Flexible framework for elasticity in cloud computing / Un cadre flexible pour l’élasticité dans les nuages

Al-Dhuraibi, Yahya

10 December 2018

Le Cloud computing a gagné beaucoup de popularité et a reçu beaucoup d'attention des deux mondes, industriel et académique, puisque cela les libère de la charge et le coût de la gestion de centres de données locaux. Toutefois, le principal facteur motivant l'utilisation du Cloud est sa capacité de fournir des ressources en fonction des besoins du client. Ce concept est appelé l’élasticité. Adapter les applications Cloud lors de leur exécution en fonction des variations de la demande est un grand défi. En outre, l'élasticité de Cloud est diverse et hétérogène car elle englobe différentes approches, stratégies, objectifs, etc. Nous sommes intéressés à étudier: Comment résoudre le problème de sur/sous-approvisionnement? Comment garantir la disponibilité des ressources et surmonter les problèmes d'hétérogénéité et de granularité des ressources? Comment standardiser, unifier les solutions d'élasticité et de modéliser sa diversité à un haut niveau d'abstraction? Dans cette thèse, trois majeures contributions ont été proposées: Tout d’abord, un état de l’art à jour de l’élasticité du Cloud ; cet état de l’art passe en revue les différents travaux relatifs à l’élasticité des machines virtuelles et des conteneurs. Deuxièmement, ElasticDocker, une approche permettant de gérer l’élasticité des conteneurs, notamment l’élasticité verticale, la migration et l’élasticité combinée. Troisièmement, MoDEMO, un nouveau cadre de gestion d'élasticité unifié, basé sur un standard, dirigé par les modèles, hautement extensible et reconfigurable, supportant plusieurs stratégies, différents types d’élasticité, différentes techniques de virtualisation et plusieurs fournisseurs de Cloud. / Cloud computing has been gaining popularity and has received a great deal of attention from both industrial and academic worlds since it frees them from the burden and cost of managing local data centers. However, the main factor motivating the use of cloud is its ability to provide resources according to the customer needs or what is referred to as elasticity. Adapting cloud applications during their execution according to demand variation is a challenging task. In addition, cloud elasticity is diverse and heterogeneous because it encompasses different approaches, policies, purposes, etc. We are interested in investigating: How to overcome the problem of over-provisioning/under-provisioning? How to guaranty the resource availability and overcome the problems of heterogeneity and resource granularity? How to standardize, unify elasticity solutions and model its diversity at a high level of abstraction? In this thesis, we solved such challenges and we investigated many aspects of elasticity to manage efficiently the resources in the cloud. Three contributions are proposed. Firstly, an up-to-date state-of-the-art of the cloud elasticity, this state of art reviews different works related to elasticity for both Virtual Machines and containers. Secondly, ElasticDocker, an approach to manage container elasticity including vertical elasticity, live migration, and elasticity combination between different virtualization techniques. Thirdly, MoDEMO, a new unified standard-based, model-driven, highly extensible and reconfigurable framework that supports multiple elasticity policies, vertical and horizontal elasticity, different virtualization techniques and multiple cloud providers.

Élasticité du Cloud

Conteneurs

Open Cloud Computing Interface (OCCI)

004.678 2

Architectures et mécanismes de fédération dans les environnements cloud computing et cloud networking / Architectures and federation mechanisms in cloud computing and cloud networking environments

