Tools and Mechanisms (Module 3) Xen: paravirtualization

• Xen • Xen is an open source hypervisor based on paravirtualization.

• Most popular application of paravirtualization.
• VMWare • Used for
• Microsoft Hyper-V • Desktop virtualization
• Server virtualization,
• Cloud computing solutions by means of Xen Cloud Platform
(XCP).
• Xen has been extended to compatible with full virtualization
using hardware-assisted virtualization.
• It enables high performance execution of guest OS
– Eliminates the performance loss while
executing instructions
that require special management.
• By modifying portions of the guest operating systems
run by Xen with
reference to the execution of such instructions
• This supports x86, which is the most used architecture on
commodity machines and servers.
Tthe architecture of Xen and its mapping onto a classic x86
privilege model

Xen Architecture Xen: paravirtualization

• Xen-based system is managed by the Xen hypervisor, which
runs in the highest privileged mode and controls the access of
guest OS to the underlying hardware.
• Guest OSes are executed within domains, which
represent virtual machine instances.
• Domain 0:
– specific control software, which has privileged access to the
host and controls all the other guest operating systems, is
executed in a special domain called Domain 0.
– This is the first one that is loaded once the virtual
machine manager has completely booted,
– It hosts a HyperText Transfer Protocol (HTTP) server that
serves requests for virtual machine creation,
configuration, and termination.
Xen Xen
– operating systems need to be changed in their
implementation, and the sensitive system calls need to be
reimplemented with hypercalls, which are specific calls
• Four different security levels in x86 exposed by the virtual machine interface of Xen. handler.
– Ring 0 , for the kernel code, represent the level with the highest
privileges
– Ring 3 : for user application and nonprivileged OS code, the
level with the
lowest ones.
• Ring 0 - Xen executes the hypervisor
• Ring 1 - Domain 0, and all the other domains running
guest operating systems—generally referred to as Domain U
• Ring 3 - User applications are run
• Using hypercalls,
– Domains will use hypercalls to request privileged operations
like updating
pagetables
– Xen hypervisor is able to catch the execution of all the
sensitive instructions, manage them, and return the
control to the guest operating system by means of a
supplied handler

Xen Xen: Components in detail:

• Paravirtualization needs the operating system codebase to be • Components in detail:
modified, and hence not all operating systems can be used • The Xen Project Hypervisor
as guests in a Xen-based environment. – software layer that runs directly on the hardware and is
• Open-source operating systems such as Linux can be easily responsible for managing CPU, memory, and interrupts.
modified, since their code is publicly available and Xen – It is the first program running after the bootloader exits.
provides full support for their virtualization, • Guest Domains/Virtual Machines
– virtualized environments, each running
– whereas components of the Windows family are generally their own operating system and
not supported by Xen unless hardware-assisted applications.
virtualization is available. – Guest VMs are totally isolated from the hardware:
– no privilege to access hardware or I/O functionality.
– called as unprivileged domain (or DomU).
• Xen enabled OS:
– Domain 0 requires a Xen enabled kernel.
– Paravirtualized guests require a PV-enabled guest.
– Linux distributions that are based on Linux kernels newer
Xen: Components in detail:
Xen: Components in detail …
• The Control Domain (or Domain 0)
than Linux 3.0 are Xen Project-enabled and usually
include packages that contain the hypervisor and Tools (the – specialized Virtual Machine that has special privileges like
default Toolstack and Console). the capability to access the hardware directly, handles all
access to the system’s I/O functions and interacts with the
other Virtual Machines.
– The Xen Project hypervisor is not usable without Domain 0,
which is the first VM started by the system.
– Dom0 contains the following functions:
• System Services: such as XenStore/XenBus (XS) for
managing settings, the Toolstack (TS) exposing a user
interface to a Xen based system, Device Emulation (DE)
which is based on QEMU in Xen based systems
• Native Device Drivers: Dom0 is the source of physical
device drivers and thus native hardware support for a
Xen system
• Virtual Device Drivers: Dom0 contains virtual device drivers
(also called
backends).
• Toolstack: allows a user to manage virtual machine

creation, destruction, and configuration. The toolstack

exposes an interface that is either driven by a command
line console, by a graphical interface or by a cloud
VMware: full virtualization
orchestration stack such as OpenStack or CloudStack.
Note that several different toolstacks can be used with
Xen • Vmware
– full virtualization
• underlying hardware is replicated and made available to
the guest operating system
• VMware implements full virtualization
– In the desktop environment, by means of Type II
hypervisors(hosted),
– In the server environment, by means of Type I
hypervisors (bare-metal).
• Full virtualization is done by
– direct execution (for nonsensitive instructions) and
– binary translation (for sensitive instructions), thus
allowing the virtualization of architecture such as x86.
VMware: full virtualization VMware: full virtualization

