icann 57 tech day
play

ICANN 57 Tech Day Nomulus What is Nomulus The registry platform - PowerPoint PPT Presentation

Jan 05, 2024 •245 likes •372 views

ICANN 57 Tech Day Nomulus What is Nomulus The registry platform that powers Googles TLDs and takes advantage of the scalability and easy operation of Google Cloud Platform Runs on Google App Engine and backed by Google Cloud

  1. ICANN 57 Tech Day Nomulus

  2. What is Nomulus ● The registry platform that powers Google’s TLDs and takes advantage of the scalability and easy operation of Google Cloud Platform ● Runs on Google App Engine and backed by Google Cloud Datastore, a highly scalable NoSQL database ● Can manage any number of TLDs in a single shared instance ● Supports the full range of TLD functionality required by ICANN ○ Extensible Provisioning Protocol (EPP) ○ WHOIS and RDAP ○ Reporting ○ Trademark protection ○ Data Escrow (RDE/BRDA) with automated crypto, signing, and transfer ● Written in Java and released under the Apache 2.0 license

  3. Why Open Source? ● Registry goals ○ Provide an open source implementation of core registry functions ○ Develop enterprise class software that runs in the cloud for ease of operation ○ Build a shared registry system that scales to meet high demand ○ Support all ICANN gTLD requirements ○ Support Google’s gTLDs ○ Give back to the community ● Other platform goals ○ Create an open source reference for idiomatic Google code on Google App Engine ○ Demonstrate Google Cloud Platform’s advanced features ○ Support customization to accommodate special needs ○ Evolve the platform over time through community contribution ○ Encourage interoperability and open standards (including Gavin Brown’s fee extension)

  4. Why Now? ● Core registry functionality fully open source-able ● Code base is fully dependency injected ○ Using Dagger 2 compile time dependency injection Still needed: ● EPP/WHOIS protocol level endpoints ● Administration UI (though there is a fully functioning command line utility) ● Remaining gaps are relatively easy to fill ○ DNS integration ○ Secure key locker ○ Full Spec 3 compliant reporting (though we have reporting support)

  5. Simplified Administration and Operations ● App Engine project configuration through XML ● Nomulus configuration done in Java ● No machines or networks to configure or maintain ● Built in automatic scaling, load balancing, and security ● Built in administration tools and dashboards as part of Google App Engine ● Can “kick the tires” with the GAE free daily quota

  6. Distributed EPP with Transactional Consistency ● Standard EPP protocol support (RFCs 5730-5733) ● Backed by Google Cloud Datastore - distributed, auto-scalable, NoSQL ● High write QPS, extremely high read QPS ● Maximum concurrency unit is the EPP resource (domain/host/contact) ○ Writes must touch two sharded indexes (one for any mutation, two for resource creates), but still parallelizable up to the shard count - defaults to 100 and can be adjusted upwards ● Maintains required transactional consistency across entire SRS ○ Commit log system guarantees consistency for backups and escrow deposits ● Costs ○ Read-only operations (e.g. domain check) may be momentarily stale ○ Some infrequent operations must be asynchronous (contact/host deletes, host renames) ○ Transactional consistency on NoSQL database is complex

  7. Pluggable DNS Provider Support Default support for: ● BIND (via dynamic updates, a.k.a. RFC 2136) ● Google Cloud DNS Includes example code to make adding new DNS backend support for any provider with an API easy.

  8. WHOIS and RDAP (gTLD compliant) ● WHOIS ○ Can be modified to accommodate different WHOIS requirements ○ Future support for searchable WHOIS ● RDAP ○ Basic functionality available now ○ Development will continue as the standard evolves, including support for authentication We note that not everyone is interested in gTLD compliance.

  9. Powerful and Flexible Reporting Automatic export of raw data to BigQuery (Google Cloud Platform's "big data" analytics data warehouse), including: ● Daily datastore dumps with EPP resources and transaction history ● App Engine request logs containing EPP and WHOIS logs Nomulus includes limited example SQL queries for converting this data into activity reports and billable transaction reports (as input to an invoicing system). New gTLD operators can leverage this data easily as part of the reporting requirements in Spec 3.

