Workshop Program

We have spent years striving to build perfect apps running on perfect kernels on perfect CPUs connected by perfect networks, but this utopia hasn't really arrived. Instead we live in a dystopian world of buggy apps changing several times a day running on JVMs running on an old version of Linux running on Xen running on something I can't see, that only exists for a few hours, connected by a network of unknown topology and operated by many layers of automation. I will discuss the new challenges and demands of living in this dystopian world of cloud-based services. I will also give an overview of the Netflix open source cloud platform (see netflix.github.com) that we use to create our own island of utopian agility and availability regardless of what is going on underneath.

Adrian is the Director of Architecture for the Cloud Systems team at Netflix, and is leading the Netflix Open Source Software program and the Cloud Prize. Before joining Netflix in 2007, Adrian was a founding member of eBay Research Labs. He spent 16 years at Sun Microsystems, including a stint as Distinguished Engineer and chief architect for Sun's High Performance Technical Computing group. Adrian authored two editions of Sun Performance and Tuning: Java and the Internet; and co-authored two Sun Blueprint books, Resource Management and Capacity Planning for Internet Services.

Despite the increasing popularity of Infrastructure-as-a-service (IaaS) clouds, providers have been very slow in adopting a large number of innovative technologies, such as live VM migration, dynamic resource management, and VM replication. In this paper, we argue that the reasons are not only technical but also fundamental, due to lack of transparency and conflict of interest between providers and customers. We present our vision inception, a nested IaaS cloud architecture to overcome this impasse. Inception clouds are built entirely on top of the resources acquired from today’s clouds, and provide nested VMs to end users. We discuss the benefits, use cases, and challenges of inception clouds, and present our network design and prototype implementation.

Different companies sharing the same cloud infrastructure often prefer to run their virtual machines (VMs) in isolation, i.e., one VM per physical machine (PM) core, due to security and efficiency concerns. To accommodate load spikes, e.g., those caused by flash-crowds, each service is allocated more machines than necessary for its instantaneous load. However, flash-crowds of different hosted services are not correlated, so at any given time, only a subset of the machines are used.

We present here the concept of preallocation—having a single physical machine ready to quickly run one of a few possible VMs, without ever running more than one at a given time. The preallocated VMs are initialized and then paused by the hypervisor. We suggest a greedy preallocation strategy, and evaluate it by simulation, using workloads based on previous analyses of flash-crowds. We observe a reduction of 35-50% in number of PMs used compared with classical dynamic allocation. This means that a datacenter can provide per-service isolation with 35%-50% fewer PMs.

The degree of multiplexing in datacenters necessitates careful resource scheduling, and network bandwidth is no exception. Unfortunately, today we are left with little control to accurately schedule network traffic with low overhead on end-hosts. This paper presents NicPic, a system which enables accurate network traffic scheduling in a scalable fashion. The key insight in NicPic is to decouple the responsibility of state-management and packet scheduling between the CPU and the NIC, respectively. The CPU is only involved in classifying packets, enqueueing them in per-class queues maintained in host memory, and specifying rate limits for each traffic class. The NIC handles packet scheduling and transmission on a real-time basis. In this paper, we present the design of NicPic  which offers a scalable solution for transmit scheduling in future high speed NICs.

Cloud computing providers today do not offer guarantees for the network bandwidth available in the cloud, preventing tenants from running their applications predictably. To provide guarantees, several recent research proposals offer tenants a virtual cluster abstraction, emulating physical networks. Whereas offering dedicated virtual network abstractions is a significant step in the right direction, in this paper we argue that the abstractions exposed to tenants should aim to model tenant application structures rather than aiming to mimic physical network topologies. The fundamental problem in providing users with dedicated network abstractions is that the communication patterns of real applications do not typically resemble the rigid physical network topologies. Thus, the virtual network abstractions often poorly represent the actual communication patterns, resulting in overprovisioned/wasted network resources and underutilized computational resources.

We propose a new abstraction for specifying bandwidth guarantees, which is easy to use because it closely follows application models; our abstraction specifies guarantees as a graph between application components. We then propose an algorithm to efficiently deploy this abstraction on physical clusters. Through simulations, we show that our approach is significantly more efficient than prior work for offering bandwidth guarantees.

As the number of cores in a multicore node increases in accordance with Moore’s law, the question arises as to whether there are any “hidden” costs of a cloud’s virtualized environment when scaling applications to take advantage of larger core counts. This paper identifies one such cost, resulting in up to a 583% slowdown as the multicore application is scaled. Surprisingly, these slowdowns arise even when the application’s VM has dedicated use of the underlying physical hardware and does not use emulated resources. Our preliminary findings indicate that the source of the slowdowns is the intervention from the VMM during synchronization-induced idling in the application, guest OS, or supporting libraries. We survey several possible mitigations, and report preliminary findings on the use of “idleness consolidation” and “IPI-free wakeup” as a partial mitigation.

Many enterprises use the cloud to host applications such as web services, big data analytics and storage. One common characteristic among these applications is that, they involve significant I/O activities, moving data from a source to a sink, often without even any intermediate processing. However, cloud environments tend to be virtualized in nature with tenants obtaining virtual machines (VMs) that often share CPU. Virtualization introduces a significant overhead for I/O activity as data needs to be moved across several protection boundaries. CPU sharing introduces further delays into the overall I/O processing data flow. In this paper, we propose a simple abstraction called vPipe to mitigate these problems. vPipe introduces a simple “pipe” that can connect data sources and sinks, which can be either files or TCP sockets, at the virtual machine monitor (VMM) layer. Shortcutting the I/O at the VMM layer achieves significant CPU savings and avoids scheduling latencies that degrade I/O throughput. Our evaluation of vPipe prototype on Xen shows that vPipe can improve file transfer throughput significantly while reducing overall CPU utilization.

