| 9:00 a.m.–10:30 a.m. |
Tuesday |
Paolo Costa, Imperial College London; Matteo Migliavacca, University of Kent; Peter Pietzuch and Alexander L. Wolf, Imperial College London
Cloud computing realises the vision of utility computing. Tenants can benefit from on-demand provisioning of computational resources according to a pay-per-use model and can outsource hardware purchases and maintenance. Tenants, however, have only limited visibility and control over network resources. Even for simple tasks, tenants must resort to inefficient overlay networks.
To address these shortcomings, we propose Network-as-a-Service (NaaS), a framework that integrates current cloud computing offerings with direct, yet secure, tenant access to the network infrastructure. Using NaaS, tenants can easily deploy custom routing and multicast protocols. Further, by modifying the content of packets on-path, they can efficiently implement advanced network services, such as in-network data aggregation, redundancy elimination and smart caching.
We discuss applications that can benefit from NaaS, motivate the functionality required by NaaS, and sketch a possible implementation and programming model that can be supported by current technology. Our initial simulation study suggests that, even with limited processing capability at network switches, NaaS can significantly increase application throughput and reduce network traffic.
Andrew D. Ferguson, Arjun Guha, Jordan Place, Rodrigo Fonseca, and Shriram Krishnamurthi, Brown University
Software Defined Networks, which provide a programmable, logically centralized abstraction of network control, offer an escape from the current state of enterprise and datacenter network configuration, plagued by brittle, static solutions involving manual setting of myriad devices. But if SDNs provide an operating system for the network, we are missing the analog to system calls – an API for end-users and their applications to take part in network configuration. In response, we propose participatory networking, a new paradigm for network configuration in which users submit requests or hints for current and future network properties such as quality of service, access control, and path selection. We describe the initial design and implementation of a participatory networking system, PANE, and its solutions to the challenges of resource arbitration and privilege delegation.
Adiseshu Hari, Ramesh Viswanathan, and T.V. Lakshman, Bell Labs, USA; Y.J. Chang, ITRI, Taiwan
We introduce the notion of a Personal Cloud — a collection of Virtual Machines (VMs) running on unused computers at the edge. The Personal Cloud provides an ideal solution for the secure sharing of compute and storage resources across peers in a resource and application agnostic manner, and facilitates new computational paradigms such as datacenter-less, distributed virtual clouds. We provide and implement solutions for the challenges of managing a Personal Cloud, such as IP address sharing, bandwidth sharing and isolation from local home network traffic. We also propose and implement a provably optimal solution to the resource management problem, allowing peers to share VMs across their individual Personal Clouds by specifying their resource offers and requests, and verify its performance via detailed simulations.
|
| 10:30 a.m.–11:00 a.m. |
Tuesday |
|
| 11:00 a.m.–Noon |
Tuesday |
Aaron Gember, Charlotte Dragga, and Aditya Akella, University of Wisconsin, Madison
Offloading has emerged as a promising idea to allow handheld devices to access intensive applications without performance or energy costs. This could be particularly useful for enterprises seeking to run line-of-business applications on handhelds. However, we must address two practical roadblocks in order to make offloading amenable for enterprises: (i) ensuring data privacy and the use of trusted offloading resources, and (ii) accommodating offload at scale with diverse handheld objectives and compute resource capabilities. We present the design and implementation of an Enterprise-Centric Offloading System (ECOS) which augments prior offloading proposals to address these issues. ECOS uses a logically central controller to opportunistically leverage diverse compute resources, while tightly controlling where specific applications offload depending on privacy, performance, and energy constraints of users and applications. A wide range of experiments using a real prototype establish the effectiveness of our approach.
Hyunseok Chang, Murali Kodialam, T.V. Lakshman, Sarit Mukherjee, and Limin Wang, Bell Laboratories, Alcatel-Lucent
An enterprise uses VPNs, leased from a service provider, to interconnect multiple sites that are geographically apart. The service providers, as they start providing cloud-based services, are finding themselves well-positioned to providing storage services in the cloud for an enterprise, and make the service accessible through the existing VPN connections. Enterprise users, however, are used to fast, ubiquitous and guaranteed access to the storage from any enterprise location. This is achieved by having network attached storage (NAS) connected to the enterprise network. In order to maintain the same level of service, when the enterprise storage is moved into the cloud, the service provider must ensure that the storage is accessible from all the enterprise locations as if it is connected to the enterprise network itself, regardless of the actual user or the file. In this paper, we present a system that enables cloud storage service with guaranteed performance from all published access locations of an enterprise. Knowing only the limits on users access rates or their access bandwidth limitations, we develop an access oblivious storage provisioning and placement strategy. Our system uses a combination of chunking, data replication and intelligent data placement to guarantee performance to accessing the storage in an access independent manner without significant over-provisioning.
|
| Noon–1:30 p.m. |
Tuesday |
|
| 1:30 p.m–3:00 p.m. |
Tuesday |
Florin Dinu and T.S. Eugene Ng, Rice University
Automatically managing collocated cloud applications for improved performance is a hard problem due to the unprecedented scale and the dynamics of the multiplexed cloud environment. Compounding the problem, today’s approaches to cloud application management are too limited in the way they acquire information. Monitoring performed by the operator is too low level and application agnostic while monitoring performed by applications in isolation is too restricted. In this paper 1 we propose sharing of application experiences as a cloud and application management building block. To achieve this level of sharing, the current state-of-the-art towards increased isolation among cloud applications needs to be re-thought. Focusing on isolation overlooks and potentially impedes the substantial benefits obtainable through sharing application experiences. We explore the benefits, challenges and incentives associated with sharing application experiences and argue why sharing is a winning proposition for both operators and applications. We also propose a web portal synergy2cloud.com that we hope will serve as a stepping stone for making cross-sharing cloud application experiences a reality.