  10. Demonstration Nomulus Demonstration Screencast

  11. Further information on Nomulus ● Main site: https://nomulus.foo (currently redirects to GitHub) ● Javadoc: https://nomulus.foo/javadoc/latest/ ● Other docs: https://github.com/google/nomulus/tree/master/docs ● Discussion group: https://groups.google.com/forum/#!forum/nomulus-discuss

  12. Q&A

Recommend

A busy year! ICANN 45 Tech Day/DNS-OARC Toronto, Canada Canadian Internet Registration Authority

A busy year! ICANN 45 Tech Day/DNS-OARC Toronto, Canada Canadian Internet Registration Authority

A busy year! ICANN 45 Tech Day/DNS-OARC Toronto, Canada Canadian Internet Registration Authority (CIRA) Jacques Latour ICANN 45 Tech Day / DNS-OARC 15 Oct 2012 Topics for presentation Major Technical Projects: New network architecture

446 views • 16 slides
Project Turris - news And its child Turris Omnia Ondej Filip 19 Oct 2015 ICANN Tech Day

Project Turris - news And its child Turris Omnia Ondej Filip 19 Oct 2015 ICANN Tech Day

Project Turris - news And its child Turris Omnia Ondej Filip 19 Oct 2015 ICANN Tech Day Dublin Project Turris - motivation Presented at ICANN 49 / Tech day Started in 2013 project of shared cyberdefence Main goals

899 views • 23 slides
Newcomer Day: Welcome to ICANN! This Is YOUR Day WELCOME! Newcomer Experience ICANN

Newcomer Day: Welcome to ICANN! This Is YOUR Day WELCOME! Newcomer Experience ICANN

Newcomer Day: Welcome to ICANN! This Is YOUR Day WELCOME! Newcomer Experience ICANN and the Internet Eco-System ICANN and the Multi-Stakeholder Model LUNCH BREAK 1200-1315 ICANNs Work ICANN Meeting Week Staying

470 views • 42 slides
IDN, Scope & Challenges by Jay Paudyal - Member of Neo-Brahmi Generation Panel ICANN -

IDN, Scope & Challenges by Jay Paudyal - Member of Neo-Brahmi Generation Panel ICANN -

IDN, Scope & Challenges by Jay Paudyal - Member of Neo-Brahmi Generation Panel ICANN - ICANN Fellow Welcome to ICANN 65, Marrakech | 2 This tech-talk is about Overview and Scope of IDNs (Internationalized Domain Names)

404 views • 12 slides
CAs and the New Paradigm ICANN 47 ccNSO Tech Day Dan Timpson sales@digicert.com

CAs and the New Paradigm ICANN 47 ccNSO Tech Day Dan Timpson sales@digicert.com

CAs and the New Paradigm ICANN 47 ccNSO Tech Day Dan Timpson sales@digicert.com www.digicert.com +1 (801) 877-2100 Looking Back (2011) Hacking/complete compromise of CA Problem: system over many months; cert

340 views • 19 slides
ICANN Whats in it for me Andrea.Beccalli@icann.org 2. How does ICANN work? A multistakeholder

ICANN Whats in it for me Andrea.Beccalli@icann.org 2. How does ICANN work? A multistakeholder

ICANN Whats in it for me Andrea.Beccalli@icann.org 2. How does ICANN work? A multistakeholder policy- & decision-making approach Stakeholder refers broadly to anyone who has an interest in the Internet Within ICANN, stakeholders

714 views • 20 slides
Knot DNS CZ.NIC, z.s.p.o. Ondej Sur ondrej.sury@nic.cz 25. 6. 2012 ICANN 44 Tech Day 1

Knot DNS CZ.NIC, z.s.p.o. Ondej Sur ondrej.sury@nic.cz 25. 6. 2012 ICANN 44 Tech Day 1

Knot DNS CZ.NIC, z.s.p.o. Ondej Sur ondrej.sury@nic.cz 25. 6. 2012 ICANN 44 Tech Day 1 Design goals Open-source authoritative-only DNS server Developed in an open way (including our mistakes) Usable for root, TLDs and

458 views • 16 slides
DNS Belgium in the cloud ICANN Tech Day 2017-03-13 maarten.bosteels@dnsbelgium.be What did

DNS Belgium in the cloud ICANN Tech Day 2017-03-13 maarten.bosteels@dnsbelgium.be What did

DNS Belgium in the cloud ICANN Tech Day 2017-03-13 maarten.bosteels@dnsbelgium.be What did we do ? Migrated to Amazon Web Services Re-built entire registration platform from code Took down the wall between Ops & Dev Main

