How to Build Agile Cloud Systems: Challenges and Enabling Technologies
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Evaluating and Optimizing I/O Virtualization in Kernel-Based Virtual Machine (KVM)
Evaluating and Optimizing I/O Virtualization in Kernel-based Virtual Machine (KVM) Binbin Zhang1, Xiaolin Wang1, Rongfeng Lai1, Liang Yang1, Zhenlin Wang2, Yingwei Luo1, and Xiaoming Li1 1 Dept. of Computer Science and Technology, Peking University, Beijing, China, 100871 2 Dept. of Computer Science, Michigan Technological University, Houghton, USA {wxl,lyw}@pku.edu.cn, [email protected] Abstract. I/O virtualization performance is an important problem in KVM. In this paper, we evaluate KVM I/O performance and propose several optimiza- tions for improvement. First, we reduce VM Exits by merging successive I/O instructions and decreasing the frequency of timer interrupt. Second, we simplify the Guest OS by removing redundant operations when the guest OS operates in a virtual environment. We eliminate the operations that are useless in the virtual environment and bypass the I/O scheduling in the Guest OS whose results will be rescheduled in the Host OS. We also change NIC driver’s con- figuration in Guest OS to adapt the virtual environment for better performance. Keywords: Virtualization, KVM, I/O Virtualization, Optimization. 1 Introduction Software emulation is used as the key technique in I/O device virtualization in Ker- nel-based Virtual Machine (KVM). KVM uses a kernel module to intercept I/O re- quests from a Guest OS, and passes them to QEMU, an emulator running on the user space of Host OS. QEMU translates these requests into system calls to the Host OS, which will access the physical devices via device drivers. This implementation of VMM is simple, but the performance is usually not satisfactory because multiple environments are involved in each I/O operation that results in multiple context switches and long scheduling latency. -
Open Virtualization Infrastructure for Large Telco: How Turkcell Adopted Ovirt for Its Test and Development Environments
Open Virtualization Infrastructure for large Telco: How Turkcell adopted oVirt for its test and development environments DEVRIM YILMAZ SAYGIN BAKTIR Senior Expert Cloud Engineer Cloud Systems Administrator 09/2020 This presentation is licensed under a Creative Commons Attribution 4.0 International License About Turkcell ● Turkcell is a digital operator headquartered in Turkey ● Turkcell Group companies operate in 5 countries – Turkey, Ukraine, Belarus, Northern Cyprus, Germany ● Turkcell is the only NYSE-listed company in Turkey. ● www.turkcell.com.tr 3 Business Objectives ● Alternative solutions compatible with Turkcell operational and security standards ● Dissemination of open source infrastructure technologies within the company ● Competitive infrastructure with cost advantage 3 The journey of oVirt 4 The Journey of oVirt 3. Step three 1. Research & 2. Go-Live 3. Go-Live 4. Private Cloud 5. Go-Live Development Phase-1 Phase-2 Automation RHV 5 Research & Development ● Motivation Factors ○ Cost 1. Research & ○ Participation Development ○ Regulation ○ Independence ○ Expertise ● Risk Factors ○ Security ○ Quality ○ Compliance ○ Support ○ Worst Practices 6 Research & Development ● Why oVirt? ○ Open Source licensing 1. Research & ○ Community contribution Development ○ The same roadmap with commercial product ○ Support via subscription if required ○ Adequate features for enterprise management ○ Rest API support 6 Research & Development ● Difficulties for new infra solution ○ Integration with current infrastructure 1. Research & - Centralized Management Development - Certified/Licensed Solutions - Integration Cost ○ Incident & Problem Management - 3rd Party Support - Support with SLA ○ Acquired Habits - Customer Expectations - Quality of IT Infrastructure Services 6 Research & Development ● What we achieved ○ Building of PoC environment 1. Research & ○ V2V Migration Development ○ Upgrade Tests starting with v.4.3.2 ○ Functional Tests ○ Backup Alternative Solutions 6 Go-Live Phase-1 ● Phase-1 contains : ○ Building of new oVirt platform with unused h/w 2. -
Virtualizing Your Network: Benefits & Challenges
