ch10. emerging applicaion

Migration ofComputing Environments

분산시스템연구실

김은성

2006-11-06

SNU DCSLabhttp://dcslab.snu.ac.kr

Contents

IntroductionVirtual ComputerInternet Suspend/Resume (ISR)The Stanford Collective ProjectMigration of Virtual machines in VmotionMobiDesk: Mobile Virtual Desktop

Computing


Introduction

Multiple work-site environment Required identical work environment

In the 1960s, mainframe servers Simple, “dumb” terminals Central data storage

Portable devices such as laptop computers Two significant disadvantages

• The user is required to carry a physical device to transport the environment.

• The user is responsible for the physical security of the portable device at all times.


Introduction

Migration of computing environments Capsule: the state of a machine

• The state of the resources used by the OS and the applications

• The code and data belonging to the OS and applications

This requires• All this state information to be encapsulated,• Transmitted across a network, and• Installed on the other computer before the user

can take over operation at a second computer.


Virtual Computers

VM migration-based computing environment Virtual machine technology

• Provides the ability to capture the entire state of a computer system.

• Facilitates migration of a full computing environment.

Virtual machine itself can server as a capsule.


Virtual Computers

Several issues The time taken to migrate the entire state of a

computer• Not necessary to send the entire state from one computer to

another initially• Information already available on the second computer

Compression and encryption• To reduce the amount of data transmitted• To transmit it securely

Different hardware architecture Performance

• The different ISA between the user’s VM and the host computers

• Binary translation and optimization techniques


Internet Suspend/Resume (ISR)

Assumption A user suspends operation on

one machine, travels to another machine, and resumes execution on the other machine.

VMware GSX Server Migration using a distributed file s

ystem VMM keeps a capsule in a file

on a distributed file system. 2.5-30 seconds from distributed fi

le system at LAN speeds


Internet Suspend/Resume (ISR)

Several problems The need to change the IP address to access the network and al

l references to this address in the saved environment• MobileIP technology

Long migration time• The organization of the state information in modules that are loaded

incrementally “Pull” model: long latency

• Destination computer reading in the environment state file on demand

• Proactively copying in the state to the local machine even before the user requests it

Only the changes to the environment need be loaded. Reusing the environment of other users already on the system


MobileIP Network

Mobile End-systemInternet

Router

Router

Router

End-system

FA

HA

MN

Home Network

Foreign Network

(Physical home network for the MN)

(Current physical network for the MN)

CN


MobileIP in Action

Internet

Sender

FA

HA

MN

Home Network

ForeignNetwork

Receiver

1

2

3

1. Sender sends to the IP address of MN, HA intercepts packet (proxy ARP)2. HA tunnels packet to COA, here FA, by encapsulation3. FA forwards the packet to the MN

CN


MobileIP in Action

Internet

Receiver

FA

HA

MN

Home Network

ForeignNetwork

Sender

1

1. Sender sends to the IP address of the receiver as usual, FA works as default router

CN


The Stanford Collective Project

“Push” model A capsule is sent to the destination computer

directly. The user can have instantaneous access to hi

s or her environment at the destination site.VMware GSX ServerTunneling of network packets over a VPN20 minutes at DSL speeds



Reducing memory state before migration Balloon program

• Requests a large number of pages on a virtual machine.• Expectation is that these pages are released from the

currently inactive processes that do not need to respond instantaneously on a resume at the destination.

• The size of the memory state which is transferred is now reduced.

Several subtle policy issues• Reduction of memory size vs. overhead of resume operation• Active pages that are easily compressible



Reducing the size of the transmitted packet The state represented by the disk is rather formidable. By maintaining differences between capsules rather

than the full disk image for each capsule Capsule hierarchy

• Incremental disk with the copy-on-write concept– Many different versions to share a single copy of the actual

data

– Particularly effective when these versions are largely the same and differ in only some small aspects.

• When the student moves to another computer, the currently open incremental disk image is transferred to the new computer.



UniversityCapsule

Department1Capsule

Department12Capsule

Student1Capsule

Student2Capsule

Student3Capsule

Department2Updated Capsule

Student4Capsule

Root node: the state of the disk

is saved in its entirety

Child node: Save the incremental

states of the parent andthe child

The state of the disk at any nodecan be derived from the disk infocontained in the nodes along the

path from the root.

Student1 WorkingCapsule



Reducing start-up time on a resume On demand fetch for the information in the ca

psule, rather than being prefetched completely

• All accesses to disks are intercepted by the VMM and forwarded to a disk server.

• The disk server translates the request to an access in one of the nodes in the hierarchy.

