massive multitenancy with v8 isolates
play

Massive Multitenancy with V8 Isolates Kenton Varda - Tech Lead, - PowerPoint PPT Presentation

Sep 25, 2023 •387 likes •812 views

Massive Multitenancy with V8 Isolates Kenton Varda - Tech Lead, Cloudflare Workers The Challenge 165 Locations and growing Scalability can mean... Traffic (requests) Easy: More locations = more capacity. Tenants (apps) Hard: Every tenant in

  1. Massive Multitenancy with V8 Isolates Kenton Varda - Tech Lead, Cloudflare Workers

  2. The Challenge

  3. 165 Locations and growing

  4. Scalability can mean... Traffic (requests) Easy: More locations = more capacity. Tenants (apps) Hard: Every tenant in every location. Some locations are small!

  5. Needed: Efficiency

  6. I, , made or led: ● Protobufs v2 ● Cap'n Proto ● Sandstorm.io ● Cloudflare Workers Warning - I am : ● An experienced speaker ● A graphics designer

  7. Efficiency... App Code Footprint Baseline Memory Usage VM: 10GB VM: 1GB Container: 100MB Container: 100MB Needed: < 1MB Needed: < 5MB Context Switching Startup Time VM: low VM: 10s Container: medium Container: 500ms Needed: extreme Needed: < 5ms

  8. Other use cases APIs Run client code directly on API server. Big Data Processing Run code where the data lives. Web Browsers Run code from visited sites.

  9. We built this already!

  10. Browsers are optimized for...

  11. V8 JavaScript Runtime: An Extreme Multitenancy Engine

  12. Isolates and APIs

  14. VMs Containers Isolates Application Application Application Uncommon libraries Libraries Libraries Web Platform APIs Language Runtime Language Runtime JS Runtime Operating System Operating System Operating System Hardware (virtualized) Hardware Hardware Provided by host Provided by guest

  15. HTTP client: HTTP server:

  16. WebAssembly? WASM Isolates Application Language Libraries Language Runtime Application API Bindings Uncommon libraries Web Platform APIs Web Platform APIs JS Runtime JS Runtime Operating System Operating System Hardware Hardware Missing a way to share common runtimes...

  17. Resource Management

  18. OOM Killing as a First Resort OOM priority Isolate Isolate Isolate Isolate Isolate Isolate Isolate Isolate Isolate Isolate Isolate Desired total memory usage. Evict these. Prioritize: LRU, high memory usage

  19. Resource limits Isolates run on separate threads. CPU timer_create(CLOCK_THREAD_CPUTIME_ID) isolate.TerminateExecution() RAM Monitor with isolate.GetHeapStatistics() Evict isolates that go over limit.

  20. Code Distribution

  21. Security

  22. Is V8 secure enough for servers?

  23. V8 bugs... Deep in v8/src/compiler/typer.cc … Optimizer: " Math.expm1() can return real number or NaN." Forgot: -0 (negative zero) Full sandbox breakout! Awesome writeup: Google "Andrea Biondo V8 bug" Link: https://abiondo.me/2019/01/02/exploiting-math-expm1-v8/

  24. NOTHING IS "SECURE" Security is Risk Management

  25. Relatively more bugs than VMs. Reasons: ● Larger attack surface (Bad) ● More research (Good) ○ Bug Bounty ○ Fuzzing ○ Important target

  26. Risk Management VS Browser Server

  27. Risk Management VS Browser Server Install updates fast.

  28. Risk Management VS Browser Server Install updates fast. Install updates faster.

  29. Risk Management VS Browser Server Install updates fast. Install updates faster. Use separate profiles for trusted vs "suspicious" sites.

  30. Risk Management VS Browser Server Install updates fast. Install updates faster. Use separate profiles for Use separate processes for trusted vs "suspicious" sites. trusted vs. "suspicious" tenants.

  31. Risk Management VS Server Browser

  32. Risk Management VS Server Browser Store all scripts ever uploaded for forensic purposes. No eval().

  33. Risk Management VS Server Browser Store all scripts ever uploaded for forensic purposes. No eval(). Watch for segfaults, inspect scripts that cause them.

  34. Risk Management VS Server Browser Store all scripts ever uploaded … can't, privacy violation. for forensic purposes. No eval(). Watch for segfaults, inspect scripts that cause them.

