non intrusive out of band and out of the box systems
play

Non-intrusive, Out-of-band and Out-of-the-Box Systems Monitoring in - PowerPoint PPT Presentation

Jan 16, 2024 •153 likes •385 views

Non-intrusive, Out-of-band and Out-of-the-Box Systems Monitoring in the Cloud SIGMETRICS June 18, 2014 Canturk Isci Sahil Suneja Vasanth Bala Eyal de Lara Todd Mummert University of Toronto IBM T.J. Watson Research IBM Research Data

  1. Non-intrusive, Out-of-band and Out-of-the-Box Systems Monitoring in the Cloud SIGMETRICS June 18, 2014 Canturk Isci Sahil Suneja Vasanth Bala Eyal de Lara Todd Mummert University of Toronto IBM T.J. Watson Research

  2. IBM Research Data Center Machines Traditional VMs = new processes for the cloud computer! OS HARDWARE Modern 2

  3. IBM Research Traditional Systems Monitoring 3

  4. IBM Research Traditional Systems Monitoring VM VM VM VM VIRTUALIZATION LAYER HARDWARE 4

  5. IBM Research Introducing- Near Field Monitoring VM VM VM VM VIRTUALIZATION LAYER HARDWARE 5

  6. IBM Research Near Field Monitoring (NFM) 6

  7. IBM Research NFM's Advantages  Always-on: Works for unresponsive or compromised systems  Out-of-the-box: Unmodified guest No agent or hook installation  Non-intrusive: No guest cooperation No interference with guest operation  Out-of-band: Outside guest's context Decouple execution and monitoring  Virtualization-aware: Holistic knowledge Accurate and efficient monitoring 7

  8. IBM Research NFM's Architecture Hypervisor Cloud Analytics Analytics Apps VM OS APP Memory Crawl Frames API Frame { Crawl Datastore ....... Disk MEM MEM APP ....... Logic Frontend Backend Structured } View view of Disk Disk VM states Crawl View APP API Frontend Backend 8

  9. IBM Research Approach: VM Memory Introspection Hypervisor VM OS Memory Crawl API Crawl Disk MEM MEM Logic View Disk Disk Crawl View API 1. Exposing VM Memory State – Gain access to VM’s memory image from outside • Unmodified VM • Unmodified hypervisor 2. Exploit VM Memory State – Reconstruct VM's runtime state from the memory image – In-memory kernel data structure traversal 9

  10. IBM Research Approach | Exposing VM Mem State  Memory dump – Dump / migrate guest memory to file – KVM-QEMU pmemsave or migrate- to-file – High overhead: VM paused for dump duration  Live R/O memory handle – Xen • Map guest memory into crawler process- xc_map_foreign_range() – KVM • No default support • New live handle, read VM mem directly via – QEMU process' /proc/<pid>/mem + /proc/<pid>/maps – Negligible impact on VM 10

  11. IBM Research Approach | Exploiting VM Mem State  Extract system information by traversing linux kernel's C structs in exposed memory image – Different structs for different kinds of information • task_struct, mm_struct, files_struct, net_device etc.  Requirements: – Starting addresses for structs • /boot/System.map – Offsets for particular struct fields • Linux source or vmlinux • /boot/<Build.config> 11

  12. IBM Research Backend | Crawl Output Cloud Analytics Analytics Apps APP Frames Frame VM { Crawl Datastore ....... Mem/Disk APP ....... Logic Structured handle } view of VM states APP CPU NumCores, Hz, CacheSize, ... OS Nodename, Release, Arch, ... N/W device HWaddr, Ipaddr, TX/RX bytes, ... Modules Name, State, ... Process PID, Command, RSS, ... Open files FD → filename, ... Memory Mapping MappedFiles, VA → PA mappings, ... N/W connections SocketState, {Src, Dst, Ports}, ... 12

  13. IBM Research Backend | Prototype Apps 1. CTop : Cloud-wide consolidated resource monitoring 2. PaVScan : Hypervisor paging aware virus scanner 3. RConsole : Remote console 4. TopoLog : Network topology discovery 13

