DOCSLIB.ORG

Securing Serverless Computing: Challenges, Solutions, and Opportunities Xing Li, Student Member, IEEE, Xue Leng, and Yan Chen, Fellow, IEEE

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Securing Serverless Computing: Challenges, Solutions, and Opportunities Xing Li, Student Member, IEEE, Xue Leng, and Yan Chen, Fellow, IEEE 1 Securing Serverless Computing: Challenges, Solutions, and Opportunities Xing Li, Student Member, IEEE, Xue Leng, and Yan Chen, Fellow, IEEE Abstract—Serverless computing is a new cloud service model been made to address these challenges. Related studies have that reduces both cloud providers’ and consumers’ costs through arisen from academic research, commercial cloud providers, extremely agile development, operation, and charging mecha- and thriving open-source communities and have considerably nisms and has been widely applied since its emergence. Nev- ertheless, some characteristics of serverless computing, such as enhanced serverless security. Therefore, a systematic survey fragmented application boundaries, have raised new security of current research progress is needed to provide a foundation challenges. Considerable literature work has been committed to for continuing security enhancement. addressing these challenges. Commercial and open-source server- less platforms implement many security measures to enhance Some previous surveys of serverless computing have been serverless environments. This paper presents the first survey conducted [2], [3]; however, they have three main drawbacks of serverless security that considers both literature work and in revealing the current status of security research. In terms industrial security measures. We summarize the primary security of subject matter, these surveys have extensively discussed the challenges, analyze corresponding solutions from the literature concepts, challenges, applications, and prospects of serverless and industry, and identify potential research opportunities. Then, we conduct a gap analysis of the academic and industrial solu- computing but have not specifically targeted security. Re- tions as well as commercial and open-source serverless platforms’ garding content, the previous surveys have briefly introduced security capabilities, and finally, we present a complete picture possible risks or attacks but have not systematically analyzed of current serverless security research. existing solutions and future directions of research. In terms of Index Terms—Cloud Computing, Serverless Computing, Secu- materials, these surveys have focused on literature work and rity, Survey. have not considered the measures adopted in industry (i.e., commercial or open-source platforms); however, an academic I. INTRODUCTION focus alone is insufficient for a review of a widely applied cloud computing model such as serverless computing. HE development of cloud computing has driven various T service model innovations, including serverless comput- Therefore, a complete and systematic review of serverless ing. In this model, cloud providers are responsible for all security is urgently needed. To promote serverless computing server-related management tasks, such as resource allocation, and inspire new research, we present the first survey on server- service deployment, scaling, and monitoring, and an appli- less security whose horizon is expanded from academia alone cation is charged only for its execution time. As a result, to include industry. In this paper, we first introduce the concept consumers can avoid tedious management tasks, focus on the and background of serverless computing (Section II). Starting business code, and save costs by not paying for idle resources. from the unique characteristics of this service model, we then These advantages in terms of efficiency and economy have present a classification of the main security challenges and led to the rapid development of serverless computing in analyze their root causes. Subsequently, we review the state- recent years and have attracted extensive attention from both of-the-art solutions proposed in the literature and adopted by industry and academia. According to a recent report, the global popular serverless platforms for each challenge. Based on the arXiv:2105.12581v1 [cs.CR] 25 May 2021 serverless market size is estimated to grow to $21.1 billion by degree to which these problems are solved, we note potential 2025 [1]. research opportunities (Section III–Section VI). Finally, we However, as a novel service model, serverless computing illustrate our findings in comparisons of the current academic also has certain distinguishing features that present some and industrial solutions as well as commercial and open-source challenges, leading to security and compliance concerns. For platforms (Section VII). example, its agile and lightweight virtualization technologies The main contributions of this work are as follows: may lead to weak isolation, and the ephemeral nature of its computing instances could increase the difficulty of se- • A systematic summary of the challenges arising in secur- curity management. In recent years, substantial efforts have ing serverless computing is presented. • A brief but comprehensive review of academic and in- X. Li and X. Leng are with the College of Computer Science and Technology, Zhejiang University, Hangzhou, 310027, China (e-mail: dustrial solutions is provided. [email protected]; lengxue [email protected]). • A set of promising potential research opportunities is Y. Chen is with the Department of Computer Science, Northwestern proposed. University, Evanston, IL 60208, USA (e-mail: [email protected]). This work has been submitted to the IEEE for possible publication. • A multiaspect gap analysis of the current research status Copyright may be transferred without notice, after which this version may is conducted. no longer be accessible. 