197 views • 19 slides
ICANN 61 Finance Presentation Becky Nash, ICANN VP Finance Xavier Calvez, ICANN CFO ICANN 61 10

ICANN 61 Finance Presentation Becky Nash, ICANN VP Finance Xavier Calvez, ICANN CFO ICANN 61 10

ICANN 61 Finance Presentation Becky Nash, ICANN VP Finance Xavier Calvez, ICANN CFO ICANN 61 10 March 15 March 2018 Agenda 3 2 1 FY18 Financial Draft FY19 Operating Reserve Fund Overview Plan and Budget Replenishment 4 5 Q&A

583 views • 20 slides
.br technical overview Frederico Neves <fneves@registro.br> CTO NIC.br ICANN ccNSO tech

.br technical overview Frederico Neves <fneves@registro.br> CTO NIC.br ICANN ccNSO tech

.br technical overview Frederico Neves <fneves@registro.br> CTO NIC.br ICANN ccNSO tech workshop - So Paulo - 20061207 .br brief history and numbers Started public registration in 1996 with the commercial Internet in Brazil In

319 views • 14 slides
DNSharness: A Tool for DNS Researchers Paul Hoffman Tech Day, ICANN 50 June, 2014 v1

DNSharness: A Tool for DNS Researchers Paul Hoffman Tech Day, ICANN 50 June, 2014 v1

DNSharness: A Tool for DNS Researchers Paul Hoffman Tech Day, ICANN 50 June, 2014 v1 DNSharness in one slide A test harness for automated sending queries to numerous DNS authoritative and recursive servers Comes with lots of open

390 views • 13 slides
Knot DNS - update Tech Day ICANN 50 Ondrej Filip ondrej.filip@nic.cz 23 Jun 2014

Knot DNS - update Tech Day ICANN 50 Ondrej Filip ondrej.filip@nic.cz 23 Jun 2014

Knot DNS - update Tech Day ICANN 50 Ondrej Filip ondrej.filip@nic.cz 23 Jun 2014 London What is Knot DNS? https://www.knot-dns.cz/ High-performance and scalable authoritative DNS server Free, open-source, written from

497 views • 15 slides
IETF DPRIVE WG: Encrypting DNS Sara Dickinson Sinodun ICANN 54 - Tech Day October 2015 DPRIVE

IETF DPRIVE WG: Encrypting DNS Sara Dickinson Sinodun ICANN 54 - Tech Day October 2015 DPRIVE

IETF DPRIVE WG: Encrypting DNS Sara Dickinson Sinodun ICANN 54 - Tech Day October 2015 DPRIVE WG Focus is stub to recursive Group IETF92 IETF91 IETF93 created A ID: problem-statement RFC7626 ID: dns-tls-newport A ID:

244 views • 23 slides
TLS: usage in Russian Domain Space Dmitry Belyavskiy, TCI ICANN 58 Tech Day March 13, 2017

TLS: usage in Russian Domain Space Dmitry Belyavskiy, TCI ICANN 58 Tech Day March 13, 2017

TLS: usage in Russian Domain Space Dmitry Belyavskiy, TCI ICANN 58 Tech Day March 13, 2017 Copenhagen, Denmark TLS: brief history SSLv2 deprecated (RFC 6176) SSLv3 deprecated (RFC 7568) TLS 1.0 RFC 2246 (1999) TLS 1.1

329 views • 19 slides
RIPE Atlas ICANN meeting 2014, Singapore ! ccTLD Tech Day RIPE and RIPE NCC ! ! ! ! ! ! !

RIPE Atlas ICANN meeting 2014, Singapore ! ccTLD Tech Day RIPE and RIPE NCC ! ! ! ! ! ! !