  35. What about Spectre?

  37. We have no solution We can neither confirm except process nor deny that process isolation. isolation is enough.

  38. Thread 1 Thread 2 No (local) timers No (local) Freedom to (at all!) concurrency reschedule

  39. Big Picture

  40. Granularity Units of Mainframe Compute Commodity Server Virtual Machine Container Isolate

  41. Questions?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MULTITENANCY IN KUBERNETES WHAT COMPANIES CARE ABOUT Velocity Cost 2 Hello! I AM KATHARINA

MULTITENANCY IN KUBERNETES WHAT COMPANIES CARE ABOUT Velocity Cost 2 Hello! I AM KATHARINA

MULTITENANCY IN KUBERNETES WHAT COMPANIES CARE ABOUT Velocity Cost 2 Hello! I AM KATHARINA PROBST Im a Senior Engineering Manager at Google. You can find me at www.linkedin.com/in/katharina.probst 3 WHY MULTITENANCY 4 KUBERNETES AT

558 views • 35 slides
Flat no more! Hierarchical multitenancy and projects acting as domains in OpenStack Andrey

Flat no more! Hierarchical multitenancy and projects acting as domains in OpenStack Andrey

Flat no more! Hierarchical multitenancy and projects acting as domains in OpenStack Andrey Brito, Henrique Truta and Raildo Mascena Universidade Federal de Campina Grande 1 Presenters Andrey Brito Professor - Universidade Federal de Campina

969 views • 49 slides
Antifungal Susceptibility of Aspergillus Isolates from the Respiratory Tract of Patients in

Antifungal Susceptibility of Aspergillus Isolates from the Respiratory Tract of Patients in

1 Antifungal Susceptibility of Aspergillus Isolates from the Respiratory Tract of Patients in Canadian Hospitals: Results of the CANWARD 2016 Study. J. FULLER 1,3 , A. BULL 2 , S. SHOKOPLES 2 , T.C. DINGLE 2,3 , H. ADAM 4,5 , M. BAXTER 4 , D. J.

866 views • 25 slides
Resistant Isolates) Being Developed for the Treatment of Vulvovaginal Candidiasis Stephen A.

Resistant Isolates) Being Developed for the Treatment of Vulvovaginal Candidiasis Stephen A.

In Vitro Activity of the Novel Agent, Ibrexafungerp (formerly SCY-078) Against Candida spp. (Including Fluconazole- Resistant Isolates) Being Developed for the Treatment of Vulvovaginal Candidiasis Stephen A. Barat, PhD Vice-President

748 views • 13 slides
The FIFA Universe Massive scale, massive influence, massive corruption First, Some History.

The FIFA Universe Massive scale, massive influence, massive corruption First, Some History.

The FIFA Universe Massive scale, massive influence, massive corruption First, Some History. Football Association (FA) Formed 1863, governs association football in England Prior to this, football was just a school yard sport Rule

579 views • 35 slides
Discordant Tropism Determination for HIV-1 Isolates of CRF01_AE from Asia Wataru Sugiura 1 ,

Discordant Tropism Determination for HIV-1 Isolates of CRF01_AE from Asia Wataru Sugiura 1 ,

Discordant Tropism Determination for HIV-1 Isolates of CRF01_AE from Asia Wataru Sugiura 1 , Sverine Louvel 2 , Nico Pfeifer 3 , Masakazu Matsuda 2 , Yoshiyuki Yokomaku 2 , Rolf Kaiser 4 , Thomas Klimkait 5 rPhenotyping R5-tropic (TAK779)

211 views • 5 slides
Antifungal Susceptibility of Respiratory Aspergillus Isolates from Canadian Hospitals: Results of

Antifungal Susceptibility of Respiratory Aspergillus Isolates from Canadian Hospitals: Results of

1 Antifungal Susceptibility of Respiratory Aspergillus Isolates from Canadian Hospitals: Results of the CANWARD 2013 Study. J. FULLER 1 , S. SHOKOPLES 1 , L. TURNBULL 1 , R. RENNIE 1 , H. ADAM 2,3 , M. BAXTER 2 , D. J. HOBAN 2,3 and G. G. ZHANEL 2

396 views • 25 slides
Antifungal Susceptibility of Invasive Candida Isolates from Canadian Hospitals: Results of the

Antifungal Susceptibility of Invasive Candida Isolates from Canadian Hospitals: Results of the