2 Application Boundary Storage Service Function A Function B Function C End User Function A Function C FaaS Runtime FaaS Runtime FaaS Runtime Log Service API Container Container Container Gateway \ Scheduled Task Container Engine Function B Function D ... Virtual Machine VM Other Clients SMS Service Message Queue Bare Metal Server : Trigger Events : Functions : Backend Services (a) FaaS Technology Stack (b) A Typical Serverless Application Fig. 1: (a) A container-based FaaS technology stack. Typically, only the top-level function code is managed by customers. (b) The architecture of a serverless application that includes FaaS and BaaS components. II. BACKGROUND AND OVERVIEW Customer 1 Customer 2 3 Management Interface A. Serverless Computing … Deployment Security . Virtualization technology is the cornerstone of cloud ser- ① ③ Management Services vices. Based on the platform-as-a-service (PaaS) model, the B Functions recent prosperity of lightweight virtualization (e.g., contain- Authentication 1 A ers) has given birth to a new model: function-as-a-service C ④ ② 2 Visualization (FaaS). As shown in Figure 1 (a), in this model, customers develop and deploy small code pieces called functions in the Backend ⑤ Monitoring Storage Logging . cloud. These functions are deployed in lightweight virtualized Services . environments such as containers and executed on platform- 4 Infrastructure Resources provided runtimes. Each function focuses on a different task, and multiple functions can be combined in an event-driven ① -- ⑤ : Threats 1 -- 4 : Challenges manner to realize complex business logic. Events that can Fig. 2: Locations of threats and security challenges in the activate the execution of functions are called triggers; these serverless computing framework. include but are not limited to HTTP requests, logs, storage events, and timers. With lightweight virtualization, functions can be initialized Meanwhile, this new cloud service model has begun to be extremely fast (usually within a few milliseconds). Therefore, embraced in many scenarios, such as data processing and the providers can instantiate functions only when needed and Internet of Things (IoT) paradigm. flexibly scale them, thereby maximizing resource utilization. Consequently, functions usually have a short lifecycle. This B. Threats and Security Challenges agility is also beneficial to consumers. Since the occupied As a multitenant cloud service model, serverless computing resources will be released when they are not in use, consumers is susceptible to security threats that can be divided into five need to pay only for functions’ actual execution time and do categories based on where they are launched. The first category not need to reserve resources for emergencies. consists of external attacks on applications from malicious Moreover, cloud providers offer dedicated services and users (¬), such as cross-site scripting attacks and injection application programming interfaces (APIs) for tasks such as attacks. Due to the unlimited scalability and the pay-as-you- storage, logging, and identity management. These services go feature of serverless computing, denial of service attacks can help customers build and manage server-side logic, thus will lead to a substantial increase in the cost to application significantly accelerating application development and release. owners. The second comprises internal attacks on applications This service model is known as backend-as-a-service (BaaS). from malicious insiders (­), such as illegal internal access Serverless computing is generally regarded as a combination and sniffing attacks. Adversaries in the internal network can of FaaS and BaaS. By undertaking all management tasks even perceive sensitive information from the communication directly related to infrastructure resources, cloud providers pattern and activity level of functions. For example, in a health make server-related details transparent to consumers. From monitoring application, a particular sequence of
Load more

Recommended publications
  • Serverless Computing in Financial Services High Performance Computing—With More Speed, Accuracy and Flexibility Authors
