IBM Labs in Haifa © 2008 IBM Corporation RESERVOIR – Bringing the Cloud down to Earth Eliot Salant – [email protected] RESERVOIR Project Coordinator Manager,

IBM Labs in Haifa © 2008 IBM Corporation

RESERVOIR –Bringing the Cloud down to Earth

Eliot Salant – [email protected] Project CoordinatorManager, Virtualization Technologies, IBM Haifa LabJune 4, 2008

The research leading to these results has received funding from the European Community's Seventh Framework Programme (FP7/2007-2013) under grant agreement n° 215605

IBM Labs in Haifa

© 2008 IBM Corporation2 RESERVOIR @ NORTUR 2008

Agenda

What is Cloud Computing? Evolution of Cloud Computing The RESERVOIR vision

IBM Labs in Haifa


What is Cloud Computing?

The definition depends on whom you talk to… Utility Computing: A pool of virtualized computer resources that IT

can access on demand (Example: IBM Blue Cloud, Google App Engine, Amazon EC2…)

Software as a Service (SaaS)/On Demand Software : Delivers a single application through the browser to thousands of customers using a multitenant architecture (Example: salesforce.com, Google docs…)

To quote Ian Foster:

So is “cloud computing” just a new name for grid? In information technology, where technology scales by an order of magnitude, and in the process reinvents itself, every five years, there is no straightforward answer to such questions.

IBM Labs in Haifa


“You say ‘tomato’, I say tomahto…”

Consider cloud computing as providing a service for users to run complete applications from centralized servers sharing resources such as memory, bandwidth, cpu and storage.

Grid computing provides a mechanism for running processes across multiple compute resources.

IBM Labs in Haifa


What are the requirements on clouds?

Demand puts requirements on scalability, reliability… One billion people worldwide have access to the Web MySpace signs up an average of 300,000 new users every day

with 65 billion page views per month. In 2Q 2006, 50 million blogs were created at the rate of 2 per

second. And what will happen as millions (billions?) of inexpensive sensors

(“smart dust”) start connecting to the Web? Web 2.0 best practice principles will also drive infrastructure

requirements: Release early, release often Operations are a core competency

High availability, systems monitoring and management…

IBM Labs in Haifa


The next generation Cloud has many challenges to tackle

Security Scalability Availability Reliability Cost Efficient

Data Intensive Personalization Mobility Latency Manageability

IBM Labs in Haifa


But, the financial incentives are there…

OnDemand apps like Salesforce.com can be provisioned for as little as $300-500 per subscriber after fully costing hardware, software and service vs. as much as $8,000-10,000/user for OnPremise clientserver apps.

Merrill Lynch estimates that today’s $2 billion market in on-demand applications will expand to a $165 billion market opportunity.

IBM Labs in Haifa


Who are the main commercial clouds players today?

Amazon Web Service (AWS) offers Elastic Compute Cloud (EC2), and Simple Storage Service (S3), Simple Db and more EC2: Can hire small, large or extra large instances which gives set

configurations for memory, storage and EC2 Compute Units (1.0 – 1.2 GHz 2007 Opteron or 2007 Xeon processor. )

Google offers a range of cloud apps, and platforms (Google App Engine, Google Apps)

Google and IBM Academic Cluster Computing initiative IBM Blue Cloud – offers infrastructure and platform support Salesforce.com – offers Force.com - a development platform in the

Cloud Microsoft has some offerings, such as Office Live for small businesses Activision – World of Warcraft have over 10 million paying users

IBM Labs in Haifa


The Commoditization of ICT

As far back as 1960, John McCarthy predicted that “computation may someday be organized as a public utility”.

In fact, in early grid days, the computing grid was envisioned as being analogous in form and function to the electric grid.

In 2003, The Harvard Business Review published an article by Nicholas Carr entitled, “IT doesn’t matter”. Carr argued that once IT’s power and presences reach a

widespread enough state, it simply becomes a commodity – a cost of doing business – rather than an advantage to a single player

IBM Labs in Haifa


The Evolution of the Power Grid

http://www.pbase.com/rbenny/image/29116201

http://www.anl.gov/Media_Center/logos22-1/electricity.htmThe US National Power Grid

http://www.rootsweb.com/~nytigs/BurdenPayrollRecords.htmThe Burden Iron Works Water Wheel

http

://ie

ee-v

irtua

l-mus

eum

.org

/col

lect

ion/

even

t.ph

p?id

=34

5687

6

The Pearl Street Station

•Make your own infrastructure•Not the company’s main business but a considerable competitive advantage