  14. IBM Research Evaluating NFM  Latency / monitoring frequency?   Accuracy?  Overhead?   Advantages? 14

  15. IBM Research NFM's High Monitoring Frequency Safe: 10Hz KVM: 20Hz Xen: 200Hz Basic Crawl Full Crawl 15

  16. IBM Research NFM's Accuracy: Cloud Top vs. top top – 11:58:42 up 1 day, 22:19, 1 user, load average: 0.90, 0.22, 0.11 Tasks: 57 total, 3 running, 54 sleeping, 0 stopped, 0 zombie Cpu(s): 99.0%us, 0.0%sy, 0.0%ni, 0.0%id, 0.0%wa, 0.7%hi, 0.0%si, 0.3%st Mem: 2052104k total, 1976340k used, 75764k free, 3996k buffers Swap: 6160380k total, 304068k used, 5856312k free, 1868k cached top | PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 1942 root 20 0 1028m 1.0g 188 R 49.9 51.0 0:08.98 malloc 1940 root 20 0 1028m 780m 136 R 49.5 38.9 0:11:91 malloc 1 root 20 0 56220 1164 408 S 0.0 0.1 0:00.71 systemd 2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd ----------------------------------------------------------------------------------------------------- Every 0.5s: ./topUpdate.sh CPU up time: 4461430125 jiffies cTop PID VIRT RES %CPU %MEM TIME+ COMMAND PID VIRT RES %CPU %MEM TIME+ COMMAND 1942 1052704KB 1047368KB 45.8 51.0 0:08:33 malloc 1940 1052704KB 798816KB 45.8 38.9 0:11.92 malloc 1 56220KB 1164KB 0.0 0.1 0:00.70 systemd 2 0 0 0.0 0.0 0:00.00 kthreadd : 16

  17. IBM Research NFM's High Accuracy <4% variation 17

  18. IBM Research NFM's Low VM Overhead 12000 9 Reply rate | 512MB WS Response time | 512MB WS 8 10000 Response time [ms] 7 8000 6 Reply rate [/s] 5 6000 4 4000 3 2 2000 1 0 0 base 10Hz monitoring virusscanning hashing + 256MB WS in paper 18

  19. IBM Research NFM's Advantages: Analyze Dysfunctional Systems  Via RConsole - Out-of-band console-like R/O interface  Supported functions: ls, lsmod, ps, netstat, ifconfig, ...  Time travel: sync and seed APIs  Analyzes unresponsive systems : kernel panic, misconfigured n/w  Detects (some) rootkits: In-VM Console: Active Internet connections (servers and established) Proto Local Address Foreign Address State tcp 127.0.0.1:25 0.0.0.0:* LISTEN tcp 9.XX.XXX.110:52019 9.XX.XXX.109:22 ESTABLISHED : tcp 9.XX.XXX.110:22 9.XX.XXX.15:49845 ESTABLISHED RConsole: Active Internet connections Proto Local Address Foreign Address State PID Process tcp 127.0.0.1:25 0.0.0.0:0 SS_UNCONNECTED 741 [sendmail] tcp 9.XX.XXX.110:52019 9.XX.XXX.109:22 SS_CONNECTED 6177 [ssh] : tcp 9.XX.XXX.110:22 9.XX.XXX.15:49845 SS_CONNECTED 14894 [sshd] tcp 0.0.0.0:2476 0.0.0.0:0 SS_UNCONNECTED 23304 [datacpy] 19

  20. IBM Research NFM's Advantages: Better Accuracy  Distributed Application – 3 LAMP instances VM1 VM2 VM3 Reservation 30% 30% 30% Allocation 100% 70% 30% 20

  21. IBM Research NFM's Advantages: Better Accuracy

  22. IBM Research Conclusion  Current monitoring techniques unfit for modern virtualized Cloud  Introducing Near Field Monitoring- Leverage virtualization for a fundamentally different VM monitoring approach Eliminates in-VM hooks, provides same fidelity monitoring out-of-band – Decoupled VM monitoring - execution architecture – Alleviates concerns with existing techniques – • Always-on, non-intrusive, holistic view, ... –  Evaluation: High frequency ● Low overhead ● Better accuracy ● Higher efficiency ● 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