VMware: full virtualization VMware: full virtualization

• Full virtualization and binary

translation
VMware: full virtualization End-user (desktop) virtualization

• VMware supports virtualization of operating system

environments and single applications on end-user computers.
• Virtualization of operating system environments
• Virtualization solutions – Allows installing a different operating systems and
applications in a completely isolated environment from the
– End-user (desktop) virtualization hosting operating system.
– VMware Workstation, for Windows operating systems, and
– Server virtualization VMware Fusion, for Mac OS X environments
• Installed in the host operating system to create virtual
– Infrastructure virtualization and cloud machines and manage their execution.
computing solutions • Allow a guest operating system to use the resources of the
host machine

End-user (desktop)virtualization
Virtualization of end-user computing environments End-user (desktop) virtualization
include
• VMware Player, VMware ACE, and VMware ThinApp.
– VMware Player is a reduced version of VMware Workstation
that allows creating and playing virtual machines in a
Windows or Linux operating environment.
– VMware ACE, a similar product to VMware Workstation,
creates policy-wrapped virtual machines for deploying secure
corporate virtual environments on end-user computers.
– VMware ThinApp is a solution for application
virtualization. It provides an isolated environment for
applications in order to avoid conflicts due to versioning and
incompatible applications.
 Server virtualization
• VMware GSX server,
– Replicates the approach used for end-user
computers
– Remote management and scripting capabilities.
– Serve the virtualization of Web servers.
– A daemon process, called serverd, controls and
manages VMware application processes.
– These applications are then connected to the virtual machine
instances by means of the VMware driver installed on the
host operating system.
– Virtual machine instances are managed by the VMM
– User requests for virtual machine management and
provisioning are routed from the Web server through the VMM
by means of serverd.

Server virtualization Server virtualization

Infrastructure virtualization Infrastructure virtualization
and cloud computing solutions and cloud computing solutions
• vSphere • vCenter:
– The management of the infrastructure is operated by Vmware
– A pool of virtualized servers is tied together and remotely – Provides centralized administration and management of
managed as a whole. vSphere installations
in a data center environment. by VMware vCloud, which
– virtual compute services • vCloud:
– Turns a collection of virtualized data centers are turned into a
– Virtual file system, virtual storage, and virtual network
constitute the core of the infrastructure; IaaS cloud
– allows service providers to make available to end users
– application services, such as virtual machine migration, virtual computing environments on demand on a pay-per-
storage migration, data recovery, and security zones, use basis.
complete the services offered by vSphere. – A Web portal provides access to the provisioning services of ,
– End users can self-provision virtual machines by choosing
from available templates and setting up virtual networks
among virtual instances.
• vFabric : application development
– A set of components used for the development of scalable

Infrastructure virtualization Infrastructure virtualization

and cloud computing solutions and cloud computing solutions
Web applications on top of a virtualized infrastructure.
– vFabric is a collection of components for application
monitoring, scalable data management, and scalable
execution and provisioning of Java Web applications.
• Zimbra, a solution for office automation, messaging, and
collaboration that is completely hosted in the cloud and
accessible from anywhere.
Infrastructure virtualization
Microsoft Hyper-V
and cloud computing solutions

• Infrastructure virtualization solution

• For server virtualization.
• Hypervisor-based approach to
hardware virtualization
• Component of Windows Server 2008
R2.

