CCBP-as-a-Service (CCBP-aaS) Services

The Cloud Continuum Blueprint as-a-Service (CCBP-aaS) provides a set of integrated services that support the full lifecycle of cloud continuum experiments. These services enable experimenters to design, deploy, monitor, and manage distributed applications across heterogeneous infrastructures in a simplified and reproducible way.

On This Page

• CCBP Command Line Interface (CCBP-CLI)

• SLICES Federation Central Controller (SFCC)

• VPN-as-a-Service (VPN-aaS)

• Monitoring-as-a-Service (Monitoring-aaS)

  • Accessing Grafana

  • Exploring Metrics and Logs (Drilldown)

  • Collecting Custom Metrics and Logs (OpenTelemetry)

• Slices BI Operator

  • Creating Virtual Machines (BIVM)

  • Creating Kubernetes Clusters (KubeNode)

---

CCBP Command Line Interface (CCBP-CLI)

The CCBP Command Line Interface is the primary interaction tool for experimenters working with the blueprint. It provides a portable, stateless, and unified environment that simplifies the setup, configuration, and management of experiments.

Key Features

• Environment Setup Automation
  The CLI automates the initialization of the development environment and the provisioning of CCBP components on the SLICES basic infrastructure, reducing manual configuration effort.

• Multi-Modal Usage
  The CCBP-CLI can be used in multiple modes depending on user needs:

  • Local environment (via Docker)

  • Remote virtual machine (within SLICES-BI or other cloud providers)

  • Notebook-based execution (integrated in SLICES-BI)

• Portability and Stateless Design
  The CLI maintains its state in a portable directory (e.g., SlicesFile), allowing users to easily switch between environments without losing configurations or credentials.

• Integrated DevOps Tooling
  It bundles commonly used tools such as:

  • kubectl for Kubernetes interaction

  • SLICES-BI CLI for infrastructure management

  • Utilities for VPN and configuration management

• Automation of Repetitive Tasks
  The CLI provides helper commands to:

  • Initialize the CCBP infrastructure

  • Retrieve VPN configurations

  • Download Kubernetes kubeconfigs

  • Deploy and manage services and resources

Role in the Experiment Lifecycle

The CCBP-CLI acts as the entry point for experimenters, bridging development and infrastructure management. It enables seamless interaction with all platform services, such as SFCC, VPN-aaS, and Monitoring-aaS, through a consistent interface. By abstracting complex operations and integrating with DevOps workflows, it allows users to rapidly prototype, deploy, and iterate experiments across distributed cloud continuum environments.

Available Scripts

Command	Description
InitSFCC	Creates the SLICES experiment and provisions the access and SFCC VMs
getVpnConfigs	Downloads WireGuard client configs from the access VM
getKubeconfigUtils	Retrieves and saves the kubeconfig for a given VM
InstallSlicesBIOperator	Installs the Slices BI Operator on the SFCC k3s cluster

SLICES Federation Central Controller (SFCC)

The SFCC acts as the central control plane of the CCBP-aaS platform. It provides a unified entry point for experiment definition, orchestration, and management across multiple distributed sites. It exposes resources as Kubernetes-compliant objects and enables a declarative approach to experiment configuration. Additionally, it integrates authentication, service registry, APIs, and coordination logic, ensuring consistency and automation across the infrastructure.

---

VPN-as-a-Service (VPN-aaS)

The VPN-aaS service provides secure and transparent connectivity across distributed cloud continuum resources. It simplifies network configuration by automatically creating a virtual private network where all experiment components can communicate. This service enables remote development, reduces the need for public IPs, and allows seamless integration of external devices, clusters, and services into the experiment environment.

The CCBP deploys a VPN-as-a-Service (VPN-aaS) component to provide secure and transparent connectivity across all experiment resources.
The VPN server runs inside a virtual machine named access, which has a public IP address and hosts a WireGuard server. This allows users to connect from external environments (e.g., local machines or remote devices) directly into the Cloud Continuum infrastructure.

1. Retrieve VPN Configurations

Use the CCBP-CLI to download the available WireGuard client configurations:

ccbpcli getVpnConfigs <project_name>

The configurations are stored locally in:

SlicesFile/VPNConfigs

Each .conf file contains the parameters needed to connect to the VPN.

---

2. Import Configuration into WireGuard

Install a WireGuard client on your system:

• Linux: wg-quick

• Windows / macOS: WireGuard Desktop

• Mobile: WireGuard app

Then import one of the downloaded configuration files.

Example (Linux):

sudo wg-quick up <config-file>

---

3. Connect to the Cloud Continuum

Once the VPN connection is established:

• Your device becomes part of the private experiment network

• You can directly reach:

  • Kubernetes clusters

  • Deployed services

  • SFCC APIs and control plane

No additional network setup or public exposure is required.

---

Monitoring-as-a-Service (Monitoring-aaS)

The Monitoring-aaS service offers centralized observability for experiments by collecting and visualizing metrics and logs from all components. It is based on an OpenTelemetry-compliant stack (Prometheus, Loki, Grafana) and provides real-time insights into system and application behavior. This enables experimenters to monitor performance, debug issues, and analyze results across distributed cloud continuum environments.

A key advantage of the platform is that Kubernetes clusters provisioned through the Slices BI Operator are automatically instrumented. In particular:

• Metrics from cluster nodes and workloads are collected automatically

• Logs from pods and services are aggregated without manual setup

• Monitoring endpoints are pre-configured and integrated

This built-in instrumentation significantly reduces setup complexity and allows experimenters to focus on analysis rather than configuration.

