resource management for isolation enhanced cloud services
play

Resource Management for Isolation Enhanced Cloud Services Enhanced - PowerPoint PPT Presentation

Jun 22, 2023 •263 likes •408 views

Resource Management for Isolation Enhanced Cloud Services Enhanced Cloud Services Himanshu Raj , Ripal Nathuji, Abhishek Singh, Paul England XCG, Microsoft Research Motivation Isolation issues in shared-resource computing infrastructures

  1. Resource Management for Isolation Enhanced Cloud Services Enhanced Cloud Services Himanshu Raj , Ripal Nathuji, Abhishek Singh, Paul England XCG, Microsoft Research

  2. Motivation � Isolation issues in shared-resource computing infrastructures Service SLA Service SLA Service Providers Infrastructure Provider Raj et al.:Isolation Enhanced Cloud Services 2

  3. Motivation � Side-channel attacks compromising performance and security Isolation � DoS, Information leak (key stealing not shown for VMs yet) Areas lacking: � SLA specification � Isolation mechanisms � Resource management Raj et al.:Isolation Enhanced Cloud Services 3

  4. Proposed Solution � Isolation attributes part of the SLA � Mechanisms for better isolation � Enhanced resource management � Include constraints based on isolation attributes � Include constraints based on isolation attributes Raj et al.:Isolation Enhanced Cloud Services 4

  5. SLA Isolation Attributes � Degree of hardware fault resistance (n) � Type: Integer, e.g., n = 5 � Cache-based side channel attack avoidance � For DoS and Information leakage avoidance � For DoS and Information leakage avoidance � Type: Boolean Raj et al.:Isolation Enhanced Cloud Services 5

  6. Enforcing Cache Isolation Main Memory Shared L3 Shared L3 Shared L3 Shared L3 L2 L2 L2 L2 L2 L2 L2 L2 L1D L1D L1D L1D L1D L1D L1D L1D � Cache hierarchy aware core assignment � Page-coloring based cache partitioning Raj et al.:Isolation Enhanced Cloud Services 6

  7. Cache Hierarchy Aware Core Assignment Main Memory Shared L3 Shared L3 L2 L2 L2 L2 L2 L2 L2 L2 L1D L1D L1D L1D L1D L1D L1D L1D Raj et al.:Isolation Enhanced Cloud Services 7

  8. Page-coloring Based Cache Partitioning Main Memory Shared L3 Shared L3 L2 L2 L2 L2 L2 L2 L2 L2 L1D L1D L1D L1D L1D L1D L1D L1D Raj et al.:Isolation Enhanced Cloud Services 8

  9. Results: No Isolation 180 Target VM + 160 Perturbation VM (1 Thread) 140 120 Execution Time (s) Target VM + Perturbation VM (2 100 Threads) 80 Target VM + Ex Perturbation VM (3 Perturbation VM (3 60 60 Threads) 40 Target VM 20 0 Working Set Size Shared L3 L2 L2 L2 L2 L1D L1D L1D L1D 9

  10. Results: Cache-coloring 180 160 Target VM + Perturbation 140 VM (1 Thread) Execution Time (s) 120 Target VM + Perturbation 100 VM (2 Threads) 80 Target VM + Perturbation 60 60 Ex VM (3 Threads) 40 Target VM 20 0 Working Set Size Shared L3 L2 L2 L2 L2 L1D L1D L1D L1D 10

  11. Integration with VM Placement System � Constraints on resources Blade � New isolation constraints � 4000 blade cloud, <80% Processor Domains Available Processors Fault Domain utilization, ~30-40 ms for Available Memory Available Memory search without search without D1 … backtracking (with high success probability) Page Color Domains Available Current VMs � Working on other heuristics for CSP with … P1 system dynamism � Migration Current VMs Capacity Available Raj et al.:Isolation Enhanced Cloud Services 11

  12. Conclusions � Incorporation of isolation attributes in the SLA � System-level mechanisms to address isolation � RM enhancements with isolation related constraints constraints Raj et al.:Isolation Enhanced Cloud Services 12

  13. rhim@microsoft.com Raj et al.:Isolation Enhanced Cloud Services 13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SilverLine: Data and Network Isolation for Cloud Services Yogesh Mundada Anirudh Ramachandran

SilverLine: Data and Network Isolation for Cloud Services Yogesh Mundada Anirudh Ramachandran

SilverLine: Data and Network Isolation for Cloud Services Yogesh Mundada Anirudh Ramachandran Nick Feamster 1 Cloud Computing Advantages Reduced operational costs Reduced management overhead Easier resources scaling Lowers

543 views • 19 slides
Chapter 6 Cloud Resource Management and Scheduling Contents Resource management and

Chapter 6 Cloud Resource Management and Scheduling Contents Resource management and

Chapter 6 Cloud Resource Management and Scheduling Contents Resource management and scheduling. Policies and mechanisms. Applications of control theory to cloud resource allocation. Stability of a two-level resource allocation