Microsoft Hyper-V Microsoft Hyper-V

Microsoft Hyper-V Microsoft Hyper-V
Parent Partition/root partition:
• Hyper-V supports multiple and concurrent execution of guest – Hyper-V takes control of the hardware, and the host
operating systems by means of partitions. operating system becomes a virtual machine instance with
special privileges, called the parent partition.
• A partition is a completely isolated environment in which an
operating system is installed and run. – only one that has direct access to the hardware.
– It runs the virtualization stack,
– hosts all the drivers required to configure guest
operating systems
– creates child partitions through the hypervisor
– hosts an instance of the Windows Server 2008 R2, which
manages the virtualization stack made available to the
child partitions.

Microsoft Hyper-V Microsoft Hyper-V

Child partitions Hypervisor : Directly manages the underlying hardware
• Host guest OS (processors and memory). It is logically defined by the
• Do not have access to the underlying hardware following components:
• Hypercalls interface.
• Isolated environments that allow secure and controlled
execution of guests. – This is the entry point for all the partitions for the
execution of sensitive instructions.
• Interaction with hardware is controlled by either the
– The parent partition also uses this interface to create child
parent partition or the hypervisor itself
partitions.
• Two types of child partition exist,
• Memory service routines (MSRs).
– Enlightened partitions – Controls the memory and its access from partitions.
• Hypervisor-aware
• Advanced programmable interrupt controller (APIC).
• can benefit from Enlightened I/O
– This component represents the interrupt controller,
– Unenlightened partitions
– which manages the signals coming from the
• Hypervisor-unaware underlyinghardware when some event occurs (timer
• executed by leveraging hardware emulation from the expired, I/O ready, exceptions and traps).
hypervisor.
Microsoft Hyper-V Microsoft Hyper-V
• Scheduler. Enlightened I/O and synthetic devices
– Schedules the virtual processors to run onavailable • Enlightened I/O perform I/O operations using
physical processors. interpartition communication channel

– The scheduling is controlled by policies that areset by the • There are three fundamental components:
parent partition. – VMBus : implements the channel and defines the protocol
• Address manager. for communication between partitions.
– Manage the virtual network addresses that are – Virtual Service Providers (VSPs) : VSPs are kernel-level
drivers that are deployed in the parent partition and provide
allocated to each guest operating system. access to the corresponding hardware devices.
• Partition manager. – Virtual Service Clients (VSCs) : represent the virtual device
– Performs partition creation, finalization, drivers (also called synthetic drivers) seen by the guest
operating systems in the child partitions.
destruction, enumeration, and configurations.

Microsoft Hyper-V Microsoft Hyper-V

Cloud computing and infrastructure Cloud computing and infrastructure
management management ….
• Windows Server Core is new version of WindowsServer 2008 • System Center Virtual Machine Manager (SCVMM)
• Windows Server Core 2008. (provides advanced management of VMs)
– reduced set of features and a smaller footprint. – Management portal for the creation and management of
virtual instances
– No GUI component and other bulky components such as
the .NET Framework and all the applications developed on – Virtual to Virtual (V2V) and Physical to Virtual
top of it (for example, PowerShell). (P2V) conversions
– Delegated administration
– Advantages
– Library functionality and deep PowerShell integration
• Reduced maintenance (i.e., fewer software patches),
– Intelligent placement of virtual machines in the managed
• Reduced attack surface
environment
• Reduced management, – Host capacity management
• Less disk space
 Module 4

• Cloud Infrastructure Mechanism: Cloud Storage, Cloud Usage

Monitor, Resource Replication – Readymade Environment
• Specialized Cloud Mechanism: Load Balancer, SLA Monitor,
Pay-per-use Monitor, Audit Monitor - Failover System
Hypervisor - Resource Cluster.

Cloud Computing Mechanism

Module 4

• Polling Agent
• Case Study Example
– Resource Replication
• Case Study Example
– Readymade Environment

• Cloud Infrastructure Mechanisms

– Cloud Storage Device
• Cloud Storage Levels
• Network Storage Interfaces
• Object Storage Interfaces
• Database Storage Interfaces
• Relational Data Storage
• Non-Relational Data Storage
• Case Study Example
– Cloud Usage Monitor
• Monitoring Agent
• Resource Agent
Cloud Storage Device Cloud Storage Device

• The cloud storage device • Issues and Challenges

– Designed specifically for cloud-based – Security, integrity, and confidentiality ofdata

provisioning.
– Legal and regulatory implications
– Can be virtualized • Since data are stored across geographical ornational
– Fixed-increment capacity allocation in boundaries.
support of the pay-per-use mechanism.
– Performance of large databases
– Can be remotely accessed via cloud • Increase in latency
storage services.

