resource management for isolation enhanced cloud services
play

Resource Management for Isolation Enhanced Cloud Services Enhanced - PowerPoint PPT Presentation

Jun 22, 2023 •263 likes •408 views

Resource Management for Isolation Enhanced Cloud Services Enhanced Cloud Services Himanshu Raj , Ripal Nathuji, Abhishek Singh, Paul England XCG, Microsoft Research Motivation Isolation issues in shared-resource computing infrastructures

  1. Resource Management for Isolation Enhanced Cloud Services Enhanced Cloud Services Himanshu Raj , Ripal Nathuji, Abhishek Singh, Paul England XCG, Microsoft Research

  2. Motivation � Isolation issues in shared-resource computing infrastructures Service SLA Service SLA Service Providers Infrastructure Provider Raj et al.:Isolation Enhanced Cloud Services 2

  3. Motivation � Side-channel attacks compromising performance and security Isolation � DoS, Information leak (key stealing not shown for VMs yet) Areas lacking: � SLA specification � Isolation mechanisms � Resource management Raj et al.:Isolation Enhanced Cloud Services 3

  4. Proposed Solution � Isolation attributes part of the SLA � Mechanisms for better isolation � Enhanced resource management � Include constraints based on isolation attributes � Include constraints based on isolation attributes Raj et al.:Isolation Enhanced Cloud Services 4

  5. SLA Isolation Attributes � Degree of hardware fault resistance (n) � Type: Integer, e.g., n = 5 � Cache-based side channel attack avoidance � For DoS and Information leakage avoidance � For DoS and Information leakage avoidance � Type: Boolean Raj et al.:Isolation Enhanced Cloud Services 5

  6. Enforcing Cache Isolation Main Memory Shared L3 Shared L3 Shared L3 Shared L3 L2 L2 L2 L2 L2 L2 L2 L2 L1D L1D L1D L1D L1D L1D L1D L1D � Cache hierarchy aware core assignment � Page-coloring based cache partitioning Raj et al.:Isolation Enhanced Cloud Services 6

  7. Cache Hierarchy Aware Core Assignment Main Memory Shared L3 Shared L3 L2 L2 L2 L2 L2 L2 L2 L2 L1D L1D L1D L1D L1D L1D L1D L1D Raj et al.:Isolation Enhanced Cloud Services 7

  8. Page-coloring Based Cache Partitioning Main Memory Shared L3 Shared L3 L2 L2 L2 L2 L2 L2 L2 L2 L1D L1D L1D L1D L1D L1D L1D L1D Raj et al.:Isolation Enhanced Cloud Services 8

  9. Results: No Isolation 180 Target VM + 160 Perturbation VM (1 Thread) 140 120 Execution Time (s) Target VM + Perturbation VM (2 100 Threads) 80 Target VM + Ex Perturbation VM (3 Perturbation VM (3 60 60 Threads) 40 Target VM 20 0 Working Set Size Shared L3 L2 L2 L2 L2 L1D L1D L1D L1D 9

  10. Results: Cache-coloring 180 160 Target VM + Perturbation 140 VM (1 Thread) Execution Time (s) 120 Target VM + Perturbation 100 VM (2 Threads) 80 Target VM + Perturbation 60 60 Ex VM (3 Threads) 40 Target VM 20 0 Working Set Size Shared L3 L2 L2 L2 L2 L1D L1D L1D L1D 10

  11. Integration with VM Placement System � Constraints on resources Blade � New isolation constraints � 4000 blade cloud, <80% Processor Domains Available Processors Fault Domain utilization, ~30-40 ms for Available Memory Available Memory search without search without D1 … backtracking (with high success probability) Page Color Domains Available Current VMs � Working on other heuristics for CSP with … P1 system dynamism � Migration Current VMs Capacity Available Raj et al.:Isolation Enhanced Cloud Services 11

  12. Conclusions � Incorporation of isolation attributes in the SLA � System-level mechanisms to address isolation � RM enhancements with isolation related constraints constraints Raj et al.:Isolation Enhanced Cloud Services 12

  13. rhim@microsoft.com Raj et al.:Isolation Enhanced Cloud Services 13

Recommend

SilverLine: Data and Network Isolation for Cloud Services Yogesh Mundada Anirudh Ramachandran

SilverLine: Data and Network Isolation for Cloud Services Yogesh Mundada Anirudh Ramachandran

SilverLine: Data and Network Isolation for Cloud Services Yogesh Mundada Anirudh Ramachandran Nick Feamster 1 Cloud Computing Advantages Reduced operational costs Reduced management overhead Easier resources scaling Lowers

543 views • 19 slides
Chapter 6 Cloud Resource Management and Scheduling Contents Resource management and

Chapter 6 Cloud Resource Management and Scheduling Contents Resource management and

