LECTURE NOTES

[R15A0529]

B.TECH IV YEAR – I SEM(R15)

(2019 - 20)

DEPARTMENT OF
COMPUTER SCIENCE AND ENGINEERING

MALLA REDDY COLLEGE OF ENGINEERING &

TECHNOLOGY
(Autonomous Institution – UGC, Govt. of India)
Recognized under 2(f) and 12 (B) of UGC ACT 1956
(Affiliated to JNTUH, Hyderabad, Approved by AICTE - Accredited by NBA & NAAC – ‘A’ Grade - ISO 9001:2015 Certified)
Maisammaguda, Dhulapally (Post Via. Hakimpet), Secunderabad – 500100, Telangana State, India
IV Year B. Tech. CSE –I Sem L T/P/D C
4 1/- / - 3

(R15A0529) CLOUD COMPUTING

Objectives:
 To explain the evolving comp u t e r model called cloud comp u ti n g
 To intro d u c e the variou s levels of service s that can be achieve d by cloud
 To desc rib e the secu rity aspe c t s in cloud

UNIT – I

Syst e m s Mod e l i n g , Clu s t e r i n g and virtu a l i z a t i o n : Distrib u t e d syste m Models

and Enablin g Technologi e s, Comp u t e r Clust e r s for scalabl e par allel comp u ti n g,
Virtual Machi n e s and Virtualiza tion of clust e r s and data cent e r s

Unit- II

Fou n d a t i o n s : Introd u c tio n to cloud comp u ti n g, Migra ti n g into a Cloud ,

Enrichin g the ‘Integ r a t io n as a Service’ Para di g m for the cloud era, The
Ente r p ri s e Cloud comp u ti n g para di g m

UNIT—III

Infra s t r u c t u r e as a servi c e
Virtual mac hi n e s provisionin g and Migr a tio n s service s, On the Man a g e m e n t of
Virtual machin e s for Cloud Infra s t r u c t u r e s , Enha n ci n g cloud comp u ti n g
environ m e n t s using a clust e r as a service, secu r e distrib u t e d dat a stor a g e in
cloud comp u ti n g

Platf or m as a servi c e
Aneka, Comet cloud, T-syste m s Work flow engin e for cloud, Unde r s t a n d i n g
scientific Application s for cloud Environ m e n t s

Unit IV

Mo n i t o r i n g and Man a g e m e n t : An Archite c t u r e Fede r a t e d cloud com m u ti n g ,

SLA Man a g e m e n t in cloud comp u ti n g , Perfor m a n c e Predictio n for HPC on
Clouds, Best Practic e s in Architec ti n g cloud applica tion s in the AWS cloud,
Building cont e n t delivery netw o r k s using clouds, Resou r c e cloud Mash u p s

UNIT- V
Gover n a n c e and cas e stu d i e s : Orga niz a tio n al Readin e s s and chan g e
Mana g e m e n t in the cloud age, Data secu rity in the cloud, Legal Issue s in cloud
comp u ti n g , Achieving produ c tio n rea di n e s s for cloud service s.

Text Boo k s
1. Cloud Compu ti n g: Principle s and Par a di g m s by Rajku m a r Buyya, Wiley, 2011.
2. Distribu t e d and cloud comp u ti n g , Kai Hwa n g, Geoffrey C. Fox,Jack
J.Donn a g a r r a , El s e vi e r , 2 0 1 2

Reference Books:
1. Cloud Comp u ti n g : A Prac tic al Appro ac h, Anthony T.Velte, Toby J.Velte,
Rober t Elsen p e t e r , Tata McGra w Hill, rp20 1 1 .
2. Ente r p ri s e Cloud Comp u ti n g , Gaut a m Shroff, Camb ri d g e Universi ty Pres s,
2010.

OUTCOMES:
 Ability to unde r s t a n d the virtualiza tio n and cloud comp u ti n g conce p t s .
 INDEX

UNIT
TOPIC PAGE NO
NO

Syst e m s Mod e l i n g and Clu s t e r i n g 01 - 23

I

virtu a l i z a t i o n 24 – 33

Intro d u c t i o n to clo u d co m p u t i n g 34 - 51

Mi gr a t i n g into a Clou d 52 - 55

Enric h i n g th e ‘Inte g r a t i o n as a
II Servi c e ’ Parad i g m for th e clo u d 56 – 60
era

The Ent e r p r i s e Clou d co m p u t i n g

61 - 63
parad i g m

Infra s t r u c t u r e as a servi c e 64 - 98
III

Platf or m as a servi c e 99 - 12 2

IV Mo n i t o r i n g and Man a g e m e n t 12 3 - 16 4

V Gover n a n c e and cas e stu d i e s 16 5 - 18 5

 |1

UNIT 1

INTROD U CTIO N

 Cent r alize d comp u ti n g: This is a comp u ti n g para di g m by which all

comp u t e r resou r c e s are cent r alize d in one physical syste m . All reso u r c e s
(proc e s s o r s , memo ry, and stor a g e ) are fully shar e d and tightly couple d
within one inte g r a t e d OS. Many data cent e r s and supe r c o m p u t e r s are
cent r aliz e d syste m s , but they are used in par allel, distrib u t e d , and cloud
comp u ti n g applica tio n s

 Parallel comp u ti n g: In par allel comp u ti n g, all proce s s o r s are eithe r tightly
couple d with cent r alize d sha r e d me mo ry or loosely couple d with distrib u t e d
mem o ry. Some autho r s refe r to this discipline as parallel proce s si n g . Inte r
proc e s s o r comm u ni c a tio n is accom plis h e d thro u g h shar e d me mo ry or via
mess a g e pas sin g. A comp u t e r syste m capa bl e of parallel comp u ti n g is
com m o nly know n as a parallel comp u t e r . Progr a m s run ni n g in a par allel
comp u t e r are called parallel progr a m s . The proc e s s of writing parallel
prog r a m s is often refer r e d to as parallel progr a m m i n g .

 Dis tri b u t e d co m p u t i n g : This is a field of comp u t e r

scienc e/ e n g i n e e r i n g that studie s distrib u t e d syste m s . A distrib u t e d syste m
consis ts of multiple auton o m o u s comp u t e r s , eac h having its own privat e
mem o ry, com m u ni c a t i n g thro u g h a comp u t e r netw o r k. Inform a tio n
exch a n g e in a distrib u t e d syste m is acco m plis h e d throu g h mes s a g e passin g.
A comp u t e r prog r a m that runs in a distrib u t e d syste m is know n as a
distrib u t e d prog r a m . The proce s s of writing distrib u t e d prog r a m s is
refer r e d to as distrib u t e d progr a m m i n g .

 Clou d co m p u t i n g : An Inter n e t cloud of reso u r c e s can be eithe r a

cent r aliz e d or a distrib u t e d comp u ti n g syste m . The cloud applies par allel or
distrib u t e d comp u ti n g, or both. Clouds can be built with physical or
virtu alize d reso u r c e s over larg e data cent e r s that are cent r alize d or
distrib u t e d . Some autho r s consid e r cloud comp u ti n g to be a form of utility
comp u ti n g or service comp u ti n g.

 Ubiq u i t o u s co m p u t i n g refer s to comp u ti n g with perva sive devices at

any plac e and time
using wire d or wirele s s com m u ni c a t io n.

 The Int e r n e t of Thin g s (IoT) is a netw o r k e d conn e c tio n of everyd ay

object s includin g comp u t e r s , senso r s , hum a n s , etc. The IoT is suppo r t e d by
Inte r n e t clouds to achieve ubiquito u s comp u ti n g with any object at any
place and time.

 Hi g h - perfor m a n c e co m p u t i n g ( H P C ) emp h a s iz e the raw spe e d

perfor m a n c e . The spee d of HPC syste m s has incre a s e d from Gflops in the
early 1990s to now Pflops in 2010. This improve m e n t was driven mainly by
the dem a n d s from scientific, engin e e r i n g , and man uf a c t u ri n g com m u ni ti e s .
 |2

 Hi g h - thro u g h p u t co m p u t i n g (HTC) syste m s pay more atte n tio n to

high- flux comp u ti n g . The main applica tion for high- flux comp u ti n g is in
Inte r n e t sea rc h e s and web service s by millions or more users
simult a n e o u s ly. The perfor m a n c e goal thus shifts to mea s u r e high
thro u g h p u t or the num b e r of tasks compl e t e d per unit of time. HTC
tech nology nee d s to not only improve in ter m s of batc h proc e s si n g spe e d,
but also add r e s s the acut e proble m s of cost, ene r gy savings, secu rity, and
reliability at many dat a and ente r p r i s e comp u ti n g cent e r s .

De g r e e s of Parall e l i s m :

Bit- leve l parall e l i s m (BLP) conve r t s bit- serial proce s si n g to word- level
proc e s si n g grad u a lly. Over the year s, use r s gra d u a t e d from 4- bit
micro p r o c e s s o r s to 8- ,16- , 32- , and 64- bit CPUs.

Ins tr u c t i o n - lev e l parall e l i s m (ILP ), in which the proce s s o r execu t e s

multiple instr u c tio n s simult a n e o u s ly rath e r than only one instr u c ti o n at a
time.

Data- lev el parall e l i s m (DLP) was mad e popula r throu g h SIMD (single
instr u c tio n, multiple data) and vector machin e s using vector or arr ay type s
of instr u c tio n s . DLP req ui r e s even more har d w a r e suppo r t and compile r
assist a n c e to work prop e rly.

Ever since the intro d u c tio n of multicor e proce s s o r s and chip

multip ro c e s s o r s (CMPs), we have bee n explorin g Tas k- leve l parall e l i s m
(TLP ).

TECH N OLOGIES FOR NETWORK- BASED SYSTEM S

Multi c o r e CPU s and Multit h r e a d i n g Tec h n o l o g i e s : Today, adva n c e d

CPUs or micro p r o c e s s o r chips assu m e a multicor e arc hit e c t u r e with dual,
quad, six, or more proce s si n g cores. Thes e proc e s s o r s exploit par allelis m at
ILP and TLP levels. Both multi- core CPU and many- core GPU proce s s o r s can
han dl e multiple instr u c tio n thre a d s at differ e n t mag ni t u d e s today. Multiple
core s are hous e d in the sam e chip with an L2 cach e that is shar e d by all
core s. In the futur e, multiple CMPs could be built on the sam e CPU chip
with even the L3 cach e on the chip. Multicor e and multit h r e a d e d CPUs are
equip p e d with many high- end proc e s s o r s , includin g the Intel i7, Xeon, AMD
Opte r o n, Sun Niaga r a , IBM Powe r 6, and X cell proc e s s o r s . Each core could
be also multith r e a d e d .

Me m o r y , Stor a g e , and Wid e- Area Ne t w o r k i n g : Memo ry chips have

expe ri e n c e d a 4x incre a s e in capa city every thre e years. For hard drives,
capacity incre a s e d from 260 MB in 1981 to 250 GB in 2004. Disks or disk
 |3

arr ays have exce e d e d 3 TB in capa city. The rapid grow t h of flash me mo ry
and solid- stat e drives (SSDs) also impac t s the futur e of HPC and HTC
syste m s .

Syst e m - Area Int er c o n n e c t s : The nodes in small clust e r s are mostly

inte rc o n n e c t e d by an Ethe r n e t switc h or a local are a netwo r k(LAN).

As Figur e shows, a LAN typically is use d to conn e c t client host s to big

serve r s .A stora g e are a netw o r k (SAN) conn e c t s serve r s to netw o r k stor a g e
such as disk arr ays. Netw o r k atta c h e d stor a g e (NAS) conn e c t s client hosts
directly to the disk array s. All thre e type s of netw o r k s often app e a r in a
larg e clust e r built with comm e r ci al netw o r k compo n e n t s .

Wid e- Area Net w o r k i n g : High- ban d wi d t h netw o r ki n g incre a s e s the

capa bility of building mas sively distrib u t e d syste m s . The rapid grow t h of
Ethe r n e t band wi d t h from 10 Mbps in197 9 to 1 Gbps in 1999, and 40 ~ 100
GE in 2011. It has bee n spec ul a t e d that 1 Tbps netw o r k links will beco m e
availa ble by 2013.

Virtu a l Mac h i n e s and Virtu a li z a t i o n Midd l e w a r e

Virtual mac hi n e s (VMs) offer novel solutions to unde r u t ilize d resou r c e s ,

applica tion inflexibility, softw a r e man a g e a b ility, and secu rity conce r n s in
existing physical machin e s . Today, to build larg e cluste r s , grids, and clouds,
we nee d to acces s large amou n t s of comp u ti n g, stor a g e , and net wo r ki n g
reso u r c e s in a virtualize d man n e r . We nee d to aggr e g a t e thos e reso u r c e s ,
and hopefully, offer a single syste m image. In partic ul a r, a cloud of
provision e d resou r c e s must rely on virtu aliza tion of proc e s s o r s , mem o ry,
and I/O facilities dyna mic ally.
 |4

The host machin e is equipp e d with the physical hard w a r e . The VM is built
with virtu al resou r c e s man a g e d by a gues t OS to run a specific applic ation.
Betw e e n the VMs and the host platfor m , one nee d s to deploy a middle w a r e
layer called a virtual machin e monitor (VMM).

Figur e show s a native VM installe d with the use of a VMM called a

hype rviso r in privileg e d
Mode. The gues t OS could be a Linux syste m and the hype rviso r is the XEN
syste m develop e d at
Cam b ri d g e Univer sity. This hype rvis or appr o a c h is also called bare- met al
VM, beca u s e the hype rviso r han dl e s the bare hard w a r e (CPU, me mo ry, and
I/O) direc tly. Archit ec t u r e is the host VM show n in Figur e(c). Her e the VMM
runs in non- privileg e d mode. The host OS nee d not be modified. The VM can
also be imple m e n t e d with a dual mode, as show n in Figur e 1.12(d). Part of
the VMM runs at the user level and anot h e r part runs at the supe rviso r
level. In this case, the host OS may have to be modified to some exten t.
Multiple VMs can be port e d to a given hard w a r e syste m to suppo r t the
virtu aliza tio n proc e s s. The VM appro a c h offers har d w a r e indep e n d e n c e of
the OS and applica tio n s .

VM Pri m i t iv e Oper a t i o n s : The VMM provide s the VM abst r a c t io n to the

gues t OS. With full virtu aliza tio n, the VMM export s a VM abst r a c t io n
identic al to the physical mac hi n e so that a stan d a r d OS such as Window s
2000 or Linux can run just as it would on the physical hard w a r e

Low- level VMM oper a tio n s are

 the VMs can be multiplexe d betw e e n har d w a r e mac hin e s ,
 a VM can be susp e n d e d and stor e d in stable stora g e
 a sus p e n d e d VM can be res u m e d or provision e d to a new har d w a r e
platfor m
 a VM can be migr a t e d from one har d w a r e platfor m to anot h e r
 |5

Thes e VM oper a tio n s enabl e a VM to be provision e d to any available

har d w a r e platfor m . They also ena bl e flexibility in portin g distrib u t e d
applica tion exec u tio n s . Furt h e r m o r e , the VM appr o a c h will significa n tly
enha n c e the utilization of serve r resou r c e s .

SYSTEM MODELS FOR DISTRI B U T E D AND CLOUD COMPU TI N G

Distrib u t e d and cloud comp u ti n g syste m s are built over a large num b e r of
auton o m o u s comp u t e r node s. Thes e node mac hin e s are interc o n n e c t e d by
SANs, LANs, or WANs in a hier a r c hi c al man n e r . Massive syste m s are
consid e r e d highly scala bl e, and can reac h web- scale conn e c tivity, eithe r
physically or logically. Massive syste m s are classified into four grou p s:
clust e r s , P2Pn e t w o r k s , comp u ti n g grids, and Inte r n e t clouds over huge dat a
cent e r s . In ter m s of node num b e r , thes e four syste m class e s may involve
hund r e d s , thous a n d s , or even millions of comp u t e r s as particip a ti n g node s.
Thes e mac hi n e s work collectively, coope r a tiv ely, or collabo r a t iv ely at
variou s levels.

1. Clu s t e r s of Coop e r a t i v e Com p u t e r s A comp u ti n g clust e r consist s of

inte rc o n n e c t e d sta n d- alone comp u t e r s which work coope r a t iv ely as a
single integ r a t e d comp u ti n g reso u r c e .

Clu s t e r Archi t e c t u r e

A clu s t e r of serv er s int er c o n n e c t e d by a hi g h - ban d w i d t h

Figur e show s the archit e c t u r e of a typical serve r clust e r built arou n d a low-
laten cy, high band wi d t h inter co n n e c t i o n net wo r k. Throu g h hier a r c hi c a l
const r u c tio n using a SAN, LAN, or WAN, one can build scala bl e cluste r s
with an incre a si n g num b e r of node s. The clust e r is conn e c t e d to the Inte r n e t
via a virtu al privat e netwo r k (VPN) gat e w a y. The gate w a y IP addr e s s locat e s
the clust e r. The syste m imag e of a comp u t e r is decide d by the way the OS
man a g e s the shar e d cluste r resou r c e s

Sin g l e - Syst e m Ima g e : An ideal cluste r should merg e multiple syste m

imag e s into a single- syste m imag e (SSI). Clust e r design e r s desir e a clust e r
oper a ti n g syste m or some middle w a r e to suppo r t SSI at various levels,
includin g the sharin g of CPUs, memo ry, and I/O acros s all clust e r node s. An
 |6

SSI is an illusion crea t e d by softw a r e or hard w a r e that pres e n t s a collection

of resou r c e s as one integ r a t e d , powe rful reso u r c e . SSI make s the clust e r
appe a r like a single mac hin e to the user.

Hard w a r e , Soft w a r e , an d Mid d l e w a r e Su p p o r t : Clust e r s explorin g

mas sive parallelis m are com m o nly know n as MPPs. Special clust e r
middle w a r e suppo r t s are nee d e d to crea t e SSI or high availa bility (HA).
Both sequ e n t i al and parallel applica tio n s can run on the clust e r, and speci al
parallel environ m e n t s are nee d e d to facilitat e use of the clust e r resou r c e s

2. Grid Com p u t i n g Infra s t r u c t u r e s : A comp u ti n g grid offers an

infras t r u c t u r e that couples comp u t e r s , softw a r e / m i d dl e w a r e , speci al
instr u m e n t s , and people and sens o r s toge t h e r . The grid is often
const r u c t e d acros s LAN, WAN, or Inte r n e t backbo n e netw o rk s at a
region al, nation al, or global scale. Ente r p ri s e s or orga niza tio n s
pres e n t grids as integ r a t e d comp u ti n g resou r c e s . They can also be
viewe d as virtu al platfor m s to suppo r t virtu al orga niz a tio n s . The
comp u t e r s used in a grid are prim a rily workst a ti o n s , serve r s , clust e r s ,
and supe r c o m p u t e r s . Perso n al comp u t e r s , lapto p s, and PDAs can be
used as acce s s device s to a grid syste m .

3. Pe er- to- Pe e r Ne t w o r k Famil i e s

T he stru c t u r e of a P2P syst e m by map p i n g a phys i c a l IP ne t w o r k to

an overl ay net w o r k

In a P2P syste m , every node acts as both a client and a serve r, providin g
part of the syste m reso u r c e s . Peer machin e s are simply client comp u t e r s
conn e c t e d to the Inte r n e t . All client mac hin e s act auto no m o u s ly to join or
leave the syste m freely. This implies that no mas t e r- slave relations hi p exists
amon g the peer s . No cent r al coordi n a ti o n or cent r al data b a s e is nee d e d . In
othe r words, no peer machi n e has a global view of the entire P2P syste m .
The syste m is self- orga nizin g with distrib u t e d contr ol. Unlike the clust e r or
grid, a P2P net wo r k does not use a dedic a t e d inte rc o n n e c t i o n net wo r k. The
physical netw o r k is simply an ad hoc netw o r k forme d at various Inte r n e t
domai n s ran do m ly using the TCP/IP and NAI protocols
 |7

Data items or files are distrib u t e d in the particip a ti n g pee r s. Base d on

com m u n ic a t io n or file- sharin g need s , the pee r IDs form an overlay netwo r k
at the logical level. This overlay is a virtual netwo r k form e d by map pin g
each physic al mac hi n e with its ID, logically, thro u g h a virtual map pi n g

P2P perfor m a n c e is affecte d by routin g efficiency and self- orga niz a tio n by
particip a ti n g pee r s. Fault tolera n c e , failur e man a g e m e n t , and load
balanci n g are othe r import a n t issue s in using overlay netw o r k s. Lack of
trus t amon g pee r s poses anoth e r proble m . Peer s are stra n g e r s to one
anot h e r . Secu rity, privacy, and copyrigh t violations are major worrie s

4. Clou d Com p u t i n g over th e Inte r n e t : A cloud is a pool of virtu alize d

comp u t e r resou r c e s . A cloud can host a variety of differ e n t workloa d s,
includin g batc h- style backe n d jobs and inte r a c tive and user- facing
applica tion s.

Virtu al i z e d res o u r c e s fro m data ce n t e r s to for m an

Int er n e t clo u d

Cloud comp u ti n g applies a virtualize d platfor m with elastic reso u r c e s on

dem a n d by provisionin g har d w a r e , softw a r e , and data sets dyna mic ally (see
Figur e 1.18). The idea is to move deskt o p comp u ti n g to a service- orient e d
platfor m using serve r clust e r s and huge data b a s e s at data cent e r s

THREE CLOUD SERVICE MODELS

 Infra s t r u c t u r e as a Servi c e (Iaa S ) This model puts toge t h e r

infras t r u c t u r e s dem a n d e d by user s —nam ely serve r s , stora g e ,
netw o r k s , and the dat a cent e r fabric. The user can deploy and run on
multiple VMs run nin g gues t OSes on specific applic ation s. The use r
does not man a g e or cont rol the unde rlying cloud infras t r u c t u r e , but
can specify whe n to req u e s t and rele a s e the nee d e d reso u r c e s .
 Platf or m as a Servi c e (Pa a S ) This model enabl e s the user to deploy
user- built applica tio n s onto a virtualize d cloud platfor m . PaaS includ e s
middle w a r e , dat a b a s e s , develop m e n t tools, and som e runti m e suppo r t
such as Web 2.0 and Java. The platfor m includ e s both hard w a r e and
softw a r e integ r a t e d with specific prog r a m m i n g interfa c e s . The
 |8

provide r supplie s the API and softw a r e tools (e.g., Java, Pytho n, Web
2.0, .NET). The user is freed from man a gi n g the cloud infras t r u c t u r e .
 Soft w a r e as a Servi c e (Sa a S ) This refer s to brow s e r- initiat e d
applica tion softwa r e over thous a n d s of paid cloud custo m e r s . The
SaaS model applies to busine s s proce s s e s , indus t ry applica tion s ,
cons u m e r relation s hi p man a g e m e n t (CRM), ente r p r i s e resou r c e s
plan ni n g (ERP),hu m a n reso u r c e s (HR), and collabo r a t ive applica tion s .
On the custo m e r side, the r e is no upfron t invest m e n t in serve r s or
softw a r e licensin g. On the provide r side, costs are rat h e r low,
comp a r e d with conve n tio n al hosting of user applic ation s.

SOFTWARE ENVIRO N M E N T S FOR DISTRI B U TE D SYSTEM S AND

CLOUD S

Servi c e Orie n t e d Arch it e c t u r e (SOA)

 A par a di g m for orga nizin g and utilizing distrib u t e d capa bilities that
may be unde r the control of differe n t owne r s hi p dom ai n s and
imple m e n t e d using various tech nolo gy stacks
 A set of compo n e n t s which can be invoke d and whos e inte rfa c e
desc ri p tio n s can be publish e d and discove r e d (W3C)
 SOA is an archit e c t u r a l style whos e goal is to achieve loose coupling
amon g inte r a c t i n g softw a r e age n t s
 A servic e is a unit of work done by a service provide r to achieve
desire d end result s for a service cons u m e r
 Both provide r and cons u m e r are roles playe d by softw a r e age n t s on
beh alf of their owne r s

Dis tri b u t e d op e r a t i n g syst e m s

The comp u t e r s in most distrib u t e d syste m s are loosely couple d Thus, a

distrib u t e d syste m inher e n t ly has multiple syste m imag e s This is mainly due
to the fact that all node mac hin e s run with an inde p e n d e n t oper a ti n g syste m
To prom ot e resou r c e sha ri n g and fast com m u ni c a ti o n amon g Node
machin e s , it is best to have a distrib u t e d OS that man a g e s all resou r c e s
cohe r e n t ly and efficiently. Such a syste m is most likely to be a close d
syste m, and it will likely rely on mess a g e passin g and RPCs for inter node
com m u n ic a t io n s

MOSIX 2 for Linux Clu s t e r s

Runs with a virtu aliza tio n layer in the Linux environ m e n t This layer provide s
a parti al single- syste m image to user applica tio n s This is mainly due to the
fact that all node mac hin e s run with an indep e n d e n t oper a ti n g syste m
Suppo r t s both sequ e n t i al and par allel applic ation s, and discove r s reso u r c e s
and migr a t e s softw a r e proce s s e s amon g Linux node s Can man a g e a Linux
clust e r or a grid of multiple clust e r s
Overview
PARALLEL AND DISTRI B U T E D PROGRA M M I N G MODELS
 |9

Me s s a g e - Pas s i n g Inte rf a c e (MPI ) This is the prim a ry progr a m m i n g

stan d a r d use d to develop par allel and conc u r r e n t prog r a m s to run on a
distrib u t e d syste m MPI is esse n ti ally a libra ry of subp r o g r a m s that can be
called from C or FORTRAN to write par allel prog r a m s runnin g on a
distrib u t e d syste m The idea is to embo dy cluste r s , grid syste m s , and P2P
syste m s with upgr a d e d web service s and utility comp u ti n g applic ation s

Map R e d u c e This is a web progr a m m i n g model develop e d by Google for

scala bl e dat a proc e s si n g on large clust e r s over larg e data sets The model is
applie d mainly in web- scale sea rc h and cloud comp u ti n g Application s . The
mas t e r node specifies a Map function to divide the input into Sub proble m s
Applies a Reduc e function to merg e all inter m e d i a t e values with the sam e
inte r m e d i a t e key Highly scalabl e to explor e high degr e e s of parallelis m at
differe n t job levels A typical MapRe d u c e comp u t a ti o n proce s s can han dl e
ter a by t e s of data on tens of thous a n d s or more client machin e s Thous a n d s
of MapRe d u c e jobs are exec ut e d on Google' s clust e r s every day
Overview D
Had o o p Library offers a softw a r e platfor m that was originally develop e d
by a Yahoo! Group. The pack a g e ena ble s user s to write and run applica tion s
over vast amou n t s of distrib u t e d dat a User s can easily scale Hadoo p to stor e
and proce s s peta by t e s of dat a in the web spac e.

Eco n o m i c a l : Come s with an open sourc e version of MapRe d u c e that

minimiz es overh e a d in task spaw nin g and mas sive dat a com m u ni c a t io n
Effici e n t : Proce s s e s dat a with a high degr e e of parallelis m acros s a larg e
num b e r of com m o dity node s
Reli a b l e : Autom a tic ally keeps multiple dat a copies to facilitat e
red e ploy m e n t of comp u ti n g tasks upon unexp e c t e d syste m failure s

Amd a h l' s Law

Let us suppos e a uniproc e s s o r works t a tio n execu t e s a given prog r a m in time

T minut e s

Now the sam e prog r a m is partition e d for par allel execu tio n on a cluste r of
many node s

We assu m e that a fraction α of the code mus t be execu t e d sequ e n ti ally.

Therefor e , (1 - α) of the code can be compile d for parallel execu tion by n

proc e s s o r s

The total executio n time of the prog r a m is calculat e d by:

α T + (1 - α )T/n

whe r e , the first ter m is the sequ e n ti al execu tio n time on a single proc e s s o r
and the secon d ter m is the par allel execu tion time on n proc e s si n g node s
 | 10

Overview
Amd a h l' s Law: Sp e e d u p fact o r

The spe e d u p factor of using the n- proce s s o r syste m over the use of asingle
proc e s s o r is expr e s s e d by:

Spe e d u p = S = T/[ α T + (1 - α)T/n]

= 1/[ α + (1 - α)/n]

The maxim u m spee d u p of n is achieve d only if the code is fully par alleliza bl e
with α = 0

As the clust e r beco m e s sufficien tly larg e, that is, n -> ∞, S appr o a c h e s 1/ α,
an uppe r boun d on the spe e d u p S

The sequ e n ti al bottle n e c k is the portion of the code that canno t be

parallelize d
ifα = 0:25 -> 1 - α = 0:75, Max. spee d u p = 4

Gus t a f s o n ' s Law

Scaling the proble m size to matc h the clust e r capa bility (scale d- workloa d
spee d u p )

Let W be the workloa d in a given prog r a m . When using an n- proce s s o r

syste m, the user scales the workloa d to

W’ = α W + (1 - α) n W

The par allel executio n time of a scale d workloa d W' on n proce s s o r s is

define d by scale d- workloa d spee d u p

S’ = W’/W = [ α W + (1 - α) n W]/W

= α + (1 - α)n

Thus efficiency is

E’ = S’ / n = α /n + (1 - α)
For α = 0:25 and n = 256, E = 75%
Availa b i l i t y

A syste m is highly available if it has a long mea n time to failure (MTTF) and
a short mea n time to rep ai r (MTTR)

Syste m Availability = MTTF = (MTTF + MTTR)

 | 11

Failur e may occur in har d w a r e , softw a r e or net wo r k compo n e n t . Any failur e

that will pull dow n the oper a tio n of the entir e syste m is called a single point
of failur e. A reliable comp u ti n g syste m mus t be design e d with no single
point of failur e.

In gene r a l, as a distrib u t e d syste m incre a s e s in size, availability decr e a s e s

due to a high e r cha nc e of failure and a difficulty in isolating the failure s
Overview
ENERGY EFFICIENCY IN DISTRI B U TE D COMP UTI N G

Prim a ry perfor m a n c e goals in conve n tio n al parallel and distrib u t e d

comp u ti n g syste m s are high perfor m a n c e and high throu g h p u t , conside ri n g
som e form of perfor m a n c e reliability (e.g., fault toler a n c e and secu rity).
Howeve r , thes e syste m s rece n tly encou n t e r e d new challen gi n g issue s
includin g ene r gy efficiency, and workloa d and reso u r c e outsou r ci n g

Ener g y Con s u m p t i o n of Un u s e d Serv e r s : To run a serve r farm (dat a

cent e r ) a comp a n y has to spe n d a huge amou n t of money for hard w a r e ,
softw a r e , oper a tio n al suppo r t , and ener gy every year. Ther efor e , comp a ni e s
should thoro u g hly identify whet h e r their installe d serve r farm (more
specifically, the volum e of provision e d reso u r c e s )is at an app ro p ri a t e level,
partic ul a rly in ter m s of utilization.

Red u c i n g Ener g y in Activ e Serv e r s : In addition to identifying

unus e d / u n d e r u t ilize d serve r s for ener gy saving s, it is also nece s s a r y to
apply app ro p ri a t e tech ni q u e s to decr e a s e ener gy consu m p t i o n in active
distrib u t e d syste m s with negligible influe n c e on their perfor m a n c e .

Appli c a t i o n Layer: Until now, most user applica tio n s in scienc e, busine s s ,
engin e e r i n g , and financi al are a s tend to incre a s e a syste m’s spe e d or
quality. By introd u ci n g ener gy- awa r e applica tion s , the challen g e is to desig n
sophistic a t e d multilevel and multi- domai n ene r gy man a g e m e n t applic ation s
witho u t hurtin g perfor m a n c e .

Midd l e w a r e Layer: The middle w a r e layer acts as a bridg e betw e e n the

applica tion layer and the reso u r c e layer. This layer provide s reso u r c e
broke r, com m u ni c a tio n service, task analyze r, task sche d ul e r , secu rity
acce s s , reliability cont rol, and inform a ti o n service capa bilities. It is also
res po n si bl e for applying ene r gy- efficien t tech ni q u e s , particul a rly in task
sche d ulin g.

Res o u r c e Layer: The reso u r c e layer consist s of a wide rang e of resou r c e s

includin g comp u ti n g node s and stora g e units. This layer gen e r ally inter a c t s
with har d w a r e devices and the oper a ti n g syste m; the r efo r e , it is res po n si bl e
for controlling all distrib u t e d reso u r c e s in distrib u t e d comp u ti n g syste m s .
Dynamic powe r man a g e m e n t (DPM) and dyna mic voltag e- frequ e n c y scaling
(DVFS) are two popul a r met h o d s incorpo r a t e d into rece n t comp u t e r
har d w a r e syste m s . In DPM, har d w a r e devices, such as the CPU, have the
capa bility to switch from idle mode to one or more lower powe r mode s . In
 | 12

DVFS, ene r gy savings are achieve d bas e d on the fact that the powe r
cons u m p t i o n in CMOS circuits has a direct relation s hi p with frequ e n c y and
the squa r e of the voltag e supply.

Ne t w o r k Layer: Routin g and tran sfe r ri n g packe t s and ena bling netw o r k
servic es to the reso u r c e layer are the main respo n s i bility of the netw o r k
layer in distrib u t e d comp u ti n g syste m s . The major challen g e to build
ene r gy- efficient netw o r k s is, again, dete r m i ni n g how to mea s u r e , pre dict,
and crea t e a balanc e betw e e n ener gy cons u m p t io n and perfor m a n c e .

A co m p u t e r clu s t e r is a collection of inter co n n e c t e d stan d- alone

comp u t e r s which can work toget h e r collectively and coope r a t iv ely as a
single inte g r a t e d comp u ti n g resou r c e pool. Clust e ri n g explor e s mas sive
parallelis m at the job level and achieve s high availa bility (HA) thro u g h
stan d- alone oper a tio n s .
The ben efits of comp u t e r cluste r s and mas sively par allel proc e s s o r s (MPPs)
includ e scala bl e perfor m a n c e , High Availability, fault toler a n c e , modul a r
grow t h, and use of com m o di ty compo n e n t s
Des i g n Obje c t iv e s of Com p u t e r Clu s t e r s

Cluste r s are classified using six ortho g o n al attrib u t e s : scala bility,

packa gi n g , cont rol, homo g e n e i t y, prog r a m m a b ility, and secu ri ty

1. Scal a b i l i ty: Cluste ri n g of comp u t e r s is bas e d on the conce p t of

modula r grow t h The scala bility could be limited by a num b e r of
factor s, such as the multicor e chip tech n ology, clust e r topology,
packa gi n g met h o d, powe r cons u m p t i o n, and cooling sche m e applied.
The purpo s e is to achieve scala bl e perfor m a n c e const r ai n e d by the
afore m e n ti o n e d factors

2. Pac k a g i n g : Cluste r node s can be pack a g e d in a co m p a c t or a sla c k

fashion.
In a comp a c t cluste r, the node s are closely packa g e d in one or more
racks sitting in a
room, and the node s are not att ac h e d to periph e r a l s (monitor s ,
keyboa r d s , mice, etc.)
In a slack clust e r, the node s are atta c h e d to their usu al perip h e r a l s
and they may be
locat e d in differe n t rooms , differe n t buildings , or even remot e
region s. Pack a gi n g direc tly
affect s comm u ni c a tio n wire lengt h, and thus the selec tion of
inte rc o n n e c t i o n tech n ology
used. While a comp a c t clust e r can utilize a high- ban d wid t h , low-
laten cy com m u ni c a ti o n
netw o r k that is often prop ri e t a r y, nodes of a slack clust e r are
norm ally conn e c t e d throu g h
stan d a r d LANs or WANs
 | 13

3. Contr o l: A clust e r can be eithe r cont rolle d or man a g e d in a

cent r aliz e d or dece n t r a liz e d fashion. A comp a c t clust e r norm ally has
cent r aliz e d cont rol, while a slack clust e r can be cont rolled eithe r way.
In a cent r alize d clust e r , all the node s are owne d, cont rolle d, man a g e d ,
and administ e r e d by a cent r a l oper a t o r. In a dece n t r a liz e d cluste r, the
nodes have individu al owne r s This lack of a single point of contr ol
make s syste m adminis t r a t i o n of such a clust e r very difficult. It also
calls for special tech niq u e s for proce s s sche d ulin g, workloa d
migr a tio n, check poi n ti n g, accou n ti n g , and othe r similar tasks.

4. Ho m o g e n e i t y : A homo g e n e o u s cluste r uses node s from the sam e

platfor m , that is, the sam e proc e s s o r archit e c t u r e and the sam e
oper a ti n g syste m; often, the node s are from the sam e vendo r s . A
hete r o g e n e o u s clust e r uses node s of differ e n t platfor m s .
Inte ro p e r a b ility is an impor t a n t issue in hete r o g e n e o u s clust e r s . For
insta n c e , proce s s migra tio n is often need e d for load balan cin g or
availa bility. In a homog e n e o u s clust e r, a bina ry proce s s imag e can
migr a t e to anot h e r node and contin u e execu tio n. This is not feasible in
a hete r o g e n e o u s clust e r , as the bina ry code will not be execu t a b l e
whe n the proce s s migr a t e s to a node of a differe n t platfor m .

5. Se c u r i t y: Intra clust e r com m u ni c a ti o n can be eithe r expos e d or

enclos e d. In an expos e d clust e r , the com m u ni c a t io n path s amon g the
nodes are expos e d to the outsid e world. An outsid e machin e can
acce s s the com m u n ic a tio n paths , and thus individu al nodes , using
stan d a r d protoc ols (e.g., TCP/IP). Such expos e d cluste r s are easy to
imple m e n t , but have seve r al disadv a n t a g e s :

• Being expos e d , intra clust e r comm u ni c a tio n is not secu r e , unles s the
com m u n ic a t io n
subsys t e m perfor m s addition al work to ens u r e privacy and secu rity.
• Outsid e com m u ni c a tio n s may disru p t intra clust e r com m u n ic a t io n s
in an unpr e di c t a bl e
fashion.
• Stan d a r d com m u n ic a tio n protocols tend to have high overh e a d . A
disadva n t a g e is that
ther e is curr e n tly no stan d a r d for efficien t, enclos e d intra cluste r
com m u n ic a t io n.

6. Ded i c a t e d vers u s Ent e r p r i s e Clu s t e r s : A dedic a t e d clust e r is

typically installe d in a desk side rack in a cent r al comp u t e r room. It is
homog e n e o u s ly configu r e d with the sam e type of comp u t e r node s and
man a g e d by a single adminis t r a t o r group like a front e n d host.
Dedica t e d clust e r s are use d as substit u t e s for tradition al mainfr a m e s
or supe r c o m p u t e r s . A dedica t e d clust e r is installed, used, and
adminis t e r e d as a single mac hi n e An ente r p r i s e clust e r is mainly used
to utilize idle resou r c e s in the node s. Each node is usually a full-
fledge d SMP, works t a t io n, or PC, with all the nece s s a r y periph e r a l s
 | 14

atta c h e d . The node s are typically geog r a p h i c ally distrib u t e d , and are
not nece s s a rily in the sam e room or even in the sam e building. The
nodes are individu ally owne d by multiple owne r s .

Fun d a m e n t a l Clus t e r De s i g n Iss u e s

1. Scal a b l e Perfor m a n c e : S caling of reso u r c e s (clust e r node s, memo ry

capacity, I/O band wi d t h , etc.) leads to a propo r tio n al incre a s e in
perfor m a n c e . Both scale- up and scale- down capa bilities are need e d ,
dep e n di n g on applic ation dem a n d or cost- effective n e s s consid e r a ti o n s .
Cluste ri n g is drive n by scala bility

2. Sin g l e - Syst e m Ima g e (SSI ): A set of workst a ti o n s conn e c t e d by an

Ethe r n e t netw o r k is not nece s s a r ily a clust e r . A cluste r is a single
syste m.

3. Availa b i l i t y
Su p p o r t: Cluste r s can provide cost- effective HA
capa bility with lots of red u n d a n c y in proce s s o r s , mem o ry, disks, I/O
devices, netw o r k s , and oper a ti n g syste m imag e s

4. Clu s t e r Job Man a g e m e n t : Clust e r s try to achieve high syste m

utilization from tradition al works t a tio n s or PC node s that are norm ally
not highly utilized. Job man a g e m e n t softw a r e is requir e d to provide
batchi n g, load balancin g, parallel proc e s si n g , and othe r function ality

5. Int er nod e Com m u n i c a t i o n : The inter node physical wire lengt h s

are longe r in a cluste r than in an MPP. A long wire implies grea t e r
inte rc o n n e c t netwo r k laten cy. But, longe r wires have more proble m s
in term s of reliability, clock skew, and cross talking. Thes e proble m s
call for reliable and secu r e com m u ni c a t io n protoc ols, which incre a s e
overh e a d . Clust e r s often use com m o di ty netwo r k s (e.g., Ethe r n e t )
with sta n d a r d protoc ols such as TCP/IP.

6. Fault Tol er a n c e and Rec o v e r y: Clust e r s of machin e s can be

design e d to elimin a t e all single points of failure. Throu g h redu n d a n c y,
a cluste r can toler a t e faulty conditions up to a cert ai n exte n t.
Hea r t b e a t mech a ni s m s can be installe d to monito r the runnin g
condition of all node s. In case of a node failure, critical jobs run ni n g
on the failing node s can be saved by failing over to the surviving node
machin e s . Rollback recove ry sche m e s resto r e the comp u ti n g result s
thro u g h periodic check pointing.

7. Clu s t e r Fami ly Clas s i fi c a t i o n : comp u t e r clust e r s are divided into

thre e class e s

 Com p u t e clu s t e r s These are clust e r s desig n e d mainly for

collective comp u t a t i o n
 | 15

over a single larg e job. The comp u t e clust e r s do not han dl e

many I/O oper a tio n s ,
such as data b a s e servic es . When a single comp u t e job
req ui r e s frequ e n t
com m u ni c a ti o n amon g the clust e r node s, the clust e r must
sha r e a dedic a t e d
netw o r k, and thus the nodes are mostly homog e n e o u s and
tightly couple d.
This type of clust e r s is also know n as a Be o w u l f clu s t e r

 Hi g h - Availa b i l i t y clu s t e r s HA (high- availability) clust e r s are

design e d to be
fault- toler a n t and achieve HA of servic es . HA clust e r s oper a t e
with many
red u n d a n t node s to sust ai n faults or failur e s.
 Load- bala n c i n g clu s t e r s Thes e clust e r s shoot for highe r
reso u r c e utilization
thro u g h load balanci n g amon g all particip a ti n g node s in the
clust e r . All node s
sha r e the workloa d or function as a single virtu al mac hi n e
(VM). Requ e s t s
initiat e d from the use r are distrib u t e d to all node comp u t e r s to
form a clust e r. This
res ult s in a balan c e d workloa d amon g differe n t machin e s , and
thus high e r
reso u r c e utilization or highe r perfor m a n c e . Middle w a r e is
nee d e d to achieve
dyna mic load balancin g by job or proc e s s migr a tio n amon g all
the clust e r node s .

A Ba s i c Clu s t e r Archi t e c t u r e
 | 16

Figur e show s simple clust e r of comp u t e r s built with com m o dity compo n e n t s
and fully suppo r t e d with desir e d SSI featu r e s and HA capa bility. The
proc e s si n g node s are com m o di ty workst a ti o n s , PCs, or serve r s . The node
oper a ti n g syste m s should be desig n e d for multius e r, multit a s ki n g, and
multith r e a d e d applica tio n s . The node s are inte rc o n n e c t e d by one or more
fast com m o dity netwo r k s . Thes e netwo r k s use sta n d a r d com m u ni c a t io n
protocols and oper a t e at a spee d that should be two orde r s of mag nit u d e
faste r tha n that of the curr e n t TCP/IP spee d over Ethe r n e t .
The netwo r k interfa c e card is conn e c t e d to the node’s stan d a r d I/O bus
(e.g., PCI). When the
proc e s s o r or the oper a ti n g syste m is cha n g e d , only the driver softw a r e
nee d s to chan g e

clust e r middlew a r e combin e s toge t h e r all node platfor m s at the use r spac e.
An availa bility middle w a r e offers HA service s. An SSI layer provide s a single
entry point, a single file hiera r c h y, a single point of cont rol, and a single job
man a g e m e n t syste m . In addition to
run ni n g sequ e n ti al user prog r a m s , the cluste r suppo r t s parallel
prog r a m m i n g base d on stan d a r d
lang u a g e s and com m u ni c a tio n libra ri e s using PVM, MPI, or OpenM P . The
prog r a m m i n g environ m e n t also includ e s tools for debu g gi n g , profiling,
monito ri n g, and so forth. A user inte rfa c e subsys t e m is nee d e d to combin e
the adva n t a g e s of the web interfa c e and the Window s GUI. It should also
provide user- friendly links to various prog r a m m i n g environ m e n t s , job
man a g e m e n t tools, hyper t e x t , and sear c h suppo r t so that use r s can easily
get help in prog r a m m i n g the comp u t e r clust e r .

Res o u r c e Sh ari n g in Clus t e r s

 | 17

Cluste ri n g improve s both availa bility and perfor m a n c e

The nodes of a cluste r can be conn e c t e d in one of thre e ways, as show n in
Figur e .

The shar e d- nothin g archit e c t u r e in Part(a) is used in most clust e r s , wher e

the nodes are conn e c t e d throu g h the I/O bus. This archit e c t u r e simply
conn e c t s two or more auto no m o u s comp u t e r s via a LAN such as Ethe r n e t

A shar e d- disk clust e r is show n in Part (b) is in favor of small- scale

availa bility clust e r s in busine s s applica tion s . When one node fails, the othe r
node takes over.. This is what most busin e s s clust e r s desir e so that they can
ena bl e recove ry suppo r t in case of node failur e. The shar e d disk can hold
check p oi n t files or critical syste m imag e s to enh a n c e cluste r availability.
Withou t shar e d disks, check pointin g, rollback recove ry, failover, and
failback are not possible in a clust e r .

The sha r e d- mem o ry clust e r in Part (c) is much more difficult to realize. The
nodes could be conn e c t e d by a scala ble cohe r e n c e interfa c e (SCI) ring,
which is conn e c t e d to the memo ry bus of eac h node throu g h an NIC module.
In the othe r two arc hit e c t u r e s , the inter c o n n e c t is att ac h e d to the I/O bus.
The me mo ry bus ope r a t e s at a highe r frequ e n c y than the I/O bus.

DESIG N PRINCI PLE S OF COMP UTER CLUSTER S

 | 18

Gene r al- purpo s e comp u t e r s and clust e r s of coope r a t iv e comp u t e r s should

be desig n e d for scala bility, availability, Single Syste m Imag e, High
Availability, Fault toler a n c e , and Rollback recove ry

1. Sin g l e Sys t e m Ima g e : A single syste m imag e is the illusion, cre a t e d by

softw a r e or har d w a r e ,
that pres e n t s a collection of resou r c e s as an integ r a t e d powe rf ul
reso u r c e . SSI make s the
clust e r appe a r like a single mac hin e to the use r, applica tion s , and
netw o r k. A clust e r with
multiple syste m image s is nothin g but a collection of inde p e n d e n t
comp u t e r s (Distrib u t e d
syste m s in gene r a l)

Sin g l e - Syst e m - Ima g e Feat u r e s

 Sin g l e Syst e m : The entire clust e r is viewe d by the user s as one

syste m, which has multiple proce s s o r s .
 Sin g l e Contr o l : Logically, an end user or syste m use r utilizes
servic es from one plac e with a single inte rfa c e .
 Sym m e t r y : A user can use a clust e r service from any node. All clust e r
servic es and function alitie s are symm e t ri c to all node s and all use r s,
excep t thos e prot e c t e d by acce s s right s.
 Loca ti o n Tran s p a r e n t : The user is not awar e of the whe r e a b o u t s of
the physical device that event u a lly provides a service.

Bas i c SSI Servi c e s

A. Sin g l e Entry Poi n t

telne t clust e r. u s c . e d u
telne t node 1. clu s t e r . u s c . e d u

1. Four nodes of a clust e r are used as host node s to rec eive user s’ login
req u e s t s .
2. To log into the clust e r a stan d a r d Unix com m a n d such as “telne t
clust e r .c s . h k u . h k”, using the symbolic nam e of the clust e r syste m is
issue d.
3. The symbolic nam e is tran sl a t e d by the DNS, which ret u r n s with the
IP addr e s s 159.22 6. 4 1. 1 5 0 of the least- loade d node, which hap p e n s to
be node Host 1.
4. The user then logs in using this IP addr e s s .
 | 19

5. The DNS periodic ally receive s load infor m a ti o n from the host nodes to
make load- balanci n g tra n sl a tio n decision s.
B. Sin g l e File Hier ar c h y : xFS, AFS, Solaris MC Proxy
The illusion of a single, hug e file syste m imag e that
tran s p a r e n t ly integ r a t e s local
and global disks and othe r file device s (e.g., tape s ). Files can
resid e on 3 type s of
location s in a clust e r:
Local stor a g e - disk on the local node.
Re m o t e stor a g e - disks on rem ot e node s.
Sta b l e stor a g e -
Persis t e n t - dat a, once writt e n to the stabl e stora g e , will
stay ther e at least for
a period of time (e.g., a week), even after the
clust e r shuts down.
Fault toler a n t - to som e degr e e , by using red u n d a n c y and
periodic al back u p to
tape s .

Three types of stor a g e in a single file hier a r c h y. Solid lines show wha t
proce s s P can acces s
and the dash e d line shows what P may be able to acce s s

C. Sin g l e I/O, Ne t w o r k i n g , and Me m o r y Sp a c e : To achieve SSI,

we nee d a:

• single cont rol point

• single add r e s s spac e
• single job man a g e m e n t syste m
• single user inte rfa c e
• single proc e s s cont rol

Sin g l e N et w o r k i n g : A prop e rly desig n e d clust e r should behav e as one

syste m. Any proce s s on any node can use any netw o r k and I/O device as
thou g h it were atta c h e d to the local node. Single netw o r ki n g mea n s any
node can acces s any netwo r k conn e c tio n .

Sin g l e Poi n t of Contr o l : The syste m admi nist r a t o r should be able to

configu r e, monito r, test,
 | 20

and control the entir e clust e r and each individu al node from a single point.
Many clust e r s help
with this throu g h a syste m console that is conn e c t e d to all node s of the
clust e r

Sin g l e Me m o r y Spa c e : Single mem o ry spac e gives user s the illusion of a

big, cent r alize d main
mem o ry, which in reality may be a set of distrib u t e d local mem o ry spac e s.

Sin g l e I/O Addr e s s Spa c e : A single I/O spac e implies that any node can
acce s s the RAIDs

A clust e r with single net wo r ki n g, single I/O spac e, single mem o ry, and
single point of cont rol

Oth e r Servi c e s

Sin g l e Job Man a g e m e n t : All clust e r jobs can be submit t e d from any node
to a single
job man a g e m e n t syste m. GlUnix, Codine, LSF, etc.

Sin g l e Us e r Int erf a c e : The user s use the clust e r throu g h a single
gra p hi c al interfa c e. Such an
inte rf a c e is available for works t a t io n s and PCs like CDE in Solaris/NT

Sin g l e pro c e s s spa c e All user proc e s s e s cre a t e d on various node s form a
single proc e s s spac e
and shar e a unifor m proc e s s identifica tio n sche m e . A proc e s s on any node
can cre a t e (e.g., throu g h a UNIX fork) or com m u n ic a t e with (e.g., thro u g h
signals, pipes, etc.) proce s s e s
on remo t e node s.

Midd l e w a r e sup p o r t for SSI clu s t e r i n g SSI featu r e s are suppo r t e d by

middle w a r e develop e d at thre e cluste r applica tio n levels:
 | 21

• Man a g e m e n t leve l This level handle s use r applica tion s and provide s a
job man a g e m e n t syste m
such as GLUnix, MOSIX, Load Sha rin g Facility (LSF), or Codine.

• Pro gr a m m i n g leve l This level provide s single file hiera r c h y (NFS, xFS,
AFS, Proxy) and
distrib u t e d shar e d mem o ry (Trea d M a r k , Wind Tunn el ).

• Impl e m e n t a t i o n lev el This level suppo r t s a single proce s s spac e,

check p oi n ti n g , proc e s s
migr a tio n, and a single I/O spac e. These featu r e s must interf ac e with the
clust e r har d w a r e and
OS platfor m .

Rel at i o n s h i p am o n g clu s t e r i n g mid d l e w a r e at th e job ma n a g e m e n t , pro gr a m m i n g ,

and impl e m e n t a t i o n lev e l s .

2. Hi g h Availa b i l i t y thro u g h Red u n d a n c y :

• Reli a b i l i t y meas u r e s how long a syste m can oper a t e withou t a

bre a k d o w n .
• Availa b il i ty indicat e s the perc e n t a g e of time that a syste m is
availa ble to the use r, that is,
the perc e n t a g e of syste m uptim e .
• Servi c e a b i l i t y refer s to how easy it is to servic e the syste m ,
includin g har d w a r e and
softw a r e maint e n a n c e , repai r, upgr a d e s , and so on .

A syste m’s reliability is mea s u r e d by the mea n time to failur e (MTTF), which
is the
aver a g e time of nor m al oper a tio n befor e the syste m (or a compo n e n t of the
syste m) fails. The met ric for service a bility is the mea n time to repai r
 | 22

(MTTR), which is the aver a g e time it takes to rep ai r the syste m and resto r e
it to working condition after it fails.

The availa bility of a syste m is define d by:

Availability = MTTF / (MTTF + MTTR)

Fail ur e is any event that preve n t s the syste m from nor m al oper a tio n
• Unp l a n n e d fail ur e s The syste m bre ak s , due to an oper a ti n g syste m
cras h, a har d w a r e
failur e, a netwo r k discon n e c tio n, hum a n oper a tio n erro r s , a powe r
outa g e , and so on. All
thes e are simply called failure s. The syste m mus t be repai r e d to
corr e c t the failure.
• Pla n n e d sh u t d o w n s The syste m is not broke n, but is periodic ally
take n off nor m al
oper a tio n for upgr a d e s , reconfigu r a t i o n, and maint e n a n c e .

Tran s i e n t vers u s Per m a n e n t Fail ur e s

A lot of failure s are tran s i e n t in that they occur tem p o r a r ily and then
disap p e a r . They can be dealt with withou t repla ci n g any compo n e n t s . A
stan d a r d appr o a c h is to roll back the syste m to a know n stat e and star t
over.
Per m a n e n t failur e s canno t be corr e c t e d by rebooti n g. Some har d w a r e or
softw a r e compo n e n t must be repai r e d or replac e d. For insta n c e , rebootin g
will not work if the syste m har d disk is broke n.

Partia l vers u s Total Fail u r e s

A failure that ren d e r s the entir e syste m unus a bl e is called a total failur e. A
failur e that only affects part of the syste m is called a parti al failure if the
syste m is still usabl e, even at a red uc e d capa city

Red u n d a n c y Tec h n i q u e s

Isol a t e d Red u n d a n c y : A key tech ni q u e to improv e availability in any

syste m is to use red u n d a n t compo n e n t s . When a compo n e n t (the prima ry
compo n e n t ) fails, the servic e it provide d is take n over by anot h e r
compo n e n t (the back u p compo n e n t ). Furt h e r m o r e , the prim a ry and the
backu p compo n e n t s should be isolate d from each othe r, mea ni n g they
should not be subject to the sam e caus e of failure. Cluste r s provide HA with
red u n d a n c y in powe r supplie s, fans, proc e s s o r s , memo ri e s , disks, I/O
devices, netwo r k s , oper a ti n g syste m imag e s , and so on. In a carefully
design e d clust e r , redu n d a n c y is also isolat e d.

N- Versi o n Pro g r a m m i n g to Enh a n c e Soft w a r e Reli a b i l i t y

 | 23

A com m o n isolat e d- red u n d a n c y appro a c h to const r u c t i n g a mission- critical

softw a r e syste m is called N- version prog r a m m i n g . The softw a r e is
imple m e n t e d by N isolat e d tea m s who may not even know the othe r s exist.
Differe n t tea m s are aske d to imple m e n t the softw a r e using differ e n t
algorit h m s , progr a m m i n g langu a g e s , enviro n m e n t tools, and even platfor m s
In a fault- toler a n t syste m , the N versions all run simult a n e o u s ly and their
res ult s are const a n t ly comp a r e d . If the result s differ, the syste m is notified
that a fault has occur r e d .

3. Fault- Tol er a n t Clu s t e r Confi g u r a t i o n s : The clust e r solution was

targ e t e d to provide
availa bility suppo r t for two serve r node s with thre e asce n di n g levels of
availa bility: hot
stan d b y, active takeove r , and fault- toler a n t . The level of availability
incre a s e s from stan d by to
active and fault- toler a n t clust e r configu r a tio n s . The short e r is the
recove ry time, the high e r is
the clust e r availability. Failba c k refer s to the ability of a recove r e d node
retu r ni n g to norm al
oper a tio n after rep ai r or maint e n a n c e . Activen e s s refers to whet h e r the
node is used in active
work during nor m al oper a tio n.

• Hot sta n d b y serv e r clu s t e r s : In a hot stan d b y clust e r, only the

prim a r y node is actively doing all the useful work nor m ally. The stan d b y
node is powe r e d on (hot) and run nin g some monito ri n g progr a m s to
com m u n ic a t e hea r t b e a t signals to check the stat u s of the prim a ry node,
but is not actively runnin g othe r useful workloa d s . The prim a ry node mus t
mirro r any data to shar e d disk stora g e , which is acces si ble by the sta n d by
node. The stan d b y node requir e s a secon d copy of data.
• Activ e - tak e o v e r clu s t e r s : In this case, the archit e c t u r e is symm e t ri c
amon g multiple serve r
node s. Both serve r s are prima r y, doing useful work norm ally. Both
failover and failbac k are
often suppo r t e d on both serve r node s. When a node fails, the user
applica tion s fail over to
the availabl e node in the clust e r. Depe n di n g on the time requir e d to
imple m e n t the failover,
user s may experi e n c e som e delays or may lose some data that was not
save d in the last
check poi n t.

