DOCSLIB.ORG

A Sense of Time for Node.Js: Timeouts As a Cure for Event Handler Poisoning

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Sense of Time for Node.Js: Timeouts As a Cure for Event Handler Poisoning A Sense of Time for Node.js: Timeouts as a Cure for Event Handler Poisoning Anonymous Abstract—The software development community has begun to new Denial of Service attack that can be used against EDA- adopt the Event-Driven Architecture (EDA) to provide scalable based services. Our Event Handler Poisoning attack exploits web services. Though the Event-Driven Architecture can offer the most important limited resource in the EDA: the Event better scalability than the One Thread Per Client Architecture, Handlers themselves. its use exposes service providers to a Denial of Service attack that we call Event Handler Poisoning (EHP). The source of the EDA’s scalability is also its Achilles’ heel. Multiplexing unrelated work onto the same thread re- This work is the first to define EHP attacks. After examining EHP vulnerabilities in the popular Node.js EDA framework and duces overhead, but it also moves the burden of time sharing open-source npm modules, we explore various solutions to EHP- out of the thread library or operating system and into the safety. For a practical defense against EHP attacks, we propose application itself. Where OTPCA-based services can rely on Node.cure, which defends a large class of Node.js applications preemptive multitasking to ensure that resources are shared against all known EHP attacks by making timeouts a first-class fairly, using the EDA requires the service to enforce its own member of the JavaScript language and the Node.js framework. cooperative multitasking [89]. An EHP attack identifies a way to defeat the cooperative multitasking used by an EDA-based Our evaluation shows that Node.cure is effective, broadly applicable, and offers strong security guarantees. First, we show service, ensuring Event Handler (s) remain dedicated to the that Node.cure defeats all known language- and framework- attacker rather than handling all clients fairly. Our analysis level EHP attacks, including real reported EHP attacks. Second, identifies many EHP vulnerabilities among previously-reported we evaluate its costs, finding that Node.js incurs reasonable npm vulnerabilities, and a sample of npm modules suggests overheads in micro-benchmarks, and low overheads ranging from that EHP vulnerabilities may be an epidemic (xIV). 1.02x (real servers) to 1.24x (middleware). Third, we show that Node.cure offers strong security guarantees against EHP attacks In xV we define criteria for EHP-safety, and use these for the majority of the Node.js ecosystem. criteria to evaluate different EHP defenses (xVI). The general solution we propose is to relax but not eliminate the coop- erative multitasking constraint of the EDA. Our prototype, I. INTRODUCTION Node.cure (xVII), makes timeouts a first-class member of the Node.js framework, and is the first framework we know of that Web services are the lifeblood of the modern Internet. To does so. If an Event Handler in Node.cure blocks, Node.cure handle the demands of millions of clients, service providers will emit a TimeoutError. Although cooperative multitasking replicate their services across many servers. Since every server is ultimately maintained, Node.cure thus informs every Event costs time and money, service providers want to maximize the Handler when it ought to yield. number of clients each server can handle. Over the past decade, this goal has led the software community to seriously consider Our findings on EHP-safety have been corroborated by a paradigm shift in their software architecture — from the One the Node.js community (xIX). We have developed a guide for Thread Per Client Architecture (OTPCA) used in Apache to practitioners on building EHP-proof systems (PR preliminarily the Event-Driven Architecture (EDA) championed by Node.js1. approved), updated the Node.js documentation to warn devel- Although using the EDA may increase the number of clients opers about the perils of particular APIs (two PRs merged), each server can handle, it also exposes the service to a new and submitted a pull request to improve the safety of these class of Denial of Service (DoS) attack unique to the EDA: APIs (PR preliminarily approved). Event Handler Poisoning (EHP). In our evaluation of Node.cure (xVIII), we describe the The OTPCA and the EDA differ in the resources they strong security guarantees against EHP that Node.cure offers, dedicate to each client. In the OTPCA, each client is assigned and demonstrate this by showing that Node.cure defeats rep- a thread, and the overhead associated with each thread limits resentatives of each of the classes of EHP attack. Our cost the number of concurrent clients the service can handle. In the evaluation on micro- and application benchmarks shows that EDA, a small pool of Event Handler threads is shared by all Node.cure introduces acceptable monitoring overhead, as low clients. The per-client overhead is thus smaller in the EDA, as 0% on real server applications. improving scalability. The first steps toward this paper were presented at a Though researchers have investigated application- and workshop2. There we introduced the idea of EHP attacks and language-level security issues that affect many services, we are argued that some previously-reported security vulnerabilities the first to examine the security implications of using the EDA were actually EHP vulnerabilities. We also proposed the “C- from a software architecture perspective. In xIII we describe a WCET Principle”, which we have evaluated and found wanting 1The EDA paradigm is also known as the reactor pattern. 