Cloud Storage Device Cloud Storage Device

– Data and its associated metadata are organized as Web-
based resources.
Cloud Storage Levels
Different logical units of data storage are
• Files
– Collections of data are grouped into files that are located
in folders.
• Blocks
– a block is the smallest unit of data that is still individually
accessible.
– lowest level of storage and the closest to the hardware
• Datasets
– Sets of data are organizedinto a table-based, delimited, or
record format.
• Objects
 Different cloud service consumers utilize differenttechnologies
to interface with virtualized cloud storage devices. Cloud Storage Device

• Different cloud service consumers utilizedifferent technologies

to interface with virtualized cloud storage devices.
– File : Internet Small Computer System Interface (iSCSI),
Fibre Channel (FC) , Fibre Channel Over Ethernet Logical
Unit Numbers FCoE LUNs,
– Block: Portable Operating System InterfaceNetwork File
System, Common Internet File System (POSIX NFS,
CIFS)
– Object : create, read, update, and delete (or CRUD) operations
via HTTP ( Hyper Text Transfer Protocol) eg: Cloud Data
Management Interface (CDMI)
– Dataset : DBMS API SQL or NoSQL , (Database
Management System Application Programming Interface,
Structured Query Language,

– Data Block- which is the smallest unit that can be stored

Cloud Storage Device… Cloud
accessed Storage
and Device…
and the storage format closest to hardware.
– Uses LUN (logical unit number) or virtual
Small Computer System volume block-level
storage
Interface
– Better performance than file-level storage.
Network Storage InterfacesServer Message Block
• Legacy network storages Common Internet File System
• Uses industry standard protocols, Network File System
– SCSI for storage blocks
– SMB, CIFS, NFS for file and
network storage.
• File:
– Stores individualdata in separate files of different sizes and
formats
– Organized into folders and subfolders.
– When modified Original files are often replaced by the new files
– Data searching and extraction performance is suboptimal.
• Block
– Uses fixed format - data block,
Cloud Storage Device… Cloud Storage Device…
Representational State Transfer (REST)

Object Storage Interfaces

• Object storage is a data storage architecture for storing
unstructured data, which sections data into units— object.
• Each object includes the data, metadata, and a unique
identifier that applications can use for easy access and
retrieval.
• Objects can be accessed via REST, HTTP.
• Many data and media types are supported

Cloud Storage Device… Cloud Storage Device…

Relational Data Storage
• Data is stored using relational databases or relational
Database Storage Interfaces database
• Support a query language in addition tobasic storage management systems (RDBMSs).
operations.
• Storage management is done • Tables
– To organize similar data into rows and columns.
– Using a standard API
– Have relationships with each other to give the data increased
– Using an administrative user interface. structure, to protect data integrity, and to avoid data
• Two categories based on storage redundancy (which is referred to as data normalization).
structure
• Structured Query Language (SQL) is used to work with
– Relational Data Storage relational
– Non-Relational Data Storage data
• Eg: IBM DB2, Oracle Database, Microsoft SQL Server, and
MySQL.
• Challenges
Cloud Storage Device… Cloud Storage Device…
– Scaling a relational cloud storage device vertically can be
more
complex and cost-ineffective Non-Relational Data Storage
– Performance: Large Databases with complex relationships has • NoSQL storage
higher processing overhead and latency, when accessed • “looser” structure for stored data
remotely. • No relationships and data
normalization.
• Limited schemas or data models.
• Transactions or joins are not
supported.

Cloud Storage Device… Cloud Storage Device…

Non-Relational Data Storage ….
• Advantages:
– Provides scalability and availability of stored
data over multiple server environments.
– More scalable than relational storage
– Less complexity and processing overhead.