    Serverless computing in financial services High performance computing—with more speed, accuracy and flexibility Authors Michael Behrendt is a Distinguished Engineer in Neil Cowit is the Worldwide Cloud Offering the IBM Cloud development organization. He is Manager for High Performance Computing at responsible for IBM’s technical strategy around IBM. HPC has been a significant part of Neil’s serverless & Function-as-a-Service. 20-plus-year career within the financial services technology sector. He has held leadership In that context, he’s also the chief architect for and individual contributor roles in Product the IBM serverless offering, IBM Cloud Functions. Management, Development, Sales and Marketing. Before that, he was the chief architect of the core platform of IBM Bluemix and was one of the initial founding members incubating it. Michael has been working on cloud computing for more than 13 years and has 35 patents. He is located in the IBM Research & Development Laboratory in Boeblingen, Germany. | 2 | Contents Authors 02 Introduction 04 What issues can serverless computing help address? 06 Technical perspective 07 IBM Cloud Functions: Implementing serverless computing 08 Benefits of IBM Cloud Functions 08 Conclusion 09 Glossary 10 | 3 | Introduction If Mrs. Wallis Simpson were alive today and Wouldn’t it be terrific if we only had to solve static involved in financial services, she may very well or deterministic models as opposed to stochastic have modified her famous quote from “You can or probabilistic financial models? Imagine being never be too rich or too thin.” to “You can never able to cover all the possible contingencies in have too much compute capacity.” proportion to their likelihood.
    [Show full text]
  • Serverless in the Wild: Characterizing and Optimizing the Serverless Workload at a Large Cloud Provider
    Serverless in the Wild: Characterizing and Optimizing the Serverless Workload at a Large Cloud Provider Mohammad Shahrad, Rodrigo Fonseca, Íñigo Goiri, Gohar Chaudhry, Paul Batum, Jason Cooke, Eduardo Laureano, Colby Tresness, Mark Russinovich, and Ricardo Bianchini July 15, 2020 What is Serverless? •Very attractive abstraction: • Pay for Use • Infinite elasticity from 0 (and back) • No worry about servers • Provisioning, Reserving, Configuring, patching, managing •Most popular offering: Function-as-a-Service (FaaS) • Bounded-time functions with no persistent state among invocations • Upload code, get an endpoint, and go For the rest of this talk, Serverless = Serverless FaaS What is Serverless? Bare Metal VMs (IaaS) Containers Functions (FaaS) Unit of Scale Server VM Application/Pod Function Provisioning Ops DevOps DevOps Cloud Provider Init Time Days ~1 min Few seconds Few seconds Scaling Buy new hardware Allocate new VMs 1 to many, auto 0 to many, auto Typical Lifetime Years Hours Minutes O(100ms) Payment Per allocation Per allocation Per allocation Per use State Anywhere Anywhere Anywhere Elsewhere Serverless “…more than 20 percent of global enterprises will have deployed serverless computing technologies by 2020.” Gartner, Dec 2018 Serverless Source: CNCF Cloud Native Interactive Landscape https://landscape.cncf.io/format=serverless Serverless December 2019 “… we predict that (…) serverless computing will grow to dominate the future of cloud computing.” So what are people doing with FaaS? • Interesting Explorations • MapReduce (pywren)
    [Show full text]
  • Architectural Implications of Function-As-A-Service Computing
    Architectural Implications of Function-as-a-Service Computing Mohammad Shahrad Jonathan Balkind David Wentzlaff Princeton University Princeton University Princeton University Princeton, USA Princeton, USA Princeton, USA [email protected] [email protected] [email protected] ABSTRACT Network Serverless computing is a rapidly growing cloud application model, popularized by Amazon’s Lambda platform. Serverless cloud ser- Scheduling vices provide fine-grained provisioning of resources, which scale Platform (priorwork) automatically with user demand. Function-as-a-Service (FaaS) appli- Queueing Management cations follow this serverless model, with the developer providing 35% decrease in IPC Interference their application as a set of functions which are executed in response due to interference 6x variation due to to a user- or system-generated event. Functions are designed to Memory BW invocation pattern 20x MPKI for be short-lived and execute inside containers or virtual machines, Branch MPKI >10x exec time short functions introducing a range of system-level overheads. This paper studies for short functions Cold Start Server the architectural implications of this emerging paradigm. Using (500ms cold start) Up to 20x (thispaper) Container the commercial-grade Apache OpenWhisk FaaS platform on real slowdown servers, this work investigates and identifies the architectural im- Native plications of FaaS serverless computing. The workloads, along with Execution Figure 1: We characterize the server-level overheads of the way that FaaS inherently interleaves short functions from many Function-as-a-Service applications, compared to native exe- tenants frustrates many of the locality-preserving architectural cution. This contrasts with prior work [2–5] which focused structures common in modern processors.