2We omit the reference to meet the double-blind requirement. (xVI-C). Here we offer the complete package: we refine system call3), and pending events are handled sequentially our previous definition of EHP, increase our survey of EHP by an Event Loop. The Event Loop may offload expensive vulnerabilities in the wild, and describe a prototype that offers Tasks to the queue of a small, fixed-size Worker Pool, whose strong security guarantees using timeouts. Workers execute Tasks and generate “Task Done” events for the Event Loop when they finish. One common use of the In summary, our work makes the following contributions: Worker Pool is to provide quasi-asynchronous (blocking but 1) We are the first to define Event Handler Poisoning (EHP) concurrent) access to the file system. (xIII), a DoS attack against the EDA. EHP attacks con- sume Event Handlers, a limited resource in the EDA. Our definition of EHP accommodates all known EHP attacks. 2) After evaluating the solution space for EHP defenses (xVI), we describe a general antidote for Event Handler Poisoning attacks: first-class timeouts (xVII). We demonstrate its effectiveness with a prototype for the popular Node.js EDA framework. To the best of our knowledge, our prototype, Node.cure, is the first EDA framework to incorporate first- class timeouts. 3) We evaluate the security guarantees of timeouts (strong), their costs (small), and their effectiveness (quite) in the Node.js ecosystem (xVIII). 4) We released a guide on EHP-safe techniques for new developers in the EDA, which has been accepted. Our PR Fig. 1. This is the AMPED Event-Driven Architecture. Incoming events from clients A and B are stored in the event queue, and the associated Callbacks improving the safety of Node.js APIs has been accepted (CBs) will be executed sequentially by the Event Loop. The Event Loop may and our PRs documenting unsafe APIs were merged (xIX). generate new events, to be handled by itself later or as Tasks offloaded to the Worker Pool. Alas, B has performed an EHP attack on this service. His evil input (third in the event queue) will eventually poison the Event Loop, and II. BACKGROUND the events after his input will not be handled (xIII-D). In this section we contrast the EDA with the OTPCA (xII-A). We then explain our choice of EDA framework for Application developers must adopt the EDA paradigm study (xII-B), and finish by introducing formative work on when developing EDA-based software. Developers define the Algorithmic Complexity attacks (xII-C). set of possible Event Loop Events for which they supply a set of Callbacks [60]. During the execution of an EDA-based application, events are generated by external activity or internal A. Overview of the EDA processing and routed to the appropriate Callbacks. There are two main architectures for scalable web servers, We refer to the Event Loop and the Workers as Event the established One Thread Per Client Architecture (OTPCA) Handlers. Events for the Event Loop are supplied by the and the upstart Event-Driven Architecture (EDA). In the OT- operating system or the framework, while events for the PCA style, exemplified by the Apache Web Server [61], each Worker Pool (i.e. Tasks) are supplied by the Event Loop. We client is assigned a thread or a process, with a large maximum say that the Event Loop “executes a Callback” in response to number of concurrent clients. The OTPCA model isolates an event, and that a Worker “performs a Task”. A Callback clients from one another, reducing the risk of interference. is executed synchronously on the Event Loop, and a Task is However, each additional client incurs memory and context performed synchronously on a Worker, asynchronously from switching overhead. In contrast, by multiplexing multiple client the Event Loop’s perspective. connections onto a single-threaded Event Loop and offering a small Worker Pool for asynchronous tasks, the EDA approach In the EDA, each Callback and Task is guaranteed atom- reduces a server’s per-client resource use. While the OTPCA icity: once scheduled, it runs to completion. Because there are and EDA architectures have the same expressive power [71], relatively few Event Handlers, cooperative multitasking [89] in practice EDA-based servers can offer greater scaling [84].
