Скачать презентацию Elastic Provisioning In Virtual Private Clouds Prashant Shenoy Скачать презентацию Elastic Provisioning In Virtual Private Clouds Prashant Shenoy

d55eed2491fa4e4c6d2c3fba165a33ae.ppt

  • Количество слайдов: 22

Elastic Provisioning In Virtual Private Clouds Prashant Shenoy University of Massachusetts Amherst *Joint work Elastic Provisioning In Virtual Private Clouds Prashant Shenoy University of Massachusetts Amherst *Joint work with Tim Wood, K. K Ramakrishnan and Kobus Van Der Merwe

Cloud Computing Cloud Platform types: • Software as a Service – • Hotmail, Google Cloud Computing Cloud Platform types: • Software as a Service – • Hotmail, Google Docs Platform as a Service – • Cloud Platform Google App Engine, Microsoft Azure Infrastructure as a Service – Amazon EC 2, VMware v. Cloud Rent computation and storage resources on demand • Accessed by multiple enterprise sites Enterprise Sites

Enterprise Cloud Challenges Existing cloud platforms do not meet the needs of enterprise customers Enterprise Cloud Challenges Existing cloud platforms do not meet the needs of enterprise customers • Insufficient security controls – • Need isolation at server and network level Deployment is difficult Cloud resources are completely separate from local ones – Can’t make VMs look like part of existing LAN – • Limited control over network resources Cannot specify network topology or IP addresses – Cannot reserve bandwidth for network links – • Inadequate support for Cross-Data center Management

Moving to the Cloud Acme wants to move part of its payroll app into Moving to the Cloud Acme wants to move part of its payroll app into the cloud Acme LAN Front End Reports Processing Tier Cloud Platform Data Store

Problem #1: Transparency Application may have been written for LAN environment – Might utilize Problem #1: Transparency Application may have been written for LAN environment – Might utilize broadcast or LAN service discovery Must add Internet gateways for apps previously on LAN Now must communicate via public IPs or configure DNS Lack of transparency causes application modifications and infrastructure reconfigurations Acme LAN Front End front. acme. com GW Cloud Platform Processing proc. cloud. com Data Store data. acme. com GW

Problem #2: Security Acme’s servers are now accessible from the public internet! – Servers Problem #2: Security Acme’s servers are now accessible from the public internet! – Servers formerly on secure LAN now exposed to malicious users Must configure firewall rules to limit access – Fine grain rules are difficult to manage in dynamic environments Acme LAN Front End front. acme. com Lack of secure cloud connections exposes enterprise to threats from both in and out of the cloud Cloud Platform Processing proc. cloud. com Data Store data. acme. com Hacker 123 hax. cloud. com

Problem #3: Flexible Resource Mgmt Benefit of cloud computing: ability to easily adjust resource Problem #3: Flexible Resource Mgmt Benefit of cloud computing: ability to easily adjust resource capacities and add new VMs After a change must deal with transparency and security issues all over again! – Current platforms do not support network resource reservation (Bandwidth/Qo. S guarantees) – Enterprises want control over network resources. Cloud must support dynamic changes Acme LAN Front End front. acme. com Data Store data. acme. com Cloud Platform +1 +1 +1 Processing proc. cloud. com Processing #2 proc 2. cloud. com

Problem #4: Cross Data Center Management Enterprise IT services spread across in-house and cloud Problem #4: Cross Data Center Management Enterprise IT services spread across in-house and cloud data centers. May be spread across multiple cloud sites Need the ability to flexibly manage, provision and optimize across data centers Follow-the-sun, energy optimizations, Current platforms: Limited support for cross-data center optimizations

Key Observation Existing cloud platforms only cover storage and computation Cloud Platform Disk VM Key Observation Existing cloud platforms only cover storage and computation Cloud Platform Disk VM + + Enterprise Sites Enterprise Clouds need control over the network as well

Virtual Private Clouds A Virtual Private Cloud is… A secure collection of server, storage, Virtual Private Clouds A Virtual Private Cloud is… A secure collection of server, storage, and network resources spanning one or more cloud data centers – That is seamlessly connected to one or more enterprise sites – VM Enterprise Sites VM VM VM Cloud Sites Virtual Private Networks (VPNs) Layer 2 and 3 MPLS based VPNs – Created by network provider with no end host configuration – Already used by many businesses! –

