From Sandbox to Playground: Virtual Environments and Quality of Service in the Grids Kate Keahey keahey@mcs. anl. gov Argonne National Laboratory
What are Grids? l Power Grid analogy: remote computing power can be accessible from your laptop in much the same way as electricity is delivered to your home IEEE Fox Valley Subsection Kate Keahey
How do Grids work today? l From Grid Services… u u u l Discover remote resources Start jobs on remote resources Authenticate and authorize users and other entities Transfer data Globus Toolkit: a de facto standard in Grid technologies … to commodity Grid usage u u u Combining and automating the use of basic Grid services Utility computing paradigm Provide reliable, adaptive, Qo. S-based execution of specific tasks IEEE Fox Valley Subsection Kate Keahey
Grid Capabilities Today Access Grid: enable people, presentation software and programs to interact Computational Grid: use access to powerful resources to run a genome analysis service Data Grid: combine distributed data and access storage within one similation Experiment Grid: combine multiple technologies in support of an experiment IEEE Fox Valley Subsection Kate Keahey
First, a little bit of theory… “Resource sharing & coordinated problem solving in dynamic, multi-institutional virtual organizations” Single sign-on creates a decentralized Grid domain within which Grid entities can act on behalf of the user IEEE Fox Valley Subsection Kate Keahey
…now practice Grid clients • create environments Application developers • obtain the right configuration Grid administrators • resolve conflicts! More resources per user, more users per resource, more environments per resource…. How do we scale? IEEE Fox Valley Subsection Kate Keahey
What do we need? l Quality of Service u u u l Sandbox a Grid computation Reliable enforcement of policy-driven resource usage Applications in experimental sciences, fair resource sharing, etc. Quality of Life u Dynamic capabilities l l l u Dynamically creating and managing remote execution environments Dynamically configuring such environments Easily moving in a Grid as resources come and go Automated, hands-off Grid infrastructure IEEE Fox Valley Subsection Kate Keahey
How do we satisfy those needs? l Dynamic behavior: missing services u u l Customizing such environments Ontologies and protocols u u l Creating and managing remote execution environments dynamically Standardized descriptions can be processed dynamically by various Grid entities Policy-adapting protocols will equip the system with ability to respond to needs automatically Tools to obtain descriptions of these things easily and automatically IEEE Fox Valley Subsection Kate Keahey
l l Execution state Software and file configuration state Protection and enforcement environment Virtual resource configuration VWs are represented by an ontology description u l Virtual Workspace Grid middleware interface Grid Middleware Interface Grid clients Grid client Interface Virtual Workspaces Potentially integrating community policy They can be implemented using different technologies They can be customized to the user needs and deployed in the Grid IEEE Fox Valley Subsection Kate Keahey
Properties of Virtual Workspaces l Dynamic creation u u l l To reflect changing policies in the Grid (implement agreements) Strong protection environment u l Avoiding a maintenance nightmare (automate administration) and potential security hazard Dynamic configuration u l Inherent property of Grid computation Otherwise users won’t trust sites and sites won’t trust users Fine-grain enforcement Configurable architecture, software, environment u u u Application software/libraries/licenses Configurable environment Running 32 -bit programs on 64 -bit architectures Running a required version of the OS (Fedora vs. RH 9) Potentially even execution state IEEE Fox Valley Subsection Kate Keahey
VWs in the Grids request VW EPR VW Factory create new VW Client use existing VW Create VW inspect and manage VW Repository deploy & suspend VW Manager start program IEEE Fox Valley Subsection Kate Keahey Resource VW
VW Services l Factory u Creates VW in terms of the implementation l u u u l May create based on an already created VW Writes/configures access policy May allow negotiation VW Repository u u u l e. g. , VM image, pacman chache+ Access to state describing a VW Allows inspection, management, implementation-specific termination, potentially renegotiation, etc. Soft-state lifetime management ensures termination VW Manager u Lightweight infrastructure deploying VMs IEEE Fox Valley Subsection Kate Keahey
How can I obtain VWs? l l Through automatic negotiation and establishing agreements with the community What is an agreement? u Relationship between parties l u Terms l l l Functional, e. g. , a service I can perform Non-functional, e. g. , performance, availability, etc. Noteworthy Agreement Properties u u u l dynamically-established and dynamically-managed Simple, decentralized way of expressing aggregate or proprietary policies in the system Allow providers to gauge demand Ephemeral, periodic, fine-grained, modifiable policy WS-Agreement, GRAAP-WG, Global Grid Forum u Currently under public comment: see www. gridforum. org IEEE Fox Valley Subsection Kate Keahey
