secure async execution
play

Secure Async Execution @ Brennan Saeta The Beginnings 2012 1 - PowerPoint PPT Presentation

Feb 15, 2024 •22 likes •922 views

ECS & Docker: Secure Async Execution @ Brennan Saeta The Beginnings 2012 1 million 4 10 learners courses partners worldwide Education at Scale 18 million 140 1,800 learners courses partners worldwide Outline Evolution

  1. ECS & Docker: Secure Async Execution @ Brennan Saeta

  3. The Beginnings — 2012 1 million 4 10 learners courses partners worldwide

  4. Education at Scale 18 million 140 1,800 learners courses partners worldwide

  5. Outline • Evolution of Coursera’s nearline execution systems • Next-generation execution framework: Iguazú • Iguazú application deep dive: GrID — evaluating programming assignments

  6. Key Takeaways • What is nearline execution, and why it is useful • Best practices for running containers in production in the cloud • Hardening techniques for securely operating container infrastructure at scale

  7. A history of nearline execution

  9. Coursera Architecture (2012) PHP Monolith

  10. Early days - Requirements • Video re-encoding for distribution • Grade computation for 100,000+ learners • Pedagogical data exports for courses

  11. Coursera Architecture (2012) PHP Monolith

  12. Cascade Architecture Cascade PHP PHP Monolith Monolith

  13. Cascade Architecture Cascade Queue PHP PHP Monolith Monolith

  14. Upgrading to Scala Re-architecting delayed execution for our 2 nd generation learning platform.

  15. Upgrading to the JVM • Leverage mature Scala & JVM ecosystems for code sharing • JVM much more reliable (no memory leaks) • New job model: scheduled recurring jobs. • Named: Saturn

  16. Saturn Architecture Online Serving Scala/micro-service architecture Service A Service B Service C C* C*

  17. Saturn Architecture Online Serving Scala/micro-service architecture Service A Saturn Service B Service C C* C*

  18. Saturn Architecture Service A Saturn ZK Ensemble Service B Service C C* C*

  19. Saturn Architecture Service A Saturn Leader ZK Ensemble Service B Service C C* C*

  20. Problems with Saturn • Single master meant naïve implementation ran all jobs in same JVM • Huge CPU contention @ top of the hour • OOM Exceptions & GC issues

  21. Enter: Docker Containers allow for resource isolation! CC-by-2.0 https://www.flickr.com/photos/photohome_uk/1494590209

  22. Supported Features Platform Amazon Iguazú Saturn Docker ECS ✅ ✅ ✅ ✅ Run code ❌ ✅ ✅ ✅ Resource Isolation ☑︐ ❌ ✅ ✅ Clusters / HA Great ✅ ❌ ❌ ✅ developer workflow ✅ ❌ ❌ ✅ Scheduled Jobs

  23. Supported Features Platform Amazon Iguazú Saturn Docker ECS ✅ ✅ ✅ ✅ Run code ❌ ✅ ✅ ✅ Resource Isolation ✅ ❌ ✅ ✅ Clusters / HA Great ✅ ❌ ❌ ✅ developer workflow ✅ ❌ ❌ ✅ Scheduled Jobs

  24. Supported Features Platform Amazon Iguazú Saturn Docker ECS ✅ ✅ ✅ ✅ Run code ❌ ✅ ✅ ✅ Resource Isolation ✅ ❌ ✅ ✅ Clusters / HA Great ✅ ❌ ❌ ✅ developer workflow ✅ ❌ ❌ ✅ Scheduled Jobs

  25. Supported Features Platform Amazon Iguazú Saturn Docker ECS ✅ ✅ ✅ ✅ Run code ❌ ✅ ✅ ✅ Resource Isolation ✅ ❌ ✅ ✅ Clusters / HA Great ✅ ❌ ❌ ✅ developer workflow ✅ ❌ ❌ ✅ Scheduled Jobs

  26. Supported Features Platform Amazon ??? Saturn Docker ECS ✅ ✅ ✅ ✅ Run code ❌ ✅ ✅ ✅ Resource Isolation ✅ ❌ ✅ ✅ Clusters / HA Great ✅ ❌ ❌ ✅ developer workflow ✅ ❌ ❌ ✅ Scheduled Jobs