Load more

Recommended publications
  • Elastic Storage for Linux on System Z IBM Research & Development Germany
    Peter Münch T/L Test and Development – Elastic Storage for Linux on System z IBM Research & Development Germany Elastic Storage for Linux on IBM System z © Copyright IBM Corporation 2014 9.0 Elastic Storage for Linux on System z Session objectives • This presentation introduces the Elastic Storage, based on General Parallel File System technology that will be available for Linux on IBM System z. Understand the concepts of Elastic Storage and which functions will be available for Linux on System z. Learn how you can integrate and benefit from the Elastic Storage in a Linux on System z environment. Finally, get your first impression in a live demo of Elastic Storage. 2 © Copyright IBM Corporation 2014 Elastic Storage for Linux on System z Trademarks The following are trademarks of the International Business Machines Corporation in the United States and/or other countries. AIX* FlashSystem Storwize* Tivoli* DB2* IBM* System p* WebSphere* DS8000* IBM (logo)* System x* XIV* ECKD MQSeries* System z* z/VM* * Registered trademarks of IBM Corporation The following are trademarks or registered trademarks of other companies. Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. Cell Broadband Engine is a trademark of Sony Computer Entertainment, Inc. in the United States, other countries, or both and is used under license therefrom. Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
    [Show full text]
  • Knot DNS Resolver Release 1.2.0
    Knot DNS Resolver Release 1.2.0 CZ.NIC Labs Apr 25, 2017 Contents 1 Building project 3 1.1 Installing from packages.........................................3 1.2 Platform considerations.........................................3 1.3 Requirements...............................................3 1.4 Building from sources..........................................5 1.5 Getting Docker image..........................................7 2 Knot DNS Resolver library 9 2.1 Requirements...............................................9 2.2 For users.................................................9 2.3 For developers..............................................9 2.4 Writing layers.............................................. 11 2.5 APIs in Lua................................................ 12 2.6 API reference............................................... 15 3 Knot DNS Resolver daemon 47 3.1 Enabling DNSSEC............................................ 47 3.2 CLI interface............................................... 48 3.3 Scaling out................................................ 48 3.4 Running supervised........................................... 49 3.5 Configuration............................................... 49 3.6 Using CLI tools............................................. 64 4 Knot DNS Resolver modules 67 4.1 Static hints................................................ 67 4.2 Statistics collector............................................ 69 4.3 Query policies.............................................. 71 4.4 Views and ACLs............................................
    [Show full text]
  • IBM Spectrum Scale CSI Driver for Container Persistent Storage
    Front cover IBM Spectrum Scale CSI Driver for Container Persistent Storage Abhishek Jain Andrew Beattie Daniel de Souza Casali Deepak Ghuge Harald Seipp Kedar Karmarkar Muthu Muthiah Pravin P. Kudav Sandeep R. Patil Smita Raut Yadavendra Yadav Redpaper IBM Redbooks IBM Spectrum Scale CSI Driver for Container Persistent Storage April 2020 REDP-5589-00 Note: Before using this information and the product it supports, read the information in “Notices” on page ix. First Edition (April 2020) This edition applies to Version 5, Release 0, Modification 4 of IBM Spectrum Scale. © Copyright International Business Machines Corporation 2020. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. iii iv IBM Spectrum Scale CSI Driver for Container Persistent Storage Contents Notices . vii Trademarks . viii Preface . ix Authors. ix Now you can become a published author, too . xi Comments welcome. xii Stay connected to IBM Redbooks . xii Chapter 1. IBM Spectrum Scale and Containers Introduction . 1 1.1 Abstract . 2 1.2 Assumptions . 2 1.3 Key concepts and terminology . 3 1.3.1 IBM Spectrum Scale . 3 1.3.2 Container runtime . 3 1.3.3 Container Orchestration System. 4 1.4 Introduction to persistent storage for containers Flex volumes. 4 1.4.1 Static provisioning. 4 1.4.2 Dynamic provisioning . 4 1.4.3 Container Storage Interface (CSI). 5 1.4.4 Advantages of using IBM Spectrum Scale storage for containers . 5 Chapter 2. Architecture of IBM Spectrum Scale CSI Driver . 7 2.1 CSI Component Overview. 8 2.2 IBM Spectrum Scale CSI driver architecture.