• Problem :
– Portability: Non-relational storage mechanismsare proprietary
and so limit data portability.
 cloud storage device based onan object storage interface

Cloud Storage Device… • A company provides cloud consumers access to a cloud storage
device based on an object storage interface

Cloud storage device based on an object storage interface

(3) Consumer uses the cloud

storage device UI to interact
(1) create a cloud storage
directly with the data objects. device and define access
control policies

(2)The usage and administration portal interact with the cloud storage software to create
the cloud storage device instance and apply access policy to its data objects
 Cloud storage device based on Cloud storage devices via a
an object storage interface block storage network interface
(1) The cloud consumer interacts with the usage and • A company offers a cloud service thatenables the creation of cloud
administration portal to create a cloud storage device and storage devices via a block storage network interface
define access control policies.
(2) The usage and administration portal interact with the cloud
storage software to create the cloud storage device instance and
apply the required access policy to its data objects.
– Each data object is assigned to a cloud storage device and all
of the data objects are stored in the same virtual storage
volume.
(3) The cloud consumer uses the proprietary cloud storage
device UI to interact directly with the data objects.
• Access control
– Granted on a per-object basis
– Separate access policies are used for creating, reading
from, and writing to each data object.
– Only read-only access is given for Public access

The creation of cloud storage devices viaa block storage network

VIM software creates
interface and configures the
appropriate LUN

The cloud consumer uses the

usage and administration portal to
The cloud consumer remotely logs
create and assign a cloud storage
into the virtual server directly (3a)
to access the cloud storage device device to an existing virtual server
(3b).

The usage and

administration portal
interacts with the VIM
software
The creation of cloud storage devices viaa block storage network

Cloud Usage Monitor

interface

• The cloud consumer uses the usage and administration portal

to create and assign a cloud storage device to an existing
virtual server (1).
• The usage and administration portal interacts with the VIM • Lightweight and autonomous
software (2a),
• Which creates and configures the appropriate LUN (2b).
software program
• Each cloud storage device uses a separate LUN controlled by • Collects and process IT resource usage
the virtualization platform.
• The cloud consumer remotely logs into the virtual server data.
directly (3a) to access the cloudstorage device (3b).
• Three categoris (based on the type of
usage metrics
collected and implementation )
– Monitoring Agent
– Resource Agent
– Polling Agent

Cloud Usage Monitor

Cloud Usage Monitor Monitoring Agent

(3a)before allowing it to continue to
the cloud service
(1) A cloud service consumer (3b)The monitoring agent stores the
Monitoring Agent sendsa request message to a collected usage data in a log database
• Intermediary, event-driven program cloud service
(2)The monitoring agent
• Existing on communication paths
interceptsthe message to
• Transparently monitors and analyzes dataflows. collect relevant usage data
• Measures network traffic and message metrics.
 Cloud Usage Monitor Cloud Usage Monitor

Monitoring Agent Monitoring Agent

(1) A cloud service consumer sends a request message to a cloud

service
(2) The monitoring agent intercepts the message to collect relevant
usage data
(4) The cloud service replies with a response message
(3a)before allowing it to continue to the cloud service
(5) that is sent back to the cloud service consumer without
beingintercepted by the monitoring agent (3b)The monitoring agent stores the collected usage data in a log
database
(4) The cloud service replies with a response message
(5) that is sent back to the cloud service consumer without
being intercepted by the monitoring agent.

Cloud Usage Monitor Cloud Usage Monitor

Resource Agent Resource Agent

The resource agent is actively monitoring a
• Collects usage data on resources virtual server and detects an increase in usage (1).
• Event-driven program
• Activated each time resource software is initiated ,
suspended, resumed, and scaled.
 Cloud Usage Monitor Cloud Usage Monitor

Resource Agent Resource Agent

• The resource agent is actively monitoring a virtual server and
detects an increase in usage (1).
• The resource agent receives a notification from the underlying
resource management program that the virtual server is being
scaled up and stores the collected usage data in a log database, as
per its monitoring metrics (2).

The resource agent receives a notification from

the underlying resource management
program that the virtual server is being scaled
up and stores the collected usage data in a log
database, as per its monitoring metrics (2).