Salman A. Baset, Long Wang, and Chunqiang Tang, IBM Research
Oversubscription can leverage under utilized capacity in the cloud but can lead to overload. A cloud provider must manage overload due to oversubscription for maximizing its profit while minimizing any service level agreement (SLA) violations. This paper develops an understanding of oversubscription in cloud through modeling and simulations, and explores the relationship between overload mitigation schemes and SLAs.
Hui Kang, Stony Brook University; Xiaoyun Zhu, VMware, Inc.; Jennifer L. Wong, Stony Brook University
As cloud service providers leverage server virtualization to host applications in virtual machines (VMs), they must ensure proper allocation of resource capacities in order to satisfy the contracted service level agreements (SLAs) with the application owners. However, the ever-growing number of virtual and physical machines within such infrastructure creates greater challenges in quickly and effectively localizing the system bottlenecks that lead to SLA violations. This paper describes DAPA, a new performance diagnostic framework to help system administrators analyze application performance anomalies and identify potential causes of SLA violations. DAPA incorporates several customized statistical techniques to capture the quantitative relationship between the application performance and virtualized system metrics. We have built a prototype implementation of DAPA on a cluster of virtualized systems to diagnose a set of SLA violations for an enterprise application. Preliminary evaluation results show that DAPA is able to localize the most suspicious attributes of the virtual machines and physical hosts that are related to the SLA violations.
|
| 3:00 p.m–3:30 p.m. |
Tuesday |
|
| 3:30 p.m–4:30 p.m. |
Tuesday |
Panelists: Anees Shaikh, IBM Research; Sujata Banerjee, HP Labs; Dave Maltz, Microsoft Research; John Wilkes, Google; Paolo Costa, Imperial College, UK
|
| 4:30 p.m–5:00 p.m. |
Tuesday |
|
| 5:00 p.m–6:00 p.m. |
Tuesday |
Xin Jin, Princeton University; Eric Keller, University of Pennsylvania; Jennifer Rexford, Princeton University
Cloud computing leverages virtualization to offer resources on demand to multiple “tenants”. However, sharing the server and network infrastructure creates new vulnerabilities, where one tenant can attack another by compromising the underlying hypervisor. We design a system that supports virtualized networking using software switches without a hypervisor. In our architecture, the software switch runs in a Switch Domain (DomS) that is separate from the control VM. Both the guest VMs and DomS run directly on the server hardware, with processing and memory resources allocated in advance. Each guest VM interacts with the software switch through a shared memory region using periodic polling to detect network packets. The communication does not involve the hypervisor or the control VM. In addition, any software bugs that crash the software switch do not crash the rest of the system, and a crashed switch can be easily rebooted. Experiments with our initial prototype, built using Xen and Open vSwitch, show that the combination of shared pages and polling offers reasonable performance compared to conventional hypervisor-based solutions.
Amin Tootoonchian, University of Toronto and International Computer Science Institute; Sergey Gorbunov and Yashar Ganjali, University of Toronto; Martin Casado, Nicira Networks; Rob Sherwood, Big Switch Networks
Rob leads standardization and controller software architecture at Big Switch, where he developed and evangelized the emerging OpenFlow standard and network virtualization. He is the current Chair of the ONF’s Architecture & Framework Working Group and all Northbound API activity and was vice-chair for the ONF Testing & Interoperability Working Group. Rob prototyped the first OpenFlow-based network hypervisor, the “FlowVisor,” allowing production and experimental traffic to safely co-exist on the same physical network, and is involved in various standards efforts and partner and customer engagements. Rob holds a Ph.D. in Computer Science from the University of Maryland, College Park.
Little is known about the practical performance implications of Software-Defined Networking (SDN). And while recent work has attempted to address perceived limitations of SDN, they compare against systems that have not been optimized for performance. In this paper, we hope to establish both a methodology for measuring the performance of various SDN implementations, as well as a reasonable "base case" for comparison. To that end, we have built "NOX-MT", an optimized multithreaded SDN controller based on NOX, and a new tool "cbench" for comparative benchmarking.
We show that NOX-MT has six times higher throughput than NOX in a run with a single CPU, and 33 times better throughput in a run with 8 CPU cores. On a machine with eight 2GHz CPU cores, NOX-MT handles up to 1.6 million flows per second with a flow setup latency of 3 milliseconds. These results demonstrate the possibility of building very fast SDN controllers.
|