Companies and individuals are understandably worried about entrusting their precious body of data and processing to the cloud. After all, cloud services appear to be complex black-boxes operated in unknown ways by a third party. And, when a major outage hits the front page of the papers, one cannot help but worry.

In this talk, I argue that we can make cloud services highly trustworthy both by extending the limits of fault tolerance techniques and by designing systems to support end-to-end correctness checks. Better still, cloud providers are in a unique position to protect their customers from a range of threats. We, as researchers, should further explore these opportunities that will arise as we stop worrying and trust the cloud.

Today, a growing number of users are opting to move their systems and services from self-hosted data centers to cloud-hosted IaaS offerings. These users wish to both benefit from the efficiencies that shared multitenant hosting can offer while still retaining or improving the kinds of security and control afforded by self-hosted solutions. In this paper, we present Jobber: a highly autonomous multi-tenant network security framework designed to handle both the dynamic nature of cloud datacenters and the desire for optimized inter-tenant communication. Our Jobber prototype leverages principals from Software Defined Networking and Introduction Based Routing to build an inter-tenant network policy solution capable of automatically allowing optimized communication between trusted tenants while also blocking or rerouting traffic from untrusted tenants. Jobber is capable of automatically responding to the frequent changes in virtualized data center topologies and, unlike traditional security solutions, requires minimal manual configuration, cutting down on configuration errors.

In this work we introduce Clone2Clone (C2C), a distributed peer-to-peer platform for cloud clones of smartphones. C2C shows dramatic performance improvement that is made possible by offloading communication between smartphones on the cloud. Along the way toward C2C, we study the performance of device-clones hosted in various virtualization environments in both private (local servers) and public (Amazon EC2) clouds. We build the first Amazon Customized Image (AMI) for Android-OS—a key tool to get reliable performance measures of mobile cloud systems—and show how it boosts up performance of Android images on the Amazon cloud service. We then design, build, and implement C2C. Upon it we build CloneDoc, a secure real-time collaboration system for smartphone users. We measure the performance of CloneDoc by means of experiments on a testbed of 16 Android smartphones and clones hosted on both private and public cloud services. We show that C2C makes it possible to implement distributed execution of advanced peer-to-peer services in a network of mobile smartphones reducing 3 times the cellular data traffic and saving 99%, 80%, and 30% of the battery for respectively security checks, user status update and document editing.

Distributed in-memory key-value stores such as memcached have become a critical middleware application within current web infrastructure. However, typical x86-based systems yield limited performance scalability and high power consumption as their architecture with its optimization for single thread performance is not wellmatched towards the memory-intensive and parallel nature of this application. In this paper we present the design of a novel memcached architecture implemented on Field Programmable Gate Arrays (FPGAs) which is the first in literature to achieve 10Gbps line rate processing for all packet sizes. By transformation of the functionality into a dataflow architecture, the implementation can not only provide significant speed-up but also operate at a lower power consumption than any x86. More specifically, with our prototype we have measured an increase of up to a factor of 36x in requests per second per Watt that can be serviced in comparison to the best published numbers for regular servers with optimized software. Additionally, we show that through the tight integration of network interface, memory and compute, round trip latency can be reduced down to below 4.5 microseconds.

Open source cloud platforms are playing an increasingly significant role in cloud computing. These systems have been undergoing rapid development cycles. As an example, OpenStack has grown approximately 10 times in code size since its inception two and a half years ago. Confronting such fast-pace changes, cloud providers are challenged to understand OpenStack’s up-to-date behaviors and adapt and optimize their provisioned services and configurations to the platform changes quickly. In this work, we use a black-box technique for conducting a deep analysis of four versions of OpenStack. This is the first study in the literature that tracks the evolution of a popular open source cloud platform. Our analysis results reveal important trends of SQL queries in OpenStack, help identify precise points for targeted error injection, and point out potential ways to improve performance (e.g. by changing authentication to PKI). The OpenStack case study in this work effectively demonstrates that our automated black-box methodology aids quick understanding of platform evolution and is critical for effective and rapid consumption of an open-source cloud platform.

With the advent of cloud computing, thousands of machines are connected and managed collectively. This era is confronted with a new challenge: performance variability, primarily caused by large-scale management issues such as hardware failures, software bugs, and configuration mistakes. In this paper, we highlight one overlooked cause: limping hardware—hardware whose performance degrades significantly compared to its specification. We present numerous cases of limping disks, network and processors seen in production, along with the negative impacts of such failures on existing large-scale distributed systems. From these findings, we advocate the concept of limping-hardware tolerant clouds.

Cloud management stacks have become a new important layer in cloud computing infrastructure, simplifying the configuration and management of cloud computing environments. As the resource manager and controller of an entire cloud, a cloud management stack has significant impact on the fault-resilience of a cloud platform. However, our preliminary study on the fault-resilience of OpenStack—an open source state-of-the-art cloud management stack—shows that such an emerging software stack needs to be better designed and tested in order to serve as a building block for fault-resilient cloud environments. We discuss the issues identified by our fault-injection tool and make suggestions on how to strengthen cloud management stacks.