Cloud Usage Monitor Cloud Usage Monitor

Polling Agent Polling Agent

A polling agent monitors the status of a cloud
service hosted by a virtual server by sending
• Collects cloud service usage data by polling IT periodic polling request messages and receiving
resources. polling response messages that report usage
• Monitors IT resource status (e.g. uptime and status“A” after a number of polling cycles, until
downtime) it receives a usage status of “B” (1)
 Cloud Usage Monitor Cloud Usage Monitor

Polling Agent Polling Agent

• A polling agent monitors the status of a cloud service hosted

by a virtual server by sending periodic polling request
messages and receiving polling response messages that report
usage status “A” after a number of polling cycles, until it
receives a usage status of “B” (1), upon which the polling
agent records the new usage status in the log database (2).
upon which the polling agent records the
new usage status in the log database (2).

Cloud Usage Monitor Cloud Usage Monitor

Case Study The resource agent is designed with logic and metrics that are based
on the following rules:
1. Each resource usage event that is generated by the VIM
• A company has recently adopted cloud computing and wants software can contain the following data:
to collect accurate usage data. • Event Type (EV_TYPE) – Generated by the VIM platform, there
are
• Virtual servers of varying performance levels need to be leased five types of events:
and billed hourly. – VM Starting (creation at the hypervisor)
• A resource agent that relies on the resource usage events generated – VM Started (completion of the boot procedure)
by the VIM platform is implemented to calculate the virtual – VM Stopping (shutting down)
server usage data. – VM Stopped (termination at the hypervisor)
– VM Scaled (change of performance parameters)
• VM Type (VM_TYPE) – type of virtual server (based on
performance
parameters.
• Unique VM Identifier (VM_ID) – This identifier is provided by the
VIM
platform.
• Unique Cloud Consumer Identifier (CS_ID) – Another identifier
provided by the VIM platform to represent the cloud consumer.
• Event Timestamp (EV_T) – An identification of an event
occurrence that is expressed in date-time format, with the time
 Cloud Usage Monitor Cloud Usage Monitor
zone of the data center and referenced to UTC as defined in
RFC 3339 (as per the ISO 8601 profile).

2. Usage measurements are recorded for every virtual server

that a cloud consumer creates.
3. Usage measurements are recorded for a measurement period
whose length is defined by two timestamps called tstart and
tend. .
4. Usage measurements are recorded at each minute of usage. The
virtual server usage measurement period starts when the virtual
server is created at the hypervisor and stops at its termination.
5. Virtual servers can be started, scaled, and stopped multiple
times during the measurement period. The time interval
between each occurrence i (i = 1, 2, 3,...) of these pairs of
successive events that are declared for a virtual server is called
a usage cycle that is known as Tcycle_i:

Cloud Usage Monitor Cloud Usage Monitor

The resource agent interacting with the VIM’s eventdriven API

• The total usage, Utotal, for each virtual server during the
measurement period is calculated using the following resource
usageevent log database equations:
– For each VM_TYPE and VM_ID in the log
database:

– As per the total usage time that is measured for each

VM_TYPE, the vector of usage for each VM_ID is Utotal:
Utotal = {type 1, Utotal_VM_type_1, type 2,
Utotal_VM_type_2, ...}
 Cloud Usage Monitor Cloud Usage Monitor
(VIM)

virtual infrastructure manager

Cloud Usage Monitor Cloud Usage Monitor

• The VIM’s event-driven API generates a resource usage event with
timestamp
= t2, which is captured and recorded at the resource usage event
log database
• The cloud consumer (CS_ID = CS1) requests the creation of a by the cloud usage monitor software agent (4b).
virtual server • The cloud consumer shuts down the virtual server (5).
(VM_ID = VM1) of configuration size type 1 (VM_TYPE = type1) • The VIM stops Virtual Server VM1 (6a)
(1). • and its event-driven API generates a resource usage event with
• The VIM creates the virtual server (2a). timestamp = t3, which the cloud usage monitor software agent
• The VIM’s event-driven API generates a resource usage event with captures and records at the log database (6b).
timestamp • The usage and administration portal accesses the log
= t1, which the cloud usage monitor software agent captures database and
and records in the resource usage event log database (2b). calculates the total usage (Utotal) for Virtual Server Utotal VM1
• Virtual server usage increases and reaches the auto-scaling (7).
threshold (3).
• The VIM scales up Virtual Server VM1 (4a) from configuration
type 1 to type
2 (VM_TYPE = type2).
 Resource Replication
Resource Replication The hypervisor replicates several instances of a
virtual server, using a stored virtual server image.
• Creating of multiple instances of the same IT • Hypervisor
resource. – Creates many instances of a virtual server using a virtual
• Replication is done when an IT resource’s server image
availability and performance need to be improved. – Deploy and replicate ready-made environments and entire
• Technology used is Virtualization. applications