    [Show full text]
  • Safeguard for Privileged Passwords 6.0.9 LTS Release Notes
    Safeguard for Privileged Passwords 6.0.9 LTS Release Notes 03 March 2021, 06:20 These release notes provide information about the Safeguard for Privileged Passwords 6.0.9 LTS release. If you are updating a Safeguard for Privileged Passwords version prior to this release, read the release notes for the version found at: One Identity Safeguard for Privileged Passwords Technical Documentation. For the most recent documents and product information, see One Identity Safeguard for Privileged Passwords Technical Documentation. Release options Safeguard for Privileged Passwords includes two release versions: l Long Term Support (LTS) release, version 6.0.9 LTS l Feature release, version 6.9 The versions align with Safeguard for Privileged Sessions. For more information, see Long Term Support (LTS) and Feature Releases on page 13. About this release Safeguard for Privileged Passwords Version 6.0.9 LTS is a minor LTS release with resolved issues. For more details on the features and resolved issues, see: Safeguard for Privileged Passwords 6.0.9 LTS 1 Release Notes l Resolved issues NOTE: For a full list of key features in Safeguard for Privileged Passwords, see the Safeguard for Privileged Passwords Administration Guide. About the Safeguard product line The Safeguard for Privileged Passwords Appliance is built specifically for use only with the Safeguard for Privileged Passwords privileged management software, which is pre- installed and ready for immediate use. The appliance is hardened to ensure the system is secured at the hardware, operating system, and software levels. The hardened appliance approach protects the privileged management software from attacks while simplifying deployment and ongoing management and shortening the time frame to value.
    [Show full text]
  • Efficient Parallel I/O on Multi-Core Architectures
    Lecture series title/ lecture title Efficient parallel I/O on multi-core architectures Adrien Devresse CERN IT-SDC-ID Thematic CERN School of Computing 2014 1 Author(s) names – Affiliation Lecture series title/ lecture title How to make I/O bound application scale with multi-core ? What is an IO bound application ? → A server application → A job that accesses big number of files → An application that uses intensively network 2 Author(s) names – Affiliation Lecture series title/ lecture title Stupid example: Simple server monothreaded // create socket socket_desc = socket(AF_INET , SOCK_STREAM , 0); // bind the socket bind(socket_desc,(struct sockaddr *)&server , sizeof(server)); listen(socket_desc , 100); //accept connection from an incoming client while(1){ // declarations client_sock = accept(socket_desc, (struct sockaddr *)&client, &c); //Receive a message from client while( (read_size = recv(client_sock , client_message , 2000 , 0)) > 0{ // Wonderful, we have a client, do some useful work std::string msg("hello bob"); write(client_sock, msg.c_str(), msg.size()); } } 3 Author(s) names – Affiliation Lecture series title/ lecture title Stupid example: Let's make it parallel ! int main(int argc, char** argv){ // creat socket void do_work(int socket){ socket_desc = socket(AF_INET , SOCK_STREAM , 0); //Receive a message while( (read_size = // bind the socket recv(client_sock , bind(socket_desc, server , sizeof(server)); client_message , 2000 , 0)) > 0{ listen(socket_desc , 100); // Wonderful, we have a client // useful works //accept connection
    [Show full text]
  • File Systems and Storage
    FILE SYSTEMS AND STORAGE On Making GPFS Truly General DEAN HILDEBRAND AND FRANK SCHMUCK Dean Hildebrand manages the PFS (also called IBM Spectrum Scale) began as a research project Cloud Storage Software team that quickly found its groove supporting high performance comput- at the IBM Almaden Research ing (HPC) applications [1, 2]. Over the last 15 years, GPFS branched Center and is a recognized G expert in the field of distributed out to embrace general file-serving workloads while maintaining its original and parallel file systems. He pioneered pNFS, distributed design. This article gives a brief overview of the origins of numer- demonstrating the feasibility of providing ous features that we and many others at IBM have implemented to make standard and scalable access to any file GPFS a truly general file system. system. He received a BSc degree in computer science from the University of British Columbia Early Days in 1998 and a PhD in computer science from Following its origins as a project focused on high-performance lossless streaming of multi- the University of Michigan in 2007. media video files, GPFS was soon enhanced to support high performance computing (HPC) [email protected] applications, to become the “General Parallel File System.” One of its first large deployments was on ASCI White in 2002—at the time, the fastest supercomputer in the world. This HPC- Frank Schmuck joined IBM focused architecture is described in more detail in a 2002 FAST paper [3], but from the outset Research in 1988 after receiving an important design goal was to support general workloads through a standard POSIX inter- a PhD in computer science face—and live up to the “General” term in the name.