Medhioub, Houssem

28 April 2015

Présenté dans la littérature comme une nouvelle technologie, le Cloud Computing est devenu incontournable dans la mise en place et la fourniture des services informatiques. Cette thèse s’inscrit dans le contexte de cette nouvelle technologie qui est en mesure de transformer la mise en place, la gestion et l’utilisation des systèmes d’information. L'adoption et la vulgarisation du Cloud ont été ralenties par la jeunesse même des concepts et l'hétérogénéité des solutions existantes. Cette difficulté d'adoption se manifeste par l'absence de standard, l'hétérogénéité des architectures et des API, le Vendor Lock-In imposé par les leaders du marché et des manques qui ralentissent la fédération. La motivation principale de la thèse est de simplifier l'adoption du cloud et la migration vers ses environnements et technologies. Notre objectif est de proposer des solutions d'interopérabilité et de fédération dans le Cloud. Le travail de recherche s’est aussi articulé autour de deux grands axes. Le premier concerne le rapprochement des réseaux du futur et des Clouds. Le deuxième axe concerne l'interopérabilité et la fédération entre solutions et services cloud. Une analyse de l’état de l’art sur le Cloud Computing et le Cloud Networking, a permis de confirmer des manques pressentis et de proposer deux architectures de fédération Cloud. La première architecture permet le rapprochement entre le Cloud Computing et le Cloud Networking. La seconde architecture facilite l'interopérabilité et le courtage de services Cloud. L'étude des deux architectures a fait ressortir deux composants primordiaux et essentiels pour assurer la fédération: une interface générique et un système d'échange de messages. Ces deux composants correspondent à deux contributions centrales de la thèse et reflètent l’ensemble des contributions (quatre au total) du travail de recherche / Presented in the literature as a new technology, Cloud Computing has become essential in the development and delivery of IT services. Given the innovative potential of Cloud, our thesis was conducted in the context of this promising technology. It was clear that the Cloud would change the way we develop, manage and use information systems. However, the adoption and popularization of Cloud were slow and difficult given the youth of the concepts and heterogeneity of the existing solutions. This difficulty in adoption is reflected by the lack of standard, the presence of heterogeneous architectures and APIs, the introduction of Vendor Lock-In imposed by the market leaders and the lack of cloud federation principles and facilitators. The main motivation for our PhD is to simplify the adoption of the cloud paradigm and the migration to cloud environments and technologies. Our goal has consequently been to improve interoperability and enable federation in the cloud. The thesis focused on two main areas. The first concerns the convergence of future networks and clouds and the second the improvement of federation and interoperability between heterogeneous cloud solutions and services. Based on our work in state of the art about Cloud Computing and Cloud Networking, we defined in this thesis two architectures for Cloud federation. The first architecture enables the merging (convergence) of Cloud Computing and Cloud Networking. The second architecture addresses interoperability between services and proposes cloud-brokering solutions. The study enabled the identification of two essential components for cloud federation, namely: a generic interface and a message exchange system. These two components have been two contributions of our thesis. The proposed federation architectures and these two components summarize the four major contributions of our work

Cloud computing

Cloud networking

Cloud hybride

IaaS

PaaS

Fédération

Interopérabilité

Interface Open Cloud

Cloud computing

Cloud networking

Hybrid cloud

IaaS

PaaS

Federation

Interoperability

Open Cloud interface

Inferring models from cloud APIs and reasoning over them : a tooled and formal approach / Inférer des modèles à partir d'APIs cloud et raisonner dessus : une approche outillée et formelle