  27. Solution: Iguazú Marissa Strniste (https://www.flickr.com/photos/mstrniste/5999464924) CC-BY-2.0

  28. Solution: Iguazú • Framework & service for asynchronous execution • Optimized Scala developer experience for Coursera • Unified scheduler supports: • Immediate execution (nearline) • Scheduled recurring execution (cron-like) • Deferred execution (run once @ time X) Marissa Strniste (https://www.flickr.com/photos/mstrniste/5999464924) CC-BY-2.0

  29. Iguazú Architecture ECS API Iguazú Admin SQS Iguazú Devs Scheduler Iguazú Backend Iguazú Frontend Iguazú Workers Services Services Cassandra Users

  30. Iguazú Architecture ECS API Iguazú SQS Admin Queue Iguazú Devs Scheduler Iguazú Backend Iguazú Frontend Iguazú Workers Services Services Cassandra Users

  31. Iguazú Architecture ECS API Iguazú SQS Admin Queue Iguazú Devs Scheduler Iguazú Backend Iguazú Frontend Iguazú Workers Services Services Cassandra Users

  32. Iguazú Architecture ECS API ZK Ensemble Iguazú SQS Admin Queue Iguazú Devs Scheduler Iguazú Backend Iguazú Frontend Iguazú Workers Services Services Cassandra Users

  33. Iguazú Architecture ECS API ZK Ensemble Iguazú SQS Admin Queue Iguazú Devs Scheduler Iguazú Backend Iguazú Frontend Iguazú Workers Services Services Cassandra Users

  34. Autoscale, autoscale, autoscale!

  35. Autoscaling ⇄ Iguazú ⇆ ECS Shutdown Lifecycle Poll Worker Notification Job Status Iguazu Autoscaling ECS API All finished Proceed Term- inate EC2 EC2 EC2 Worker Worker Worker

  36. Failure in Nearline Systems • Most jobs are non-idempotent • Iguazú: At most once execution • Time-bounded delay • Future: At least once execution • With caveats

  37. Iguazú adoption by the numbers >1000 runs >100 different job ~100 jobs in per day schedules production

  38. Iguazú Applications Nearline Jobs Scheduled Recurring Jobs • Pedagogical Instructor • Course Reminders • System Integrations Data Exports • System Integrations • Payment reconciliation • Course translations • Course Migrations • Housekeeping • Build artifact archival • A/B Experiments

  39. While containers may help you on your journey, they are not themselves a destination. CC-by-2.0 https://www.flickr.com/photos/usoceangov/5369581593

  40. Writing an Iguazu Job class AbReminderJob @Inject() (abClient: AbClient, email: EmailAPI) extends AbstractJob { override val reservedCpu = 1024 // 1 CPU core override val reservedMemory = 1024 // 1 GB RAM def run(parameters: JsValue) = { val experiments = abClient.findForgotten() logger.info(s"Found ${experiments.size} forgotten experiments.") experiments.foreach { experiment => sendReminder(experiment.owners, experiment.description) } } }

  41. Writing an Iguazu Job class AbReminderJob @Inject() (abClient: AbClient, email: EmailAPI) extends AbstractJob { override val reservedCpu = 1024 // 1 CPU core override val reservedMemory = 1024 // 1 GB RAM def run(parameters: JsValue) = { val experiments = abClient.findForgotten() logger.info(s"Found ${experiments.size} forgotten experiments.") experiments.foreach { experiment => sendReminder(experiment.owners, experiment.description) } } }

  42. Writing an Iguazu Job class AbReminderJob @Inject() (abClient: AbClient, email: EmailAPI) extends AbstractJob { override val reservedCpu = 1024 // 1 CPU core override val reservedMemory = 1024 // 1 GB RAM def run(parameters: JsValue) = { val experiments = abClient.findForgotten() logger.info(s"Found ${experiments.size} forgotten experiments.") experiments.foreach { experiment => sendReminder(experiment.owners, experiment.description) } } }