    [Show full text]
  • Message Passing and Network Programming
    Message Passing and Network Programming Advanced Operating Systems Lecture 13 Colin Perkins | https://csperkins.org/ | Copyright © 2017 | This work is licensed under the Creative Commons Attribution-NoDerivatives 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nd/4.0/ or send a letter to Creative Commons, PO Box 1866, Mountain View, CA 94042, USA. Lecture Outline • Actors, sockets, and network protocols • Asynchronous I/O frameworks • Higher level abstractions Colin Perkins | https://csperkins.org/ | Copyright © 2017 2 Message Passing and Network Protocols • Recap: • Actor-based framework for message passing Send to • Each actor has a receive loop other actors Mailbox Actor Calls to one function per state Queue • Receive Message • Messages delivered by runtime system; Receiver processed sequentially Message Done Message Process • Actor can send messages in reply; Message Dispatcher return identity of next state Dequeue • Can we write network code this way? Request next • Send data by sending a message to an actor representing a socket • Receive messages representing data received on a socket Colin Perkins | https://csperkins.org/ | Copyright © 2017 3 Integrating Actors and Sockets Sending Thread Send to other actors Encoder Network Socket Mailbox Actor Queue Parser Receive Message Receiver Message Done Receiving Thread Message Process Message Dispatcher • Conceptually straightforward to integrate Dequeue actors with network code Request next • Runtime system maintains sending and
    [Show full text]
  • Copyright by Tongliang Liao 2017
    Copyright by Tongliang Liao 2017 The Thesis committee for Tongliang Liao certifies that this is the approved version of the following thesis: TAI: Threaded Asynchronous I/O Library for Performance and Portability APPROVED BY SUPERVISING COMMITTEE: Vijaychidambaram Velayudhan Pillai, Supervisor Simon Peter TAI: Threaded Asynchronous I/O Library for Performance and Portability by Tongliang Liao Thesis Presented to the Faculty of the Graduate School of the University of Texas at Austin in Partial Fulfillment of the Requirements for the Degree of Master of Science in Computer Science The University of Texas at Austin Dec 2017 TAI: Threaded Asynchronous I/O Library for Performance and Portability by Tongliang Liao, M.S.C.S The University of Texas at Austin, 2017 Supervisor: Vijaychidambaram Velayudhan Pillai In this paper, we investigate the behavior and performance of disk I/O using different types of libraries. We analyze the scenario where we can benefit from asyn- chronous I/O, and propose our cross-platform library design called TAI (Threaded Async I/O). TAI is designed to be a C++17 library with developer-friendly API. Our benchmark shows it can out-perform other libraries when asynchronous I/O is beneficial, and keep competitive speed in other cases. It also demonstrates TAI’s ability to retrieve 20% - 60% speedup on poorly scaled serial code by a simple library replacement. iv Table of Contents 1 Introduction 1 1.1 Related Work .................................................................................. 2 1.2 Background ..................................................................................... 2 1.2.1 POSIX Sync I/O ................................................................... 3 1.2.2 POSIX AIO .......................................................................... 3 1.2.3 C/C++ Standard I/O Functions............................................