    [Show full text]
  • How Entle Core™ Reduces Risk with Proven Technologies
    How Entle Core™ reduces risk with proven technologies What is Entle Core™? cloud computing had become well-established, and serverless computing took that a step further to make On the basis of over a decade in the web elastic infrastructure even more accessible. development industry, Entle has developed a mature, In contrast to a constantly-running server or elastic risk-reducing, and highly performant website server group that responds to visitor requests (either architecture called Entle Core™. Websites built with using bare-metal physical machines, virtual machines, Entle Core™ are heavily optimised for performance, or containers), serverless functions use cloud native SEO, and ultimately, conversion. systems’ inherent elasticity to consume resources on To achieve this, Entle Core™ combines a serverless demand and in a fully abstracted manner. Server hosting architecture with the JAMstack (JavaScript, management is abstracted to the cloud provider’s APIs, and markup) pattern. expert team, in the same way that they are responsible for all their other cloud infrastructure (e.g. in AWS’ The key elements of Entle Core™ are: case, the underlying infrastructure for EC2, EKS, Aurora • Serverless hosting using AWS S3 storage and AWS or Redshift). This significantly reduces the DevOps Cloudfront CDN, and AWS Lamda to provide workload on the website developer and thereby dynamic functionality; reduces the risk associated with designing, testing, and maintaining one’s own server setup. Serverless is the next step in the evolution of A static site
    [Show full text]
  • Serverless Computing: an Investigation of Factors Influencing Microservice Performance
    Serverless Computing: An Investigation of Factors Influencing Microservice Performance Wes Lloyd1, Shruti Ramesh4, Swetha Chinthalapati2, Lan Ly3, Shrideep Pallickara5 5 Institute of Technology 4 Department of Computer Science University of Washington Microsoft Colorado State University Tacoma, Washington USA Redmond, Washington USA Fort Collins, Colorado USA 1wlloyd, 2swethach, [email protected] [email protected] [email protected] Abstract— Serverless computing platforms provide driving a paradigm shift rivaling a scale not seen since the function(s)-as-a-Service (FaaS) to end users while promising advent of cloud computing itself! reduced hosting costs, high availability, fault tolerance, and dynamic elasticity for hosting individual functions known as Fundamentally different than application hosting with IaaS microservices. Serverless Computing environments, unlike or Platform-as-a-Service (PaaS) clouds, with serverless Infrastructure-as-a-Service (IaaS) cloud platforms, abstract computing, applications are decomposed into many infrastructure management including creation of virtual machines microservices, which are essentially disparate functions. (VMs), operating system containers, and request load balancing Serverless environments leverage operating system containers from users. To conserve cloud server capacity and energy, cloud such as Docker to deploy and scale microservices [6]. Granular providers allow hosting infrastructure to go COLD, code deployment harnessing containers enables incremental, deprovisioning containers when service demand is low freeing rapid scaling of server infrastructure surpassing the elasticity infrastructure to be harnessed by others. In this paper, we present afforded by dynamically scaling virtual machines (VMs). Cloud results from our comprehensive investigation into the factors providers can load balance many small container placements which influence microservice performance afforded by serverless across servers helping to minimize idle server capacity better computing.