• Local shadow copies



Reducing transmission time and bandwidth by exploiting redundancy in disk blocks Hashed copy scheme

• Instead of transferring the actual data blocks, transmits the computed hash values of the data blocks.

• When a disk block is needed, checks to see whether a block with the same hash value is available locally.

• If the block is not available locally, the computer broadcasts a request for a copy.



Results of experiments


Migration of Virtual machines in VMotion

VirtualCenter Infrastructure management software that manages a cluster of In

tel IA-32 virtual machine systems connected in a local-area network

Deployment and monitoring of virtual machine



VMotion Part of the VirtualCenter for migration Characteristics

• Load balancing – To improve the response time of the system through better utilization of

resources

• Security – To quarantine a virtual machine that has been attacked

• Collocation– To bring communicating virtual machines close together

• Fault tolerance– To move a failing host to another processor

• Power management– To move the load away from an overheated processor

• Maintenance– To move the load away from some processor while it is upgraded



Restriction of VMotion The source and destination computers must be in the

same server cluster managed by the same VirtualCenter manager.

The file systems on the source and destination computers must be identical and located on shared disks in a SAN.

The processors must have the same architecture and be provided by the same vendor.

The virtual machine supports a Gigabit Ethernet adapter.

The virtual machines should be running only stand-alone applications.



VMotion actions It first ensures that the virtual machine is in a

stable state on the current host. It then copies the contents of the memory bel

onging to the virtual machine to the destination host. (baseline copy)

The virtual machine on the original host is suspended. (incremental capsule)

It then activates the virtual machine on the new host.


MobiDesk: Mobile Virtual Desktop Computing

A mobile virtual desktop computing hosting infrastructure Similar with the Windows Remote Desktop Connection

Features Users can move across different end-devices while

keeping their computing sessions. Computing sessions can be migrated from one hosting

server to another. Low overhead



Moving across end-devices Users interact with MobiDesk sessions

through session viewer. Upon 1st login, authentication is performed

and the session view is connected to a session server through a proxy.

When the user disconnects, the sessions continues to run on the session server.

On next connection, the session will be in the same state it was when the user last disconnected.



Migration across servers Sessions can be checkpointed and migrated t

ransparently at any point in time. This feature is useful when the hosting server

needs to be updated.



How MobiDesk accomplish this For client migration – decouples a user’s

computing session from the display.• By moving all application logic to hosting providers

(session servers)

For session migration – decouples the computing session from the underlying OS and the network resources.



MobiDesk architecture



Display virtualization Designed as a virtual video device driver

• Wrap the display commands from session applications,

• And send them to a remote client over the network.

Session server keeps the state of the virtual display.

Deploys a server-push model for sending display updates to the client.



Operating system virtualization Provide a unique name-space for each

session.• OS resources are now identified with virtual

identifiers.

In each name-space, a traditional environment is provided to the application.

Sessions• Virtualization• Migration



Operating system virtualization Session virtualization

• The virtualization layer associates a virtual name to an appropriate OS physical name.

• System call interposition– Wrappers around system calls that translate virtual name

s to physical names and prevent accesses across the session boundary

• chroot utility and file system stacking– Provide each session with its own file system namespac

e



Operating system virtualization Session migration

• Using a checkpoint-restart mechanism• To avoid dependencies on low-level kernel details,

processes are required to be suspended before checkpoint.

• The new hosting server use a session cookie to notify the proxy.

• Limitation of session migration:– Migrate between machines with a common CPU

architecture– Kernel differences are limited to maintenance and

security patches.



Network virtualization Issues

• Multiple sessions on the same server may run the same service.

• Ongoing network connections must be preserved when a session is migrated from one server to another.

All servers on same subnet• Each session gets an IP address from the DHCP server and

uses it as an alias on the NIC on the attached server• Gratuitous ARP is used to resolve MAC address change

when sessions are migrated• Proxy re-directs traffic to and from aliased addresses

corresponding to individual sessions



Network virtualization All servers on different subnets

• Cannot migrate an aliased address obtained in one subnet to another (Inconsistency)

– Solution: use virtual addresses for proxy mapping and map these virtual addresses to physical (aliased) addresses dynamically at the proxy

• The aliased address may be reused in old subnet, confusing the proxy (Conflict)

– Solution: each session is bound to a different virtual NIC at the proxy, and labels in packets are used to identify the virtual NIC to which the session is bound



Network virtualization



Benefits over current computing High-availability and reliable application

services Persistence and continuity of business logic Secure, low-cost global access and

transparent user mobility On-demand access to application and

computational resources Bridging the information gap


Thank you

Any questions or comments?

ch10. emerging applicaion

Technology