  43. Writing an Iguazu Job class AbReminderJob @Inject() (abClient: AbClient, email: EmailAPI) extends AbstractJob { override val reservedCpu = 1024 // 1 CPU core override val reservedMemory = 1024 // 1 GB RAM def run(parameters: JsValue) = { val experiments = abClient.findForgotten() logger.info(s"Found ${experiments.size} forgotten experiments.") experiments.foreach { experiment => sendReminder(experiment.owners, experiment.description) } } }

  44. Writing an Iguazu Job class AbReminderJob @Inject() (abClient: AbClient, email: EmailAPI) extends AbstractJob { override val reservedCpu = 1024 // 1 CPU core override val reservedMemory = 1024 // 1 GB RAM def run(parameters: JsValue) = { val experiments = abClient.findForgotten() logger.info(s"Found ${experiments.size} forgotten experiments.") experiments.foreach { experiment => sendReminder(experiment.owners, experiment.description) } } }

  45. Testing an Iguazu job

  46. The Hollywood Principle applies to distributed systems. CC-by-2.0 https://www.flickr.com/photos/raindog808/354080327

  47. Deploying a new Iguazu Job • Developer • merge into master… done • Jenkins Build Steps • Compile & package job JAR • Prepare Docker image • Pushes image into registry • Register updated job with Amazon ECS API

  48. Invoking an Iguazú Job // invoking a job with one function call // from another service via REST framework RPC val invocationId = iguazuJobInvocationClient .create(IguazuJobInvocationRequest( jobName = "exportQuizGrades", parameters = quizParams))

  49. A clean environment increases reliability. CC-by-2.0 https://www.flickr.com/photos/raindog808/354080327

  50. Evaluating Programming Assignments An application of Iguazú

  53. Design Goals Elastic No Near Real-time Secure Infrastructure Maintenance Infrastructure

  54. Design Goals Elastic No Near Real-time Secure Infrastructure Maintenance Infrastructure

  55. Design Goals Elastic No Near Real-time Secure Infrastructure Maintenance Infrastructure

Recommend

and Subsystems A follow up session on UE4s async execution model Michele Mischitelli Main

and Subsystems A follow up session on UE4s async execution model Michele Mischitelli Main

Unreal Engine 4: Delegates, Async and Subsystems A follow up session on UE4s async execution model Michele Mischitelli Main topics of this meetup Delegates Asynchronous Subsystems execution Data types that Strategies and classes

1.1k views • 27 slides
Async execution with workqueues Bhaktipriya Shridhar About me $whoami Outreachy Intern at the

Async execution with workqueues Bhaktipriya Shridhar About me $whoami Outreachy Intern at the

Async execution with workqueues Bhaktipriya Shridhar About me $whoami Outreachy Intern at the Linux Kernel with Tejun Heo as my mentor. Working on updating Legacy workqueue interface users in the Linux Kernel . Also, a 3rd year

613 views • 49 slides
Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in the Quantum Era (SPS G5448) February 5th, 2020 Christian Colombo Mark Vella Cryptographic Protocols Design Proofs to validate design against

467 views • 20 slides
std::async Standard C++ function template Supposed to make threads (easier) Already

std::async Standard C++ function template Supposed to make threads (easier) Already

a sync m agic (en)light e ning talk trieger@informatik.hu-berlin.de async as a code reordering specifier Everything else is just multithreading EuroLLVM14 Tobias Rieger 1 std::async Standard C++ function template Supposed to make

244 views • 7 slides
Async & JS A walkthrough common asynchronous patterns for the client, the server and the

Async & JS A walkthrough common asynchronous patterns for the client, the server and the

Async & JS A walkthrough common asynchronous patterns for the client, the server and the Internet Of Things by Andrea Giammarchi @WebReflection quick story about me Created first offline HTML5 Map navigation in 2011 ( async WebSQL based

826 views • 54 slides
Secure Program Execution via Secure Program Execution via Dynamic Information Flow Dynamic

Secure Program Execution via Secure Program Execution via Dynamic Information Flow Dynamic

Secure Program Execution via Secure Program Execution via Dynamic Information Flow Dynamic Information Flow Tracking Tracking G. Edward Suh Suh, , Jae Jae W. Lee, David W. Lee, David G. Edward Zhang, Srinivas Srinivas Devadas Devadas