•The utility industry•Metering•Limited reach•Reproducible (yet costly)

•Efficient distribution•Federation of providers•The diversity factor•Economies of scale

IBM Labs in Haifa


The Evolution of the Compute Grid

•Make your own infrastructure•Not the company’s main business but a considerable competitive advantage

•The utility industry•Metering•Limited reach •Reproducible (yet costly)

•Efficient distribution•Federation of providers•The diversity factor•Economies of scale

http://www.by-star.net/techspeak/datacenter/

http://www.smcplus.com/applications.asp?id=32

http://www.informationweek.com/galleries/showImage.jhtml?galleryID=62&imageID=13

Google @ The Dulles, OR

R E S E R V O I R“… today’s commercial clouds have not been open and general purpose, but instead been mostly proprietary and specialized for the specific internal uses (e.g., large-scale data analysis) of the companies that developed them. The idea that we might want to enable interoperability between providers (as in the electric power grid) has not yet surfaced …”

“…will move towards a mix of microproduction and large utilities, with increasing numbers of small-scale producers co-existing with large-scale regional producers, and load being distributed among them dynamically …”

There’s Grid in then thar Clouds - Ian Foster

IBM Labs in Haifa


The Reservoir Vision - Positioning

RESERVOIR is an aggressive research attempt to meet the emerging needs of the service-based economy sponsored by the EU Provide revolutionary foundation for a new European infrastructure

where resources and services can be transparently and dynamically managed, provisioned and relocated like utilities – virtually “without borders”

No single facility/provider can create a seemingly infinite infrastructure capable of serving massive amounts of users at all times, from all locations Federation of clouds Leverage the diversity factor to achieve economies of scale Leverage locality

There are many other solutions out there - so what’s new in RESERVOIR ?

IBM Labs in Haifa


The RESERVOIR Vision

Goal:

Create the next generation Compute Cloud for the reliable and effective delivery of IT services as utilities

Example:

EU Winter Olympics Scenario to highlight competitive differentiation vs. present technologies, e.g. EC2

IBM Labs in Haifa


EU Olympics Scenario – Service Definition

<service EU-GAMES … > <tier web-servers … > <VEE-requirement … > <image … > <software … > <storage …> <network … > <configuration … > <tier-QoS … > </tier> <tier app-servers … > … </tier> <tier DB-servers … > … </tier> <inter-tier-configuration … > <service-QoS … > …</service>

Web site service for EU Olympics

1. The Olympic committee uses client tools to generate the service definition.

Includes:• Tier definition (web servers,

application servers, databases)• Required Virtual Execution

Environments (VEEs)• Software• Images• Storage• Network• Required configuration• Inter-tier relations• Required QoS.

IBM Labs in Haifa


EU Olympics Scenario – Service Deployment2. The committee negotiates and ships the service definition to a primary RESERVOIR site (PRS)

3. The PRS automatically deploys the complex service on its own site:• Configure required storage & network, creates VEEs selecting proper physical resources to meet

QoS • Install required images, software according the service definition • Apply the required configuration • Setup the monitoring and billing <service EU-GAMES … >

<tier web-servers … >

<VEE-requirement … >

<image … >

<software … >

<storage …>

<network … >

<configuration … >

<tier-QoS … >

</tier>

<tier app-servers … >

…

</tier>

<tier DB-servers … >

…

</tier>

<inter-tier-configuration … >

<service-QoS … >

…

</service>

web servers

App servers

Network

DB servers

VEE

Phys server

PRS

IBM Labs in Haifa


RESERVOIR Differentiator:

Service definition language enabling automatic deploymentof complex services over virtual infrastructure

IBM Labs in Haifa


EU Olympics Scenario – Service Cooperation

PRS

RS1

RS2

<service ..

-- - - - -- - - - - --- - - - -- - - - - -- - - - - -<service ..

4. For HA and assuring the SLA, the PRS negotiates with two other RS (RESERVOIR site), and ships the service definition to them

5. Each RS deploys the service (according to the contracted resources) in its site similar to what the PRS did

6. The PRS and RS1, RS2 maintain a service cooperation relationship for the EU games service

• Overlay network• Content distribution• Image and software updates• Load balancing

<service ..

-- - - - -- - - - - --- - - - -- - - - - -- - - - - -<service .. Service Cooperation

IBM Labs in Haifa



Inter-domain management site protocols that enable multiple management sites to cooperate in providing a single service, where the cooperation is automatically driven from a service definition document .