Network Monitoring Technology Virtualizing Your Network: Benefits & Challenges What is Virtualization? factory or process plant. Virtualization can give this software Gartner Research1 defined network virtualization as the a longer operating lifecycle time, and can save both costs process of combining hardware and software network and intellectual property. resources and functionality into a single virtual network. This offers access to routing features and data streams that can provide newer, service-aware, resilient solutions; newer security services that are native within network elements; support for subscriber-aware policy control for peer-to- peer traffic management; and application-aware, real-time session control for converged voice and video applications with guaranteed bandwidth on-demand. For the most part, when we speak of virtualization, we speak of hardware virtualization. That means that we create, on a host machine, a virtual machine that looks like another computer with an operating system and software. The software on the virtual machine is separate from the host machine’s resources, and as far as it is concerned, it is running on its own computer (that we call the guest). Both in information technology (IT) and in operational technology (OT) environments the benefits of virtualization have led to its rapid adoption. This white paper is not a prescriptive guide to network virtualization, rather it is a high-level overview focused on the benefits and challenges of network virtualization. While it will Desktop virtualization separates the logical desktop from review the benefits, it will also cover the specific challenges the actual hardware. Virtual desktop infrastructure (VDI) network administrators and their respective businesses should permits the user to interact with the computer through understand to cost-effectively apply this technology to gain another host computer or device on a network connection. -
Based Services Using XRI-Based Apis for Enabling New E-Business
International Journal of E-Business Development May. 2013, Vol. 3 Iss. 2, PP. 64-74 An Approach for the Composition of Generic Cloud- Based Services Using XRI-Based APIs for Enabling New E-Business Antonio Celesti1, Francesco Tusa2, Massimo Villari3, Antonio Puliafito4 DICIEAMA, Università degli Studi di Messina Contrada Di Dio, S. Agata 98166, Messina, Italia [email protected]; [email protected]; [email protected]; [email protected] Abstract-Nowadays, cloud computing offers more and more business opportunities, and thanks to the concept of virtualization, different types of cost-effective Cloud-based services have been rising. Virtualization of computing, storage, and networking resources, and their interconnection is at the heart of cloud computing, hence enabling new E-Business scenarios. In such a context, APIs for enabling Cloud-based services are strongly required, nevertheless, methods, mechanisms and tools for exploiting virtualized resources and their utilization for developing anything as a service (*aaS) are still ad-hoc and/or proprietary in nature. In this paper, we discuss how to use an adaptive standard protocol, i.e., XRI, for enabling cloud service providers to arrange their own Cloud- based services, building them on top of the IaaS provided by other service providers. Keywords- Cloud Computing; Cloud Management; Federation; Service Composition; E-Business I. INTRODUCTION Today, cloud computing represents a tempting business opportunity for ICT operators of increasing their revenues [1,2]. The cloud ecosystem begins to be clearer and the role played by cloud service providers appears more defined than the past. Moreover, the number of new public, private, and hybrid clouds rising all over the world is continually growing [3]. -
Deliverable No. 5.3 Techniques to Build the Cloud Infrastructure Available to the Community
Deliverable No. 5.3 Techniques to build the cloud infrastructure available to the community Grant Agreement No.: 600841 Deliverable No.: D5.3 Deliverable Name: Techniques to build the cloud infrastructure available to the community Contractual Submission Date: 31/03/2015 Actual Submission Date: 31/03/2015 Dissemination Level PU Public X PP Restricted to other programme participants (including the Commission Services) RE Restricted to a group specified by the consortium (including the Commission Services) CO Confidential, only for members of the consortium (including the Commission Services) Grant Agreement no. 600841 D5.3 – Techniques to build the cloud infrastructure available to the community COVER AND CONTROL PAGE OF DOCUMENT Project Acronym: CHIC Project Full Name: Computational Horizons In Cancer (CHIC): Developing Meta- and Hyper-Multiscale Models and Repositories for In Silico Oncology Deliverable No.: D5.3 Document name: Techniques to build the cloud infrastructure available to the community Nature (R, P, D, O)1 R Dissemination Level (PU, PP, PU RE, CO)2 Version: 1.0 Actual Submission Date: 31/03/2015 Editor: Manolis Tsiknakis Institution: FORTH E-Mail: [email protected] ABSTRACT: This deliverable reports on the technologies, techniques and configuration needed to install, configure, maintain and run a private cloud infrastructure for productive usage. KEYWORD LIST: Cloud infrastructure, OpenStack, Eucalyptus, CloudStack, VMware vSphere, virtualization, computation, storage, security, architecture. The research leading to these results has received funding from the European Community's Seventh Framework Programme (FP7/2007-2013) under grant agreement no 600841. The author is solely responsible for its content, it does not represent the opinion of the European Community and the Community is not responsible for any use that might be made of data appearing therein. -