Challita, Stéphanie

21 December 2018

Avec l’avènement de l’informatique en nuage, différents fournisseurs offrant des services en nuage et des interfaces de programmation d’applications (APIs) hétérogènes sont apparus. Cette hétérogénéité complique la mise en œuvre d’un système de multi-nuages interopérable. Parmi les solutions pour l’interopérabilité de multi-nuages, l’Ingénierie Dirigée par les Modèles (IDM) s’est révélée avantageuse. Cependant, la plupart des solutions IDM existantes pour l’informatique en nuage ne sont pas représentatives des APIs et manquent de formalisation. Pour remédier à ces limitations, je présente dans cette thèse une approche basée sur le standard Open Cloud Computing Interface (OCCI), les approches IDM et les méthodes formelles. Je fournis deux contributions qui sont mises en œuvre dans le contexte du projet OCCIware. Premièrement, je propose une approche basée sur la rétro-ingénierie pour extraire des connaissances des documentations textuelles ambiguës des APIs de nuages et améliorer leur représentation à l’aide des techniques IDM. Cette approche est appliquée à Google Cloud Platform (GCP), où je propose GCP Model, une spécification précise et basée sur les modèles, automatiquement déduite de la documentation textuelle de GCP. Deuxièmement, je propose le cadre fclouds pour assurer une interopérabilité sémantique entre plusieurs nuages, i.e., pour identifier les concepts communs entre les APIs et raisonner dessus. Le langage fclouds est une formalisation des concepts et de la sémantique opérationnelle d’OCCI en employant le langage de spécification formel Alloy. Pour démontrer l’efficacité du langage fclouds, je spécifie formellement treize APIs et en vérifie les propriétés. / With the advent of cloud computing, different cloud providers with heterogeneous cloud services and Application Programming Interfaces (APIs) have emerged. This heterogeneity complicates the implementation of an interoperable multi-cloud system. Among the multi-cloud interoperability solutions, Model-Driven Engineering (MDE) has proven to be quite advantageous and is the mostly adopted methodology to rise in abstraction and mask the heterogeneity of the cloud. However, most of the existing MDE solutions for the cloud are not representative of the cloud APIs and lack of formalization. To address these shortcomings, I present in this thesis an approach based on Open Cloud Computing Interface (OCCI) standard, MDE, and formal methods. I provide two major contributions implemented in the context of the OCCIware project. First, I propose an approach based on reverse-engineering to extract knowledge from the ambiguous textual documentation of cloud APIs and to enhance its representation using MDE techniques. This approach is applied to Google Cloud Platform (GCP), where I provide GCP Model, a precise model-driven specification for GCP that is automatically inferred from GCP textual documentation. Second, I propose the fclouds framework to achieve semantic interoperability in multi-clouds, i.e., to identify the common concepts between cloud APIs and to reason over them. The fclouds language is a formalization of OCCI concepts and operational semantics in Alloy formal specification language. To demonstrate the effectiveness of the fclouds language, I formally specify thirteen case studies and verify their properties.

Multi-Nuages

Open Cloud Computing Interface (OCCI)

