Professional Documents
Culture Documents
Unit 1-3
Unit 1-3
Unit 1-3
Learning
Objectives
• Analyze details of virtualization concept
• Understand different types of
virtualization techniques
• Explore interoperability standards
• Concept of VLAN,VSAN and VM
Virtualization
technology
• A massively growing concept of
computing and IT
• A creation of new virtual version of
any product or service
• Example ??
b) Paravirtualization or OS-Enabled
virtualization
These include handling the routing of I/O requests between the shared
physical
hardware and virtual devices
Server virtualization:
Client or Desktop virtualization:
It is like a separation of
PC desktop environment from a physical machine
through the client server model of computing
Application Virtualization
It is the execution of running software from a remote server rather
than the user’s computer
Example: Dynamic link lib
Virtualization
Products
Category of Virtualization products
Benefits:
i. Extra servers
ii. Increase the CPU utilization
iii. Runs Linux, solaris, win, and applications on a
simple physical server
iv. Transfers VMs from one physical server to another
v. Captures the full state of a VM
vi. Gives the choice to access enterprise class
product software
Types of virtualization
(1) Server Virtualization (SerV)
• It is focused on partitioning a physical instance of an
operating system into a virtual instance or virtual machine.
True server virtualization products will let you virtualize any
x86 or x64 operating system, such as Windows, Linux, and
some forms of UNIX. There are two aspects of server
virtualization:
Model
●
Hardware is expressed in terms of the Instruction Set Architecture (ISA).
– ISA for processor, registers, memory and the interrupt management.
●
Application Binary Interface (ABI) separates the OS layer from the
application and libraries which are managed by the OS.
– System Calls defined
– Allows portabilities of applications and libraries across OS.
Machine Reference Model
[Cont.]
●
API – it interfaces applications to
libraries and/or the underlying OS.
●
Layered simplifies the
development
approach and implementation
computing system. of
●
ISA has been divided two security
into classes:-
– Privileged Instructions
– Nonprivileged Instructions
ISA: Security
Classes
●
Nonprivileged instructions
– That can be used without interfering with other
tasks because they do not access shared
resources. Ex. Arithmetic , floating & fixed point.
●
Privileged instructions
– That are executed under specific restrictions
and are mostly used for sensitive operations,
which expose (behavior-sensitive) or modify
(control-sensitive) the privileged state.
●
Behavior-sensitive – operate on the I/O
●
Control-sensitive – alter the state of
the CPU register.
Privileged Hierarchy:
Security Ring
●
Ring-0 is in most privileged level
, used by the kernel.
●
Ring-1 & 2 used by the OS-level
services
●
and , R3 in the least privileged
level , used by the user.
●
Recent system support two
levels :-
– Ring 0 – supervisor
mode
– Ring 3 – user mode
Hardware-level
virtualization
●
It is a virtualization that
technique
provides an abstract execution
environment in terms of computer
hardware on top of which a guest OS
can be run.
●
It is also called as system virtualization.
Hardware-level
virtualization
Hyperviso
●
r above the supervisor
Hypervisor runs
mode.
●
It runs in supervisor mode.
●
It recreates a h/w environment.
●
It is a piece of s/w that enables us to run
one or more VMs on a physical
server(host).
●
Two major types of hypervisor
– Type -I
– Type-II
Type-I
Hypervisor
●
It runs directly on top of the hardware.
●
Takes place of OS.
●
Directly interact with the ISA exposed by
the underlying hardware.
●
Also known as native virtual machine.
Type-II
●
Hypervisor
It require the support of an
operating system to provide
virtualization services.
●
Programs managed by the
OS.
●
Emulate the ISA of virtual
h/w.
●
Also called hosted virtual
machine.
Virtual Machine Manager
Main Modules :-
(VMM)
●
Dispatcher
–
●
Entry Point of VMM
●
Reroutes the instructions issued by VM instance.
– Allocator
●
Deciding the system resources to be provided to the VM.
●
Invoked by dispatcher
– Interpreter
●
Consists of interpreter routines
●
Executed whenever a VM executes a privileged instruction.
●
Trap is triggered and the corresponding routine is
executed.
Virtual Machine Manager
(VMM)
3)Hardware Virtualization
Techniques
• Hardware assisted
virtualization
• Full virtualization
• Para virtualization
• Partial virtualization
Partial
virtualization
– Partial emulation of the underlying hardware
– Not allow complete isolation to guest OS.
– Address space virtualization is a common
feature of contemporary operating systems.
– Address space virtualization used in time-
sharing system.
Operating system-level
virtualization
●
It offers the opportunity to create different and
separated execution environments for
applications that are managed concurrently.