• Fail ov e r clu s t e r: When a compo n e n t fails, this tech niq u e allows the
rem ai ni n g syste m to
take over the service s originally provide d by the failed compo n e n t . A
failover mec h a ni s m
must provide seve r al function s, such as failur e diag no si s, failure
notification, and failur e
 | 24

recove ry. Failur e diag no sis refer s to the det e c tio n of a failure and the
location of the failed
compo n e n t that caus e d the failure. A comm o nly use d tech ni q u e is
hea r t b e a t , whe r e b y the
clust e r node s send out a stre a m of hea r t b e a t mes s a g e s to one anot h e r . If
the syste m does not
rec eive the stre a m of hea rt b e a t mes s a g e s from a node, it can conclud e
that eithe r the node or
the net wo r k conn e c tio n has failed.

Rec o v e r y Sc h e m e s

Fail ur e rec o v e r y refer s to the actions nee d e d to take over the workloa d of
a failed compo n e n t . Ther e are two types of recove ry tech niq u e s . In
bac k w a r d rec o v e r y , the proce s s e s run ni n g on a clust e r periodic ally save a
consis t e n t stat e (called a check p oin t) to a stabl e stor a g e . After a failur e, the
syste m is reconfig u r e d to isolat e the failed compo n e n t , resto r e s the previous
check p oi n t, and resu m e s nor m al oper a tio n. This is called rollback.
Backw a r d recove ry is relatively easy to imple m e n t in an applica tion-
indep e n d e n t , port a bl e fashion

If exec utio n time is crucial, such as in real- time syste m s whe r e the rollback
time canno t be toler a t e d , a forw ar d rec ov e ry sche m e should be used. With
such a sche m e , the syste m is not rolled back to the previou s check p oi n t
upon a failure. Inste a d , the syste m utilizes the failure diagno sis inform a tio n
to recon s t r u c t a valid syste m stat e and contin u e s exec utio n. Forw a r d
recove ry is applic ation- depe n d e n t and may nee d extr a hard w a r e

Che c k p o i n t i n g and Rec o v e r y Tec h n i q u e s

Checkp oin ti n g is the proce s s of periodic ally saving the stat e of an execu ti n g
prog r a m to stabl e stora g e , from which the syste m can recove r afte r a
failur e. Each progr a m stat e saved is called a check p oin t . The disk file that
cont ai n s the saved stat e is called the check p oi n t file.
Checkp oin ti n g tech ni q u e s are useful not only for availability, but also for
prog r a m deb u g gi n g ,
proc e s s migr a tio n, and load balan ci n g

Checkp oin ti n g can be realize d by the oper a ti n g syste m at the ker n e l lev e l ,
whe r e the OS tran s p a r e n t ly check poi n t s and res t a r t s proc e s s e s
A less tra n s p a r e n t app ro a c h links the use r code with a check poi n ti n g
library in th e us e r spa c e . Check pointin g and rest a r ti n g are handle d by
this runti m e suppo r t . This appr o a c h is used widely bec a u s e it has the
adva n t a g e that user applic ation s do not have to be modified.

A third appr o a c h req ui r e s the us e r (or th e co m p i l e r ) to inser t

check p oi n ti n g functions in the applica tio n; thus, the applica tio n has to be
modified, and the tran s p a r e n c y is lost. Howeve r , it has the advan t a g e that
the user can specify whe r e to check p oin t . This is helpful to red uc e
 | 25

check p oi n ti n g overh e a d . Check poi n ti n g incur s both time and stora g e

overh e a d s .

Che c k p o i n t Overh e a d s
During a prog r a m’s execu tion, its stat e s may be saved many time s. This is
denot e d by the time cons u m e d to save one check poi n t. The stor a g e
overh e a d is the extra me mo ry and disk spac e requir e d for check poi n ti n g.
Both time and stor a g e overh e a d s depe n d on the size of the check poi n t file.

Cho o s i n g an Opti m a l Che c k p o i n t Inte rv a l

The time period betw e e n two check poi n t s is called the check p oi n t interv al.
Making the interv al
larg e r can redu c e check poi n t time overh e a d .
Wong and Fra nklin derive d an expr e s sio n for optim al check poi n t interval

Optim al check poi n t interval = Squa r e root (MTTF x t c )/h

MTTF is the syste m’s mea n time to failur e. This MTTF accou n t s the time
cons u m e d to
save one check p oi n t , and h is the aver a g e perc e n t a g e of nor m al
comp u t a t i o n perfor m e d in a check p oi n t inte rv al befor e the syste m fails. The
para m e t e r h is always in the ran g e . After a syste m is resto r e d , it nee d s to
spen d h × (check p oi n t inte rv al) time to reco m p u t e .

Incr e m e n t a l Che c k p o i n t
Inst e a d of saving the full stat e at eac h check p oi n t, an incre m e n t a l
check p oi n t sche m e saves only the portion of the stat e that is chan g e d from
the previous check poi n t In full- stat e check p oi n ti n g , only one check p oi n t file
nee d s to be kept on disk. Subs e q u e n t check p oi n t s simply overw rit e this file.
With incre m e n t a l check p oi n ti n g , old files nee d e d to be kept, beca u s e a stat e
may span many files. Thus, the total stor a g e req ui r e m e n t is large r

Fork e d Che c k p o i n t i n g
Most check p oin t sche m e s are blockin g in that the nor m al comp u t a ti o n is
stopp e d while check p oi n tin g is in prog r e s s . With enou g h me mo ry,
check p oi n t overh e a d can be red uc e d by making a copy of the progr a m stat e
in me mo ry and invoking anoth e r asynch r o n o u s thre a d to perfor m the
check p oi n ti n g concu r r e n t ly. A simple way to overla p check p oin ti n g with
comp u t a t i o n is to use the UNIX fork( ) syste m call. The forke d child proce s s
duplic at e s the pare n t proce s s’s addr e s s spac e and check poi n t s it.
Mea n w hile, the par e n t proce s s contin u e s execu tio n. Overla p pi n g is achieve d
since check p oi n ti n g is disk- I/O inten sive

Us e r- Dire c t e d Che c k p o i n t i n g
The check p oi n t overh e a d s can som e ti m e s be subs t a n t i ally red uc e d if the
user inser t s code (e.g.,
libra ry or syste m calls) to tell the syste m when to save, what to save, and
what not to save. What
 | 26

should be the exact conte n t s of a check poi n t ? It should cont ai n just enou g h
infor m a ti o n to allow a syste m to recove r. The stat e of a proce s s includ e s its
dat a stat e and cont rol stat e

Che c k p o i n t i n g Parall e l Pro g r a m s The stat e of a par allel prog r a m is

usually much large r
than that of a sequ e n ti al prog r a m , as it consist s of the set of the stat e s of
individu al proce s s e s , plus the stat e of the comm u ni c a t io n netwo r k.
Parallelis m also intro d u c e s various timing and consis t e n c y proble m s
Con s i s t e n t Sn a p s h o t
A global snap s h o t is called consist e n t if ther e is no mess a g e that is receive d
by the check p oi n t of
one proc e s s , but not yet sent by anot h e r proce s s . Grap hic ally, this
corr e s p o n d s to the cas e that no
arro w cross e s a sna ps h o t line from right to left

Coord i n a t e d vers u s Ind e p e n d e n t Che c k p o i n t i n g

Checkp oin ti n g sche m e s for parallel prog r a m s can be classified into two
types. In coordin a t e d check poi n ti n g (also called consis t e n t check p oi n ti n g),
the par allel prog r a m is froze n, and all proce s s e s are check poi n t e d at the
sam e time. In inde p e n d e n t check p oi n tin g, the proce s s e s are check p oi n t e d
indep e n d e n t of one anot h e r .

Clu s t e r Job Sc h e d u l i n g and Man a g e m e n t

A Job Man a g e m e n t Syst e m ( JMS ) should have thre e part s:

 A us e r serv e r lets the user submit jobs to one or more que u e s , specify
reso u r c e req ui r e m e n t s for each job, delet e a job from a que u e , inquir e
about the stat u s of a job or a que u e.
 A job sc h e d u l e r that perfor m s job sche d uli n g and queuin g accor di n g
to job types, resou r c e requir e m e n t s , reso u r c e availability, and
sche d ulin g policies.
 A res o u r c e ma n a g e r that alloca t e s and monitor s resou r c e s , enforc e s
sche d ulin g policies, and collects accou n ti n g infor m a tio n .

JMS Admi n i s t r a t i o n

 JMS should be able to dyna mic ally reconfigu r e the cluste r with
minim al impac t on the runnin g jobs.
 The admi nis t r a t o r’s prolog u e and epilogu e script s should be able to
run before and after each job for secu ri ty checki n g, accou n ti n g , and
clean u p .
 Users should be able to cleanly kill their own jobs.
 The adminis t r a t o r or the JMS should be able to clea nly susp e n d or kill
any job.
 Clean mea n s that when a job is susp e n d e d or killed, all its
proc e s s e s must be includ e d.
 | 27

 Othe r wi s e some “orph a n ” proc e s s e s are left in the syste m ,

was tin g clust e r reso u r c e s and may event u a lly rend e r the syste m
unus a bl e .

Sev er a l typ e s of jobs execu t e on a clust e r.

 Serial jobs run on a single node.

 Parallel jobs use multiple nodes .
 Inte r a c tive jobs are those that requir e fast turn a r o u n d time, and their
input/ou t p u t is direc t e d to a ter mi n al.
 Thes e jobs do not nee d larg e reso u r c e s , and the user s expe ct
the m to exec ut e imme di a t ely, not mad e to wait in a que u e .
 Batch jobs norm ally need more resou r c e s , such as larg e me mo ry
spac e and long CPU time.
 But they do not need imme di a t e res po n s e .
 They are sub mit t e d to a job queu e to be sche d ul e d to run when
the reso u r c e beco m e s available (e.g., during off hours).
Multi- Job Sch e d u l i n g Sc h e m e s

 Cluste r jobs may be sche d ul e d to run at a specific time ( cal e n d a r

sch e d u l i n g ) or when a particul a r event happ e n s (eve n t sc h e d u l i n g ).
 Jobs are sche d ul e d accor din g to priorities bas e d on sub mi s sion time,
reso u r c e node s, exec utio n time, memo ry, disk, job type, and use r
identity.
 With stati c priori ty , jobs are assig n e d priorities accordi n g to a
pre d e t e r m i n e d , fixed sche m e .
 A simple sche m e is to sche d ul e jobs in a first- come, first- serve
fashion.
 Anoth e r sche m e is to assig n differ e n t priorities to user s.
With dyna m i c priority , the priority of a job may chan g e over time.
 | 28

Job Sche d uli n g Issue s and Sche m e s for Clust e r Node s

Sc h e d u l i n g Mod e s

Ded i c a t e d Mod e :
 Only one job runs in the cluste r at a time, and at most one proce s s of
the job is assign e d to a node at a time.
 The single job runs until comple tion before it relea s e s the clust e r to
run othe r jobs.

Spa c e Sh ari n g :
Multiple jobs can run on disjoint partition s (grou p s) of node s
simult a n e o u s ly.
 At most one proc e s s is assig n e d to a node at a time.
 Althoug h a partition of node s is dedic a t e d to a job, the inter c o n n e c t
and the I/O subsys t e m may be shar e d by all jobs.

Tim e sh ari n g :
 Multiple user proce s s e s are assign e d to the sam e node.
Time- sha ri n g introd u c e s the following parallel sche d uli n g policies:

 Ind e p e n d e n t
Sch e d u l i n g (Ind e p e n d e n t ) : Uses the oper a ti n g
syste m of each clust e r node to sche d ul e differ e n t proc e s s e s as in
a tradition al works t a ti o n.
 Gan g Sc h e d u l i n g : Sche d ul e s all proce s s e s of a parallel job
toget h e r . When one proce s s is active, all proce s s e s are active.
 | 29

 Com p e t i t i o n with Fore i g n (Loc a l ) Jobs : Sche d ulin g beco m e s

more complic a t e d when both clust e r jobs and local jobs are
run ni n g. The local jobs should have priority over clust e r jobs.

1. Mi gr a t i o n Sc h e m e Iss u e s Nod e Availa b i l i ty : Can the job find

anot h e r availabl e node to migr a t e to?

 Berkeley study : Even during peak hours, 60% of works t a ti o n s in

a clust e r are availabl e.

2. Mi gr a t i o n Overh e a d : What is the effect of the migr a tio n overh e a d ?

The migr a tio n time can significa n tly slow down a parallel job.
 Berkeley study : a slowdow n as grea t as 2.4 times.
 Slowdo w n is less if a parallel job is run on a clust e r of twice the
size.
 e.g. a 32- node job on a 60- node cluste r – migr a tio n slowdow n no
more tha n 20%, even when migra tio n time of 3 minut e s .

3. Recr u i t m e n t Thre s h o l d : the amou n t of time a works t a tio n stays

unus e d befor e the clust e r conside r s it an idle node. What should be
the rec r uit m e n t thre s h old ?

Virtu a l i z a t i o n is a comp u t e r archit e c t u r e tech n ology by which multiple

virtu al mac hi n e s (VMs) are multiplexe d in the sam e har d w a r e machin e. The
purpo s e of a VM is to enh a n c e resou r c e shari n g by many user s and improve
comp u t e r perfor m a n c e in ter m s of resou r c e utilization and applica tio n
flexibility. Har d w a r e reso u r c e s (CPU, me mo ry, I/O device s, etc.) or softw a r e
reso u r c e s (oper a ti n g syste m and softw a r e libra ri e s) can be virtualize d in
variou s function al layers
 | 30

A tradition al comp u t e r runs with a host oper a ti n g syste m speci ally tailor e d
for its hard w a r e arc hit e c t u r e , as show n in Figur e ( a). After virtu aliza tio n,
differe n t use r applica tio n s man a g e d by their own oper a ti n g syste m s (gues t
OS) can run on the sam e har d w a r e , indep e n d e n t of the host OS. This is
often done by adding addition al softw a r e , called a virtualiza tion layer as
show n in Figur e( b). This virtualiza tion layer is known as hype rviso r or
virtu al mac hi n e monitor (VMM). The VMs are in the uppe r boxes, whe r e
applica tion s run with their own gues t OS over the virtualize d CPU, me mo ry,
and I/O resou r c e s . The main function of the softw a r e layer for virtu aliza tio n
is to virtu alize the physical hard w a r e of a host mac hi n e into virtu al
reso u r c e s to be use d by the VMs

Level s of Virtu a l i z a t i o n Impl e m e n t a t i o n

The virtualiza tio n softw a r e cre a t e s the abst r a c ti o n of VMs by inter p o si n g a

virtu aliza tio n layer at various levels of a comp u t e r syste m .

Comm o n virtu aliza tion layers includ e

 Inst ru c tio n set archit e c t u r e (ISA) level

 Hard w a r e level
 Oper a ti n g syste m level
 Libra ry suppo r t level
 Applicatio n level
 | 31

Ins tr u c t i o n Set Archi t e c t u r e Level: Virtualization is perfor m e d by

emul ati n g a given ISA by the ISA of the host mac hin e.

e.g, MIPS bina ry code can run on an x-86- bas e d host mac hi n e with
the help of ISA emula tion. Typical syste m s : Bochs, Cruso e, Que m u, BIRD,
Dynam o

Advan t a g e :

• It can run a larg e amou n t of legacy binary codes writt e n for

variou s proc e s s o r s on any given new hard w a r e host mac hin e s
• best applic ation flexibility
Limit a t i o n :
• One sourc e instru c tio n may requir e tens or hund r e d s of native
targ e t instr u c tio n s to perfor m its function, which is relatively
slow.

• V-ISA requi r e s addin g a proc e s s o r- specific softw a r e tra n sl a tio n

layer in the complie r.

Virtu a l i z a t i o n at Hard w a r e Abstr a c t i o n lev e l: Virtualization is

perfor m e d right on top of the har d w a r e .

• It gene r a t e s virtu al har d w a r e environ m e n t s for VMs, and man a g e s the

und e rlyin g hard w a r e throu g h virtu aliz ation.
 | 32

•Typical syste m s : VMwar e, Virtual PC, Denali, Xen

Advan t a g e :
• Has highe r perfor m a n c e and good applica tio n isolation

Limit a t i o n :
• Very expen s ive to imple m e n t (complexity)

Virtu a l i z a t i o n at Oper a t i n g Sys t e m (OS) lev e l: It is an abst r a c ti o n layer

betw e e n tradition al
OS and user applica tion s .
• This virtu aliza tio n crea t e s isolat e d cont ai n e r s on a single physic al
serve r and the OS- insta n c e to utilize the har d w a r e and softw a r e in
dat ac e n t e r s .
• Typical syste m s : Jail / Virtual Environ m e n t / Ensim' s VPS / FVM
Advan t a g e :
• Has minim al sta r u p/ s h u t d o w n cost, low resou r c e requir e m e n t , and
high scala bility; synch ro niz e VM and host stat e chan g e s .
Limit a t i o n :
• All VMs at the oper a ti n g syste m level mus t have the sam e kind of
gues t OS
• Poor applica tion flexibility and isolation.

Library Su p p o r t lev e l: It crea t e s execu tio n environ m e n t s for run ni n g alien

prog r a m s on a platfor m rath e r than crea ti n g VM to run the entir e oper a ti n g
syste m.
• It is done by API call inte rc e p t io n and rem a p pi n g .
• Typical syste m s : Wine, WAB, LxRun , VisualM ai nWin
Advan t a g e :
• It has very low imple m e n t a t i o n effort

Limit a t i o n :
• Poor applica tion flexibility and isolation

Us e r- Appli c a t i o n lev el: It virtualize s an applica tion as a virtu al machi n e .

• This layer sits as an applica tion prog r a m on top of an oper a ti n g
syste m and export s an abst r a c ti o n of a VM that can run prog r a m s
writt e n and compile d to a partic ul a r abst r a c t mac hi n e definition.
• Typical syste m s : JVM , NET CLI , Panot
Advan t a g e :
• has the bes t applic ation isolation

Limit a t i o n :
 | 33

• Low perfor m a n c e , low applica tio n flexibility and high imple m e n t a t i o n

complexity .

OS- Level Virtu a l i z a t i o n

Oper a ti n g syste m virtu alization inse rt s a virtu aliza tion layer inside an
oper a ti n g syste m to
partition a machin e’s physical resou r c e s . It ena bl e s multiple isolat e d VMs
within a single oper a ti n g syste m kern el. This kind of VM is often called a
virtu al execu tion enviro n m e n t (VE), Virtual Privat e Syste m (VPS), or simply
cont ai n e r . From the user’s point of view, VEs look like real serve r s . This
mea n s a VE has its own set of proc e s s e s , file syste m , use r accou n t s , netw o r k
inte rf a c e s with IP add r e s s e s , routin g tables, firew all rules, and othe r
pers o n al settin g s . Althoug h VEs can be custo mize d for differ e n t people, they
sha r e the sam e oper a ti n g syste m kern el. Therefo r e, OS- level virtualiza tio n is
also called single- OS imag e virtu alization
 | 34

Oper a t i n g syst e m virtu a l i z a t i o n fro m th e poi n t of view of a ma c h i n e

sta c k

Advan t a g e s of OS Exte n s i o n for Virtu a li z a t i o n

1. VMs at OS level has minim u m star t u p/ s h u t d o w n costs

2. OS- level VM can easily synch r o niz e with its
environ m e n t

Dis a d v a n t a g e of OS Exte n s i o n for Virtu a l i z a t i o n

All VMs in the sam e OS cont ai n e r must have the sam e or similar gues t
OS, which rest ric t
applica tion flexibility of differe n t VMs on the sam e physical mac hi n e .

Hyp e rvi s o r an d Xen Archi t e c t u r e

The hype rviso r suppo r t s hard w a r e- level virtualiza tio n (see Figur e 3.1(b)) on
bare met al devices like CPU, memo ry, disk and netw o rk interfa c e s . The
hype rviso r softwa r e sits directly betw e e n the physical har d w a r e and its OS.
This virtualiza tion layer is refer r e d to as eithe r the VMM or the hype rviso r.
The hype rviso r provide s hype r c alls for the gues t OSes and applic ation s.
 | 35

Depe n di n g on the function ality, a hype rvis or can assu m e a micro- kern el
arc hit e c t u r e like the Microsoft Hype r- V. Or it can assu m e a monolithic
hype rviso r archit e c t u r e like the VMwar e ESX for serve r virtualiza tion

The Xen Arch it e c t u r e

Xen is an open sourc e hype rviso r prog r a m develop e d by Camb ri d g e

Univer sity. Xen is a microk e r n e l hype rvis o r, which sepa r a t e s the policy from
the mech a ni s m . The Xen hype rviso r imple m e n t s all the mec h a ni s m s , leaving
the policy to be handle d by Domain 0. Xen does not includ e any device
driver s natively. It just provide s a mec h a ni s m by which a gue s t OS can have
direct acces s to the physic al devices. Xen provide s a virtual environ m e n t
locat e d betw e e n the hard w a r e and the OS .

The Xen arch i t e c t u r e ’ s spe c i a l do m a i n 0 for con t r o l and I/O, and sev e r a l
gu e s t do m a i n s for us er appli c a t i o n s

The core compo n e n t s of a Xen syste m are the hype rviso r, kern el, and
applica tion s The gues t OS, which has cont rol ability, is called Domain 0, and
the othe r s are called Domain U. Domain 0 is a privileg e d gues t OS of Xen. It
is first loade d whe n Xen boots withou t any file syste m drive rs being
availa ble. Domain 0 is desig n e d to acces s har d w a r e direc tly and man a g e
devices. Ther efor e , one of the res po n si bilities of Domain 0 is to alloca t e and
map har d w a r e resou r c e s for the gues t domai n s (the Domain U domai n s).

Bin ary Tran s l a t i o n with Full Virtu a l i z a t i o n

Depe n di n g on imple m e n t a t i o n tech n ologi e s , har d w a r e virtu aliza tio n can be
classifie d into two cate g o ri e s : full virtualiza tion and host- bas e d
virtu aliza tio n.

Full virtualiza tion does not nee d to modify the host OS. It relies on bina ry
tran sl a tio n to trap and to virtu alize the execu tion of cert ai n sensitive, non
virtu aliza bl e instr u c tio n s . The gues t OS es and their applica tio n s consist of
nonc ritic al and critical instr u c tio n s . In a host- bas e d syste m , both a host OS
and a gues t OS are use d. A virtu aliza tio n softwa r e layer is built betw e e n the
host OS and gues t OS
 | 36

Full Virtu al i z a t i o n

With full virtu aliz ation, noncritic al instr u c tio n s run on the har d w a r e directly
while critical
instr u c tio n s are discove r e d and repla c e d with trap s into the VMM to be
emul at e d by softw a r e . Both the hyperviso r and VMM app ro a c h e s are
consid e r e d full virtualiza tion. Why are only critical instr u c tio n s tra p p e d into
the VMM? This is beca u s e bina ry tran sl a tio n can incur a larg e perfor m a n c e
overh e a d . Nonc ritic al instr u c tio n s do not cont rol har d w a r e or thre a t e n the
secu ri ty of the syste m , but critical instr u c tio n s do. Ther efo r e , run nin g
nonc ritic al instr u c tio n s on hard w a r e not only can promo t e efficiency, but
also can ens u r e syste m secu ri ty.

Bin ary Tran s l a t i o n of Gue s t OS Req u e s t s Usi n g a VMM

This appr o a c h was imple m e n t e d by VMwar e and many othe r softw a r e

comp a ni e s . VMwar e puts the VMM at Ring 0 and the gues t OS at Ring 1.
The VMM scans the instr u c tio n stre a m and identifies the privileg e d , cont rol-
and behavior- sensitive instr u c tio n s . When thes e instr u c tio n s are identified,
they are tra p p e d into the VMM, which emula t e s the beh avior of thes e
instr u c tio n s . The met ho d use d in this emula tion is called bina ry tran sl a tio n.
Therefor e , full virtualiza tio n
combin e s bina ry tran sl a tio n and direct execu tion. The gues t OS is
comple t ely decou pl e d from the unde rlying har d w a r e . Cons e q u e n t ly, the
gues t OS is unaw a r e that it is being virtu alize d

Ho s t - Bas e d Virtu a l i z a t i o n

An alter n a t iv e VM archit e c t u r e is to install a virtu aliza tion layer on top of

the host OS. This host OS is still res po n si bl e for man a gi n g the hard w a r e .
The gues t OSes are installe d and run on top of the virtu alization layer.
Dedica t e d applic a tion s may run on the VMs. Cert ai nly, some othe r
applica tion s can also run with the host OS direc tly.

This host bas e d archit e c t u r e has som e distinct adva n t a g e s . First, the use r
can install this VM archit e c t u r e witho u t modifying the host OS. The
 | 37

virtu alizing softw a r e can rely on the host OS to provide device driver s and
othe r low- level service s. This will simplify the VM desig n and eas e its
deploym e n t . Secon d, the host- bas e d app ro a c h app e al s to many host
machin e configu r a ti o n s .

Comp a r e d to the hype rviso r/VM M archit e c t u r e , the perfor m a n c e of the host-
bas e d arc hit e c t u r e may also be low. When an applica tio n requ e s t s hard w a r e
acce s s , it involves four layers of mappi n g which downg r a d e s perfor m a n c e
significa n tly. When the ISA of a gues t OS is differe n t from the ISA of the
und e rlyin g hard w a r e , bina ry tra n sl a tio n must be adopt e d . Althou g h the
host- bas e d arc hit e c t u r e has flexibility, the perfor m a n c e is too low to be
useful in prac tic e.
Para- Virtu a l i z a t i o n with Com p i l e r Sup p o r t

Para- virtualiza tio n nee d s to modify the gues t oper a ti n g syste m s . A para-
virtu alize d VM provide s
speci al APIs req ui ri n g subs t a n t i al OS modificatio n s in user applica tio n s .
Para- virtualiza tio n atte m p t s to redu c e the virtualiza tio n overh e a d , and thus
improve perfor m a n c e by modifying only the gues t OS kern el.
The gues t oper a ti n g syste m s are para- virtualize d. They are assist e d by an
intellige n t compile r to repla c e the non virtualiza ble OS instr u c tio n s by
hype r c alls The lower the ring num b e r , the highe r the privileg e of instr u c tio n
being execu t e d . The OS is res po n si ble for man a gi n g the har d w a r e and the
privileg e d instru c tio n s to execu t e at Ring 0, while use r- level applica tio n s
run at Ring 3.
The bes t exam pl e of para- virtualiza tion is the KVM

Para- virtu a l i z e d VM arc hi t e c t u r e

VIRTUALIZATIO N OF CPU, MEMORY, AND I/O DEVICES

To suppo r t virtu aliza tio n, proc e s s o r s such as the x86 employ a special
run ni n g mode and instr u c tio n s , known as hard w a r e- assist e d virtualiza tio n.
In this way, the VMM and gues t OS run in differe n t mode s and all sensitive
instr u c tio n s of the gues t OS and its applica tion s are trap p e d in the VMM. To
save proce s s o r stat e s , mode switc hin g is compl et e d by har d w a r e .
 | 38

Mode r n oper a ti n g syste m s and proce s s o r s per mit multiple proc e s s e s to run
simult a n e o u s ly. If ther e is no prote c tio n mech a ni s m in a proc e s s o r , all
instr u c tio n s from differe n t proce s s e s will acce s s the hard w a r e direc tly and
caus e a syste m cras h. Ther efor e , all proc e s s o r s have at least two mode s,
user mode and supe rviso r mode, to ensu r e controlle d acce s s of critical
har d w a r e . Instr u c tio n s run ni n g in supe rviso r mode are called privileg e d
instr u c tio n s . Othe r instr u c tio n s are unprivile g e d instr u c tio n s . In a
virtu alize d environ m e n t , it is more difficult to make OSes and applic ation s
run corr e c tly beca u s e ther e are more layers in the mac hi n e stack. The
VMwar e
Workst a tio n is a VM softw a r e suite for x86 and x86- 64 comp u t e r s . This
softw a r e suite allows use r s to set up multiple x86 and x86- 64 virtual
comp u t e r s and to use one or more of thes e VMs simult a n e o u s ly with the
host oper a ti n g syste m . The VMwar e Workst a tio n assu m e s the host- bas e d
virtu aliza tio n. Xen is a hyperviso r for use in IA-32, x86- 64, Itaniu m , and
Powe r P C 970 hosts.

CPU Virtu al i z a t i o n
A VM is a duplica t e of an existing comp u t e r syste m in which a majority of
the VM instr u c tio n s are execu t e d on the host proc e s s o r in native mode.
Thus, unp rivileg e d instr u c tio n s of VMs run direc tly on the host mac hin e for
highe r efficiency. Othe r critic al instr u c tio n s should be han dl e d carefully for
corr e c t n e s s and stability. The critical instr u c tio n s are divided into thre e
cate g o ri e s : privileg e d instr u c tio n s , control sensitive instr u c tio n s, and
beh avior- sensitive instr u c tio n s . Privileg e d instr u c tio n s exec u t e in a
privileg e d mode and will be tra p p e d if execu t e d outsid e this mode. Cont rol-
sensitive instr u c tio n s att e m p t to chan g e the configu r a t io n of reso u r c e s
used. Behavior- sensitive instr u c tio n s have differe n t behavior s depe n di n g on
the configu r a ti o n of resou r c e s , includin g the load and store oper a tio n s over
the virtual memo ry. A CPU archit e c t u r e is virtualiza bl e if it suppo r t s the
ability to run the VM’s privileg e d and unp rivileg e d instr u c tio n s in the CPU’s
user mode while the VMM runs in supe rviso r mode.

Me m o r y Virtu a l i z a t i o n
Virtual me mo ry virtu aliza tio n is similar to the virtu al me mo ry suppo r t
provide d by mode r n oper a ti n g syste m s . In a tradition al executio n
environ m e n t , the ope r a ti n g syste m maint ai n s map pi n g s of virtual me mo ry to
machin e me mo ry using page tables, which is a one- stag e mappi n g from
virtu al mem o ry to mac hin e memo ry. All mode r n x86 CPUs includ e a mem o ry
man a g e m e n t unit (MMU) and a tran sl a tio n lookasid e buffer (TLB) to
optimize virtu al memo ry perfor m a n c e . Howeve r , in a virtu al exec ution
environ m e n t , virtual me mo ry virtu aliza tio n involves sha ri n g the physical
syste m memo ry in RAM and dyna mi c ally allocatin g it to the physical
mem o ry of the VMs. a two- stag e mappi n g proc e s s should be maint ai n e d by
the gues t OS and the VMM, res p e c tiv ely: virtual mem o ry to physical
mem o ry and physic al mem o ry to machin e me mo ry. The gues t OS contin u e s
to cont rol the map pin g of virtu al addr e s s e s to the physical me mo ry
 | 39

addr e s s e s of VMs. But the gues t OS canno t directly acce s s the actu al
machin e me mo ry.
The VMM is res po n si ble for map pi n g the gues t physical mem o ry to the
actu al mac hi n e mem o ry

I/O Virtu a l i z a t i o n

I/O virtu aliza tio n involves man a gi n g the routin g of I/O requ e s t s betw e e n
virtu al devices and
the sha r e d physical har d w a r eAll the function s of a device or bus
infras t r u c t u r e , such as device enu m e r a t i o n , identifica tio n, inter r u p t s , and
DMA, are replic a t e d in softw a r e . This softw a r e is locat e d in the VMM and
acts as a virtu al device. The I/O acces s requ e s t s of the gues t OS are tra p p e d
in the VMM which inter a c t s with the I/O device sA single har d w a r e device
can be shar e d by multiple VMs that run conc u r r e n t ly

VIRTUAL CLUSTER S AND RESOU RCE MANAGEME N T

A physical clust e r is a collection of serve r s (physical mac hin e s )

inte rc o n n e c t e d by a physic al netw o r k such as a LAN.
Virtual clust e r s are built with VMs installe d at distrib u t e d serve r s from one
or more physical clust e r s .
The VMs in a virtu al clust e r are interc o n n e c t e d logically by a virtual
netw o r k acros s sever al
physical netwo r k s

A clo u d platf or m with four virtu a l clu s t e r s over thr e e phy si c a l

clu s t e r s

Phys i c a l vers u s Virtu a l Pro c e s s o r cor e s

 | 40

Phys i c a l cor e s Virtu a l cor e s

The actu al physical core s pres e n t in There can be more virtual core s
the proc e s s o r visible to a single OS than ther e are
physical cores.

More burd e n on the softw a r e to Design of softw a r e beco m e s easie r

write applica tio n s which can run as the har d w a r e assist s the softw a r e
directly on the cores. in dyna mic reso u r c e utilization

Hard w a r e provide s no assis t a n c e to Hard w a r e provide s assis t a n c e to the

the softw a r e and is henc e simple r softw a r e and is henc e more complex.

Poor reso u r c e man a g e m e n t Bette r resou r c e man a g e m e n t

The lowes t level of syste m softw a r e The lowes t level of syste m softw a r e
has to be modified. nee d not be modified

VIRTUALIZATIO N FOR DATA- CENTER AUTOMATIO N

Data- cent e r auto m a ti o n mea n s that huge volum e s of hard w a r e , softw a r e ,
and data b a s e resou r c e s in thes e dat a cent e r s can be allocat e d dyna mic ally
to millions of Inte r n e t user s simult a n e o u s ly, with guar a n t e e d QoS and cost-
effective n e s s . This auto m a ti o n proc e s s is trigg e r e d by the grow t h of
virtu aliza tio n produ c t s and cloud comp u ti n g servic es . Virtualization is
moving towa r d s enh a n ci n g mobility, red uci n g plann e d down ti m e (for
maint e n a n c e ), and incre a s i n g the num b e r of virtual client s.
The lates t virtu aliza tion develop m e n t highligh t s high availability (HA),
backu p service s, workloa d balan cin g, and furth e r incre a s e s in client base s

Serv er Con s o l i d a t i o n in Dat a Cent e r s

In data cent e r s , a larg e num b e r of het e r o g e n e o u s workloa d s can run on

serve r s at various time s. Thes e hete r o g e n e o u s workloa d s can be roug hly
divide d into two cate g o ri e s : chat ty workloa d s and non inte r a c tiv e
workloa d s . Chatty workloa d s may burs t at som e point and retu r n to a silent
stat e at som e othe r point. A web video servic e is an exam pl e of this,
whe r e b y a lot of people use it at night and few people use it during the day.
Non inte r a c t ive workloa d s do not requir e people’s efforts to make progr e s s
after they are submit t e d . High- perfor m a n c e comp u ti n g is a typical exa m pl e
of this. At various stag e s , the req ui r e m e n t s for resou r c e s of thes e workloa d s
are dra m a t i c ally differe n t . Howeve r , to gua r a n t e e that a workloa d will
always be able to cope with all dem a n d levels, the workloa d is static ally
allocat e d enou g h reso u r c e s so that peak dem a n d is satisfie d

Therefor e , it is com m o n that most serve r s in dat a cent e r s are und e r u t ilize d.
A larg e amou n t of
har d w a r e , spac e, pow e r, and man a g e m e n t cost of thes e serve r s is wast e d.
Serve r consolida tio n is an appr o a c h to improve the low utility ratio of
har d w a r e reso u r c e s by redu ci n g the num b e r of physical serve r s . Among
seve r al serve r consolid a tio n tech niq u e s such as cent r a liz e d and physical
 | 41

consolid a tio n, virtu alization- bas e d serve r consolida tio n is the most powe rf ul.
Data cent e r s need to optimiz e their resou r c e man a g e m e n t the use of VMs
incre a s e s reso u r c e man a g e m e n t complexity. This caus e s a challen g e in
ter m s of how to improve reso u r c e utilization as well as gua r a n t e e QoS in
dat a cent e r s .

Advan t a g e s

 Consolid a tio n enha n c e s hard w a r e utilization. Many unde r u tilize d

serve r s are consolida t e d into fewer serve r s to enh a n c e resou r c e
utilization. Consolid a tio n also facilitat e s backu p servic es and disas t e r
recove ry.

 This appr o a c h ena bl e s more agile provisionin g and deploym e n t of

reso u r c e s . In a virtual
environ m e n t , the imag e s of the gues t OSes and their applica tion s
are rea dily clone d and
reus e d .

 The total cost of owne r s hi p is redu c e d . In this sens e, serve r

virtualiza tion caus e s defer r e d
purc h a s e s of new serve r s , a smalle r dat a- cent e r footprin t, lower
maint e n a n c e costs, and
lower powe r, cooling, and cabling req ui r e m e n t s .

 This appr o a c h improve s availability and busin e s s continui ty. The

cras h of a gue s t OS has no effect on the host OS or any othe r gues t
OS. It beco m e s easie r to tran sfe r a VM from one serve r to anot h e r ,
bec a u s e virtu al serve r s are una w a r e of the unde rlyin g hard w a r e .

To auto m a t e data- cent e r oper a tio n s , one must consid e r resou r c e

sche d ulin g, archit e c t u r a l suppo r t , powe r man a g e m e n t , auto m a ti c or
auton o mi c resou r c e man a g e m e n t , perfor m a n c e of analytic al models
UNIT - 2

Intr o d u c t i o n to Clou d Com p u t i n g

“Cloud is a parallel and distrib u t e d comp u ti n g syste m consistin g of a
collection of
inte r- conn e c t e d and virtu alize d comp u t e r s that are dyna mic ally provision e d
and pres e n t e d as one or more unified comp u ti n g resou r c e s bas e d on
servic e- level agr e e m e n t s (SLA) esta blis h e d thro u g h negoti a tio n betw e e n the
servic e provide r and cons u m e r s .”

“Clouds are a large pool of easily usable and acce s si ble virtu alize d
reso u r c e s (such as hard w a r e , develop m e n t platfor m s and/or service s).
Thes e resou r c e s can be dyna mic ally reconfig u r e d to adjus t to a varia bl e
load (scale), allowing also for an optim u m reso u r c e utilization”
 | 42

“This pool of resou r c e s is typically exploite d by a pay- per- use model in

which gua r a n t e e s are offere d by the Infras t r u c t u r e Provide r by mea n s of
custo miz e d Servic e Level Agre e m e n t s .”

“Clouds are har d w a r e base d service s offering comp u t e , netw o r k, and

stora g e capa ci ty wher e Hard w a r e man a g e m e n t is highly abst r a c t e d from
the buye r, buyer s incur infras t r u c t u r e costs as varia bl e OPEX, and
infras t r u c t u r e capacity is highly elas tic.”

Key ch ar a c t e r i s t i c s of clo u d co m p u t i n g
(1) the illusion of infinite comp u ti n g resou r c e s ;
(2) the elimin a tio n of an up- front com mit m e n t by cloud use r s;
(3) the ability to pay for use…as nee d e d

The Nati o n a l Ins ti t u t e of Sta n d a r d s and Tec h n o l o g y (NI ST )

cha r a c t e r i z e s clo u d co m p u t i n g as “. . . a pay- per- use model for ena bling
availa ble, conve ni e n t , on- dem a n d net wo r k acce s s to a shar e d pool of
configu r a bl e comp u ti n g resou r c e s (e.g. netwo r k s , serve r s , stora g e ,
applica tion s, servic es) that can be rapidly provision e d and rele a s e d with
minim al man a g e m e n t effort or service provide r inter a c tio n”.

Most com m o n char a c t e r i s ti c s which a cloud should have:

(i) pay- per- use (no ongoing com mit m e n t , utility prices); (ii) elastic capa city
and the illusion of infinite reso u r c e s ; (iii) self- service interf ac e; and (iv)
reso u r c e s that are abs t r a c t e d or virtualize d.

1. 2 Root s of Clou d Com p u t i n g

The roots of clouds comp u ti n g can be track e d by obse rvin g the

adva n c e m e n t ofseve r al techn olo gi e s , espe ci ally in har d w a r e (virtu aliz ation,
multi- core chips),Int e r n e t tech nologi e s (Web service s, service- orient e d
arc hit e c t u r e s , Web 2.0),dis t ri b u t e d comp u ti n g (clust e r s , grids), and syste m s
man a g e m e n t (auton o m i cc o m p u t i n g , data cent e r auto m a ti o n).

Figur e 1.1 shows the conve r g e n c e oftec h n olo gy fields that significa n tly
adva n c e d and contrib u t e d to the adve n t of cloud comp u ti n g .
 | 43

The IT world is curr e n tly expe rie n ci n g a switch from in- hous e g e n e r a t e d
comp u ti n g powe r into utility- supplied comp u ti n g reso u r c e s deliver e d ov e r
the Inte r n e t as Web service s .

Comp u ti n g deliver e d as a utility can be define d as “on dem a n d delivery of

infras t r u c t u r e , applica tio n s , and busin e s s proc e s s e s in a security- rich,
sha r e d , s c al a bl e, and base d comp u t e r environ m e n t over the Inte r n e t for a
fee”.

This model bring s ben efits to both cons u m e r s and provide r s of IT

servic es .Co n s u m e r s can att ain redu c tio n on IT-relat e d costs by choosin g to
obtain c h e a p e r servic es from exter n a l provide r s as oppos e d to heavily
investin g on ITinfras t r u c t u r e and perso n n e l hiring. The “on- dem a n d ”
compo n e n t of this mo d el allows consu m e r s to ada p t their IT usag e to rapidly
incre a si n g or
unp r e di c t a b l e comp u ti n g nee d s .

Provide r s of IT servic e s achieve bett e r oper a tio n al costs; har d w a r e

andsoft w a r e infra s t r u c t u r e s are built to provide multiple solutions and serve
manyu s e r s , thus incre a si n g efficiency and ultim a t ely leading to faste r ret u r n
oninves t m e n t (ROI) as well as lower total cost of owne r s hi p (TCO).

In the 1970 s, comp a ni e s who offere d com m o n dat a p r o c e s s i n g tasks, such as

payroll auto m a t io n, oper a t e d time- shar e d mainfr a m e s a s utilities, which
could serve dozen s of applica tion s and often oper a t e d close to 100% of their
capacity.
 | 44

The mainfr a m e era collaps e d with the adve n t of fast and

inexpe n s ive m ic r o p r o c e s s o r s and IT data cent e r s moved to collection s of
com m o ditys e r v e r s . Apart from its clear adva n t a g e s , this new model
inevita bly led toisolatio n of workloa d into dedic a t e d serve r s , mainly due to
incom p a t i bilities b e t w e e n softw a r e stack s and oper a ti n g syste m s .

In addition, the unavaila bilityof efficient comp u t e r netw o r k s mea n t that IT

infras t r u c t u r e should behos t e d in proximity to whe r e it would be consu m e d .
Altoget h e r , thes e facts h a v e preve n t e d the utility comp u ti n g reality of taking
place on mode r n c o m p u t e r syste m s . Thes e facts reve al the pote n ti al of
deliveri n g comp u ti n g service s witht h e spee d and reliability that busin e s s e s
enjoy with their local machin e s . Theb e n efit s of econo mi e s of scale and high
utilization allow provide r s to offerco m p u t i n g servic es for a fraction of what
it costs for a typical comp a n y that
gen e r a t e s its own comp u ti n g powe r.

SOA, Web Servi c e s , Web 2. 0, and Mas h u p s

The eme r g e n c e of Web service s (WS) open stan d a r d s has significa n tly
cont rib u t e d t o adva n c e s in the dom ai n of softwa r e integ r a t io n. Web
servic es c a n combin e toget h e r applica tio n s run ni n g on differe n t mess a gi n g
prod u c t platfor m s , e n a b li n g infor m a tio n from one applica tio n to be mad e
availa ble tooth e r s , and ena blin g inter n al applica tion s to be mad e available
over theInt e r n e t .

WS stan d a r d s have bee n crea t e d on top of existing ubiquito u s

tech nologi e s s u c h as HTTP and XML, thus providing a com m o n mech a ni s m
for deliveri n g s e r vic e s , makin g the m ideal for imple m e n t i n g a service-
orient e d archit e c t u r e ( S OA). The purpo s e of a SOA is to add r e s s
req ui r e m e n t s of loosely couple d,s t a n d a r d s - bas e d, and protocol- indep e n d e n t
distrib u t e d comp u ti n g. In a SOA,softw a r e resou r c e s are packa g e d as
“service s,” which are well- define d, self- cont ain e d m o d u l e s that provide
stan d a r d busin e s s function ality and arein d e p e n d e n t of the stat e or cont ext
of othe r servic es .

Servic es are descri b e di n a stan d a r d definition langu a g e and have a

publish e d interf ac e. The mat u ri ty of WS has ena bl e d the crea tio n of
powe rful servic e s that can beac c e s s e d on- dem a n d , in a unifor m way. An
ente r p r i s e applica tion that follows theSOA para di g m is a collection of
servic es that toge t h e r perfor m complex b u si n e s s logic.

In the cons u m e r Web, inform a t io n and service s may be

prog r a m m a t i c a llya g g r e g a t e d , actin g as building blocks of complex
compositio n s, called service m a s h u p s . Many servic e provide r s , such as
Amazon, del.icio.us, Face b o ok, andGoo gl e, make their service APIs publicly
acce s si bl e using stan d a r d protocols such as SOAP and REST. Conse q u e n t ly,
one can put an idea of a fully
 | 45

function al Web applica tion into prac tic e just by gluing piece s with few
linesof code.

In the Softwa r e as a Service (SaaS) dom ai n, cloud applica tio n s can be

builtas compo sition s of othe r servic e s from the sam e or differe n t provide r s .
Servic es s u c h as user auth e n ti c a ti o n, e- mail, payroll man a g e m e n t , and
calen d a r s are ex a m p l e s of building blocks that can be reus e d and combin e d
in a busine s s s ol u tio n in case a single, rea dy- mad e syste m does not provide
all thos e featu r e s .

Grid Com p u t i n g

Grid comp u ti n g ena bl e s agg r e g a ti o n of distrib u t e d reso u r c e s and

tran s p a r e n t ly acce s s to the m. Most prod u c tio n grids such as TeraG rid and
EGEE seek to shar e comp u t e and stora g e reso u r c e s distrib u t e d acros s
differe n t a d m i ni s t r a t iv e dom ain s , with their main focus being spee di n g up a
broa d r a n g e of scientific applica tio n s , such as climat e modelin g, drug
design, and
prot ei n analysis.

A key aspe c t of the grid vision realization has bee n building stan d a r d
Webs e rvic e s- bas e d protocols that allow distrib u t e d resou r c e s to be
“discove r e d , a c c e s s e d , allocat e d, monito r e d , accou n t e d for, and billed for,
etc., and ingen e r a l man a g e d as a single virtual syste m .” The Open Grid
Servic es Archite c t u r e ( OG SA) add r e s s e s this nee d for stan d a r d i z a ti o n by
defining a set of core c a p a b ilities and beh avior s that addr e s s key conce r n s in
grid syste m s .

Globus Toolkit is a middle w a r e that implem e n t s sever al sta n d a r d

Grids e rvic e s and over the years has aide d the deploym e n t of seve r al service-
orient e d G ri d infras t r u c t u r e s and applica tion s .

The develop m e n t of stan d a r d iz e d protocols for sever al grid

comp u ti n g a c t ivitie s has cont ri b u t e d—t h e o r e t i c ally—to allow delivery of on-
dem a n d c o m p u t i n g service s over the Inte r n e t . Howeve r , ens u rin g QoS in
grids has b e e n perc eive d as a difficult end e a vo r. Lack of perfor m a n c e
isolation h a s preve n t e d grids adoption in a variety of scen a ri os, espe ci ally on
environ m e n t s w h e r e reso u r c e s are overs u b s c r i b e d or user s are
uncoo p e r a t iv e.

Anoth e r issue that has lead to frustr a t io n when using grids is the
availa bilityof reso u r c e s with divers e softw a r e configu r a tio n s , includin g
dispa r a t e oper a ti n g s y s t e m s , librari e s, compiler s , runti m e environ m e n t s , and
so forth. At the sam e ti m e , use r applica tio n s would often run only on
speci ally custo mize d environ m e n t s . C o n s e q u e n t ly, a port a bility bar ri e r has
often bee n pres e n t on most g ri d infras t r u c t u r e s , inhibitin g users of adoptin g
grids as utility comp u ti n g e n vi ro n m e n t s
 | 46

Utility Com p u t i n g

In utility comp u ti n g enviro n m e n t s , user s assig n a “utility” value to theirjobs,

whe r e utility is a fixed or time- varying valuatio n that capt u r e s various Q o S
const r a i n t s (deadlin e, import a n c e , satisfac tion). The valuatio n is thea m o u n t
they are willing to pay a service provide r to satisfy their dem a n d s .T h e
servic e provide r s then atte m p t to maximiz e their own utility, whe r e said
utility may direc tly corr ela t e with their profit. Provide r s can choos e to
prioritize high yield (i.e., profit per unit of resou r c e) user jobs, leading to a
scen a ri o wher e s h a r e d syste m s are viewe d as a mark e t pl a c e , whe r e user s
comp e t e for reso u r c e s b a s e d on the perc eive d utility or value of their jobs.

Hard w a r e Virtu a l i z a t i o n

Cloud comp u ti n g service s are usually back e d by large- scale dat a

cent e r s c o m p o s e d of thous a n d s of comp u t e r s . Such data cent e r s are built to
serve m a n y user s and host many dispa r a t e applica tion s .
The idea of virtu alizing a comp u t e r syste m’s reso u r c e s , includin g
proc e s s o r s , m e m o r y , and I/O devices, has bee n well est a blis h e d for dec a d e s ,
aiming atimp r ovin g shari n g and utilization of comp u t e r syste m s . Har d w a r e
virtu aliza tio n allow s runnin g multiple oper a ti n g syste m s and softw a r e stacks
on asingl e physical platfor m .

As depict e d in Figur e 1.2, a softw a r e layer, the virtual m a c hi n e monito r

(VMM), also called a hyperviso r, medi a t e s acce s s to thep hysic al hard w a r e
pres e n t i n g to eac h gues t oper a ti n g syste m a virtu al machin e(VM), which is
a set of virtual platfor m inte rfac e s

The adve n t of sever al innovative tech nolo gi e s— m ul ti- core chips, par a-
virtu aliza tio n,
 | 47

har d w a r e- assist e d virtualiza tio n, and live migr a tio n of VMs—has

cont rib u t e d to an incre a s i n g adoption of virtualiza tion on serve r syste m s .

Perc eive d ben efits were improve m e n t s on shari n g and utilization, bett e r
man a g e a b ility, and highe r reliability.

There are thre e basic capa bilitie s reg a r di n g man a g e m e n t of workloa d in a

virtu alize d syste m , nam ely isolation, consolid a tio n, and migr a tio n

Workloa d isolation is achieve d since all prog r a m instr u c ti o n s are

fullyconfine d inside a VM, which leads to improve m e n t s in secu ri ty.
Bette r r e li a bility is also achieve d beca u s e softwa r e failure s inside one VM do
notaffec t othe r s

The consolid a tio n of sever al individu al and het e ro g e n e o u s workloa d s onto

asingl e physical platfor m leads to bett e r syste m utilization. This practic e is
alsoe m ploy e d for overco mi n g pote n ti al softw a r e and har d w a r e
incom p a t i bilities incas e of upgr a d e s , given that it is possible to run legacy
and new oper a tio n s y s t e m s conc u r r e n t ly

Workloa d migr a tio n, also refer r e d to as applic ation mobility, targ e t s

atfacilitati n g har d w a r e maint e n a n c e , load balan ci n g, and disas t e r recove ry.
It isdone by enca p s ul a ti n g a gues t OS stat e within a VM and allowing it to
besu s p e n d e d , fully serialize d, migr a t e d to a differe n t platfor m, and
res u m e d i m m e d i a t e ly or pres e rv e d to be resto r e d at a later date. A VM’s
stat ei n clu d e s a full disk or partition imag e, configu r a tio n files, and an imag e
of itsRAM.

A num b e r of VMM platfor m s exist that are the basis of many utility orclou d
comp u ti n g enviro n m e n t s . The most nota bl e ones are VMWare, Xen,
andKVM.

VMWARE ESXi: is a VMM from VMWar e. It is a bar e- met al hype rviso r,

mea ni n g that it installs direc tly on the physic al serve r, whe r e a s othe r s may
req ui r e a host oper a ti n g syste m . It provide s adva nc e d virtu aliza tio n
tech ni q u e s of proce s s o r , me mo ry, and I/O. Especi ally, throu g h page sha rin g,
it can overco m m i t mem o ry, thus incre a si n g the density of VMs inside a
single physical serve r.

Xen :The Xen hype rviso r star t e d as an open- sourc e projec t and has serve d
as a bas e to othe r virtu aliza tio n prod u c t s , both com m e r ci al and open- sourc e.
It has pione e r e d the para- virtu alization conc e p t , on which the gues t
oper a ti n g syste m , by mea n s of a speci alize d kern el, can inte r a c t with the
hype rviso r, thus significa n tly improving perfor m a n c e .

KVM : The kern el- bas e d virtual mac hi n e (KVM) is a Linux virtu aliza tio n
subsys t e m . It has been part of the mainline Linux kern el since version
2.6.20, thus being natively suppo r t e d by sever al distrib u tio n s . In addition,
activities such as memo ry man a g e m e n t and sche d ulin g are carrie d out by
 | 48

existing kern el feat u r e s , thus makin g KVM simple r and smalle r than
hype rviso r s that take cont rol of the entir e mac hin e

Virtu a l Appli a n c e s and th e Ope n Virtua l i z a t i o n For m a t

An applica tio n combin e d with the environ m e n t nee d e d to run it

(ope r a ti n g s y s t e m , libra ri e s , compile r s , data b a s e s , applica tio n cont ai n e r s ,
and so forth) isrefe r r e d to as a “virtu al applia nc e.”

Packa gi n g applic ation enviro n m e n t s in thes h a p e of virtual applia nc e s ease s

softw a r e custo miz a tio n, configu r a t io n, and p a t c h i n g and improv e s
port a bility. Most com m o nly, an applia n c e is shap e d asa VM disk imag e
associ a t e d with har d w a r e requir e m e n t s , and it can be readilyde ploy e d in a
hype rviso r. The VMWar e virtu al a p pli a n c e mark e t pl a c e allows user s to
deploy applia nc e s on VMWare hype rvis o r s or on part n e r s public clouds, and
Amazon allows develop e r s to sha r e s p e c i a liz e d Amazon Machin e Imag e s
(AMI) and mone tiz e their usag e onAmazo n EC2.

In a multit u d e of hype rviso r s , whe r e each one suppo r t s a differe n t VM

imag efo r m a t and the form a t s are incom p a ti bl e with one anot h e r , a grea t
deal ofinte r o p e r a b ility issue s arise s. In orde r to facilitat e packing and
distrib u tio n of softw a r e to be run on VMsseve r al vendo r s , includin g
VMwar e, IBM, Citrix, Cisco, Microsoft, Dell, and H P , have devis ed the Open
Virtualization Form a t (OVF). It aims at being“op e n , secu r e , port a bl e,
efficien t and exte n si bl e” [32]. An OVF pack a g e consist s of a file, or set of
files, descri bin g the VM har d w a r e char a c t e r i s tic s (e.g.,
mem o ry, netw o r k cards, and disks), oper a ti n g syste m details, sta rt u p ,
ands h u t d o w n action s, the virtu al disks the m s elv e s, and othe r met a d a t a
cont ai ni n g p r o d u c t and licensin g inform a t io n. OVF also suppo r t s complex
packa g e s c o m p o s e d of multiple VMs.

Auto n o m i c Com p u t i n g

The incre a si n g compl exity of comp u ti n g syste m s has motivat e d res e a r c h

onau t o n o m i c comp u ti n g , which seeks to improve syste m s by decr e a si n g
hum a ni nvolve m e n t in their oper a tio n. In othe r words, syste m s should
man a g e t h e m s e l v e s , with high- level guida n c e from hum a n s

Autono mi c, or self- man a gi n g, syste m s rely on monitorin g prob e s and g a u g e s

(sens o r s ), on an ada p t a t io n engin e (auto no mi c man a g e r ) for
comp u ti n g o p t i miz a tio n s bas e d on monito ri n g dat a, and on effecto r s to carry
out chan g e s o n the syste m . IBM’s Autono mic Comp u ti n g Initiative has
cont rib u t e d todefin e the four prop e r ti e s of auto no m i c syste m s : self-
configu r a t io n, self- optimiza tion,s elf- healing, and self- prote c tio n. IBM has
also sugg e s t e d arefe r e n c e model for auto no mi c cont rol loops of auto no m i c
man a g e r s , called MAPE- K (Monito r Analyze Plan Execu t e—Knowl e d g e )

The large dat a cent e r s of cloud comp u ti n g provide r s must be man a g e d in

anefficien t way. In this sens e, the conce p t s of auton o m i c comp u ti n g
 | 49

inspire s oft w a r e tech n olo gie s for data cent e r auto m a t io n, which may
perfor m tasks s u c h as: man a g e m e n t of service levels of run ni n g applica tio n s ;
man a g e m e n t ofdat a cent e r capa city; proac tive disas t e r recove ry; and
auto m a t io n of VMprovisionin g

1. 3 LAYERS AND TYPES OF CLOUD S

Cloud comp u ti n g service s are divided into thre e class e s
(1) Infras t r u c t u r e as a Service, (2) Platfor m as a Service, and (3) Softw a r e a s
a Service

Figur e 1.3 depict s the layer e d orga niz a tio n of the cloud stackfro m physical
infras t r u c t u r e to applica tio n s .