1.47k views • 39 slides
Towards General-Purpose Resource Management in Shared Cloud Services Jonathan Mace , Brown

Towards General-Purpose Resource Management in Shared Cloud Services Jonathan Mace , Brown

Towards General-Purpose Resource Management in Shared Cloud Services Jonathan Mace , Brown University Peter Bodik, MSR Redmond Rodrigo Fonseca, Brown University Madanlal Musuvathi, MSR Redmond Shared-tenant cloud services Processes service

746 views • 33 slides
Problem solved: Cloud Cost Management 2 Cloud Cost Management Using cloud services from

Problem solved: Cloud Cost Management 2 Cloud Cost Management Using cloud services from

Problem solved: Cloud Cost Management 2 Cloud Cost Management Using cloud services from IaaS to Accelerate digital SaaS creates huge new opportunities transformation to transform the speed, effjciency and operating costs of a

298 views • 10 slides
Automated Application and Resource Management in the Cloud Nikos Parlavantzas HDR

Automated Application and Resource Management in the Cloud Nikos Parlavantzas HDR

Automated Application and Resource Management in the Cloud Nikos Parlavantzas HDR defense15th June 2020 The demand for collaboration and entertainment services is skyrocketing 12 million 2,900% New daily active Growth of daily users in

1.03k views • 61 slides
Institute for Cyber Security A Formal Model for Isolation Management in Cloud

Institute for Cyber Security A Formal Model for Isolation Management in Cloud

Institute for Cyber Security A Formal Model for Isolation Management in Cloud Infrastructure-as-a-Service Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October 15-17, 2014 NSS

146 views • 13 slides
Resource Resource Management Management RESOURCE MANAGEMENT RESOURCE MANAGEMENT We have a

Resource Resource Management Management RESOURCE MANAGEMENT RESOURCE MANAGEMENT We have a

Moreno Baricevic Stefano Cozzini CNR-IOM DEMOCRITOS Trieste, ITALY Resource Resource Management Management RESOURCE MANAGEMENT RESOURCE MANAGEMENT We have a pool of users and a pool of resources, then what? some software that controls

538 views • 22 slides
Economics-inspired Resource and Energy Management for Cloud Environments Lus Veiga INESC-ID

Economics-inspired Resource and Energy Management for Cloud Environments Lus Veiga INESC-ID

Keynote on ESaaSA CLOSER 2015 Economics-inspired Resource and Energy Management for Cloud Environments Lus Veiga INESC-ID Lisboa Instituto Superior Tcnico Universidade de Lisboa May 2015 A day in the Clouds Services such as storage,

627 views • 51 slides
Seawall: Performance Isolation for Cloud Datacenter Networks Alan Shieh Cornell University

Seawall: Performance Isolation for Cloud Datacenter Networks Alan Shieh Cornell University

Seawall: Performance Isolation for Cloud Datacenter Networks Alan Shieh Cornell University Srikanth Kandula Albert Greenberg Changhoon Kim Microsoft Research Cloud datacenters: Benefits and obstacles Moving to the cloud has manageability,

221 views • 19 slides
Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing Understanding: Distributed Application Design Resource Management Automation Virtualized Computing Environments High-performance Computing

1.02k views • 49 slides
On the Impact of Isolation Costs on Locality-aware Cloud Scheduling Ankit Bhardwaj, Meghana G

On the Impact of Isolation Costs on Locality-aware Cloud Scheduling Ankit Bhardwaj, Meghana G

On the Impact of Isolation Costs on Locality-aware Cloud Scheduling Ankit Bhardwaj, Meghana G Gupta , Ryan Stutsman University of Utah Scalable Computer Systems Lab www.utah.systems Code Isolation-cost Aware Scheduling Cloud N Networking P

539 views • 19 slides
Cloud Management Chapter 5 eBook: Cloud Compu5ng: Web-Based

Cloud Management Chapter 5 eBook: Cloud Compu5ng: Web-Based

Cloud Management Chapter 5 eBook: Cloud Compu5ng: Web-Based Dynamic IT Services ENGR 5770 / CSCI 5700 Service Compu5ng Winter 2013 1 Cloud

673 views • 21 slides
Dynamic request management algorithms for Web-based services in Cloud computing Riccardo

Dynamic request management algorithms for Web-based services in Cloud computing Riccardo

Dynamic request management algorithms for Web-based services in Cloud computing Riccardo Lancellotti Mauro Andreolini Claudia Canali Michele Colajanni University of Modena and Reggio Emilia COMPSAC 2011 1 Request management for Cloud

370 views • 14 slides
and Scheduling Techniques Agenda for Today Resource management encompasses all the

and Scheduling Techniques Agenda for Today Resource management encompasses all the