EXPERIMENTAL EVALUATION OF HEAT TRANSFER MEASUREMENTS DURING LCM PROCESSES BY INTRUSIVE AND

EXPERIMENTAL EVALUATION OF HEAT TRANSFER MEASUREMENTS DURING LCM PROCESSES BY INTRUSIVE AND

18 TH INTERNATIONAL CONFERENCE ON COMPOSITE MATERIALS EXPERIMENTAL EVALUATION OF HEAT TRANSFER MEASUREMENTS DURING LCM PROCESSES BY INTRUSIVE AND NON-INTRUSIVE HEAT FLUX SENSORS. U. Pineda 1 *, N. Monts 1 , F. Snchez 1 , L. Domenech 1 1

310 views • 6 slides
Radio/microwave band The electromagnetic spectrum Infra red band Optical band UV band X-ray

Radio/microwave band The electromagnetic spectrum Infra red band Optical band UV band X-ray

The he mul ulti ti-wavele elength ngth mul ulti ti-tempor temporal al sk sky Radio/microwave band The electromagnetic spectrum Infra red band Optical band UV band X-ray band -ray band TeV band Radio/microwave band Infra red

692 views • 42 slides
Welcome to the Washington Warrior Band Program DARIEN M. ORR BAND DIRECTOR Phone: (217) 525-

Welcome to the Washington Warrior Band Program DARIEN M. ORR BAND DIRECTOR Phone: (217) 525-

Welcome to the Washington Warrior Band Program DARIEN M. ORR BAND DIRECTOR Phone: (217) 525- 3182 Ext. 160 Email: darienorr@sps186.org Benefits of Band Band provides the opportunity to create. Band builds a sense of community,

286 views • 9 slides
Band Presentation: By Leigh Maisey Initial Band The Scene and Herd Band Change Red Sky Was

Band Presentation: By Leigh Maisey Initial Band The Scene and Herd Band Change Red Sky Was

Band Presentation: By Leigh Maisey Initial Band The Scene and Herd Band Change Red Sky Was approached by Red Sky wanting some graphic design work done for the band. Band Briefing Logo Business Card Letterhead T Shirt Poster Logo

810 views • 23 slides
NMCHS CONDOR Band Marching Band, DrumLine, Color Guard, Jazz Band Performances Band Reviews:

NMCHS CONDOR Band Marching Band, DrumLine, Color Guard, Jazz Band Performances Band Reviews:

NMCHS CONDOR Band Marching Band, DrumLine, Color Guard, Jazz Band Performances Band Reviews: Oct 12th: Cupertino Oct 19th: Santa Cruz Boardwalk Nov 2nd: Pismo Beach Nov 9th : Merced Uniforms Checks are important: Shoes, black socks,

550 views • 9 slides
ULTRA WIDE BAND(UWB) Embedded Systems Programming N.Rushi (200601083) Bhargav U.L.N

ULTRA WIDE BAND(UWB) Embedded Systems Programming N.Rushi (200601083) Bhargav U.L.N

ULTRA WIDE BAND(UWB) Embedded Systems Programming N.Rushi (200601083) Bhargav U.L.N (200601240) OUTLINE : What is UWB ? Why UWB ? Definition of UWB. Architecture and Spectrum Distribution. UWB vsTraditional narrow-Band Advantages of

759 views • 41 slides
3 Short review Lecture no: NARROW-BAND CHANNELS WIDE-BAND CHANNELS Radio signals and

3 Short review Lecture no: NARROW-BAND CHANNELS WIDE-BAND CHANNELS Radio signals and

RADIO SYSTEMS ETI 051 Contents 3 Short review Lecture no: NARROW-BAND CHANNELS WIDE-BAND CHANNELS Radio signals and complex Delay (time) dispersion notation Narrow- versus wide-band Large-scale fading channels