    [Show full text]
  • DEMYSTIFYING NOOPS and SERVERLESS COMPUTING Purpose
    Innovation Committee, Chief Information Officers Council WHITE PAPER: DEMYSTIFYING NOOPS AND SERVERLESS COMPUTING Purpose The purpose of this white paper is to provide an overview of NoOps and serverless computing for CIOs in the federal government and discuss the potential impact of these emerging trends on how agencies develop software and deliver services. Background Serverless computing is an emerging cloud computing model whereby cloud providers manage IT infrastructure and users are charged only for the resources they use.1 The growth of serverless computing has given rise to the concept of NoOps, whereby service providers automate and manage IT infrastructure and operations to such an extent that IT operations staff can focus on higher-value work in the software development life cycle. NoOps is more of a theoretical concept than a development practice at this time, with few commercial IT organizations adopting a development approach that completely automates IT operations.2 The history of cloud computing is characterized by increasing levels of abstraction where responsibilities have shifted from consumers to service providers. Companies and government agencies have moved from managing their own on-premise and agency-owned equipment, to adopting Infrastructure-as-a-Service (IaaS) models that abstract physical hardware, to Platform-as-a-Service (PaaS) models that abstract operating systems. Companies are now experimenting with and implementing serverless computing architectures, which further abstract server and infrastructure management away from consumers and increase the speed to deploy 3 microservices. Serverless is similar to PaaS models in that in both, consumers do not have to worry about patching or monitoring individual servers.
    [Show full text]
  • Lightweight Isolation for Efficient Stateful Serverless Computing
    FAASM: Lightweight Isolation for Efficient Stateful Serverless Computing Simon Shillaker and Peter Pietzuch, Imperial College London https://www.usenix.org/conference/atc20/presentation/shillaker This paper is included in the Proceedings of the 2020 USENIX Annual Technical Conference. July 15–17, 2020 978-1-939133-14-4 Open access to the Proceedings of the 2020 USENIX Annual Technical Conference is sponsored by USENIX. FAASM: Lightweight Isolation for Efficient Stateful Serverless Computing Simon Shillaker Peter Pietzuch Imperial College London Imperial College London Abstract Existing platforms such as Google Cloud Functions [32], Serverless computing is an excellent fit for big data process- IBM Cloud Functions [39], Azure Functions [50] and AWS ing because it can scale quickly and cheaply to thousands of Lambda [5] isolate functions in ephemeral, stateless contain- parallel functions. Existing serverless platforms isolate func- ers. The use of containers as an isolation mechanisms in- tions in ephemeral, stateless containers, preventing them from troduces two challenges for data-intensive applications, data directly sharing memory. This forces users to duplicate and access overheads and the container resource footprint. serialise data repeatedly, adding unnecessary performance Data access overheads are caused by the stateless nature of and resource costs. We believe that a new lightweight iso- the container-based approach, which forces state to be main- lation approach is needed, which supports sharing memory tained externally, e.g. in object stores such as Amazon S3 [6], directly between functions and reduces resource overheads. or passed between function invocations. Both options in- We introduce Faaslets, a new isolation abstraction for high- cur costs due to duplicating data in each function, repeated performance serverless computing.