Chapter 6 Cloud Resource Management and Scheduling Contents Resource management and scheduling. Policies and mechanisms. Applications of control theory to cloud resource allocation. Stability of a two-level resource allocation

1.47k views • 39 slides
Towards General-Purpose Resource Management in Shared Cloud Services Jonathan Mace , Brown

Towards General-Purpose Resource Management in Shared Cloud Services Jonathan Mace , Brown

Towards General-Purpose Resource Management in Shared Cloud Services Jonathan Mace , Brown University Peter Bodik, MSR Redmond Rodrigo Fonseca, Brown University Madanlal Musuvathi, MSR Redmond Shared-tenant cloud services Processes service

746 views • 33 slides
Problem solved: Cloud Cost Management 2 Cloud Cost Management Using cloud services from

Problem solved: Cloud Cost Management 2 Cloud Cost Management Using cloud services from

Problem solved: Cloud Cost Management 2 Cloud Cost Management Using cloud services from IaaS to Accelerate digital SaaS creates huge new opportunities transformation to transform the speed, effjciency and operating costs of a

298 views • 10 slides
Automated Application and Resource Management in the Cloud Nikos Parlavantzas HDR

Automated Application and Resource Management in the Cloud Nikos Parlavantzas HDR

Automated Application and Resource Management in the Cloud Nikos Parlavantzas HDR defense15th June 2020 The demand for collaboration and entertainment services is skyrocketing 12 million 2,900% New daily active Growth of daily users in

1.03k views • 61 slides
Institute for Cyber Security A Formal Model for Isolation Management in Cloud

Institute for Cyber Security A Formal Model for Isolation Management in Cloud

Institute for Cyber Security A Formal Model for Isolation Management in Cloud Infrastructure-as-a-Service Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October 15-17, 2014 NSS

146 views • 13 slides
Resource Resource Management Management RESOURCE MANAGEMENT RESOURCE MANAGEMENT We have a

Resource Resource Management Management RESOURCE MANAGEMENT RESOURCE MANAGEMENT We have a

Moreno Baricevic Stefano Cozzini CNR-IOM DEMOCRITOS Trieste, ITALY Resource Resource Management Management RESOURCE MANAGEMENT RESOURCE MANAGEMENT We have a pool of users and a pool of resources, then what? some software that controls

538 views • 22 slides
Economics-inspired Resource and Energy Management for Cloud Environments Lus Veiga INESC-ID

Economics-inspired Resource and Energy Management for Cloud Environments Lus Veiga INESC-ID

Keynote on ESaaSA CLOSER 2015 Economics-inspired Resource and Energy Management for Cloud Environments Lus Veiga INESC-ID Lisboa Instituto Superior Tcnico Universidade de Lisboa May 2015 A day in the Clouds Services such as storage,

627 views • 51 slides
Seawall: Performance Isolation for Cloud Datacenter Networks Alan Shieh Cornell University

Seawall: Performance Isolation for Cloud Datacenter Networks Alan Shieh Cornell University

Seawall: Performance Isolation for Cloud Datacenter Networks Alan Shieh Cornell University Srikanth Kandula Albert Greenberg Changhoon Kim Microsoft Research Cloud datacenters: Benefits and obstacles Moving to the cloud has manageability,

221 views • 19 slides
Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing Understanding: Distributed Application Design Resource Management Automation Virtualized Computing Environments High-performance Computing

1.02k views • 49 slides
On the Impact of Isolation Costs on Locality-aware Cloud Scheduling Ankit Bhardwaj, Meghana G

On the Impact of Isolation Costs on Locality-aware Cloud Scheduling Ankit Bhardwaj, Meghana G

On the Impact of Isolation Costs on Locality-aware Cloud Scheduling Ankit Bhardwaj, Meghana G Gupta , Ryan Stutsman University of Utah Scalable Computer Systems Lab www.utah.systems Code Isolation-cost Aware Scheduling Cloud N Networking P

539 views • 19 slides
Cloud Management Chapter 5 eBook: Cloud Compu5ng: Web-Based

Cloud Management Chapter 5 eBook: Cloud Compu5ng: Web-Based

Cloud Management Chapter 5 eBook: Cloud Compu5ng: Web-Based Dynamic IT Services ENGR 5770 / CSCI 5700 Service Compu5ng Winter 2013 1 Cloud

673 views • 21 slides
Dynamic request management algorithms for Web-based services in Cloud computing Riccardo

Dynamic request management algorithms for Web-based services in Cloud computing Riccardo

Dynamic request management algorithms for Web-based services in Cloud computing Riccardo Lancellotti Mauro Andreolini Claudia Canali Michele Colajanni University of Modena and Reggio Emilia COMPSAC 2011 1 Request management for Cloud

370 views • 14 slides
and Scheduling Techniques Agenda for Today Resource management encompasses all the

and Scheduling Techniques Agenda for Today Resource management encompasses all the