●
No VMM or hypervisor
●
Virtualization is in single OS
●
OS kernel allows for multiple isolated user
space instances
●
Good for server consolidation.
●
Ex. Jails, OpenVZ etc.
Programming language-level
virtualization
●
It is mostly used to achieve ease of deployment of application,
managed execution and portability across different platform
and OS.
●
It consists of a virtual machine executing the byte code of a
program, which is the result of the compilation process.
●
Produce a binary format representing the machine code for
an abstract architecture.
●
Example
– Java platform – Java virtual machine (JVM)
– .NET provides Common Language Infrastructure (CLI)
●
They are stack-based virtual machines
Advantage of
programming/process-level
●
VM
Provide uniform execution environment
across different platforms.
●
This simplifies the development and
deployment efforts.
●
Allow more control over the
execution
of programs.
●
Security; by filtering the I/O
operations
Application-level
●
Itvirtualization
is a technique allowing applications to
run in runtime environments that do not
natively support all the features
required by such applications.
●
In this, applications are not installed in
the
expected runtime environment.
●
This technique is most concerned with :-
– Partial file system
– Libraries
Strategies for Implementation
Application-Level
●
Virtualization
Two techniques:-
– Interpretation -
●
In this every source instruction is interpreted by an
emulator for executing native ISA instructions,
●
Minimal start up cost but huge overhead.
– Binary translation -
●
In this every source insruction is converted to native
instructions with equivalent functions.
●
Block of instructions translated , cached and reused.
●
Large overhead cost , but over time it is subject to
better performance.
Advantages of
Virtualization
• Eliminates the need for numerous dedicated
servers; ability for different domain names, file
• directories,
Offers email administration, IP addresses, logs
the
and analytics;
• Cost because many times server
installation provisioning
effective is available;
software
• If one virtual server has a software failure, the
other servers will not be affected;
• Reduces energy costs because only one device is running
instead of several;
• Offers a flexible IT infrastructure;
• Can quickly make changes with little downtime.
Disadvantages of
• Virtualization
Resource hogging could occur if there are too many
virtual servers within a physical machine.
• As software updates and patches must be compatible
with everything running on the virtual machine, admin
may have reduced control over the physical
environment.
• Administration, backup and
requires
includingspecialized knowledge.recovery,
• If user experience is impacted, it can be difficult
to identify the root cause.
• Services offered by a dedicated server are
more accessible.
4) OS Level
Virtualization
OS level virtualization offers the opportunity to
create different and separated execution
environments for applications that are managed
concurrently. It is from hardware
virtualization different —there is no
virtual machine manager or hypervisor,
and the virtualization is done within a
single operating system, where the OS kernel
allows for multiple isolated user space instances.
5)Programming Level
Virtualization
Programming level virtualization
is mostly used for achieving
easeapplications,
of deployment managed of execution,
portability across different and
operating systems. platforms
It consists of a and
machine executin virtual
thebyte code of
program, g which is the result
a of
compilation the
process
.
6) Application Level
Virtualization
Interpretation
Binary
Translation
Virtualization and Cloud
Computing
VM
VM VM VM VM VM
Server A Server B
(running (running
) Before )
Migration
VM VM VM
VM VM VM
Server A Server B
(running (inactive
) )
After
Migration
Advantages of
Virtualization
• Eliminates the need for numerous dedicated
servers; ability for different domain names, file
• directories,
Offers email administration, IP addresses, logs
the
and analytics;
• Cost because many times server
installation provisioning
effective is available;
software
• If one virtual server has a software failure, the
other servers will not be affected;
• Reduces energy costs because only one device is running
instead of several;
• Offers a flexible IT infrastructure;
• Can quickly make changes with little downtime.
Disadvantages of
• Virtualization
Resource hogging could occur if there are too many
virtual servers within a physical machine.
• As software updates and patches must be compatible
with everything running on the virtual machine, admin
may have reduced control over the physical
environment.
• Administration, backup and
requires
includingspecialized knowledge.recovery,
• If user experience is impacted, it can be difficult
to identify the root cause.
• Services offered by a dedicated server are
more accessible.
VIRTUALIZATION & CLOUD
COMPUTING
Lecture # 20-21
CSE 423
• Service Model
• Consists of particular types of services that can be accessed on cloud
computing platform
• Private Cloud
– The private cloud infrastructure is operated for the exclusive use of an
organization. The cloud may be managed by that organization or a
third party. Private clouds may be either on- or off-premises.
• Hybrid Cloud
– A hybrid cloud combines multiple clouds (private, community of public)
where those clouds retain their unique identities, but are bound together
as a unit.
• Community Cloud
– A community cloud is one where the cloud has been organized to
serve a common function or purpose.