RIPE Atlas ICANN meeting 2014, Singapore ! ccTLD Tech Day RIPE and RIPE NCC ! ! ! ! ! ! ! ! ! ! ! ! RIPE Network Coordination Centre Rseaux IP Europens Started in 1992 Started in 1989 Not-for-profit

372 views • 24 slides
ICANN Tech Day host presentation Adam Leach, Roy Arends Adam Leach, Director R&D Adam

ICANN Tech Day host presentation Adam Leach, Roy Arends Adam Leach, Director R&D Adam

ICANN Tech Day host presentation Adam Leach, Roy Arends Adam Leach, Director R&D Adam joined Nominet in July 2013 and is responsible for leading Nominet's R&D initiatives, managing innovation and new product development. Previously

554 views • 17 slides
ICANN Update UNGEGN & UNCSGN Patrick Jones 30 July 2012 ICANN ICANN is a global

ICANN Update UNGEGN & UNCSGN Patrick Jones 30 July 2012 ICANN ICANN is a global

ICANN Update UNGEGN & UNCSGN Patrick Jones 30 July 2012 ICANN ICANN is a global organization formed in 1998 to support a multi stakeholder model which coordinates the Internets unique identifier systems for worldwide public

249 views • 10 slides
Welcome to ICANN Overview of the Week Ahead Who is ICANN? Staff Community made up of

Welcome to ICANN Overview of the Week Ahead Who is ICANN? Staff Community made up of

Welcome to ICANN Overview of the Week Ahead Who is ICANN? Staff Community made up of Internet Stakeholders Board 2 The Work of ICANN: Policy It takes a GAC community to create and implement CCNSO ALAC policy. ICANN GNSO

592 views • 18 slides
| 1 RDAP Implementation in the gTLD Space Tech Day Francisco Arias ICANN 63 22 October 2018

| 1 RDAP Implementation in the gTLD Space Tech Day Francisco Arias ICANN 63 22 October 2018

| 1 RDAP Implementation in the gTLD Space Tech Day Francisco Arias ICANN 63 22 October 2018 | 2 Agenda Introduction RDAP Implementation Status in gTLDs Next Steps | 3 Introduction | 4 Issues with (port-43) WHOIS No

450 views • 17 slides
Root Zone KSK: A fu er ICANN 53 Edward Lewis | ICANN 53 | June2015 edward.lewis@icann.org

Root Zone KSK: A fu er ICANN 53 Edward Lewis | ICANN 53 | June2015 edward.lewis@icann.org

Root Zone KSK: A fu er ICANN 53 Edward Lewis | ICANN 53 | June2015 edward.lewis@icann.org Agenda Setting the scene Change of Hardware Security Modules (HSMs) Roll (change) the Key Signing Key (KSK) The big finish | 2

272 views • 15 slides
ICANN Engagement Tools ICANN as fora for the ICANN Community Filiz Yilmaz & Carole Cornell

ICANN Engagement Tools ICANN as fora for the ICANN Community Filiz Yilmaz & Carole Cornell

ICANN Engagement Tools ICANN as fora for the ICANN Community Filiz Yilmaz & Carole Cornell 2 How do we interact and engage? ICANN Mee)ngs Open to all No registra)on fee Three )mes a

335 views • 32 slides
REGEXT Interim Report- Joint with ICANN TechOps James Galvin 20 November 2019 IETF106 Singapore

REGEXT Interim Report- Joint with ICANN TechOps James Galvin 20 November 2019 IETF106 Singapore

REGEXT Interim Report- Joint with ICANN TechOps James Galvin 20 November 2019 IETF106 Singapore Objective for the interim meeting ICANN Tech Ops meetings is where a majority of technical representatives of gTLD registries and registrars

398 views • 3 slides
ICANN: Critical Importance of Participation Albert Daniels Albert.daniels@icann.og Internet

ICANN: Critical Importance of Participation Albert Daniels Albert.daniels@icann.og Internet

ICANN: Critical Importance of Participation Albert Daniels Albert.daniels@icann.og Internet Week, Georgetown, Guyana 9 th October 2017 | 1 Agenda What is ICANN? ICANN Ecosystem Multistakeholder Model Multistakeholder Policy

775 views • 34 slides
S/MIME Dane Demo ICANN 57 Hyderabad, ccNSO Tech Day 5 Nov 2016 slamb@xtcn.com Background

S/MIME Dane Demo ICANN 57 Hyderabad, ccNSO Tech Day 5 Nov 2016 slamb@xtcn.com Background

S/MIME Dane Demo ICANN 57 Hyderabad, ccNSO Tech Day 5 Nov 2016 slamb@xtcn.com Background Slow Uptake of DNSSEC Need killer-app DANE!! SMIMEA!! But still slow uptake Windows still king Outlook still king Kaminsky 2009

547 views • 5 slides

More recommend