1 Antifungal Susceptibility of Invasive Candida Isolates from Canadian Hospitals: Results of the CANWARD 2013 Study J. FULLER 1 , S. SHOKOPLES 1 , L. TURNBULL 1 , R. RENNIE 1 , H. ADAM 2,3 , M. BAXTER 2 , D. J. HOBAN 2,3 and G. G. ZHANEL 2 1

542 views • 26 slides
Cytotoxic Activity of Food Isolates of Cronobacter sakazakii and Cronobacter muytjensii from

Cytotoxic Activity of Food Isolates of Cronobacter sakazakii and Cronobacter muytjensii from

Cytotoxic Activity of Food Isolates of Cronobacter sakazakii and Cronobacter muytjensii from Indonesia Siti Nurjanah Supervised by: Prof. Maggy T. Suhartono Dr. Ratih Dewanti Dr. Sri Estuningsih Department of Food Science and Technology and

556 views • 17 slides
from environmental isolates Nicolas Kieffer* 1 , Julia Guzmn Puche 2 , Hyo Jung Kang 3 , Che Ok

from environmental isolates Nicolas Kieffer* 1 , Julia Guzmn Puche 2 , Hyo Jung Kang 3 , Che Ok

18.12.2018 ZHO-1, a novel B1 metallo-beta-lactamases identified from environmental isolates Nicolas Kieffer* 1 , Julia Guzmn Puche 2 , Hyo Jung Kang 3 , Che Ok Jeon 3 , Laurent Poirel 1 Patrice Nordmann 1 1 Medical and Molecular Microbiology

558 views • 19 slides
Source attribution of French clinical isolates of Campylobacter jejuni Pr Philippe Lehours E.

Source attribution of French clinical isolates of Campylobacter jejuni Pr Philippe Lehours E.

Source attribution of French clinical isolates of Campylobacter jejuni Pr Philippe Lehours E. Berthenet, A. Thpault, M. Chemaly, K. Rivoal, A. Ducournau, A. Buissonnire, L. Bnjat, E. Bessede, F. Megraud, SK Sheppard. CHU de Bordeaux,

453 views • 21 slides
Tropism Determination for HIV-1 Subtype C Isolates Alexandra Haas Jolle Bader Thomas Klimkait

Tropism Determination for HIV-1 Subtype C Isolates Alexandra Haas Jolle Bader Thomas Klimkait

Tropism Determination for HIV-1 Subtype C Isolates Alexandra Haas Jolle Bader Thomas Klimkait May 9 th 2015 Department of Biomedicine-Haus Petersplatz, Molecular Virology University of Basel HIV-1 entry and fusion Adapted from Moore et al.

146 views • 10 slides
A different look to massive MIMO Ana Garca Armada Communications Research Group (GCOM)

A different look to massive MIMO Ana Garca Armada Communications Research Group (GCOM)

A different look to massive MIMO Ana Garca Armada Communications Research Group (GCOM) Universidad Carlos III de Madrid, Spain GCOM-UC3M Agenda Introduction to Massive MIMO Wearable massive MMO Non-coherent massive MIMO

469 views • 15 slides
Massive Data Algorithmics Lecture 11: BFS and DFS Massive Data Algorithmics Lecture 11: BFS and

Massive Data Algorithmics Lecture 11: BFS and DFS Massive Data Algorithmics Lecture 11: BFS and

Massive Data Algorithmics Lecture 11: BFS and DFS Massive Data Algorithmics Lecture 11: BFS and DFS Breadth-First Search(BFS) One of the most basic graph-traversal methods - input: G ( V , E ) , undirected - one starting point: s - compute:

521 views • 22 slides
Massive number of services and massive number of stakeholders with local rules Pal Varga and

Massive number of services and massive number of stakeholders with local rules Pal Varga and

1 Massive number of services and massive number of stakeholders with local rules Pal Varga and Jerker Delsing www.arrowhead.eu 03/10/13 3 The society nervous system - the automation challenge 3 Annual growths more than 10% and over 40

494 views • 15 slides
Subsequent Tests with Isolates Terry Wheeler Texas A&amp;M AgriLife Research, Lubbock Field

Subsequent Tests with Isolates Terry Wheeler Texas A&amp;M AgriLife Research, Lubbock Field