– It may be for one organization or for several organizations, but they share
common concerns such as their mission, policies, security, regulatory
compliance needs, and so on
Service
Models
• Infrastructure as a Service(IaaS)
– Deliver Infrastructure on Demand in the form of
virtual Hardware, Storage and Networking.
Virtual Hardware is utilised to provide compute on
demand in the form of virtual machine instances
– Eg.Amazon EC2,, Eucalyptus, GoGrid,
Rightspace Cloud
CSE 423
• Technologies such as cluster, grid, and now cloud computing, have all
aimed at allowing access to large amounts of computing power in a
fully virtualized manner, by aggregating resources and offering a single
system
view
• NIST
• a pay-per-use model for enabling available, convenient, on-demand
network access to a shared pool of configurable computing
resources (e.g. networks, servers, storage, applications, services)
that can be rapidly provisioned and released with minimal
management effort or service provider interaction.”
Cloud Computing in a
nutshell
• While there are countless other definitions, there seems to be
common characteristics between the most notable ones listed above,
which a cloud should have: (
(i)Mainframe to cloud
(ii) SOA, Web Services, Web 2.0 and
Mashups
(iii) Grid Computing
(iv)Utility Computing
(v)Hardware Virtualization
(vi)Virtual Appliance and
OVF
(vii) Autonomic Computing
From Mainframe to
cloud
• Currently experiencing a switch in the IT world, from in-house
generated computing power into utility-supplied computing resources
delivered over the Internet as Web services
• A key aspect of the grid vision realization has been building standard
Web services-based protocols that allow distributed resources to be
“discovered, accessed, allocated, monitored, accounted for, and
billed for..
• Issues:
• QOS, Avaibility of resource with diverse software configuration
• Soln: virtualisation
Utility
Computing
• Utility computing is a service provisioning model in which a service
provider makes computing resources and infrastructure management
available to the customer as needed, and charges them for specific
usage rather than a flat rate.
• VMWare ESXi :
• pioneer in virtualisation, bare metal hypervisor,
• provides advanced virtualization techniques of processor, memory,
and I/O. Especially, through memory ballooning and page sharing, it
can overcommit memory,
• Xen:
• open-source project
• It has pioneered the para-virtualization concept, on which the guest
operating system, by means of a specialized kernel, can interact with
the hypervisor, thus significantly improving performance
• KVM:
• Is has been part of the mainline Linux kernel since version 2.6.20,
thus being natively supported by several distributions.
• For instance, Amazon has its Amazon machine image (AMI) format,
made popular on the Amazon EC2 public cloud. Other formats are used
by Citrix XenServer, several Linux distributions that ship with KVM,
Autonomic
Computing
Step 2
• isolating all systemic and environmental dependencies of the
enterprise application components within the captive data center
Step 3
• generating the mapping constructs between what shall possibly
remain in the local captive data center and what goes onto the
The Seven-Step Model of Migration into a
Cloud
Step 4
• substantial part of the enterprise application needs to be
rearchitected,
redesigned, and reimplemented on the cloud
Step 5
• We leverage the intrinsic features of the cloud computing service
to augment our enterprise application in its own small ways.
Step 6
• we validate and test the new form of the enterprise application with
an extensive test suite that comprises testing the components of the
enterprise application on the cloud as well
Step 7
• Test results could be positive or mixed.
• In the latter case, we iterate and optimize as appropriate. After
several such optimizing iterations, the migration is deemed
successful
The Seven-Step Model of Migration into a
Cloud
These are the unique characteristics of an ideal cloud computing model:
• Low barrier to entry: You can gain access to systems for a small
investment.
3. The peak of the sum is never greater than the sum of the peaks.
A cloud can deploy less capacity because the peaks of individual
tenants in a shared system are averaged over time by the group of
tenants.
.
The law of
cloudonomics
4. Aggregate demand is smoother than individual.
Multi-tenancy also tends to average the variability intrinsic in
individual demand. With a more predictable demand and less
variation, clouds can run at higher utilization rates than captive
systems. This allows cloud systems to operate at higher efficiencies
and lower costs.
5. Average unit costs are reduced by distributing fixed costs over more
units
of output.
Cloud vendors have a size that allows them to purchase resources
at significantly reduced prices.
1 Σ(UnitCostCLOU x(Revenue –
Cost CLOUD)) + +
n
CLOUD STORAGE_UNITn
Cost D NETWORK_UNITn …
Defining Licensing
Models
When you purchase shrink-wrapped software, you are
using that software based on a licensing agreement
called a EULA or End User License Agreement. The
EULA may specify that the software meets the
following criteria:
• It is yours to own.
• It can be installed on a single or multiple machines.
• It allows for one or more connections.
• It has whatever limit the ISV(independent software vendor)
has placed on its software.