MCP Q4`18 Release Notes Version Q4-18 Mirantis Cloud Platform Release Notes Version Q4`18
MCP Q4`18 Release Notes version q4-18 Mirantis Cloud Platform Release Notes version Q4`18 Copyright notice 2021 Mirantis, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. No part of this publication may be reproduced in any written, electronic, recording, or photocopying form without written permission of Mirantis, Inc. Mirantis, Inc. reserves the right to modify the content of this document at any time without prior notice. Functionality described in the document may not be available at the moment. The document contains the latest information at the time of publication. Mirantis, Inc. and the Mirantis Logo are trademarks of Mirantis, Inc. and/or its affiliates in the United States an other countries. Third party trademarks, service marks, and names mentioned in this document are the properties of their respective owners. ©2021, Mirantis Inc. Page 2 Mirantis Cloud Platform Release Notes version Q4`18 What’s new This section provides the details about the features and enhancements introduced with the latest MCP release version. Note The MCP integration of the community software projects, such as OpenStack, Kubernetes, OpenContrail, and Ceph, includes the integration of the features which the MCP consumers can benefit from. Refer to the MCP Q4`18 Deployment Guide for the software features that can be deployed and managed by MCP DriveTrain. MCP DriveTrain • Encryption of sensitive data in the Reclass model • Galera verification and restoration pipeline • Jenkins version upgrade • Partitioning table for the VCP images Encryption of sensitive data in the Reclass model SECURITY Implemented the GPG encryption to protect sensitive data in the Git repositories of the Reclass model as well as the key management mechanism for secrets encryption and decryption. -
VDI with UDS Enterprise and Microsoft Hyper-V
UDS Enterprise VDI with UDS Enterprise & Microsoft Hyper-V www.udsenterprise.com About UDS Enterprise UDS Enterprise functionalities UDS Enterprise is a multiplatform connection broker . Scalable platform. It supports configurations for: in high availability by deploying several UDS Enterprise brokers in cluster . VDI: Windows and Linux virtual desktops . Unlimited number of configurations thanks to administration and deployment its additional module management system . Windows and Linux app virtualization and the definition of configuration variables . Desktop services consolidation on two levels: . Remote access to physical and virtual devices o Definition of configuration variables at system level UDS Enterprise is ideal for managing workstations o Definition of independent module because, among other functions, it allows you to configuration variables perform the following tasks: . Virtual desktop cache system in two levels for fast connection . Manage the life cycle of the endpoint . Administer and manage Windows and Linux . Management of unlimited services (Microsoft virtual desktops, virtualized applications and Hyper-V, Microsoft Azure, VMware vSphere, IP services deployed on different platforms Nutanix Acropolis, OpenNebula, OpenStack, from a single console Proxmox, oVirt, Terminal Server…) . Connect users and user groups of different . Unlimited user and device authentication authentication systems at the same time with systems (AD, Microsoft Azure Active virtual desktops and different IP services Directory, eDirectory, LDAP, SAML, internal . Connect users with remote desktop services by enabling one or more connection authentication system, authentication by IP) protocols at the same time . Log visualization system and system . Define policies for the use of deployed virtual statistics desktops or other resources . Deployment of virtual desktops in multiple . Deploy template-based virtual desktops hypervisors at the same time and managed . -
Model to Implement Virtual Computing Labs Via Cloud Computing Services
