HTTP client connector.

Thanks to the SDC Agent being available as open source, we could dive inside the implementation and understand the SDC protocol design which heavily relies on Google Protocol Buffer to implement a multiplexing tunnel (frames going both ways without constraint) over a TLS socket.

In the picture above, we illustrated how the Google SDC Agent software can be configured to connect to Restlet SDC Tunnel Server in the same way that you would do it for your Google Apps domain.

All the missing features are now supported by this Restlet extension which has just been released with version 2.1 M3 today! Thanks to RunMyProcess for co-developing this feature with Noelios Technologies.

You can find more technical details about this new feature in Restlet User Guide including sample usage code. Improvements are planned for a future release in order to increase the scalability of the connector by leveraging non blocking NIO/SSL connections or allowing load-balancing between a set of SDC Agent within the same intranet.

Update: RunMyProcess has now officially announced the support for this feature, see also press release

Advertisements

Comments»

1. Restlet Framework 2.1 M3 and 2.0.6 released « Noelios Technologies - March 31, 2011

[…] Leveraging SDC beyond Google cloud with Restlet […]

2. Sat - May 11, 2011

I would like to know if Restlet SDC connector works for VMForce(Cloud) also other than mentioned cloud?

3. Jerome Louvel - May 11, 2011

Do you have a pointer with specifications on VMForce Cloud? If it comes with Java 5 and ability to open sockets, launch threads and use SSL, you should be good to go. Let us know!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s