547 views • 26 slides
Secure Multi-Execution Dominique Devriese Frank Piessens K.U.Leuven May 14, 2010 Dominique

Secure Multi-Execution Dominique Devriese Frank Piessens K.U.Leuven May 14, 2010 Dominique

Secure Multi-Execution Dominique Devriese Frank Piessens K.U.Leuven May 14, 2010 Dominique Devriese, Frank Piessens (K.U.Leuven) Secure Multi-Execution May 14, 2010 1 / 24 Secure Multi-Execution Outline Secure Multi-Execution

622 views • 29 slides
Provably Secure Execution Platforms - Lecture Four: A Simple Separation Kernel and Its

Provably Secure Execution Platforms - Lecture Four: A Simple Separation Kernel and Its

Provably Secure Execution Platforms - Lecture Four: A Simple Separation Kernel and Its Verification Mads Dam KTH Royal Institute of Technology BISS spring school, Bertinoro 2018 The Goal Hypervisor Context switch: Fixed round-robin

1.16k views • 67 slides
Provably Secure Execution Platforms - Lecture One: Introduction Mads Dam KTH Royal Institute

Provably Secure Execution Platforms - Lecture One: Introduction Mads Dam KTH Royal Institute

Provably Secure Execution Platforms - Lecture One: Introduction Mads Dam KTH Royal Institute of Technology Thanks to Roberto Guanciale, Musard Balliu, Christoph Baumann, Hamed Nemati, Oliver Schwarz, Victor Do, Christian Gehrmann, Jonas

1.41k views • 114 slides
CaSE: Cache-Assisted Secure Execution on ARM Processors N1 N1NG NG ZHA ZHANG , KUN SUN, WENJING

CaSE: Cache-Assisted Secure Execution on ARM Processors N1 N1NG NG ZHA ZHANG , KUN SUN, WENJING

CaSE: Cache-Assisted Secure Execution on ARM Processors N1 N1NG NG ZHA ZHANG , KUN SUN, WENJING LOU, TOM HOU Talk Outline Motivation and Background Why this work ? Threat Model What are we defending against ? CaSE:

248 views • 21 slides
System Architectures and Techniques for Efficient, Secure, and Trusted Code Execution Mario

System Architectures and Techniques for Efficient, Secure, and Trusted Code Execution Mario

System Architectures and Techniques for Efficient, Secure, and Trusted Code Execution Mario Werner May 7, 2020 Graz University of Technology Why do we care about code? www.tugraz.at 10:20 July 18 W i r e l e s s - G A D S L G

599 views • 49 slides
SKEE: A Lightweight Secure Kernel level Execution Environment for ARM Ahmed M Azab, Kirk

SKEE: A Lightweight Secure Kernel level Execution Environment for ARM Ahmed M Azab, Kirk

SKEE: A Lightweight Secure Kernel level Execution Environment for ARM Ahmed M Azab, Kirk Swidowski, Rohan Bhutkar, Jia Ma, Wenbo Shen, Ruowen Wang, Peng Ning Samsung KNOX R&D, Samsung Research America Motivation Operating system kernels

543 views • 25 slides
CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves Meni

CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves Meni

CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in Enclaves Meni Orenbach (Technion), Yan Michalevsky (Anjuna), Christof Fetzer (TU Dresden, Scone), Mark Silberstein (Technion) Published in USENIX ATC19

744 views • 24 slides
The Talk youve been .await-ing for @steveklabnik async fn foo(s: String) -> i32 { //

The Talk youve been .await-ing for @steveklabnik async fn foo(s: String) -> i32 { //

The Talk youve been .await-ing for @steveklabnik async fn foo(s: String) -> i32 { // } fn foo(s: String) -> impl Future<Output=i32> { // } Stuff were going to talk about async/await and Futures Generators:

873 views • 73 slides
Linux Kernel Crypto API Herbert Xu Red Hat Inc. Current State Async + sync cipher interface.

Linux Kernel Crypto API Herbert Xu Red Hat Inc. Current State Async + sync cipher interface.