S S symmetry Article Model to Implement Virtual Computing Labs via Cloud Computing Services Washington Luna Encalada 1,2,* ID and José Luis Castillo Sequera 3 ID 1 Department of Informatics and Electronics, Polytechnic School of Chimborazo, Riobamba 060155, EC, Ecuador 2 Department of Doctorate in Systems Engineering and Computer Science, National University of San Marcos, Lima 15081, Peru; [email protected] 3 Department of Computer Sciences, Higher Polytechnic School, University of Alcala, 28871 Alcala de Henares, Spain; [email protected] * Correspondence: [email protected]; Tel.: +593-032-969-472 Academic Editor: Yunsick Sung Received: 1 May 2017; Accepted: 3 July 2017; Published: 13 July 2017 Abstract: In recent years, we have seen a significant number of new technological ideas appearing in literature discussing the future of education. For example, E-learning, cloud computing, social networking, virtual laboratories, virtual realities, virtual worlds, massive open online courses (MOOCs), and bring your own device (BYOD) are all new concepts of immersive and global education that have emerged in educational literature. One of the greatest challenges presented to e-learning solutions is the reproduction of the benefits of an educational institution’s physical laboratory. For a university without a computing lab, to obtain hands-on IT training with software, operating systems, networks, servers, storage, and cloud computing similar to that which could be received on a university campus computing lab, it is necessary to use a combination of technological tools. Such teaching tools must promote the transmission of knowledge, encourage interaction and collaboration, and ensure students obtain valuable hands-on experience. -
Attacker Chatbots for Randomised and Interactive Security Labs, Using Secgen and Ovirt
Hackerbot: Attacker Chatbots for Randomised and Interactive Security Labs, Using SecGen and oVirt Z. Cliffe Schreuders, Thomas Shaw, Aimée Mac Muireadhaigh, Paul Staniforth, Leeds Beckett University Abstract challenges, rewarding correct solutions with flags. We deployed an oVirt infrastructure to host the VMs, and Capture the flag (CTF) has been applied with success in leveraged the SecGen framework [6] to generate lab cybersecurity education, and works particularly well sheets, provision VMs, and provide randomisation when learning offensive techniques. However, between students. defensive security and incident response do not always naturally fit the existing approaches to CTF. We present 2. Related Literature Hackerbot, a unique approach for teaching computer Capture the flag (CTF) is a type of cyber security game security: students interact with a malicious attacker which involves collecting flags by solving security chatbot, who challenges them to complete a variety of challenges. CTF events give professionals, students, security tasks, including defensive and investigatory and enthusiasts an opportunity to test their security challenges. Challenges are randomised using SecGen, skills in competition. CTFs emerged out of the and deployed onto an oVirt infrastructure. DEFCON hacker conference [7] and remain common Evaluation data included system performance, mixed activities at cybersecurity conferences and online [8]. methods questionnaires (including the Instructional Some events target students with the goal of Materials Motivation Survey (IMMS) and the System encouraging interest in the field: for example, PicoCTF Usability Scale (SUS)), and group interviews/focus is an annual high school competition [9], and CSAW groups. Results were encouraging, finding the approach CTF is an annual competition for students in Higher convenient, engaging, fun, and interactive; while Education (HE) [10]. -
Energy Efficiency in Office Computing Environments
Fakulät für Informatik und Mathematik Universität Passau, Germany Energy Efficiency in Office Computing Environments Andreas Berl Supervisor: Hermann de Meer A thesis submitted for Doctoral Degree March 2011 1. Reviewer: Prof. Hermann de Meer Professor of Computer Networks and Communications University of Passau Innstr. 