IBM Labs in Haifa


EU Olympics Scenario – HA with Live VM Migration

PRS

RS1

RS2

7. PRS site suffers electricity problems and needs to power off physical servers.

8. PRS negotiates for additional resources at RS1 employing the RS-RS protocol

9. PRS evacuates the VEEs on the servers to be powered off, migrating them to RS1

- Live migration to maintain application servers’ states and client connections

IBM Labs in Haifa



Live migration without borders:Cross geographical, network and management domains

IBM Labs in Haifa


EU Olympics Scenario – On Demand Service Expansion

10. Load increases and PRS realizes that the available resources at the 3 sites are not enough

11. PRS negotiates with additional RS3, and ships it the service definition

12. RS3 deploys the service (according to the contracted resources), and dynamically joins the service cooperation relationship for the EU Olympics service

PRS

RS1

RS2

RS3

IBM Labs in Haifa



The ability to dynamically hire additional 'service power‘ from a new management site, fully automated, using the service definition language and the inter-domain site protocols

IBM Labs in Haifa


The Reservoir Vision -the technical goals

Minimize over-provisioning of resources Dynamic allocation and re-provisioning can get better utilization out

of existing resources Break down platform and geography barriers

Adhere to SLA constraints through intelligent placement and relocation algorithms Address cross administrative domain SLA

Domains may be in different organizations Create standards to allow for interoperability between administrative

domains Must be able to transfer information to allow applications to run on

different domains SLA, billing, application meta-data…

IBM Labs in Haifa


Approach

Focus on technologies that enable to build cooperating computing clouds Connect computing clouds to create an even bigger cloud

Integration of virtualization technologies with grid computing driven by new techniques for business service management The Service Oriented Infrastructure (SOI) equation:

= SOIVirtualization-Aware Grid

e.g., VM usage/size as the unit for metering and billing

Grid-Aware Virtualizatione.g., live migration across administrative domains

BSMe.g., policy-based management

of service-level agreement + +

Building on this equation we will architect and implement a platform for supporting complex services, which Enables dynamic deployment of complex multi-tier services across heterogeneous

administration domains Uses virtualization of servers, storage and network to allow migration without

borders Supports service definition, SLA management, accounting and billing

IBM Labs in Haifa


Evolution of a solution: In the beginning, there was Grid Computing

Grid node or Service Site

Physical Resources

Service Tasks

IBM Labs in Haifa


Evolution: Virtualization technologies for Intel machines take hold: Grid Computing + Virtualization

Improved isolation, Relax dependencies, Well defined billing units

Virtual Execution Environment (VEE)

IBM Labs in Haifa


Policy 1:If possible keep VEEs fromthe same organization in the same physical box

Evolution - SOI: Grid Computing + Virtualization + BSM

IBM Labs in Haifa



SOI: Grid Computing + Virtualization + BSM

Policy 2:Turn off underutilized physical boxes

IBM Labs in Haifa


Policy 2:Turn off underutilized physical boxes


SOI: Grid Computing + Virtualization + BSM

Local optimizations (within a single site): placement, power, etc.

IBM Labs in Haifa


Policy 3:If possible keep VEEs in “owning”organization

RESERVOIR: Grid Computing + Virtualization + BSM – Boundaries

IBM Labs in Haifa



Policy 4:If possible keep VEEs in least number of external organizations


IBM Labs in Haifa



Policy 4:If possible keep VEEs in least number of external organizations


IBM Labs in Haifa


Policy 5:“Follow” the service customer


Migration across sites Global optimizations: placement, cost, bandwidth, etc.

IBM Labs in Haifa


Virtualize the Network

Create virtual networks connecting VEEs regardless of physical server location

IBM Labs in Haifa


Virtualize the Network and the Storage

Enable secure access to relevant data regardless of storage location

IBM Labs in Haifa


Looking a bit beneath the RESERVOIR covers

Security requirements Challenges Architecture Use cases Testbed Partners

IBM Labs in Haifa


RESERVOIR Security considerations

1. Guarantee the security of applications and associated data, allowing end users to specify requirements for service tasks Protecting a service from other services running in the same virtual

environment Protect confidentiality of stored service data

Need to protect service data relating to amount of resources consumed, accrued billing...