Thes e abs t r a c t io n levels can also be viewe d as a layer e d archit e c t u r e

whe r e s e r vic e s of a highe r layer can be compo s e d from servic es of the
und e rlyin g layerA core middlew a r e man a g e s physical reso u r c e s andt h e VMs
deploye d on top of the m; in addition, it provide s the requi r e d featu r e s ( e . g.,
accou n ti n g and billing) to offer multi- tena n t pay- as- you- go servic es .

FIGURE 1. 3 The clo u d co m p u t i n g sta c k

Infra s t r u c t u r e as a Servi c e

Offerin g virtualize d reso u r c e s (com p u t a t i o n, stora g e , and com m u ni c a t io n)

onde m a n d is know n as Infras t r u c t u r e as a Service (IaaS). A cloud
infras t r u c t u r e e n a b l e s on- dem a n d provisionin g of serve r s run ni n g sever al
 | 50

choice s of oper a ti n g s y s t e m s and a custo miz e d softw a r e stack. Infras t r u c t u r e

servic es are conside r e d t o be the botto m layer of cloud comp u ti n g syste m s .

Amazon Web Servic e s mainly offers IaaS, which in the case of its
EC2s e rvic e mea n s offering VMs with a softw a r e stack that can be
custo miz e d s i mil a r to how an ordina r y physical serve r would be custo miz e d.
Users are give n privileg e s to perfor m num e r o u s activities to the serve r, such
as: star ti n g a n d stoppi n g it, custo mizin g it by inst alling softw a r e packa g e s ,
atta c hi n g vi r t u a l disks to it, and configu ri n g acce s s per mi s sio n s and firew alls
rules.

Platf or m as a Servi c e

Acloud platfor m offers an environ m e n t on which develop e r s crea t e and

deploya p plic a tio n s and do not nece s s a r ily nee d to know how many
proc e s s o r s or how m u c h mem o ry that applic ation s will be using. In addition,
multiple progr a m m i n g m o d e l s and specialized servic es (e.g., data acce s s ,
aut h e n t i c a tio n, andp a y m e n t s ) are offere d as building blocks to new
applica tion s.

Google AppEngi n e , an exam pl e of Platfor m as a Service, offers a

scala bl e e n vi r o n m e n t for developin g and hosting Web applica tio n s , which
should b e writt e n in specific prog r a m m i n g lang u a g e s such as Pytho n or Java,
and uset h e service s’ own prop ri e t a r y stru c t u r e d object data store.
Soft w a r e as a Servi c e

Applicatio n s resid e on the top of the cloud stack. Service s provide d by

thislaye r can be acce s s e d by end use r s throu g h Web port als. Ther efor e ,
cons u m e r s a r e incre a si n gly shifting from locally installe d comp u t e r
prog r a m s to on- linesoft w a r e service s that offer the sam e function ally.
Tradition al deskto p applica tion s s u c h as word proce s si n g and spre a d s h e e t
can now be acce s s e d as a servicei n the Web. This model of deliverin g
applica tion s, know n as Softwa r e as aSe rvic e (SaaS), alleviat e s the burd e n of
softw a r e maint e n a n c e for custo m e r s a n d simplifies develop m e n t and testin g
for provide r s .

Salesfor c e .c o m , which relies on the Saa S model, offers busine s s

prod u c tivitya p plic a tio n s (CRM) that resid e comple t ely on their serve r s ,
allowing costu m e r s t o custo miz e and acces s applic ation s on dem a n d .

Dep l o y m e n t Mod e l s

A cloud can be classified as public, privat e, com m u ni ty, or hybrid bas e d on

model of deploym e n t as show n in Figur e 1.4.
 | 51

Pu bli c clo u d : “cloud mad e availabl e in a pay- as- you- go man n e r to the
gen e r al public”
Privat e clo u d : “inter n a l dat a cent e r of a busin e s s or othe r orga niza tio n,
not mad e availabl e to the gen e r al public.”
Com m u n i t y clo u d: “sha r e d by sever al orga niz a tio n s and suppo r t s a specific
com m u n i ty that has sha r e d conce r n s (e.g., mission, secu ri ty requir e m e n t s ,
policy, and complia n c e conside r a t i o n s )
Hybrid clo u d takes sha p e when a privat e cloud is supple m e n t e d with
comp u ti n g capa city from public clouds.
The appr o a c h of temp o r a r ily renti n g capa ci ty to handl e spike s in load is
known as “clo u d - bur s t i n g ”
Des ir e d Feat u r e s of a Clou d

Cert ai n featu r e s of a cloud are ess e n ti al to ena bl e service s that truly

rep r e s e n t the cloud comp u ti n g model and satisfy expec t a tio n s of cons u m e r s ,
and cloud offerin g s must be
(i) self- service, (ii) per- usa g e mete r e d and billed, (iii) elastic, and (iv)
Custo miz a bl e

Self- Servi c e : clouds must allow self- service acce s s so that custo m e r s can
req u e s t , custo miz e, pay, and use servic e s withou t interv e n t io n of hum a n
oper a t o r s

Per- Usa g e Met e r i n g and Billi n g : Cloud comp u ti n g elimina t e s up- front
com mit m e n t by user s, allowing the m to requ e s t and use only the nece s s a r y
amou n t . Servic es must be price d on a short ter m basis (e.g., by the hour),
allowing user s to relea s e (and not pay for) reso u r c e s as soon as they are not
nee d e d

Elas t i c i t y : Cloud comp u ti n g gives the illusion of infinite comp u ti n g

reso u r c e s availabl e on dem a n d . Ther efor e use r s expec t clouds to rapidly
 | 52

provide resou r c e s in any qua n tity at any time. In partic ul a r, it is expec t e d

that the addition al resou r c e s can be (a) provision e d , possibly
auto m a t i c ally, whe n an applica tio n load incre a s e s and (b) relea s e d when
load decr e a s e s (scale up and down)

Cus t o m i z a t i o n : resou r c e s rent e d from the cloud must be highly

custo miz a bl e . custo miz a tio n mea n s allowing use r s to deploy specialize d
virtu al applia n c e s and to be given privileg e d (root) acces s to the virtu al
serve r s .
CLOUD INFRASTR U CT U R E MANAGEM E N T

A key challen g e IaaS provide r s face when building a cloud infras t r u c t u r e is

man a gi n g physical and virtu al reso u r c e s , nam ely serve r s , stora g e , and
netw o r k s , in a holistic fashion. The orche s t r a t i o n of reso u r c e s must be
perfor m e d in a way to rapidly and dyna mic ally provision resou r c e s to
applica tion s.
The softw a r e toolkit res po n si bl e for this orch e s t r a t i o n is called a virtu al
infras t r u c t u r e man a g e r (VIM). This type of softwa r e res e m bl e s a tra dition al
oper a ti n g syste m—b u t inste a d of dealing with a single comp u t e r , it
aggr e g a t e s reso u r c e s from multiple comp u t e r s , pres e n t i n g a unifor m view
to user and applica tion s .

Feat u r e s
Virtu a l i z a t i o n Sup p o r t : The multi- ten a n cy aspec t of clouds req ui r e s
multiple custo m e r s with dispa r a t e requir e m e n t s to be serve d by a single
har d w a r e infras t r u c t u r e . Virtualize d resou r c e s (CPUs, me mo ry, etc.) can be
sized and resize d with cert ai n flexibility. Thes e featu r e s make har d w a r e
virtu aliza tio n, the ideal tech n ology to cre a t e a virtual infras t r u c t u r e that
partition s a dat a cent e r amon g multiple ten a n t s .
Self- Servi c e , On- De m a n d Res o u r c e Provi s i o n i n g : Self- service acce s s to
reso u r c e s has bee n perc eive d as one the most attr a c tive featu r e s of clouds.
This feat u r e ena bl e s user s to direc tly obtain service s from clouds, such as
spaw ni n g the cre a tio n of a serve r and tailoring its softw a r e , configu r a ti o n s ,
and secu ri ty policies, withou t inte r a c t i n g with a hum a n syste m
adminis t r a t o r . This capa bility “elimina t e s the nee d for more time-
cons u mi n g, labor- inte n sive, hum a n driven
proc u r e m e n t proc e s s e s familiar to many in IT”.

Multi p l e Bac k e n d Hyp e rvi s o r s : Differe n t virtu aliza tion models and tools
offer differ e n t ben efits, draw b a c k s , and limitatio n s. Thus, some VI man a g e r s
provide a unifor m man a g e m e n t layer reg a r dl e s s of the virtu alization
tech nology use d. This char a c t e r i s ti c is more visible in open- sourc e VI
man a g e r s , which usually provide plugg a bl e driver s to inter a c t with multiple
hype rviso r s . In this direc tion, the aim of libvirt is to provide a unifor m API
that VI man a g e r s can use to man a g e dom ain s (a VM or contai n e r runnin g an
insta n c e of an oper a ti n g syste m ) in virtualize d nodes using stan d a r d
oper a tio n s that abst r a c t hype rviso r specific calls.
 | 53

Stor a g e Virtu a l i z a t i o n : Virtualizing stora g e mea n s abst r a c t i n g logical

stora g e from physic al stora g e . By consolid a ti n g all availabl e stor a g e device s
in a data cent e r , it allows crea ti n g virtu al disks indep e n d e n t from device
and location.

Int erf a c e to Pub li c Clou d s : Exten di n g the capa city of a local in- hous e
comp u ti n g infras t r u c t u r e by borro wi n g reso u r c e s from public clouds is
adva n t a g e o u s . In this fashion, institu tio n s can make good use of their
availa ble reso u r c e s and, in case of spikes in dem a n d , extr a load can be
offload e d to rent e d reso u r c e s . A VI man a g e r can be used in a hybrid cloud
setu p if it offers a drive r to man a g e the life cycle of virtualize d reso u r c e s
obtain e d from exter n a l cloud provide r s . To the applic ation s, the use of
leas e d reso u r c e s must ideally be tran s p a r e n t .

Virtu a l Ne t w o r k i n g : Virtual netw o r k s allow crea ti n g an isolat e d net wo r k

on top of a physical infra s t r u c t u r e inde p e n d e n t ly from physic al topology and
location s. A virtual LAN (VLAN) allows isolatin g traffic that shar e s a
switch e d netw o r k, allowing VMs to be group e d into the sam e broa d c a s t
domai n. Addition ally, a VLAN can be configu r e d to block traffic origina t e d
from VMs from othe r netw o r k s .

Dyn a m i c Res o u r c e Alloc a t i o n : Incre a s e d awa r e n e s s of ene r gy

cons u m p t i o n in data cent e r s has encou r a g e d the practic e of dyna mic
consolid a ti n g VMs in a fewer num b e r of serve r s . In cloud infra s t r u c t u r e s ,
whe r e applica tion s have varia bl e and dyna mic nee d s, cap acity man a g e m e n t
and dem a n d predic tion are espe ci ally complica t e d . This fact trigg e r s the
nee d for dyna mic resou r c e
allocatio n aiming at obtaini n g a timely matc h of supply and dem a n d . Ene r gy
cons u m p t i o n red uc tio n and bett e r man a g e m e n t of SLAs can be achieve d by
dyna mic ally rem a p p i n g VMs to physic al machin e s at regul a r interv al s.
Machi n e s that are not assig n e d any VM can be turn e d off or put on a low
powe r stat e. In the sam e fashion, overh e a ti n g can be avoide d by moving
load away from hots po t s .

Virtu a l Clu s t e r s : Seve r al VI man a g e r s can holistic ally man a g e grou p s of

VMs. This featu r e is useful for provisionin g comp u ti n g virtu al clust e r s on
dem a n d , and inter co n n e c t e d VMs for multi- tier Inte r n e t applica tion s .

Res e r v a t i o n and Ne g o t i a t i o n Me c h a n i s m : When use rs requ e s t

comp u t a t i o n a l reso u r c e s to availa ble at a specific time, requ e s t s are term e d
adva n c e res e rv a ti o n s (AR), in contr a s t to best- effort req u e s t s , whe n user s
req u e s t resou r c e s whe n ev e r availa ble. To suppo r t compl ex requ e s t s , such as
AR, a VI man a g e r must allow user s to “leas e” resou r c e s expre s si n g more
complex ter m s (e.g., the period of time of a rese rv a tio n). This is espe ci ally
useful in clouds on which resou r c e s are scar c e ; since not all req u e s t s may
be satisfied imme di a t ely, they can ben efit of VM place m e n t stra t e g i e s that
suppo r t queu e s , priorities , and advan c e res e rv a ti o n s . Addition ally, leas e s
may be negotia t e d and rene g o ti a t e d , allowing provide r and cons u m e r to
modify a leas e or pres e n t count e r propos al s until an agre e m e n t is reac h e d .
 | 54

This feat u r e is illust r a t e d by the case in which an AR requ e s t for a given slot
canno t be satisfie d, but the provide r can offer a distinc t slot that is still
satisfa ct o ry to the user. This proble m has been addr e s s e d in OpenP EX,
which incorp o r a t e s a bilat e r al negotia tio n protoc ol that allows user s and
provide r s to come to an alter n a t iv e agr e e m e n t by exch a n gi n g offers and
count e r offers.

Hi g h Availa b i l i t y and Data Rec o v e r y : The high availability (HA) featu r e

of VI man a g e r s aims at minimizing applica tio n dow nti m e and preve n ti n g
busin e s s disru p tio n. A few VI man a g e r s accom plis h this by providing a
failover mech a n i s m , which dete c t s failure of both physical and virtual
serve r s and res t a r t s VMs on healt hy physical serve r s . This style of HA
prot e c t s from host,
but not VM, failure s. For mission critic al applica tio n s , whe n a failover
solution involving rest a r ti n g VMs does not suffice, addition al levels of fault
tolera n c e that rely on red u n d a n c y of VMs are imple m e n t e d . In this style,
red u n d a n t and synch r o niz e d VMs (run ni n g or in stan d b y) are kept in a
secon d a r y physical serve r. The HA solution monito r s failure s of syste m
compo n e n t s such as serve r s , VMs, disks, and netw o rk and ensu r e s that a
duplic at e VM serves the applic ation in cas e of failur e s . Data back u p in
clouds should take into accou n t the high dat a volum e involved in VM
man a g e m e n t . Freq u e n t backu p of a larg e num b e r of VMs, each one with
multiple virtu al disks att ac h e d , should be done with minim al interfe r e n c e in
the syste m s perfor m a n c e . In this sens e, some VI man a g e r s offer data
prot e c tio n mech a ni s m s that perfor m incre m e n t a l backu p s of VM imag e s.
The back u p workloa d is often assig n e d to proxies, thus offloadin g
prod u c tio n
serve r and redu ci n g netw o r k overh e a d

Cas e Stu di e s

Apac h e VCL : The Virtual Compu ti n g Lab projec t has bee n incep t e d in 2004
by res e a r c h e r s at the North Carolina Stat e University as a way to provide
custo miz e d enviro n m e n t s to comp u t e r lab user s. Apach e VCL provide s the
following feat u r e s : (i) multi- platfor m controlle r, base d on Apach e/P H P ; (ii)
Web port al and XML-RPC interf ac e s ; (iii) suppo r t for VMwar e hype rviso r s
(ESX, ESXi, and Serve r); (iv) virtual net wo r k s ; (v) virtu al clust e r s ; and (vi)
adva n c e res e rv a tio n of capa city.

AppLo g i c . AppLo g i c : is a com m e r c i al VI man a g e r , the flags hi p prod u c t of

3ter a Inc. from California, USA. The comp a ny has labele d this produ c t as a
Grid Oper a ti n g Syst e m .
AppLogic provide s the following featu r e s : Linux- base d cont rolle r; CLI and
GUI interf ac e s ; Xen back e n d; Global Volum e Store (GVS) stor a g e
virtu aliza tio n; virtu al netw o r k s ; virtu al cluste r s ; dyna mi c resou r c e
allocatio n; high availa bility; and dat a prot e c tio n.

Citrix Ess e n t i a l s : The Citrix Esse n ti als suite is one the most feat u r e
comple t e VI man a g e m e n t softw a r e availabl e, focusing on man a g e m e n t and
 | 55

auto m a t io n of dat a cent e r s . It is esse n ti ally a hyperviso r- agnos tic solution,

curr e n t ly suppo r ti n g Citrix XenSe rv e r and Microsoft Hype r- V. Citrix
Esse n ti als provide s the following featu r e s : Window s b a s e d controlle r; GUI,
CLI, Web port al, and XML-RPC inte rf a c e s ; suppo r t for XenSe rv e r and
Hype r- V hype rviso r s; Citrix Stora g e Link stor a g e virtualiza tio n;virt u al
netw o r k s ; dyna mic reso u r c e alloca tion; thre e- level high availability (i.e.,
recove ry by VM rest a r t , recove ry by activati n g paus e d duplica t e VM, and
run ni n g duplica t e VM continu o u sly); dat a prot e c tio n with Citrix
Consolid a t e d Backu p.

Eno m a l y ECP: The Enom aly Elastic Comp u ti n g Platfor m , in its most
comple t e edition, offers most featu r e s a service provide r nee d s to build an
IaaS cloud. Enom aly ECP provide s the following feat u r e s : Linux- bas e d
cont rolle r; Web port al and Web service s (REST) interf ac e s ; Xen back- end;
inte rf a c e to the Amazon EC2 public cloud; virtu al net wo r k s; virtu al clust e r s
(Elas ticValet) Eucalypt u s .

The Euc a ly p t u s : fram e w o r k was one of the first open- sourc e project s to
focus on building IaaS clouds. It has been develop e d with the inten t of
providing an open- sourc e imple m e n t a t i o n nearly identic al in function ality to
Amazon Web Servic e s APIs. Eucalypt u s provide s the following featu r e s :
Linux- bas e d cont rolle r with adminis t r a t i o n Web port al; EC2- comp a ti bl e
(SOAP, Query) and S3- comp a ti bl e (SOAP, REST) CLI and Web port al
inte rf a c e s ; Xen, KVM, and VMWare backe n d s ; Amazon EBS- comp a ti bl e
virtu al stora g e devices; interf ac e to the Amazon
EC2 public cloud; virtual netwo r k s .

Ni m b u s 3 : The Nimb u s toolkit is built on top of the Globus fram e w o r k.

Nimb u s provide s most feat u r e s in com mo n with othe r open- sourc e VI
man a g e r s , such as an EC2- comp a ti ble front- end API, suppo r t to Xen, and a
backe n d interfa c e to Amazon EC2. Howev e r, it disting uis h e s from othe r s by
providing a Globus Web Service s Resou r c e Fra m e w o r k (WSRF) interfa c e . It
also provide s a back e n d service, nam e d Pilot, which spa w n s VMs on clust e r s
man a g e d by a local reso u r c e man a g e r (LRM) such as PBS and SGE.

Ope n N e b u l a : Open N e b u l a is one of the most feat u r e- rich open- sourc e VI

man a g e r s . It was initially conc eive d to man a g e local virtu al infras t r u c t u r e ,
but has also includ e d remo t e interf ac e s that make it viable to build public
clouds. Altoget h e r , four progr a m m i n g APIs are availabl e: XML-RPC and
libvirt for local inter a c tio n; a subs e t of EC2 (Query) APIs and the
Open N e b u l a Cloud API (OCA) for public acces s. Open N e b u l a provide s the
following feat u r e s : Linux- bas e d cont roller; CLI, XML-RPC, EC2- comp a ti bl e
Query and OCA interfa c e s ; Xen, KVM, and VMwar e backe n d; inte rfa c e to
public clouds (Amazon EC2, ElasticH o s t s ); virtu al netw o r k s; dyna mic
reso u r c e alloca tion; adva n c e res e rv a tio n of capa city.

Ope n P EX : OpenP EX (Open Provisionin g and EXecutio n Environ m e n t ) was

const r u c t e d arou n d the notion of using advan c e rese rv a tio n s as the prim a r y
met ho d for allocatin gVMin s t a n c e s . OpenP EX provide s the following
 | 56

featu r e s : multi- platfor m (Java) cont rolle r; Web port al and Web service s
(REST) interfa c e s ; Citrix XenSe rv e r backe n d; adva n c e res e rv a tio n of
capacity with negoti a tio n.

oVirt: oVirt is an open- sourc e VI man a g e r , spons o r e d by Red Hat’s

Eme r g e n t Technology grou p oVirt provide s the following featu r e s : Fedor a
Linux- bas e d cont rolle r packa g e d as a virtu al applian c e ; Web port al
inte rf a c e; KVM back e n d .

Platf or m ISF : Infra s t r u c t u r e Sharin g Facility (ISF) is the VI man a g e r

offerin g from Platfor m Comp u ti n g . The comp a n y, mainly throu g h its LSF
family of produ c t s , has bee n serving the HPC mark e t for sever al years ISF
provide s the following featu r e s : Linux- bas e d cont rolle r packa g e d as a virtual
applian c e ; Web port al inte rfac e; dyna mic reso u r c e allocatio n; adva n c e
res e rv a ti o n of capaci ty; high availability.

VMWar e vSp h e r e and vClou d: vSph e r e is VMwar e’s suite of tools aime d
at tra n sfo r m i n g IT infras t r u c t u r e s into privat e clouds. In the vSphe r e
arc hit e c t u r e , serve r s run on the ESXi platfor m . A sepa r a t e serve r runs
vCent e r Serve r, which cent r alize s cont rol over the entir e virtual
infras t r u c t u r e . Throu g h the vSphe r e Client softw a r e , adminis t r a t o r s conn e c t
to vCent e r Serve r to perfor m various tasks. The Distribu t e d Resou r c e
Sche d ul e r (DRS) make s allocation decision s base d on pre d efin e d rules and
policies. It continu o u sly monitor s the amou n t of reso u r c e s availa ble to VMs
and, if nece s s a r y, mak e s alloca tion chan g e s to meet VM req ui r e m e n t s . In
the stor a g e virtualiza tio n real m, vStor a g e VMFS is a clust e r file syste m to
provide agg r e g a t e sever al disks in a single volum e. VMFS is especi ally
optimize d to store VM image s and virtu al disks. It suppo r t s stora g e
equip m e n t that use Fibre Chan n el or iSCSI SAN. vSph e r e provide s the
following feat u r e s : Window s- bas e d cont rolle r (vCent e r Serve r); CLI, GUI,
Web port al, and Web service s interfa c e s ; VMwar e ESX, ESXi backe n d;
VMwar e vStor a g e VMFS stora g e virtu aliza tio n; inte rfac e to exte r n a l clouds
(VMwa r e vCloud part n e r s ); virtu al net wo r k s (VMWar e Distribu t e d Switch);
dyna mic reso u r c e allocation (VMwa r e DRM); high availability; data
prot e c tio n (VMWar e Consolid a t e d Backu p).

INFRA STR U CT U R E AS A SERVICE PROVIDER S

Public Infras t r u c t u r e as a Service provide r s com m o nly offer virtual serve r s

cont ai ni n g one or more CPUs, runnin g sever al choices of oper a ti n g syste m s
and a custo mize d softwa r e stack. In addition, stora g e spac e and
com m u n ic a t io n facilities are often provide d.

Feat u r e s

IaaS offering s can be disting uis h e d by the availability of specialize d feat u r e s

that influen c e the
 | 57

cost_be n efit ratio to be expe ri e n c e d by user applic ation s whe n moved to the
cloud. The most releva n t feat u r e s are: (i) geog r a p hi c distrib u tio n of data
cent e r s ; (ii) variety of use r interfa c e s and APIs to acce s s the syste m ; (iii)
speci alize d compo n e n t s and service s that aid particul a r applica tio n s (e.g.,
loadb al a n c e r s , firew alls); (iv) choice of virtualiza tion platfor m and oper a ti n g
syste m s ; and (v) differe n t billing met ho d s and period (e.g., pre p ai d vs. post-
paid, hourly
vs. mont hly).

Geo g r a p h i c Pre s e n c e : To improv e availability and respo n s ive n e s s , a

provide r of worldwid e service s would typically build sever al data cent e r s
distrib u t e d arou n d the world. For exam pl e, Amazon Web Servic es pres e n t s
the conc e p t of “availa bility zone s” and “region s” for its EC2 service.
Availability zones are “distinct location s that are engin e e r e d to be insulat e d
from failur e s in othe r availability zones and provide inexpe n sive, low- laten cy
netw o r k conn e c tivity to othe r availability zones in the sam e region.”
Regions, in turn, “are geog r a p h i c ally dispe r s e d and will be in sepa r a t e
geog r a p h i c are a s or count ri e s

Us e r Int erf a c e s and Acc e s s to Serv er s : Ideally, a public IaaS provide r

mus t provide multiple acce s s mea n s to its cloud, thus cate ri n g for various
user s and their prefe r e n c e s . Differe n t types of user interfa c e s (UI) provide
differe n t levels of abs t r a c ti o n, the most com m o n being gra p hic al user
inte rf a c e s (GUI), com m a n d- line tools (CLI), and Web service (WS) APIs.

Advan c e Re s e rv a t i o n of Capa c i t y : Advanc e rese rv a tio n s allow user s to

req u e s t for an IaaS provide r to res e rv e resou r c e s for a specific time fram e
in the futur e , thus ens u ri n g that cloud reso u r c e s will be availa ble at that
time. Howev e r, most clouds only suppo r t best- effort req u e s t s ; that is, use r s
req u e s t s are serve r when ev e r reso u r c e s are available.

Auto m a t i c Scali n g and Load Bala n c i n g : Elasticity is a key char a c t e r i s tic

of the cloud comp u ti n g model. Applicatio n s often nee d to scale up and down
to meet varying load conditions.
Autom a tic scaling is a highly desir a bl e feat u r e of IaaS clouds. It allow user s
to set conditions for whe n they want their applic a tion s to scale up and
down, bas e d on applic ation- specific met rics such as tra n s a c t io n s per
secon d, num b e r of simulta n e o u s user s, req u e s t late ncy, and so forth. When
the num b e r of virtu al serve r s is incre a s e d by auto m a ti c scaling, incomi n g
traffic must be auto m a ti c ally distrib u t e d amon g the available serve r s . This
activity ena ble s applic ation s to prom p tly res po n d to traffic incre a s e while
also achievin g gre a t e r fault toler a n c e .

Servi c e - Level Agre e m e n t : Service- level agr e e m e n t s (SLAs) are offere d by

IaaS provide r s to expr e s s their com mit m e n t to delivery of a cert ai n QoS. To
custo m e r s it serve s as a warr a n t y. An SLA usually includ e availability and
perfor m a n c e gua r a n t e e s . Addition ally, met ric s must be agr e e d upon by all
partie s as well as pen alti es for violatin g thes e expec t a ti o n s . Most IaaS
provide r s focus their SLA ter m s on availa bility gua r a n t e e s , specifying the
 | 58

minim u m perc e n t a g e of time the syste m will be available during a cert ai n

period.

Hyp e rvi s o r and Oper a t i n g Sys t e m Choi c e : Tradition ally, IaaS offerin g s
have bee n bas e d on heavily custo mize d open- sourc e Xen deploym e n t s . IaaS
provide r s need e d expe r tis e in Linux, netw o r ki n g, virtu aliza tio n, mete ri n g,
reso u r c e man a g e m e n t , and many othe r low- level aspe c t s to succ e s sfully
deploy and maint ai n their cloud offerin g s.

Cas e Stu di e s

Amaz o n Web Servi c e s : Amazon WS4 (AWS) is one of the major playe r s in
the cloud comp u ti n g mark e t. It pione e r e d the intro d u c tio n of IaaS clouds in
2006. It offers a variety cloud service s, most nota bly: S3 (stor a g e ), EC2
(virtu al serve r s ), Cloudfro n t (cont e n t delivery), Cloudfro n t Stre a m i n g (video
stre a m i n g), SimpleDB (stru c t u r e d data s t o r e ), RDS (Relation al Data b a s e ),
SQS (reliabl e mes s a gi n g), and Elastic MapRe d u c e (data proc e s s in g). The
ElasticCo m p u t e Cloud (EC2) offers Xen- bas e d virtu al serve r s (insta n c e s )
that can be insta n ti a t e d from Amazon Machin e Imag e s (AMIs). Inst a n c e s
are available in a variety of sizes, oper a ti n g syste m s , arc hit e c t u r e s , and
price. CPU capa city of insta n c e s is mea s u r e d in Amazon Comp u t e Units and,
altho u g h fixed for each insta n c e , vary amon g insta n c e types from 1 (small
insta n c e ) to 20 (high CPU insta n c e ). Each insta n c e provide s a cert ai n
amou n t of nonp e r si s t e n t disk spac e; a persis t e n c e disk service (Elastic Block
Stor a g e ) allows atta c hi n g virtu al disks to insta n c e s with spac e up to 1TB.
Elasticity can be achieve d by combinin g the CloudW a t c h , Auto Scaling, and
Elastic Load Balancin g feat u r e s , which allow the num b e r of insta n c e s to
scale up and down auto m a ti c ally bas e d on a set of custo miz a bl e rules, and
traffic to be distrib u t e d acros s available insta n c e s . Fixed IP add r e s s (Elastic
IPs) are not availabl e by default, but can be obtain e d at an addition al cost.

Flexi s c a l e : Flexisc al e is a UK-bas e d provide r offerin g service s similar in

nat u r e to Amazon Web Service s. Flexisc al e cloud provide s the following
featu r e s : availabl e in UK; Web service s (SOAP), Web- bas e d user interf ac e s ;
acce s s to virtu al serve r mainly via SSH (Linux) and Remot e Desktop
(Window s); 100% availability SLA with auto m a ti c recove ry of VMs in case of
har d w a r e failur e; per hour pricing; Linux and Window s oper a ti n g syste m s ;
auto m a t i c scaling
(horizon t al/ve r tic al).

Joyen t: Joyent’s Public Cloud offers serve r s bas e d on Solaris cont ai n e r s

virtu aliza tio n tech n olo gy. Thes e serve r s , dubb e d accele r a t o r s , allow
deploying various specialized softw a r e- stack bas e d on a custo miz e d version
of Open- Solaris oper a ti n g syste m , which includ e by default a Web- bas e d
configu r a t io n tool and sever al pre- installed softw a r e , such as Apach e,
MySQL, PHP, Ruby on Rails, and Java. Softw a r e load balan ci n g is availabl e
as an accele r a t o r in addition to har d w a r e load balan c e r s . A nota ble featu r e
of Joyent’s virtual serve r s is auto m a t i c vertic al scaling of CPU cores, which
 | 59

mea n s a virtu al serve r can make use of addition al CPUs auto m a ti c ally up to
the maxim u m num b e r of cores availabl e in the physical host.
The Joyent public cloud offers the following feat u r e s : multiple geogr a p h i c
location s in the United Stat e s ; Web- bas e d use r interfa c e ; acces s to virtu al
serve r via SSH and Web- bas e d administ r a ti o n tool; 100% availability SLA;
per mont h pricing; OS- level virtu aliza tio n Solaris cont ain e r s ; Open- Solaris
oper a ti n g syste m s ; auto m a t i c scaling (vertic al).

GoGrid : GoGrid, like many othe r IaaS provide r s , allows its custo m e r s to
utilize a ran g e of pre- mad e Window s and Linux imag e s , in a rang e of fixed
insta n c e sizes. GoGrid also offers “value- add e d” stacks on top for
applica tion s such as high- volum e Web serving, e- Comm e r c e , and dat a b a s e
store s . It offers som e nota ble feat u r e s , such as a “hybrid hosting” facility,
which combin e s tradition al dedic a t e d hosts with auto- scaling cloud serve r
infras t r u c t u r e . As part of its core IaaS offering s, GoGrid also provide s free
har d w a r e load balanci n g, auto- scaling capa bilities, and persis t e n t stor a g e ,
featu r e s that typically add an addition al cost for most othe r IaaS provide r s .

Rack s p a c e Clou d Serv e r s : Racks p a c e Cloud Serve r s is an IaaS solution

that provide s fixed size insta n c e s in the cloud. Cloud Serve r s offers a ran g e
of Linux- bas e d pre- mad e imag e s. A user can requ e s t differe n t- sized imag e s,
whe r e the size is meas u r e d by requ e s t e d RAM, not CPU.

PLATFOR M AS A SERVICE PROVIDER S

Public Platfor m as a Service provide r s com m o nly offer a develop m e n t and

deploym e n t enviro n m e n t that allow user s to crea t e and run their
applica tion s with little or no conce r n to low- level details of the platfor m. In
addition, specific prog r a m m i n g lang u a g e s and fram e w o r k s are mad e
availa ble in the platfor m , as well as othe r service s such as persis t e n t dat a
stora g e and in memo ry cach e s .

Feat u r e s

Pro gr a m m i n g Mod e l s , Lan g u a g e s , and Fra m e w o r k s : Prog r a m m i n g

models mad e availa ble by IaaS provide r s define how use r s can expre s s their
applica tion s using highe r levels of abst r a c ti o n and efficien tly run the m on
the cloud platfor m . Each model aims at efficiently solving a particul a r
proble m . In the cloud comp u ti n g dom ain, the most com m o n activities that
req ui r e specialize d models are: proce s si n g of larg e data s e t in clust e r s of
comp u t e r s (MapR e d u c e model), develop m e n t of requ e s t- bas e d Web service s
and applic ation s; definition and orche s t r a t i o n of busine s s proce s s e s in the
form of workflow s (Workflow model); and high- perfor m a n c e distrib u t e d
execu tio n of various comp u t a t io n a l tasks.
For user conve ni e n c e , PaaS provide r s usu ally suppo r t multiple
prog r a m m i n g lang u a g e s . Most com mo nly use d langu a g e s in platfor m s
includ e Pytho n and Java (e.g., Google AppEngi n e ), .NET langu a g e s (e.g.,
Microsoft Azure), and Ruby (e.g., Herok u). Forc e.co m has devise d its own
 | 60

prog r a m m i n g langu a g e (Apex) and an Excel- like query lang u a g e , which

provide high e r levels
of abst r a c ti o n to key platfor m function alities .
A variety of softwa r e fram e w o r k s are usually mad e availabl e to PaaS
develop e r s , dep e n di n g on applica tio n focus. Provide r s that focus on Web
and ente r p ri s e applic a tion hostin g offer popula r fram e w o r k s such as Ruby
on Rails, Spring, Java EE, and .NET.

Pers i s t e n c e Opti o n s : A persist e n c e layer is esse n ti al to allow applica tio n s

to reco r d their stat e and recove r it in case of cras h e s , as well as to store
user data. Web and ente r p ri s e applica tio n develop e r s have chose n relation al
dat a b a s e s as the prefe r r e d persis t e n c e met h o d. Thes e dat a b a s e s offer fast
and reliable struc t u r e d dat a stora g e and tran s a c tio n proc e s si n g, but may
lack scalability to handle seve r al pet a by t e s of dat a store d in com m o di ty
comp u t e r s . In the cloud comp u ti n g domai n, distrib u t e d stor a g e tech n ologi e s
have eme r g e d , which seek to be robu s t and highly scala bl e, at the expe n s e
of relation al stru c t u r e and conveni e n t que ry langu a g e s .

Cas e Stu di e s

Ane k a: Aneka is a .NET- base d servic e- orient e d reso u r c e man a g e m e n t and

develop m e n t platfor m . Each serve r in an Aneka deploym e n t (dubb e d Aneka
cloud node) hosts the Aneka cont ai n e r , which provide s the bas e
infras t r u c t u r e that consist s of servic es for persis t e n c e , secu rity
(autho riz a tio n, auth e n ti c a t io n and auditin g), and com m u ni c a ti o n (mess a g e
han dlin g and dispa t c hi n g ). Cloud node s can be eithe r physical serve r,
virtu al mac hi n e s (XenS e rv e r and VMwar e are suppo r t e d ), and insta n c e s
rent e d from Amazon EC2. The Aneka cont ai n e r can also host any num b e r of
option al service s that can be add e d by develop e r s to aug m e n t the
capa bilities of an Aneka Cloud node, thus providin g a single, exten si bl e
fram e w o r k for orch e s t r a t i n g various
applica tion models .
Sever al prog r a m m i n g models are suppo r t e d by such task models to ena bl e
execu tio n of legacy HPC applica tio n s and MapRe d u c e , which ena bl e s a
variety of dat a- mining and sear c h applic ation s. User s req u e s t resou r c e s via
a client to a res e rv a ti o n service s man a g e r of the Aneka mas t e r node, which
man a g e s all cloud node s and cont ain s sche d uli n g servic e to distrib u t e
req u e s t to cloud nodes .

App Engi n e : Google App Engine lets you run your Python and Java Web
applica tion s on elastic infras t r u c t u r e supplie d by Google. App Engine allows
your applica tio n s to scale dyna mic ally as your traffic and data stor a g e
req ui r e m e n t s incre a s e or decr e a s e . It gives develop e r s a choice betw e e n a
Python stack and Java. The App Engine serving archit e c t u r e is nota bl e in
that it allows real- time auto- scaling withou t virtu aliza tio n for many com m o n
types of Web applic ation s. Howeve r , such auto- scaling is dep e n d e n t on the
applica tion develop e r using a limited subs e t of the native APIs on each
platfor m , and in some insta n c e s you nee d to use specific Google APIs such
as URLFet c h, Datas t o r e , and mem c a c h e in plac e of cert ain native API calls.
 | 61

For exa m pl e, a deploye d App Engine applica tio n canno t write to the file
syste m direc tly (you must use the Google Datas t o r e ) or open a socke t or
acce s s anot h e r host directly (you mus t use Google URL fetch servic e). A
Java applica tio n canno t crea t e a new Thre a d eithe r.

Micr o s o f t Azur e: Microsoft Azure Cloud Service s offers develop e r s a

host e d. NET Stack (C #, VB.Net, ASP.NET). In addition, a Java & Ruby SDK
for .NET Service s is also availabl e. The Azure syste m consist s of a num b e r
of elem e n t s . The Window s Azure Fabric Controlle r provide s auto- scaling
and reliability, and it man a g e s memo ry reso u r c e s and load balan cin g.
The .NET Service Bus regist e r s and conn e c t s applica tion s toget h e r . The
.NET Access Cont rol identity provide r s includ e ent e r p ri s e direc to ri e s and
Window s LiveID. Finally, the .NET Workflow allows cons t r u c tio n and
execu tio n of workflow insta n c e s .

Forc e . c o m : In conjun c tio n with the Salesforc e. c o m service, the Forc e.co m
PaaS allows develop e r s to cre a t e add- on function ality that integ r a t e s into
main Salesfor c e CRM SaaS applica tion. Force.co m offers develop e r s two
appr o a c h e s to cre a t e applica tion s that can be deploye d on its SaaS plafor m:
a host e d Apex or Visualforc e applica tio n. Apex is a prop ri e t a r y Java- like
lang u a g e that can be used to crea t e Salesfor c e applica tio n s . Visualforc e is
an XML-like syntax for building UIs in HTML, AJAX, or Flex to overlay over
the Salesforc e hoste d CRM syste m . An applica tio n store called
AppExch a n g e is also provide d, which offers a paid &
free applic a tion direc t o ry.

Her o k u : Herok u is a platfor m for insta n t deploym e n t of Ruby on Rails Web

applica tion s. In the Herok u syste m , serve r s are invisibly man a g e d by the
platfor m and are neve r expos e d to user s. Applicatio n s are auto m a t i c ally
dispe r s e d acros s differe n t CPU core s and serve r s , maximizin g perfor m a n c e
and minimizing cont e n tio n. Herok u has an adva n c e d logic layer tha n can
auto m a t i c ally rout e arou n d failur e s, ens u ri n g sea ml e s s and unint e r r u p t e d
servic e at all times.

CHALLENGE S AND RISKS

Despit e the initial succ e s s and popul a rity of the cloud comp u ti n g par a di g m
and the exten sive availa bility of provide r s and tools, a significa n t num b e r of
challen g e s and risks are inhe r e n t to this new model of comp u ti n g .
Provide r s , develop e r s , and end user s mus t consid e r thes e challe n g e s and
risks to take good adva n t a g e of cloud comp u ti n g . Issue s to be face d includ e
user privacy, data secu ri ty, dat a lock- in, availability of service, disas t e r
recove ry, perfor m a n c e , scala bility, ene r gy- efficiency, and prog r a m m a b i lity.

Se c u r i t y, Priva cy, and Trus t: Secu rity and privacy affect the entire cloud
comp u ti n g stack, since ther e is a mas sive use of third- party service s and
infras t r u c t u r e s that are use d to host import a n t dat a or to perfor m critical
oper a tio n s . In this scen a rio, the trus t towa r d provide r s is funda m e n t a l to
ens u r e the desir e d level of privacy for applica tio n s hoste d in the cloud.
 | 62

Legal and regul a t o r y issue s also nee d atte n tio n. When data are moved into
the Cloud, provide r s may choos e to locat e the m anyw h e r e on the plane t.
The physical location of dat a cent e r s dete r m i n e s the set of laws that can be
applie d to the man a g e m e n t of dat a. For exam pl e, specific crypto g r a p h y
tech ni q u e s could not be used bec a u s e they are not allowe d in som e
count ri e s . Similarly, count ry laws can impos e that sensitive dat a, such as
patie n t healt h reco r d s , are to be store d within nation al bord e r s .

Data Lock- In and Sta n d a r d i z a t i o n : A major conc e r n of cloud comp u ti n g

user s is about having their dat a locke d- in by a cert ai n provide r. Use rs may
want to move data and applica tio n s out from a provide r that does not meet
their req ui r e m e n t s . Howeve r, in their curr e n t form, cloud comp u ti n g
infras t r u c t u r e s and platfor m s do not employ stan d a r d met h o d s of storin g
user data and applica tio n s . Conse q u e n t ly, they do not inte ro p e r a t e and user
dat a are not port a bl e.
The ans w e r to this conce r n is stan d a r d iz a tio n. In this direction, ther e are
effort s to cre a t e open stan d a r d s for cloud comp u ti n g . The Cloud Comp u ti n g
Inte ro p e r a b ility Foru m (CCIF) was form e d by orga niz a tio n s such as Intel,
Sun, and Cisco in orde r to “ena bl e a global cloud comp u ti n g ecosyst e m
whe r e b y orga niz a tio n s are able to sea mle s s ly work toge t h e r for the
purpo s e s for wider indus t r y adoption of cloud comp u ti n g tech nolo gy.” The
develop m e n t of the Unified Cloud Inte rfa c e (UCI) by CCIF aims at cre a ti n g a
stan d a r d prog r a m m a t i c point of acces s to an entir e cloud infras t r u c t u r e . In
the har d w a r e virtualiza tio n sphe r e , the Open Virtual Form a t (OVF) aims at
facilitatin g packing and distrib u tio n of softw a r e to be run on VMs so that
virtu al applia n c e s can be mad e port a bl e—t h a t is, sea ml e s sly run on
hype rviso r of differe n t vendo r s .

Availa b i l i t y, Faul t- Toler a n c e , and Dis a s t e r Rec ov e r y: It is expec t e d that

user s will have cert ain expec t a t io n s about the service level to be provide d
once their applica tio n s are moved to the cloud. Thes e expec t a t io n s includ e
availa bility of the servic e, its over all perfor m a n c e , and what meas u r e s are to
be take n whe n some t hi n g goes wron g in the syste m or its compo n e n t s . In
sum m a r y, user s seek for a war r a n t y before they can comfort a b ly move their
busin e s s to the cloud. SLAs, which includ e QoS requir e m e n t s , must be
ideally set up betw e e n custo m e r s and cloud comp u ti n g provide r s to act as
warr a n t y. An SLA specifies the details of the service to be provide d,
includin g availability and perfor m a n c e gua r a n t e e s . Additionally, met rics
mus t be agre e d upon by all partie s, and pen alti e s for violating the
expe ct a t io n s must also be app rov e d .

Res o u r c e Man a g e m e n t and Ener g y - Effici e n c y : One impor t a n t challen g e

faced by provide r s of cloud comp u ti n g service s is the efficient man a g e m e n t
of virtualize d reso u r c e pools. Physic al reso u r c e s such as CPU cores, disk
spac e, and netw o r k ban d wi d t h must be sliced and shar e d amon g virtual
machin e s runnin g pote n ti ally het e r o g e n e o u s workloa d s . The multi-
dime n sio n al nat u r e of virtu al machin e s complic a t e s the activity of finding a
good map pi n g of VMs onto availabl e physical hosts while maximizin g use r
 | 63

utility. Dimen sio n s to be consid e r e d includ e: num b e r of CPUs, amou n t of

mem o ry, size of virtu al disks, and netw o r k ban d wid t h . Dyna mic VM
mappi n g policies may lever a g e the ability to susp e n d , migr a t e , and res u m e
VMs as an easy way of pre e m p t i n g low- priority allocatio n s in favor of
highe r- priority ones. Migra tion of VMs also brings addition al challen g e s
such as det ec ti n g when to initiat e a migr a tio n, which VM to migr a t e , and
whe r e to migr a t e . In addition, policies may take advan t a g e of live migra tio n
of virtual mac hi n e s to reloca t e data cent e r load withou t significa n tly
disru p ti n g run ni n g service s. In this case, an addition al conce r n is the trad e-
off betw e e n the nega tive impac t of a live migr a tio n on the perfor m a n c e and
stability of a service and the ben efits to be achieve d with that migr a tio n.
Anoth e r challen g e conc e r n s the outst a n di n g amou n t of data to be man a g e d
in various VM man a g e m e n t activities. Such dat a amou n t is a res ult of
partic ul a r abilities of virtu al mac hin e s , includin g the ability of traveling
thro u g h spac e (i.e., migr a tio n) and time (i.e., check poi n ti n g and rewindi n g),
oper a tio n s that may be requi r e d in load bala nci n g, back u p, and recove ry
scen a ri os . In addition, dyna mic provisionin g of new VMs and replica ti n g
existing VMs req ui r e efficien t mec h a ni s m s to make VM block stor a g e
devices (e.g., imag e files) quickly availa ble at select e d hosts. Data cent e r s
cons u m e r large amou n t s of elect ricity. Accordin g to a data publish e d byHP[4],
100 serve r racks can consu m e 1.3MWof pow e r and anot h e r 1.3 MW are
req ui r e d by the cooling syste m , thus costin g USD 2.6 million per year.
Beside s the mone t a r y cost, dat a cent e r s significa n tly impac t the
environ m e n t in ter m s of CO2 emissions from the cooling syste m s

Mi gr a t i n g int o a Clou d

Clou d co m p u t i n g : “It is a tech no- busine s s disru p tiv e model of using

distrib u t e d large- scale data cent e r s eithe r privat e or public or hybrid
offerin g custo m e r s a scalabl e virtu alize d infra s t r u c t u r e or an abst r a c t e d set
of service s qualified by service- level agre e m e n t s (SLAs) and char g e d only by
the abs t r a c t e d IT reso u r c e s cons u m e d . ” Most ent e r p ri s e s today are powe r e d
by captive dat a cent e r s . In most large or small ent e r p ri s e s today, IT is the
backbo n e of their oper a tio n s . Invaria bly for thes e large ente r p r i s e s , their
dat a cent e r s are distrib u t e d acros s various geog r a p h i e s . They comp ris e
syste m s and softw a r e that span seve r al gene r a t io n s of produ c t s sold by a
variety of IT vendo r s . In orde r to meet varying loads, most of thes e dat a
cent e r s are provision e d with capa ci ty beyon d the peak loads expe rie n c e d . If
the ente r p ri s e is in a seaso n al or cyclical busin e s s , the n the load varia tion
would be significa n t. Thus what is obse rv e d gen e r a lly is that the provision e d
capacity of IT resou r c e s is sever al times the aver a g e dem a n d . This is
indicative of significa n t degr e e of idle capaci ty. Many dat a cent e r
man a g e m e n t tea m s have bee n contin uo u s ly innovati n g their man a g e m e n t
prac tic e s and tech nolo gie s deploye d to possibly sque ez e out the last
 | 64

possible usabl e comp u ti n g resou r c e cycle thro u g h app ro p ri a t e

prog r a m m i n g , syste m s configu r a t io n s , SLAs, and syste m s man a g e m e n t .
Cloud comp u ti n g turn e d attr a c tive to the m beca u s e they could pass on the
addition al dem a n d from their IT setu p s onto the cloud while paying only for
the usa g e and being une n c u m b e r e d by the load of oper a tio n s and
man a g e m e n t

The pro m i s e of th e clo u d co m p u t i n g servi c e s

In small and mediu m ente r p ri s e s , cloud comp u ti n g usag e for all addition al
cyclical IT nee d s has yielded subst a n t i al and significa n t econo mic savings.
This econo mic s and the associ a t e d trad e- offs, of lever a gi n g the cloud
comp u ti n g service s, now popula rly called “cloudo n o m i c s ,” for satisfying
ente r p r i s e’s seas o n a l IT loads has beco m e a topic of deep inter e s t amon g s t
IT man a g e r s and tech nology archit e c t s

As show n in Figur e 2.1, the promis e of the cloud both on the busin e s s front
(the attr a c tiv e cloudo no m ic s) and the tech nolo gy front widely aided the
CxOs to spaw n out sever al non- mission critical IT need s from the ambit of
their captive tra dition al data cent e r s to the app ro p ri a t e cloud service.
Invaria bly, thes e IT nee d s had som e com m o n featu r e s : They wer e typically
Web- orient e d; they repr e s e n t e d seaso n al IT dem a n d s ; they were ame n a bl e
to par allel batc h proce s si n g; they were non- mission critical and the r efo r e
did not have high secu ri ty dem a n d s . They includ e d scientific applic a tion s
too. Seve r al small and mediu m busin e s s ente r p r i s e s , how ev e r, levera g e d the
cloud much beyond the cautiou s user. Many star t u p s open e d their IT
dep a r t m e n t s exclusively using cloud service s—ve ry succe s sf ully and with
high ROI. Having obse rv e d thes e succe s s e s , seve r al larg e ente r p ri s e s have
start e d succe s sf ully run ni n g pilots for lever a gi n g the cloud. Many large
ente r p r i s e s run SAP to man a g e their oper a tio n s .
 | 65

Why Migr a t e
• Busine s s Reas on s

• Technologic al Reaso n s

What can be Mi gr a t e d
• Applicatio n

• Code

• Design

• Archite c t u r e

• Usag e

The migr a tio n of an ente r p r i s e applica tion is best capt u r e d by the

following:
P à P’C + P’l à P’OFC + P’l
whe r e P is the applica tio n before migr a tio n, runnin g in captive
dat a cent e r
P’ C is the applica tion part after migr a tio n into a
(hybrid) cloud
P’ l is the part of applic ation being run in the captive local
dat a cent e r
P’ OFC is the applica tion part optimize d for cloud.
Invaria bly, migr a ti n g into the cloud is drive n by econo mi c reas o n s of cost
cuttin g in both the IT capit al expen s e s (Capex) as well as oper a tio n al
expe n s e s (Opex).

If the aver a g e costs of using an ent e r p r i s e applica tio n on a cloud is

subs t a n ti ally lower than the costs of using it in one’s captive dat a cent e r
and if the cost of migr a tio n does not add to the burd e n on ROI, then the
case for migr a tio n into the cloud is stron g.

Apart from thes e costs, othe r factors that play a major role in the
cloudo no m ic s of migr a tio n are
• the licensin g issue s (for per h a p s part s of the ente r p r i s e applic ation)

• the SLA complian c e s , and the pricing of the cloud service offerin g s.

THE SEVEN - STEP MODEL OF MIGRATIO N INTO A CLOUD

Migr a tio n initiative s into the cloud are imple m e n t e d in phas e s or in stag e s
 | 66

• Ass e s s m e n t : Proof of conce p t s or prototy p e s for various appr o a c h e s to

the migra tio n along with the lever a gi n g of pricing para m e t e r s enabl e s one
to make appr o p ri a t e asse s s m e n t s . Thes e asse s s m e n t s are about the cost
of migr a tio n as well as abou t the ROI that can be achieve d in the case of
prod u c tio n version
• Isol a t i o n : The next proce s s step is in isolating all syste mic and
environ m e n t a l dep e n d e n c i e s of the ente r p r i s e applica tio n compo n e n t s
within the captive dat a cent e r. This, in turn, yields a pictu r e of the level of
complexity of the migr a tio n
• Map p i n g : Gene r a ti n g the mappi n g cons t r u c t s betw e e n what shall
possibly rem ai n in the local captive dat a cent e r and what goes onto the
cloud.
• Re- arc h i t e c t : A subst a n t i al part of the ent e r p ri s e applic ation nee d s to be
rea r c hi t e c t e d , red e si g n e d , and reim pl e m e n t e d on the cloud
• Aug m e n t : lever a g e the intrinsic featu r e s of the cloud comp u ti n g servic e
to aug m e n t our ente r p r i s e applic ation in its own small ways
• Tes t : validat e and test the new form of the ente r p r i s e applic ation with an
exte n sive test suite that comp ri s e s testin g the compo n e n t s of the
ente r p r i s e applica tion on the cloud as well

• Opti m i z e : Thes e test res ult s could be positive or mixed. In the latte r case,
we iter a t e and optimize as appr o p ri a t e . After sever al such optimizin g
itera tio n s , the migra tio n is dee m e d succe s sf ul.
 | 67

Mi gr a t i o n risk s

Migr a tio n risks for migr a ti n g into the cloud fall unde r two broa d
cate g o ri e s:

The ge n e r a l mi gr a t i o n risk s :
• perfor m a n c e monito ri n g and tunin g,

• the complia n c e with stan d a r d s and gover n a n c e issue s; the IP and

licensi n g issues;
• the quality of service (QoS) para m e t e r s as well as the corr e s p o n di n g SLAs
com mit t e d to;
• the owne r s hi p, tra n sf e r, and stor a g e of data in the applica tio n;

• the port a bility and intero p e r a b ility issues which could help mitigat e
pote n ti al vendo r lock- ins

The se c u r i t y- relat e d mi gr a t i o n risk s :

• obtainin g the right exec u tio n logs as well as retainin g the right s to all
audit trails at a det aile d level
• mat t e r s of multi- tena n c y and the impa c t of IT dat a leaka g e in the cloud
comp u ti n g
enviro n m e n t s
 | 68

Int e g r a t i o n as a servi c e (Iaa S )

Why Inte g r a t i o n ?
• Incre a s i n gly busine s s applic ation s are deploye d in clouds to rea p
the busin e s s and tech nic al benefits.
• On the othe r hand, ther e are still innu m e r a b l e applica tio n s and
dat a sourc e s locally station e d and sust ai n e d prima rily due to the
secu ri ty reas o n.
• The ques tio n her e is how to crea t e a sea ml e s s conn e c tivity
betw e e n those host e d and on- pre mis e applica tion s to empow e r
the m to work toge t h e r .

How Int e g r a t i o n is don e ?

• Inte g r a t io n as a service (IaaS) is the buddin g and distinctive
capa bility of clouds in fulfilling the busin e s s integ r a t io n
req ui r e m e n t s .
• IaaS overco m e s thes e challen g e s by sma rtly utilizing the time-
test e d busine s s- to- busine s s (B2B) integ r a t i o n tech n olo gy as the
value a d d e d bridg e betw e e n SaaS solutions and in- hous e busine s s
applica tion s.

Saa S INTEGRATIO N
• Cloud- cent ric integ r a t io n solutions are being develop e d and
demo n s t r a t e d for showc a s i n g their capa bilities for integ r a ti n g
ente r p r i s e and cloud applica tion s .
• Now with the arrival and adoptio n of the tran sfo r m a t iv e and
disru p tiv e par a di g m of cloud comp u ti n g , every ICT produ c t s are
being conve r t e d into a collection of servic es to be deliver e d via
the open Inte r n e t
• In that line, the stan d a r d s- complia n t integ r a ti o n suites are being
tran sition e d into service s so that any integ r a ti o n nee d of any
one from any part of the world , can be easily, chea ply and
rapidly met.
 | 69

Inte g r a t i o n as a Servi c e (Iaa S ) : Migr a tio n of the function ality of a typical

ent e r p ri s e applica tion integ r a t io n (EAI) hub / ent e r p ri s e service bus (ESB)
into the cloud for providing for smoot h dat a tran s p o r t betw e e n any
ent e r p ri s e and SaaS applica tion s.
• Users subs c ri b e to IaaS as they would do for any othe r SaaS
applica tion.
• cloud middle w a r e will be mad e availa ble as a service.

For service inte g r a t io n, it is ente r p r i s e service bus (ESB) and for data
integ r a t io n, it is ente r p r i s e dat a bus (EDB).
Ther e are Mess a g e orien t e d middlew a r e (MOM) and mes s a g e broke r s for
integ r a t i n g decou pl e d applica tion s throu g h mes s a g e passin g and pick up.

Events are comin g up fast and ther e are compl ex event proce s si n g (CEP)
engin e s that rec eive a stre a m of divers e event s from divers e sourc e s ,
proce s s the m at real- time to extr a c t and figur e out the enc a p s u l a t e d
knowled g e , and accor di n gly selec t and activat e one or more targ e t
applica tio n s .
• Cloud infras t r u c t u r e is not very useful witho u t SaaS applic a tion s that
run on top of the m, and SaaS applica tion s are not very valua bl e
witho u t acces s to the critical corpo r a t e dat a that is typically locked
away in various corpo r a t e syste m s .
• So, for cloud applic ation s to offer maxim u m value to their user s, they
nee d to provide a simple mec h a n i s m to import or load exte r n a l dat a,
export or replica t e their data for repor tin g or analysis purpo s e s , and
finally keep their data synch r o niz e d with on- pre mis e applic ation s.

Why Saa S Int e g r a t i o n is hard?

Rea s o n s :
Limit e d Acc e s s : Access to cloud resou r c e s (SaaS, PaaS, and the
infras t r u c t u r e s ) is more limite d than local applica tio n s . Once
applica tion s move to the cloud, custo m applic ation s must be
design e d to suppo r t integ r a t io n beca u s e ther e is no longe r that low
level of acces s. Ente r p ri s e s puttin g their applica tion s in the cloud or
thos e subsc ri b e r s of cloud- base d busin e s s service s are dep e n d e n t on
the vendor to provide the integ r a ti o n hooks and APIs.

