High Availability High Availability of Virtualized of Virtualized Desktop Desktop Applications Applications Todd Deshane Todd Deshane CS Seminar Fall 2006 CS Seminar Fall 2006 Advisor: Jeanna Matthews Advisor: Jeanna Matthews
High Availability of High Availability of Virtualized Desktop Virtualized Desktop
ApplicationsApplications
Todd DeshaneTodd Deshane
CS Seminar Fall 2006CS Seminar Fall 2006
Advisor: Jeanna MatthewsAdvisor: Jeanna Matthews
OverviewOverview
Why High Availability?Why High Availability? Why Virtualized?Why Virtualized? Why Desktop Applications?Why Desktop Applications?
Implementation SketchImplementation Sketch DiscussionDiscussion Future WorkFuture Work
Why High Availability? Why High Availability?
Malware (viruses, worms, spyware, Malware (viruses, worms, spyware, etc.) are still a problemetc.) are still a problem
Patches and software bugs can cause Patches and software bugs can cause problemsproblems
Fixing or reinstalling is time Fixing or reinstalling is time consuming and difficult for most consuming and difficult for most computer userscomputer users
Application downtime means Application downtime means decreased user productivitydecreased user productivity
VirtualizationVirtualization
Level of abstractionLevel of abstraction Which types of virtualization are of Which types of virtualization are of
interest to us?interest to us?– Architecture Virtualization (Virtualization Architecture Virtualization (Virtualization
of underlying hardware i.e. x86)of underlying hardware i.e. x86)– OS Virtualization (virtualization of OS Virtualization (virtualization of
underlying kernel)underlying kernel)
Architecture VirtualizationArchitecture Virtualization
Virtual Machine Monitor (VMM) provides an interface to the underlying hardware
Guest Operating Systems “think” they have full access to the underlying hardware
OS VirtualizationOS Virtualization
Virtualization Layer in kernel provides interface to kernel
Guest Operating Systems (Virtual Private Servers) “think” they have full access to the underlying kernel
Why Virtualized?Why Virtualized?
More effective use of hardwareMore effective use of hardware– Desktop utilization less than 10% Desktop utilization less than 10%
Isolation of guestsIsolation of guests– Guests run different applications Guests run different applications
Recovery of compromised guestsRecovery of compromised guests– Restarting or rolling back a guest is Restarting or rolling back a guest is
easier than restarting or rolling back a easier than restarting or rolling back a physical computerphysical computer
Why Desktop Applications?Why Desktop Applications?
Desktop users’ increased reliance on Desktop users’ increased reliance on power of computerspower of computers
Increased sophistication of attacksIncreased sophistication of attacks– Distributed botnetsDistributed botnets– Criminal attacks on data and resourcesCriminal attacks on data and resources
Virtualization and HA cluster Virtualization and HA cluster research traditionally focused on research traditionally focused on serversservers
Implementation SketchImplementation Sketch
Rapid Recovery SystemRapid Recovery System– Isolated virtual machine appliancesIsolated virtual machine appliances– Intrusion detection and restorationIntrusion detection and restoration
High Availability ClusterHigh Availability Cluster– Redundancy of applicationsRedundancy of applications– Heartbeat monitoringHeartbeat monitoring
Application Service ProviderApplication Service Provider– Central application serverCentral application server– On-demand softwareOn-demand software
Rapid Recovery SystemRapid Recovery System
Rapid Recovery SystemRapid Recovery System
Key FeaturesKey Features– Network Intrusion DetectionNetwork Intrusion Detection– Data ProtectionData Protection– Fast RestorationFast Restoration– File System Intrusion DetectionFile System Intrusion Detection
Read and write limitingRead and write limiting
To be added:To be added:– Contract-based data access Contract-based data access
High Availability (HA) ClusterHigh Availability (HA) Cluster
With a passive stand-by system, fail-over can happen almost instantaneously
High Availability (HA) ClusterHigh Availability (HA) Cluster
With a shared disk, data recovery can happen almost instantaneously
High Availability (HA) ClusterHigh Availability (HA) Cluster
Key FeaturesKey Features– Heartbeat MonitoringHeartbeat Monitoring– System or Data Fail-overSystem or Data Fail-over– ReliabilityReliability– Resource ManagementResource Management
Data redundancyData redundancySystem redundancySystem redundancyConfigurable PoliciesConfigurable Policies
Application Service Provider (ASP)Application Service Provider (ASP)
Application server serves requests for applications
Thin clients request applications for server
Application Service Provider (ASP)Application Service Provider (ASP)
Key FeaturesKey Features– Central Application ServerCentral Application Server– Single backend storage connection pointSingle backend storage connection point– Stateless Configuration PossibleStateless Configuration Possible
Implementation IntegrationImplementation Integration
ASPs are put into virtual machine ASPs are put into virtual machine appliancesappliances
Rapid recovery system protects user Rapid recovery system protects user data and settings and restores ASPsdata and settings and restores ASPs
High availability cluster provides High availability cluster provides redundancy of application servers redundancy of application servers and heartbeat monitoring and heartbeat monitoring
DiscussionDiscussion
Users increasingly rely on desktop Users increasingly rely on desktop applicationsapplications
Attack sophistication is increasingAttack sophistication is increasing Combine virtualization, HA cluster, Combine virtualization, HA cluster,
and rapid recovery technologies and rapid recovery technologies High availability of virtualized High availability of virtualized
desktop applicationsdesktop applications– Attack resistant desktop experienceAttack resistant desktop experience– Rapid application and data recoveryRapid application and data recovery
DiscussionDiscussion
Application deployment modelApplication deployment model– ASPs can be local or remoteASPs can be local or remote– User chooses which ASP version to useUser chooses which ASP version to use
Software RedundancySoftware Redundancy– Most faults occur in softwareMost faults occur in software
System will also support hardware System will also support hardware redundancy (if available)redundancy (if available)
Future WorkFuture Work
Deployment and testing of HA cluster Deployment and testing of HA cluster technologytechnology
Virtualization performance and usage Virtualization performance and usage testing on the desktoptesting on the desktop
Enhance and test the implementation Enhance and test the implementation of the rapid recovery systemof the rapid recovery system
System integration of these existing System integration of these existing technologiestechnologies
Questions?Questions?
Backup SlidesBackup Slides
Implementation DetailsImplementation Details
Virtual Environment: Virtual Environment: – Xen (VMM) Xen (VMM) – OpenVZ (OS virtualization)OpenVZ (OS virtualization)
High Availability ClusterHigh Availability Cluster– Linux-HALinux-HA
File Server:File Server:– OpenfilerOpenfiler
ReferencesReferences
Matthews et al. Matthews et al. Data Protection Data Protection and Rapid Recovery From Attack and Rapid Recovery From Attack With A Virtual Private File Server and With A Virtual Private File Server and Virtual Machine AppliancesVirtual Machine Appliances
www.www.linuxlinux--haha.org/.org/ http://www.openfiler.com/http://www.openfiler.com/ http://en.wikipedia.org/wiki/Applicatiohttp://en.wikipedia.org/wiki/Applicatio
n_service_providern_service_provider