Google Cloud Platform

Alloy

Langage dédié

004.678 2

Market driven elastic secure infrastructure

Tikale, Sahil

30 May 2023

In today’s Data Centers, a combination of factors leads to the static allocation of physical servers and switches into dedicated clusters such that it is difficult to add or remove hardware from these clusters for short periods of time. This silofication of the hardware leads to inefficient use of clusters. This dissertation proposes a novel architecture for improving the efficiency of clusters by enabling them to add or remove bare-metal servers for short periods of time. We demonstrate by implementing a working prototype of the architecture that such silos can be broken and it is possible to share servers between clusters that are managed by different tools, have different security requirements, and are operated by tenants of the Data Center, which may not trust each other. Physical servers and switches in a Data Center are grouped for a combination of reasons. They are used for different purposes (staging, production, research, etc); host applications required for servicing specific workloads (HPC, Cloud, Big Data, etc); and/or configured to meet stringent security and compliance requirements. Additionally, different provisioning systems and tools such as Openstack-Ironic, MaaS, Foreman, etc that are used to manage these clusters take control of the servers making it difficult to add or remove the hardware from their control. Moreover, these clusters are typically stood up with sufficient capacity to meet anticipated peak workload. This leads to inefficient usage of the clusters. They are under-utilized during off-peak hours and in the cases where the demand exceeds capacity the clusters suffer from degraded quality of service (QoS) or may violate service level objectives (SLOs). Although today’s clouds offer huge benefits in terms of on-demand elasticity, economies of scale, and a pay-as-you-go model yet many organizations are reluctant to move their workloads to the cloud. Organizations that (i) needs total control of their hardware (ii) has custom deployment practices (iii) needs to match stringent security and compliance requirements or (iv) do not want to pay high costs incurred from running workloads in the cloud prefers to own its hardware and host it in a data center. This includes a large section of the economy including financial companies, medical institutions, and government agencies that continue to host their own clusters outside of the public cloud. Considering that all the clusters may not undergo peak demand at the same time provides an opportunity to improve the efficiency of clusters by sharing resources between them. The dissertation describes the design and implementation of the Market Driven Elastic Secure Infrastructure (MESI) as an alternative to the public cloud and as an architecture for the lowest layer of the public cloud to improve its efficiency. It allows mutually non-trusting physically deployed services to share the physical servers of a data center efficiently. The approach proposed here is to build a system composed of a set of services each fulfilling a specific functionality. A tenant of the MESI has to trust only a minimal functionality of the tenant that offers the hardware resources. The rest of the services can be deployed by each tenant themselves MESI is based on the idea of enabling tenants to share hardware they own with tenants they may not trust and between clusters with different security requirements. The architecture provides control and freedom of choice to the tenants whether they wish to deploy and manage these services themselves or use them from a trusted third party. MESI services fit into three layers that build on each other to provide: 1) Elastic Infrastructure, 2) Elastic Secure Infrastructure, and 3) Market-driven Elastic Secure Infrastructure. 1) Hardware Isolation Layer (HIL) – the bottommost layer of MESI is designed for moving nodes between multiple tools and schedulers used for managing the clusters. It defines HIL to control the layer 2 switches and bare-metal servers such that tenants can elastically adjust the size of the clusters in response to the changing demand of the workload. It enables the movement of nodes between clusters with minimal to no modifications required to the tools and workflow used for managing these clusters. (2) Elastic Secure Infrastructure (ESI) builds on HIL to enable sharing of servers between clusters with different security requirements and mutually non-trusting tenants of the Data Center. ESI enables the borrowing tenant to minimize its trust in the node provider and take control of trade-offs between cost, performance, and security. This enables sharing of nodes between tenants that are not only part of the same organization by can be organization tenants in a co-located Data Center. (3) The Bare-metal Marketplace is an incentive-based system that uses economic principles of the marketplace to encourage the tenants to share their servers with others not just when they do not need them but also when others need them more. It provides tenants the ability to define their own cluster objectives and sharing constraints and the freedom to decide the number of nodes they wish to share with others. MESI is evaluated using prototype implementations at each layer of the architecture. (i) The HIL prototype implemented with only 3000 Lines of Code (LOC) is able to support many provisioning tools and schedulers with little to no modification; adds no overhead to the performance of the clusters and is in active production use at MOC managing over 150 servers and 11 switches. (ii) The ESI prototype builds on the HIL prototype and adds to it an attestation service, a provisioning service, and a deterministically built open-source firmware. Results demonstrate that it is possible to build a cluster that is secure, elastic, and fairly quick to set up. The tenant requires only minimum trust in the provider for the availability of the node. (iii) The MESI prototype demonstrates the feasibility of having a one-of-kind multi-provider marketplace for trading bare-metal servers where providers also use the nodes. The evaluation of the MESI prototype shows that all the clusters benefit from participating in the marketplace. It uses agents to trade bare-metal servers in a marketplace to meet the requirements of their clusters. Results show that compared to operating as silos individual clusters see a 50% improvement in the total work done; up to 75% improvement (reduction) in waiting for queues and up to 60% improvement in the aggregate utilization of the test bed. This dissertation makes the following contributions: (i) It defines the architecture of MESI allows mutually non-trusting tenants of the data center to share resources between clusters with different security requirements. (ii) Demonstrates that it is possible to design a service that breaks the silos of static allocation of clusters yet has a small Trusted Computing Base (TCB) and no overhead to the performance of the clusters. (iii) Provides a unique architecture that puts the tenant in control of its own security and minimizes the trust needed in the provider for sharing nodes. (iv) A working prototype of a multi-provider marketplace for bare-metal servers which is a first proof-of-concept that demonstrates that it is possible to trade real bare-metal nodes at practical time scales such that moving nodes between clusters is sufficiently fast to be able to get some useful work done. (v) Finally results show that it is possible to encourage even mutually non-trusting tenants to share their nodes with each other without any central authority making allocation decisions. Many smart, dedicated engineers and researchers have contributed to this work over the years. I have jointly led the efforts to design the HIL and the ESI layer; led the design and implementation of the bare-metal marketplace and the overall MESI architecture.

Computer engineering

Composability

Incentives

Large scale systems architecture

Market mechanism

Microservices

Open cloud