Dyn a m i c Res o u r c e s : Cloud resou r c e s are virtu alize d and service-

orient e d . That is, everyt hin g is expr e s s e d and expos e d as a service.
Due to the dyna mis m factor infras t r u c t u r a l cha n g e s are liable for
dyna mic chan g e s . Thes e would clearly impac t the integ r a t i o n model.
 | 70

Perf or m a n c e : Clouds suppo r t applica tio n scala bility and resou r c e

elas ticity. Howeve r the netw o r k dista n c e s betw e e n elem e n t s in the
cloud are no longe r und e r our control. Becau s e of the roun d trip
laten cy, the cloud integ r a ti o n perfor m a n c e is boun d to slow down

NEW INTEGRATIO N SCENARIO S

Thre e major integ r a ti o n scen a ri os

• With i n a Pu bli c Clou d : Two differe n t applica tion s are host e d in a cloud.
The role of the cloud integ r a t io n middle w a r e (say cloud- bas e d ESB or
inte r n e t servic e bus (ISB)) is to sea ml e s sly ena bl e thes e applica tio n s to
talk to each othe r. Thes e applica tio n s can be owne d by two differe n t
comp a ni e s . They may live in a single physical serve r but run on differe n t
virtu al mac hi n e s

• Ho m o g e n e o u s Clou d s : The applica tion s to be integ r a t e d are position e d

in two geog r a p h i c ally sepa r a t e d cloud infras t r u c t u r e s . The inte g r a t i o n
middle w a r e can be in cloud 1 or 2 or in a sepa r a t e cloud. Ther e is a need
for dat a and protoc ol tra n sfo r m a t i o n and they get done by the ISB

• Het e r o g e n e o u s Clou d s : One applic ation is in public cloud and the

othe r applica tio n is
in privat e cloud
 | 71

The Int e g r a t i o n Met h o d o l o g i e s

Ther e are thre e types for cloud inte g r a t i o n
• Traditi o n a l Ent er p r i s e Inte g r a t i o n Tool s can be e m p o w e r e d
with sp e c i a l
con n e c t o r s to acc e s s Clou d - loc a t e d Appli c a t i o n s : With a
persist e n t rise in the
nec es si ty towa r d s acces si n g and integ r a ti n g cloud applica tion s ,
speci al driver s,
conn e c t o r s and ada p t e r s are being built and incor po r a t e d on the
existing integ r a t i o n
platfor m s to ena bl e bidirec tio n a l conn e c tivity with the
particip a ti n g cloud service s.
• Traditi o n a l Ent e r p r i s e Inte g r a t i o n Tool s are ho s t e d in th e Clou d:
This app ro a c h is similar to the first option excep t that the integ r a t io n
softw a r e
suite is now hoste d in any third- party cloud infras t r u c t u r e s so that the
ente r p r i s e does not worry abou t procu ri n g and man a gi n g the har d w a r e
or installing the integ r a t io n softwa r e
• Int e g r a t i o n - as- a- Servi c e (Iaa S ) or On- De m a n d Inte g r a t i o n
Offeri n g s : These are SaaS
applica tio n s that are desig n e d to deliver the integ r a ti o n service
secu r ely over the Inte r n e t
and are able to inte g r a t e cloud applica tio n s with the on- pre mis e
syste m s , cloud- to- cloud
applica tio n s .

Char a c t e r i s t i c s of Int e g r a t i o n Sol u t i o n s and Prod u c t s

• Con n e c t i v i t y refer s to the ability of the integ r a t io n engin e to eng a g e with
both the sourc e and targ e t syste m s using available native interfa c e s
• Se m a n t i c Med i a t i o n refers to the ability to accou n t for the differe n c e s
betw e e n applica tio n sem a n t ic s betw e e n two or more syste m s . Sem a n t i c s
 | 72

mea n s how inform a t io n gets und e r s t o o d, inter p r e t e d and rep r e s e n t e d

within infor m a tio n syste m s
• Data Med i a t i o n conve r t s dat a from a sourc e data form a t into destin a tio n
dat a form a t. Couple d with sem a n ti c media tio n, dat a media tion or dat a
tran sfor m a t i o n is the proce s s of conve r ti n g dat a from one native forma t on
the sourc e syste m , to anot h e r dat a form a t for the targ e t syste m
• Data Mi gr a t i o n is the proce s s of tran sfe r ri n g data betw e e n stora g e
types, form a t s , or syste m s . Data migr a tio n mea n s that the dat a in the old
syste m is map p e d to the new syste m s
• Data Se c u r i t y mea n s the ability to insur e that inform a tio n extr a c t e d from
the sourc e syste m s has to secu r ely be place d into targ e t syste m s
• Data Inte g r i t y mea n s dat a is comple t e and consist e n t . Thus, integ ri ty has
to be gua r a n t e e d when dat a is gettin g map p e d and maint ai n e d during
inte g r a t io n oper a tio n s , such as data synch r o niz a tio n betw e e n on- pre mi s e
and SaaS- bas e d syste m s .
• Gover n a n c e refers to the proc e s s e s and tech n ologi e s that surro u n d a
syste m or syste m s , which cont rol how those syste m s are acce s s e d and
lever a g e d

Prod u c t s And Platf or m s

• Jitter b i t is a fully gra p hi c al integ r a t io n solution that provides user s a
vers a tile platfor m and a suite of produ c tivity tools to redu c e the
Inte g r a t io n effort s shar ply.
It can be used stan d a lo n e or with existing EAI infra s t r u c t u r e s ,
ena blin g user s to cre a t e new project s or cons u m e and modify
existin g ones offere d by the open sourc e com m u ni ty or service
provide r.
The Jitte r bit solution ena bl e s the cool integ r a t i o n amon g confide n ti al
and corpo r a t e dat a, ente r p ri s e applica tio n s , web service s, XML dat a
sourc e s , legacy syste m s , simple and complex flat files.
Jitter bit is comp ri s e d of two major compo n e n t s :
• Jitter b i t Int e g r a t i o n Enviro n m e n t : An intuitive point- and- click
gra p hi c al UI
that ena bl e s to quickly configu r e , test, deploy and man a g e
integ r a t io n project s
on the Jitter bit serve r.
• Jitter b i t Inte g r a t i o n Serv er A powe rful and scala bl e run- time
engin e that
proc e s s e s all the integ r a t io n oper a ti o n s , fully configu r a bl e
and man a g e a b l e
from the Jitter bit applica tio n.
 | 73

• Bo o m i Soft w a r e : Boomi AtomS p h e r e is an integ r a t i o n servic e that is

comple t ely on- dem a n d and conne c t s any combin a tio n of SaaS, PaaS,
cloud, and on- pre mis e applic ation s withou t the burd e n of installing and
maint ai nin g softw a r e pack a g e s or applia n c e s . Anyone can secu r ely build,
deploy and man a g e simple to compl ex integ r a ti o n proce s s e s using only
web brow s e r .
• Bu n g e e Con n e c t : Bunge e Conne c t ena ble s cloud comp u ti n g by offerin g
an applic ation develop m e n t and deploym e n t platfor m that ena bl e s highly
inte r a c tive applica tio n s integ r a t i n g multiple dat a sourc e s and facilitatin g
insta n t deploym e n t . Built specifically for cloud develop m e n t , Bunge e
Conne c t red u c e s the efforts to integ r a t e (mas h u p ) multiple web service s
into a single applica tion.
• OpS o u r c e Con n e c t : Expa n d s on the OpSou r c e Service s Bus (OSB) by
providing the infras t r u c t u r e for two- way web service s inter a c tio n s ,
allowing custo m e r s to consu m e and publish applic ation s acros s a com m o n
web service s infras t r u c t u r e .
• Sna pL o g i c : SnapLogic is a capa bl e, clean, and unclut t e r e d solution for
dat a integ r a t io n that can be deploye d in ent e r p ri s e as well as in cloud
lands c a p e s . The free com m u n i ty edition can be used for the most com m o n
point- to- point data inte g r a t i o n tasks

The Perva s i v e DataCl o u d : Perva sive Data Cloud is the first multi-
tena n t platfor m for deliverin g the following

 Inte g r a t io n as a Service (IaaS) for both host e d and on- pre mi s e s

applica tion s and data sourc e s
 Packa g e d turnk ey integ r a t io n
 Inte g r a t io n that suppo r t s every integ r a ti o n scen a ri o
 Conne c tivity to hund r e d s of differ e n t applic a tion s and data sourc e s

Oth er Prod u c t s
• Bluewolf

• Online MQ

• CloudM Q

• Linxter

Ent e r p ri s e clo u d co m p u t i n g
 | 74

Ent e r p ri s e clo u d co m p u t i n g is the align m e n t of a cloud comp u ti n g

model with an orga niz a tio n’s busine s s objective s (profit, ret u r n on
invest m e n t , redu c tio n of oper a tio n s costs) and proc e s s e s .

Cloud comp u ti n g is compo s e d of five ess e n ti al char a c t e r i s ti c s:

• on- dem a n d self- servic e

• broa d netw o r k acce s s

• reso u r c e pooling,

• rapid elasticity

• meas u r e d service

The ways in which thes e char a c t e r i s tic s are manife s t e d in an ent e r p ri s e

cont ext vary accor di n g to the deploym e n t model employe d.

Dep l o y m e n t Mod e l s for Ent er p r i s e Clou d Com p u t i n g

• Pu bli c clo u d s are provide d by a design a t e d service provide r for gene r a l
public unde r a utility base d pay- per- use cons u m p t i o n model. The cloud
reso u r c e s are host e d gene r a lly on the service provide r’s pre mi s e s
• Privat e clo u d s are built, oper a t e d , and man a g e d by an orga niza tio n for
its inter n a l use only to suppo r t its busine s s oper a tio n s exclusively
• Virtu a l privat e clo u d s are a derivative of the privat e cloud deploym e n t
model but are furth e r char a c t e r iz e d by an isolat e d and secu r e seg m e n t of
reso u r c e s , cre a t e d as an overlay on top of public cloud infras t r u c t u r e
using adva n c e d netwo r k virtualiza tion capa bilities. Some of the public
cloud vendo r s that offer this capa bility includ e Amazon Virtual Privat e
Cloud, OpSou r c e Cloud and Skyta p Virtual Lab
• Com m u n i t y clo u d s are shar e d by sever al orga niz a tio n s and suppo r t a
specific com m u ni ty that has shar e d conc e r n s (e.g., mission, secu ri ty
req ui r e m e n t s , policy, and complia n c e consid e r a t i o n s). They may be
man a g e d by the orga niz a tio n s or a third party and may exist on pre mis e or
off pre mis e . One exam pl e of this is OpenCi r r u s form e d by HP, Intel,
Yahoo, and othe r s
• Man a g e d clo u d s arise when the physical infra s t r u c t u r e is owne d by
and/or physically locat e d in the orga niza tio n’s dat a cent e r s with an
exte n sio n of man a g e m e n t and secu rity control plan e contr olle d by the
man a g e d service provide r
• Hybrid clo u d s are a compositio n of two or more clouds (privat e ,
com m u n i ty,o r public) that rem ain uniqu e entitie s but are boun d
 | 75

toget h e r by stan d a r d i z e d or prop rie t a r y tech n ology that ena bl e s dat a

and applica tio n port a bility. Some exam pl e s of thes e offering s includ e
Amazon Virtual Privat e Cloud, Skyta p Virtual Lab, and Cohesive F T
VPN- Cube d.

Adop t i o n and Con s u m p t i o n Strat e g i e s

The selectio n of stra t e g i e s for ente r p r i s e cloud comp u ti n g is critical for IT

capa bility as well as for the ear ni n g s and costs the orga niz a tio n
expe rie n c e s , motiva tin g efforts towa r d conve r g e n c e of busin e s s stra t e gi e s
and IT. Critical ques tion s towa r d this conve r g e n c e in the ente r p ri s e cloud
par a di g m

• Will an ente r p ri s e cloud stra t e g y incre a s e overall busine s s value?

• Are the effort and risks associ a t e d with tran sitionin g to an

ente r p r i s e cloud stra t e g y wort h it?
• Which are a s of busin e s s and IT capa bility should be consid e r e d
for the ente r p r i s e cloud?
• Which cloud offering s are releva n t for the purpo s e s of an
orga niza tio n ?
• How can the proc e s s of tran sitio ni n g to an ent e r p ri s e cloud
stra t e g y be pilote d and syste m a t i c ally execu t e d ?

These ques tio n s are addr e s s e d from two stra t e gi c pers p e c tive s :
(1) Adoption (2) Consu m p tio n

Adop t i o n stra t e g y : an orga niz a tio n make s a decision to adopt a cloud

comp u ti n g model base d on fund a m e n t a l drive rs for cloud comp u ti n g—
scala bility, availability, cost and conveni e n c e
 Scal a b i l i ty - Drive n Strat e g y : The objective is to suppo r t incre a si n g
workloa d s of the orga niza tio n withou t invest m e n t and expe n s e s
exce e di n g retu r n s . The condition s are that the effort, costs (CAPEX
and OPEX) and time involved in acce s sin g and installing IT capa bility
on a CDC are less tha n going throu g h a stan d a r d har d w a r e and
softw a r e procu r e m e n t and licensi n g proce s s
• Availa b i l i t y - Drive n Strat e g y: Availability has close relation s to
scala bility but is more conce r n e d with the ass u r a n c e that IT
capa bilities and function s are acce s sibl e, usable and acce p t a bl e by the
stan d a r d s of user s. This is henc e the objective of this basic ente r p r i s e
cloud strat e g y.
 | 76

• Mark e t - Drive n Stra t e g y : This stra t e g y is more attr a c tive and viable
for small, agile orga niz a tio n s that do not have (or wish to have)
mas sive invest m e n t s in their IT infra s t r u c t u r e . The objective her e is
to identify and acquir e the “bes t deals” for IT capa bilities as dem a n d
and supply chan g e , ena bling ongoing redu c tio n s in OPEX and CAPEX.
• Conv e n i e n c e - Drive n Strat e g y : The objective is to redu c e the load and
nee d for dedic a t e d syste m admi nist r a t o r s and to make acce s s to IT
capa bilities by user s easie r, reg a r dl e s s of their location and conn e c tivity
(e.g. over the Inte r n e t ). The expec t a t io n is that the cost of obtainin g IT
capa bilities from a CDC and makin g the m acce s si ble to user s is
significa n tly lower than the cost of having a dedic a t e d admi nis t r a t o r

Con s u m p t i o n Stra t e g y:
The cons u m p t i o n strat e gi e s make a distinc tio n betw e e n data and
applica tio n logic beca u s e ther e are que s tio n s of progr a m m i n g models
used, dat a sensitivity, softw a r e licensin g and expe ct e d res po n s e times that
nee d to be consid e r e d .
Ther e are four cons u m p t i o n s stra t e gi e s identified, whe r e the differe n c e s in
objectives, conditions and actions reflect the decision of an orga niz a tio n to
tra d e- off hosting costs, cont rolla bility and resou r c e elas ticity of IT
resou r c e s for softw a r e and dat a
• Soft w a r e Provi s i o n . This stra t e g y is releva n t whe n the elasticity
req ui r e m e n t is high for softw a r e and low for dat a, the cont rolla bility
conc e r n s are low for softw a r e and high for dat a, and the cost redu c tio n
conc e r n s for softw a r e are high, while cost redu c tio n is not a priority for
dat a, given the high cont rolla bility conc e r n s for dat a, that is, dat a are
highly sensitive
• Stor a g e Provi s i o n . This stra t e g y is releva n t whe n the elasticity
req ui r e m e n t s is high for data and low for softw a r e , while the
cont rolla bility of softw a r e is more critical than for data. This can be the
case for dat a inten sive applica tio n s , whe r e the res ult s from proce s si n g in
the applica tion are more critical and sensitive than the data itself.
Furt h e r m o r e , the cost redu c tio n for dat a reso u r c e s is a high conce r n,
here a s cost for softw a r e , given its criticality, is not an issue for the
orga niza tio n within rea so n a bl e mea n s .
• Sol u t i o n Provi s i o n . This stra t e g y is releva n t whe n the elas ticity and cost
red uc tio n req ui r e m e n t s are high for softw a r e and dat a, but the
cont rolla bility requir e m e n t s can be entr u s t e d to the CDC. It is not the case
that cont rolla bility is an insignifica n t req uir e m e n t ; it is rath e r the cas e that
the orga niz a tio n trus t s the CDC sufficien tly to man a g e acce s s and usag e
cont rol of its softwa r e and data
• Red u n d a n c y Servi c e s . This stra t e g y can be consid e r e d as a hybrid
ente r p r i s e cloud stra t e g y, wher e the orga niz a tio n switc h e s betw e e n
 | 77

tradition al, softw a r e , stora g e or solution man a g e m e n t base d on cha n g e s in

its oper a ti o n al conditions and busine s s dem a n d s
The stra t e g y is refe r r e d to as the “redu n d a n c y stra t e g y” beca u s e
the CDC is used for situation s such as disas t e r recove ry, fail-
over and load balanci n g

Softw a r e , stora g e or solution servic es can be imple m e n t e d using

redu n d a n c y, such that use r s are redir e c t e d for the purpo s e of
maint ai ni n g availability of function ality or perfor m a n c e / r e s p o n s e
times expe ri e n c e d by the user of the service.

UNIT – 3
Virtu a l Mac h i n e s Provi s i o n i n g and Migr a t i o n Servi c e s

Intro d u c t i o n an d Ins p ir a t i o n
Cloud comp u ti n g builds on
 service- orient e d arc hit e c t u r e (SOA)
 grid comp u ti n g and
 virtualiza tion tech n olo gy
Offers Infras t r u c t u r e as a service(Ia a S ) to the end user s as a public utility
servic e base d on pay- as- you- use and on- dem a n d comp u ti n g models
The provisionin g of the cloud infras t r u c t u r e in data cent e r s is a
pre r e q u i s it e
The provisionin g for syste m s and applica tio n s on a large num b e r of
physical machin e s is time- cons u mi n g proce s s with low ass u r a n c e on
deploym e n t’s time and cost
 | 78

Two core servic es ena bl e the user s to get the best out of the IaaS model in
public and privat e cloud setu p s
 Virtual mac hi n e provisionin g
 Migra tion servic es

When installing a new serve r for a cert ai n workloa d to provide a service for
a client, the following step s are requir e d
 Check the invent o ry for a new mac hin e
 Get one, form a t, install OS req ui r e d , install servic es
 A serve r is need e d along with lots of secu ri ty batc h e s and applian c e s

With the eme r g e n c e of virtualiza tion tech nolo gy and the cloud comp u ti n g
IaaS model, the sam e task can be achieve d in few minut e s .
To provision a virtu al serve r throu g h a self- service inte rfac e with small
step s to get what we desire with the requir e d specifica tion s
 Provisionin g this mac hi n e in a public cloud like Amazon Elastic
Comp u t e Cloud (EC2)

 Or using a virtu aliza tio n man a g e m e n t softwa r e pack a g e

 Or a privat e cloud man a g e m e n t solution inst alled at dat a cent e r

inside the
Orga niz a tio n and within the privat e cloud setu p
A nee d for perfor mi n g a serve r’s upgr a d e or perfor mi n g maint e n a n c e
tasks is an expe n sive oper a tio n to maint ai n or upgr a d e a main serve r that
has lots of applic ation s and user s

With the adva n c e of the revolutionize d virtu alization tech n olo gy and
migr a tio n service s associa t e d with hype rvis o r s’ capa bilities thes e tasks
(maint e n a n c e , upgr a d e s , patc h e s , etc.) nee d no time to accom plis h
 Provisionin g a new virtual machin e is a matt e r of minut e s
 Migra tion s of a virtual machin e is a matt e r of milliseco n d s

Virtu a l i z a t i o n Tec h n o l o g y Overvi e w

 Virtualization facilitat e s the providing and man a g e m e n t of
the dyna mi c dat a cent e r’s infras t r u c t u r e
 An esse n ti al and ena bling tech n ology of cloud comp u ti n g
environ m e n t s
 Virtualization can be define d as the abst r a c t io n of the four
comp u ti n g reso u r c e s : Stor a g e , proc e s si n g powe r, mem o ry, and
netw o r k or I/O
 Conce p t u a lly similar to emula tion whe r e a syste m pret e n d s
to be anot h e r syste m
 Virtualization is a syste m pret e n d i n g to be two or more of the
sam e syste m
 | 79

• The virtualiza tio n layer will partition the physical resou r c e of the
und e rlyin g physical serve r into multiple virtual mac hin e s with differe n t
workloa d s

• It Sche d ul e s , allocat e s the physic al reso u r c e , make s a virtu al machin e

think it totally owns the whole unde rlying har d w a r e’s physic al reso u r c e
Proce s s o r , disks, RAMs, etc.

• Virtual mac hi n e ' s techn olo gy man a g e s reso u r c e s in cloud comp u ti n g

environ m e n t s

• Improv e s the utilization of such reso u r c e s by multiplexin g many virtual

machin e s on one physical host - Serve r consolid a tio n

• Machi n e s can be scale d up and down on dem a n d with a high level of

reso u r c e s’ abst r a c t io n
 | 80

• Virtualization ena bl e s high, reliable, and agile deploym e n t mech a n i s m s

and man a g e m e n t of servic es, providing on- dem a n d cloning and live
migr a tio n service s which improv e reliability

Pu bli c Clou d and Infra s t r u c t u r e Servi c e s

Pu bli c clo u d or ext e r n a l clo u d

 Resou r c e s are dyna mi c ally provision e d via publicly acce s sibl e Web
applica tion s/W e b service s (SOAP or RESTful interf ac e s ) from an off-site
third- party provide r
 Sha r e s reso u r c e s and bills on a fine- grain e d utility comp u ti n g
basis
 The use r pays only for the capa city of the provision e d
reso u r c e s at a partic ul a r time
 Exam pl e s for vendo r s who publicly provide IaaS
Amazon Elastic Compu t e Cloud (EC2), GoGrid, Joyent,
Acceler a t o r , Racks p a c e , AppN ex u s, FlexiSc ale and
Manjr a s oft Aneka

Pu bli c Clou d and Infra s t r u c t u r e Servi c e s

• Amaz o n Elas ti c Com p u t e Clou d (EC2) is an IaaS servi c e

▫ Provides elastic comp u t e capa city in the cloud

▫ Lever a g e d via Web servic es (SOAP or REST), a Web- base d AWS
(Amazon Web Service) man a g e m e n t console, or the EC2 com m a n d
line tools
▫ Provides hun d r e d s of pre- mad e AMIs (Amazon Machi n e Imag e s )
with a variety of oper a ti n g syste m s and pre- loade d softw a r e i.e.,
Linux, Open S ol a ri s, or Window s
▫ Provide s comple t e cont rol of comp u ti n g resou r c e s run on
Amazon’s comp u ti n g and infras t r u c t u r e environ m e n t easily
▫ Reduc e s the time req ui r e d for obtainin g and bootin g a new
serve r’s insta n c e s to minut e s

▫ Allows a quick scalabl e capaci ty and reso u r c e s , up

and down as the comp u ti n g requi r e m e n t s chan g e

▫ Offers differ e n t inst a n c e s’ size accor di n g to

 The resou r c e s’ nee d s (small, large, and extr a larg e)

 The high CPU’s nee d s it provide s (mediu m and extra large

high CPU insta n c e s )
 | 81

 High- memo ry insta n c e s (extr a large, double extra large, and

quad r u p l e extra large insta n c e)

Privat e Clou d and Infra s t r u c t u r e Servi c e s

• A privat e cloud aims at providin g public cloud function ality, but on privat e
reso u r c e s
▫ Maint ai ni n g cont rol over an orga niz a tio n’s dat a and resou r c e s to
meet secu ri ty and gover n a n c e’s requir e m e n t s in an orga niz a tio n
▫ A highly virtu alize d cloud data cent e r locat e d inside the
orga niza tio n’s firew all
▫ Also be a privat e spac e dedic a t e d for the comp a n y within a cloud
vendo r’s data cent e r design e d to handl e the orga niza tio n’s workloa d s
Privat e clouds exhibit the following cha r a c t e r i s tic s:
▫ Allow servic e provisionin g and comp u t e capa bility for an
orga niza tio n’s user s in a self- servic e man n e r
▫ Autom a t e and provide well- man a g e d virtualize d environ m e n t s
▫ Optimize comp u ti n g reso u r c e s , and serve r s’ utilization ▫ Suppo r t
specific workloa d s

Exam pl e s for vendo r s and fram e w o r k s that provide Iaas in privat e setu p s
▫ Eucalypt u s (elastic utility comp u ti n g archit e c t u r e linking your
prog r a m s to useful syste m s )
▫ Open Neb ul a
A third type of cloud setu p nam e d Hybrid clo u d
▫ A combin a tio n of privat e/int e r n a l and exte r n a l cloud reso u r c e s
existing toge t h e r by ena blin g outsou r ci n g of nonc ritic al service s and
functions in public cloud and keepin g the critical ones inte r n al
Main function of Hybrid cloud is to rele a s e reso u r c e s from a public cloud
and han dle sudd e n dem a n d usag e called cloud burs tin g

Dis tri b u t e d Man a g e m e n t of Virtu a l i z a t i o n

 Virtualization nee d s powe rf ul man a g e m e n t capa bilities
 Many com m e r ci al, open sourc e prod u c t s and rese a r c h project s are
being develop e d to dyna mi c ally provision virtu al mac hin e s e.g., Open
Nebul a , IBM Virtualiza tio n Mana g e r , Joyent utilizing the physical
infras t r u c t u r e
 Some com m e r ci al and scientific infra s t r u c t u r e cloud comp u ti n g
initiative s provide remot e interf ac e s for cont rolling and monitorin g
virtu al resou r c e s e.g., Globus VWS, Eucalypt u s and Amazon
 The RESERVOIR initiative provide s Grid interfa c e s and protocols
that ena ble the req uir e d intero p e r a b ility betw e e n the clouds or
infras t r u c t u r e’s provide r s
High Availability
 A syste m design protocol and an associ at e d imple m e n t a t i o n ens u r e s a
cert ai n absolut e degr e e of ope r a tio n a l contin uity durin g a given
meas u r e m e n t period
 Availability refers to the ability of a user’s com m u ni ty to acce s s the
syste m
 | 82

–Sub mit ti n g new work, upda ti n g or alterin g existin g work, or

collectin g the res ult s of the previous work
 Unavaila bl e: A user cannot acces s the syste m

Servic es should be available all the time along with some

plan n e d / u n pl a n n e d downti m e accor din g to a cert ai n SLA

SLA formalize s the service availability objective s and requir e m e n t s The

mont hly availa bility or downti m e of a service, to calcula t e the service’s
credit s to matc h the billing cycles
 Busine s s critical servic es are often cate g o riz e d as high availability
servic es achieving the lowest possible amou n t of plann e d and
unpla n n e d dow nti m e
 High availability allows virtu al mac hin e s to auto m a ti c ally be rest a r t e d
in cas e of an und e rlying hard w a r e failure or individu al VM failur e.
 If one of serve r s fails, the VMs will be rest a r t e d on othe r virtualize d
serve r s in the reso u r c e pool resto ri n g the esse n ti al servic e s with
minim al servic e inter r u p t i o n

Clou d and Virtu al i z a t i o n Sta n d a r d i z a t i o n Effort s

Stan d a r d i z a ti o n is import a n t to ensu r e inte ro p e r a b ility
The prevale n t stan d a r d s that make cloud comp u ti n g and virtu alization
possible
 Dis tri b u t e d Man a g e m e n t Tas k Forc e (DMTF ) have produ c e d
stan d a r d s for almost all the aspe c t s of virtualiza tion tech n ology.
DMTF initiat e d the VMAN (Virtualization Man a g e m e n t ) Initiative. It
deliver s broa dly suppo r t e d intero p e r a b ility and port a bility stan d a r d s
for man a gi n g the virtual comp u ti n g lifecycle
 VMAN’s OVF (Op e n Virtu a l i z a t i o n For m a t ) is a collabor a t io n
betw e e n indus t ry key player s Dell, HP, IBM, Microsoft, XenSou r c e ,
and VMware . OVF provides a com m o n form a t to packa g e and secu r ely
distrib u t e virtu al applian c e s acros s multiple virtu alization platfor m s .
VMAN profiles define a consist e n t way of man a gi n g a hete r o g e n e o u s
virtu alize d environ m e n t

OCCI an d OGF
Anoth e r stan d a r d i z a tio n effort has been initiat e d by Ope n Grid Foru m
(OGF) to deliver a stan d a r d API for cloud IaaS
Ope n Clou d Com p u t i n g Inte rf a c e Worki n g Grou p (OCCI- WG)
 Dedica t e d for deliverin g an API specifica tion for the remot e
man a g e m e n t of cloud comp u ti n g’s infras t r u c t u r e for allowing the
develop m e n t of intero p e r a b l e tools for com m o n tasks includin g
deploym e n t , auto no mi c scaling, and monitorin g.
 Coverin g a high- level function ality requi r e d for man a gi n g the lifecycle
of virtu al mac hi n e s / w o r kl o a d s , runnin g on virtu alization
tech nologi e s/ co n t a i n e r s and suppo r ti n g service elasticity

The new API for interf aci n g IaaS cloud comp u ti n g facilities will allow
 | 83

 Con s u m e r s to inter a c t with cloud comp u ti n g infra s t r u c t u r e on an ad

hoc basis
 Int e g r a t o r s to offer adva n c e d man a g e m e n t service s
 Aggr e g a t o r s to offer a single com mo n interfa c e to multiple provide r s
 Provid e r s to offer a stan d a r d interfa c e that is comp a ti bl e with the
availa ble tools
 Ven d o r s of grids/clou d s to offer stan d a r d interf ac e s for dyna mic ally
scala bl e service’s delivery in their prod u c t s

Virtu a l Mac h i n e s Provi s i o n i n g and Man a g e a b i l i t y

Life cycl e of VM and its major pos s i b l e sta t e s of op e r a t i o n

 Start s by a requ e s t deliver e d to the IT dep a r t m e n t statin g the
req ui r e m e n t for crea ti n g a new serve r for a partic ul a r servic e –
Requ e s t is proce s s e d by the IT admi nist r a t i o n by seeing the serve r s’
reso u r c e pool, matc hi n g thes e resou r c e s with the requir e m e n t s ,
starti n g the provision of the nee d e d virtual mac hin e
 Once it is provision e d and star t e d it is rea dy to provide the req ui r e d
servic e accor di n g to an SLA
 A time period after which the VM is rele a s e d and resou r c e s free d

VM Provisioning Process
The com m o n and norm al step s of provisionin g a virtual serve r
 Select a serve r from a pool of availabl e serve r s (Physical serve r s with
enou g h capa city) along with the appro p ri a t e OS tem pla t e
 Load the appro p ri a t e softwa r e oper a ti n g syste m , device driver s,
middle w a r e , and the nee d e d applic ation s for the service req ui r e d
 Custo miz e and configu r e the mac hi n e to configu r e an associa t e d
netw o r k and stor a g e reso u r c e s e.g., IP addr e s s , Gate w a y
 The virtual serve r is rea dy to star t with its newly loade d softw a r e
 Serve r provisionin g is defining serve r’s configu r a ti o n base d on the
orga niza tio n req uir e m e n t s , a hard w a r e , and softw a r e compo n e n t ,
 | 84

proc e s s o r , RAM, stora g e , netw o r ki n g , oper a ti n g syste m , applica tio n s ,

etc.
 Virtual machin e s can be provision e d by man u a lly installing an
oper a ti n g syste m , by using a preco nfigu r e d VM tem pl a t e , by cloning
an existing VM, or by impor tin g a physical serve r or a virtu al serve r
from anoth e r hosting platfor m

VM Provi s i o n i n g Proc e s s

Virtu a l Mac h i n e Migr a t i o n Servi c e s

 Migra tion service is the proc e s s of moving a virtu al mac hi n e from one
host serve r or stor a g e location to anoth e r

 Differe n t tech niq u e s of VM migr a tio n

– Hot/life migr a tio n

– cold/re g ul a r migr a tio n

 Live stora g e migr a tio n of a virtu al mac hi n e

 In this proc e s s , all key machin e s’ compo n e n t s , are compl et ely

virtu alize d e.g., CPU, stor a g e disks, netwo r ki n g , memo ry facilita tin g
the entir e stat e of a virtual machin e to be capt u r e d by a set of easily
moved data files

Mi gr a t i o n s Tec h n i q u e s

• Live migr a tio n also called hot or real- time migr a tio n: The move m e n t
of a virtual machin e from one physic al host to anot h e r while being powe r e d
on witho u t any notice a bl e effect from the end user’s point of view (a mat t e r
of milliseco n d s )

Live Migr a t i o n

– Facilita t e s proac tive maint e n a n c e upon failure; the pote n ti al proble m

can be resolved before the disru p tio n of servic e occur s
 | 85

– Used for load balan ci n g. Work is shar e d amon g comp u t e r s optimize

the utilization of available CPU resou r c e s

Live mi g r a t i o n ’ s me c h a n i s m

– How mem o ry and virtu al mac hi n e stat e s are being tran sf e r r e d

thro u g h the netwo r k from one host A to anot h e r host B

– e.g., the Xen hype rviso r

– The proce s s has bee n viewe d as a tran s a c t io n al inter a c tio n betw e e n

the two host s involved

Sta g e 0: Pre- Migr a t i o n

• An active virtual machin e exists on the physical host A

Sta g e 1: Res e r v a t i o n

 A req u e s t is issue d to migr a t e an OS from host A to B

 The nec es s a r y reso u r c e s exist on B and on a VM cont ai n e r of that size

Sta g e 2: Iter a t iv e Pre- Copy

 During the first itera tion, all page s are tran sfe r r e d from A to B

 Subs e q u e n t itera tio n s copy only thos e page s dirtie d during the
previous tran sf e r pha s e

Sta g e 3: Sto p- and- Copy

 Runnin g OS insta n c e at A is susp e n d e d

 The netw o r k traffic is redir e c t e d to B

 CPU stat e and any rem ai ni n g inconsist e n t me mo ry page s are then

tran sfe r r e d

 At the end of this stag e, ther e is a consis t e n t susp e n d e d copy of the

VM at both A and B.

 Copy at A is consid e r e d prim a r y and is res u m e d in cas e of failur e

Sta g e 4: Com m i t m e n t

 Host B indica t e s to A that it has succ e s sf ully rec eive d a consist e n t OS

imag e
 | 86

 Host A ackno wl e d g e s this mess a g e as a commit m e n t of the migr a tio n

tran s a c t io n

 Host A may now disca r d the original VM

 Host B beco m e s the prim a r y host

Sta g e 5: Activat i o n

 The migr a t e d VM on B is now activat e d

 Post- migr a tio n code runs to reat t a c h the device’s driver s to the new
machin e and adver tis e move d IP add r e s s e s

This approach to failure management ensures

 At least one host has a consistent VM image at all times during migration
 The original host remains stable until the migration commits and the VM may be suspended and
resumed on that host with no risk of failure
A migration request essentially attempts to move the VM to a new host on any sort of failure, execution
is resumed locally aborting the migration

VM Management and Provisioning tools

– Provide the live migration of VM facility
– e.g., VMware VMotion and Citrix XenServer XenMotion

• VMware Vmotion
– Allows users to automatically optimize and allocate an entire pool of resources for maximum
hardware utilization, flexibility, and availability
– To perform hardware’s maintenance without scheduled downtime along with migrating virtual
machines away from failing or underperforming servers
 | 87

• Citrix XenServer XenMotion

– Inherited from the Xen live migrate utility
– Provides the IT administrator with the facility to move a running VM from one Xen Server to
another in the same pool without interrupting the service, making it a highly available service
– A good feature to balance the workloads on the virtualized environment
Cold migration:
– The migration of a powered-off virtual machine
– Associated disks can be moved from one data store to another
– The virtual machines are not required to be on a shared storage

Differe n c e s betw e e n Hot (Live) migra tio n and Cold migr a tio n

Live migr a tio n nee d s a sha r e d stora g e for virtual mac hin e s in the
serve r’s pool, but cold migr a tio n does not
In live migr a tio n for a virtual mac hin e betw e e n two host s, ther e would be
cert ai n CPU comp a ti bility checks to be applied, in cold migr a tio n this
checks do not apply

The cold migra tio n proce s s is simple

• The configu r a ti o n files are moved from the sourc e host to the des tin a tio n
host’s associa t e d stor a g e are a includin g the NVRAM file (BIOS settin g s),
log files, as well as the disks of the virtu al mac hi n e
• The virtual machin e is regis t e r e d with the new host
• After the migr a tio n is comple t e d , the old version of the virtual mac hin e is
delet e d from the sourc e host

• Live Stor a g e Migr a t i o n of Virtu a l Mac h i n e

– Moving the virtual disks or configu r a ti o n file of a runnin g virtual
mac hi n e to a new data stor e witho u t any inter r u p t io n in the
availability of the virtual mac hi n e’s servic e

PROVISIO N I N G IN THE CLOUD CONTEXT

• Amazon EC2 is a widely know n exa m pl e for vendo r s that provide public
cloud service s.
Also, Eucalypt u s and Open- Nebula are two comple m e n t a r y and
ena bling techn olo gie s for open sourc e cloud tools, which play an
invalu a bl e role in infras t r u c t u r e as a servic e and in building
privat e , public, and hybrid cloud archit e c t u r e .
• The Amazon EC2 (Elastic Compu t e Cloud) is a Web service that allows user s
to provision new mac hin e s into Amazon’s virtu alize d
infra s t r u c t u r e in a matt e r of minut e s ; using a publicly available API
• EC2 insta n c e is typically a virtual mac hin e with a cert ain amou n t of RAM,
CPU, and stora g e capa ci ty.
 | 88

Amazon EC2 provide s its custo m e r s with thre e flexible purc h a s i n g

models to make it easy for the cost optimiza tio n:
• On- De m a n d ins t a n c e s : which allow you to pay a fixed rate by the hour
with no com mit m e n t .

• Res e r v e d ins t a n c e s : which allow you to pay a low, one- time fee and in turn
receive a significa n t discou n t on the hourly usag e char g e for that insta n c e .
It ens u r e s that any rese rv e d insta n c e you launc h is guar a n t e e d to succ e e d
(provide d that you have booke d the m in adva n c e). This mea n s that use r s of
thes e insta n c e s should not be affect e d by any tran si e n t limitatio n s in EC2
capacity.
• Spo t ins t a n c e s : which ena bl e you to bid what e v e r price you want for
insta n c e capa city, providing for even gre a t e r saving s, if your applica tio n s
have flexible start and end time s.

Amazon Elas ti c Load Bala n c e r is anot h e r service that helps in

building faulttole r a n t applica tio n s by auto m a t i c ally provisionin g
incomin g applic ation workloa d acros s availabl e Amazon EC2 insta n c e s
and in multiple availability zones.
Euc a ly p t u s is an open- sourc e infras t r u c t u r e for the imple m e n t a t i o n of
cloud comp u ti n g on comp u t e r clust e r s . It is consid e r e d one of the earlies t
tools develop e d as a surg e comp u ti n g (in which data cent e r’s privat e cloud
could aug m e n t its ability to han dl e workloa d’s spikes by a desig n that
allows it to send overflow work to a public cloud) tool. Its nam e is an
acro ny m for “ela s t i c utili ty co m p u t i n g arch i t e c t u r e for link i n g your
pro gr a m s to us e f u l syst e m s . ”

Euc aly p t u s feat u r e s :

• Inte rf ac e comp a ti bility with EC2, and S3 (both Web service and Query/REST
inte rf a c e s ).
• Simple installatio n and deploym e n t .

• Suppo r t for most Linux distrib u tio n s (sourc e and bina ry pack a g e s ).

• Suppo r t for runnin g VMs that run atop the Xen hype rviso r or KVM.

• Suppo r t for othe r kinds of VMs, such as VMwar e, is targ e t e d for futur e
relea s e s .
• Secu r e inte r n a l com m u ni c a ti o n using SOAP with WS security.

• Cloud administ r a t o r’s tool for syste m’s man a g e m e n t and use r’s accou n ti n g .

• The ability to configu r e multiple clust e r s eac h with privat e inter n a l netw o rk
addr e s s e s into a single cloud.
 | 89

• Eucalypt u s aims at fosteri n g the res e a r c h in models for service’s

provisionin g, sche d ulin g, SLA form ul a tion, and hype rviso r s’ port a bility.

Euc al y p t u s Archi t e c t u r e

• No d e co n tr o l l e r (NC) cont rols the execu tion, inspe c tio n, and

ter mi n a tio n of VM inst a n c e s on the host whe r e it runs.
• Clu s t e r con tr o l l e r (CC) gath e r s inform a tio n abou t and sche d ul e s VM
execu tio n on specific node cont rolle r s , as well as man a g e s virtu al
insta n c e netw o rk.
• Stor a g e con t r o l l e r (SC) is a put/g e t stora g e service that imple m e n t s
Amazon’s S3 interfa c e and provide s a way for storin g and acce s si n g
VM imag e s and user dat a.
• Clou d co n tr o l l e r (CLC) is the entry point into the cloud for users and
adminis t r a t o r s . It que ri e s node man a g e r s for infor m a ti o n about
reso u r c e s , make s high- level sche d ulin g decision s, and imple m e n t s
the m by making req u e s t s to clust e r cont rolle r s .
• Walru s (W) is the contr olle r compo n e n t that man a g e s acces s to the
stora g e servic es within Eucalypt u s . Requ e s t s are com m u ni c a t e d to
Walrus using the SOAP or REST- base d interfa c e

Man a g e m e n t of VMs for Clou d Infra s t r u c t u r e s

IaaS cloud provide r s sha r e five char a c t e r i s tic s:
 they provide on- dem a n d provisionin g of comp u t a ti o n a l reso u r c e s
 they use virtualiza tio n tech n olo gi e s to leas e thes e reso u r c e s
 they provide public and simple remot e interfa c e s to man a g e thos e
reso u r c e s
 they use a pay- as- you- go cost model, typically char gi n g by the
hour and
 they oper a t e data cent e r s large enou g h to provide a see min gly
unlimit e d amou n t of resou r c e s to their client s (usu ally tout e d as “infinite
capacity” or “unlimit e d elasticity”).
 | 90

Privat e and hybrid clouds shar e thes e sam e char a c t e ri s ti c s but, inste a d
of selling capa city over publicly acce s si bl e interfa c e s , focus on providing
capa city to an orga niza tio n’s inter n a l user s.

Virtualiza tio n tech nolo gi e s have bee n the key enabl e r of many of thes e
salient char a c t e r i s ti c s of IaaS clouds by giving provide r s a more flexible
and gene ri c way of man a gi n g their resou r c e s .

Virtual infra s t r u c t u r e (VI) man a g e m e n t— t h e man a g e m e n t of virtual

mac hi n e s distrib u t e d acros s a pool of physical resou r c e s— b e c o m e s a
key conce r n whe n building an IaaS cloud

Virtual mac hi n e s req ui r e a fair amou n t of configu r a t io n, includin g

pre p a r a t io n of the machin e’s softwa r e environ m e n t and netw o r k
configu r a ti o n and this configu r a tio n must be done on- the- fly, with as
little time betw e e n the time the VMs are req u e s t e d and the time they
are available to the user.
Seve r al VI man a g e m e n t solution s have eme r g e d over time, such as platfor m
ISF and VMwar e VSphe r e

Virtual Machin e Mana g e m e n t Activity of RESERVOIR add r e s s e s thre e

proble m s
• Distrib u t e d man a g e m e n t of virtual mac hi n e s
• Rese rv a tio n- bas e d provisionin g of virtu alize d reso u r c e and
• Provisionin g to mee t SLA com mit m e n t s

Dis tri b u t e d Man a g e m e n t of Virtu a l Mac h i n e s

To efficiently sche d ul e reso u r c e s , VI man a g e r s mus t be able to
suppo r t flexible and complex sche d uli n g policies and must lever a g e
the ability of VMs to sus p e n d , resu m e , and migra t e .

• Res e r v a t i o n - Bas e d Provi s i o n i n g of Virtu a li z e d Re s o u r c e s

Provisionin g of virtualize d resou r c e s before h a n d turn s out not to be
so simple, beca u s e it is known to caus e reso u r c e s to be und e r u t ilize d,
due to the difficulty of sche d ulin g othe r req u e s t s arou n d an inflexible
res e rv a ti o n.
• Provi s i o n i n g to Me e t SLA Com m i t m e n t s
Iaas clouds can be used to deploy service s that will be cons u m e d
by users othe r than the one that deploye d the service s. So, we have
cloud provide r s , service owne r s and service users .
 | 91

Service owne r s will ent e r into SLAs with their end user s, coverin g
gua r a n t e e s such as the timelin e s s .

Cloud provide r s are not directly expos e d to the service sem a n t i c s or the
SLAs that service owne r s may cont r a c t with their end users .

The cloud provide r’s task is to make sure that resou r c e alloca tion
requ e s t s are satisfie d with specific prob a bility and timelin e s s .
These req ui r e m e n t s are formalize d in infras t r u c t u r e SLAs betw e e n the
service owne r and cloud provide r, sep a r a t e from the high- level SLAs
betw e e n the service owne r and its end use r s.

DISTRI B U T E D MANAGEME N T OF VIRTUAL INFRASTR UC T U R E S

Ope n N e b u l a – an open sourc e virtual infras t r u c t u r e engin e - is capa bl e

of man a gi n g grou p s of interc o n n e c t e d VMs—with suppo r t for the Xen,
KVM, and VMWare platfor m s—wit hi n dat a cent e r s and privat e clouds
that involve a larg e amou n t of virtual and physical serve r s

The prim a r y targ e t of Open N e b u l a is to man a g e VMs.

Within Open N e b u l a , a VM is modele d as having the following attrib u t e s :

• A capaci ty in ter m s of memo ry and CPU.
• A set of NICs att a c h e d to one or more virtu al net wo r k s .
• A set of disk imag e s. In gene r al it might be nece s s a r y to tra n sfe r some
of thes e imag e files to/fro m the physical mac hin e the VM will be runnin g
in.
• A stat e file (option al) or recove ry file that cont ai n s the me mo ry imag e of
a run ni n g VM plus som e hype rviso r- specific inform a tio n

VM Mod e l and Life Cycl e

The life cycle of a VM within Open Nebul a follows seve r al stag e s :

• Res o u r c e Sel e c t i o n . Once a VM is req u e s t e d to Open Nebul a, a
feasible place m e n t plan for the VM must be mad e. Open Nebul a’s
defa ult sche d ul e r provide s an imple m e n t a t i o n of a rank sche d ulin g
policy, allowing site adminis t r a t o r s to configu r e the sche d ul e r to
prioritize the resou r c e s that are more suita bl e for the VM, using
infor m a ti o n from the VMs and the physical hosts
 | 92

• Res o u r c e Pre p ar a t i o n . The disk imag e s of the VM are tra n sf e r r e d to

the targ e t physic al reso u r c e . During the boot proce s s , the VM is
cont ext u a liz e d, a proc e s s whe r e the disk imag e s are specialize d to work
in a given environ m e n t .
• VM Crea ti o n . The VM is boot e d by the reso u r c e hyperviso r.
• VM Migr a t i o n . The VM pote n ti ally gets migr a t e d to a more suita ble
reso u r c e (e.g., to optimize the powe r cons u m p t i o n of the physical
reso u r c e s ).

• VM Ter m i n a t i o n . When the VM is going to shut down, Open N e b u l a can

tran sfe r back its disk imag e s to a know n location. This way, chan g e s in
the VM can be kept for a futur e use

VM Man a g e m e n t

Open Neb ul a man a g e s a VMs life cycle by combini n g thre e differ e n t

man a g e m e n t are a s:
• Virtu a l i z a t i o n by interfa ci n g with a physical resou r c e’s hyperviso r,
such as Xen, KVM, or VMWar e, to cont rol (e.g., boot, stop, or shut do w n)
the VM;
• Ima g e ma n a g e m e n t by tran sfe r r i n g the VM imag e s from an imag e
reposito ry to the select e d reso u r c e and by crea ti n g on- the- fly tem po r a r y
imag e s; and
• Ne t w o r k i n g by cre a ti n g local are a net wo r k s (LAN) to interc o n n e c t the
VMs and trackin g the MAC addr e s s e s leas e d in each netw o r k .

Virtu al i z a t i o n : Open Nebul a man a g e s VMs by interfa ci n g with the

physical resou r c e virtu aliza tio n tech n ology (e.g., Xen or KVM) using a
set of plugg a bl e driver s that decou pl e the man a gi n g proc e s s from the
unde rlying tech nolo gy. By decou plin g the Open Nebula core from the
virtualiza tion tech n olo gi e s thro u g h the use of a driver- bas e d
archit e c t u r e , addin g suppo r t for addition al virtu al mac hin e man a g e r s
only req uir e s writing a driver for it.

Ima g e Man a g e m e n t : VMs are suppo r t e d by a set of virtu al disks or

imag e s, which contai n s the OS and any othe r addition al softw a r e nee d e d
by the VM.

Open Neb ul a uses the following conc e p t s for its imag e man a g e m e n t
model
 | 93

• Ima g e Rep o s i t o r i e s refer to any stor a g e mediu m , local or remo t e , that

hold the base imag e s of the VMs. An image reposito ry can be a
dedic a t e d file serve r or a remo t e URL from an applian c e provide r, but
they nee d to be acces si bl e from the Open Nebula front- end.
• Virtu a l Mac h i n e Dire c t o r y is a direc to ry on the clust e r node whe r e a
VM is run ni n g. This direct o ry holds all deploym e n t files for the
hype rviso r to boot the machin e, check p oin t s , and imag e s being use d or
save d—all of them specific to that VM. This direc to ry should be shar e d
for most hype rviso r s to be able to perfor m live migr a tio n s . Any given
VM imag e goes throu g h the following step s along its life cycle:

• Pre p a r a t i o n implies all the nec es s a r y cha n g e s to be mad e to the

machin e’s imag e so it is pre p a r e d to offer the
service to which it is inte n d e d .
Open Neb ul a ass u m e s that the imag e s that confor m to a
partic ul a r VM are prep a r e d and place d in the acce s si bl e
imag e reposito ry.
• Clon i n g the imag e mea n s taking the imag e from the reposito ry
and placing it in the VM’s direc to ry in the
physical node whe r e it is going to be run before the VM is
actu ally boot e d. If a VM imag e is to be clone d, the
original imag e is not going to be used, and thus a copy will
be use d. There is a qualifier (clone) for the imag e s
that can mark them as targ e ti n g for cloning or not.

• Save /r e m o v e . If the save qualifier is disabl e d, once the VM has

bee n shut down, the imag e s and all the chan g e s
the r e of are going to be dispos e d of. How ev e r, if the save
qualifier is activat e d, the imag e will be saved for late r
use.

SCHED U LI N G TECH NI Q U E S FOR ADVANCE RESERVATIO N OF

CAPACITY

Advanc e rese rv a tio n s lead to utilization probl e m s , caus e d by the nee d to

vacat e resou r c e s before a rese rv a tio n can begin.
Advanc e res e rv a ti o n s can be suppo r t e d more efficien tly by using a
sche d ul e r capa bl e of pre e m p t i n g runnin g jobs at the start of the
rese rv a tio n and resu mi n g the m at the end of the res e rv a tio n.
Pree m p t i o n can also be used to run large par allel jobs.
While pre e m p t io n can be acco m plis h e d trivially by canc eling a run ni n g
job, the leas t disru p tiv e form of pree m p ti o n is check pointing, whe r e the
 | 94

pre e m p t e d job’s entir e stat e is save d to disk, allowing it to res u m e its

work from the last check poi n t .

Res e r v a t i o n s with VMs

Virtualiza tio n tech n ologi e s are a key enabl e r of many featu r e s found in
IaaS clouds. Virtual mac hi n e s are also an app e alin g vehicle for
imple m e n t i n g efficient rese rv a tio n of resou r c e s due to their ability to be
susp e n d e d , pote n ti ally migra t e d , and res u m e d withou t modifying any of
the applica tion s run nin g inside the VM.

Howev e r, virtual machin e s also raise addition al challen g e s relat e d to the

overh e a d of using VMs
• Pre p a r a t i o n Overh e a d . When using VMs to imple m e n t res e rv a t io n s , a
VM disk imag e must be eithe r prep a r e d on- the- fly or tra n sfe r r e d to the
physical node whe r e it is nee d e d . Since a VM disk imag e can have a size
in the orde r of giga byt e s , this pre p a r a t i o n overh e a d can significa n tly
delay the star ti n g time of leas e s. This delay may, in some case s, be
unac c e p t a b l e for adva n c e res e rv a ti o n s that must start at a specific time.
• Run t i m e Over h e a d . Once a VM is runnin g, sche d uli n g primitives
such as check p oi n ti n g and res u mi n g can incur in
significan t overh e a d since a VM’s entire mem o ry spac e must be
save d to disk, and the n rea d from disk. Migra tio n involves
tran sfe r ri n g this saved memo ry along with the VM disk imag e.
Similar to deploym e n t overh e a d , this overh e a d can res ult in
notice a bl e delays.

The Haizea project was cre a t e d to develop a sche d ul e r that can

efficiently suppo r t adva n c e res e rv a t io n s efficiently by using
susp e n d / r e s u m e / m i g r a t e capa bility of VMs, but minimizin g the overh e a d
of using VMs.
The funda m e n t a l reso u r c e provisionin g abs t r a c t io n in Haize a is the
leas e, with thre e type s of leas e curr e n t ly suppo r t e d :
• Advan c e d res e r v a t i o n lea s e s , wher e the resou r c e s must be availa ble
at a specific time.
• Be s t- effor t lea s e s , whe r e resou r c e s are provision e d as soon as possibl e
and requ e s t s are place d on a queu e if nece s s a r y.
• Im m e d i a t e lea s e s , whe r e reso u r c e s are provision e d when requ e s t e d or
not at all.
 | 95

• Leas i n g Mod e l: Leas e is define d as “a negotia t e d and ren e g o ti a bl e

agre e m e n t betw e e n a reso u r c e provide r and a resou r c e consu m e r ,
whe r e the form e r agr e e s to make a set of resou r c e s availabl e to the
latte r, bas e d on a set of leas e ter m s pres e n t e d by the reso u r c e
cons u m e r . ”
The ter m s must enco m p a s s the following: the hard w a r e resou r c e s
req ui r e d by the resou r c e cons u m e r , such as CPUs, me mo ry, and
netw o r k band wi d t h; a softw a r e enviro n m e n t requir e d on the leas e d
reso u r c e s ; and an availability period during which a user requ e s t s
that the har d w a r e and softw a r e resou r c e s be availabl e

• A lease is imple m e n t e d as a set of N VMs, each allocat e d reso u r c e s

desc ri b e d by a tuple (p, m, d, b), wher e p is num b e r of CPUs, m is
mem o ry in MB, d is disk spac e in MB, and b is net wo r k band wi d t h in
MB/sec .

Capa c i ty Man a g e m e n t To Me e t SLA Com m i t m e n t s

IaaS provide r s perfor m two comple m e n t a r y man a g e m e n t tasks:

• capacity plan ni n g to make sure that SLA obliga tion s are met
as cont r a c t e d with the service provide r s and

• contin u o u s optimiza tion of reso u r c e utilization given specific

workloa d to make the most efficient use of the
existing capa city

In an IaaS model it is expec t e d from the service provide r that it sizes

capa city dem a n d s for its service. If resou r c e dem a n d s are provide d
corr e c tly and are inde e d satisfie d upon req u e s t , then desir e d user
expe rie n c e of the service will be gua r a n t e e d .
A risk mitigation mec h a ni s m to prot e c t use r expe ri e n c e in the IaaS
model is offere d by infra s tr u c t u r e SLAs (i.e., the SLAs form alizing
capa city availability) signe d betw e e n service provide r and IaaS provide r.

Ther e are thre e main app ro a c h e s

• No SLAs . This appro a c h is bas e d on two pre mis e s : (a) Cloud always has
spar e capa city to provide on dem a n d , and (b) servic es are not QoS
sensitive and can withst a n d mode r a t e perfor m a n c e degr a d a t i o n. This
met ho d olo gy is best suite d for the best effort workloa d s
• Prob a b i l i s t i c SLAs . Thes e SLAs allow us to tra d e capa city availability
for cost of cons u m p ti o n. Prob a bilistic SLAs specify claus e s that
dete r m i n e availability perc e n tile for cont r a c t e d reso u r c e s comp u t e d
 | 96

over the SLA evalua tio n period. The lower the availability perc e n t ile,
the che a p e r the cost of reso u r c e cons u m p t i o n
• Det e r m i n i s t i c SLAs . Thes e are, in fact, prob a bilistic SLAs whe r e
reso u r c e availability perc e n tile is 100%. These SLAs are most string e n t
and difficult to gua r a n t e e . From the provide r’s point of view, they do
not admit capa ci ty multiplexin g. Ther efo r e this is the most costly option
for service provide r s , which may be applied for critical service s
Elas t i c i t y rul e s are scaling and de- scaling policies that guide
tran sition of the servic e from one configu r a t io n to anoth e r to matc h
cha n g e s in the environ m e n t . The main motivatio n for defining thes e
policies ste m s from the pay- as yougo billing model of IaaS clouds.
The servic e owne r is inter e s t e d in paying only for wha t is really
req ui r e d to satisfy workloa d dem a n d s minimizin g the over-
provisionin g overh e a d

Ther e are thre e types of elas ticity rules:

• Tim e - drive n : Thes e rules cha n g e the virtual resou r c e s array in
res po n s e to a timer event. Thes e rules are useful for pre dict a bl e
workloa d s—for exam pl e, for service s with well- known busine s s cycles.
• OS Level Metri c s - Drive n : Thes e rules reac t on predic a t e s define d in
ter m s of the OS par a m e t e r s obse rv a bl e in the black box mode. These
auto- scaling policies are useful for tra n s p a r e n t l y scaling and de- scaling
servic es ..
• Appli c a t i o n Metri c s - Drive n . This is a uniqu e RESERVOIR offering
that allows an applica tion to supply applica tio n- specific policies that will
be tran s p a r e n t l y execu t e d by IaaS middlew a r e in reac ti n g on the
monito ri n g inform a ti o n supplie d by the service- specific monito ri n g
prob e s run ni n g inside VMs.