43 94032 Passau, Germany Email: [email protected] Web: http://www.net.fim.uni-passau.de 2. Reviewer: Prof. David Hutchison Director of InfoLab21 and Professor of Computing Lancaster University LA1 4WA Lancaster, UK Email: [email protected] Web: http://www.infolab21.lancs.ac.uk Abstract The increasing cost of energy and the worldwide desire to reduce CO2 emissions has raised concern about the energy efficiency of information and communica- tion technology. Whilst research has focused on data centres recently, this thesis identifies office computing environments as significant consumers of energy. Office computing environments offer great potential for energy savings: On one hand, such environments consist of a large number of hosts. On the other hand, these hosts often remain turned on 24 hours per day while being underutilised or even idle. This thesis analyzes the energy consumption within office computing environments and suggests an energy-efficient virtualized office environment. The office environment is virtualized to achieve flexible virtualized office resources that enable an energy-based resource management. This resource management stops idle services and idle hosts from consuming resources within the office and consolidates utilised office services on office hosts. This increases the utilisation of some hosts while other hosts are turned off to save energy. The suggested architecture is based on a decentralized approach that can be applied to all kinds of office computing environments, even if no centralized data centre infrastructure is available. -
Google Cloud Platform (GCP): Возможности И Преимущества
Google Cloud Platform (GCP): возможности и преимущества Дмитрий Новаковский, Олег Ивонин Январь 2017 Кто мы? Дмитрий Новаковский / [email protected] ● Customer Engineer @ Google Netherlands B.V. ● Поддержка продаж и разработка решений на основе GCE, GKE, GAE ● В прошлом: ○ IaaS/PaaS (OpenStack @ Mirantis) ○ SaaS (ETAdirect @ TOA Technologies/Oracle) Олег Ивонин / [email protected] ● Cloud Web Solutions Engineer @ Google Netherlands B.V. ● Разработка инструментов для анализа стоимости конфигураций и планирования архитектуры облачных решений на основе GCP ○ Google Cloud Platform Pricing Calculator и другие О чем мы расскажем? ● Часть 1: Google Cloud Platform 101 ○ Наборы облачных сервисов и их назначение ○ Преимущества на рынке ● Часть 2: Инфраструктурные сервисы GCP (IaaS/PaaS) ○ GCE - Виртуальные машины ○ GKE - Оркестрация Docker контейнеров ○ GAE - NoOps/PaaS окружения ● Часть 3: Big Data и Machine Learning инструменты GCP ● Часть 4: Примеры, итоги и вопросы/ответы Disclaimer Google Cloud Platform 4 Часть 1: Google Cloud Platform 101 Google Cloud Platform 5 Путь IT-инфраструктуры в “облако” Storage Processing Memory Network Storage Processing Memory Network Physical / Self-Service / Serverless / Colo / VPS Elastic / IaaS NoOps / PaaS Google Cloud Platform 6 Что такое Google Cloud Platform? GCP - это набор коммерческих облачных сервисов, основанных на разработках и опыте Google в для собственных продуктов: ● Google Search ● YouTube ● Google Maps ● и др. Google’s Data Research Flume MapReduce Dremel Millwheel TensorFlow GFS Megastore -
Automated System and Service Monitoring with Openqrm and Nagios
Name: Matthias Rechenburg Email: [email protected] Organization: the openQRM project Copyright (C) 2007 Matthias Rechenburg This document is released under the GNU/GPL Automated system and service monitoring with openQRM and Nagios The first step to make sure all systems and services in a data centers are running well is to monitor them. A well-known, proven and widely used monitoring tool is Nagios which is available for openQRM in the flavor of an additional plugin. The second, also essential, step is the automatic handling of errors, what openQRM is famous for. The combination of the enhanced monitoring utility Nagios and the automated error-handling, high-availability and fail-over features of the openQRM data center management platform creates a powerful and dynamic environment which reduces down-time of systems and services in a modern data center to the minimum. Common data center scenarios and their challenges In a common data center setup there are different server “islands” for specific purposes as databases, web-servers, infrastructure and communication systems, network-devices, storage-servers, etc. Also, often there is a separation between production-, QA- and development environment. Each section of the data center has its own specific setup, mostly a very special, static installation, maintained by one or more administrators. To make it worse, each section may have different service-level-agreements (SLA) which generates additional complexity for the service- and system-monitoring infra- structure. Also common for data centers is that new systems are added sequentially while other systems are fully underutilized, just consuming power and producing heat. Turning to fully automated system- and service monitoring With the increasing number of systems and the resulting complexity the goal is to reach a level of fully automated service- and system-monitoring which is easy to setup and maintain and which provides an automated error-handling to gain high-availability at system- and service-level for the complete data center environment.