Handle requirements induced by multi-tenancy The Service Definition will need to support special

requirements/restrictions due to multi-tenancy Example: I don’t want my data residing on the same physical

storage as my competitor Protecting a VEE from other VEEs running in the same compute

node

IBM Labs in Haifa


RESERVOIR Security continued

Guarantee the ability of SOI vendors to interoperate in a secure way, building mutual trust and defending themselves from misbehaving vendors or end users. Ensure the authenticity and integrity of management entities,

compute nodes and VEEs. Secure communication of sensitive end user and vendor data over

local and wide area networks (message integrity and confidentiality) Protecting the access to the management interfaces

3. Security policies for a site must be securely discoverable in order for cross-domain migration• i.e. only allow migration to sites with the same security policy

IBM Labs in Haifa


Security hot spots in RESERVOIR

Service

Service Manager

Grid Node/Service Site

Virtual Execution Environment Management System

Migration Management

Monitoring BillingPolicy Engine & Scheduling

VE

E C

on

tro

l

Physical Resources

ComputeResource

Virtualizer

VEE VEE

ComputeResource

Virtualizer

VEE VEE

Image

Service Definition

Service Manager

State

Service Instance

Security DeploymentDiscoveryImage

Management

VEEMSAdministrator

Service AdministratorVEEMS User

VEEMS-VEEMS

Service security specifications

Service tasks isolation

VEE isolation

VEE – Hostprotection

VEEMS internal management

Service providerinterface

VEEMS admininterface

Network, storage setup

IBM Labs in Haifa


RESERVOIR Challenges – At the Service Level

Translate business concept requirements to infrastructure requirements Define a Service Definition Language to characterize all information

and context required to enable lifecycle management of services across RESERVOIR sites

Must be able to handle rollback on deployment failures Determine the mapping of high level service requirements and metrics

(e.g., response time) to infrastructure level requirements and metrics (e.g., CPU utilization)

Support multiple levels of QoS

IBM Labs in Haifa


Management Challenges

Support policy based management across administrative domains (clouds) Service level utility analog of electricity power,

Dynamically automatically hire additional 'power‘ from a another cloud Enable intra-site and inter-site workload optimization, HA and SLA

management. (Or, maybe not…) Create an inter-site protocol to allow for federation of RESERVOIR sites Protect Service Level Agreements

Detect violations (SLA monitoring) Provide for dynamic relocation of resources Provide accountability

Bill for services used, even across RESERVOIR sites Different billing and accounting systems may be used.

IBM Labs in Haifa


Challenges at the Infrastructure level

Provide for relocation of resources without boundaries Live migration across subnet boundaries Migration to a different physical host without shared storage

Provide standardized interfaces for lifecycle management to Virtualized Execution Environment (virtualized machines, Virtualized Java Service Containers)

Analyze end-to-end performance in a virtualized environment to understand bottlenecks

Be able to handle surges in 3-5 orders of magnitude in service requests

IBM Labs in Haifa


The Reservoir Architecture

Infrastructure Provider = Site/Domain/Cloud

VEE Management System

Service Manager

VEE Management Enablement Layer

Virtualized Physical Resource (e.g., Hypervisor)

Service Provider

SLA SLA

SD+SLA

• Monitor service and enforce SLA compliance by managing capacity of Service Components (VEEs) or/and size of Service Tiers

• Deals with translation/mapping of service concepts/metrics (response time) to infrastructure concepts/metrics (VEE size)

• Monitor VEEs and find best VEE placement that meet constraint satisfaction problem

• Deals federation of domains

IBM Labs in Haifa


Project Structure

A4: Service Management (TID)

A2: VEE Infrastructure (IBM)

A3: VEE Management (UCM)

A1:

Arc

hite

ctur

e (I

BM

)

A5:

Tes

tbed

and

Sce

nario

s (U

niM

e)

A6:

Dis

sem

inat

ion

(CE

TIC

)

IBM Labs in Haifa


The RESERVOIR use cases

We have four use cases from industrial partners SAP – Business application

Multi-tenant service delivery for SMBs in a data center Managing thousands of different service components that comprise a

variety of service applications executed by thousands of VEEs. Deployment of a business application with one click

Deployment based on Service Manifest Relocation of a multi-tiered business application

Sun – Utility computing (example: digital content creation – such as computer

generated animated films or special effects), or Web 2.0 application Test performance under the following conditions:

Frequent change of resource use Unpredictable loads Pay as you go use.

IBM Labs in Haifa


Use cases cont.

Telefonica – Telco application Test a mash-up application on top of the RESERVOIR

infrastructure Lifecycle management in a highly dynamic environment Accounting, billing and business management from different gadget

providers. Thales – e-Government

Three-tiered application Tests handling dynamic loads – cyclic demands on a user application

to reflect hourly/seasonal peaks Maintenance scenarios to physical resources Application manageability – QoS tradeoffs, large number of

simultaneous connections etc.