Clu s t e r as a Servi c e ( C a a S )

RVWS Des i g n
• While Web service s have simplified resou r c e acce s s and man a g e m e n t , it is
not possible to know if the resou r c e ( s) behin d the Web service is (are) rea dy
for requ e s t s . Clients need to excha n g e num e r o u s mess a g e s with req ui r e d
Web service s to learn the curr e n t activity of reso u r c e s and thus face
significa n t overh e a d loss if most of the Web service s prove ineffective
• client s still have to locat e the service s the m s elv e s.
• Finally, the Web service s have to be stat eful so that they are able to best
reflec t the curr e n t stat e of their resou r c e s .
 | 97

This was the motivatio n for cre a ti n g the RVWS fram e w o r k (Resou r c e s Via
Web Service s)

RVWS combin e s dyna mi c attrib u t e s , stat eful Web service s (awa r e of their
past activity), stat ef ul and dyna mi c WSDL docu m e n t s , and broke ri n g into a
single, effective, servic e- bas e d fram e w o r k

Dyn a m i c Attrib u t e Expo s u r e

Ther e are two cate go ri e s of dyna mic attrib u t e s addr e s s e d in the RVWS
fram e w o r k
• Stat e

• Char a c t e r i s tic
Stat e att rib u t e s cover the curr e n t activity of the service and its reso u r c e s ,
thus indicati n g rea di n e s s .
Exa m p l e : A Web service that expos e s a clust e r (itself a complex
reso u r c e ) would most likely have a dyna mic stat e attrib u t e
that indicat e s how many node s in the clust e r are busy and
how many are idle.

Char a c t e r i s ti c attrib u t e s cover the oper a tio n al feat u r e s of the service, the
resou r c e s behind it, the quality of servic e (QoS), price and provide r
inform a tio n.
Exa m p l e : A possible char a c t e r i s tic is an array of suppo r t softw a r e within
the clust e r.
 | 98

To keep the stat ef ul Web service curr e n t , a Conne c t o r is used to dete c t

chan g e s in resou r c e s and then inform the Web service.

The Conne c t o r has thre e logical modul e s:

• Detection

• Decision

• Notification.

The Detec tio n module routin ely que ri e s the reso u r c e for attrib u t e
inform a tio n (1- 2). Any cha n g e s in the attrib u t e s are pass e d to the Decision
modul e (3) that decide s if the attrib u t e chan g e is large enoug h to warr a n t a
notifica tio n. This preve n t s exces sive com m u ni c a ti o n with the Web service.
Upda t e d attrib u t e s are pass e d on to the Notification modul e (4), which
inform s the stat eful Web service (5) that upd a t e s its inter n al stat e. When
client s requ e s t s the stat ef ul WSDL docu m e n t (6), the Web service retu r n s
the WSDL docu m e n t with the values of all attrib u t e s (7) at the requ e s t time.

Stat e f u l WSDL Doc u m e n t Crea ti o n

• When exposin g the dyna mic attri b u t e s of resou r c e s , the RVWS fram e w o r k
allows Web service s to expos e the dyna mi c attrib u t e s throu g h the WSDL
docu m e n t s of Web service s.
 | 99

• The Web Service Descri ption Lang u a g e (WSDL) gover n s a sche m a that
desc ri b e s a Web service and a docu m e n t writt e n in the sche m a
• All inform a t io n of servic e resou r c e s is kept in a new WSDL section called
Resou r c e s .
• For each resou r c e behind the Web service, a Resou r c eI nfo section exists.
• Each Resou r c e I nfo section has a resou r c e- id attrib u t e and two child
sections: stat e and char a c t e r i s ti c.
• All reso u r c e s behind the Web service have uniqu e identifier s. When the
Conne c t o r lear n s of the reso u r c e for the first time, it publish e s the resou r c e
to the Web service.

Pu bli c a t i o n in RVWS

To help eas e the publica tio n and discove ry of req ui r e d service s with stat ef ul
WSDL docu m e n t s , a Dyna mic Broke r was propos e d .
The goal of the Dyna mic Broke r is to provide an effective public ation and
discove ry servic e base d on service, resou r c e , and provide r dyna mic
att rib u t e s .
 | 100

When publishi n g to the Broke r (1), the provide r sends attrib u t e s of the Web
service to the Dyna mic Broke r.
The dyna mi c attrib u t e s indicat e the function ality, cost, QoS, and any othe r
att rib u t e s the provide r wishe s to have publish e d abou t the service.
Furt h e r m o r e , the provide r is able to publish inform a t io n about itself, such
as the provide r’s conta c t details and rep u t a ti o n.
After publica tio n (1), the Broke r gets the stat ef ul WSDL docu m e n t from the
Web service (2).
After gettin g the stat ef ul WSDL docu m e n t , the Dyna mic Broke r extra c t s all
resou r c e dyna mic attri b u t e s from the stat ef ul WSDL docu m e n t s and stor e s
the resou r c e attrib u t e s in the reso u r c e s stor e.
The Dyna mic Broker then store s the (stat el e s s) WSDL docu m e n t and service
att rib u t e s from (1) in the service stor e. Finally, all attrib u t e s abou t the
provide r are plac e d in the provide r s stor e.
As the Web servic e chan g e s , it is able to send a notifica tio n to the Broke r (3)
which then upda t e s the releva n t attrib u t e in the releva n t store.

Auto m a t i c Dis c o v e r y an d Sel e c t i o n

 | 101

When discove ri n g servic es , the client sub mi t s to the Dyna mic Broker
thre e grou p s of requir e m e n t s
• servic e

• reso u r c e

• provide r.

The Dyna mic Broke r comp a r e s each requir e m e n t group on the relat e d
dat a store (2). Then, after gettin g matc h e s , the Broke r applies filterin g
(3). As the client using the Broker could vary from hum a n oper a t o r s to
othe r softwa r e units, the resultin g matc h e s have to be filtere d to suit
the client. Finally, the filter e d result s are ret u r n e d to the client (4).

Clu s t e r as a Servi c e
The purpo s e of the CaaS Technolo gy is to eas e the publica tio n, discove ry,
selection, and use of existin g comp u t a ti o n a l clust e r s .

A typical clust e r is comp ris e d of thre e elem e n t s :

• Node s

• Data stora g e and

• Middle w a r e .
 | 102

The middlew a r e virtualize s the clust e r into a single syste m imag e; thus
reso u r c e s such as the CPU can be used withou t knowing the
orga niza tio n of the clust e r.
• Sc h e d u l e r : man a g e s the allocatio n of jobs to node s

• Mo n i t o r : monitor s the activity of the clust e r

• Pu bli s h e r Web servi c e was to expos e the dyna mic attrib u t e s of the clust e r

via the stat ef ul WSDL docu m e n t .

• Furt h e r m o r e , the Publis h e r service is publis h e d to the Dyna mic Broke r so
client s can easily discove r the clust e r.
• To find clust e r s , the CaaS Service make s use of the Dyn a m i c Brok e r .

The role of the CaaS Service is to

 provide easy and intuitive file tra n sf e r tools so clients can
uploa d jobs and downlo a d res ult s and
 offer an easy to use interfa c e for client s to monito r their jobs.

The CaaS Servic e com m u ni c a t e s with the clust e r’s sche d ul e r , thus freeing
the client from nee din g to know how the sche d ul e r is invoked whe n
submit ti n g and monitori n g jobs.

CaaS Servi c e Des i g n

The CaaS service can be descri b e d as having four main tasks:

• clust e r discove ry and selec tion

 | 103

• res ult orga niz a tio n

• job man a g e m e n t and

• file man a g e m e n t .

Each modul e in the CaaS Service enca p s u l a t e s one of the tasks and is
able to com m u ni c a t e with othe r modul e s to exte n d its function ality .

• The modul e s inside the CaaS Web service are only acces s e d throu g h an
inte rf a c e

• Invoking an oper a tio n on the CaaS Service Inte rf ac e (discove ry, etc.)
invoke s oper a tio n s on various modul e s.

Before a client uses a clust e r , a clust e r mus t be discove r e d and select e d

first.
 | 104

 client s submi t clust e r requir e m e n t s in the form of attrib u t e

values to the CaaS Servic e Inte rf a c e . (The requir e m e n t s rang e
from the num b e r of node s in the clust e r to the installe d
softw a r e (both oper a ti n g syste m s and softw a r e APIs).
 The CaaS Servic e Inte rfa c e invokes the Clust e r Finde r modul e
 Cluste r Finde r module com m u nic a t e s with the Dyna mic Broke r
(and retu r n s service matc h e s (if any).
 To addr e s s the detaile d result s from the Broke r, the Clust e r
Find e r modul e invokes the Result s Orga niz e r module
 Results Orga nize r module takes the Broke r res ult s and ret u r n s
an orga niz e d version that is retu r n e d to the client. The
orga nize d res ult s instr u c t the client what clust e r s satisfy the
specified req ui r e m e n t s .
 After reviewin g the res ult s, the client choos e s a clust e r.

• All requir e d data, para m e t e r s , such as estim a t e d runti m e , are uploa d e d to

the CaaS Service (1).
• Once the file uploa d is comple t e , the Job Mana g e r is invoke d (2).

• It resolves the tran sf e r of all files to the cluste r by invoking the File
Mana g e r (3) that make s a conn e c tio n to the clust e r stora g e and com m e n c e s
the tra n sf e r of all files (4).
• Upon compl etio n of the tran sfe r , the outco m e is repo r t e d back to the Job
Mana g e r (5).
• On failur e, a repor t is sent and the client can decid e on the appr o p ri a t e
action to take. If the file tran sf e r was succe s sful, the Job Man a g e r invokes
the sche d ul e r on the clust e r (6).
• If the outco m e of the sche d ul e r (6) is succe s sful, the client is then inform e d
(7- 8). The outco m e includ e s the respo n s e from the sche d ul e r, the job
 | 105

identifier the sche d ul e r gave to the job, and any othe r inform a tio n the
sche d ul e r provides .

• During executio n, client s should be able to view the exec utio n prog r e s s of
their jobs.
• The client conta c t s the CaaS servic e interfa c e (1) that invokes the Job
Mana g e r modul e (2).
• No matt e r what the oper a tio n is (check, paus e, or ter mi n a t e ), the Job
Mana g e r only has to com m u ni c a t e with the sche d ul e r (3) and
• repo r t s back a succe s sful outco m e to the client (4- 5).

Res u l t Coll e c t i o n :
• Clients start the error or res ult file tra n sf e r by cont a c ti n g the CaaS Servic e
Inte rf ac e (1) that then invokes the File Mana g e r (2) to retri ev e the files from
the clust e r’s data stora g e (3).
• If ther e is a tran sfe r error, the File Mana g e r atte m p t s to resolve the issue
first befor e informin g the client.
 | 106

• If the tra n sf e r of files (3) is succe s sf ul, the files are ret u r n e d to the CaaS
Servic e Inte rf a c e (4) and the n the client (5).
• When ret u r ni n g the files, URL link or a FTP add r e s s is provide d so the client
can ret rieve the files.

Se c u r e Dis tri b u t e d Dat a Stor a g e in Clou d Com p u t i n g

Movi n g Fro m LANs to WAN s

• Most desig n s of distrib u t e d stor a g e take the form of eithe r stor a g e

are a netw o r k s (SANs) or netw o r k- atta c h e d stor a g e (NAS) on the LAN
level, such as the netw o r k s of an ente r p r i s e , a cam p u s , or an
orga niza tio n.
• SANs are const r u c t e d on top of block- addr e s s e d stora g e units
conn e c t e d throu g h dedic a t e d high- spee d netwo r k s .
• In contr a s t , NAS is imple m e n t e d by att ac hi n g speci alize d file serve r s
to a TCP/IP netw o r k and providing a file- bas e d interfa c e to client
machin e
• Howeve r , such a secu rity syste m would not be robu s t enou g h to
secu r e the dat a in distrib u t e d stora g e applica tio n s at the level of wide
are a netw o r k s , specifically in the cloud comp u ti n g environ m e n t

Exis ti n g Com m e r c i a l Clou d Servi c e s

Data stor a g e service s on the platfor m of cloud comp u ti n g are

fund a m e n t a lly provide d by applica tio n s/ s oft w a r e base d on the Inte r n e t

In norm al netwo r k- bas e d applic ation s, user auth e n ti c a ti o n, dat a

confide n ti ality, and data integ rity can be solved throu g h IPSec proxy
using encryp tio n and digital signa t u r e . The key excha n gi n g issues can be
solved by SSL proxy.

Thes e met ho d s have bee n applied to today’s cloud comp u ti n g to secu r e

the dat a on the cloud and also secur e the com m u n ic a t io n of data to and
from the cloud

AWS Data Proc e s s i n g Proc e d u r e

 | 107

Micr o s o f t Win d o w s Azure

Goo g l e App En gi n e
 | 108

• The SDC const r u c t s an encryp t e d conn e c tio n betw e e n the dat a sourc e
and Google Apps. As long as the dat a sourc e is in the Google Apps
domai n to the Google tunn el protocol serve r s , whe n the use r want s to
get the data, he/sh e will first send an autho riz e d data requ e s t s to
Google Apps, which forwa r d s the req u e s t to the tunn el serve r.
• The tunn el serve r s validat e the req u e s t identity. If the identity is valid,
the tunn el protoc ol allows the SDC to set up a conn e c tio n,
aut h e n t i c a t e , and encry p t the data that flows acros s the Inter n e t . At
the sam e time, the SDC uses resou r c e rules to validat e whet h e r a user
is autho riz e d to acces s a specified resou r c e .
• When the req u e s t is valid, the SDC perfor m s a netw o r k req u e s t . The
serve r validat e s the signe d req u e s t , checks the cred e n ti al s, and
retu r n s the dat a if the use r is autho rize d
• From the pers p e c tiv e of cloud stora g e service s, data integ ri ty dep e n d s
on the secu rity of oper a tio n s while in stor a g e in addition to the
secu ri ty of the uploa di n g and downlo a di n g session s.
• The uploa di n g session can only ens u r e that the dat a receive d by the
cloud stora g e is the dat a that the user uploa d e d;
• The downloa di n g session can gua r a n t e e the dat a that the user
retriev e d is the dat a cloud stor a g e recor d e d .
• Unfort u n a t e l y, this proce d u r e applie d on cloud stora g e service s
canno t gua r a n t e e dat a integ ri ty
• First, assu m e that Alice, a comp a ny CFO, store s the comp a n y financi al
dat a at a cloud stora g e servic e provide d by Eve.
• And then Bob, the comp a ny adminis t r a t i o n chair m a n , downlo a d s the
dat a from the cloud.

There are thre e import a n t conce r n s in this simple proc e d u r e :

 | 109

• 1. Confi d e n t i a l i t y . Eve is consid e r e d as an untr u s t w o r t h y third party,

Alice and Bob do not want reveal the dat a to Eve.
• 2.In t e g r i t y . As the adminis t r a t o r of the stor a g e service, Eve has the
capa bility to play with the dat a in han d. How can Bob be confide n t
that the dat a he fetch e d from Eve are the sam e as wha t was sent by
Alice? Are the r e any mea s u r e s to guar a n t e e that the dat a have not
bee n tam p e r e d by Eve?
• 3 . Rep u d i a t i o n . If Bob finds that the dat a have bee n tam p e r e d with,
is the r e any evide n c e for him to demo n s t r a t e that it is Eve who should
be res po n si bl e for the fault? Similarly, Eve also nee d s cert ai n evide n c e
to prove her innoce n c e .

Sol u t i o n s for Mis s i n g Link

Third Authority Certified(TAC)
Secr e t Key Shari n g(SKS)

Four Sol u t i o n s
• Neith e r TAC nor SKS
• With SKS but withou t TAC
• With TAC but withou t SKS
• With Both TAC and SKS
 | 110

TECH N OLOGIES FOR DATA SECURITY IN CLOUD COMP UTI N G

 | 111

Uniqu e issue s of the cloud dat a stor a g e platfor m from a few differe n t
pers p e c t iv e s
– Data b a s e Outs o u r c i n g and Query Int e g r i t y Ass ur a n c e
• Storin g dat a into and fetchin g dat a from devices and
machin e s behin d a cloud are esse n ti ally a novel form of
dat a b a s e outso u r ci n g
– Data Int e g r i t y in Untr u s t w o r t h y Stor a g e
• The fear of losing dat a or data corr u p tio n
• Relieve the user s’ fear by providin g tech nolo gi e s that
ena bl e use r s to check the inte g rity of their dat a
– Web- Appli c a t i o n - Bas e d Se c u r i t y
• Once the data s e t is store d remot ely, a Web brows e r is one
of the most conve nie n t appr o a c h e s that end user s can use
to acces s their data on remo t e servic es
• Web secu rity plays a more impor t a n t role for cloud
comp u ti n g
– Multi m e d i a Data Se c u r i ty
• With the develop m e n t of high- spee d netwo r k tech n ologi e s
and large band w id t h conn e c tio n s , more and more
multim e di a data are being store d and shar e d in cyber
spac e
• The secu ri ty requir e m e n t s for video, audio, pictu r e s , or
imag e s are differ e n t from othe r applica tio n s

Data b a s e Outs o u r c i n g and Query Int e g r i t y Ass ur a n c e

• Data b a s e outso u r ci n g has beco m e an impor t a n t compo n e n t of cloud
comp u ti n g as
– The cost of tran s m i t ti n g a tera by t e of data over long dist a n c e s
has dec re a s e d significa n tly
– The total cost of data man a g e m e n t is five to ten times highe r
than the initial acquisition costs
– A growing inter e s t in outsou r ci n g data b a s e man a g e m e n t tasks
to third parti e s can provide thes e tasks for a much lower cost
due to the econo my of scale
– The benefits of redu ci n g the costs for runnin g Data b a s e
Mana g e m e n t Syste m s (DBMS) inde p e n d e n t ly ena bling
ente r p r i s e s to conce n t r a t e on their main busine s s e s
• The gene r a l archit e c t u r e of a dat a b a s e outso u r ci n g environ m e n t with
client s
– The dat a b a s e owne r outso u r c e s its data man a g e m e n t tasks
– Clients send que ri e s to the untr u s t e d service provide r
 | 112

•The dat a is pre p r o c e s s e d , enc ryp t e d , and stor e d at the

servic e provide r
– For evalu a ti n g queri e s, a user rew rit e s a set of que rie s agains t
the data to que ri e s agains t the enc ryp t e d data b a s e

• The outso u r ci n g of dat a b a s e s to a third- party service provide r raise s

– Two secu rity conce r n s
• Data privacy and
• Query integ rity
Data Priva cy Prot e c t i o n
– A met ho d to execu t e SQL que ri e s over enc ryp t e d data b a s e s
• To proce s s as much of a que ry as possible by the service
provide r s , withou t having to decryp t the data
• Decryptio n and the rem ai n d e r of the que ry proce s si n g are
perfor m e d at the client side
– An orde r- pres e r vi n g encryp tio n sche m e for num e ric value s
– Qu ery Int e g r i t y Ass u r a n c e
– Query integ rity exa mi n e s the trus t w o r t hi n e s s of the hosting
environ m e n t
– When a client receives a que ry res ult from the servic e provide r
• Assure s that the result is both corr e c t and comple t e
• Corre c t mea n s that the res ult must origin a t e in the
owne r’s dat a and not has bee n tam p e r e d with
• Comple t e mea n s that the res ult includ e s all recor d s
satisfying the que ry
– A solution nam e d dual encry p tion
• Ensu r e que ry integ ri ty withou t requiri n g the data b a s e
engin e to perfor m any speci al function beyon d query
proc e s si n g

Data Int e g r i t y in Untr u s t w o r t h y Stor a g e

The fear of loss of cont rol on their data is one of the major conce r n s that
preve n t end use rs from migra ti n g to cloud stor a g e service s
Differe n t motiva tion s for a stor a g e service provide r could beco m e
untr u s t w o r t h y
• To cover the conse q u e n c e of a mistak e in oper a tio n
 | 113

• Or deny the vulne r a bility in the syste m afte r the dat a have bee n
stolen by an adve r s a r y
Before cloud comp u ti n g, seve r al remo t e dat a stora g e checkin g protocols
have bee n sugg e s t e d
In practic e , a rem ot e data poss e s sio n checki n g protocol has to satisfy the
following five requir e m e n t s
Req u ir e m e n t # 1
• The verifier has to poss e s s a comple t e copy of the dat a to
be check e d
• In practic e , it does not make sens e for a verifier to keep a
duplic at e d copy of the cont e n t to be veri fie d
• Storin g a more concis e cont e n t s diges t of the dat a at the
verifier should be enou g h
Req u ir e m e n t # 2
• The protoc ol has to be very robu s t consid e ri n g the
untr u s t w o r t h y prove r
• A malicious prove r is motivat e d to hide the violation of
dat a integ ri ty
• The protoc ol should be robu s t enou g h that such a prove r
ough t to fail in convincin g the verifier
Req u ir e m e n t # 3
• The amou n t of inform a t io n excha n g e d durin g the
verificatio n oper a tio n should not lead to high
com m u n ic a t io n overh e a d
Req u ir e m e n t # 4
• The protoc ol should be comp u t a t i o n a lly efficient
Req u ir e m e n t # 5
• It ought to be possible to run the verificatio n an unlimite d
num b e r of times

• A PDP- Ba s e d Inte g r i t y Che c k i n g Prot o c o l

• Base d on the prova bl e data proce s sio n (PDP) tech nology
• Allows use r s to obtain a prob a bilistic proof from the
stora g e servic e provide r s
• Used as eviden c e that their dat a have bee n store d ther e
• The proof could be gene r a t e d by the stor a g e servic e provide r by
acce s si n g only a small portion of the whole dat a s e t
• The amou n t of the met a d a t a that end use r s are requir e d to store
is also small, i.e., O(1)
• Such a small amou n t data exch a n gi n g proce d u r e lowers
the overh e a d in the com m u n i c a ti o n chan n el s
 | 114

• The flowch a r t s of the protocol for provabl e data posse s sio n

– The data owne r, nam ely the client, execut e s the protocol to
verify that a data s e t is stor e d in an outsou r c e d stor a g e mac hin e
• As a collection of n blocks
– Before uploa di n g the data into the remo t e stora g e
• The dat a owne r pre- proce s s e s the dat a s e t and a piece of
met a d a t a is gene r a t e d
• The met a d a t a are stor e d at the dat a owne r’s side
– The dat a s e t will be tran s mi t t e d to the stora g e serve r
– The cloud stor a g e service store s the data s e t
• Send s the data to the user in respo n di n g to que ri e s from
the data owne r in the futur e
– As part of pre- proc e s si n g proc e d u r e , the data owne r (client) may
condu c t oper a ti o n s on the dat a
 | 115

•e.g., Expa n di n g the dat a or gene r a t i n g addition al

met a d a t a to be stor e d at the cloud serve r side
– The dat a owne r could execu t e the PDP protocol befor e the local
copy is delet e d
• To ens u r e that the uploa d e d copy has been stor e d at the
serve r mac hin e s succe s sf ully
– The data owne r may encryp t a dat a s e t befor e tra n sfe r r i n g the m
to the stor a g e mac hi n e s

Web- Appli c a t i o n - Bas e d Se c u r i t y

• In cloud comp u ti n g environ m e n t s , reso u r c e s are provide d as a service
over the Inter n e t in a dyna mi c, virtu alize d and scalabl e way.
• Henc e, web secu rity plays an import a n t role in the era of cloud
comp u ti n g
• The web site serve r is the first gat e that gua r d s the cloud resou r c e s .
Any web secu rity vulne r a b ility will be amplified at the level of whole
cloud
Type s of atta c k s :
• Authe n tic a tio n
• Authoriz a tio n,
• Client- side atta c k s
• Comm a n d Execution
• Inform a ti o n Disclos u r e
• Logical Attacks
• Auth e n t i c a t i o n : It is the proc e s s of verifying a claim that a subjec t
mad e to act on beh alf of a given princip al.
• Authe n tic a tio n atta c k s targ e t a web site’s met ho d of valida tin g the
identity of a user, service or applica tion
Thes e atta c k s could be
• Bru t e Forc e: This atta ck employs an auto m a t e d proce s s to gues s a
pers o n’s use r n a m e and pass w o r d by trail and erro r
• Ins u f fi c i e n t Auth e n t i c a t i o n : Som e sensitive cont e n t or function ality
are prot e c t e d by hiding the specific location in obscu r e string but still
rem ai n s acce s si bl e directly throu g h a specific URL
• Pas s w o r d Rec o v e r y: This service will auto m a t i c ally recove r the
user n a m e and pass w o r d to the user if he or she can ans w e r some
ques tion s define d as part of the regis t r a t i o n proc e s s . If the recove ry
ques tion s are eithe r easily gues s e d or can be skippe d, this websit e is
consid e r e d to be Weak Pass w o r d Recove ry Validation
• Auth o r i z a t i o n : It is used to verify if an auth e n ti c a t e d subjec t can
perfor m a cert ai n oper a tio n
• Ex: Only cert ai n user s are allowe d to acce s s specific conte n t or
function ality
 | 116

• Authe n tic a tio n should prec e d e Authoriz a tion

Type s of Atta c k s
• Ins u f fi c i e n t Auth o r i z a t i o n : occur s when a web site does not prot e c t
sensitive cont e n t of function ality with prop e r acce s s cont rol
rest riction s .
• Cred e n t i a l / S e s s i o n Pred i c t i o n atta c k : This atta c k deduc e s or
gues s e s the uniqu e session ID of a session to hijack or impe r s o n a t e a
user.
• Ins u f fi c i e n t Se s s i o n Expira ti o n : occu r s when an atta c k e r is allowe d
to reus e old session cre d e n t i al s or session IDs for autho riz a tio n
• Se s s i o n Fixati o n forces a user’s session ID to an arbit r a r y value via
cross- site Scriptin g. Once the user logs in, the atta c k e r uses the
pre d efin e d session ID to impe r s o n a t e the victim’s identity
• Clie n t sid e atta c k s : Thes e atta ck s trap use r to click a link in a
malicious web pag e and then use the trus t relation s hi p expec t a t io n s of
the victim for the real web site
Type s of Atta c k s :
• Cont e n t Sp o o f i n g : The malicious web pag e can trick a user into
typing user n a m e and pass w o r d and will use this inform a ti o n to
impe r s o n a t e the use r.
• Cros s - Sit e Scri p t i n g ( C S S ) : This att a ck launc h e s atta c k e r supplie d
execu t a bl e code in the victim’s brows e r . Since the code runs within
the secu ri ty cont ext of the hostin g web site, the code has the ability to
rea d, modify, and tra n s m i t any sensitive data.
• Com m a n d Exe c u t i o n : Thes e atta c k s exploit serve r- side
vulne r a bilities to execu t e remo t e com m a n d s on the web site
• Infor m a t i o n Dis c l o s u r e : Thes e atta c k s acqui r e sensitive infor m a tio n
about a web site reve al e d by develop e r com m e n t s , erro r mess a g e s , or
well- known file nam e conve n tio n s
• Logi c a l Atta c k s : Logical atta c k s involve exploit ation of a web
applica tion’s logic flow. A com m o n logical atta c k is Denial of
Servic e(DO S) atta c k. Dos att ac k s will atte m p t to cons u m e all availa ble
reso u r c e s in the web serve r such as CPU, mem o ry, disk spac e by
abusi n g the function ality provide d by the web site.

Multi m e d i a Data Se c u r i ty Stor a g e

With the rapid develop m e n t s of multim e di a tech n ologi e s , more and more
multim e di a cont e n t s are being stor e d and deliver e d over many kinds of
devices, dat a b a s e s and netw o r k s
Multim e di a Data Secu ri ty plays an import a n t role in the dat a stora g e to
prot e c t multim e di a data.
• Prot e c t i o n fro m una u t h o r i z e d Repli c a t i o n : Cont e n t s replica tio n is
req ui r e d to gen e r a t e and keep multiple copies of cert ai n multim e di a
 | 117

cont e n t s . Althou g h the replica tio n can improve the syste m

perfor m a n c e , the unau t h o riz e d replic a tion caus e s som e proble m s such
as cont e n t s copyrig h t, wast e of replica tion cost and extra cont rol
overh e a d s
• Prot e c t i o n fro m un a u t h o r i z e d Repl a c e m e n t : As stora g e capa city
is limite d, a replac e m e n t proce s s must be carrie d out when the
capacity exce e d s its limit. If an unau t h o riz e d replac e m e n t happ e n s ,
the cont e n t which the user does n ' t want to delet e will be remov e d
res ultin g in an accide n t of the data loss
• Prot e c t i o n fro m un a u t h o r i z e d Pre- fet c h i n g : If a cont e n t can be
pre dict e d to be requ e s t e d by the use r in futur e requ e s t s , this cont e n t
will be fetch e d from the serve r data b a s e to the end user befor e this
user requ e s t s it, in orde r to decr e a s e the res po n s e time. Althou g h
Pre- fetchin g is efficient, unau t h o riz e d pre- fetchin g should be avoide d
to make the syste m to fetch the nec e s s a r y cont e n t .

PLATFOR M- AS- A-SERVICE

Cloud Compu ti n g open s new opport u n i ti e s to small, mediu m- sized, and
larg e comp a ni e s
• Not nece s s a r y anymo r e to bea r consid e r a b l e costs for
maint ai nin g the IT infras t r u c t u r e s or to plan for peak
dem a n d
• Infras t r u c t u r e and applica tio n s can scale elastically
accor di n g to the busine s s nee d s at a rea so n a bl e price

Led to the esta blis h m e n t of the conce p t of Public Cloud

• Repr e s e n t s a publicly acces si ble distrib u t e d syste m
hosting the executio n of applica tio n s and providing servic es billed on a
pay- per- use basis
Such a solution built on outso u r ci n g the entire IT infras t r u c t u r e to third
partie s would not be applica bl e in many case s
Especi ally when ther e are critical oper a ti o n s to be perfor m e d and
secu ri ty conce r n s to consid e r
With the public cloud distrib u t e d anyw h e r e on the plan e t , legal issue s
arise
Difficult to rely on a virtual public infras t r u c t u r e for any IT
oper a tio n
 | 118

• Data location and confide n ti ality are two of the major

issue s that scar e stak e h ol d e r s to move into the cloud
Data that might be secu r e in one count ry may not be secur e in anoth e r
• Users of cloud service s do not know wher e their
infor m a ti o n is held
Differe n t jurisdictio n s can apply
• In Europ e , the Euro p e a n Union favors very strict
prot e c tio n of privacy
• In Americ a, laws have virtually limitless powe r s to acce s s
infor m a ti o n includin g that of comp a ni e s
• The distinc tive featu r e of cloud comp u ti n g still rem ai n s
appe alin g
• The possibility of replica tin g in- hous e, i.e., on their own IT
infras t r u c t u r e , the resou r c e and service provisionin g model propos e d by
cloud comp u ti n g led to the develop m e n t of the Privat e Cloud conc e p t
Privat e clo u d s are virtu al distrib u t e d syste m s that rely on a privat e
infras t r u c t u r e
• Provide inter n al users with dyna mic provisionin g of
comp u ti n g resou r c e s

Privat e clouds have the adva n t a g e

• Keepin g in- hous e the core busine s s oper a tio n s by relying
on the existin g IT infra s t r u c t u r e
• Reducin g the burd e n of maint ai ni n g it once the cloud has
bee n set up
• Secu ri ty conce r n s are less critical
• Sensitive infor m a t io n does not flow out of the privat e
infras t r u c t u r e

But, Privat e clouds canno t easily scale out in the case of peak dem a n d

The integ r a t i o n with public clouds could be a solution to the incre a s e d load

Hybrid clo u d s are the res ult of a privat e cloud growin g and provisionin g
reso u r c e s from a public cloud
• Best option for the futur e in many case s

Hybrid clouds exploit existing IT infras t r u c t u r e s

– Maint ai ni n g sensitive inform a ti o n within the pre mi s e s
– Nat u r a lly growin g and shrinkin g by provisionin g exter n a l
reso u r c e s and relea si n g the m whe n nee d e d
– Secu ri ty conce r n s are only limite d to the public portion of the
cloud
 | 119

Platf or m as a Servi c e (Pa a S ) solutions offer the right tools to imple m e n t

and deploy hybrid clouds
– Provide ente r p ri s e s with a platfor m for cre a ti n g, deploying, and
man a gi n g distrib u t e d applica tion s on top of existin g
infras t r u c t u r e s
– In char g e of monitorin g and man a gi n g the infras t r u c t u r e and
acquiri n g new node s
– Rely on virtualiza tio n tech n ologi e s in orde r to scale applica tio n s
on dem a n d

ANEKA CLOUD PLATFOR M

• Ane k a is a softwa r e platfor m and a fram e w o r k for developin g

distrib u t e d applica tio n s on the cloud
– Harn e s s e s the comp u ti n g resou r c e s of a hete r o g e n e o u s netw o r k
of works t a tio n s and serve r s or dat a cent e r s on dem a n d
– Provides develop e r s with a rich set of APIs for tran s p a r e n t ly
exploiting thes e reso u r c e s by expr e s si n g the applica tio n logic
with a variety of prog r a m m i n g abst r a c ti o n s
– Syste m adminis t r a t o r s can levera g e a collection of tools to
monito r and cont rol the deploye d infras t r u c t u r e
– Can be a public cloud available to anyon e throu g h the Inte r n e t
– A privat e cloud constit u t e d by a set of node s with res t rict e d
acce s s within an ent e r p r i s e
– or a hybrid cloud wher e exter n a l resou r c e s are inte g r a t e d on
dem a n d allowing applica tio n s to scale

Ane k a Fra m e w o r k Archi t e c t u r e

 | 120

Aneka is esse n ti ally an imple m e n t a t i o n of the PaaS model

• Provides a runti m e environ m e n t for executi n g applica tio n s
by lever a gi n g the und e rlying infras t r u c t u r e of the cloud
– Develop e r s can expr e s s distrib u t e d applica tio n s
• By using the API cont ai n e d in the Softwa r e Develop m e n t
Kit (SDK)
• Or by portin g existing legacy applica tio n s to the cloud
– Such applica tion s are execu t e d on the Aneka cloud
• Repr e s e n t e d by a collection of node s conn e c t e d throu g h
the net wo r k hostin g the Aneka cont ain e r
– The cont ain e r is the building block of the middlew a r e
• Repr e s e n t s the runti m e enviro n m e n t for executi n g
applica tion s
• Contai n s the core function alities of the syste m
• Built up from an exte n si bl e collection of service s that
allow admi nist r a t o r s to custo miz e the Aneka cloud

Thre e class e s of service s that char a c t e r iz e the cont ain e r

– Exec u t i o n Servi c e s
• Respo n si ble for sche d ulin g and execu ti n g applic ation s
 | 121

• Each of the prog r a m m i n g models suppo r t e d by Aneka

defines speci alize d imple m e n t a t i o n s of thes e service s for
man a gi n g the exec utio n of a unit of work define d in the
model
– Fou n d a t i o n Servi c e s
• The core man a g e m e n t service s of the Aneka cont ai n e r
• In cha r g e of met e ri n g applic ation s, allocati n g resou r c e s
for exec utio n, man a gi n g the collection of availa ble node s,
and keepin g the service s regist ry upda t e d
– Fabri c Servi c e s
• Constit u t e the lowes t level of the service s stack of Aneka
• Provide acces s to the resou r c e s man a g e d by the cloud
• The Resou r c e Provisionin g Service ena bl e s horizon t al
scaling in the cloud
• Horizont al scaling is the proce s s of adding more
comp u ti n g node s to a syste m
• Vertical scaling is the proce s s of incre a si n g the comp u ti n g
capa bility of a single comp u t e r reso u r c e
• Resou r c e provisionin g make s Aneka elastic
• Allows to grow or to shrink dyna mic ally to mee t the QoS
req ui r e m e n t s of applic a tion s

The cont ain e r relies on a platfor m abs t r a c t io n layer

– Inte rf ac e s it with the unde rlying host whet h e r this is a physical
or a virtualize d resou r c e
– Make s the cont ai n e r port a bl e over differ e n t runti m e
environ m e n t s
• Feat u r e an imple m e n t a t i o n of the ECMA 334 and ECMA
335 specification s
• e.g., the .NET fram e w o r k or Mono
• Aneka also provide s a tool for man a gi n g the cloud
– Allowing administ r a t o r s to start, stop, and deploy insta n c e s of
the cont ai n e r on new resou r c e s and the n reconfig u r e the m
dyna mic ally to alter the behavior of the cloud
Ane k a Res o u r c e Provi s i o n i n g Servi c e

• Cloud comp u ti n g has the ability to auto m a t ic ally scale out

– Base d on dem a n d and users’ quality of service requ e s t s
• Aneka is a PaaS
– Feat u r e s multiple prog r a m m i n g models allowing develop e r s to
easily build their distrib u t e d applica tio n s
– Provides reso u r c e provisionin g facilities in a sea ml e s s and
dyna mic fashion
 | 122

• Applicatio n s man a g e d by the Aneka cont ai n e r can be

dyna mic ally map p e d to hete r o g e n e o u s resou r c e s
• Grow or shrink accor din g to the applica tio n’s nee d s
– Achieved by mea n s of the reso u r c e provisionin g fram e w o r k
• Compos e d prim a rily of servic es built into the Aneka fabric
layer
A typical scen a ri o that a mediu m or large ente r p r i s e may encou n t e r
– Combin e s privat ely owne d reso u r c e s with public rent e d
reso u r c e s to dyna mic ally incre a s e the reso u r c e capacity to a
larg e r scale

• Privat e resou r c e s identify comp u ti n g and stor a g e elem e n t s kept in the

pre mis e s . They sha r e similar inter n a l security and admi nis t r a t iv e
policies

Aneka identifies two types of privat e resou r c e s

• Static and dyna mic reso u r c e s
– Stati c res o u r c e s are constit u t e d by existin g physic al
works t a tio n s and serve r s
• May be idle for a cert ain period of time
• Their mem b e r s h i p to the Aneka cloud is man u a lly
configu r e d by administ r a t o r s
• Does not cha n g e over time
 | 123

– Dyn a m i c res o u r c e s are mostly repr e s e n t e d by virtual insta n c e s

that join and leave the cloud
• Controlled by reso u r c e pool man a g e r s that provision and
relea s e the m whe n nee d e d
• Public reso u r c e s reside outside the boun d a ri e s of the ente r p ri s e
– Provision e d by esta blis hi n g a servic e- level agre e m e n t with the
exte r n a l provide r
Two class e s: on- dem a n d and res e rv e d resou r c e s
– On- de m a n d reso u r c e s are dyna mi c ally provision e d by resou r c e
pools for a fixed amou n t of time, e.g., an hour
• With no long- ter m com mit m e n t s
• On a pay- as- you- go basis
– Res e r v e d res o u r c e s are provision e d in adva n c e by paying a
low, one- time fee
• Mostly suite d for long- ter m usag e
• Actually the sam e as static resou r c e s
• No auto m a t io n is nee d e d in the resou r c e provisionin g
servic e to man a g e the m

Res o u r c e Provi s i o n i n g Sc e n a r i o

• A possible scen a ri o in which the resou r c e provisionin g service

beco m e s impor t a n t
– A privat e ente r p ri s e maint ai n s a privat e cloud consistin g of
• Five physic al dedic a t e d deskto p s from its engin e e ri n g
dep a r t m e n t
• A small data cent e r man a g e d by Xen Hype rviso r providing
virtu al mac hi n e s with the maxim u m capa city of 12 VMs
– In most of the cases , this settin g is able to addr e s s the
comp u ti n g nee d s of the ent e r p ri s e
– In the case of peak comp u ti n g dem a n d
• Additional resou r c e s can be provision e d by lever a gi n g the
virtu al public infras t r u c t u r e
– A mission critical applic ation could req ui r e at least 30 resou r c e s
to comple t e within an hour
• The custo m e r is willing to spen d a maxim u m of 5 dollars to
achieve this goal
– The Aneka Resou r c e Provisionin g service beco m e s a
fund a m e n t a l infras t r u c t u r e compo n e n t to addr e s s this scen a ri o
• The Aneka sche d ulin g engin e dete c t s that the curr e n t
capacity in ter m s of reso u r c e s , i.e., 5 dedic a t e d node s is
not enoug h to satisfy the user’s QoS req ui r e m e n t and to
comple t e the applica tio n on time
 | 124

• An addition al 25 reso u r c e s must be provision e d

– The res po n si bility of the Aneka Resou r c e Provisionin g service to
acquir e thes e reso u r c e s from both the privat e data cent e r
man a g e d by Xen Hype rvis o r and the Amazon public cloud
– The provisionin g service is configu r e d by default with a cost-
effective stra t e g y
• Privileg e s the use of local reso u r c e s inste a d of the
dyna mic ally provision e d and char g e a b l e ones
• The comp u ti n g need s of the applic ation requir e the full
utilization of the local dat a cent e r that provide s the Aneka
cloud with 12 virtu al mac hi n e s
• The rem ai ni n g 13 reso u r c e s are rent e d from Amazon for a
minim u m of one hour
• Only incurs a few dollars’ cost

Anoth e r simple stra t e g y for provisionin g reso u r c e s could be minimizing the

execu tio n time to let the applica tio n finish as early as possible
– Requir e s Aneka to req u e s t more powe rful resou r c e s from the
Amazon public cloud
Inste a d of provisionin g 13 small insta n c e s from Amazon, a major
num b e r of resou r c e s or more powe rf ul reso u r c e s can be rent e d by
spen di n g the entire budg e t available for the applica tion

Hybrid Clou d Impl e m e n t a t i o n

 | 125

No widely acce p t e d stan d a r d for provisionin g virtu al infras t r u c t u r e from

Infras t r u c t u r e as a Service (IaaS) provide r s

– Each provide r expos e s its own interfa c e s and protocols

– Not possible to sea ml e s sly integ r a t e differ e n t provide r s into one
single infra s t r u c t u r e
• The reso u r c e provisionin g service imple m e n t e d in Aneka add r e s s e s
thes e issue s
– Abstr a c t s away the differe n c e s of provide r s’ imple m e n t a t i o n

Des i g n and Impl e m e n t a t i o n Guid e l i n e s

The partic ul a r nat u r e of hybrid clouds dem a n d s addition al and specific
function alities
– Sup p o r t for He t e r o g e n e i t y
• Hybrid clouds are produ c e d by hete r o g e n e o u s reso u r c e s
such as clust e r s , public or privat e virtu al infras t r u c t u r e s ,
and works t a tio n s
• A virtu al mac hi n e man a g e r must be possible to inte g r a t e
addition al cloud service provide r s , mostly IaaS provide r s ,
witho u t major cha n g e s to the entir e syste m design and
code b a s e
• The specific code relat e d to a partic ul a r cloud resou r c e
provide r should be kept isolat e d behin d interfa c e s and
within plugg a bl e compo n e n t s
– Sup p o r t for Dyna m i c and Ope n Sys t e m s
• Hybrid clouds chan g e their composi tion and topology over
time
• An open and exte n si bl e archit e c t u r e that allows easily
pluggin g new compo n e n t s and rapidly integ r a t i n g new
featu r e s is of a grea t value
• Depe n d e n c y injection is a tech ni q u e that allows
configu ri n g and conn e c ti n g compo n e n t s within a softw a r e
cont ai n e r , like a Web or an applica tio n serve r, witho u t
har d coding their relation but by providin g an abst r a c t
specification
e.g., a configu r a ti o n file that specifies which compo n e n t to
insta n ti a t e and to conne c t the m toget h e r
– Sup p o r t for Bas i c VM Opera t i o n Man a g e m e n t
• Hybrid clouds integ r a t e virtual infras t r u c t u r e s with
existing physical syste m s
• Softw a r e fram e w o r k s that suppo r t hype rviso r- bas e d
execu tio n should imple m e n t a minim u m set of oper a tio n s
includin g req u e s ti n g a virtu al insta n c e , contr olling its
 | 126

stat u s, termi n a t i n g its execu tion, and keepi n g track of all

the insta n c e s that have bee n requ e s t e d
– Sup p o r t for Flexi b l e Sc h e d u l i n g Polic i e s
• The hete r o g e n e i ty of reso u r c e s that constitu t e a hybrid
infras t r u c t u r e nat u r ally dem a n d s for flexible sche d uli n g
policies
• Public and privat e resou r c e s can be differe n tly utilized
• The workloa d should be dyna mi c ally partition e d into
differe n t stre a m s accor di n g to their secu rity and quality of
servic e (QoS) requir e m e n t s
– Sup p o r t for Workl o a d Mo n i t o r i n g
• A subs e t of resou r c e s is lease d and reso u r c e s can be
dismiss e d if they are no longe r nece s s a r y
• Nece s s a r y to integ r a t e this feat u r e with sche d uli n g
policies that direc tly or indire c tly gover n the man a g e m e n t
and lease s of virtu al inst a n c e s
– The most releva n t featu r e s for succe s sf ully suppo r ti n g the
deploym e n t and the man a g e m e n t of hybrid clouds
• Secu ri ty is tran sv e r s a l to all featu r e s
– A basic reco m m e n d a t i o n for imple m e n t i n g a secu ri ty
infras t r u c t u r e for any runti m e environ m e n t is to use a Defens e
in Dept h secu rity model whe n e v e r it is possible
• Defens e in dept h is an inform a ti o n assu r a n c e (IA) stra t e g y
in which multiple layers of defen s e are plac e d throu g h o u t
an inform a t io n tech nolo gy (IT) syste m
– Even more impor t a n t in hybrid clouds
• Both applica tio n s and resou r c e s can repr e s e n t tre a t s to
each othe r
Ane k a Hybri d Clou d Archi t e c t u r e

• The solution imple m e n t e d in Aneka

– The Resou r c e Provisionin g Fra m e w o r k rep r e s e n t s the
found a tio n on top of which Aneka- base d hybrid clouds are
imple m e n t e d
– The reso u r c e provisionin g infras t r u c t u r e is rep r e s e n t e d by a
collection of reso u r c e pools provide s acce s s to reso u r c e
provide r s
– Mana g e d unifor mly throu g h a specific compo n e n t called a
reso u r c e pool man a g e r
– Res o u r c e Provi s i o n i n g Servi c e
• An Aneka- specific servic e that imple m e n t s the servic e
inte rf a c e and wra p s the resou r c e pool man a g e r , allowing
its integ r a t io n within the Aneka cont ai n e r
 | 127

– Res o u r c e Pool Man a g e r

• Mana g e s all the regis t e r e d reso u r c e pools
• Decides how to alloca t e resou r c e s from thos e pools
• Provides a unifor m interfa c e for requ e s t i n g addition al
reso u r c e s from any privat e or public provide r
• Hides the compl exity of man a gi n g multiple pools to
the Resou r c e Provisionin g Service

– Res o u r c e Pool
• A cont ain e r of virtual reso u r c e s that mostly come from the
sam e resou r c e provide r
• In cha r g e of man a gi n g the virtu al reso u r c e s it contai n s
• Finally relea si n g the m when they are no longe r in use
• Each vendo r expos e s its own specific interf ac e s
• Enca p s ul a t e s the specific imple m e n t a t i o n of the
com m u n ic a t io n protocol req ui r e d to inter a c t with it
• Provides the pool man a g e r with a unified interf ac e for
acquiri n g, ter mi n a ti n g, and monitori n g virtu al resou r c e s
• The req u e s t for addition al reso u r c e s is gene r a lly trigg e r e d by a
sche d ul e r
– Detect s that the curr e n t capa city is not sufficient to satisfy
the expe ct e d
quality of service s ensu r e d for specific applica tio n s
• In this case, a provisionin g requ e s t is mad e to the Resou r c e
Provisionin g Servic e
– Accordin g to specific policies, the pool man a g e r det e r m i n e s the
pool insta n c e ( s) that will be used to provision resou r c e s and will
forw a r d the req u e s t to the select e d pools
 | 128

– Each reso u r c e pool will tra n sl a t e the forw a r d e d requ e s t by using

the specific protocols requir e d by the exte r n a l provide r and
provision the reso u r c e s
• Once the req u e s t s are succe s sf ully proce s s e d
– The req u e s t e d num b e r of virtu al reso u r c e s will join the Aneka
cloud by regist e ri n g the m s elv e s with the Memb e r s hi p Catalog u e
Servic e
• Keeps track of all the node s curr e n t ly conn e c t e d to the
cloud
– Once joined the cloud, the provision e d reso u r c e s are man a g e d
like any othe r node
• A rele a s e requ e s t is trigg e r e d by the sche d ulin g service when
provision e d resou r c e s are no longe r in use

Us e Cas e - The Amaz o n EC2 Res o u r c e Pool

• The imple m e n t a t i o n of the Amazon EC2 resou r c e pool
– A prac tic al applic ation of the infra s t r u c t u r e develop e d
– Amazon EC2 is one of the most popul a r cloud reso u r c e provide r s
• Among the top 10 comp a ni e s providing cloud comp u ti n g
servic es
– EC2 provides a Web servic e interfa c e for acce s si n g, man a gi n g ,
and controlling virtu al mac hi n e insta n c e s
• Simplifies the inte g r a t i o n of Amazon EC2 with any
applica tion
• To inter a c t with Amazon EC2, seve r al para m e t e r s are requir e d
– Us e r Ide n t i t y : Repr e s e n t s the accou n t inform a t io n used to
aut h e n t i c a t e with Amazon EC2
• Constit u t e d by a pair of encry p t e d keys that are the acce s s
key and the secr e t key
• Thes e keys can be obtain e d from the Amazon Web service s
port al once the use r has signe d in
• Requir e d to perfor m any oper a tio n that involves Web
servic e acces s

– Res o u r c e Ide n t i t y
• The identifie r of a public or a privat e Amazon Machin e
Imag e (AMI) used as tem pl a t e from which to cre a t e virtual
machin e insta n c e s
– Res o u r c e Capa c i ty
• Specifies the differe n t type of insta n c e that will be
deploye d by Amazon EC2
 | 129

• Inst a n c e types vary accor di n g to the num b e r of cores, the

amou n t of me mo ry, and othe r settin g s that affect the
perfor m a n c e of the virtu al machin e insta n c e
• Sever al types of imag e s are availa ble
• Those com m o nly use d are: small, mediu m , and larg e
• The capa city of eac h type of resou r c e has bee n pred efin e d
by Amazon and is char g e d differ e n tly
– This inform a ti o n is maint ai n e d in the EC2Re s o u r c e P o olCo n fig u r a t i o n
class
– Nee d to be provide d by the admi nis t r a t o r to configu r e the pool
– The imple m e n t a t i o n of EC2Re s o u r c e P o ol is forwa r di n g the requ e s t of
the pool man a g e r to EC2
– By using the Web service client and the configu r a ti o n
infor m a ti o n previou sly desc ri b e d
– Then store s the met a d a t a of each active virtual insta n c e for
furth e r use
– To utilize at best the virtu al mac hi n e insta n c e s provision e d from EC2
– The pool implem e n t s a cost- effective optimiza tion strat e g y
– A virtu al mac hi n e insta n c e is char g e d by using one- hour time
blocks
• Accordin g to the curr e n t busine s s model of Amazon
• If a virtual mac hi n e insta n c e is used for 30 minut e s , the
custo m e r is still cha r g e d for one hour of usag e
– To provide a good service to applica tio n s with a smaller
gra n ul a ri ty in ter m s of execu tio n times
• The EC2Res o u r c e P o ol class imple m e n t s a local cach e that
keeps track of the rele a s e d insta n c e s whos e time block is
not expire d yet
• Thes e insta n c e s will be reus e d inste a d of activatin g new
insta n c e s from Amazon
– With the cost- effective optimiza tio n stra t e g y
– The pool is able to minimize the cost of provisionin g resou r c e s
from Amazon cloud to achieve high utilization of eac h
provision e d resou r c e

Impl e m e n t a t i o n Ste p s for Ane k a Res o u r c e Provi s i o n i n g Servi c e

• The resou r c e provisionin g service is a custo miz e d service
– Used to ena bl e cloud burs tin g by Aneka at runti m e
• One of the applica tio n scen a ri os that utilize resou r c e provisionin g
– To dyna mic ally provision virtual mac hi n e s from Amazon EC2
cloud
• The gene r a l steps of resou r c e provisionin g on dem a n d in Aneka
– The applica tio n submit s its tasks to the sche d ulin g service
 | 130

– Adds the tasks into the sche d uli n g que u e

– The sche d uli n g algorith m finds an app ro p ri a t e matc h betw e e n a

task and a reso u r c e
• If the algorith m could not find enou g h resou r c e s for
serving all the tasks, it requ e s t s extra resou r c e s from the
sche d ulin g servic e
– The sche d uli n g service will send a Resou r c e Provision Mess a g e
to provision service
• Ask provision servic e to get X num b e r of reso u r c e s as
dete r m i n e d by the sche d ulin g algorit h m
– Upon rec eivin g the provision mess a g e
• The provision service will deleg a t e the provision req u e s t
to a compo n e n t called resou r c e pool man a g e r
• Respo n si ble for man a gi n g various reso u r c e pools
• All the work insta n c e s will then conn e c t to the Aneka
mas t e r machin e
• Regist e r the m s elve s with Aneka mem b e r s h i p service
 | 131

• A reso u r c e pool is a logical view of a cloud reso u r c e

provide r
• The virtual machin e s can be provision e d at runtim e
• Aneka reso u r c e provisionin g suppo r t s multiple resou r c e
pools like Amazon EC2 pool and Citrix Xen serve r pool
– The reso u r c e pool man a g e r knows how to com m u ni c a t e with
each pool
• Provision the req u e s t e d resou r c e s on dem a n d
• The pool man a g e r start s X virtual machi n e s by utilizing
the pred efin e d virtual mac hin e tem pl a t e alre a dy
configu r e d to run Aneka cont ai n e r s
– A work insta n c e of Aneka will be configu r e d and runnin g once a
virtu al resou r c e is sta rt e d
– The sche d ulin g algorith m will be notified by the mem b e r s h i p
servic e once those work insta n c e s join the netw o r k and star t
allocatin g pendin g tasks to the m imme di a t ely
– Once the applic ation is comple t e d all the provision e d resou r c e s
will be relea s e d by the provision service to redu c e the cost of
rentin g the virtu al machi n e

COMETCLOU D- AN AUTONO M IC CLOUD ENGI N E

• Clouds typically have highly dyna mic dem a n d s for reso u r c e s with
highly hete r o g e n e o u s and dyna mi c workloa d s
• Differe n t applic ation s may have very differe n t and dyna mic quality of
servic e (QoS) requir e m e n t s
– One applic ation may req uir e high throu g h p u t
– Anoth e r may be const r ai n e d by a budg e t
– A third may have to balanc e both thro u g h p u t and budg e t
• To suppo r t on- dem a n d scale- up, scale- down, and scale- out
– Combinin g public cloud platfor m s and integ r a t i n g the m with
existing grids and data cent e r s
– Users may want to use resou r c e s in their privat e cloud or data
cent e r or grid first before scaling out onto a public cloud
– Inte g r a t i n g thes e public cloud platfor m s with exiting
comp u t a t i o n a l grids to provide oppor t u n i ti e s for on- dem a n d
scale- up and scale- dow n is clo u d bur s t

The Come t Cloud auto no m ic cloud engin e

Goal is to realize a virtu al comp u t a t i o n a l cloud with resiza ble comp u ti n g
capa bility that
– Inte g r a t e s local comp u t a t io n a l environ m e n t s and public cloud
servic es on- dem a n d
 | 132

– Provide abst r a c t io n s and mec h a n i s m s to suppo r t a ran g e of

prog r a m m i n g par a di g m s and applic a tion s requir e m e n t s
– Come t Cloud ena ble s policy- base d auton o m ic cloud bridgin g and cloud
burs tin g
– Autono mi c cloud bridgi n g ena bl e s on- the- fly integ r a ti o n of local
comp u t a t i o n a l enviro n m e n t s , like dat a cent e r s and grids, and
public cloud service s, like Amazon EC2 and Eucalyp t u s
– Autono mi c cloud burs ti n g ena bl e s dyna mic applica tion scale- out
to add r e s s dyna mi c workloa d s , spikes in dem a n d s , and othe r
extre m e requir e m e n t s

• Come t Clo u d is bas e d on a dec e n t r a liz e d coordin a tio n subst r a t e

– Suppo r t s highly het e r o g e n e o u s and dyna mic cloud/ g ri d
infras t r u c t u r e s , integ r a t i o n of public/priva t e clouds, and
cloudb u r s t s
– Also use d to suppo r t a dece n t r a liz e d and scala bl e task spac e
• Coordin a t e s the sche d uli n g of task onto sets of
dyna mic ally provision e d worke r s on availa ble privat e
and/or public cloud reso u r c e s
• Sub mit t e d by a dyna mi c set of use r s
• Base d on their QoS const r ai n t s like cost or perfor m a n c e