    [Show full text]
  • Filesystems HOWTO Filesystems HOWTO Table of Contents Filesystems HOWTO
    Filesystems HOWTO Filesystems HOWTO Table of Contents Filesystems HOWTO..........................................................................................................................................1 Martin Hinner < [email protected]>, http://martin.hinner.info............................................................1 1. Introduction..........................................................................................................................................1 2. Volumes...............................................................................................................................................1 3. DOS FAT 12/16/32, VFAT.................................................................................................................2 4. High Performance FileSystem (HPFS)................................................................................................2 5. New Technology FileSystem (NTFS).................................................................................................2 6. Extended filesystems (Ext, Ext2, Ext3)...............................................................................................2 7. Macintosh Hierarchical Filesystem − HFS..........................................................................................3 8. ISO 9660 − CD−ROM filesystem.......................................................................................................3 9. Other filesystems.................................................................................................................................3
    [Show full text]
  • Overview Guide Release 21B F45060-01
    Oracle Utilities Customer Care and Billing Cloud Service Overview Guide Release 21B F45060-01 August 2021 Oracle Utilities Customer Care and Billing Cloud Service Release 21B Overview Guide Copyright © 2012, 2021 Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users are "commercial computer software" or "commercial computer software documentation"
    [Show full text]
  • Industrial Ethernet Quick and Simple Explanation of Key Terms
    Industrial Ethernet Quick and simple explanation of key terms EN_Bro_Glossar_Netzwerktechnik_A6_Rev02.indd 1 26.05.14 15:26 Industrial Ethernet The use of industrial Ethernet communication offers many advantages and is becoming more common in the automation of production plants and machinery. Many new technical terms from the IT world are also being used in this context among industrial users. In this glossary, we have listed and explained the main techni- cal terms from the field of Industrial Ethernet – we make Ethernet easy. 2 PHOENIX CONTACT EN_Bro_Glossar_Netzwerktechnik_A6_Rev02.indd 2 26.05.14 15:26 Table of contents Glossary Pages 04 – 45 IEEE standards Pages 46 – 47 PHOENIX CONTACT 3 EN_Bro_Glossar_Netzwerktechnik_A6_Rev02.indd 3 26.05.14 15:26 Industrial Ethernet 10Base-T Standard for data transmission of 10 Mbps Ethernet using unshielded twisted pair cables (Category 3, 4 or 5). 100Base-FX Standard for data transmission of 100 Mbps Ethernet using fiber optic cables. 100Base-TX Standard for data transmission of 100 Mbps Ethernet using twisted pair cables (Category 5). Each connection is established via two wire pairs, one wire pair for “transmit data” and the other for “receive data”. 100Base-T Fast Ethernet; 100Base-T has been officially elevated to an IEEE standard as ITU 802.3u. This standard is essentially based on technologies for 10Base-T, the Ethernet version for twisted pair cables. There are several versions of 100Base-T, which differ with respect to the physical layer and therefore the transmission media: 100Base-TX, 100Base-T2, 100Base-T4, and 100Base-FX. With this method, the MAC level and therefore the conventional CSMA/CD access method are retained at a transmission speed of 100 Mbps.
    [Show full text]
  • Shared File Systems: Determining the Best Choice for Your Distributed SAS® Foundation Applications Margaret Crevar, SAS Institute Inc., Cary, NC
    Paper SAS569-2017 Shared File Systems: Determining the Best Choice for your Distributed SAS® Foundation Applications Margaret Crevar, SAS Institute Inc., Cary, NC ABSTRACT If you are planning on deploying SAS® Grid Manager and SAS® Enterprise BI (or other distributed SAS® Foundation applications) with load balanced servers on multiple operating systems instances, , a shared file system is required. In order to determine the best shared file system choice for a given deployment, it is important to understand how the file system is used, the SAS® I/O workload characteristics performed on it, and the stressors that SAS Foundation applications produce on the file system. For the purposes of this paper, we use the term "shared file system" to mean both a clustered file system and shared file system, even though" shared" can denote a network file system and a distributed file system – not clustered. INTRODUCTION This paper examines the shared file systems that are most commonly used with SAS and reviews their strengths and weaknesses. SAS GRID COMPUTING REQUIREMENTS FOR SHARED FILE SYSTEMS Before we get into the reasons why a shared file system is needed for SAS® Grid Computing, let’s briefly discuss the SAS I/O characteristics. GENERAL SAS I/O CHARACTERISTICS SAS Foundation creates a high volume of predominately large-block, sequential access I/O, generally at block sizes of 64K, 128K, or 256K, and the interactions with data storage are significantly different from typical interactive applications and RDBMSs. Here are some major points to understand (more details about the bullets below can be found in this paper): SAS tends to perform large sequential Reads and Writes.
    [Show full text]