Day 5 Heuristic Resource Provisioning and Scheduling Techniques Agenda for Today Resource management encompasses all the characteristics and usage of cloud resources including resource provisioning and resource scheduling The resource

525 views • 25 slides
MULTI-LEVEL MECHANISMS TO SUPPORT SPORADIC CLOUD COMPUTING MOBILE SERVICES BY RESOURCE-SHARING IN

MULTI-LEVEL MECHANISMS TO SUPPORT SPORADIC CLOUD COMPUTING MOBILE SERVICES BY RESOURCE-SHARING IN

MULTI-LEVEL MECHANISMS TO SUPPORT SPORADIC CLOUD COMPUTING MOBILE SERVICES BY RESOURCE-SHARING IN VANET We want to develop a new concept of sporadic CMA to deploy MOTIVATION contex-aware services in VANET. Intelligent Transport Systems (

367 views • 11 slides
ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted

ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted

ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted environment Possibly with multiple tenants Setting OS: users / processes Browser: webpages / browser extensions Cloud: virtual machines (VMs)

272 views • 25 slides
Loneliness, Social Isolation &amp; Community Change Al Condeluci, PhD All People Want To

Loneliness, Social Isolation &amp; Community Change Al Condeluci, PhD All People Want To

Loneliness, Social Isolation &amp; Community Change Al Condeluci, PhD All People Want To stay active in the community, be social To be productive, contribute and participate To be treated with dignity and respect To stay in

822 views • 39 slides
What should the solution look like? Sub-channels ISOLATION ZONE REUSE ZONE USED BY OTHER

What should the solution look like? Sub-channels ISOLATION ZONE REUSE ZONE USED BY OTHER

FERMI : A Femtocell Resource Management System for Interference Mitigation in OFDMA Femtocell Networks Mustafa Y. Arslan Jongwon Yoon Karthikeyan Sundaresan UC Riverside U Wisconsin Madison

668 views • 47 slides
Isolation trees Alastair Rushworth Data Scientist DataCamp Anomaly Detection in R Isolation

Isolation trees Alastair Rushworth Data Scientist DataCamp Anomaly Detection in R Isolation

DataCamp Anomaly Detection in R ANOMALY DETECTION IN R Isolation trees Alastair Rushworth Data Scientist DataCamp Anomaly Detection in R Isolation tree DataCamp Anomaly Detection in R Isolation tree plots DataCamp Anomaly Detection in R

631 views • 19 slides
TrustICE:*Hardware0assisted* Isolated*Computing*Environments* on*Mobile*Devices

TrustICE:*Hardware0assisted* Isolated*Computing*Environments* on*Mobile*Devices

TrustICE:*Hardware0assisted* Isolated*Computing*Environments* on*Mobile*Devices Presented(by(Zhenyu Ning 1 Contents 1.(Introduction 2.(Motivation 3.(Implementation 4.(Evaluation 5.(Conclusion 2 Contents 1.(Introduction 2.(Motivation

723 views • 33 slides
15-721 DATABASE SYSTEMS [Source] Lecture #04 Concurrency Control Part II Andy Pavlo / /

15-721 DATABASE SYSTEMS [Source] Lecture #04 Concurrency Control Part II Andy Pavlo / /

15-721 DATABASE SYSTEMS [Source] Lecture #04 Concurrency Control Part II Andy Pavlo / / Carnegie Mellon University / / Spring 2016 2 TODAYS AGENDA Isolation Levels Modern Multi-Version Concurrency Control CMU 15-721 (Spring 2016)

1.83k views • 102 slides
Dawn Song dawnsong@cs.berkeley.edu 1 Part II OS &amp; Web Security OS Security Web

Dawn Song dawnsong@cs.berkeley.edu 1 Part II OS &amp; Web Security OS Security Web

Safe Extension Dawn Song dawnsong@cs.berkeley.edu 1 Part II OS &amp; Web Security OS Security Web Security More esoteric topics Click fraud, etc. Reputation systems &amp; trust metrics Few papers, but local experts

420 views • 5 slides
In Internet Kelly Rivers and Stephanie Rosenthal 15-110 Fall 2019 Announcements Homework 5

In Internet Kelly Rivers and Stephanie Rosenthal 15-110 Fall 2019 Announcements Homework 5

In Internet Kelly Rivers and Stephanie Rosenthal 15-110 Fall 2019 Announcements Homework 5 full due Monday Big Picture Unit 3 scaling up computing for larger tasks Last week - how CPUs and computers can work together to run multiple

793 views • 35 slides
Innovation Support Project (ISP) Overview Perry Dickinson, MD Practice Innovation Program

Innovation Support Project (ISP) Overview Perry Dickinson, MD Practice Innovation Program

Innovation Support Project (ISP) Overview Perry Dickinson, MD Practice Innovation Program Colorado Health Extension System Key Contacts Practice Innovation Program team Perry Dickinson Director of Practice Innovation Program Kyle

374 views • 9 slides

More recommend