COMETCLOU D ARCHITECTU RE

• Come t Cloud is an auton o m i c comp u ti n g engin e for cloud and grid

environ m e n t s
– Base d on the Come t dece n t r a lize d coordi n a ti o n subs t r a t e
– Suppo r t s highly het e r o g e n e o u s and dyna mic cloud/ g ri d
infras t r u c t u r e s
– Inte g r a t io n of public/priva t e clouds
– Autono mi c cloud b u r s t s
– Base d on a pee r- to- peer subs t r a t e that can span ente r p r i s e dat a
cent e r s , grids, and clouds
Come t is compos e d of thre e layers
– prog r a m m i n g layer,
– servic e layer, and
– an infras t r u c t u r e layer
Adapt s the Squid inform a tio n discove ry sche m e to dete r mi ni s tic ally map
the inform a tio n spac e onto the dyna mic set of pee r node s
– The res ultin g struc t u r e is a locality pres e rvi n g sem a n t i c
distrib u t e d has h table (DHT) on top of a self- orga nizin g
struc t u r e d overlay that maint ai n s cont e n t locality
 | 133

–
Guar a n t e e s that cont e n t- base d que ri e s are deliver e d with
boun d e d costs using flexible cont e n t descri p t o r s in the form of
keywor d s , partial keywor d s , and wildca r d s
– Come t builds a tuple- bas e d coordin a tio n spac e abs t r a c t io n using
Squid
– Can be associa tively acce s s e d by all syste m pee r s withou t
req ui ri n g the location inform a tio n of tuples and host identifier s
– Also provide s tran si e n t spac e s that ena bl e applica tion s to
explicitly exploit cont ext locality

Com e t Clou d Layer e d Abstr a c t i o n s

A sche m a t i c overview of the Come t Cloud arc hit e c t u r e

• The infra s t r u c t u r e layer uses the Chord self- orga nizin g overlay
– The Squid inform a ti o n discove ry(p e e r- to- pee r inform a tio n
discove ry syste m) and conte n t- base d routin g subst r a t e built on
top of Chord(dis t ri b u t e d lookup protocol: given a key, it maps on
to a node)
• The routin g engin e suppo r t s flexible cont e n t- bas e d routing
and compl ex que ryin g using partial keywor d s , wildca r d s ,
or ran g e s
• Guar a n t e e s that all peer node s with dat a elem e n t s that
matc h a que ry/ m e s s a g e will be locat e d
Node s providing reso u r c e s in the overlay have differe n t roles and
differe n t acce s s privileg e s bas e d on their cre d e n t i al s and capa bilities
– Provides replic a tion and load balan ci n g service s
 | 134

• Handl e s dyna mi c joins and leaves of node s as well as node

failur e s
– Every node keep s the replica of its succe s s o r node’s stat e
• Reflects chan g e s to this replica whe n e v e r its succ e s s o r
notifies it of chan g e s
• Notifies its pre d e c e s s o r of any chan g e s to its stat e
– If a node fails, the pre d e c e s s o r node merg e s the replica into its
stat e
• Make s a replica of its new succe s s o r
– If a new node joins, the joining node’s pre d e c e s s o r upda t e s its
replic a to reflect the joining node’s stat e. The succe s s o r gives its
stat e inform a ti o n to the joining node
– To maint ai n load balan ci n g
• Load should be redist rib u t e d amon g the node s whe n e v e r a
node joins and leaves
The servi c e layer provide s a ran g e of servic es to suppo r t auton o mi c s at the
prog r a m m i n g and applica tion level
– Provides a virtu al shar e d- spac e abst r a c tio n as well as
associ a tive acce s s primitive s
– The basic coordin a tio n primitives:
• out( ts , t ): A non blocking oper a tio n that inser t s tuple t into
spac e ts
• in( ts , t’): A blockin g oper a tio n that remov e s a tuple t
matc hi n g tem pl a t e t’ from the spac e ts and retu r n s it
• rd(ts, t’): A blockin g oper a tio n that retu r n s a tuple t
matc hi n g tem pl a t e t’ from the spac e ts ; The tuple is not
rem ov e d from the spac e
• The out is for inse rtin g a tuple into the spac e
• in and rd are for rea din g a tuple from the spac e
• in remov e s the tuple after rea d
• rd only read s the tuple
– Suppo r t ran g e query
• “*” can be used for sea rc hi n g all tuples
– To addr e s s this issue, Comet Clou d suppo r t s dyna mic ally
const r u c t e d tran si e n t spac e s
• Have a specific scop e definition
• e.g., within the sam e geog r a p h i c al region or the sam e
physical subn e t
– The global spac e is acces si ble to all pee r nodes
• Acts as the defa ult coordin a tio n platfor m
– Mem b e r s h i p and aut h e n t i c a tio n mech a ni s m s are adopt e d to
rest rict acces s to the tran si e n t spac e s
 | 135

– The struc t u r e of the tra n si e n t spac e is exactly the sam e as the

global spac e
• An applica tion can switch betw e e n spac e s at runti m e
• Can simulta n e o u s ly use multiple spac e s
– Also provide s async h r o n o u s (publish/s u b s c ri b e ) mes s a gi n g and
eventin g service s
– On- line clust e ri n g service s suppo r t auto no mi c man a g e m e n t
• Enable self- monito ri n g and cont rol
• Event s descri bin g the stat u s or beh avior of syste m
compo n e n t s are clust e r e d
• Used to dete c t anom alo u s behavior s
• The pro g r a m m i n g layer provide s the basic fram e w o r k for applica tio n
develop m e n t and man a g e m e n t
– Suppo r t s a rang e of par a di g m s includin g the
mas t e r / w o r k e r /B OT (Bags of Tasks)
• Mas t e r s gen e r a t e tasks and worke r s cons u m e the m
• Mas t e r s and worke r s can comm u ni c a t e via virtual sha r e d
spac e or using a direc t conn e c tio n
– Sche d uli n g and monitori n g of tasks are suppo r t e d by the
applica tion fram e w o r k
– The task consist e n c y service han dl e s lost tasks
• Even thoug h replic ation is provide d by the infras t r u c t u r e
layer, a task may be lost due to netwo r k cong e s tio n.
• Since ther e is no failure, infras t r u c t u r e level replica tio n
may not be able to han dl e it
– Lost tasks can be han dl e d by the mas t e r
• e.g., by waiting for the res ult of each task for a pre d efin e d
time interv al
• If the mast e r does not receive the res ult back,
reg e n e r a t i n g the lost task
• If the mast e r rec eive s duplic at e res ult s for a task, it
select s the first one and ignor e s othe r subs e q u e n t res ult s
– Othe r suppo r t e d para di g m s includ e work flow- bas e d applica tio n s
as well as Mapr e d u c e and Hadoo p

Com e t Spa c e

• In Come t, a tuple is a simple XML strin g

– The first elem e n t is the tuple’s tag
• Follow e d by an orde r e d list of elem e n t s cont ai ni n g the
tuple’s fields
• Each field has a nam e followe d by its value
 | 136

• The tag, field nam e s , and value s mus t be actu al dat a for a
tuple
• Can contai n wildca r d s (“*”) for a tem pl a t e tuple
– This lightw ei g h t forma t is flexible enou g h to repr e s e n t the
infor m a ti o n for a wide rang e of applica tio n s
• Can suppo r t rich matc hi n g relation s hi p s
• The cros s- platfor m nat u r e of XML make s this form a t
suita bl e for infor m a tio n excha n g e in distrib u t e d
hete r o g e n e o u s enviro n m e n t s
• A tuple in Come t can be retrieve d
– If it exactly or app roxi m a t e ly matc h e s a tem pl a t e tuple
– Exact matc hi n g requir e s the tag and field nam e s of the tem pla t e
tuple to be specified withou t any wildca r d , as in Linda
• This strict matc hi n g patt e r n mus t be relaxe d in highly
dyna mic environ m e n t s
• Applicatio n s like service discove ry may not know exact
tuple struc t u r e s
– Suppo r t s retri ev al s with incom ple t e struc t u r e infor m a tio n using
appr oxi m a t e matc hi n g
• Only requir e s the tag of the tem pl a t e tuple be specified
using a keywor d or a partial keywor d
• Tuple (a) tagg e d “cont a c t”
– Has fields “nam e, phon e, email, dep”
– With values “Smith, 7324 4 5 1 0 0 0 , smith@ g m a il.co m , ece”
– Can be retri ev e d using tuple tem pla t e (b) or (c)

• Come t ada p t s Squid inform a t io n discove ry sche m e

– Employs the Hilbe rt spac e- filling curve (SFC)
• To map tuples from a sem a n t i c inform a t io n spac e to a
linea r node index
– The sem a n t ic inform a tio n spac e is define d by applica tio n use rs
• Consistin g of base d- 10 num b e r s and English words
• e.g., A comp u t a t i o n a l stor a g e reso u r c e may belong to the
3D stor a g e spac e with coordin a t e s “spac e ,” “band wi d t h ,”
and “cost”
 | 137

• Each tuple is associa t e d with k keywor d s select e d from its tag and
field nam e s
– The keys of a tuple
– e.g., The keys of tuple (a) can be “nam e, phon e” in a 2D stud e n t
infor m a ti o n spac e
– Tuples are local in the inform a ti o n spac e
• If their keys are lexicogr a p h i c ally close
• Or if they have com m o n keywor d s
– The selectio n of keys can be specified by the applica tio n s
• A Hilbe r t SFC is a locality pres e rvi n g continu o u s map pi n g
– From a k-dimen sio n a l (kD) spac e to a 1D spac e
– Points that are close on the curve are mapp e d from close points
in the kD spac e
– The Hilbe r t curve rea dily exte n d s to any num b e r of dime n sio n s
– Enable s the tuple spac e to maint ain cont e n t locality in the index
spac e
• In Come t, the pee r nodes form a one- dime n sio n al overlay
– Indexe d by a Hilbe r t SFC
– The tuple s are mapp e d from the multi- dime n sio n al inform a t io n
spac e to the linea r peer index spac e
– Come t uses the Hilber t SFC const r u c t s the distrib u t e hash table
(DHT)
• For tuple distrib u tio n and lookup
– If the keys of a tuple only includ e comple t e keywor d s
• The tuple is mapp e d as a point in the inform a ti o n spac e
and locat e d on at most one node
– If its keys consist of partial keywor d s , wildca r d s , or rang e s
• The tuple identifies a region in the inform a tio n spac e
• This region is map p e d to a collection of seg m e n t s on the
SFC
• Corre s p o n d s to a set of point s in the index spac e
– Each node store s the keys that map to the seg m e n t of the curve
betw e e n itself and the pre d e c e s s o r node
• Five node s are indexe d using SFC from 0 to 63
– With id show n in solid circle
– The tuple define d as the point (2, 1) is mapp e d to index 7 on the
SFC
• Corre s p o n d s to node 13
– The tuple define d as the region (23, 15) is map p e d to two
seg m e n t s on the SFC
• Corre s p o n d s to node s 13 and 32
 | 138

Auto n o m i c Clou d b u r s t i n g
• The goal of auto no m i c cloudb u r s t s
– To sea ml e s sly and secu r ely integ r a t e privat e ent e r p ri s e clouds
and data cent e r s with public utility clouds on- dem a n d to provide
the abs t r a c t io n of resiza bl e comp u ti n g capacity
– Enable s the dyna mic deploym e n t of applica tio n compo n e n t s
onto a public cloud
• Typically run on inter n al orga niza tio n al comp u t e
reso u r c e s
• To addr e s s dyna mi c workloa d s , spikes in dem a n d s , and
othe r extr e m e requir e m e n t s
• Typical over- provisionin g strat e g i e s are no longe r feasible
– The incre a si n g applica tio n and infras t r u c t u r e scale s
– Their cooling, oper a tio n, and man a g e m e n t costs
– Autono mi c cloud b u r s t s can lever a g e utility clouds
• To provide on- dem a n d scale- out and scale- in capa bilities
bas e d on a rang e of met ric s
• The overall app ro a c h for suppo r ti n g auton o mi c cloudb u r s t s in
Come t Clo u d
– Come t Clo u d c o n si d e r s thre e type s of clouds
• Base d on perc eive d secu rity/t r u s t
– Assigns capa bilities accor di n gly
– The first is a highly trus t e d , robus t, and secu r e cloud
• Usually compo s e d of trus t e d/ s e c u r e node s within an
ente r p r i s e
• Typically used to host mas t e r s and othe r key
(man a g e m e n t , sche d uli n g, monito ri n g) roles
• Also use d to stor e stat e s
– In most applic ation s, the privacy and integ rity of critical dat a
mus t be maint ai n e d
 | 139

• Tasks involving critical data should be limite d to cloud

nodes that have requir e d cred e n t i al s
• The secon d type of cloud is one compo s e d of node s with
such cred e n t i al s
• The cloud of secu r e worke r s
– A privileg e d Comet spac e may span thes e two clouds
• May cont ain critical dat a, tasks, and othe r aspe c t s of the
applica tion- logic/wo rkflow
– The final type of cloud consist s of cas u al worke r s
• Thes e worke r s are not part of the spac e
• Can acces s the spac e thro u g h the proxy and a requ e s t
han dl e r to obtain (possibly encryp t e d ) work units as long
as they pres e n t requir e d cre d e n t i al s
• Node s can be adde d or delet e d from any of thes e clouds by purpo s e
– If the spac e nee d s to be scale- up to stor e dyna mic ally growin g
workloa d and requir e s more comp u ti n g capa bility
• Autono mi c cloud b u r s t s targ e t secu r e worke r to scale up

– Only if more comp u ti n g capa bility is requir e d

• Unse c u r e d worke r s are adde d
• Key motivatio n s for auto no mi c cloud b u r s t s
– Load Dyna mic s
• Applicatio n workloa d s can vary significa n tly
• Includ e s the num b e r of applica tio n tasks and the
comp u t a t i o n a l requir e m e n t s of a task
 | 140

• The comp u t a ti o n al environ m e n t must dyna mi c ally grow

(or shrink) in res po n s e to thes e dyna mic s while still
maint ai nin g strict deadlin e s
– Accura cy of the Analytics
• The requir e d accur a cy of risk analytics depe n d s on a
num b e r of highly dyna mi c mark e t par a m e t e r s
• e.g., the num b e r of scen a ri os in the Mont e Carlo VaR
form ul a tion
• The comp u t a ti o n al environ m e n t must be able to
dyna mic ally ada p t to satisfy the accu r a c y requir e m e n t s
while still maint ai ni n g strict dea dlin e s
– Collabor a ti o n of Differe n t Groups
• Differe n t group s can run the sam e applica tio n with
differe n t dat a s e t policies
• Policy mea n s user’s SLA boun d e d by their condition such
as time fram e, budg e t s , and econo mi c models
• As collabor a t io n grou p s join or leave the work, the
comp u t a t i o n a l enviro n m e n t must grow or shrink to satisfy
their SLA
– Econo mic s
• Applicatio n tasks can have very hete r o g e n e o u s and
dyna mic priorities
• Must be assign e d resou r c e s and sche d ul e d accor di n gly
• Budg e t s and econo mic models can be used to dyna mic ally
provision comp u t a t i o n a l reso u r c e s bas e d on the priority
and criticality of the applic ation task
• e.g., Applicatio n tasks can be assign e d budg e t s and can be
assig n e d resou r c e s bas e d on this budg e t
• The comp u t a ti o n al environ m e n t must be able to handl e
hete r o g e n e o u s and dyna mic provisionin g and sche d uli n g
req ui r e m e n t s
– Failur e s
• Due to the strict dea dlin e s involved, failure s can be
disas t r o u s
• The comp u t a ti o n mus t be able to man a g e failur e s withou t
impac ti n g applica tio n quality of servic e, includin g
dea dlin e s and accu r a ci e s
• Autono mi c cloudb ri d gi n g is mea n t to conn e c t Come tClo u d and a
virtu al cloud
– Consist s of public cloud, dat a cent e r, and grid by the dyna mi c
nee d s of the applica tio n
– The clouds in the virtu al cloud are het e r o g e n e o u s
• Have differe n t types of reso u r c e s and cost policies
 | 141

– The perfor m a n c e of eac h cloud can cha n g e over time by the

num b e r of curr e n t users
• Types of use d clouds, the num b e r of node s in each cloud,
and reso u r c e types of node s should be decid e d accor di n g
to the chan gin g environ m e n t of the clouds and
applica tion’s reso u r c e requir e m e n t s
• The oper a ti o n of the Come tClo u d- base d auto no m ic cloudb ri d gi n g
– The sche d ulin g age n t man a g e s auto no mi c clo u d b u r s t s over the
virtu al cloud
• There can be one or more sche d ulin g age n t s
• Locat e d at a robu s t/ s e c u r e mas t e r site
– If eac h group requir e s gene r a t i n g tasks with its own data and
man a gi n g the virtual cloud by its own policy
• Can have a sepa r a t e sche d ulin g age n t in its mast e r site
– The requ e s t s for tasks gen e r a t e d by the differe n t sites are
logge d in the Comet Clou d virtual shar e d spac e
• Spa n s mas t e r nodes at eac h of the sites
– Thes e tasks are then consu m e d by worke r s
• May run on local comp u t a t i o n a l node s at the site, a sha r e d
dat a cent e r , and a grid or on a public cloud infras t r u c t u r e
– A sche d uli n g age n t man a g e s QoS const r ai n t s and auton o m ic
cloudb u r s t s of its site
• Accordin g to the define d policy
– The worke r s can acces s the spac e using app ro p ri a t e cred e n ti al s
• Acces s autho riz e d tasks
– Retur n res ult s back to the app ro p ri a t e mast e r indica t e d in the
task itself
 | 142

• A sche d ulin g age n t man a g e s auto no mi c cloud b ri d gi n g and guar a n t e e s

QoS within user policies
– Autono mi c cloud b u r s t is rep r e s e n t e d by chan gi n g resou r c e
provisionin g not to violate define d policy
• Thre e types of policies
– Deadline- Based
• When an applic ation nee d s to be compl et e d as soon as
possible, ass u mi n g an ade q u a t e budg e t , the maxim u m
req ui r e d worke r s are allocat e d for the job
– Budg e t- Base d
• When a budg e t is enforc e d on the applic ation, the num b e r
of worke r s allocat e d must ens u r e that the budg e t is not
violate d
– Workloa d- Base d
• When the applica tio n workloa d chan g e s , the num b e r of
worke r s explicitly define d by the applica tio n is allocat e d or
relea s e d
• Fault- Toler a n c e
– Fault- toler a n c e during runti m e is critical to keep the
applica tion’s dea dlin e
– Suppo r t fault- toler a n c e in two ways
• In the infra s t r u c t u r e layer and in the prog r a m m i n g layer
– The replica tion subs t r a t e in the infra s t r u c t u r e layer provide s a
mech a ni s m to keep the sam e stat e as that of its succe s s o r’s
stat e
• Specifically, coordin a tio n spac e and overlay inform a t io n
 | 143

• The overview of replica tion in the overlay

– Every node has a local spac e in the service layer
• A replica spac e in the infra s t r u c t u r e layer
– When a tuple is inse rt e d or extr a c t e d from the local spac e
• The node notifies this upda t e to its pred e c e s s o r
• The pred e c e s s o r upda t e s the replica spac e
• Every node keep s the sam e replica of its succe s s o r’s local
spac e.
– When a node fails, anoth e r node in the overlay dete c t s the
failur e n o tifie s it to the pred e c e s s o r of the failed node
– The pre d e c e s s o r of the failed node mer g e s the replica spac e into
the local spac e

 This make s all the tuple s from the failed node recove r e d

– The pred e c e s s o r node make s a new replica for the local spac e of
its new succ e s s o r
• Also suppo r t fault- toler a n c e in the prog r a m m i n g layer
– Some tasks can be lost during runti m e
• Beca u s e of netw o r k c o n g e s t i o n or task gen e r a ti o n durin g
failur e
– The mast e r checks the spac e periodic ally and reg e n e r a t e s lost
tasks
• Load Balanci n g
– Execu tin g applica tio n requ e s t s on unde rlying grid reso u r c e s
consis ts of two key steps
– The first consist s of crea ti n g VM inst a n c e s to host each
applica tion requ e s t , matc hin g the specific char a c t e r i s tic s and
req ui r e m e n t s of the req u e s t
• Called VM Provisionin g
– The secon d step is map pi n g and sche d ulin g thes e req u e s t s onto
distrib u t e d physic al resou r c e s
• Called Resou r c e Provisionin g
– Most virtualize d dat a cent e r s curr e n tly provide a set of gen e r al-
purpo s e VM class e s with gene ri c reso u r c e configu r a ti o n s
 | 144

• Quickly beco m e insufficie n t to suppo r t the highly varie d

and interle a v e d workloa d s
– Clients can easily unde r- or overe s ti m a t e their need s beca u s e of
a lack of unde r s t a n d i n g of applica tio n req uir e m e n t s
• Due to applica tio n compl exity and/or unce r t a i n ty
• Results in over- provisionin g due to a tend e n c y to be
cons e rv a tive
• The dece n t r a liz e d clust e ri n g appr o a c h specifically add r e s s e s the
distrib u t e d natu r e of ente r p r i s e grids and clouds
– The appr o a c h builds on a dec e n t r a liz e d mes s a gi n g and data
analysis infra s t r u c t u r e provide s monito ri n g and density- bas e d
clust e ri n g capa bilitie s
– The cha r a c t e r i z a t io n of differe n t reso u r c e class e s can be
acco m plis h e d to provide auto no mi c VM provisionin g
• By clust e ri n g workloa d req u e s t s acros s dat a cent e r job
que u e s
– Has sever al adva n t a g e s
• The capa bility of analyzing jobs acros s a dyna mic set of
distrib u t e d que u e s
• The nond e p e n d e n c y on a priori knowled g e of the num b e r
of clust e ri n g class e s
• The ame nity for online applica tio n
• Timely ada p t a ti o n to chan gin g workloa d s and reso u r c e s
– The robus t nat u r e of the appr o a c h allows
• To han dl e chan g e s (joins/le av e s) in the job queu e serve r s
as well as their failur e s while maximizing the quality and efficiency of the
clust e ri n g
 | 145

UNIT – 4

Archi t e c t u r e forOp e n Fed e r a t e d Clou d Com p u t i n g

Intro d u c t i o n

• With cloud comp u ti n g,

– comp a ni e s can lease infra s t r u c t u r e resou r c e s on- dem a n d from a

virtu ally unlimit e d pool.

– The “pay as you go” billing model applies char g e s for the
actu ally used resou r c e s per unit time.

A busine s s can optimiz e its IT invest m e n t and improv e availability and

scala bility

Iss u e s in curr e n t Clou d s

• Inh e r e n t l y limi t e d scal a b i l i ty of sin g l e - provid e r clo u d s

– Most infras t r u c t u r e cloud provide r s today claim infinite

scala bility

– In the long ter m, scalability proble m s may be expec t e d to

aggr a v a t e when

• Cloud provide r s may serve an incre a s i n g num b e r of on-

line servic es , and

• Servic es beco m e acces s e d by mas sive amou n t s of global

user s at all time s.

• Lack of int er o p e r a b i l i t y am o n g clo u d provid e r s

 | 146

– Conte m p o r a r y cloud tech nologi e s have not bee n design e d with

inte ro p e r a b ility in mind.

• Canno t scale throu g h busine s s part n e r s h i p s acros s clouds

provide r s .

• Preve n t s small and mediu m cloud infras t r u c t u r e provide r s

from ente ri n g the cloud provisionin g mark e t .

– This locks cons u m e r s to a single vendo r.

• No Buil t- In Bu s i n e s s Servi c e Man a g e m e n t Sup p o r t . Busines s

Servic e Man a g e m e n t (BSM) is a man a g e m e n t stra t e g y that allows
busin e s s e s to align their IT man a g e m e n t with their high- level
busin e s s goals. The key aspe c t of BSM is servic e- level agr e e m e n t
(SLA) man a g e m e n t . Curr e n t cloud comp u ti n g solutions are not
design e d to suppo r t the BSM prac tic e s that are well esta blis h e d in the
daily man a g e m e n t of the ente r p ri s e IT depa r t m e n t s .

A Us e cas e

Abou t SAP Sys t e m

• SAP syste m s are use d for a variety of busine s s applica tion s that differ
by version and function ality

EX. CRM, ERP

 | 147

An SAP syste m is a typical thre e- tier syste m

• Requ e s t s are han dl e d by the SAP Web dispa t c h e r
• In the middle tier, the r e are two types of compo n e n t s :
• Multiple stat eful Dialog Inst a n c e s (DIs)
• Single Centr a l Inst a n c e (CI) that perfor m s cent r a l servic es such as
applica tion level locking, mess a gi n g , and regis t r a t io n of DIs. The
num b e r of DIs can be cha n g e d while the syste m is run ni n g to adap t to
load
• A single Datab a s e Man a g e m e n t Syste m (DBMS) serve s the SAP
syste m.

Pri m a r y Req u ir e m e n t s fro m clo u d Infra s t r u c t u r e

• Auto m a t e d and fas t dep l o y m e n t

– Autom a t e d provisionin g of servic e applica tio n s base d on a
form al contr a c t specifying the infras t r u c t u r e SLAs.
– The sam e cont r a c t should be reus e d to provision multiple
insta n c e s of the sam e applica tion for differe n t tena n t s with
differe n t custo miz a tio n s .
• Dyn a m i c ela s t i c i t y ( s e a m l e s s )
Resou r c e alloca tio n para m e t e r s of individu al virtu al execu tio n
environ m e n t s ( m e m o r y , CPU, netw o r k band wi d t h , stora g e ) should be
adjust e d dyna mic ally
– The num b e r of virtual executio n enviro n m e n t s should be
adjust e d dyna mic ally to ada p t to the cha n gi n g load
– Auto m a t e d co n t i n u o u s opti m i z a t i o n
 | 148

– Continu o u s ly optimize align m e n t of infras t r u c t u r e reso u r c e s

man a g e m e n t with the high- level busin e s s goals
– Virtu a l i z a t i o n tec h n o l o g y ind e p e n d e n c e
– Suppo r t differe n t virtu alization tech n ologi e s tran s p a r e n t ly

BASIC PRINCI PLE S OF CLOUD COMP UTI N G

• Fed e r a t i o n : All cloud comp u ti n g provide r s , reg a r dl e s s of how big
they are, have a finite capa city. To grow beyon d this capa city, cloud
comp u ti n g provide r s should be able to form fede r a t io n s of provide r s such
that they can collabo r a t e and shar e their reso u r c e s .
Any fede r a t io n of cloud comp u ti n g provide r s should allow virtual applic ation
to be deploye d acros s fede r a t e d sites. Furt h e r m o r e , virtu al applic ation s
nee d to be comple t ely location free and allow e d to migra t e in part or as a
whole betw e e n sites.
• Ind e p e n d e n c e Users should be able to use the servic es of the cloud
witho u t relying on any provide r specific tool, and cloud comp u ti n g
provide r s should be able to man a g e their infra s t r u c t u r e withou t
exposin g inter n al details to their custo m e r s or part n e r s .
• Isol a t i o n : Cloud comp u ti n g service s are, by definition, hoste d by a
provide r that will simulta n e o u s ly host applica tion s from many
differe n t use r s.
Users must be ens u r e d that their resou r c e s canno t be acce s s e d by
othe r s sharin g the sam e cloud and that ade q u a t e perfor m a n c e
isolation is in place to ensu r e that no othe r user may poss e s s the
powe r to direc tly effect the servic e gra n t e d to their applica tio n.
• Elas t i c i t y: One of the main adva n t a g e s of cloud comp u ti n g is the
capa bility to provide, or rele a s e, reso u r c e s on- dem a n d . Thes e
“elasticity” capa bilities should be enac t e d auto m a ti c ally by cloud
comp u ti n g provide r s to mee t dem a n d variatio n s
• Bu s i n e s s Orie n t a t i o n : Before ent e r p r i s e s move their mission critical
applica tion s to the cloud, cloud comp u ti n g provide r s will nee d to
develop the mech a ni s m s to ens u r e quality of service (QoS) and prop e r
suppo r t for service- level agr e e m e n t s (SLAs).
• Tru s t: Mech a nis m s to build and maint ai n trus t betw e e n cloud
comp u ti n g cons u m e r s and cloud comp u ti n g provide r s , as well as
betw e e n cloud comp u ti n g provide r s amon g them s e lv e s , are ess e n ti al
for the succe s s of any cloud comp u ti n g offerin g

The RESERVOIR Appro a c h

• The RESERVOIR vision is to
– ena bl e on- dem a n d delivery of IT servic es at comp e titive costs,
witho u t req ui ri n g a large capit al invest m e n t in infras t r u c t u r e .
 | 149

• The model is inspir e d by a stron g desir e to liken the delivery of IT

servic es to the delivery of com m o n utilities
– EX. dyna mic ally acqui r e electricity from a neigh b o ri n g facility to
meet a spike in dem a n d .
That is, no single provide r serves all custo m e r s at all times
– Next- gen e r a ti o n cloud comp u ti n g infras t r u c t u r e should suppo r t
a model that Multiple indep e n d e n t provide r s can coope r a t e
sea ml e s s ly to maximize their ben efit.
– Inform ally, we refe r to the infra s t r u c t u r e that suppo r t s this
para di g m as a fede r a t e d cloud.

The RESERVOIR Mod e l for Fed e r a t e d Clou d Com p u t i n g

• Two roles in the RESERVOIR model:
– Servi c e provi d e r s :
• The entitie s that unde r s t a n d the nee d s of a partic ul a r
busin e s s
• Offer service applica tio n s to add r e s s those nee d s.
• Do not own the comp u t a t io n a l resou r c e s .
– Infra s t r u c t u r e provid e r s :
• Oper a t e RESERVOIR sites that own and man a g e the
physical infras t r u c t u r e on which servic e applica tio n s
execu t e.

RESERVOIR Archi t e c t u r e
 | 150

• A Servic e Application is a set of softwa r e compo n e n t s that work

collectively to achieve a com m o n goal.
• Each compo n e n t of such service applic ation s execu t e s in a dedic a t e d
VEE.
• SPs deploy service applica tion s in the cloud by providin g to a IP,
known as the prima r y site, with a Service Manifes t —that is, a
docu m e n t that define s the struc t u r e of the applica tion as well as the
cont r a c t and SLA betw e e n the SP and the IP.
• A Fra m e w o r k Agre e m e n t is docu m e n t that define s the cont r a c t
betw e e n two IPs—tha t is, it stat e s the ter m s and conditions und e r
which one IP can use resou r c e s from anot h e r IP
Within each IP, optim al resou r c e utilization is achieve d by partitionin g
physical resou r c e s , thro u g h a virtualiza tio n layer, into Virtual
Execu tio n Environ m e n t s (VEEs) —fully isolat e d runti m e environ m e n t s
that abst r a c t away the physical cha r a c t e r i s tic s of the reso u r c e and
ena bl e sharin g
• Virtu a l Exe c u t i o n Enviro n m e n t Ho s t (VEEH ) cont ai n s virtu alize d
comp u t a t i o n a l reso u r c e s , alongsid e the virtualiza tion layer and all the
man a g e m e n t ena bl e m e n t compo n e n t s
• It is res po n si bl e for the basic contr ol and monito ri n g of VEEs and their
reso u r c e s (e.g., crea ti n g a VEE, alloca ti n g addition al reso u r c e s to a
VEE, monitori n g a VEE, migr a tin g a VEE, crea ti n g a virtu al netw o r k
and stora g e pool, etc.).
• The Servi c e Man a g e r is the only compo n e n t within an IP that
inte r a c t s with SPs. It receives Service Manifes t s , negoti a t e s pricing,
and han dle s billing. Its two most compl ex tasks are
(1) deploying and provisionin g VEEs bas e d on the Service
Manifes t and
(2) monito ri n g and enforcin g SLA complia n c e by throt tling a
servic e
applica tion’s capa city.
• The Virtu al Exe c u t i o n Envir o n m e n t Man a g e r (VEEM ) is
res po n si bl e for the optim al place m e n t of VEEs into VEE Hosts subjec t
to const r ai n t s dete r m i n e d by the Service Man a g e r
The VEEM is free to place and move VEEs anyw h e r e , even on the
rem ot e
sites (subje ct to over all cross- site agr e e m e n t s ), as long as the
place m e n t
satisfies the const r ai n t s .
• Differe n t imple m e n t a t i o n s of each layer will be able to inter a c t with
each othe r.
 | 151

• The Servi c e Man a g e m e n t Inte rf a c e (S MI ) with its service manifes t

expos e s a sta n d a r d i z e d inte rfa c e into the RESERVOIR cloud for
servic e provide r s .
• The VEE Man a g e m e n t Int erf a c e (VMI) simplifies the introd u c ti o n
of differe n t and indep e n d e n t IT optimiza tio n stra t e gi e s withou t
disru p ti n g othe r layers or pee r VEEMs
• The VEE Ho s t Int erf a c e (VHI) will suppo r t pluggin g- in of new
virtu aliza tio n platfor m s (e.g., hyperviso r s), witho u t req ui ri n g VEEM
reco m pil a tion or rest a r t

Feat u r e s of Fed e r a t i o n Typ e s

• Fra m e w o r k agr e e m e n t su p p o r t : Fra m e w o r k agr e e m e n t s may eithe r
be suppo r t e d by the archit e c t u r e or not. If fram e w o r k agr e e m e n t s are
not suppo r t e d , this implies that feder a tio n may only be carri e d out in a
more ad hoc oppor t u n i s ti c man n e r
• Oppor t u n i s t i c pla c e m e n t su p p o r t : If fram e w o r k agre e m e n t s are
not suppo r t e d by the archit e c t u r e , or if ther e is not enou g h spar e
capacity even includin g the fram e w o r k agre e m e n t s , a site may choos e
to perfor m opport u n i s tic place m e n t . It is a proce s s wher e remo t e sites
are queri e d on- dem a n d as the nee d for addition al reso u r c e s arise s,
and the local site requ e s t s a cert ain SLA-gover n e d capa city for a given
cost from the rem ot e sites
• Advan c e res o u r c e res e r v a t i o n su p p o r t : This featu r e may be used
both when ther e is an existin g fram e w o r k agr e e m e n t and when
opport u ni s ti c place m e n t has bee n perfor m e d . Both types of adva n c e
res e rv a ti o n s are only valid for a cert ain time, since they impac t the
utilization of reso u r c e s at a site. Becau s e of this impa ct, they should
be billed as actu al usa g e durin g the active time interval.
• Fed e r a t e d mi gr a t i o n sup p o r t : The ability to migr a t e machin e s
acros s sites define s the feder a t e d migr a tio n suppo r t . There are two
types of migra tio n: cold and hot (or live).
In col d mi gr a t i o n , the VEE is susp e n d e d and expe ri e n c e s a cert ai n
amou n t of downti m e while it is being tra n sf e r r e d .
Hot or live mi g r a t i o n does not allow for syste m downti m e , and it works by
tran sfe r ri n g
the runti m e stat e while the VEE is still run ni n g.
• Cros s - sit e virtu a l ne t w o r k su p p o r t : VEEs belon gi n g to a servic e are
pote n ti ally conn e c t e d to virtual netwo r k s , if be requ e s t e d by the SP.
Ideally, thes e virtu al netw o r k s will spa n acros s sites.

The fede r a ti o n can offer public IP addr e s s e s rete n tio n post cross- site
migr a tio n. With
 | 152

fully virtualize d netwo r k s, this may be a direc tly suppo r t e d featu r e ; but even
if virtu alize d
netw o r k s are not availabl e, it may still be possible to maint ain public IP
addr e s s e s by
manip ul a tin g routin g inform a ti o n
Inform a ti o n disclos u r e within the fede r a ti o n has also to be take n into
accou n t . The sites in the fede r a ti o n may provide inform a ti o n to differe n t
deg r e e s (for insta n c e , the inform a tio n excha n g e betw e e n sites may be
larg e r within the sam e adminis t r a t iv e dom ain tha n outsid e it).

Infor m a ti o n rega r di n g deploye d VEEs will be prim a rily via the monitori n g
syste m, wher e a s some inform a tio n may also pote n ti ally be expos e d via the
VMI as res po n s e to a VEE deploym e n t requ e s t .

VMI op er a t i o n su p p o r t : Depe n di n g on the req ui r e m e n t s of the fede r a t io n

scen a ri o, only a subs e t of the VMI oper a tio n s may be mad e availa ble.

Which oper a tio n s are requi r e d may be relat e d to the amou n t of inform a tio n
that is expos e d by the remo t e sites; acces s to more inform a t io n may also
incre a s e the possibility and nee d to manip ul a t e the deploye d VEEs.

Fed e r a t i o n Sc e n a r i o s

• The bas e l i n e fed e r a t i o n sc e n a r i o provide s oppor t u ni s tic place m e n t of

VEEs at a remo t e site. Migra tio n is not suppo r t e d , nor does it resize the
VEEs once place d at the rem ot e site.
Advanc e d featu r e s such as virtual netw o r k s acros s site boun d a r i e s are
also not suppo r t e d .
The basi c fed e r a t i o n sc e n a r i o includ e s fram e w o r k agr e e m e n t s , cold
migr a tio n, and rete n tio n of public IP add r e s s e s .
Nota bly missing is
(a) suppo r t for hot migr a tio n and
(b) cross- site virtual netw o r k function ality.

This scen a rio offers a useful cloud comp u ti n g fede r a t io n with suppo r t for
site collabo r a tio n in ter m s of fram e w o r k agre e m e n t s withou t partic ul a rly
high tech n ologic al req ui r e m e n t s on the und e rlyin g archit e c t u r e in ter m s of
netw o r ki n g suppo r t .

• The adva n c e d fed e r a t i o n sc e n a r i o offers advan c e d function ality

such as cross- site virtual netw o r k suppo r t . The feat u r e most nota bly missin g
is hot migr a tio n, and the monito ri n g syste m also does not disclos e VEE sub
stat e met a d a t a infor m a ti o n.
 | 153

• The full feat u r e d fed e r a t i o n sc e n a r i o offers the most comple t e set

of featu r e s , includin g hot migr a tio n of VEEs.

SLA Man a g e m e n t in Clou d Com p u t i n g

• Capa c i ty pla n n i n g : The activity of det e r m i ni n g the num b e r of

serve r s and their capa city that could satisfac t o rily serve the
applica tion end- user requ e s t s at peak loads

An exam pl e scen a ri o wher e two web applica tion s , applica tion A and
applica tion B, are host e d on a sepa r a t e set of dedica t e d serve r s within
the ent e r p ri s e- owne d serve r room s is show n in Figur e 16.1. The
plan n e d capa city for each of the applica tion s to run succ e s sf ully is
thre e serve r s . As the num b e r of web applica tion s grew, the serve r
room s in the orga niz a tio n beca m e larg e and such serve r rooms wer e
known as data cent e r s . Thes e dat a cent e r s were owne d and man a g e d
by the ent e r p ri s e s the m s elve s

• As the num b e r and compl exity of the web applica tio n s gre w,
ente r p r i s e s realize d that it was econo mi c al to outsou r c e the
applica tion hosting activity to third- party infras t r u c t u r e provide r s
• Thes e provide r s get the requir e d har d w a r e and make it availabl e for
applica tion hosting.
 | 154

• It nece s sit a t e d the ente r p r i s e s to ente r into a legal agr e e m e n t with

the infra s t r u c t u r e service provide r s to guar a n t e e a minim u m quality of
servic e (QoS).
• The QoS par a m e t e r s are relat e d to the availability of the syste m CPU,
dat a stor a g e , and netw o r k for efficient execu tion of the applic ation at
peak loads.
• This legal agre e m e n t is know n as the servi c e - lev e l agr e e m e n t
(SLA).

Exa m p l e of SLA
• one SLA may stat e that the applica tio n’s serve r machin e will be
availa ble for 99.9% of the key busin e s s hours of the applica tio n’s end
user s , also called core time, and 85% of the non- core time.
• Anoth e r SLA may stat e that the service provide r would res po n d to a
repo r t e d issue in less than 10 minut e s durin g the core time, but would
res po n d in one hour during non- core time.
• Thes e SLAs are know n as the infras t r u c t u r e SLAs, and the
infras t r u c t u r e service provide r s are known as Applica tion Service
Provide r s (ASPs).
• This scen a rio is depict e d in Figur e, wher e t h e ente r p ri s e applic a tion s
are host e d on the dedica t e d serve r s belon gi n g to an ASP.

• To redu c e the red u n d a n c i e s and incre a s e the serve r utilization in dat a

cent e r s , ASPs start e d co- hostin g applica tio n s with comple m e n t a r y
 | 155

workloa d patt e r n s . Co- hostin g of applica tio n s mea n s deploying more

than one applica tio n on a single serve r
• Virtualization tech nolo gi e s have bee n propo s e d to overco m e the
proble m s of secu ri ty and perfor m a n c e isolation
• Adoption of virtu aliza tio n tech nolo gie s requir e d ASPs to get more
detaile d
• insight into the applica tio n runti m e char a c t e r i s ti c s with high
accu r a c y. Base d on thes e char a c t e r i s ti c s, ASPs can alloca t e syste m
reso u r c e s more efficiently to thes e applica tio n s on- dem a n d , so that
applica tion- level met ric s can be monito r e d and met effectively. Thes e
met ric s are requ e s t rate s and res po n s e times.
Therefor e , differ e n t SLAs than the infras t r u c t u r e SLAs are requir e d .
Thes e SLAs are called applica tion SLAs. These servic e provide r s are
known as Man a g e d Servic e Provide r s (MSP) beca u s e the servic e
provide r s were res po n s i bl e for man a gi n g the applic ation availability
too

This scen a rio is show n in Figur e , whe r e both applic ation A and
applica tion B shar e the sam e set of virtu alize d serve r s .

TRADITIO NAL APPROAC HE S TO SLO MANAGEME N T

Tradition ally, load bala n c i n g tech ni q u e s and ad m i s s i o n co n tr o l
mech a ni s m s have bee n used to provide gua r a n t e e d quality of servic e (QoS)
for hoste d web applica tio n s

• Load Bal a n c i n g : The objective of a load balan ci n g is to distrib u t e the

incomin g req u e s t s
onto a set of physic al machin e s , each hosting a replica of an applic ation, so
that the load on the machin e s is equ ally distrib u t e d .
 | 156

The load bala nci n g algorit h m execu t e s on a physic al mac hi n e that interfa c e s
with the client s. This physical mac hin e , also called the front- end node,
receive s the incomin g requ e s t s and distrib u t e s thes e requ e s t s to differ e n t
physical machi n e s for furth e r execu tion.

This set of physical mac hin e s is res po n si bl e for servin g the incomi n g
req u e s t s and are known as the back- end node s.

Cate g o r i e s of Load Bala n c i n g Algori t h m s

• Clas s - ag n o s t i c : The front- end node is neith e r awa r e of the type of client
from which the req u e s t origina t e s nor awa r e of the cate g o r y (e.g., brow si n g,
selling, paym e n t , etc.) to which the requ e s t belon g s to.
• Clas s - awar e : The front- end node must addition ally inspe c t the type of
client making the requ e s t and/or the type of service requ e s t e d before
deciding which back- end node should service the requ e s t .
• Admi s s i o n Contr o l: Decidin g the set of requ e s t s that should be admit t e d
into the applic ation serve r when the serve r expe ri e n c e s “very” heavy loads.

During overloa d situa tion s, since the res po n s e time for all the requ e s t s
would invaria bly degr a d e if all the arriving requ e s t s are admitt e d into the
serve r, it would be prefe r a b l e to be selective in identifying a subs e t of
req u e s t s that should be admitt e d into the syste m so that the overall pay- off
is high.

• The objective of admis sio n cont rol mec h a ni s m s , ther efo r e , is to police the
incomin g requ e s t s and identify a subs e t of incomin g req u e s t s that can be
admitt e d into the syste m when the syste m faces overloa d situa tio n s .
 | 157

 Request-based admission control algorithms reject new requests if the servers are running to
their capacity.

The disadv a n t a g e with this appr o a c h is that a client’s session may consistof
multiple req u e s t s that are not nec e s s a rily unrel a t e d . Cons e q u e n t ly, some
req u e s t s are reject e d even if the r e are othe r s that are honor e d .

• Se s s i o n - bas e d ad mi s s i o n co n tr o l mech a ni s m s try to ensu r e that

longe r session s are comple t e d and any new session s are reject e d.
Accordin gly, once a session is admitt e d into the serve r, all futur e requ e s t s
belongin g to that session are admitt e d as well, even thou g h new session s
are reject e d by the syste m .

• Furt h e r m o r e , the decision to rejec t a req u e s t can depe n d on the type

of user makin g the req u e s t or the natu r e of the req u e s t being mad e.
• For exam pl e, a new requ e s t or a new session initiat e d by a high-
priority user may be admitt e d while the req u e s t s from low priority use r s
are reject e d.
• Similarly, requ e s t s that are likely to consu m e more syste m resou r c e s
can be rejec t e d during overloa d situa tion s.
• Such admis sio n control mec h a ni s m s are called QoS- awar e con tr o l
mech a ni s m s

TYPES OF SLA
• Servic e- level agre e m e n t provide s a fram e w o r k within which both
seller and buye r of a service can purs u e a profita bl e service busin e s s
relation s hi p.
• It outline s the broa d und e r s t a n d i n g betw e e n the servic e provide r and
the service consu m e r for cond u c ti n g busine s s and forms the basis for
maint ai nin g a mut u ally beneficial relation s hi p.
• From a legal pers p e c tiv e, the nece s s a r y ter m s and condition s that
bind the servic e provide r to provide service s contin u a lly to the service
cons u m e r are form ally define d in SLA.
• SLA can be modele d using web service- level agre e m e n t (WSLA)
lang u a g e Specifica tio n. Service- level para m e t e r , met ric, function,
 | 158

meas u r e m e n t direc tive, service- level objective, and penalty are som e of the
impor t a n t compo n e n t s of WSLA

Key Com p o n e n t s of a Servi c e - Level Agre e m e n t

• Servic e- Level Descri b e s an obse rv a bl e prope r t y
Para m e t e r of a service whos e value is mea s u r a b l e
• Met rics Met rics are the key instr u m e n t to desc rib e exactly
what SLA para m e t e r s mea n by specifying how to mea s u r e or
comp u t e the par a m e t e r value s
• Func tion A function specifies how to comp u t e
a
met ric’s value from the values of othe r
met ric s and const a n t s
• Mea s u r e m e n t Thes e specify how to mea s u r e a
met ric
directives

There are two type s of SLAs from the pers p e c tive of applic ation hosting

Infra s t r u c t u r e SLA : The infra s t r u c t u r e provide r man a g e s and offers

guar a n t e e s on availa bility of the infras t r u c t u r e , nam ely, serve r machin e,
powe r, netwo r k conn e c tivity, and so on.

Ente r p ri s e s man a g e the m s elv e s , their applic ation s that are deploye d on
thes e serve r mac hin e s . The mac hin e s are leas e d to the custo m e r s and are
isolat e d from mac hi n e s of othe r custo m e r s .
Appli c a t i o n SLA : In the applic a tion co- location hosting model, the serve r
capacity is availabl e to the applica tion s bas e d solely on their reso u r c e
dem a n d s .

Henc e, the servic e provide r s are flexible in alloca tin g and de-
allocatin g c o m p u t i n g reso u r c e s amon g the co- locat e d applic ation s.
Therefor e , the servic e provide r s are also res po n si ble for ens u ri n g to mee t
their custo m e r’s applica tion SLOs

Key Con tr a c t u a l Ele m e n t s of an Infra s t r u c t u r a l SLA

• Hard w a r e availa bility 99% uptim e in a calen d a r mont h
• Powe r availa bility 99.99% of the time in a calen d a r
mont h
• Data cent e r netw o r k 99.99% of the time in a calen d a r mont h
availa bility
 | 159

• Backbo n e netw o r k 99.99 9 % of the time in a calen d a r

mont h availability
• Servic e credit for Refund of service credit
pror a t e d on downti m e period
unavaila bility
• Outa g e notifica tio n Notification of custo m e r
within 1 hr of compl et e downti m e
guar a n t e e
• Inte r n e t laten cy When laten cy is mea s u r e d at 5- min
inte rv als to an upst r e a m
guar a n t e e provide r, the aver a g e does n’t
exce e d 60 msec
• Packe t loss gua r a n t e e Shall not exce e d 1% in a
calen d a r mont h

Key co n tr a c t u a l co m p o n e n t s of an appli c a t i o n SLA

• Servic e- level Web site res po n s e time (e.g., max of 3.5 sec per use r
req u e s t )
Para m e t e r met ric
Late ncy of web serve r (WS) (e.g., max of 0.2 sec per req u e s t)

Laten cy of DB (e.g., max of 0.5 sec per que ry)

• Func tion Avera g e laten cy of WS = (la t e n c y of web serve r

1+l a t e n c y of
web serve r 2 ) /2
Web site res po n s e time = Averag e latency of web serve r + l a t e n c y of
dat a b a s e
• Mea s u r e m e n t DB laten cy available via
http://m g m t s e r v e r / e m /l a t e n c y
directive WS latency available via http://m g m t s e r v e r / w s /i n s t a n c e n o /
laten cy
• Servic e- level Servic e ass u r a n c e
objective web site latency , 1 sec whe n concu r r e n t
conn e c tio n , 1000
• Penalty 1000 USD for every minut e while the SLO was
bre a c h e d

LIFE CYCLE OF SLA

• Each SLA goes throu g h a sequ e n c e of step s star tin g from
identifica tio n of ter m s and condition s, activation and monitori n g of the
 | 160

stat e d ter m s and conditions, and event u al ter mi n a ti o n of cont r a c t once

the hostin g relation s hi p ceas e s to exist.

Such a sequ e n c e of step s is called SLA life cycle and consist s of

thefollowin g five phas e s :
1. Contr a c t definition
2. Publishin g and discove ry
3. Negoti a tion
4. Oper a tio n aliz a tio n
5. De- com mis sioni n g

• Contr a c t Defi n i t i o n : Service provide r s define a set of service offering s

and corr e s p o n d i n g SLAs using stan d a r d tem pl a t e s . Thes e service offerin g s
form a catalo g. Individu al SLAs for ente r p r i s e s can be derive d by
custo mizin g thes e bas e SLA tem pl a t e s .
• Pu bli c a t i o n an d Dis c o v e r y : Service provide r adver tis e s thes e bas e
servic e offerin g s throu g h stan d a r d publica tion media, and the custo m e r s
should be able to locate the service provide r by sea rc hi n g the catalog. The
custo m e r s can sea rc h differe n t comp e ti tive offering s and shortlist a few
that fulfill their requir e m e n t s for furth e r negoti a tio n.
• Ne g o t i a t i o n : Once the custo m e r has discove r e d a servic e provide r who
can meet their applic ation hosting nee d, the SLA ter m s and conditions
nee d s to be mut u ally agr e e d upon befor e signin g the agre e m e n t for
hosting the applica tio n.

For a stan d a r d packa g e d applica tion which is offere d as service,

thisp h a s e could be
auto m a t e d . For custo miz e d applica tion s that are host e d on cloud platfor m s ,
this pha s e is
man u al.

The service provide r nee d s to analyze the applic ation’s beh avior with
res p e c t to
scala bility and perfor m a n c e before agre ei n g on the specifica tion of SLA. At
the end of
this pha s e , the SLA is mut u ally agre e d by both custo m e r and provide r and is
event u a lly
signe d off.

• Oper a t i o n a l i z a t i o n : SLA oper a tio n consist s of

• SLA mo n i t o r i n g involves mea s u ri n g par a m e t e r values and calcula ti n g the
met ric s define d as a part of SLA and det e r m i ni n g the deviation s. On
identifying the deviations , the conce r n e d partie s are notified.
 | 161

• SLA ac c o u n t i n g involves capt u ri n g and archiving the SLA adhe r e n c e for

complia n c e . As part of accou n ti n g , the applic ation’s actu al perfor m a n c e and
the perfor m a n c e guar a n t e e d as a part of SLA is repor t e d . Apart from the
frequ e n c y and the dura tio n of the SLA bre a c h, it should also provide the
pen altie s paid for eac h SLA violation
• SLA enf o r c e m e n t involves taking appr o p ri a t e action whe n the runti m e
monito ri n g dete c t s a SLA violation. Such actions could be notifying the
conc e r n e d partie s, cha r gi n g the penaltie s beside s othe r thing s.
The differ e n t policies can be expre s s e d using a subs e t of the Comm o n
Inform a ti o n Model (CIM). The CIM model is an open stan d a r d that allows
expr e s si n g man a g e d elem e n t s of dat a cent e r via relation s hi p s and comm o n
object s.
• De- co m m i s s i o n i n g : SLA deco m m i s sio ni n g involves ter mi n a ti o n of all
activities perfor m e d und e r a partic ul a r SLA whe n the hostin g relation s hi p
betw e e n the servic e provide r and the service cons u m e r has end e d. SLA
specifies the ter m s and condition s of contr a c t ter mi n a tio n and specifies
situa tio n s und e r which the relation s hi p betw e e n a servic e provide r and a
servic e cons u m e r can be consid e r e d to be legally end e d.

SLA MANAGE ME N T IN CLOUD

SLA man a g e m e n t of applic ation s host e d on cloud platfor m s involves five
phas e s .
1. Feasibility
2. On- boar di n g
3. Pre- prod u c tio n
4. Produ c tio n
5. Termin a tio n

I. Fea s i b i l i t y Analy s i s : MSP condu c t s the feasibility study of hosting an

applica tion on their cloud platfor m s .
This study involves thre e kinds of feasibility:
1. Technic al feasibility
2. Infra s t r u c t u r e feasibility, and
3. Fina nci al feasibility
1. Tec h n i c a l Fea s i b i l i t y : The tech nic al feasibility of an applic ation implies
dete r m i ni n g the following:
1. Ability of an applica tio n to scale out.
2. Comp a ti bility of the applica tio n with the cloud platfor m being used
within the MSP’s data cent e r.
3. The nee d and availa bility of a specific hard w a r e and softw a r e
req ui r e d for hostin g and run ni n g of the applica tio n.
4. Prelimin a ry inform a ti o n abou t the applica tion perfor m a n c e and
whet h e r they can be met by the MSP.
 | 162

2. Infra s t r u c t u r e fea s i b i l i t y involves det e r m i ni n g the availability of

infras t r u c t u r a l reso u r c e s in sufficient qua n ti ty so that the project e d
dem a n d s of the applica tio n can be met
3. Fina n c i a l fea s i b i l i t y study involves dete r mi ni n g the approxi m a t e
cost to be incur r e d by the MSP and the price the MSP char g e s the
custo m e r so that the hosting activity is profita bl e to both of the m
A feasibility repor t consist s of the res ults of the above thre e feasibility
studie s. The repo r t forms the basis for furt h e r com m u nic a t io n with the
custo m e r .
Once the provide r and custo m e r agr e e upon the finding s of the repor t, the
outso u r ci n g of the applica tio n hostin g activity proc e e d s to the next phas e,
called “onboa r di n g ” of applica tion.
Only the basic feasibility of hosting an applica tio n has bee n carrie d in this
phas e. How ev e r, the det aile d runti m e char a c t e r i s tic s of the applic ation are
studie d as part of the on- boar din g activity.

II . On- Boar d i n g of Appli c a t i o n : Once the custo m e r and the MSP agre e in
principle to host the applica tio n bas e d on the findings of the feasibility
study, the applica tion is moved from the custo m e r serve r s to the hosting
platfor m . Moving an applica tio n to the MSP’s hostin g platfor m is called on-
boar d i n g
As part of the on- boar di n g activity, the MSP unde r s t a n d s the applic ation
runti m e char a c t e r i s ti c s using runtim e profilers.
This helps the MSP to identify the possible SLAs that can be offere d to the
custo m e r for that applica tio n.
This also helps in crea tio n of the nece s s a r y policies (also called rule sets)
req ui r e d to guar a n t e e the SLOs mention e d in the applica tio n SLA.
The applica tion is acce s si bl e to its end user s only after the onboa r di n g
activity is comple t e d

• On- boar di n g activity consist s of the following steps:

a. Packin g of the applica tion for deploying on physic al or virtual
environ m e n t s . Applicatio n packa gi n g is the proc e s s of cre a ti n g deploya ble
compo n e n t s on the hosting platfor m
b. The pack a g e d applic ation is execut e d direc tly on the physical serve r s
to capt u r e and analyze the applica tio n perfor m a n c e char a c t e r i s ti c s. It
allows the function al validation of custo m e r’s applica tio n. Addition ally, it
helps to identify the natu r e of applic a tion—t h a t is, whet h e r it is CPU-
inte n sive or I/O inte nsive or netwo r k- inte nsive and the pote n ti al
perfor m a n c e bottle n e c k s
c. The applica tio n is exec u t e d on a virtu alize d platfor m and the
applica tion perfor m a n c e char a c t e r i s ti c s are note d again. Impor t a n t
 | 163

perfor m a n c e char a c t e r i s tic s like the applic ation’s ability to scale (out and
up) and perfor m a n c e boun d s (minim u m and maxim u m perfor m a n c e ) are
note d
d. Based on the meas u r e d perfor m a n c e char a c t e r i s ti c s, differ e n t possible
SLAs are identified. The reso u r c e s req ui r e d and the costs involved for eac h
SLA are also comp u t e d
e. Once the custo m e r agre e s to the set of SLOs and the cost, the MSP
start s crea ti n g differe n t policies requir e d by the data cent e r for auto m a t e d
man a g e m e n t of the applic ation. Thes e policies are of thre e types:
(1) Busine s s policies help prioritize acce s s to the reso u r c e s in case of
cont e n tio n s . Busine s s policies are in the form of weigh t s for differe n t
custo m e r s or group of custo m e r s .
(2) Oper a tio n a l policies are the actions to be take n when differe n t
thre s h ol d s/ co n di tio n s are reac h e d . Also, the actions whe n thre s h ol d s/
conditions /t ri g g e r s on service- level para m e t e r s are brea c h e d or about to be
bre a c h e d are define d.
(3) Provisionin g: The corr e c tiv e action could be differe n t types of
provisionin g such as scale- up, scale- down, scale- out, scale- in, and so on, of a
partic ul a r tier of an applica tio n. Addition ally, notifica tio n and loggin g action
are also define d.
Oper a tio n al policies (OP) are rep r e s e n t e d in the following form a t:
OP = collection of <Co n di tio n, Action >
Ex: OP < av e r a g e laten cy of web serve r > 0.8 sec, scale- out the web- serve r
tier >
It mea n s , if aver a g e laten cy of the web serve r is more than 0.8 sec then
auto m a t i c ally scale out the web- serve r tier. On reac hin g this thre s h ol d, MSP
should incre a s e the num b e r of insta n c e s of the web serve r.