In most instances, the purchase price of the software is
directly tied to the EULA.
Chapter 3: Understanding
Cloud Architecture
• IN THIS CHAPTER
• Using the cloud computing stack to
describe different models
• Understanding how platforms and
virtual appliances are used
• Learning how cloud communications
work
• Discovering the new world of the cloud
client
• One property that differentiates cloud computing is
referred to as composability, which is the ability to
build applications from component parts.
A platform is a cloud computing service that is both
hardware and software. Platforms are used to create
more complex software. Virtual appliances are an
important example of a platform, and they are
becoming a very important standard cloud computing
deployment object.
Cloud computing requires some standard protocols with which different layers of
hardware, software,and clients can communicate with one another. Many of these
protocols are standard Internet protocols.
Some completely new clients are under development that are specifically meant to
connect to the cloud. These clients have as their focus cloud applications and
services, and are often hardened and more securely connected. Two examples
presented are Jolicloud and Google Chrome OS. They represent a new client model
that is likely to have considerable impact.
Exploring the Cloud Computing
Stack
• Composability
• Infrastructure
• Platforms
• Virtual Appliances
• Communication
Protocols
• Applications
Composabilit
y
• A composable component must be:
• Modular: It is a self-contained and
independent unit that is cooperative,
reusable, and replaceable.
• Stateless: A transaction is executed without
regard to other transactions or requests.
• The essence of a service oriented design is that services are constructed
from a set of modules using standard communications and service
interfaces.
Virtual machines are containers that are assigned specific resources. The software
that runs in the virtual machines is what defines the utility of the cloud
computing system.
Arch dig illustrates the Portion
of cloud computing stack that
is designated as the server
Platform
s
• Platform in the cloud is a software layer that
is used to create higher levels of service.
• Salesforce.com's Force.com Platform
• Windows Azure Platform
• Google Apps and the Google AppEngine
A virtual appliance is software that installs as middleware onto a virtual
machine.
Virtual
•
Appliances
Virtual appliances are software installed on virtual servers—application
modules that are meant to run a particular machine instance or image
type.
• A virtual appliance is a platform instance. Therefore, virtual appliances
occupy the middle of the cloud computing stack
Understanding Services
and Applications by
Type
Type
s
• Infrastructure as a Service
(IaaS)
• Software as a Service (SaaS)
• Platform as a Service (PaaS)
• Infrastructur as a Service allows
e creation for the virtual
of networks. computingsystems
or represents a hosted
• Software as a Service
application that is universally available over
the Internet, usually through a browser.
• Software as a Service, the user interacts
directly with the hosted software.
• SaaS may be seen to be an alternative model
to that of shrink-wrapped software and may
replace much of the boxed software that we
buy today.
• Platform as a Service is a cloud computing
infrastructure that creates a development
environment upon which applications may be
build.
• Things you relate to: Your family and friends, a software license,
beliefs and values, activities and endeavors, personal selections
and choices, habits and practices, an iGoogle account, and more
Networked Identity Service
Classes
• To validate Web sites, transactions,
transaction participants, clients, and network
services—various forms of identity services—
have been deployed on networks.
• Ticket or token providing services, certificate
servers, and other trust mechanisms all
provide identity services that can be pushed
out of private networks and into the cloud.
Identity as a Service (IDaaS) may
include any of the following:
• Authentication services (identity verification)
• Directory services
• Federated identity
• Identity governance
• Identity and profile management
• Policies, roles, and enforcement
• Provisioning (external policy administration)
• Registration
• Risk and event monitoring, including audits
• Single sign-on services (pass-through
authentication)
Identity System Codes of
• Conduct
User control for consent: Users control their identity and must consent
to the use of their information.
• Minimal Disclosure: The minimal amount of information should be
disclosed for an intended use.
• Justifiable access: Only parties who have a justified use of the
information contained in a digital identity and have a trusted identity
relationship with the owner of the information may be given access to
that information.
• Directional Exposure: An ID system must support bidirectional
identification for a public entity so that it is discoverable and a
unidirectional identifier for private entities, thus protecting the private
ID.
• Interoperability: A cloud computing ID system must interoperate
with other identity services from other identity providers.
• Unambiguous human identification: An IDaaS application must provide
an unambiguous mechanism for allowing a human to interact with a
system while protecting that user against an identity attack.
• Consistency of Service: An IDaaS service must be simple to use,
consistent across all its uses, and able to operate in different contexts
using different technologies.
Compliance as a Service
(CaaS)
• The laws of the country of a request's origin
may not match the laws of the country where
the request is processed, and it's possible
that neither location's laws match the laws
of the country where the service is provided.
• A Compliance as a Service application would need to serve
as a trusted third party, because this is a man-in-the-
middle type of service.