558 views • 12 slides
Band Orientation 2019 What is the SMS Band? The Shelburne band is a place where students have fun

Band Orientation 2019 What is the SMS Band? The Shelburne band is a place where students have fun

Band Orientation 2019 What is the SMS Band? The Shelburne band is a place where students have fun learning how to perform music for the community. Its a place where students learn teamwork , responsibility, work ethic, and discipline that

736 views • 45 slides
min ( ). ( , , ). ( , ) l i a i j k V j k i j k Where ( i )

min ( ). ( , , ). ( , ) l i a i j k V j k i j k Where ( i )

CE -751, SLD, Class Notes, Fall 2006, IIT Bombay m a x = 1 =1- x n a x = 1 x x=any time band. m=Time band into which zone j falls a x =The destination opportunities available in time band x n= The last time band as measured

245 views • 23 slides
Non-Intrusive Load Monitoring (NILM) Presentation to the EEAC May 25 th , 2016 What is NILM?

Non-Intrusive Load Monitoring (NILM) Presentation to the EEAC May 25 th , 2016 What is NILM?

Non-Intrusive Load Monitoring (NILM) Presentation to the EEAC May 25 th , 2016 What is NILM? NILMs = Non-Intrusive Load Monitoring Hardware coupled with software that disaggregates whole house load into individual end use loads using

560 views • 12 slides
The Franklin Band The Franklin Band Overview Lets be clear on this: CONCERT BAND IS THE MOST

The Franklin Band The Franklin Band Overview Lets be clear on this: CONCERT BAND IS THE MOST

The Franklin Band The Franklin Band Overview Lets be clear on this: CONCERT BAND IS THE MOST IMPORTANT THING WE DO . W e are a concert band program that does marching band, not the other way around. Marching Band may be the most visible

423 views • 20 slides
WELCOME BAND PARENTS! Friday, May 19, 2017 CTJ Band Hall Our Kids Are Amazing!!! Upcoming

WELCOME BAND PARENTS! Friday, May 19, 2017 CTJ Band Hall Our Kids Are Amazing!!! Upcoming

WELCOME BAND PARENTS! Friday, May 19, 2017 CTJ Band Hall Our Kids Are Amazing!!! Upcoming Events May 19 th 2017-2018 Marching Band Kickoff Rehearsal May 26 th Spring Jazz Band Concert May 27 th 29 th UIL State Solo &amp; Ensemble Contest

392 views • 18 slides
NILMTK An Open Source Toolkit for Non-intrusive Load Monitoring NILMTK team 2 Haimonti Alex

NILMTK An Open Source Toolkit for Non-intrusive Load Monitoring NILMTK team 2 Haimonti Alex

1 NILMTK An Open Source Toolkit for Non-intrusive Load Monitoring NILMTK team 2 Haimonti Alex Rogers Dutta Nipun Batra Oliver Parson Amarjeet Singh Mani Srivastava William Jack Kelly Knottenbelt 3 Non-intrusive load monitoring

1.27k views • 57 slides
9 2. Non-Intrusive Inspections 4 Potential Applications

9 2. Non-Intrusive Inspections 4 Potential Applications

9 2. Non-Intrusive Inspections 4 Potential Applications Prospective Benefits 80% of vessels potentially suitable On-line vessel/tank inspection without 50% inspection costs reduction entry -

451 views • 14 slides
Lake Highlands High School Wildcat Band! Marching Band Q&amp;A as of 8.17.20 Whats new?! We

Lake Highlands High School Wildcat Band! Marching Band Q&amp;A as of 8.17.20 Whats new?! We

Lake Highlands High School Wildcat Band! Marching Band Q&amp;A as of 8.17.20 Whats new?! We miss our Wildcat Band!! The Band Directors will actually get into the building tomorrow! We have a new field and dots - ready for

238 views • 11 slides
Srdjan Mihaljevic CTO TAS Band Sub-band Frequency Wavelength HF 3-30 MHz decametric waves

Srdjan Mihaljevic CTO TAS Band Sub-band Frequency Wavelength HF 3-30 MHz decametric waves