Implementing and Configuring Virtual Workspaces l Potential Implementation Groups u Unix accounts and Unix account tools l u Sandboxes l u l VServer, protection and fine-grain enforcement Virtual Machines l l setrlimit, DSRT, chroot, chown, and others VMware, Xen, and others Deployment & configuration tools u Pacman & pacman cache See also: u Grid 2004: “From Sandbox to Playground: Dynamic Virtual Environments in the Grid” IEEE Fox Valley Subsection Kate Keahey
Comparing VW Implementations l Unix accounts u u u Pros: efficient, ubiquitous Cons: very limited functionality Needs to be used in conjunction with other technologies l u Prototype available (GT 3. 2) l u l Pacman, additional system enforcement tools http: //www-unix. mcs. anl. gov/~keahey/DS/Dynamic. Sessions. htm Currently on the way to become a GT 4 service Sandboxes u u u Pros: efficient, fine-grain enforcement, typically very lightweight Cons: limited state enforcement Need to be used in conjunction with other technologies IEEE Fox Valley Subsection Kate Keahey
Comparing VW Technologies (cntd) l Virtual Machines u Pros: l l l u Cons: l l u Flexibility (run linux on linux, 32 on 64 -bit, etc. ) Enhanced security, audit forensics, etc. Great user state management Freezing/migration Customized environment A promising distribution/deployment tool Potential for being less efficient (emulation) Potential for resource overhead Poor implementation of sharing, relatively little enforcement (but can be combined with other technologies for enforcement) Maturity issues The potential is excellent, but needs more work IEEE Fox Valley Subsection Kate Keahey
The Need for Speed Comparison using the Fusion EFIT application IEEE Fox Valley Subsection Kate Keahey
Other efficiency concerns l Startup time Table 1: DVE create/destroy times Linux VMware Create 100 ms 360 ms 14 -52 sec Destroy l VServer 70 ms 200 ms 3 -38 sec Resource usage overhead u u Memory use: VMware: 24 MB + 1 MB per 32 MB memory allocated Disk use: VMware large IEEE Fox Valley Subsection Kate Keahey
Enforcement Capabilities Unix account VServer VMware CPU usage (sec) Via setrlimit() Not at present, but could be added Not enforced CPU usage (%) Not enforced Limited: no VServer can starve another Not in VMware Workstation Disk space usage Dynamically (per-user quotas) Dynamically (per context quotas) Statically (virtual disks) Memory usage No Not at present, but could be added Statically Network usage No Dynamically IEEE Fox Valley Subsection Kate Keahey
Virtual is the New Real! l Virtual machines are a very interesting option for the Grid u Excellent usability potential: l l u u u l Configurability, enhanced security, state management, replication, enforcement… Even potential as distribution tool! Excellent potential for optimizations Performance, resource usage, access to specialized hardware, etc. are not so bad, especially with new technologies like Xen Some maturity issues Do benefits outweigh challenges? IEEE Fox Valley Subsection Kate Keahey
How does it work in practice? l l Recent project: combining VMs and Grids to create a platform for bioinformatics applications Some of the conclusions: u u Use of virtual machines can significantly broaden the resource base Saves installation time l l l u Enforcement capabilities l l EMBOSS installation: ~45 minutes Deploying a 2 GB VM image: ~6. 5 minutes Peace of mind: priceless! Depend on the implementation but are generally better than what we have now SC 04 poster: u “Quality of Life in the Grids: VMs meet Bioinformatics Applications”, T. Freeman and D. Galron IEEE Fox Valley Subsection Kate Keahey
How can VWs change the Grid? l Challenges to the established Grid model u u u l Issue of responsibility u u l Security challenges Networking challenges And many, many others… Who vets a workspace? Who is responsible for its “good behavior”? The role of VOs is going to grow u VO might take on additional responsibilities l u Should the VO be a legal entity? l u Administers and maintains VMs, certification authority, could potentially stop suspect VMs, is to blame if something happens… Do VOs have the resources to do that? Are VOs going to become too heavyweight? l What are the trade-offs and a healthy balance? IEEE Fox Valley Subsection Kate Keahey
Virtual Playgrounds l Define a virtual Grid in terms of requirements u u u l l l Provide mechanisms to create a Grid Provide services for the deployment of such “virtual playgrounds” on real resources Ephemeric Grids built for a special purpose: u u l Virtual workspaces Potentially networking requirements Other services Family is getting together to decide when to spend Xmas Scientists getting up a Grid for the purposes of a specific experiment run A game tournament A scientific simulation that gets discarded or interrrupted but can potentially be restored later Towards a true utility computing model IEEE Fox Valley Subsection Kate Keahey
Conclusions l Addressing Qo. S and Qo. L is critical for the utility computing model of Grids u u u l Current technological advances make this model ever closer to reality u u l l Unglamorous but necessary tasks Combating complexity, improving scalability Without it flexibly moving between resources on the Grid is very hard A breakthrough is required in terms of usability Virtual machines fit the bill Virtual is the new Real! To find out more: www. mcs. anl. gov/~keahey IEEE Fox Valley Subsection Kate Keahey
Скачать презентацию From Sandbox to Playground Virtual Environments and Quality
ab75f12b31089d3772f038d304424699.ppt