    [Show full text]
  • Bringing Serverless to Containers with Google Cloud Run
    Bringing serverless to containers with Google Cloud Run Martin Omander Zoë Omander @martinomander @zoe_omander Dec 3, 2019 Lily started the first Pet Theory clinic 12 years ago Lily, veterinarian, Founder of Pet Theory IT growing pains... The appointment system is down... Why can’t I change my appointment online? Michael, client Patrick, IT support I have to call insurance companies all the time. I wasn’t able to send any invoices yesterday. The phone just kept ringing. Deirdre, veterinarian Lisa, receptionist Solid IT is a requirement for my business. As a pilot project, let’s fix the invoice problem first. Lily, veterinarian, Ruby, Founder of Pet Theory Consultant There are two paths to modern cloud systems. Z Containers: Serverless: Docker, Kubernetes FaaS, PaaS Fine-grained control. No infrastructure management. Use any language, binary or library. Fully managed security. Run your code in many places. Pay only for usage. Setup and maintenance work. App is not portable. Provision resources ahead of time. Can’t use any language. Pay for idle resources. Can’t use any binary or library. What if we choose the wrong path? I have read about a new trend in cloud computing... Patrick, IT support Ruby, Consultant Containers Serverless Containers: Serverless: Docker, Kubernetes FaaS, PaaS Fine-grained control. No infrastructure management. Use any language, binary or library. Fully managed security. Run your code in many places. Pay only for usage. Setup and maintenance work. App is not portable. Provision resources ahead of time. Can’t use any language. Pay for idle resources. Can’t use any binary or library.
    [Show full text]
  • Evaluation of Serverless Computing Frameworks Based on Kubernetes
    Aalto University School of Science Degree Programme of Computer Science and Engineering Sunil Kumar Mohanty Evaluation of Serverless Computing Frame- works Based on Kubernetes Master's Thesis Espoo, July 6, 2018 Supervisor: Professor Mario Di Francesco, Aalto University Instructor: Gopika Premsankar M.Sc. (Tech.) Aalto University School of Science ABSTRACT OF Degree Programme of Computer Science and Engineering MASTER'S THESIS Author: Sunil Kumar Mohanty Title: Evaluation of Serverless Computing Frameworks Based on Kubernetes Date: July 6, 2018 Pages: 76 Professorship: Mobile Computing, Services and Secu- Code: SCI3045 rity Supervisor: Professor Mario Di Francesco Instructor: Gopika Premsankar M.Sc. (Tech.) Recent advancements in virtualization and software architectures have led to the birth of the new paradigm of serverless computing. Serverless computing, also known as function-as-a-service, allows developers to deploy functions as comput- ing units without worrying about the underlying infrastructure. Moreover, no resources are allocated or billed until a function is invoked. Thus, the major ben- efits of serverless computing are reduced developer concern about infrastructure, reduced time to market and lower cost. Currently, serverless computing is gener- ally available through various public cloud service providers. However, there are certain bottlenecks on public cloud platforms, such as vendor lock-in, computa- tion restrictions and regulatory restrictions. Thus, there is a growing interest to implement serverless computing on a private infrastructure. One of the preferred ways of implementing serverless computing is through the use of containers. A container-based solution allows to utilize features of existing orchestration frame- works, such as Kubernetes. This thesis discusses the implementation of serverless computing on Kubernetes.
    [Show full text]
  • Faasdom: a Benchmark Suitefor Serverless Computing
    CC-BY 4.0. This is the author’s preprint version of the camera-ready article. A full version of this paper is published in the proceedings of 14th ACM International Conference on Distributed and Event-Based Systems (DEBS 2020). FaaSdom: A Benchmark Suite for Serverless Computing Pascal Maissen Pascal Felber Department of Computer Science Department of Computer Science University of Fribourg, Switzerland University of Neuchâtel, Switzerland [email protected] [email protected] Peter Kropf Valerio Schiavoni Department of Computer Science Department of Computer Science University of Neuchâtel, Switzerland University of Neuchâtel, Switzerland [email protected] [email protected] ABSTRACT Edge Master Serverless computing has become a major trend among cloud User Worker interface function main() { code providers. With serverless computing, developers fully dele- return { payload:'Hello!' code gate the task of managing the servers, dynamically allocating API }; code } the required resources, as well as handling availability and gateway … Dispatcher Event queue Worker Worker fault-tolerance matters to the cloud provider. In doing so, Cloud event … sources code code code code developers can solely focus on the application logic of their software, which is then deployed and completely managed Figure 1: Typical FaaS architecture. The main aspects in the cloud. to benchmark are: performance of a worker (i.e., execu- Despite its increasing popularity, not much is known re- tion speed of a function) and quality of the auto-scaling garding the actual system performance achievable on the mechanism (e.g., allocation of new VMs, how to handle currently available serverless platforms. Specifically, it is flash-crowds [36]).