Bacterial blight in Texas in 2015 and Subsequent Tests with Isolates Terry Wheeler Texas A&amp;M AgriLife Research, Lubbock Field Protocol for Bacterial Blight Inoculations 1) Grow bacteria in Trypticase Soy Broth for 1 days; 2) Add 1800

367 views • 13 slides
PRESENTATION FOR TESTING DIRECTIONS The World Health Organization declared COVID-19 a pandemic on

PRESENTATION FOR TESTING DIRECTIONS The World Health Organization declared COVID-19 a pandemic on

EMERGENCY MANAGEMENT ACT 2005 (WA) ( (a) who enters Westero Australia by disembarking from an afgected aircraft onto land anywhere in Western Australia (including any person who entered Westero Australia in this manner on or afuer 29 June 2020);

268 views • 3 slides
ARMlock: Hardware-based Fault Isolation for ARM Yajin Zhou , Xiaoguang Wang, Yue Chen, and Zhi

ARMlock: Hardware-based Fault Isolation for ARM Yajin Zhou , Xiaoguang Wang, Yue Chen, and Zhi

ARMlock: Hardware-based Fault Isolation for ARM Yajin Zhou , Xiaoguang Wang, Yue Chen, and Zhi Wang North Carolina State University Xian Jiaotong University Florida State University Software is Complicated and Vulnerable Number of CVEs 17

912 views • 28 slides
One Person, One Lock Control of Hazardous Energy H&amp;S Program Standard 7-45 Course Code

One Person, One Lock Control of Hazardous Energy H&amp;S Program Standard 7-45 Course Code

One Person, One Lock Control of Hazardous Energy H&amp;S Program Standard 7-45 Course Code 600009 TRACCESS Module - 2017 Control of Hazardous Energy Training BU Specific Group BU Competency Lockout Increasing Competency Group

1.07k views • 37 slides
Docker File System Isolation By Darrin Schmitz David Huff Destiny Velasquez 1 LA-UR-15-25911

Docker File System Isolation By Darrin Schmitz David Huff Destiny Velasquez 1 LA-UR-15-25911

Docker File System Isolation By Darrin Schmitz David Huff Destiny Velasquez 1 LA-UR-15-25911 Specifications HP ProLiant DL380p Gen8 servers Head node has 32 cores and 32 GB RAM 10 child nodes have 24 cores and 24 GB RAM

523 views • 24 slides
AOGV TM Add On Gate Valve Kenneth O. Rosn Manager AOGV Kjetil Aamodt Principal Engineer

AOGV TM Add On Gate Valve Kenneth O. Rosn Manager AOGV Kjetil Aamodt Principal Engineer

If only this flange had an isolation valve Isolation without shut down AOGV TM Add On Gate Valve Kenneth O. Rosn Manager AOGV Kjetil Aamodt Principal Engineer AOGV Kenneth Laatveit Business Development &amp; Sales Manager

931 views • 33 slides
Can Fault Tree Analysis Technique Resolve Fault Isolation Ambiguity? Alpana Gangopadhyaya

Can Fault Tree Analysis Technique Resolve Fault Isolation Ambiguity? Alpana Gangopadhyaya

Reliability Maintenance and Managing Risk Conference 2019 Can Fault Tree Analysis Technique Resolve Fault Isolation Ambiguity? Alpana Gangopadhyaya Supportability Systems Engineer Northrop Grumman Alpana.Gangopadhyaya@ngc.com Phone Number

466 views • 18 slides
Host range, pathogenicity, and genetic diversity of Corynespora cassiicola from cotton Marin Talbot

Host range, pathogenicity, and genetic diversity of Corynespora cassiicola from cotton Marin Talbot

Host range, pathogenicity, and genetic diversity of Corynespora cassiicola from cotton Marin Talbot Brewer Dept. of Plant Pathology, UGA Corynespora cassiicola is causing numerous emerging diseases, including target spot of cotton A disease is

566 views • 13 slides
Company Presentation May 2019 0 Disclaimer The following presentation has been prepared by

Company Presentation May 2019 0 Disclaimer The following presentation has been prepared by

Company Presentation May 2019 0 Disclaimer The following presentation has been prepared by 58.com Inc. (the Company) solely for informational purposes and is not an offer to buy or sell or a solicitation of an offer to buy or sell any

683 views • 39 slides

More recommend