---

Accessing Grafana

Monitoring-aaS exposes a Grafana dashboard for visualization and exploration of collected data.

Retrieve credentials

kubectl get secrets my-grafana   -o jsonpath={.data.admin-password}   --kubeconfig SlicesFile/kubeconfigs/sfcc.yaml | base64 -d

Access the dashboard

Use port forwarding:

kubectl port-forward svc/my-grafana 3001:80   --kubeconfig SlicesFile/kubeconfigs/sfcc.yaml

Then open in your browser:

http://localhost:3001

Alternatively, you can configure the VPN connection to resolve DNS names by setting the DNS server in the WireGuard configuration to the IP address of the SFCC VM, which can be retrieved using the Slices BI command.

slices bi list --experiment ccbp-base

and access Grafana directly via:

http://grafana.sfcc:3001

---

Exploring Metrics and Logs (Drilldown)

Grafana provides drilldown capabilities to deeply explore observability data:

Metrics (Prometheus)

• Navigate dashboards for CPU, memory, and network metrics

• Drill down from cluster → node → pod level

• Analyze time-series behavior

Logs (Loki)

• Filter logs by labels (namespace, pod, service)

• Explore logs across time ranges

• Correlate logs with metrics

These features enable effective debugging and performance analysis across distributed environments.

---

Collecting Custom Metrics and Logs (OpenTelemetry)

Monitoring-aaS is based on an OpenTelemetry-compliant stack.

To instrument custom applications:

1. Deploy an OpenTelemetry Collector

2. Configure exporters to:

   • Prometheus for metrics at endpoint: <sfcc_ip>:390/otlp/metrics

   • Loki for logs at endpoint(the node have to resolve the hostname with the SFCC_VM_IP): loki-gateway:3100

Typical setup includes:

• Prometheus scraping endpoints exposed by your services

• Loki receiving structured logs from applications

Reference guide: https://opentelemetry.io/docs/collector/

---

Slices BI Operator

The Slices BI Operator is a Kubernetes-native controller that enables the provisioning and management of infrastructure resources on the SLICES testbed directly through declarative manifests. It abstracts the complexity of infrastructure management by allowing experimenters to define resources as Kubernetes objects.

A key strength of the operator is that a single deployment file can define and create multiple resources, including:

• Virtual machines (VMs)

• Templated environments via CloudInit

• Fully managed Kubernetes clusters (multi-node, multi-role)

By leveraging Kubernetes CRDs and reconciliation loops, the operator ensures that the desired infrastructure state is automatically provisioned, configured, and maintained.

All the deployment configurations can be applied by executing:

kubectl apply -f <deployment-file.yaml> --kubeconfig /SlicesFile/kubeconfigs/sfcc.yaml

Reference CRDs:

• VM CRD: https://gitlab.com/MMw_Unibo/platformeng/slices-bi-operator/-/blob/main/manifests/SlicesBiResourceCRD.yaml

• Kubernetes CRD: https://gitlab.com/MMw_Unibo/platformeng/slices-bi-operator/-/blob/main/manifests/kubeNodeCRD.yaml

• Examples: https://gitlab.com/MMw_Unibo/platformeng/slices-bi-operator/-/tree/main/test/testmanifest

---

Creating Virtual Machines (Basic Infrastructure VM)

The operator provides the BIVM custom resource to define and provision virtual machines on SLICES BI.

Key capabilities

• Declarative VM provisioning through Kubernetes manifests

• Support for CloudInit templates

• Template substitution to dynamically configure VMs

• Automatic handling of credentials, networking, and lifecycle

Example BIVM definition

apiVersion: ccbp.slices.eu/v1alpha1
kind: BiVM
metadata:
  name: my-vm
spec:
  friendlyName: my-vm
  experimentId: my-experiment
  clusterId: <bi-cluster-id>
  flavorId: small
  cloudInitType: custom

CloudInit Template Substitution

The operator allows templating CloudInit scripts, enabling dynamic configuration of VMs at creation time.

Common use cases:

• Injecting SSH keys or environment variables

• Installing required software

• Configuring services automatically

Template parameters can be substituted at deployment time, enabling reusable infrastructure definitions.

---

Creating Kubernetes Clusters (KubeNode)

The operator also enables the creation of fully managed Kubernetes clusters using the KubeNode custom resource.

Key capabilities

• Define complete clusters in a single YAML file

• Support for:

  • Master nodes

  • Worker nodes

• Automatic cluster bootstrapping and configuration

• Automatic generation of:

  • Join tokens

  • Kubeconfig files

• Built-in monitoring instrumentation

Example multi-node cluster definition

apiVersion: ccbp.slices.eu/v1alpha1
kind: KubeNode
metadata:
  name: master
spec:
  nodeType: master
  experimentId: my-experiment
  clusterId: <bi-cluster-id>
  flavorId: medium
---
apiVersion: ccbp.slices.eu/v1alpha1
kind: KubeNode
metadata:
  name: worker1
spec:
  nodeType: worker
  refMaster: master
  experimentId: my-experiment
  clusterId: <bi-cluster-id>
  flavorId: medium

Behavior

• The first node initializes the cluster (master)

• Worker nodes join automatically via the operator

• The operator manages the full lifecycle (creation, configuration, monitoring)