    [Show full text]
  • Ambitious Data Science Can Be Painless
    Harvard Data Science Review • Issue 1.1, Summer 2019 Ambitious Data Science Can Be Painless Hatef Monajemi, Riccardo Murri, Eric Jonas, Percy Liang, Victoria Stodden, David Donoho Published on: Sep 29, 2019 DOI: 10.1162/99608f92.02c552 License: Creative Commons Attribution 4.0 International License (CC-BY 4.0) Harvard Data Science Review • Issue 1.1, Summer 2019 Ambitious Data Science Can Be Painless ABSTRACT Modern data science research, at the cutting edge, can involve massive computational experimentation; an ambitious PhD in computational fields may conduct experiments consuming several million CPU hours. Traditional computing practices, in which researchers use laptops, PCs, or campus-resident resources with shared policies, are awkward or inadequate for experiments at the massive scale and varied scope that we now see in the most ambitious data science. On the other hand, modern cloud computing promises seemingly unlimited computational resources that can be custom configured, and seems to offer a powerful new venue for ambitious data-driven science. Exploiting the cloud fully, the amount of raw experimental work that could be completed in a fixed amount of calendar time ought to expand by several orders of magnitude. Still, at the moment, starting a massive experiment using cloud resources from scratch is commonly perceived as cumbersome, problematic, and prone to rapid ‘researcher burnout.’ New software stacks are emerging that render massive cloud-based experiments relatively painless, thereby allowing a proliferation of ambitious experiments for scientific discovery. Such stacks simplify experimentation by systematizing experiment definition, automating distribution and management of all tasks, and allowing easy harvesting of results and documentation.
    [Show full text]
  • Volunteer Down: How COVID-19 Created the Largest Idling Supercomputer on Earth
    future internet Perspective Volunteer Down: How COVID-19 Created the Largest Idling Supercomputer on Earth Nane Kratzke Department for Electrical Engineering and Computer Science, Lübeck University of Applied Sciences, 23562 Lübeck, Germany; [email protected] Received: 25 May 2020; Accepted: 3 June 2020; Published: 6 June 2020 Abstract: From close to scratch, the COVID-19 pandemic created the largest volunteer supercomputer on earth. Sadly, processing resources assigned to the corresponding Folding@home project cannot be shared with other volunteer computing projects efficiently. Consequently, the largest supercomputer had significant idle times. This perspective paper investigates how the resource sharing of future volunteer computing projects could be improved. Notably, efficient resource sharing has been optimized throughout the last ten years in cloud computing. Therefore, this perspective paper reviews the current state of volunteer and cloud computing to analyze what both domains could learn from each other. It turns out that the disclosed resource sharing shortcomings of volunteer computing could be addressed by technologies that have been invented, optimized, and adapted for entirely different purposes by cloud-native companies like Uber, Airbnb, Google, or Facebook. Promising technologies might be containers, serverless architectures, image registries, distributed service registries, and all have one thing in common: They already exist and are all tried and tested in large web-scale deployments. Keywords: volunteer computing; cloud computing; grid computing; HPC; supercomputing; microservice; nanoservice; container; cloud-native; serverless; platform; lessons-learned; COVID-19 1. Introduction On 28 April 2020, Greg Bowman—director of the volunteer computing (VC) project Folding@home— posted this on Twitter https://twitter.com/drGregBowman/status/1255142727760543744: @Folding@home is continuing its growth spurt! There are now 3.5 M devices participating, including 2.8 M CPUs (19 M cores!) and 700 K GPUs.
    [Show full text]