IBM Labs in Haifa


The RESERVOIR development process

There will be 3 main cycles of code development and delivery to the testbed

The testbed will integrate the code, and then test against the use cases Additional testbed experiments will:

Compare performance against the native use case environment Feedback defects to the developers Analyze for scaleability, bottlenecks etc.

IBM Labs in Haifa


The RESERVOIR Consortium

Partner Role Comment

IBM HRL Technology Project Lead, Virtualization/SOA Infrastructure

Telefonica I+D Technology Service Technology, Billing Infrastructure

UCM Technology Grid, Dynamic Allocation Technology

Thales Technology Security, Virtualization Infrastructure, Hosting

SAP Use-Cases Use-Cases, Contribution to Requirement an Standards

Sun Microsystems Use-Cases + Tech Contribution to Standards, Java Services, Monitoring

DATAMAT Technology Service Management Technologies

University Lugano Technology Partner, Monitoring and SLA Management

University UMEA Technology Monitoring, Measuring and Billing Technology

University Messina Technology Grid Experience, Testbed Development,

UC London Technology Virtualization Technology

CETIC Technology Security

OGF Standardization Grid and Virtualization Standards

IBM Labs in Haifa


Project Status

3 Year FP7 project started in February Kickoff meeting hosted by IBM in Haifa at the beginning of February 21 participants from abroad, representing all 12 partners (+local

IBMers) Architecture work-package started at month 1, others now starting

First version of architectural specification is out Started working on building the testbed

15 machines at UniMe, 4 machines at IBM (2 more on the way) and 8 machines on the way to UCM

Web site up and running Come visit us at http://www.reservoir-fp7.eu/

IBM Labs in Haifa


There are no stupid questionsor stupid answers

IBM Labs in Haifa


A2: VEE Infrastructure

Virtual Machine Technologies (IBM) Improve performance of VEE execution for typical RESERVOIR

workloads Provide VEEMS enablement layer for virtual machines

Relocation Enablement (IBM) Network Virtualization Storage Virtualization

Java Service Containers (Sun) Provide VEEMS enablement layer for virtual java service containers

IBM Labs in Haifa


A3: VEE Management

VEE Provisioning and Supervision (UCM) Image management Monitoring

Allocation Policy Management (Datamat) Policy based placement and migration

Federation of Management Domains (UCM) Built atop WSRF interfaces to access remote VEE Supervisors

Push new and leverage existing OGF/DMTF/OASIS standards Interoperability between administrative domains and scheduling

heuristics on federated and utility architectures.

IBM Labs in Haifa


A4: Service Management

Service Definition (UCL) Design a new service description language that will allow the description of service interfaces,

service lifecycle, interface bindings to implementations, service deployment, SLA requirements for a service, rules for VEEs (re)configuration and (re)organisation and service components distribution and configuration

Revisit the service lifecycle definition and extend it to accommodate the influence of virtualisation Extend tools available for service design (for example the Eclipse Web Tools Platform) Standardize the service description language

Service Management (TID) SLA monitoring across administrative domains settings and service-oriented architectures. Integrate monitoring with resource allocation and scheduling and take explicit account of the

potentially synchronous nature of service invocations. Automatic deployment of services based on complex service definition

Accounting, Billing and Payment (TID) Accounting and billing arrangements for outsourced services are based on raw machine

resource consumption (CPU-time, storage capacity etc) RESERVOIR will pursue the definition of a framework that allows accounting and billing in terms

of the services that were completed, taking into consideration the quality of service that was provided.

IBM Labs in Haifa


A5: Experimentation and Validation

Testbed (UniMe) Create the necessary environment for testing and validation A multi-site environment running the last release of RESERVOIR middleware to

evaluate (built on physical resources distributed/owned/managed by some of the project’s partners)

Scenario 1: eGov application (Thales) Automatic adjustment of resources and domains cooperation.

Scenario 2: SAP business application (SAP) Business application oriented use cases and the opportunities to execute them on a

flexible infrastructure. Scenario 3: Utility computing (Sun)

Deploy arbitrary operating system and application stacks on remote resources. Provide secure and seamless access to them. Adjust resource allocation on-demand without the end user noticing disruption of service

Scenario 4: Telco application (TID) Hosting web sites that deals with massive access (e.g., the Olympics games) High degree of personalization and support for mashups

IBM Labs in Haifa © 2008 IBM Corporation RESERVOIR – Bringing the Cloud down to Earth Eliot Salant – [email protected] RESERVOIR Project Coordinator Manager,

Documents

ibm labs

ibm corporation reservoir

ibm haifa lab

ibm blue cloud

cloud computing

reservoir vision slide

generation cloud

evolution of cloud