VPC Benefits For the customer: – Isolates network & compute resources • Cloud resources VPC Benefits For the customer: – Isolates network & compute resources • Cloud resources are only accessible through VPN – Simplifies deployment since cloud looks same as local resources – Unifies resource pools across cloud/data center sites For the service provider: – Provides mechanism for control over resource reservation within provider network – Simplifies management of multiple data centers by combining them into large resource pools

VPC Challenges & Solutions Existing cloud platforms do not integrate with network service providers VPC Challenges & Solutions Existing cloud platforms do not integrate with network service providers • Must coordinate with ISP to create VPN endpoints • VPN endpoints must be linked to VLANs within the cloud data center VPN endpoints are traditionally static • Utilize virtual routers with programmable interfaces to rapidly create and reconfigure routers • Use BGP signaling to dynamically adjust VPN topology

Cloud. Net Cloud Manager • Allocates computation and storage resources • Manages VLAN assignment Cloud. Net Cloud Manager • Allocates computation and storage resources • Manages VLAN assignment within cloud network Network Manager • Creates and configure VPN endpoints • Routers Customer Edge Reserves network resources Network Manager VPN Provider Edge Cloud Manager VLAN VM VM

WAN Migration Change the scale of provisioning from managing servers on a rack to WAN Migration Change the scale of provisioning from managing servers on a rack to managing resources across data centers Key building block: ability to migrate applications across data centers Existing approach: LAN-based VM migration VPC enable VM migration over WAN!

WAN Migration Layer 2 VPNs make WAN act like a LAN Can use existing WAN Migration Layer 2 VPNs make WAN act like a LAN Can use existing LAN migration techniques to move across WAN

WAN Migration Layer 2 VPNs make WAN act like a LAN CE Customer Site WAN Migration Layer 2 VPNs make WAN act like a LAN CE Customer Site PE Cloud Site 1 A VLAN PE B ARP! Layer 2 VPN (VPLS) CE Router ARP! PE VLAN Switch VPN endpoint Can use existing LAN migration techniques to move across WAN B Cloud Site 2

WAN Migration Challenges Performance over WAN is problematic Lower bandwidth and higher latencies imply WAN Migration Challenges Performance over WAN is problematic Lower bandwidth and higher latencies imply longer migration/pause times Storage may or may not be shared will need to migrate storage as well

Cloud. Net WAN Migration • Once connectivity is setup, migration requires Storage Migration • Cloud. Net WAN Migration • Once connectivity is setup, migration requires Storage Migration • Live Memory Migration • • Storage Migration is done through a combination of Asynchronous Copy of disk storage to remote site initially • Synchronous copy of incremental updates subsequently during live memory migration • • Live Memory Migration needs to balance multiple needs Total Migration Time for live memory (reduced application performance) • Pause Time (application has to be quiescent for final transfer) • Amount of Data Transfer (Bandwidth Requirement) • Page 18

Optimizations • WAN optimizations Dynamic Stop and Copy • Content Based Redundancy • Incremental Optimizations • WAN optimizations Dynamic Stop and Copy • Content Based Redundancy • Incremental updates (page deltas) • • Overall benefit is significant reduction in migration and pause times, especially for limited bandwidth between sites • Preliminary results: • 65% data reduction, 3 x reduction in migration times across data centers in Texas and Illinois Page 19

Performance of Cloud. Net Live Migration over WANs TPC-W Page 20 Kernel Spec. JBB Performance of Cloud. Net Live Migration over WANs TPC-W Page 20 Kernel Spec. JBB

Summary Cloud Computing for enterprises requires: • Security • Transparency • Flexibility Cloud. Net Summary Cloud Computing for enterprises requires: • Security • Transparency • Flexibility Cloud. Net can help provide these features • Defines interface between cloud platform and network provider • Uses VPNs for secure, seamless connections • Employs virtualization at server, router, and network levels to improve agility and efficiency • Implements optimizations to reduce latency of WAN migration • Future work : “DR on a Cloud” – Utilize VPLS to simplify deployment of high availability services across WAN

Questions? More at http: //lass. cs. umass. edu Questions? More at http: //lass. cs. umass. edu