Resource Management for Isolation Enhanced Cloud Services Enhanced - - PowerPoint PPT Presentation

resource management for isolation enhanced cloud services
SMART_READER_LITE
LIVE PREVIEW

Resource Management for Isolation Enhanced Cloud Services Enhanced - - PowerPoint PPT Presentation

Jun 22, 2023 263 likes •409 views

Resource Management for Isolation Enhanced Cloud Services Enhanced Cloud Services Himanshu Raj , Ripal Nathuji, Abhishek Singh, Paul England XCG, Microsoft Research Motivation Isolation issues in shared-resource computing infrastructures

slide-1
SLIDE 1

Resource Management for Isolation Enhanced Cloud Services Enhanced Cloud Services

Himanshu Raj, Ripal Nathuji, Abhishek Singh, Paul England XCG, Microsoft Research

slide-2
SLIDE 2

Motivation

Isolation issues in shared-resource computing infrastructures

Service SLA Service SLA Service Providers Infrastructure Provider

Raj et al.:Isolation Enhanced Cloud Services 2

slide-3
SLIDE 3

Motivation

Side-channel attacks compromising performance and security Isolation

DoS, Information leak (key stealing not shown for VMs yet) Areas lacking: SLA specification Isolation mechanisms Resource management

Raj et al.:Isolation Enhanced Cloud Services 3

slide-4
SLIDE 4

Proposed Solution

Isolation attributes part of the SLA Mechanisms for better isolation Enhanced resource management

Include constraints based on isolation attributes Include constraints based on isolation attributes

Raj et al.:Isolation Enhanced Cloud Services 4

slide-5
SLIDE 5

SLA Isolation Attributes

Degree of hardware fault resistance (n)

Type: Integer, e.g., n = 5

Cache-based side channel attack avoidance

For DoS and Information leakage avoidance For DoS and Information leakage avoidance Type: Boolean

Raj et al.:Isolation Enhanced Cloud Services 5

slide-6
SLIDE 6

Enforcing Cache Isolation

Shared L3 Shared L3 Main Memory

Cache hierarchy aware core assignment Page-coloring based cache partitioning

L1D L2 L1D L2 L1D L2 L1D L2

Shared L3

L1D L2 L1D L2 L1D L2 L1D L2

Shared L3

Raj et al.:Isolation Enhanced Cloud Services 6

slide-7
SLIDE 7

Cache Hierarchy Aware Core Assignment

Main Memory

L1D L2 L1D L2 L1D L2 L1D L2

Shared L3

L1D L2 L1D L2 L1D L2 L1D L2

Shared L3

Raj et al.:Isolation Enhanced Cloud Services 7

slide-8
SLIDE 8

Page-coloring Based Cache Partitioning

Main Memory

L1D L2 L1D L2 L1D L2 L1D L2

Shared L3

L1D L2 L1D L2 L1D L2 L1D L2

Shared L3

Raj et al.:Isolation Enhanced Cloud Services 8

slide-9
SLIDE 9

Results: No Isolation

60 80 100 120 140 160 180 Execution Time (s) Target VM + Perturbation VM (1 Thread) Target VM + Perturbation VM (2 Threads) Target VM + Perturbation VM (3 20 40 60 Ex Working Set Size Perturbation VM (3 Threads) Target VM

L1D L2 L1D L2 L1D L2 L1D L2

Shared L3

9

slide-10
SLIDE 10

Results: Cache-coloring

60 80 100 120 140 160 180 Execution Time (s) Target VM + Perturbation VM (1 Thread) Target VM + Perturbation VM (2 Threads) Target VM + Perturbation 20 40 60 Ex Working Set Size VM (3 Threads) Target VM

L1D L2 L1D L2 L1D L2 L1D L2

Shared L3

10

slide-11
SLIDE 11

Blade Available Memory Processor Domains Fault Domain Available Processors

Integration with VM Placement System

Constraints on resources

New isolation constraints

4000 blade cloud, <80% utilization, ~30-40 ms for search without

Available Memory D1 Page Color Domains P1 Capacity Available Current VMs … Available Current VMs …

search without backtracking (with high success probability) Working on other heuristics for CSP with system dynamism

Migration

Raj et al.:Isolation Enhanced Cloud Services 11

slide-12
SLIDE 12

Conclusions

Incorporation of isolation attributes in the SLA System-level mechanisms to address isolation RM enhancements with isolation related constraints constraints

Raj et al.:Isolation Enhanced Cloud Services 12

slide-13
SLIDE 13

rhim@microsoft.com

Raj et al.:Isolation Enhanced Cloud Services 13