A provisionin g policy (PP) is rep r e s e n t e d as

PP = collection of <Re q u e s t , Action >
For exa m pl e, a provisionin g policy to start a web site consis ts of the
following sequ e n c e : sta rt dat a b a s e serve r, sta rt web- serve r insta n c e 1,
followe d by start the web- serve r insta n c e 2, and so on.
On defining thes e policies, the pack a g e d applica tio n s are deploye d on the
cloud platfor m and the applica tio n is test e d to validat e whet h e r the policies
are able to meet the SLA requi r e m e n t s .
This step is iter a tive and is rep e a t e d until all the infra s t r u c t u r e condition s
nece s s a r y to satisfy the applic ation SLA are identified.
Once the differe n t infra s t r u c t u r e policies nee d e d to gua r a n t e e the SLOs
mention e d in the SLA are compl e t ely capt u r e d , the on- boar di n g activity is
said to be comple t e d .
 | 164

III. Prep r o d u c t i o n : Once the det e r mi n a t i o n of policies is compl et e d , the

applica tion is host e d in a simulat e d produ c tio n environ m e n t .
It facilita t e s the custo m e r to verify and validat e the MSP’s finding s on
applica tion’s runti m e char a c t e r i s ti c s and agr e e on the define d SLA.
Once both parti e s agr e e on the cost and the ter m s and condition s of the
SLA, the custo m e r sign- off is obtain e d.
On succe s sf ul compl e tion of this phas e the MSP allows the applica tio n to go
on- live.
IV. Prod u c t i o n : In this phas e, the applica tio n is mad e acces si bl e to its end
user s und e r the agr e e d SLA.
Howeve r , ther e could be situa tio n s when the man a g e d applica tio n tends to
beh av e differe n tly in a produ c tio n environ m e n t comp a r e d to the
pre p r o d u c t i o n environ m e n t .
This in turn may caus e sust ai n e d bre a c h of the ter m s and condition s
mention e d in the SLA.

Additionally, custo m e r may req u e s t the MSP for inclusion of new ter m s and
conditions in the SLA. If the applic ation SLA is bre a c h e d frequ e n tly or if the
custo m e r requ e s t s for a new non- agre e d SLA, the on- boar din g proce s s is
perfor m e d again.
In the case of the form e r , on- boar di n g activity is repe a t e d to analyze the
applica tion and its policies with res p e c t to SLA fulfillme n t.
In case of the latte r, a new set of policies are form ul a t e d to meet the fresh
ter m s and condition s of the SLA.
V. Ter m i n a t i o n : When the custo m e r wishes to withd r a w the host e d
applica tion and does not wish to contin u e to avail the servic es of the MSP
for man a gi n g the hosting of its applica tion, the ter mi n a tio n activity is
initiat e d.
On initiation of termin a tio n, all dat a relat e d to the applica tio n are
tran sfe r r e d to the custo m e r and only the ess e n ti al inform a ti o n is retain e d
for legal complia n c e .
This ends the hostin g relation s hi p betw e e n the two partie s for that
applica tion, and the custo m e r sign- off is obtain e d
 | 165

HPC on Clou d s Perfor m a n c e Pre d i c t i o n

 | 166

Hi g h -perf or m a n c e co m p u t i n g (HPC ) is the use of parallel proc e s si n g

for run ni n g advan c e d applica tio n progr a m s efficien tly, reliably and
quickly.

HPC on Clou d

• Cloud comp u ti n g may be exploite d at thre e differe n t levels: IaaS

(Infra s t r u c t u r e as a Service), PaaS (Platfor m as a Service), and AaaS
(Application as a Service).

• In one way or anot h e r , all of the m can be useful for HPC.

• But, IaaS lets user s run applica tio n s on fast pay- per- use mac hi n e s
they don’t want to buy, to man a g e , or to maint ai n.

• An IaaS cloud enviro n m e n t uses a virtu alization engin e. Basically, this

engin e provide s by mea n s of a hype rviso r the illusion of multiple
indep e n d e n t replica s of every physical machin e in the cloud.

• Furt h e r m o r e , the total comp u t a t i o n al powe r can be easily incre a s e d

(by addition al char g e ).

• For the HPC use r, this solution is undou b t e dly attr a c tive:

• no invest m e n t in rapidly- obsoles cin g mac hin e s

• no powe r and cooling night m a r e s , and

• no syste m softw a r e upd a t e s

• HPC users usu ally exploit parallel har d w a r e , and so they would like to
get par allel har d w a r e to execu t e their explicitly- par allel applica tio n s .

• They want to receive from the cloud a (possibly high) num b e r of

powe rful machin e s with fast inter co n n e c t that could rese m bl e a high-
perfor m a n c e comp u ti n g cluste r.

• Stat e d anot h e r way, they exploit the cloud as a provide r of clust e r on-
dem a n d (CoD) syste m s .

• They obtain clust e r s that they can configu r e accor di n g to their

softw a r e requir e m e n t s .

• This is possible since thes e are in fact virtu al clust e r s , whos e

man a g e m e n t (even in ter m s of the num b e r of node s and their
configu r a t io n s) is compl e t ely deleg a t e d to the cloud user.
 | 167

The adoptio n of the cloud par a di g m in HPC is relat e d to the evalua tio n
(and, possibly, to the redu c tio n) of possible perfor m a n c e losses comp a r e d
to physical HPC hard w a r e .

In clouds, perfor m a n c e pen alti e s may app e a r at two differe n t levels:

 Virtual Engine (VE): These are related to the performance loss introduced by the virtualization
mechanism. They are strictly related to the VE technology adopted.
 Cloud Environment (CE): These are the losses introduced at a higher level by the cloud
environment, and they are mainly due to overheads and to the sharing of computing and
communication resources.

The actu al hard w a r e use d in the cloud, along with the losses at the VE
and CE
levels, will dete r mi n e the actu al perfor m a n c e of applica tion s runnin g in
the
cloud

Phys i c a l and Virtu al Clu s t e r

• A physical clust e r is mad e up of a front- end (typically used only for

adminis t r a t i o n purpo s e s , often the only node with a public IP add r e s s )
and a num b e r of (physical) proce s si n g node s. Thes e are provide d with
a single CPU or with multiple CPUs shari n g a com m o n memo ry and
I/O resou r c e s .
• A physical clust e r can execu t e multiple jobs in par allel, by assig ni n g to
every job a subs e t of the total num b e r of CPUs.
• A par allel applica tio n runnin g in a physic al clust e r is compos e d of
proc e s s e s .
• To exploit all the available comp u ti n g reso u r c e s , the applica tion
should use at least a num b e r of proc e s s e s equ al to the num b e r of
availa ble CPUs (or, in the case of conc u r r e n t jobs, equ al to the
num b e r of CPU exclusively res e rv e d for the job).
 | 168

• The main proble m with physic al clust e r s is that all jobs runnin g on the
clust e r , whet h e r concu r r e n t or non- conc u r r e n t , have to shar e the
sam e oper a ti n g syste m (OS), the syste m and applica tio n libra ri e s , and
the oper a ti n g enviro n m e n t .
• The freq u e n tly recu r ri n g req ui r e m e n t s for mut u ally exclusive or
incom p a t i bl e libra ri e s and suppo r t softw a r e make physical cluste r
man a g e m e n t a night m a r e for syste m adminis t r a t o r s .

A virtual clust e r is mad e up of a virtual front- end and a num b e r of virtu al

Node s. Virtual front- ends are obtain e d by virtu alization of a physic al
front end machin e, and virtual node s are obtain e d by virtu aliza tio n of
physical proc e s si n g node s

Virtual clust e r may have an exec ution environ m e n t of its own (OS,
libra ri e s, tools, etc.) that is loade d and initialize d whe n the clust e r is
cre a t e d .

The adva n t a g e s of clust e r virtu alization are:

• Every applica tion can set up a prop e r execu tion environ m e n t , which
does not interfe r e with all othe r applica tio n s and virtu al cluste r s run ni n g
on the har d w a r e .
• The netw o r k traffic of every virtu al cluste r is enca p s ul a t e d in a
sepa r a t e VLAN

Every virtu al proce s si n g node can host one or sever al virtual

machin e s (VM s), each run ni n g a privat e OS insta n c e . These may belong to
the sam e or to differe n t virtu al clust e r s

In turn, eac h VM is provide d with sever al virtual CPUs (VCPUs). A virtu al

machin e man a g e r run ni n g in every node make s it possible to sha r e the
physical CPUs amon g the VCPUs define d on the node (which may belong
to a single virtu al clust e r or to sever al virtual clust e r s )

Given a physical node provide d with n CPUs, ther e are two possibilities
to exploit all the comp u ti n g resou r c e s available:
 Using n VMs (each running its OS instance) with one, or even several, VCPUs;
 Using a single VM with at least n VCPU

Grid vs Clou d

From the HPC point of view

 | 169

• Cloud environ m e n t s are a cent r a liz e d reso u r c e of comp u t a t io n a l

powe r.
• On the othe r hand, the grid par a di g m propos e s a distrib u t e d appr o a c h
to comp u t a t io n a l resou r c e s , “gluing” toge t h e r distrib u t e d dat a cent e r s
to build up a comp u t a t io n a l grid, acces si bl e in a simple and
stan d a r d iz e d way.
• Their objective is the sam e: offering comp u t a t io n al powe r to final
user s . But this is obtain e d following two differ e n t appr o a c h e s :
• cent r aliz e d for clouds and
• distrib u t e d for grids.

Grid was desig n e d with a botto m- up app ro a c h .

• Its goal is to sha r e a hard w a r e or a softw a r e amon g differe n t
orga niza tio n s by mea n s of com m o n protocols and policies.
• The idea is to deploy intero p e r a b l e service s in orde r to allow the
acce s s to physic al resou r c e s (CPU, mem o ry, mas s stora g e , etc.) and
to available softw a r e utilities. Users get acce s s to a real mac hi n e .
• Grid resou r c e s are adminis t r a t e d by their owne r s. Authoriz e d use r s
can invoke grid servic es on rem ot e machin e s witho u t paying and
witho u t service level gua r a n t e e s .
• A grid middlew a r e provide s a set of API (actu ally service s) to progr a m
a hete r o g e n e o u s , geog r a p h i c ally distrib u t e d syste m .

On the othe r hand, cloud tech nolo gy was desig n e d using a top- down
appr o a c h .
• It aims at providin g its use rs with a specific high- level function ality:
a stor a g e , a comp u ti n g platfor m , a specialize d servic e. They get virtual
reso u r c e s from
the cloud.
• The und e rlyin g har d w a r e / s oft w a r e infras t r u c t u r e is not expos e d. The
only inform a ti o n the use r nee d s to know is the quality of service (QoS)
of the servic es he is paying for. Band wid t h, comp u ti n g powe r, and
stora g e rep r e s e n t para m e t e r s that are used for specifying the QoS
and for billing.
• Cloud users ask for a high- level function ality (service, platfor m ,
infras t r u c t u r e ) , pay for it, and beco m e owne r s of a virtu al machi n e .
• A single ente r p ri s e is the owne r of the cloud platfor m (softw a r e and
und e rlyin g hard w a r e ), whe r e a s custo m e r s beco m e owne r s of the
virtu al resou r c e s they pay for.
• Cloud suppo r t e r s claim that the cloud is easy to be use d, is scala ble,
and always gives user s exactly what they want.
• On the othe r hand, grid is difficult to be use d, does not give
perfor m a n c e gua r a n t e e s , is used by narr o w comm u ni tie s of scientis t s
 | 170

to solve specific probl e m s , and does not actu ally suppo r t

inte ro p e r a b ility

• Grid suppo r t e r s answ e r that grid user s do not nee d a credit card, that
arou n d the world ther e are many exam pl e s of succe s sf ul project s, and
that a gre a t num b e r of comp u ti n g nodes conn e c t e d acros s the net
execu t e larg e scale scientific applica tion s , add r e s s i n g proble m s that
could not be solved othe r wi s e

Grid and Clou d Int e g r a t i o n

The inte g r a t io n of cloud and grid, or at least their integ r a t e d utilization,
has bee n propo s e d since ther e is a trad e- off betw e e n applic ation
turn a r o u n d and syste m utilization, and some ti m e s it is useful to choos e
the rightc o m p r o m i s e betw e e n the m

Two main app ro a c h e s have been propos e d :

• Grid on Clou d . A cloud IaaS (Infras t r u c t u r e as a Service) appr o a c h
isadop t e d to build up and to man a g e a flexible grid syste m . Doing so,th e
grid middle w a r e runs on a virtual machin e. Henc e the main dra w b a c k of
this app ro a c h is perfor m a n c e . Virtualization inevita bly ent ails
perfor m a n c e losses as comp a r e d to the direc t use of physical resou r c e s .
• Cloud on Grid: The stable grid infrastructure is exploited to build up a cloud environment. This
solution is usually preferred because the cloud approach mitigates the inherent complexity of the
grid. In this case, a set of grid services is offered to manage (create, migrate, etc.) virtual machines

HPC IN THE CLOUDPERFORMANCE-RELATED ISSUES

The adoption of the cloud paradigm for HPC is a flexible way to deploy (virtual) clusters dedicated to
execute HPC applications

The first and well-known difference between HPC and cloud environmentsis the different economic
approach:

(a) buy-and-maintain for HPC and

(b) pay-per-use in cloud systems

In the latter, every time that a task is started, the user will be charged for the used resources. But it
is very hard to know in advance which will be the resource usage and hence the cost. On the other
hand, even if the global expense for a physical cluster is higher, once the system has been acquired,
all the costs are fixed and predictable
 | 171

In clouds, performance counts two times. Low performance means not only long waiting times, but
also high costs

The total cost is given by

<cost per hour per instance>* <number of instances>*<hours>

The use of alternative cost factors (e.g., the RAM memory allocated, as for GoGrid, leads to
completely different considerations and requires different application optimizations to reduce the
final cost of execution.

The typical HPC user would like to know how long his application will run on the target cluster and
which configuration has the highest performance/cost ratio.

The advanced user, on the other hand, would also know if there is a way to optimize its application
so as to reduce the cost of its run without sacrificing performance.

The high-end user, who cares more for performance than for the cost to be sustained, would like
instead to know how to choose the best configuration to maximize the performance of his
application.

The system dimensioning is the choice of the system configuration fit for the

user purposes (cost, maximum response time, etc.).

An HPC machine is chosen and acquired, aiming to be at the top of available

technology and to be able to sustain the highest system usage that may eventually be required. This
can be measured in terms of GFLOPS, in terms of number of runnable jobs, or by other indexes
depending on the HPC applications that will be actually executed.

In other words, the dimensioning is made by considering the peak system usage. It takes place at
system acquisition time, by examining the machine specifications or by assembling it using hardware
components of known performance.
 | 172

In clouds, instead, the system must be dimensioned by finding out an optimal trade-off between
application performance and used resources.

The optimality is a concept that is fairly different, depending on the class of users.

Someone would like to obtain high performance at any cost, whereas others would privilege
economic factors

Supporting HPC in the Cloud

To support HPC applications, a fundamental requirement from a cloud provider is that an adequate
service-level agreement (SLA) is granted.

For HPC applications, the SLA should be different from the ones currently offered for the most
common uses of cloud systems, oriented at transactional Web applications.

The SLA should offer guarantees useful for the HPC user to predict his application performance
behavior and hence to give formal (or semiformal) statements about the parameters involved.

At the state of the art, cloud providers offer their SLAs in the form of a contract (hence in natural
language, with no formal specification).
 | 173

BEST PRACTICE S IN ARCHITECTI NGCLOU D

APPLICATIO N S IN THEAWS CLOUD
Bu s i n e s s Be n e f i t s of Clou d Com p u t i n g

There are some clear busine s s ben efits to building applic ation s in the cloud:

• Almo s t Zero Upfro n t Infra s t r u c t u r e Inve s t m e n t . If we have to

build a larg e scale syste m , it may cost to invest in real esta t e, physic al
secu ri ty, hard w a r e (racks, serve r s , rout e r s , back u p powe r supplies),
har d w a r e man a g e m e n t (powe r man a g e m e n t , cooling), and oper a tio n s
pers o n n e l. Beca u s e of the high upfron t costs, the projec t would
typically requir e sever al roun d s of man a g e m e n t appr ov als before the
project could even get star t e d . Now, with utility- style cloud
comp u ti n g , the r e is no fixed cost or star t u p cost.

• Just- in- Tim e Infra s t r u c t u r e : By deploying applic ation s in- the- cloud
with just- in- time self- provisionin g, we do not have to worry about pre-
proc u ri n g capa city for large- scale syste m s . This incre a s e s agility,
lower s risk, and lower s oper a tio n al cost beca u s e you scale only as you
grow and only pay for what you use.

• Mor e Effici e n t Res o u r c e Utiliz a t i o n : Syste m administ r a t o r s usually

worry about procu ri n g hard w a r e (whe n they run out of capacity) and
highe r infra s t r u c t u r e utilization (whe n they have exces s and idle
 | 174

capacity). With the cloud, they can man a g e resou r c e s more

effectively and efficiently by having the applica tio n s req u e s t and
relinq ui s h reso u r c e s on- dem a n d

• Usa g e - Bas e d Costi n g : With utility- style pricing, you are billed only
for the infras t r u c t u r e that has bee n used

• Reduced Time to Market: Parallelization is one of the great ways to speed up processing. Having
available an elastic infrastructure provides the application with the ability to exploit
parallelization in a cost-effective manner reducing time to market

Tec h n i c a l Be n e f i t s of Clou d Com p u t i n g

Some of the tech nic al benefits of cloud comp u ti n g includ e s :

• Auto m a t i o n —“Script a bl e Infras t r u c t u r e ” : cre a t e repe a t a b l e build

and deploym e n t syste m s by lever a gi n g prog r a m m a b l e (API- drive n)
infras t r u c t u r e .

• Auto- sc ali n g : scale applic ation s up and down to matc h unexp e c t e d

dem a n d withou t any hum a n inte rve n t io n. Auto- scaling encou r a g e s
auto m a t io n and drives more efficiency.

• Proa c t i v e Scali n g : Scale applic ation up and down to mee t

anticip a t e d dem a n d with prop e r plan ni n g und e r s t a n d i n g of traffic
patt e r n s so that costs are kept low while scaling.

• Mor e Effici e n t Dev e l o p m e n t Life Cycle : Produ c tio n syste m s may

be easily clone d for use as develop m e n t and test environ m e n t s .
Stagin g enviro n m e n t s may be easily prom o t e d to produ c tio n.

• Impr ov e d Tes t a b i l i t y : We can inject and auto m a t e testin g at every

stag e during the develop m e n t proc e s s . wit h o u t run nin g out of
har d w a r e . “inst a n t test lab” can be spaw n e d with preco nfig u r e d
environ m e n t s only for the dur a tio n of testin g phas e

• Dis a s t e r Rec ov e r y and Bu s i n e s s Conti n u i t y : The cloud provide s a

lower cost option for maint ai ni n g a fleet of serve r s and data stora g e .
With the cloud, advan t a g e of geo- distrib u tio n can be use d to replica t e
the enviro n m e n t in othe r location within minut e s

• “Overfl o w ” th e Traffic to th e Clou d : With a few clicks and effective

load bala nci n g tactics, a compl et e overflow- proof applica tion can be
cre a t e d by routin g exces s traffic to the cloud.

The Amaz o n Web Servi c e s Clou d

 | 175

• The Amazon Web Service s (AWS) cloud provide s a highly reliable and
scala bl e infras t r u c t u r e for deploying Web- scale solution s, with
minim al suppo r t and administ r a t io n costs, and more flexibility than we
expe ct from our own infra s t r u c t u r e , eithe r on- pre mis e or at a
dat ac e n t e r facility

• AWS offers variety of infras t r u c t u r e servic es

Amaz o n Web Servi c e s

• Amaz o n Elas ti c Com p u t e Clou d (Amazon EC2) is a Web service

that provide s resiza bl e comp u t e capacity in the cloud.

• The oper a ti n g syste m , applica tio n softw a r e , and associa t e d

configu r a t io n settin g s can be bundle d into an Amazon mac hi n e imag e
(AMI) and can use thes e AMIs to provision multiple virtu alize d
insta n c e s as well as deco m m i s sio n the m using simple Web servic e
calls to scale capa city up and down quickly, as capa city req ui r e m e n t
cha n g e s

• Users can purc h a s e eithe r

(a) on- dem a n d insta n c e s , in which they pay for the inst a n c e s by the
hour, r
(b) rese rv e d insta n c e s , in which they pay a low, one- time paym e n t
and receive a lower usag e rat e to run the insta n c e than with an on-
 | 176

dem a n d insta n c e or spot insta n c e s whe r e they can bid for unus e d
capacity and furth e r red uc e cost

• Inst a n c e s can be launc h e d in one or more geog r a p h i c a l re gi o n s .

• Each region has multiple avail a b i l i ty zon e s .

• Availability zones are distinct location s that are engin e e r e d to be

insulat e d from failur e s in othe r availability zones and provide
inexpe n s ive, low- latency netw o r k conn e c tivity to othe r availability
zones in the sam e region.

• Elas t i c IP add r e s s e s allows to allocat e a static IP addr e s s and

prog r a m m a t i c a lly assign it to an insta n c e .

• Users can ena bl e monitorin g on an Amazon EC2 insta n c e using

Amaz o n C l o u d W a t c h in orde r to gain visibility into resou r c e
utilization, ope r a tio n a l perfor m a n c e , and overall dem a n d patt e r n s
(includi n g met rics such as CPU utilization, disk rea d s and write s, and
netw o r k traffic).

• An aut o- scali n g gro u p can be cre a t e d using the auto- scaling featu r e
to auto m a ti c ally scale capacity on cert ain conditions base d on met ric
that Amazon CloudW a t c h collects

• Elastic load bala nc e r can be cre a t e d using the Elas t i c Load

Bala n c i n g servi c e to distrib u t e incomin g traffic

• Amaz o n Elas t i c Blo c k Stor a g e (EB S ) volum e s provide netw o r k-

atta c h e d persis t e n t stor a g e to Amazon EC2 inst a n c e s . Point- in- time
consis t e n t snap s h o t s of EBS volum e s can be crea t e d and store d on
Amaz o n Si m p l e Stor a g e Servi c e (Am a z o n S3).

• Amazon S3 is highly dur a bl e and distrib u t e d dat a store. With a simple

Web servic es inte rfa c e , user s can store and ret rieve larg e amou n t s
of data as object s in buck e t s (contai n e r s ) at any time, from anyw h e r e
on the Web using stan d a r d HTTP verbs.

• Copies of object s can be distrib u t e d and cach e d at ed g e loca t i o n s

arou n d the world by crea ti n g a distrib u tio n using Amazon Cloud- Front
servic e, a Web servic e for cont e n t delive ry (static or stre a m i n g
cont e n t)

• Amaz o n Si m p l e D B is a Web service that provide s the core

function ality of a dat a b a s e— r e a l- time lookup and simple que ryin g of
struc t u r e d data—wit ho u t the oper a tio n al compl exity
 | 177

• Amaz o n Relat i o n a l Data b a s e Servi c e (Am a z o n RDS ) provide s an

easy way to set up, oper a t e , and scale a relation al dat a b a s e in the
cloud. Users can launc h a DB insta n c e and get acce s s to a full-
featu r e d MySQL dat a b a s e

• Amaz o n Si m p l e Que u e Servi c e (Am a z o n SQS ) is a reliable, highly

scala bl e, host e d distrib u t e d queu e for storing mess a g e s as they travel
betw e e n comp u t e r s and applica tio n compo n e n t s .

• Amaz o n Elas ti c MapR e d u c e provide s a host e d Hadoo p fram e w o r k

run ni n g on the web- scale infras t r u c t u r e of Amazon Elastic Comp u t e
Cloud (Amazon EC2) and Amazon Simple Stor a g e Service (Amazon
S3) and allows to cre a t e custo miz e d JobFlow s. JobFlow is a sequ e n c e
of MapRe d u c e step s.

• Amaz o n Si m p l e Notifi c a t i o n s Servi c e (Ama z o n SN S ) provide s a

simple way to notify applica tion s or people from the cloud by crea tin g
Topics and using a publis h- subsc ri b e protocol.

• Amaz o n Virtu a l Privat e Clou d (Am a z o n VPC) allows to exte n d

corpo r a t e net wo r k into a privat e cloud cont ain e d within AWS. Amazon
VPC uses an IPSec tunn el mode that ena bl e s to cre a t e a secu r e
conn e c tio n betw e e n a gat e w a y in user’s data cent e r and a gat e w a y in
AWS

• AWS also offers various paym e n t and billing service s that levera g e s
Amazon’s paym e n t infra s t r u c t u r e . All AWS infras t r u c t u r e service s
offer utility- style pricing that requir e no long ter m commit m e n t s or
cont r a c t s .

CLOUD BEST PRACTICES

The following best practices will help to build an application in the cloud

• Design for Failure and Nothing Will Fail

Rule of Thumb: Be a pessimist when designing architectures in the cloud; assume things will fail.
In other words, always design, implement, and deploy for automated recovery from failure.

The following strategies can help in event of failure:

1. Have a coherent backup and restore strategy for your data and automate it.

2. Build process threads that resume on reboot.

3. Allow the state of the system to re-sync by reloading messages from queues.
 | 178

4. Keep preconfigured and pre-optimized virtual images to support strategies 2 and 3 on

launch/boot.

5. Avoid in-memory sessions or stateful user context; move that to data stores

• AWS-Specific Tactics for Implementing This Best Practice

1. Failover gracefully using Elastic IPs: Elastic IP is a static IP that is dynamically remappable

2. Utilize multiple availability zones: Availability zones are conceptually like logical
datacenters.

3. Maintain an Amazon Machine Image so that you can restore and clone environments very
easily in a different availability zone; maintain multiple database slaves across availability zones
and set up hot replication.

4. Utilize Amazon Cloud Watch to get more visibility and take appropriate actions in case of
hardware failure or performance degradation.

5. Utilize Amazon EBS and set up jobs so that incremental snapshots are automatically
uploaded to Amazon S3 and data are persisted independent of instances.

6. Utilize Amazon RDS and set the retention period for backups, so that it can perform
automated backups.

• Decouple your Components: The cloud reinforces the SOA design principle that the more
loosely coupled the components of the system, the bigger and better it scales.

• The key is to build components that do not have tight dependencies on each other, so that if one
component were to die (fail), sleep (not respond), or remain busy (slow to respond) for some
reason, the other components in the system are built so as to continue to work as if no failure is
happening.

• Decoupling components, building asynchronous systems, and scaling horizontally become very
important in the context of the cloud. It will not only allow scaling out by adding more instances
of same component but will also allow to design innovative hybrid models in which a few
components continue to run in on-premise while other components can take advantage of the
cloud scale and use the cloud for additional compute-power and bandwidth.

One can build a loosely couple d syste m using mes s a gi n g queu e s . If a queu e/
buffer is used to conn e c t any two compo n e n t s toge t h e r (Loose Coupling), it
can suppo r t concu r r e n c y, high availability, and load spike s.

As a res ult, the over all syste m continu e s to perfor m even if part s of
compo n e n t s are mom e n t a r ily unavaila bl e

AWS Specific Tactics for Imple m e n t i n g This Best Practic e

1. Use Amazon SQS to isolat e compo n e n t s

 | 179

2. Use Amazon SQS as buffers betw e e n compo n e n t s

3. Design every compo n e n t such that it expos e a servic e interfa c e and is

res po n si bl e for its own scalability in all appro p ri a t e dime n sio n s and
inte r a c t s with othe r compo n e n t s async h r o n o u s ly.

4. Bundle the logical const r u c t of a compo n e n t into an Amazon Machi n e

Imag e so that it can be deploye d more often.

5. Make applica tio n s as stat el e s s as possible. Store session stat e outsid e

of compo n e n t (in Amazon SimpleDB, if app ro p ri a t e ).

• Impl e m e n t Elas ti c i t y: Elasticity can be imple m e n t e d in thre e ways:

1. Proa c t i v e Cycli c Scali n g : Periodic scaling that occur s at fixed

inte rv al

(daily, weekly, mont hly, qua r t e r ly).

2. Proa c t i v e Even t- Bas e d Scal i n g : Scaling just when expec tin g a big
surg e of traffic requ e s t s due to a sche d ul e d busin e s s event (new produ c t
launc h, mark e ti n g cam p ai g n s ).

3. Auto- sc ali n g Ba s e d on De m a n d : By using a monito ri n g service,

syste m can send trigg e r s to take app ro p ri a t e actions so that it scales up or
down bas e d on met rics (utilization of the serve r s or netw o rk i/o)

To imple m e n t elasticity, one has to first auto m a t e the deploym e n t proce s s

and stre a m li n e the configu r a t io n and build proce s s. This will ensu r e that the
syste m can scale withou t any hum a n interve n tio n.

AWS- Sp e c i f i c Tacti c s to Auto m a t e Infra s t r u c t u r e

1. Define auto- scaling group s for differ e n t clust e r s using the Amazon
auto- scaling featu r e in Amazon EC2.

2. Monito r syste m met rics (CPU, me mo ry, disk I/O, netw o r k I/O) using
Amazon CloudW a t c h and take appro p ri a t e actions (launc hi n g new AMIs
dyna mic ally using the auto- scaling service) or send notification s .

3. Store and ret ri eve machin e configu r a ti o n inform a tio n dyna mi c ally:

Utilize Amazon SimpleDB to fetch config data durin g the boo t-time of
an insta n c e (e.g., dat a b a s e conn e c tio n string s ). SimpleDB may also be used
to stor e inform a tio n about an insta n c e such as its IP addr e s s , mac hi n e
nam e, and role. \

4. Design a build proc e s s such that it dum p s the lates t builds to a bucke t
in Amazon S3;
 | 180

5. Invest in building resou r c e man a g e m e n t tools (auto m a t e d script s,

preco nfig u r e d imag e s )

6. Bundle Just Enoug h Oper a ti n g Syste m and softw a r e depe n d e n c i e s into

an Amazon Machin e Imag e so that it is easie r to man a g e and maint ai n. Pass
configu r a t io n files or par a m e t e r s at launc h time and retri ev e user dat a and
insta n c e met a d a t a after launc h

7. Reduc e bundling and launc h time by booting from Amazon EBS volum e s
and atta c hi n g multiple Amazon EBS volum e s to an insta n c e . Crea t e
snap s h o t s of com m o n volum e s and shar e sna ps h o t s amon g accou n t s
whe r e v e r app ro p ri a t e .

8. Application compo n e n t s should not assu m e healt h or location of

har d w a r e it is run nin g on. For exam pl e, dyna mic ally att ac h the IP add r e s s of
a new node to the clust e r. Autom a tic ally failover to the new clone d insta n c e
in cas e of a failur e.

• Thin k Parall e l: The cloud make s parallelizatio n effortle s s

• When it come s to acces si n g (retrievin g and storing) data, the cloud is

design e d to handl e mas sively par allel oper a tio n s . In orde r to achieve
maxim u m perfor m a n c e and throu g h p u t , requ e s t parallelization should
be use d.

• Multi- thre a di n g requ e s t s by using multiple concu r r e n t thre a d s will

store or fetch the data faste r than req u e s ti n g it sequ e n t i ally

• When it come s to proce s si n g or execu ti n g requ e s t s in the cloud, it

beco m e s even more import a n t to lever a g e par allelizatio n.

A gen e r al best prac tic e, in the case of a Web applic ation, is to distrib u t e the
incomin g req u e s t s acros s multiple Web serve r s using load bala nc e r

• Thin k Parall e l: The cloud make s parallelizatio n effortle s s

• When it come s to acces si n g (retrievin g and storing) data, the cloud is

design e d to handl e mas sively par allel oper a tio n s . In orde r to achieve
maxim u m perfor m a n c e and throu g h p u t , requ e s t parallelization should
be use d.

• Multi- thre a di n g requ e s t s by using multiple concu r r e n t thre a d s will

store o r fetch the data faste r than req u e s ti n g it sequ e n t i ally

• When it come s to proce s si n g or execu ti n g requ e s t s in the cloud, it

beco m e s even more import a n t to lever a g e par allelizatio n.
 | 181

• A gen e r al best prac tic e, in the case of a Web applic ation, is to

distrib u t e the incomin g requ e s t s acros s multiple Web serve r s using
load balan c e r .

• AWS Sp e c i f i c Tacti c s for Parall e l i z a t i o n

1. Multi- thre a d your Amazon S3 requ e s t s

2. Multi- thre a d Amazon SimpleDB GET and BATCHPUT requ e s t s

3. Crea t e a JobFlow using the Amazon Elastic MapRe d u c e Servic e for

each of daily batc h proce s s e s (indexing, log analysis, etc.) which will
comp u t e the job in par allel and save time.

• 4. Use the Elastic Load Balanci n g servic e and spre a d load acros s
multiple Web app serve r s dyna mic ally.

• Kee p Dyn a m i c Data Clos e r to th e Com p u t e and Stati c Data

Clos e r to th e End Us e r: In gen e r a l it’s a good prac tic e to keep dat a
as close as possible to comp u t e or proc e s si n g elem e n t s to red uc e
laten cy

• If a larg e quan tity of dat a that need to be proce s s e d resid e s outsid e of

the cloud, it might be chea p e r and faste r to “ship” and tra n sfe r the
dat a to the cloud first and then perfor m the comp u t a t io n.

• Conve r s e ly, if the dat a are static and not going to chan g e often, it is
advisa bl e to take adva n t a g e of a conte n t delivery service so that the
static data are cach e d at an edge location close r to the end user
(req u e s t e r ), ther e b y loweri n g the acces s laten cy.

AWS- Sp e c i f i c Tacti c s for Impl e m e n t i n g This Be s t Prac ti c e

1. Ship dat a drives to Amazon using the Impor t/Exp o r t service. It may be
che a p e r and faste r to move large amou n t s of data than to uploa d using the
Inte r n e t .

2. Utilize the sam e availability zone to launc h a clust e r of mac hi n e s .

3. Crea t e a distrib u tio n of Amazon S3 bucke t and let Amazon CloudF r o n t

cach e s cont e n t in that bucke t acros s all the edge location s arou n d the
world.

• Se c u r i t y Be s t Prac t i c e s : Secu ri ty should be imple m e n t e d in every

layer of the cloud applica tion archit e c t u r e .

• Prot e c t Data in Tran s i t : If excha n g e of sensitive or confide n ti al

infor m a ti o n betw e e n a brows e r and a Web serve r is nee d e d , configu r e
 | 182

SSL on serve r insta n c e . A certifica t e is nee d e d from an exter n a l

certifica tio n autho ri ty. The public key includ e d in the certifica t e
aut h e n t i c a t e s your serve r to the brows e r and serve s as the basis for
cre a ti n g the shar e d session key used to enc ry p t the dat a in both
direction s

• Prot e c t Data at Res t . If storing sensitive and confide n ti al data in the

cloud, encryp t the data (individu al files) befor e uploadi n g it to the
cloud.O n Amazon EC2, file encry p tio n depe n d s on the oper a ti n g
syste m. Amazon EC2 inst a n c e s run ni n g Window s can use the built-
in Encrypti n g File syste m (EFS) feat u r e availa ble in Window s . This
featu r e will han dl e the encry p tion and decry p tion of files and folder s
auto m a t i c ally and make the proc e s s tra n s p a r e n t to the use r s

• Man a g e Multi p l e Us er s an d th e ir per m i s s i o n s with IAM . AWS

Identity and Access Mana g e m e n t (IAM) ena bl e s you to crea t e multiple
Users and man a g e the per mi s sion s for each of thes e User s within your
AWS Accoun t. A User is an identity (within your AWS Account) with
uniqu e secu ri ty cred e n ti al s that can be used to acce s s AWS Service s.
IAM elimina t e s the need to shar e pass w o r d s or acces s keys, and
make s it easy to enabl e or disabl e a User’s acce s s as app ro p ri a t e .

Se c u r e Appli c a t i o n . Every Amazon EC2 insta n c e is prot e c t e d by one or

more secu ri ty group s —that is, nam e d sets of rules that specify which
ingre s s (i.e., incomin g) netwo r k traffic should be deliver e d to insta n c e .
Users can specify TCP and UDP port s, ICMP types and codes, and sourc e
addr e s s e s . Secu rity group s give you basic firew all- like prot e c tio n for
run ni n g insta n c e s

BUILDI N G CONTE N T DELIVERY NETWORK S USI N G CLOUD S

Num e r o u s “stor a g e cloud” provide r s (or “Stor a g e as a Servic e”) have

rece n tly eme r g e d that can provide Inte r n e t- ena ble d cont e n t stora g e and
delivery capa bilities in sever al contin e n t s , offerin g service- level agr e e m e n t
(SLA)-backe d perfor m a n c e and uptim e promis e s for their service s.

Custo m e r s are char g e d only for their utilization of stor a g e and tran sf e r of
cont e n t

Stor a g e clo u d provid e r s :

• Amazon Simple Stor a g e Service (S3) and CloudF r o n t (C F)

 | 183

• Nirva nix Stor a g e Delivery Netw o r k (SDN)

• Racks p a c e Cloud Files

• Microsoft Azure Stora g e ,

Num e r o u s “stor a g e cloud” provide r s (or “Stor a g e as a Servic e”) have

rece n tly eme r g e d that can provide Inte r n e t- ena ble d cont e n t stora g e and
delivery capa bilities in sever al contin e n t s , offerin g service- level agr e e m e n t
(SLA)-backe d perfor m a n c e and uptim e promis e s for their service s.

Custo m e r s are char g e d only for their utilization of stor a g e and tran sf e r of
cont e n t

Stor a g e clo u d provid e r s :

• Amazon Simple Stor a g e Service (S3) and CloudF r o n t (C F)

• Nirva nix Stor a g e Delivery Netw o r k (SDN)

• Racks p a c e Cloud Files

• Microsoft Azure Stora g e ,

Amazon Simple Stor a g e and Cloud F r o n t

• Amazon S3 was launc h e d in the Unite d Stat e s in Marc h 2006 and in

Europ e in Novem b e r 2007, openin g up the hug e infra s t r u c t u r e that
Amazon the m s elv e s utilize to run their highly succ e s sf ul e- comm e r c e
comp a ny, Amazon.co m .

• In Nove m b e r 2008, Amazon launc h e d Cloud F r o n t , a cont e n t delivery

servic e that adde d 14 edge location s (8 in the Unite d Stat e s , 4 in
Europ e, and 2 in Asia).

• Howeve r , unlike S3, CloudF r o n t does not offer persist e n t stor a g e .

• Rath e r, it is analogo u s to a proxy cach e, with files deploye d to the

differe n t Cloud F r o n t locations bas e d on dem a n d and remov e d
auto m a t i c ally whe n no longe r requir e d

• Cloud F r o n t also offers “stre a m i n g distrib u tio n s” that can distrib u t e

audio and video cont e n t in real time, using the Real- Time Mess a gi n g
Protocol

(RTMP) inste a d of the HTTP protocol.

 | 184

• Amazon provide s REST and SOAP interfa c e s to its stor a g e reso u r c e s ,

allowing user s the ability to rea d, write, or delet e an unlimite d amou n t
of object s, with sizes ran gi n g from 1 byte to 5 giga byt e s each.

• Amazon S3 has a stora g e cost of $0.15 per GB/mont h in their sta n d a r d

U.S. and EU data cent e r s

Nirva n i x Stor a g e Deliv e ry Ne t w o r k

• Nirva nix launc h e d its Amazon S3 comp e ti to r, the Nirva nix Stor a g e
Delivery Netw o r k (SDN), on Sept e m b e r 2007.

• The Nirvanix service was nota bl e in that it had an SLA-back e d uptim e

guar a n t e e at a time whe n Amazon S3 was simply oper a t e d on a best-
effort service basis.

• Nirva nix differe n ti a t e s itself in sever al ways nota bly by having

cover a g e in four region s, offering auto m a t i c file replic ation over sites
in the SDN for perfor m a n c e and redu n d a n c y, and suppo r ti n g file sizes
up to 256 GB.

• Nirva nix is price d slightly highe r than Amazon’s servic e, and they do
not publish their pricing rate s for larg e r custo m e r s (2 TB/mont h).

• Nirva nix provide s acce s s to their reso u r c e s via SOAP or REST

inte rf a c e s , as well as providing SDK’s in Java, PHP Zend, Pytho n, and
C #.

Rack s p a c e Clou d File s

• Racks p a c e (form e rly Mosso) Cloud Files provides a self- serve stor a g e
and delivery service in a fashion similar to that of the Amazon and
Nirva nix offering s .

• The core Cloud Files offerin g is serve d from a multizon e d , red u n d a n t

dat a cent e r in Dallas, Texas. The service is nota bl e in that it also
provide s CDN integ r a t i o n.

• Rath e r tha n building their own CDN exte n sio n to the Cloud Files
platfor m as Amazon has done for S3, Racks p a c e has part n e r e d with a
tradition al CDN service, Limelight, to distrib u t e files store d on the
Cloud Files platfor m to edge nodes oper a t e d by Limeligh t.

• Unlike Amazon CloudF r o n t , Racks p a c e does not char g e for moving

dat a from the core Cloud Files serve r s to the CDN edge locations.

• Racks p a c e provide s RESTful APIs as well as API bindin g s for popula r

lang u a g e s such as PHP, Pytho n, Ruby, Java, and .NET.
 | 185

Azure Stor a g e Servi c e

• Microsoft’s Window s Azure platfor m offers a comp a r a b l e stor a g e and

delivery platfor m called Azure Stor a g e , which provide s persis t e n t and
red u n d a n t stor a g e in the cloud.

• For deliverin g files, the Blob service is used to store files up to 50 GB

in size. On a per stora g e accou n t basis, the files can be stor e d and
deliver e d from data cent e r s in Asia (Eas t and Sout h East), the Unite d
Stat e s (Nort h Cent r a l and Sout h Cent r al), and Europ e (Nort h and
West).

• Azure Stor a g e accou n t s can also be exte n d e d by a CDN servic e that

provide s an addition al 18 locations globally acros s the Unite d Stat e s ,
Europ e, Asia, Austr alia, and Sout h Americ a.

• This CDN exte n sio n is still unde r testin g and is curr e n tly being offere d
to custo m e r s as a Comm u ni ty Techno logy Preview (CTP) at no
cha r g e .

• Most “stor a g e cloud” provide r s are mer ely basic file stora g e and
delivery service s and do not offer the capa bilities of a fully featu r e d
CDN such as auto m a ti c replica tio n, fail- over, geog r a p h i c al load
redir e c tio n, and load bala nci n g.

• Furt h e r m o r e , a custo m e r may nee d cover a g e in more location s than

offere d by a single provide r.

• To addr e s s this, Meta CD N was intro d u c e d , a syste m that utilizes

num e r o u s stor a g e provide r s in orde r to cre a t e an overlay netw o r k that
can be used as a high- perfor m a n c e , reliable, and redu n d a n t
geog r a p h i c ally distrib u t e d CDN

• Enc o d i n g Servi c e s : Video and audio encodi n g service s are also

individu ally availa ble from cloud vendo r s .

• Two nota ble provide r s are encodin g. c o m and Nirva nix.

• The endoin g.c o m service is a cloud- bas e d video encodin g platfor m

that can take a raw video file and gen e r a t e an encod e d file suita bl e for
stre a m i n g .
 | 186

• The MetaCDN service is presented to end users in two ways. First, it can be presented as a Web
portal, which was developed using

(a) Java Enterprise and Java Server Faces (JSF) technologies, with a

MySQL back-end to store user accounts and deployments, and

(b) the capabilities, pricing, and historical performance of service providers.

The Web portal acts as the entry point to the system and also functions as an application-level
load balancer for end users that wish to download content that has been deployed by MetaCDN.
 | 187

Using the Web portal, users can sign up for an account on the MetaCDN system and enter
credentials for any cloud storage or other provider they have an account with.

Once this simple step has been performed, they can utilize the MetaCDN system to intelligently
deploy content onto storage providers according to their performance requirements and budget
limitations.

The Web portal is most suited for small or ad hoc deployments and is especially useful for less
technically inclined content creators.

• The second method of accessing the MetaCDN service is via RESTful Web Services.

• These Web Services expose all of the functionality of the MetaCDN system.

• This access method is most suited for customers with more complex and frequently changing
content delivery needs, allowing them to integrate the MetaCDN service in their own origin Web
sites and content creation workflows.

Integrating “Cloud Storage” Providers

• The MetaCDN system works by integrating with each storage provider via connectors that
provides an abstraction to hide the complexity arising from the differences in how each provider
allows access to their systems.

• An abstract class, DefaultConnector, prescribes the basic functionality that each provider could
be expected to support, and it must be implemented for all existing and future connectors.

• These include basic operations like creation, deletion, and renaming of replicated files and
folders.

• If an operation is not supported on a particular service, then the connector for that service
throws a FeatureNotSupportedException.

Overall Design and Architecture of the System

• The MetaCDN service has a number of core components that contain the logic and management
layers required to encapsulate the functionality of different upstream storage providers and
present a consistent, unified view of the services available to end users.

• These components include the MetaCDN Allocator, which (a) selects the optimal providers to
deploy content to and (b) performs the actual physical deployment.
 | 188

• The MetaCDNQoS monitor tracks the current and historical performance of participating
storage providers

• The MetaCDN Manager tracks each user’s current deployment and performs various
housekeeping tasks.

• The MetaCDN Database stores crucial information needed by the MetaCDN portal, ensuring
reliable and persistent operation of the system. It also stores information needed by the
MetaCDNsystem, such as MetaCDN user details, their credentials for various storage cloud and
other providers, and information tracking their (origin) content and any replicas made of such
content

• The MetaCDN Load Redirector is responsible for directing MetaCDN end users (i.e., content
consumers) to the most appropriate file replica, ensuring good performance at all times

• The MetaCDN Allocator allows users to deploy files either directly (uploading a file from their
local file system) or from an already publicly accessible origin Web site (sideloading the file,
where the backend storage provider pulls the file).

• MetaCDN users are given a number of different deployment options depending on their needs,
regardless of whether they access the service via the Web portal or via Web services.

The available deployment options include:

 | 189

• Maximize coverage and performance, where MetaCDN deploys as many replicas as possible to
all available locations. The MetaCDN Load Redirector directs end users to the closest physical
replica.

• Deploy content in specific locations, where a user nominates regions and MetaCDN matches the
requested regions with providers that service those areas. The MetaCDNLoad Redirector directs
end users to the closest physical replica.

• Cost-optimized deployment, where MetaCDN deploys as many replicas in the locations

requested by the user as their storage and transfer budget will allow, keeping them active until
that budget is exhausted. The MetaCDN Load Redirector directs end users to the cheapest
replica to minimize cost and maximize the lifetime of the deployment.

• Quality of service (QoS)-optimized deployment, whereMetaCDN deploys to providers that

match specific QoS targets that a user specifies, such as average throughput or response time
from a particular location, which is tracked by persistent probing from the MetaCDNQoS
monitor. The MetaCDN Load Redirector directs end users to the best-performing replica for their
specific region based on historical measurements from the QoS monitor.

• After MetaCDN deploys replicas using one of the above options, it stores pertinent details such
as the provider used, the URL of the replica, the desired lifetime of the replica, and the physical
location (latitude and longitude) of that deployment in the MetaCDN Database.

• A geolocation service is used to find the latitude and longitude of where the file is stored.

• The MetaCDNQoS Monitor tracks the performance of participating providers (and their
available storage and delivery locations) periodically, monitoring and recording performance and
reliability metrics from a variety of locations, which is used for QoS-optimized deployment
matching.

• This component also ensures that upstream providers are meeting their service-level
agreements (SLAs), and it provides a logging audit trail to allow end users to claim credit in the
event that the SLA is broken

• The MetaCDN Manager has a number of housekeeping responsibilities.

• First, it ensures that all current deployments are meeting QoS targets of users that have made
QoS optimized deployments.

• Second, it ensures that replicas are removed when no longer required (i.e., the “deploy until”
date set by the user has expired), ensuring that storage costs are minimized at all times.
 | 190

• Third, for users that have made cost-optimized deployments, it ensures that a user’s budget has
not been exceeded, by tracking usage (i.e., storage and downloads) from auditing information
provided by upstream providers.

Resource Cloud Mashups

The initial cloud provide r s simply open e d their existing infras t r u c t u r e to the
custo m e r s and thus exploite d their resp e c tiv e propri e t a r y solution s.
Implicitly, the offere d service s and henc e the accor di n g API are specific to
the servic e provide r and canno t be used in othe r environ m e n t s .

This, how ev e r, poses major issue s for custo m e r s , as well as for futur e
provide r s .

• Int er o p e r a b i l i ty and Ven d o r Lock- In . Since most cloud offering s

are propri e t a r y, custo m e r s adopti n g the accor di n g service s or
ada p ti n g their res p e c tive applic ation s to thes e enviro n m e n t s are
implicitly boun d to the res p e c tive provide r. Movem e n t betw e e n
provide r s is rest ric t e d by the effort the user want s to vest into porting
the cap a bilitie s to anot h e r environ m e n t , implying in most cas es
rep ro g r a m m i n g of the accor di n g applica tio n s . This make s the user
dep e n d e n t not only on the provide r’s decisions, but also on his/he r
failur e s Since the solutions and syste m s are prop ri e t a r y, neith e r
custo m e r nor provide r can cross the boun d a r y of the infra s t r u c t u r e
and can thus not comp e n s a t e the issue s by making use of addition al
exte r n a l reso u r c e s

• Clou d Mas h u p : Integ r a t i n g multiple cloud infras t r u c t u r e s into a

single platfor m, which can be acce s s e d via a com m o n web service is
called a cloud resou r c e mas h u p

A Ne e d for Clou d Mas h u p s

• By inte g r a t i n g multiple cloud infras t r u c t u r e s into a single platfor m ,

reliability and scalability is exte n d e d by the degr e e of the add e d
syste m( s).

Platfor m as a Service (PaaS) provide r s often offer speci alize d capa bilities to
their users via a dedica t e d API, such as Google App Engine providing
Additional featu r e s for handling (Google) docu m e n t s , and MSAzur e is
focusin g partic ul a rly on deploym e n t and provisionin g of Web service s, and
so on.

Throu g h aggr e g a ti o n of thes e special featu r e s , addition al, exten d e d

capa bilities can be achieve d (given a cert ai n degr e e of intero p e r a b ility),
 | 191

ran gi n g from exten d e d Stora g e and comp u t a t i o n facilities (IaaS) to

combin e d function s, Such as analytics and function alitie s

The Cloud Comp u ti n g Expe r t Working Group refe rs to such integ r a t e d cloud
syste m s with agg r e g a t e d capa bilitie s acros s the individu al infra s t r u c t u r e s as
Met a- Clouds and Met a- Servic es

Be n e f i t s of Clou d Mas h u p s

• Us e r- Centri c Clou d s : Most cloud provisionin g is user- and cont ext-

agnos tic; the user will always get the sam e type of service, acces s
rout e

As clouds develop into applic ation platfor m s , cont ext such as user
device prop e r t i e s or location beco m e s more and more releva n t : Device types
design a t e the execu tio n capa bilities (even if remo t e ), their conn e c tivity
req ui r e m e n t s and rest ric tio n s , and the location . Each of thes e aspe c t s has a
direct impa c t on how the cloud nee d s to handl e data and applica tio n
location, com m u ni c a ti o n

By offerin g such capa bilities acros s cloud infras t r u c t u r e s , the service

provide r will be able to suppo r t , in particul a r , mobile users in a bett e r way.
Similar issue s and ben efits apply as for roa mi n g. Along the sam e way, the
syste m s nee d to be able to com m u nic a t e cont e n t and aut h e n ti c a t io n
infor m a ti o n to allow user s to conn e c t equ ally from any location.

Legislation and cont r a c t u a l rest riction s may preve n t unlimit e d data

replic a tion, acce s s, and shifting betw e e n locations

• Multi m e d i a Str e a m i n g : In orde r to maint ai n and provide data as a

stre a m , the platfor m provide r must ens u r e that dat a availability is
guar a n t e e d witho u t disru p tio n s . This implies that not only dat a
location is realloc a t e d dyna mi c ally accor di n g to the elas ticity
para di g m but also the dat a stre a m— po t e n ti ally taking the user cont ext
into consid e r a ti o n again

Such busin e s s entities mus t henc e not only agg r e g a t e inform a t io n in

pote n ti ally a user- specific way, but also identify the best sourc e s , han dl e the
stre a m s of thes e sourc e s , and redir e c t the m accor di n g to user cont ext

To realize a mas h u p req ui r e s at least:

• A comp a ti bl e API/pro g r a m m i n g model, resp e c tively an engin e that can

pars e the APIs of the cloud platfor m s to be combi n e d (PaaS).

• A comp a ti bl e virtual machin e, resp e c tiv ely an imag e form a t that all
accor di n g cloud infras t r u c t u r e s can host (IaaS).
 | 192

• Inte ro p e r a b l e or tran sf e r r a b l e dat a struc t u r e s that can be inter p r e t e d

by all engin e s and rea d by all virtu al mac hi n e s involved. This come s as
a side effect to the comp a ti bility aspe c t s mention e d above.

By addr e s s i n g intero p e r a b ility from botto m up—tha t is, from an

infras t r u c t u r e layer first—re s o u r c e s in a Paa S and SaaS cloud mas h u p could
princip ally shift the whole imag e rath e r tha n the service/ m o d u l e. The actu al
prog r a m m i n g engin e runnin g on the PaaS cloud, resp e c tiv ely the softw a r e
expos e d asse rvic e s, could be shifted within an IaaS cloud as compl et e
virtu al machin e s , given that all reso u r c e s can read the accor di n g imag e
form a t

Enc a p s u l a t e d Virtu a l Envir o n m e n t s

Int e l li g e n t Ima g e Han d l i n g

• A strai g h tfo r w a r d cloud environ m e n t man a g e m e n t syste m would

replic a t e any hoste d syste m in a differe n t location the mom e n t the
reso u r c e s beco m e insufficie n t

• for exam pl e, when too many user s acce s s the syste m concu r r e n t ly and
execu t e a load balan c e betw e e n the two locations. Simila rly, an ideal
syste m would dow n- scale the replic a t e d units once the resou r c e load
is redu c e d again

In orde r to tre a t any cloud type as esse n ti ally an infras t r u c t u r e

environ m e n t , the syste m requir e s addition al inform a ti o n abou t how to
seg m e n t the expos e d service(s) and thus how to replica t e it (the m).
 | 193

Se g m e n t i n g th e Servi c e . Any proce s s exploiting the capa bilities of the

cloud esse n ti ally consist s of the following part s: the user- specific data
(stat e), the scalabl e applica tion logic, the not- scala bl e unde rlying engin e or
suppo r ti n g logic, the cent r a l dat a s e t , and the exec u tio n enviro n m e n t .

In orde r to allow infras t r u c t u r e clouds to han dl e (platfor m) service s in a

efficien t man n e r , the man a g e m e n t syste m must be able to identify which
part s are nee d e d and can be replic at e d in orde r to scale out, res p e c tiv ely
which ones can and should be dest r oy e d during scale- down;

for exam pl e, it would not be sensible to dest r oy the whole imag e if only one
user (of many) logs out from the mac hi n e .

Life Cycle of a Se g m e n t e d Clou d Ima g e . With seg m e n t e d main service s

in anIaa S enviro n m e n t , the syste m can now scale up and down in a efficien t
man n e r acros s sever al resou r c e provide r s : Any service req ui r e s that its bas e
environ m e n t is availabl e on the mac hi n e s it gets replic at e d to. As soon as
the host e d engin e want s to scale beyon d the boun d a ri e s of the local
machin e, a new physic al machin e has to be identified ready to host the new
insta n c e s—in the simples t case, anot h e r machin e will alre a dy provide the
res p e c tive hostin g imag e.

Int e l li g e n t Data Man a g e m e n t : Efficient data man a g e m e n t for larg e- scale

environ m e n t s Rando m seg m e n t a t i o n and distrib u tio n of dat a files uses a
stra t e g y which takes

(1) the sem a n ti c cont e n t s of the data s e t s and

(2) the req ui r e m e n t s of user s/ a p plic a tio n s into accou n t (i.e., dat a shall be
distrib u t e d accor di n g to the inter e s t in the data/infor m a ti o n).

For this rea so n, use r s, devices, and applica tion s nee d to be model e d by
capt u ri n g releva n t context para m e t e r s (e.g., the actu al position and netw o r k
prop e r ti e s) as well as analyzing applica tio n stat e s with res p e c t to upcomin g
dat a ret riev al and/or proce s si n g nee d s In addition, stor a g e reso u r c e s ,
platfor m s , and infras t r u c t u r e s (i.e., entir e virtual imag e s ) shall also be
contin u o u sly monitor e d , so as to reac t on sudd e n bottle n e c k s imme di a t e ly

REALIZING RESOU RCE MAS H U P S

In orde r to realize efficient cloud mas h u p s on an infras t r u c t u r e level,

distrib u t e d data and seg m e n t e d imag e man a g e m e n t have to be combin e d in
orde r to handl e the addition al size cre a t e d by virtu alizing the mac hi n e .

we can disting uis h betw e e n the base imag e set consis tin g of

(a) the setu p environ m e n t and any engin e (if requir e d),
 | 194

(b) the bas e data s e t that may be custo m e r- specific (but not user-
specific), such as gen e r al data that are provide d to the use r, but also and
more import a n t ly the apple t or servic e bas e that is provide d to each user
equ ally, and

(c) the user- specific inform a ti o n which may differ per acces s and which
may only be availabl e on a single mac hi n e .

