Resources Management and Component Placement

Presenter: Bo Sheng

Outline

SHARP: Secure Resources Peering Motivation Overview Key techniques Evaluation

Profile-driven Component Placement

Motivation

Research threads: Federated sharing of distributed resources under coordinated control Internet service utility Computational network (PlanetLab, Netbed) P2P and Grid computing

Location independent service naming

Motivation

Resource Management

Motivation

Flexible Policy-based System Reserve resources across the system Admission control Balance global resources sharing Robust Secure

SHARP

SHARP (Secure Highly Available Resource Peering) Soft-state timed claims Oversubscribe Accountable delegation

SHARP-Architecture

Overview Site/node Slice Service manager Site authority Local resource scheduler Agents

SHARP-Architecture

Overview

SHARP-Architecture

Resources Claims Claim record <holder, resource set, term> Signed by the issuer

Resources Obtainment Ticket Lease

Resources Delegation Self-describing / Self-certifying

SHARP-Architecture

Probabilistic Claims Oversubscribe Accountable

Conflict Rejection

Reputation service Degree control

SHARP-Architecture

SHARP Interface Request<reqID, resourceSet, [claims], [option]> Claim<reqID, claims> Grant<reqID, claims> Reject<reqID, rejectRecord, claims>

SHARP-Architecture

Agents Site agents

Distribute claims for site resources Peering policy

User agents Gather tickets for global resources

Brokers Community banking Adaptive provisioning

SHARP-Architecture

Security Architecture T1:Unauthorized service manager T2:Replay attack T3:Unauthorized agent or client T4:Site contributes faulty resources T5:Malformed requests or claims

T7:Malicious (A) site authority (B) agent falsely advertises tickets or lease for which resources do not exist.

T8:Malicious site authority falsely rejects tickets.

SHARP-Secure Delegation

Resources Sets Abstract in a ticket <type, count> Distribution/redeem Mapping from abstract to concrete resources

Resource Claims Globally unique claimID <claimID, issuer, holder, rset, term, parent> Signature SHAKi

SHARP-Secure Delegation

Secure Delegation and Tickets

SHARP-Secure Delegation

Secure Delegation and Tickets

SHARP-Secure Delegation

Claim Tree

SHARP-Secure Delegation

Tickets Conflicts and Accountability A set of claims {c0,…,cn} is conflicting at claim p

∑ci.rset.count > p.rset.count A set of tickets is conflicting iff their final claims

are conflicting for some common ancestor p Accountable claim

SHARP-Secure Delegation

Tickets Conflicts and Accountability

SHARP-Secure Delegation

Detection Algorithm – linear with chain’s length

SHARP-Secure Delegation

Security Analysis and Discussion Non-repudiation / Sybil attack Confinement problem Clock synchronization / monitoring

SHARP-Resources Availability and Efficiency Soft/hard reservation Key techniques

Timed claim Oversubscribe

Degree Aggressive advertisement

Latency/overhead of resource discovery Coordination

Case Study-PanetLab

Resource routing and access via pair-wise relationship

Case Study-PanetLab

Evaluation - oversubscribe

Case Study-PanetLab

Evaluation - oversubscribe

Case Study-PanetLab

Evaluation - oversubscribe

SHARP- Conclusion

Resources management Secure delegation Oversubscribe

Component Placement

Challenges Different resource needs / availability QoS, e.g. response time Consider runtime factors

Bursty demand Failures System upgrades

Goal: Efficient dynamic component placement in cluster-based online service

Component Placement

Overview Build per-component resource consumption

profiles as a function of input workload characteristics CPU Network bandwidth Memory

Average / peak requirements

Component Placement

Overview Placement decision

Profiles Available system resources Runtime workload

Centralized / distributed / dynamical

Component Placement

Overview

Component Placement

Building component profiles High throughput component placement Runtime component migration