Day 5 Heuristic Resource Provisioning and Scheduling Techniques Agenda for Today Resource management encompasses all the characteristics and usage of cloud resources including resource provisioning and resource scheduling The resource

525 views • 25 slides
MULTI-LEVEL MECHANISMS TO SUPPORT SPORADIC CLOUD COMPUTING MOBILE SERVICES BY RESOURCE-SHARING IN

MULTI-LEVEL MECHANISMS TO SUPPORT SPORADIC CLOUD COMPUTING MOBILE SERVICES BY RESOURCE-SHARING IN

MULTI-LEVEL MECHANISMS TO SUPPORT SPORADIC CLOUD COMPUTING MOBILE SERVICES BY RESOURCE-SHARING IN VANET We want to develop a new concept of sporadic CMA to deploy MOTIVATION contex-aware services in VANET. Intelligent Transport Systems (

367 views • 11 slides
ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted

ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted

ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted environment Possibly with multiple tenants Setting OS: users / processes Browser: webpages / browser extensions Cloud: virtual machines (VMs)

272 views • 25 slides
I Heard It through the Firewall: Exploiting Cloud Management Services as an Information Leakage

I Heard It through the Firewall: Exploiting Cloud Management Services as an Information Leakage

I Heard It through the Firewall: Exploiting Cloud Management Services as an Information Leakage Channel Hyunwook Baek , Eric Eide, Robert Ricci, Jacobus Van der Merwe University of Utah 1 Motivation Information leakage in cloud has

874 views • 49 slides
for Resource Security Keith Riley Managing Director Technology Veolia Environmental Services

for Resource Security Keith Riley Managing Director Technology Veolia Environmental Services

Policy &amp; Business Framework for Resource Security Keith Riley Managing Director Technology Veolia Environmental Services Evolution of Resource Management RESOURCE MANAGEMENT INTEGRATED WASTE MANAGEMENT WASTE DISPOSAL Material

268 views • 16 slides
DC-DRF : Adaptive Multi- Resource Sharing at Public Cloud Scale ACM Symposium on Cloud

DC-DRF : Adaptive Multi- Resource Sharing at Public Cloud Scale ACM Symposium on Cloud

DC-DRF : Adaptive Multi- Resource Sharing at Public Cloud Scale ACM Symposium on Cloud Computing 2018 Ian A Kash, Greg OShea, Stavros Volos 1 Public Cloud DC hosting enterprise customers O(100K) servers, mostly small tenants 2

1.21k views • 87 slides
What s Happen in Cloud Arief Rakhmatsyah VP Product Cloud &amp; UC Jakarta, 28November 2018

What s Happen in Cloud Arief Rakhmatsyah VP Product Cloud &amp; UC Jakarta, 28November 2018

Digitech Indonesia Conference 2018 What s Happen in Cloud Arief Rakhmatsyah VP Product Cloud &amp; UC Jakarta, 28November 2018 Cloud Computing means move the use of internal resource on premise to the services of the service providers.

375 views • 20 slides
X-Containers: Breaking Down Barriers to Improve Performance and Isolation of Cloud-Native

X-Containers: Breaking Down Barriers to Improve Performance and Isolation of Cloud-Native

X-Containers: Breaking Down Barriers to Improve Performance and Isolation of Cloud-Native Containers Zhiming Shen Cornell University Joint work with Zhen Sun, Gur-Eyal Sela, Eugene Bagdasaryan, Christina Delimitrou, Robbert Van Renesse, Hakim

266 views • 26 slides
Qt and Cloud Services Sami Makkonen Qt R&amp;D Digia Content Different types of Cloud services

Qt and Cloud Services Sami Makkonen Qt R&amp;D Digia Content Different types of Cloud services

Qt and Cloud Services Sami Makkonen Qt R&amp;D Digia Content Different types of Cloud services Qt and Cloud Services Cloud API for Qt Using PaaS Services from Qt application engin.io Using BaaS from Qt application Different Type of Cloud

670 views • 19 slides
Cost-Efficient Resource Management for Scientific Workflows on the Cloud Ilia Pietri School of

Cost-Efficient Resource Management for Scientific Workflows on the Cloud Ilia Pietri School of

Cost-Efficient Resource Management for Scientific Workflows on the Cloud Ilia Pietri School of Computer Science, University of Manchester, U.K Overview Scientific Meet User User Workflows Constraints Virtual Machines Goals (VMs) Provide

591 views • 27 slides
Constrained Optimization Benchmark for Optimization Modulo Theories: a Cloud Resource Management

Constrained Optimization Benchmark for Optimization Modulo Theories: a Cloud Resource Management

Constrained Optimization Benchmark for Optimization Modulo Theories: a Cloud Resource Management Problem scu 12 s 1 M ad alina Era R azvan Mete 1West University of Timi soara, Romania 2Institute e-Austria Timi soara, Romania

939 views • 77 slides

More recommend