The rela ti o n s h i p bet w e e n IaaS, Saa S , and Paa S duri n g scali n g

• IaaS Provi s i o n i n g : Infra s t r u c t u r e s are typically provide d in the form

of an imag e cont ai ni n g the full comp u t a t io n a l enviro n m e n t or consist
of a dyna mi c dat a s e t , which is typically mad e available to all use rs
equ ally. Scaling out involves eithe r replica tio n of the imag e/ d a t a set
(horizon t al scaling) or incre a si n g the availabl e stora g e size (vertic al
scale).

Horizont al scaling ther e by typically implies that the full data s e t is

replic a t e d , while vertic al scaling may lead to dat a seg m e n t a t i o n and
distrib u tio n.

• Paa S Provi s i o n i n g : Multiple differe n t sets have to be man a g e d

during scale- out, depe n di n g on the original caus e to incre a s e the
reso u r c e load
 | 195

• Saa S Provi s i o n i n g : Sever al reso u r c e s in the cloud environ m e n t can

host the bas e imag e and allow differ e n t Saa S custo m e r s to make use
of thes e machin e s .

• In othe r words, mac hin e s with the res p e c tive comp a ti bl e bas e imag e
can host the replica t e d service insta n c e s , rath e r than having to
duplic at e the full imag e all the time.

• whe n no mac hi n e with a comp a ti bl e bas e imag e is available anymo r e ,

a new reso u r c e has to be loade d with an imag e that mee t s the curr e n t
scale- out requir e m e n t s best

• The maint e n a n c e of replica t e d data s e t s in SaaS environ m e n t s req ui r e s

more effort s and carefuln e s s beca u s e synch r o niz a tio n betw e e n
multiple insta n c e s of the sam e dat a s e t on the sam e imag e might result
in inconsis t e n t stat e s , and thus supe rvision of duplica t e d dat a sets is
highly reco m m e n d e d

UNIT - 5

Orga n i z a t i o n a l Read i n e s s and Chan g e Man a g e m e n t in th e Clou d Age

In orde r to effectively ena bl e and suppo r t ent e r p ri s e busin e s s goals and

stra t e g i e s , infor m a tio n tech nolo gy (IT) must ada p t and contin u a lly cha n g e .
IT mus t adop t eme r gi n g tech n ologi e s to facilita t e busin e s s to lever a g e the
new tech n olo gi e s to crea t e new oppor t u ni ti e s , or to gain prod u c tivity and
red uc e cost. Mana gi n g eme r gi n g tech nologi e s is always a compl ex issue,
and man a g e r s mus t balan c e the desire to cre a t e comp e tiv e n e s s thro u g h
innovatio n with the nee d to man a g e the compl ex challen g e s pres e n t e d by
thes e eme r gi n g tech n ologi e s .

BASIC CONCEPT OF ORGANIZATIO NAL READI N E S S

Chan g e can be challe n gin g; it brings out the fear of having to deal with
unce r t a i n ti e s . This is the FUD syn dr o m e : Fear, Unc e r t a i n t y , an d
Dou b t Driver s For Cha n g e s : A Fra m e w o r k To Com p r e h e n d th e
Com p e t i t i v e Enviro n m e n t :

The five driving factor s for chan g e enc a p s ul a t e d by the fram e w o r k are:

• Econo mi c (global and local, exte r n al and inter n al)

• Legal, political, and regula t o r y complia n c e

 | 196

• Environ m e n t a l (indus t r y stru c t u r e and tren d s )

• Technology develop m e n t s and innova tion

• Socio cultu r al (mark e t s and custo m e r s )

The five driving factors for chan g e is an app ro a c h to investig a t e , analyze,

and forec a s t the eme r gi n g tren d s of a futur e , by studyin g and
und e r s t a n d i n g the five cate g o ri e s of driver s for chan g e .

The res ult s will help the busin e s s to make bett e r decisions, and it will also
help shap e the short- and long- term stra t e gi e s of that busine s s .

It is this proce s s that helps reveal the import a n t factor s for the
orga niza tio n’s desir a bl e futur e stat e, and it helps the orga niz a tio n to
comp r e h e n d which driving force s will chan g e the comp e ti tive landsc a p e in
the indus t ry the busine s s is in, identify critical unc e r t ai n ti e s , and recog nize
what part of the futur e is pred e t e r m i n e d such that it will happ e n rega r dl e s s
how the futur e will play out

A driving force or factor is a conce p t u a l tool; it guide s us to think dee ply

about the und e rlyin g issue s that impac t our well- being and succe s s

Eco n o m i c (Glob a l and Local, Exter n a l and Inte r n a l ): Econo mi c factor s

are usu ally dealing with the stat e of econo my, both local and global in
scale. To be succ e s sful, comp a ni e s have to live with the par a d ox of having
new mark e t and busin e s s oppor t u ni ti e s globally.

Followin g are sam pl e ques tio n s that could help in und e r s t a n d i n g Econo mic
factor s

• What is the curr e n t econo mi c situa tion ?

• What will the econo my looks like in 1 year, 2 years, 3 years, 5 years,
and so on?

• What are some of the factors that will influen c e the futur e econo mi c
outlook?

• Is capital easy to acces s ?

• How does this tech nolo gy tra n s c e n d the existing busin e s s model?

• Buy vs. build? Which is the right way?

• What is the total cost of owne r s hi p (TCO)?

Leg al , Politi c a l , and Re g u l a t o r y Comp l i a n c e :

 | 197

The objective is to be a good corpor a t e citize n and indus t ry leade r and to

avoid the pote n ti al cost of legal thre a t s from exte r n a l factor s.

The foll o w i n g are sa m p l e qu e s t i o n s

• What are the regul a t o r y complia n c e requi r e m e n t s ?

• What is the implicatio n of nonco m pli a n c e ?

• What are the global geopolitical issue s?

Enviro n m e n t a l (Ind u s t r y Str u c t u r e and Tren d s ) : Environ m e n t a l factors

usually deal with the quality of the nat u r al environ m e n t , hum a n healt h, and
safety.

The following are sam ple ques tion s

• What is the implica tio n of global war mi n g conce r n ?

• Is a gre e n dat a cent e r over- hype d?

• How can IT initiatives help and suppo r t orga niz a tio n a l initiative s to
red uc e carbo n footprin t ?

• Can orga niz a tio n s and corpo r a t io n s lever a g e inform a ti o n techn ology,
includin g cloud comp u ti n g to purs u e sustai n a bl e develop m e n t

Tec h n o l o g y Dev e l o p m e n t s an d Inn ov a t i o n : Technolo gic al innovatio n s

are the single most impor t a n t contrib u ti n g factor in sust ai n e d econo mi c
grow t h.

The following are sam pl e que s tion s

• When will the IT indus t ry stan d a r d s be finalized? By who? Institu t e of

Elect ric al and Elect ro ni cs Engin e e r s (IEEE)?

• Who is involved in the sta n d a r d iz a tio n proc e s s ?

• Who is the lead e r in cloud comp u ti n g tech nolo gy?

• What about virtualiza tio n of applic a tion, oper a ti n g syste m

(platfor m ) p ai r (i.e., write once, run anywh e r e ) ?

• How does this eme r gi n g tech nolo gy (cloud comp u ti n g) open up new
are a s for innova tio n?

• How can an applica tion be built once so it can configu r e dyna mi c ally
in real time to oper a t e most effectively, bas e d on the situa tio n al
const r a i n t (e.g., out in the cloud some w h e r e , you might have
band wi d t h cons t r a i n t to tran sf e r need e d dat a)?
 | 198

• What is the gua r a n t e e from X Servic e Provide r s (XSP) that the

existing applica tio n s will still be comp a ti bl e with the futur e
infras t r u c t u r e (IaaS)?

• Will the dat a still be exec ut e d corr e c tly?

Soc i o cult u r a l (Mar k e t s and Cust o m e r s ) : Societ al factors usually deal

with the intima t e und e r s t a n d i n g of the hum a n side of chan g e s and with the
quality of life in gen e r al. Survival of the indus t r y, and ther efo r e of the
comp a ni e s , dem a n d s that Comp a ni e s combin e with form e r comp e ti t o r s and
tran sfor m into new specie s.

The following are sam ple ques tion s

• 1. The new direc tio n of the firm (whe r e we want to go today)

• 2. The urg e n c y of the chan g e nee d e d

• 3. What the risks are to

a. Maint ai n stat u s quot e

b. Making the chan g e

• 4. What the new role of the employe e will be

• 5. What the pote n ti al rew a r d s are

One of the import a n t value propositio n s of cloud comp u ti n g should be to

explain to the decision make r and the user s the ben efits of:

• Buy and not build

• No nee d for a large amou n t of up- front capit al invest m e n t

• Oppor t u ni ty to relieve your smar t e s t people from costly data- cent e r

oper a tio n al activities; and switc h to focus on value- adde d activities

• Keep inte g r a ti o n (tech n olo gi e s) simple

Lewi n’s Chan g e Man a g e m e n t Mod e l

• Kurt Lewin, a psychologis t by trainin g, cre a t e d this chan g e model in

the 1950 s.

• Lewin obse rv e d that ther e are thre e stag e s of chan g e , which are:
Unfre e z e , Transition, and Refre e z e .
 | 199

• It is recog niz e d that people tend to beco m e comfort a bl e in this

“freez e” or “unch a n g i n g/ s t a b l e ” environ m e n t , and they wish to rem ai n
in this “safe/co mfo r t” zone.

• Any distu r b a n c e / di s r u p t io n to this unch a n g i n g stat e will caus e pain

and beco m e unco mfo r t a b l e .

• In orde r to encou r a g e chan g e , it’s nece s s a r y to unfre e z e the

environ m e n t by motivati n g people to acce p t the chan g e . The
motivation al value has to be gre a t e r than the pain in orde r to entice
peopl e to acce p t the chan g e

• As Lewin put it, “Motivatio n for cha n g e must be gene r a t e d befor e

cha n g e can occur. One must be helpe d to reexa mi n e many cheris h e d
assu m p t io n s about ones elf and one’s relation s to othe r s.”

• This is the unfre e zi n g stag e from which chan g e begins

• The tran sition phas e is whe n the chan g e (plan) is execu t e d and actu al
cha n g e is being imple m e n t e d . Since thes e “activities” take time to be
comple t e d , the proce s s and orga niz a tio n al struc t u r e may also nee d to
cha n g e , specific jobs may also cha n g e . The most resist a n c e to chan g e
may be expe ri e n c e d during this tran sitio n period. This is whe n
lead e r s h i p is critical for the chan g e proc e s s to succ e e d , and
motivation al factor s are par a m o u n t to projec t succe s s .

• The last phas e is Refre ez e; this is the stag e when the orga niza tio n
once again beco m e s unch a n g i n g /froz e n until the next time a cha n g e is
initiat e d

De m i n g Cycl e (Pla n , Do, Stu d y, Act)

• The Deming cycle is also known as the PDCA cycle;

• it is a continu o u s improve m e n t (CI) model comp ri s e d of four

sequ e n t i al subp r o c e s s e s ; Plan, Do, Check, and Act.

• This fram e w o r k of proce s s and syste m improve m e n t was origin ally

conc eive d by Walte r Shew h a r t in the 1930 s and was late r adopt e d by
Edwa r d Demin g.

• The PDCA cycle is usually imple m e n t e d as an everg r e e n proc e s s ,

which mea n s that the end of one comple t e pass (cycle) flows into the
 | 200

begin ni n g of the next pass and thus suppo r t s the conce p t of

contin u o u s quality improve m e n t .

• Edwa r d Deming propo s e d in the 1950s that busine s s proce s s e s and

syste m s should be monito r e d , mea s u r e d , and analyze d contin u o u sly to
identify varia tion s and subst a n d a r d produ c t s and service s, so that
corr e c tiv e actions can be take n to improv e on the quality of the
prod u c t s or service s deliver e d to the custo m e r s

• PLAN: Recog nize an oppor t u ni ty and plan a chan g e .

• DO: Execut e the plan in a small scale to prove the conce p t.

• CHECK: Evalua t e the perfor m a n c e of the cha n g e and repor t the

res ult s to spons o r.

• ACT: Decide on acce p ti n g the chan g e and stan d a r d i zin g it as part of

the proce s s . Incor po r a t e wha t has been learn e d from the previous
step s to plan new improv e m e n t s , and begin a new cycle.

De m i n g ’ s PDCA cycl e

A Prop o s e d Worki n g Mod e l: CROPS: Chan g e Man a g e m e n t fra m e w o r k

• In the IT world, a projec t portfolio man a g e m e n t syste m gives

man a g e m e n t timely critical inform a tio n abou t project s so they can
make bett e r decisions; re- deploy resou r c e s due to chan gi n g priorities ,
and keep close tabs on prog r e s s . How ev e r, as the mode r n econo m y
moves from produ c t and man uf a c t u ri n g cent ric to a more infor m a ti o n
and knowle d g e bas e focus, the chan g e man a g e m e n t proc e s s nee d s to
reflec t that people are truly the most valua ble asse t of the
orga niza tio n. Usually, an orga niz a tio n expe ri e n c e s stron g resist a n c e
 | 201

to chan g e . E m p l oy e e s are afraid of the unce r t a i n t y, they feel

comfort a bl e with the stable stat e and do not want to chan g e , and are
afraid to lose their pow e r if thing s cha n g e . The best app ro a c h e s to
addr e s s resist a n c e are throu g h incre a s e d and sust ai n e d
com m u n ic a t io n s and educ a tio n. The cha m pi o n of chan g e , usually the
lead e r—for exa m pl e, the Chief Inform a ti o n Officer (CIO) of the
orga niza tio n—s h o ul d com m u ni c a t e the Why agg r e s sively and provide
a Vision of Wher e he want s to go today.

CROPS worki n g mo d e l :

Cultu r e , Rewa r d s , Orga niz a tio n and Struc t u r e s , Proc e s s, Skills and
Comp e t e n c i e s (CROPS) fram e w o r k.

• Cultu r e : Corpo r a t e cultur e is a reflection of orga niz a tio n a l

(man a g e m e n t and employe e s) value s and belief

Elem e n t s of orga niz a tio n a l cultu r e may includ e:

• Stat e d values and belief

• Expect a tio n s for mem b e r behavior

• Custo m s and rituals

• Storie s and myths about the history of the orga niz a tio n

• Nor m s—t h e feelings evoke d by the way mem b e r s inter a c t with each
othe r, with outsid e r s , and with their environ m e n t

• Met a p h o r s and symbols—fou n d embo di e d in othe r cultu r al elem e n t s

• Rewa r d s and Mana g e m e n t Syste m . This man a g e m e n t syste m focus e s

on how employe e s are train e d to ensu r e that they have the right skills
and tools to do the job right. It identifies how to mea s u r e employe e job
perfor m a n c e and how the comp a ny comp e n s a t e s the m bas e d on their
perfor m a n c e . Rewa r d is the most import a n t ingre di e n t that shap e s
employe e s’ value and beliefs.

• Orga niz a tio n and Struc t u r e s . How the orga niz a tio n is struc t u r e d is
larg ely influen c e d by what the jobs are and how the jobs are
perfor m e d . The desig n of the busine s s proc e s s e s gover n wha t the jobs
are, and whe n and wher e they get done.

Busine s s proce s s e s nee d to align with orga niz a tio n a l vision, mission, and
stra t e g i e s in orde r to cre a t e custo m e r and sha r e h ol d e r values. Therefo r e , all
the compo n e n t s of the CROPS fram e w o r k are inter r el a t e d .
 | 202

• Proce s s : Thom a s Daven p o r t define d a busine s s proce s s or busine s s

met ho d as a “collection of relat e d, struc t u r e d activities or tasks that
prod u c e a specific service or prod u c t (serve a partic ul a r goal) for a
partic ul a r custo m e r or custo m e r s ” .

Ham m e r and Cha m py’s definition can be consid e r e d as a subs e t of

Daven p o r t’s. They define a proc e s s as “a collection of activities that take s
one or more kinds of input and crea t e s an outp u t that is of value to the
custo m e r .”

A proce s s is wher e the work gets done, and value crea tion occur s throu g h
tran sfor m i n g input into outpu t

• Skills and Comp e t e n c i e s : Specialize d skills that beco m e part of the

orga niza tio n al core comp e t e n c y ena bl e innovatio n and cre a t e a
comp e ti tive edge. Orga niz a tio n s that invest in res e a r c h and
develop m e n t which emp h a siz e investin g in people’s trainin g and well-
being will shap e a winnin g stra t e g y.

CROPS fra m e w o r k

CHANGE MANAGEM E N T MATURITY MODEL (CM M M )

• A Chan g e Man a g e m e n t Matu rity Model (CMMM) helps orga niza tio n s
to

(a) analyze, unde r s t a n d , and visualize the stre n g t h and weak n e s s of

the firm’s chan g e man a g e m e n t proc e s s and

(b) identify oppor t u ni ti e s for improv e m e n t and building

comp e ti tive n e s s

• The working model is bas e d on CMM (Cap a bility Matu rity Model),
originally develop e d by Americ a n Softw a r e Engine e ri n g Instit ut e (SEI)
in coope r a t io n with Mitre Corpo r a tio n.
 | 203

• CMM is a model of proce s s mat u ri ty for softw a r e develop m e n t , but it

has since bee n ada p t e d to differ e n t dom ain s . The CMM model
desc ri b e s a five- level proc e s s mat u ri ty contin u u m

• The busine s s value of CMMM can be expr e s s e d in ter m s of

improve m e n t s in busine s s efficiency and effective n e s s .

• All orga niz a tio n al invest m e n t s are busin e s s invest m e n t s , includin g IT

invest m e n t s .

• The res ultin g ben efits should be mea s u r e d in ter m s of busine s s

retu r n s .

• Therefor e , CMMM value can be articula t e d as the ratio of busin e s s

perfor m a n c e to CMMM inves t m e n t ;

for exam pl e

• ROIT(CM M M) = Estim a t e d total busin e s s perfor m a n c e i m p r o v e m e n t

Total CMMM invest m e n t (TCO)

whe r e

• ROIT: Observ e d busin e s s value or total ret u r n on invest m e n t from IT

initiative (CMMM)

• Busine s s perfor m a n c e improve m e n t

• Reduc e error rate

• Incre a s e custo m e r / u s e r satisfac tio n

• Custo m e r ret e n tio n

• Employe e rete n tio n

• Incre a s e mark e t shar e and reven u e

• Incre a s e sales from existing custo m e r

• Improv e produ c tivity

• CMMM invest m e n t

• Initial capital invest m e n t

• Total cost of owne r s hi p (TCO) over the life of the invest m e n t

(solution)

A Worki n g Mod e l: Cha n g e Man a g e m e n t Mat u r i t y Mod e l ( C M M M )

 | 204

 Level 5

De s c r i p t i o n : Optimize d

Sp e c i f i c to CMM M: At this level of proce s s mat u ri ty, the focus is on

improvin g proce s s perfor m a n c e

Char a c t e r i s t i c s of Orga n i z a t i o n : Oper a tio n al

excelle nc e/ o r g a n i z a ti o n al comp e t e n c y. Chan g e man a g e m e n t as part of the
core comp e t e n c y. Cultu r ally, employe e acce p t s that chan g e is const a n t and
in a rapid rat e

Pat h to N ex t Hig h e r Level: Achieve stra t e g i c/o p e r a t i o n a l excellen c e .

Exten sive trainin g exists at all level of orga niz a tio n

Key Res u l t s an d Be n e f i t s : Bette r busin e s s and IT strat e g i c align m e n t .

Enabling innovatio n. Crea t e comp e ti tive n e s s

 Level 4

Des c r i p t i o n : Mana g e d

Sp e c i f i c to CMM M: Adopte d specific chan g e man a g e m e n t met ho d olo gy

and proce s s . Cent r a liz e d and stan d a r d i z e d cha n g e man a g e m e n t cont rol and
tracki n g to man a g e risks and sustai n quality of prod u c t s and servic es .

Char a c t e r i s t i c s of Orga n i z a t i o n : Orga niz a tio n and man a g e m e n t can

find ways to chan g e , evolve, and adap t the proc e s s to particul a r project
nee d s; with minim al or no impac t to quality of prod u c t s or service s being
deliver e d as mea s u r e d again s t SLA

Pat h to Next Hig h e r Level: Contin uo u s proc e s s improve m e n t .

Effective busine s s and IT strat e g i c align m e n t

Key Res u l t s an d Be n e f i t s : Achieve highe r level of quality. Highe r

deg r e e of custo m e r / u s e r satisfa ction. Reduc e costs. High e r profita bility.
Incre a s e reve n u e and mark e t sha r e .

 Level 3

Des c r i p t i o n : Define d

Sp e c i f i c to CMM M: Stan d a r d i zin g chan g e man a g e m e n t proce s s e s and

prac tic e s

Chara c t e r i s t i c s of Orga n i z a t i o n : Proce s s e s at this level are define d

and docu m e n t e d . Some proce s s improve m e n t project s initiat e overti m e .
 | 205

Key Res u l t s an d Be n e f i t s : Bette r appr e ci a tio n of value of IT. Bette r

busin e s s and IT inte g r a t i o n.

 Level 2

Des c r i p t i o n : Repe a t a b l e

Sp e c i f i c to CMM M: Accept the impor t a n c e of chan g e man a g e m e n t

proc e s s . No stan d a r d iz a ti o n/ c e n t r a liz a tio n of cha n g e man a g e m e n t proc e s s
and prac tic e. Poor chan g e aut ho riz a tio n and trackin g sche m e

Chara c t e r i s t i c s of Orga n i z a t i o n : It is char a c t e r i s tic of proce s s e s at this

level that some proce s s e s are rep e a t a b l e .

Pat h to N ex t Hig h e r Level: Stan d a r d i z e and cent r alize chan g e

man a g e m e n t proce s s .

Key Res u l t s an d Be n e f i t s : Projec t failure rat e is still too high. Chan g e s

are still very disru p tiv e to busin e s s oper a tio n.

 Level 1

Des c r i p t i o n : Ad hoc (disru p tive)

Sp e c i f i c to CMM M: No cha n g e man a g e m e n t proce s s e s . No specific or

infor m al chan g e man a g e m e n t proc e s s and prac tic e exist anywh e r e . Chan g e
can be mad e with no cont rol at all; ther e is no app rov al mech a n i s m , no track
recor d and no single party accou n t a b l e for the failur e.

Chara c t e r i s t i c s of Orga n i z a t i o n : Chaotic, Reactive, Disrup tive,

Uncon t r olle d, Unst a bl e, Cons t a n tly oper a t e in a firefigh ti n g mode.

Pat h to Next Hi g h e r Level: Adopt form al chan g e man a g e m e n t practic e.

Key Res u l t s an d Be n e f i t s : No awar e n e s s of the ben efits of adopti n g

cha n g e man a g e m e n t and best prac tic e. Projec t failure s are too often and too
costly. No unde r s t a n d i n g of risk man a g e m e n t , and do not have the capa ci ty
to man a g e and minimize disru p tio n to IT and busin e s s due to cha n g e and/or
the failur e of the uncon t r olle d chan g e s .

ORGANIZATIO NAL READI N E S S SELF- ASSE S S M E N T (WHO, WHE N ,

WHERE, AND HOW)

• An orga niz a tio n al asse s s m e n t is a proc e s s inte n di n g to seek a bett e r

und e r s t a n d i n g of the as- is (curr e n t ) stat e of the orga niz a tio n.

• It also define s the road m a p (stra t e g i e s and tactics) req ui r e d to fill the
gap and to get the orga niz a tio n moving towa r d wher e it want s to go
(futur e stat e) from its curr e n t stat e.
 | 206

• The proce s s implies that the orga niza tio n nee d s to compl et e the
stra t e g y analysis proce s s first and to form ul a t e the futur e goals and
objectives that suppo r t the futur e direc tion of the busine s s
orga niza tio n.

• The orga niz a tio n al asse s s m e n t can be condu c t e d by eithe r an inter n al

or exter n a l profes sion al, depe n di n g on whet h e r the expe r tis e is
availa ble.

• Before the actu al asse s s m e n t begins, the cha m pio n of cha n g e

(perh a p s the CEO of the orga niz a tio n) is advis e d to articul a t e the
vision of the firm, whe r e the orga niza tio n want s to go tomor r o w , and
how it inten d s to get ther e.

During an effective orga niz a tio n rea di n e s s ass e s s m e n t , it is desir a bl e to

achieve the following:

• Articula t e and reinforc e the reas o n for cha n g e .

• Dete r mi n e the as- is stat e.

• Identify the gap (betw e e n futur e and curr e n t stat e).

• Anticipa t e and ass e s s bar ri e r s to chan g e .

• Esta blis h action plan to remov e barri e r s .

Involve the right peopl e to enh a n c e buy- in:

• It is critical to involve all the right people (stake h ol d e r s ) acros s the

orga niza tio n, and not just man a g e m e n t and decision- make r s , as
particip a n t s in any orga niz a tio n ass e s s m e n t

Asking the “right ques tion s ” is also esse n ti al.

The asse s s m e n t should provide insight into challe n g e s and help dete r m i n e
som e of thes e key ques tio n s :

• How big is the gap?

• Does orga niz a tio n have the capa ci ty to execu t e and imple m e n t
cha n g e s ?

• How will employe e s res po n d to the chan g e s ?

• Are all employe e s in the orga niz a tio n rea dy to adopt chan g e s that
help realize the vision?

• What are the critical bar ri e r s to succe s s ?

 | 207

• Are busine s s part n e r s rea dy to suppo r t the cha n g e s ?

DATA SECURITY IN THE CLOUD

Inform a ti o n in a cloud environ m e n t has much more dyna mi s m and fluidity

than inform a tio n that is static on a deskto p or in a netw o r k folde r. Nat u r e of
cloud comp u ti n g dicta t e s that dat a are fluid object s, acces si bl e from a
multitu d e of node s and geog r a p h i c locations and, as such, must have a data
secu ri ty meth o d olo gy that take s this into accou n t while ens u ri n g that this
fluidity is not comp r o m i s e d . The idea of cont e n t- cent ric or inform a t io n-
cent ric prot e c tio n, being an inhe r e n t part of a dat a object is a develop m e n t
out of the idea of the “de- peri m e riz a tio n” of the ente r p r i s e . This idea was
put forwa r d by a grou p of Chief Inform a ti o n Officer s (CIOs) who form e d an
orga niza tio n called the Jeric h o Foru m .

The Jeric h o Foru m was found e d in 2004 beca u s e of the incre a si n g nee d for
dat a excha n g e betw e e n comp a ni e s and exter n a l partie s—

for exam pl e: employe e s using remo t e comp u t e r s ; part n e r comp a ni e s;

Custo m e r s .

The idea of cre a ti n g, ess e n ti ally, de- cent r a liz e d perim e t e r s , whe r e the
perim e t e r s are cre a t e d by the dat a object itself, allows the secu ri ty to move
with the dat a, as oppos e d to retainin g the dat a within a secu r e d and static
wall

CLOUD COMPU TI N G AND DATA SECURITY RISK

Cloud comp u ti n g is a develop m e n t that is mea n t to allow more open

acce s si bility and easie r and improve d dat a shari n g. Data are uploa d e d into a
cloud and store d in a data cent e r, for acces s by users from that dat a cent e r;
or in a more fully cloud- base d model, the dat a the m s e lv e s are cre a t e d in the
cloud and store d and acce s s e d from the cloud (again via a dat a cent e r).

The most obvious risk in this scen a ri o is that associa t e d with the stora g e of
that dat a. A use r uploa di n g or crea ti n g cloud- bas e d data includ e thos e data
that are stor e d and maint ai n e d by a third- party cloud provide r such as
Google, Amazon, Microsoft, and so on.

This action has sever al risks associa t e d with it:

• Firstly, it is nece s s a r y to prot e c t the dat a during uploa d into the dat a
cent e r to ensu r e that the dat a do not get hijack e d on the way into the
dat a b a s e .

• Secon dly, it is nece s s a r y to the store s the dat a in the data cent e r to
ens u r e that they are encryp t e d at all times.
 | 208

• Thirdly, and perh a p s less obvious, the acce s s to thos e data nee d to be
cont rolle d; this cont rol should also be applied to the hosting comp a n y,
includin g the admi nis t r a t o r s of the data cent e r.

• In addition, an are a often forgot t e n in the applica tio n of secu rity to a

dat a resou r c e is the prot e c tio n of that reso u r c e during its use

Data secu ri ty risks are compo u n d e d by the open natu r e of cloud comp u ti n g .
Acces s control beco m e s a muc h more fund a m e n t a l issue in cloud- bas e d
syste m s beca u s e of the acce s si bility of the data

Inform a ti o n- cent ric acces s cont rol (as oppos e d to acces s cont rol lists) can
help to balanc e improv e d acce s si bility with risk, by associa tin g acces s rules
with differe n t dat a object s within an open and acces si bl e platfor m , witho u t
losing the Inher e n t usability of that platfor m .

A furth e r are a of risk associa t e d not only with cloud comp u ti n g , but also
with tradition al net wo r k comp u ti n g, is the use of cont e n t afte r acce s s.

The risk is pote n ti ally high e r in a cloud netwo r k, for the simple rea so n that
the inform a tio n is outsid e of your corpo r a t e walls.

Data- ce n t r i c ma s h u p s are thos e that are used to perfor m busine s s

proc e s s e s arou n d dat a cre a tio n and diss e mi n a t io n—by their very natu r e ,
can be used to hijack dat a, leakin g sensitive inform a tio n and/or affectin g
inte g rity of that dat a. Cloud comp u ti n g, more than any othe r form of digital
com m u n ic a t io n tech nolo gy, has crea t e d a nee d to ensu r e that prot e c tio n is
applie d at the incep tio n of the inform a tio n, in a cont e n t cent ric man n e r ,
ens u ri n g that a secu rity policy beco m e s an integ r al part of that data
thro u g h o u t its life cycle.

Encryp tion is a vital compo n e n t of the prot e c tio n policy, but furth e r controls
over the acce s s of that data and on the use of the data must be met. In the
case of mas h u p s , the cont rolling of acces s to data reso u r c e s , can help
alleviat e the secu rity conce r n s by ens u ri n g that mas h u p acces s is
aut h e n t i c a t e d . Linking secu rity policies, as applie d to the use of conte n t , to
the acce s s cont rol met ho d offer a way of contin ui n g prot e c tio n of data, post
acce s s and thro u g h o u t the life cycle; this type of dat a secu rity philosop hy
mus t be incor po r a t e d into the use of cloud comp u ti n g to alleviat e secu rity
risks.

CLOUD COMPU TI N G AND IDENTITY

Digi t a l ide n t i t y holds the key to flexible dat a security within a cloud
Environ m e n t . A digital identity rep r e s e n t s who we are and how we inte r a c t
with othe r s on- line.
 | 209

Acc e s s , ide n t i t y, and risk are thre e variabl e s that can beco m e inhe r e n t ly
conn e c t e d when applie d to the secu ri ty of dat a, bec a u s e acces s and risk are
directly propo r tio n a l: As acce s s incre a s e s , so then risk to the secu rity of the
dat a incre a s e s . Access cont rolle d by identifying the actor atte m p ti n g the
acce s s is the most logical man n e r of perfor mi n g this oper a tio n. Ultim a t e ly,
digital identity holds the key to secu ri n g data, if that digital identity can be
prog r a m m a t i c a lly linked to secu ri ty policies contr olling the post- acce s s
usag e of dat a.

Ide n t i t y , Rep u t a t i o n , and Trus t

Reput a tio n is a real- world com m o dity; that is a basic req ui r e m e n t of

hum a n- to- hum a n relation s hi p s:

Our basic societ al comm u ni c a tio n struc t u r e is built upon the idea of
rep u t a t io n and trust.

Reput a tio n and its count e r value, trus t, is easily tran sfe r a bl e to a digital
realm:

eBay, for exam pl e, having partly built a succe s sf ul busin e s s model on the
stre n g t h of a rating s syste m, builds up the rep u t a t io n of its buye r s and
sellers thro u g h succ e s sf ul (or uns uc c e s sf ul) tran s a c ti o n s . Thes e type s of
rep u t a t io n syste m s can be extre m e ly useful whe n use d with a digital
identity. They can be use d to associa t e varying levels of trus t with that
identity, which in turn can be used to define the level (gra n ul a r variation s)
of secu rity policy applied to dat a resou r c e s that the individu al wishe s to
acce s s .

Us e r- Centri c Ide n t i t y : Digital identitie s are a mech a n i s m for identifying

an individu al, partic ul a rly within a cloud enviro n m e n t ; identity owne r s hi p
being place d upon the individu al is know n as user- cent ric identity. It allows
user s to cons e n t and contr ol how their identity (and the individu al
identifiers makin g up the identity, the claims) is used.

This reve r s al of owne r s hi p away from cent r ally man a g e d identity platfor m s
(ente r p r i s e- cent ric) has many adva n t a g e s . This includ e s the pote n ti al to
improve the privacy aspe c t s of a digital identity, by giving an individu al the
ability to apply per mi s sio n policies bas e d on their identity and to control
which aspe c t s of that identity are divulge d. An identity may be cont rolla bl e
by the end user, to the exte n t that the user can then decide wha t
infor m a ti o n is given to the party relying on the identity.

Infor m a t i o n Card: Infor m a tio n cards per mit a use r to pre s e n t to a Web
site or othe r service (relying party) one or more claims, in the form of a
softw a r e token, which may be used to uniqu ely identify that user. They can
 | 210

be use d in plac e of user nam e/ pass w o r d s , digital certifica t e s , and othe r

identifica tio n syste m s , whe n user identity nee d s to be est a blis h e d to contr ol
acce s s to a Web site or othe r resou r c e , or to per mi t digital signin g.

Inform a ti o n card s are part of an identity met a- syste m consis tin g of:

1. Ide n t i t y provi d e r s (IdP ) , who provision and man a g e inform a ti o n

cards, with specific claims, to user s.

2. Us e r s who own and utilize the cards to gain acces s to Web sites
and othe r resou r c e s that suppo r t inform a ti o n cards.

3. An ide n t i t y sel e c t o r / s e r v i c e , which is a piece of softwa r e on the

user’s deskto p or in the cloud that allows a use r to select and man a g e
their card s.

4. Relyi n g parti e s . These are the applica tio n s , servic e s, and so on,
that can use an infor m a tio n card to auth e n ti c a t e a pers o n and to then
aut ho riz e an action such as loggin g onto a Web site, acce s sin g a
docu m e n t , signing cont e n t , and so on

Each inform a tio n card is associa t e d with a set of claims which can be use d
to identify the user. Thes e claims includ e identifiers such as nam e, email
addr e s s , post code. Only the claim types are stor e d in cards issue d by an
identity provide r; The claim values are stor e d by the provide r, cre a ti n g a
more secu r e and privacy- rich syste m . One of the most positive aspec t s of an
infor m a ti o n card is the user- cent ric natu r e of the card. An inform a tio n card
IdP can be set up so that the end user s the m s elv e s can self- issue a card,
bas e d on the req uir e d claims that they the m s elve s input—th e claims being
validat e d if nee d e d . Altern a tively, the claims can be prog r a m m a t i c a lly input
by the IdP via a Web service or similar, allowing the end user to simply
ente r the inform a ti o n card site and downloa d the card.

Usi n g Infor m a t i o n Card s to Prot e c t Data

Inform a ti o n cards are built arou n d a set of open stan d a r d s devise d by a

consor ti u m that includ e s Microsoft, IBM, Novell, and so on. The original
remit of the cards was to cre a t e a type of single sign on syste m for the
Inte r n e t , to help user s to move away from the need to rem e m b e r multiple
pass w o r d s . Howeve r , the inform a ti o n card syste m can be use d in many
more ways. Beca u s e an infor m a tio n card is a type of digital identity, it can
be use d in the sam e way that othe r digital identiti es can be used. For
exam pl e, an infor m a tio n card can be used to digitally sign data and cont e n t
and to cont rol acce s s to dat a and conte n t . One of the more sophis tic a t e d
uses of an inform a ti o n card is the advan t a g e given to the cards by way of
the claims syste m .
 | 211

Claims are the building blocks of the card and are dyna mi c in that they can
be chan g e d eithe r man u ally or progr a m m a t i c ally. A secu rity policy could be
applie d to a dat a reso u r c e that will be enac t e d whe n a specific inform a tio n
card claim is pres e n t e d to it: If this claim cha n g e s , the policy can
subs e q u e n t ly chan g e . For exa m pl e, a policy could be applied to a Google
Apps docu m e n t specifying that acce s s is allowe d for user A whe n they
pres e n t their infor m a ti o n card with claim “secu ri ty clea r a n c e level = 3” and
that post acce s s, this user will be able to view this docu m e n t for 5 days and
be allowe d to edit it. The sam e policy could also reflect a differ e n t secu rity
settin g if the claim cha n g e s , say to a secu rity clear a n c e level = 1; in this
insta n c e the user could be disallow e d acce s s or allowe d acce s s with very
limite d usag e right s.

Wea k n e s s an d Str e n g t h s of Infor m a t i o n Card s

The dyna mi c natu r e of inform a t io n card s is the stre n g t h of the syste m , but
the weak n e s s of inform a ti o n card s lies in the auth e n ti c a tio n. The curr e n t
infor m a ti o n card identity provisionin g servic es on offer includ e Micros oft
Genev a, Parity, Azigo, Higgins Project, Bandit, and Avoco Secu r e . Each
offers varying levels of card auth e n ti c a ti o n and are chos e n from User n a m e
and pass w o r d , Kerbe r o s token, x509 digital certificat e, and pers o n al card.

Each of thes e met ho d s has draw b a c k s . For exam pl e,

• user n a m e and pass w o r d is less secur e and also not tran s p a r e n t .

• X509 digital certificat e s can be difficult for less tech nic al user s to
install and use

New develop m e n t s in infor m a ti o n card auth e n ti c a ti o n are on the indus t r y

road m a p , includin g Live ID, OpenID, and out- of-ban d (also refer r e d to as
out- of-wallet”). This latte r option offers much highe r levels of aut h e n t i c a tio n
and thus secu rity, but does have draw b a c k s in ter m s of tran s p a r e n c y . GPS
location auth e n ti c a ti o n can also be adde d to the list of auth e n ti c a t io n
choice s to cont rol acce s s to resou r c e s . Based on geog r a p h i c location of the
pers o n atte m p ti n g acces s , this could beco m e a partic ula rly import a n t
featu r e for cloud- bas e d dat a, which can poten ti ally be acces s e d anywh e r e in
the world but may be const r ai n e d by complia n c e with indus t ry legal
req ui r e m e n t s . An identity met a- syste m bas e d on inte ro p e r a b l e stan d a r d s of
issua n c e and auth e n ti c a tio n, such as an inform a t io n card, is an absolut e
req ui r e m e n t for digital identity to be succ e s sfully used acros s bord e r s .
Inform a ti o n card s can pote n ti ally provide such a fram e w o r k, beca u s e they
are base d on the idea of an identity Met a syste m . The goal of which is to
conn e c t individu al identity syste m s res ultin g in card s issue d by a given host
being comp a ti bl e acros s the entir e syste m . The Oasis Foun d a t io n, which is
 | 212

nonp rofit orga niz a tio n that is striving to esta blis h open stan d a r d s for IT, has
form e d a working com mit t e e to ena bl e the use of inform a ti o n cards to
unive rs ally man a g e perso n al digital identitie s.

Leg al Iss u e s in clo u d co m p u t i n g

Significa n t issue s rega r di n g privacy of dat a and data secu ri ty exist,

specifically as they relat e to prot e c ti n g perso n ally identifia ble inform a t io n of
individu al s, but also as they relat e to prot e c tio n of sensitive and pote n ti ally
confide n ti al busine s s inform a t io n eithe r direc tly acce s si bl e throu g h or
indire c tly from the cloud syste m s . Complex jurisdictio n al issue s may arise
due to the pote n ti al for data to resid e in dispa r a t e or multiple geog r a p hi e s .
This geogr a p h i c al diversity is inhe r e n t in cloud servic e offerin g s. This
mea n s that both virtu aliza tion of and physical locations of serve r s storin g
and proce s si n g dat a may pote n ti ally impac t wha t count ry’s law might
gover n in the event of a data bre a c h or intru sion into cloud syste m s .
Jurisdiction al matt e r s also dete r m i n e the count ry’s law that is applic a bl e to
dat a and inform a tio n that may be moved geog r a p h i c ally amon g dat a cent e r s
arou n d the world at any given point in time

DATA PRIVACY AND SECURITY ISS U E S

U.S. Data Bre a c h Notifi c a t i o n Req u ir e m e n t s

• Data bre a c h is a loss of une n c r y p t e d elect ro nic ally stor e d perso n al

infor m a ti o n.

• This inform a tio n is usually some combin a ti o n of nam e and financi al

infor m a ti o n (e.g., credit card num b e r , Social Secu ri ty Num b e r ).

• A bre a c h can occur in many ways—for exam pl e, by having a serve r

comp r o mi s e d , loss of a thu m b drive, or theft of a laptop or cell
phon e.

• Avoidan c e of a dat a bre a c h is import a n t to both cloud provide r s and

user s of cloud service s beca u s e of the significa n t har m, both to the
user and to the provide r, whe n a bre a c h occur s.

From the us e r’ s view p o i n t , if pers o n a l inform a tio n is comp r o m i s e d , ther e

is a risk of identity theft and of credit or debit card fraud. From the
provid e r’ s view p o i n t , financial har m, pote n ti al for lawsuits, Fede r a l Trade
Commis sio n (FTC) investig a tio n s , loss of custo m e r s , and dam a g e to
rep u t a t io n are all likely result s of whe n a dat a bre a c h occu r s.

Data bre a c h e s can be expe n sive. A bre a c h gene r a lly res ult s in a comp a ny
notification of pers o n s acros s the count ry whe n their inform a ti o n has bee n
comp r o mi s e d . For purpo s e s of dat a bre a c h law, dat a in the cloud are
 | 213

tre a t e d no differe n tly than any othe r elect r o ni c ally store d infor m a t io n.
Cloud provide r s that have had their syste m s comp r o mi s e d will be requir e d
to notify affect e d pers o n s and will have to coordin a t e with the cloud user s
who provide d the dat a in orde r to do so

• U.S. Fed e r a l Law Com p l i a n c e

Gra m m Leac h Blil e y Act : Fina n c i a l Priva cy Rul e . The Gram m Leach
Bliley Act (GLB) req ui r e s that financial instit ution s imple m e n t proc e d u r e s to
ens u r e the confide n ti ality of perso n al inform a t io n and to prot e c t agains t
unau t h o riz e d acce s s to the inform a ti o n.

As part of the requir e m e n t to preve n t una u t h o r iz e d acce s s to

infor m a ti o n, financial instit ution s mus t take step s to prot ec t inform a ti o n
provide d to a service provide r.

A servic e provide r und e r GLB may be any num b e r of individu als or

comp a ni e s that provide service s to the financial institu tio n and would
includ e a cloud provide r handlin g the perso n al inform a tio n of a financial
instit utio n’s custo m e r s .

• The Rol e of th e FTC: Saf e g u a r d s Rul e and Red Fla g s Rul e . At the
Unite d Stat e s feder al level, the Fede r a l Trade Commis sion (FTC) working
und e r the aus pic e s of the FTC Act has been given autho ri ty to prot e c t
cons u m e r s and their perso n al infor m a ti o n. The Safeg u a r d s Rule man d a t e d
by GLB and enforc e d by the FTC requir e s that all busin e s s e s significa n tly
involved in the provision of financi al service s and prod u c t s have a writt e n
secu ri ty plan to prot e c t custo m e r infor m a ti o n.

The plan must includ e the following elem e n t s :

• Design a tio n of one or more employe e s to coordin a t e its infor m a tio n

secu ri ty prog r a m ;

• Identifica tio n and asse s s m e n t of the risks to custo m e r inform a tio n in

each

releva n t are a of the comp a n y’s oper a tio n, and evalu a tio n of the
effective n e s s of the curr e n t safeg u a r d s for cont rolling thes e risks;

• Designin g and imple m e n t i n g a safeg u a r d s prog r a m , and regul a rly

monito ri n g and testin g it;

• Selection of service provide r s that can maint ai n app ro p ri a t e

safeg u a r d s ; and

• Evalua tio n and adjus t m e n t of the prog r a m in light of releva n t

circu m s t a n c e s , includin g
 | 214

(a) chan g e s in the firm’s busine s s or oper a tio n s or

(b) the result s of secu rity testin g and monitorin g.

In 2007, as part of the Fair and Accura t e Credit Trans a c ti o n Act of 2003
(FACT), the FTC prom ul g a t e d the Red Flag Rul e s . Thes e rules are
inte n d e d to curb identity theft by having financial instit utio n s identify
pote n ti al “red flags” for activities cond u c t e d thro u g h the orga niza tio n’s
syste m s that could lead to identity theft.

The rules apply to financial institution s or those that hold credit accou n t s

• He al t h Ins u r a n c e Port a b i l i t y an d Acc o u n t a b i l i t y Act & HITECH

Act . The Healt h Infor m a tio n Technology for Econo mic and Clinical
Healt h Act (HITECH ACT) requir e s notifica tio n of a bre a c h of
unen c r y p t e d health recor d s for all cover e d entities that are requir e d
to comply with the Healt h insur a n c e Port a bility and Accoun t a b ility Act
of 1996 (HIPAA)

• USA PATRIOT Act . Shortly after Sept e m b e r 11, 2001, the Unite d
Stat e s Cong r e s s pass e d the “Uniting and Stre n g t h e n i n g America by
Providing

Approp ri a t e Tools Requir e d to Inte r c e p t and Obstr u c t Terro ris m Act”

(USA PATRIOT Act) of 2001. The USA PATRIOT Act has significa n t
implica tion s for the cloud provide r seekin g to maint ai n the privacy of data it
holds.

The Act allows the installatio n of devices to recor d all routing,

addr e s s i n g , and signalin g inform a t io n kept by a comp u t e r .

The Act also exte n d s the U.S. gover n m e n t’s ability to gain acce s s to
pers o n al financi al inform a t io n and stud e n t inform a tio n store d in elect ro nic
syste m s withou t any suspicion of wrong d oi n g of the pers o n whos e
infor m a ti o n it seeks.

Int er n a t i o n a l Data Priva c y Com p l i a n c e Euro p e a n Uni o n Data Priva cy

Dire c t i v e . In 1995, the Europ e a n Union (EU) pass e d the “Euro p e a n Union
Directive on the Prote c tio n of Individu al s with reg a r d to the Proce s si n g of
Pers o n al Data and the Move m e n t of such Data Privacy Directive”
(Directive). The Directive man d a t e d that count ri e s that are part of the EU
pass a dat a prot e c tio n law coverin g both gover n m e n t and privat e entitie s
that proce s s busine s s and consu m e r dat a.

The Direc tive cover s writt e n , oral, elect ro nic, and Inter n e t- bas e d data that
resid e in the EU.
 | 215

• Argen ti n a’s regi m e is similar to the EU appr o a c h .

• Brazil has a constit u tio n a l right to privacy. But Brazil has no

comp r e h e n s iv e data privacy law; inste a d it relies on a patc h w o r k of
secto r al laws.

• China’s constit u tio n refe rs to privacy indirec tly, but the count ry has
very few specific laws.

• On the othe r hand, Hong Kong has a Perso n al Data Ordin a n c e that
covers public and privat e data proce s s o r s and both electr o ni c and
non- elect ro nic recor d s .

• India, a popula r destin a tio n for outsou r ci n g , recog nize s a right to

privacy again s t entities in the public secto r, but has enac t e d only a
limite d num b e r of privacy stat u t e s with scant cover a g e for the privat e
secto r

• Can a d a’ s Per s o n a l Infor m a t i o n Prot e c t i o n and Elec tr o n i c

Doc u m e n t s Act (PIPEDA ) . PIPEDA is inte n d e d to “suppo r t and
promo t e elect ro ni c com m e r c e by prot e c ti n g perso n al infor m a ti o n that
is collect e d, use d, or disclos e d in cert ai n circu m s t a n c e s . . .”

• Orga niz a tio n s are held accou n t a b l e for the prot e c tio n of pers o n al
infor m a ti o n it tran sfe r s to third parti e s, whet h e r such partie s are
inside or outsid e of Cana d a .

• Since PIPEDA req ui r e s that the contr a c t u a l arr a n g e m e n t s provide a

“comp a r a b l e level of prot e c tio n while the inform a ti o n is being
proc e s s e d by a third- party

CLOUD CONTRACTI N G MODELS

Lic e n s i n g Agre e m e n t s Vers u s Servi c e s Agr e e m e n t s

• Su m m a r y of Ter m s of a Lice n s e Agre e m e n t . A tra dition al softw a r e

licens e agre e m e n t is used whe n a licens o r is providing a copy of
softw a r e to a licens e e for its use (which is usually non- exclusive). This
copy is not being sold or tran sfe r r e d to the licens e e , but a physical
copy is being conveye d to the licens e e .

• The softw a r e licens e is import a n t beca u s e it sets forth the term s

und e r which the softw a r e may be use d by the licens e e

• It also provide s a mech a n i s m for the licenso r of the softw a r e to

(amon g othe r things) ret rieve the copy it provide d to the licens e e in
the event that the licens e e
 | 216

(a) stops complying with the ter m s of the licens e agr e e m e n t or

(b) stops paying the fee the licens e e cha r g e s for the licens e. In the case
of infring e m e n t the licens e agre e m e n t provide s a mech a ni s m for the
licenso r to rep ai r, repla c e , or rem ov e the softw a r e from the licens e e’s
poss e s sio n

• Su m m a r y of Ter m s of a Servi c e Agre e m e n t . A servic e agre e m e n t ,

on the othe r hand, is not design e d to prot e c t agains t the perils of
providing a copy of softwa r e to a user.

It is prim a rily design e d to provide the ter m s unde r which a servic e can
be acces s e d or used by a custo m e r .

The service agre e m e n t may also set forth quality par a m e t e r s arou n d
which the service will be provide d to the user s.

Since the softw a r e servic e is controlled by the provide r, the atte n d a n t

risks and issues associa t e d with tran sfe r ri n g poss e s s io n of softw a r e withou t
tran sfe r ri n g owne r s hi p do not exist

• On- Lin e Agre e m e n t s Vers u s Sta n d a r d Contr a c t s There are two

cont r a c t i n g models und e r which a cloud provide r will gra n t acce s s to
its service s.

The first, the on- lin e agr e e m e n t , is a click wrap agre e m e n t with which
a cloud user will be pres e n t e d befor e initially acce s si n g the service. A click
wrap is the agre e m e n t the user ente r s into whe n he/sh e checks an “I Agre e”
box, or some t hi n g similar at the initiation of the service relation s hi p.

The agre e m e n t is not subjec t to negoti a tio n and is gene r a lly thou g h t to
be a cont r a c t of adhe sio n

• The secon d model, the stan d a r d , negoti a t e d , signa t u r e- base d cont r a c t

will have its place as well—over time.

• As large r comp a ni e s move to the cloud (esp eci ally the public cloud), or
more mission- critical applica tio n s or data move to the cloud, the cloud
user will most likely req ui r e the option or a more robu s t and user-
friendly agre e m e n t . The cloud user will push for a negotia t e d
agre e m e n t .

Juris d i c t i o n a l Iss u e s Rai s e d by Virtu al i z a t i o n and Data Loca ti o n

• Juris d i c t i o n is define d as a court’s aut ho rity to judge acts com mit t e d

in a cert ai n territo ry.
 | 217

The geog r a p h i c al location of the dat a in a cloud comp u ti n g enviro n m e n t

will have a significa n t impa ct on the legal req uir e m e n t s for prot e c tio n and
han dlin g of the dat a.

• Virtu a l i z a t i o n and Multi- ten a n c y

Virtu al i z a t i o n . Comp u t e r virtu aliza tio n in its simple s t form is whe r e

one physic al serve r simula t e s being sever al sepa r a t e serve r s . Some
be n e f i t s of virtu a l i z a t i o n are nee d for less hard w a r e and cons u m p t i o n of
less powe r acros s the virtualize d ente r p ri s e .

Virtualization also provide s gre a t e r utilization and maximiza tio n of

har d w a r e proc e s si n g powe r. Beca u s e of thes e benefits, virtualiza tion should
lower expen s e s associ a t e d with oper a ti n g a dat a cent e r . Virtualization
acros s a single or multiple data cent e r s make s it difficult for the cloud user
or the cloud provide r to know what inform a tio n is hous e d on various
machin e s at any given time. The emp h a si s in the virtu alize d environ m e n t is
on maximizin g usag e of available resou r c e s no matt e r wher e they resid e

• Multi- ten a n c y . Multi- tena n c y refer s to the ability of a cloud provide r

to deliver softw a r e as- a- service solution s to multiple client
orga niza tio n s (or ten a n t s ) from a single, shar e d insta n c e of the
softw a r e . The cloud user’s inform a t io n is virtually, not physic ally,
sepa r a t e d from othe r user s. The major ben efit of this model is cost-
effective n e s s for the cloud provide r. Some risks or issue s with the
model for the cloud use r includ e the pote n ti al for one use r to be able
to acces s data belon gi n g to anot h e r user and difficulty to back up and
resto r e dat a

The Issue s Associat e d with the Flexibility of Data- Location

One of the benefits of cloud comp u ti n g from the cloud provide r’s
pers p e c t iv e is the ability of the cloud provide r to move dat a amon g its
availa ble dat a cent e r reso u r c e s as nece s s a r y to maximize the
efficiencie s of it over all syste m. From a tech n ology pers p e c tive, this
ability to move data is a reas o n a b ly good solution to the proble m of
und e r utilized machin e s .

Data Prote c tio n. In fact, in the cloud environ m e n t it is possible that the
sam e data may be store d in multiple location s at the sam e time. For
exam pl e, real time- tran s a c ti o n data may be in one geog r a p h i c location while
the back u p or disas t e r recove ry syste m s may be elsew h e r e . It is also likely
that the agre e m e n t gover ni n g the servic e s says nothin g abou t dat a location.
From a legal pers p e c tive, flexibility of dat a location pote n ti ally challen g e s
the gover ni n g law provision in the cont r a c t. If the law specified in the
cont r a c t (e.g., the cont r a c t says that laws of Thailan d will gover n this
 | 218

agre e m e n t ) req uir e s a cert ai n tre a t m e n t of the dat a, but the law of the
jurisdic tion whe r e the dat a resid e s (e.g., data cent e r in Polan d) req ui r e s
anot h e r tre a t m e n t , ther e is an inhe r e n t conflict that must be resolved. This
conflict exists rega r dl e s s of whet h e r the stor a g e is tem p o r a l, and as part of
the proce s si n g of the dat a, or long- term stor a g e that might be a service in
itself (i.e., infras t r u c t u r e as a service), or part of a softw a r e or platfor m as a
servic e offering.

Othe r Jurisdiction Issue s

• Confide n ti ality and Gover n m e n t Access to Data.

Each jurisdiction (and per h a p s stat e s or provinc e s within a

jurisdic tion) has its own regim e to prot e c t the confide n ti ality of
infor m a ti o n. In the cloud environ m e n t , given the pote n ti al move m e n t
of dat a amon g multiple jurisdictio n s, the dat a hous e d in a jurisdictio n
is subjec t to the laws of that jurisdiction, even if its owne r resid e s
else w h e r e . Given the inconsis t e n c y of confide n ti ality prot e c tio n in
variou s jurisdiction s, a cloud user may find that its sensitive dat a are
not entitle d to the prot ec tio n with which the cloud user may be
familiar, or that to which it contr a c t u a lly agr e e d . A gover n m e n t’s
ability to acce s s dat a is also direc tly conne c t e d to the jurisdictio n in
which the dat a resid e. If the jurisdiction has laws that per mi t its
gover n m e n t to get acces s to dat a (with or witho u t notice to the cloud
user or the individu al or entity that owns the dat a), that dat a may be
subjec t to interc e p ti o n by the gover n m e n t .

• Subco n t r a c t i n g . A cloud provide r’s use of a third- party subco n t r a c t o r

to carry out its busine s s may also crea t e jurisdictio n al issue s. The
exist e n c e or natu r e of a subco n t r a c t i n g relation s hi p is most likely
invisible to the cloud user. If, in the perfor m a n c e of the service s, ther e
was a laps e that was due to the subco n t r a c t o r’s perfor m a n c e , the
location of the subcon t r a c t o r or the dat a acte d on by the
subco n t r a c t o r will be difficult for a cloud user to asce r t a i n . As a res ult,
the risk associa t e d with the acts of or the locations of the
subco n t r a c t o r are difficult to mea s u r e by the cloud user.

• Inte r n a t i o n a l Conflicts of Laws

The body of law known as “conflict of laws” ackno wl e d g e s that the

laws of differe n t count ri e s may oper a t e in opposition to eac h othe r,
even as thos e laws relat e to the sam e subjec t matt e r . In such an event,
it is nece s s a r y to decide which count ry’s law will be applie d. Every
nation is sover ei g n within its own territo ry. That mea n s that the laws
of that nation affect all prop e r t y and people within it, includin g all
 | 219

cont r a c t s mad e and actions carrie d out within its bord e r s . In a cloud
environ m e n t , the conflicts of laws issues make the cloud provide r’s
decision s reg a r di n g cross- geog r a p h y virtualiza tio n and multi- tena n cy,
the cloud user’s lack of inform a t io n rega r di n g data location, and the
pote n ti al issue s with geog r a p h i c ally divers e subco n t r a c t o r s highly
releva n t .