Srdjan Mihaljevic CTO TAS Band Sub-band Frequency Wavelength HF 3-30 MHz decametric waves VHF 30-300 MHz metric waves Low Band VHF 30-50 MHz Mid band VHF 72-75 MHz High Band VHF 138-174 MHz 220 MHz 216-220 MHz UHF 300-3000 MHz

503 views • 46 slides
We are committed to the preparing of caring, accountable and critically- reflective teachers who

We are committed to the preparing of caring, accountable and critically- reflective teachers who

We are committed to the preparing of caring, accountable and critically- reflective teachers who nurture learning and development in diverse contexts Questions for introspection Questions for introspection Why the perception that

252 views • 10 slides
Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

1 Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and Validation Reflective Design and Validation Marc-Olivier Killijian Dependable Computing and Fault Tolerance Research Group Toulouse - France 2

865 views • 50 slides
Canadian Prairies S. SALMON, M. AKIMOWICZ, AND W. ASHTON MANSO ANNUAL INTEGRATION SUMMIT

Canadian Prairies S. SALMON, M. AKIMOWICZ, AND W. ASHTON MANSO ANNUAL INTEGRATION SUMMIT

Rural Employers Motivations to Hire Newcomers: : The Case of Small and Medium Businesses in the Canadian Prairies S. SALMON, M. AKIMOWICZ, AND W. ASHTON MANSO ANNUAL INTEGRATION SUMMIT SEPTEMBER 12 TH -15 TH 2018, WINNIPEG, MB 2

135 views • 9 slides
Agenda Our Missouri Waters Overview Summary of Missouri River 3. Stormwater Management

Agenda Our Missouri Waters Overview Summary of Missouri River 3. Stormwater Management

Lower Missouri River Meeting 1 (of 6) Becker Farm, by Bryan Haynes 1. Registration and Exhibits (1:30 2:00 pm) 2. Welcome and Introductions (2:00 2:30 pm) Agenda Our Missouri Waters Overview Summary of Missouri River 3.

629 views • 4 slides
EASM 2014 constructed in the local context. What is interesting is to understand how this

EASM 2014 constructed in the local context. What is interesting is to understand how this

Knowledge in everyday innovation in sport clubs a cultural approach Submitting author: Dr Magnus Forslund Linnaeus university, School of Business and Economics Vaxjo, SE-351 95 Sweden All authors: Magnus Forslund (corresp) Type:

200 views • 3 slides
3 Approaches to Stress and Stress Management Stressors or Stimulus Signs of

3 Approaches to Stress and Stress Management Stressors or Stimulus Signs of

Workshop NB16: Creating Organisational Well-Being A Three-Dimensional Approach to Managing Organisational Stress and Wellbeing in Further and Higher Education The Future of Further Education National Conference Mandolay Hotel, Guildford 3.15pm

413 views • 6 slides
Sentiment Analysis What is Sen+ment Analysis? Dan Jurafsky Posi%ve

Sentiment Analysis What is Sen+ment Analysis? Dan Jurafsky Posi%ve

Sentiment Analysis What is Sen+ment Analysis? Dan Jurafsky Posi%ve or nega%ve movie review? unbelievably disappoin+ng Full of zany characters and richly

1.15k views • 81 slides
A HEALTHY ENVIRONMENT FOR HEALTHY LIVING JESSICA TILLMAN | 201258439 A HEALTHY 6 FOR HEALTHY

A HEALTHY ENVIRONMENT FOR HEALTHY LIVING JESSICA TILLMAN | 201258439 A HEALTHY 6 FOR HEALTHY

A HEALTHY ENVIRONMENT FOR HEALTHY LIVING JESSICA TILLMAN | 201258439 A HEALTHY 6 FOR HEALTHY LIVING 1. ADDRESSING PEOPLES NEEDS 2. CREATING COMMUNITY THROUGH DESIGN DIFFERENT DWELLING TYPES DIVIDING PUBLIC SPACES INTO FUNCTIONS

383 views • 24 slides

More recommend