Linux Kernel Crypto API Herbert Xu Red Hat Inc. Current State Async + sync cipher interface. Async + sync hash interface. AEAD interface. Compress-as-you-go interface. RNG interface. Current State A handful of async PCI

970 views • 7 slides
Clemmys Towards Secure Remote Execution in FaaS Bohdan Trach , Oleksii Oleksenko, Franz Gregor,

Clemmys Towards Secure Remote Execution in FaaS Bohdan Trach , Oleksii Oleksenko, Franz Gregor,

Clemmys Towards Secure Remote Execution in FaaS Bohdan Trach , Oleksii Oleksenko, Franz Gregor, Pramod Bhatotia, Christof Fetzer ACM SYSTOR 2019 FaaS Paradigm of Cloud Computing Function Runtime Guest OS Function Hypervisor Host OS FaaS

1.34k views • 98 slides
Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work

Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work

Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work with Alessandro Chiesa Eli Ben-Sasson Daniel Genkin 1 Technion Cryptoday June 16, 2011 Motivation 3 Motivation INTEGRITY CONFIDENTIALITY

725 views • 50 slides
Bonus: ES8 Async & Await Shan-Hung Wu & DataLab CS, NTHU Outline ES6 Promises

Bonus: ES8 Async & Await Shan-Hung Wu & DataLab CS, NTHU Outline ES6 Promises

Bonus: ES8 Async & Await Shan-Hung Wu & DataLab CS, NTHU Outline ES6 Promises ES8 Async & Await Pitfalls 2 // in method1() const p = new Promise((resolve, reject) => { ... // do asynchronous job here ES6 Promise

466 views • 17 slides
Safe Loading A Foundation for Secure Execution of Untrusted Programs Mathias Payer, Tobias

Safe Loading A Foundation for Secure Execution of Untrusted Programs Mathias Payer, Tobias

Safe Loading A Foundation for Secure Execution of Untrusted Programs Mathias Payer, Tobias Hartmann, Thomas R. Gross Department of Computer Science ETH Zurich, Switzerland Motivation Application code Kernel 2 Motivation Application code

483 views • 30 slides
Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr

Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr

Formal Abstractions for Attested Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr Trusted hardware: Different communities, different world views 2 Trusted hardware: Different communities,

929 views • 72 slides
MASTERING STRATEGY EXECUTION 18 BEST PRACTICES FOR STRATEGY EXECUTION STRATEGY EXECUTION AS

MASTERING STRATEGY EXECUTION 18 BEST PRACTICES FOR STRATEGY EXECUTION STRATEGY EXECUTION AS

MASTERING STRATEGY EXECUTION 18 BEST PRACTICES FOR STRATEGY EXECUTION STRATEGY EXECUTION AS COMPETITIVE ADVANTAGE STRATEGY EXECUTION IS CRUCIAL FOR EVERY ORGANIZATION o Successful execution of strong and robust strategies gives any organization

641 views • 32 slides
How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

DIMACS Workshop On Secure Routing March 10, 2010 How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing Protocols? $ $ Sharon Goldberg Microsoft Research & Boston University y Michael Schapira

701 views • 54 slides
IO::Async Paul LeoNerd Evans 2010/12/04 LPW2010 Introductions Paul Evans = { CPAN

IO::Async Paul LeoNerd Evans 2010/12/04 LPW2010 Introductions Paul Evans = { CPAN

IO::Async Paul LeoNerd Evans 2010/12/04 LPW2010 Introductions Paul Evans = { CPAN => PEVANS, IRC => LeoNerd, } A look at the IO::Async distribution Why Asynchronise? IO operations are not instantaneous

711 views • 31 slides
Rusts Journey to Async/Await Steve Klabnik Hi, Im Steve! On the Rust team Work at

Rusts Journey to Async/Await Steve Klabnik Hi, Im Steve! On the Rust team Work at

Rusts Journey to Async/Await Steve Klabnik Hi, Im Steve! On the Rust team Work at Cloudflare Doing two workshops! Parallel: do multiple things at once What is async? Concurrent: do multiple things, not at once

1.4k views • 100 slides

More recommend