Resource Replication Resource Replication

Case Study

• A company establishes a set of high-availability virtual

servers that can be automatically relocated to physical servers
running in different data centers in response to severe failure
conditions.
• A virtual server that resides on a physical server running at
one data center experiences a failure condition.
• VIMs from different data centers coordinate to overcome the
unavailability by reallocating the virtual server to a different
physical server running in another data center.
Resource Replication

A high-availability virtual server is running in Data Center A. VIM instances

in Data Centers A and B are executing a coordination function that allows
detection of failure conditions. Stored VM images are replicated between data
centers as a result of the high-availability architecture.

Resource Replication

The virtual server becomes unavailable in Data Center A. The VIM in Data
Center B detects the failure condition and starts to reallocate the
highavailability server from Data Center A to Data Center B.
 Resource Replication

A new instance of the virtual server is created and made available

in Data Center B.

Ready-Made Environment Ready-Made Environment

• Pre-defined, cloud-based platform comprised of a • A ready-made environment has

set of already installed IT resources – SDK (software development kit)
• Ready to be used and customized by a cloud • provides cloud consumers with programmatic access to the
consumer. development technologies that comprise their preferred
• Pre-installed IT resources are programming stacks.
– Databases – Middleware
– Middleware • For multitenant platforms to support the development and
– Development tools deployment of Webapplications.
– Governance tools. – Runtime execution environments
• Cloud consumers can remotely develop and deploytheir own
services and applications within a cloud.
Ready-Made Environment Ready-Made Environment

• A cloud consumer accesses a ready-made environment

hosted on a virtual server.

the development and deployment environment

Ready-Made Environment of Part Number Catalog application.

Case Study The developer uses the provided SDK to

develop the Part Number Catalog Web
Ready-Made Environment application
• A company developed and deployed Java-based Part Number
Catalog Web application, using leased PaaS environment,
used for the switches and routers they manufacture.
• The application logic was split into front-end and back-end
processing logic.
– The front-end logic was used to process simple queries and
updates to the catalog.
– The back-end part contains the logic required to render the
complete catalog and correlate similar components and
legacy part numbers.
The application is made available theend-user (4)
for usage and one end-user
accesses its front-end instance

The software running

in the front-end
instance invokes a
provides persistent storage long-running taskat
of the application data the back-end instance
that corresponds to the
processing required by

Ready-Made Environment
Ready-Made Environment Other Use Cases
The development and deployment environment of partnumber catalog
application
Library Management System:
• The developer uses the provided SDK to develop the Part Front-end: Users can search for books, manage their
Number Catalog Web application (1). accounts, and request holds or renewals.
• The application software is deployed on a Web platform that was Back-end: Handles complex queries based on author, genre, or
established by two ready-made environments called the frontend
availability. Manages user accounts, loan periods, and overdue
instance (2a) and the back-end instance (2b).
• The application is made available for usage and one end-user fines. Integrates with barcode scanners and other library
accesses its front-end instance (3). management systems.
• The software running in the front-end instance invokes a
long-running task at the back-end instance that corresponds E-commerce Platform:
to the processing required by the end-user (4). Front-end: Users can browse products, add items to cart,
• The application software deployed at both the front-end and back- and checkout securely.
end instances is backed by a cloud storage device that provides
persistent storage of the application data (5). Back-end: Handles product information, inventory management,
and order processing. Integrates with payment gateways and
fulfillment centers. Recommends similar products and displays
personalized promotions.
 performance and customer trends. Integrates with email
Other Use Cases …
Ready-Made Environment marketing and other communication tools.

Learning Management System (LMS): Content Management System (CMS):

Front-end: Students can access course materials, take assessments, Front-end: Content editors can create, edit, and publish web content.
and interact with Back-end: Manages content versions, user permissions, and
instructors.
website configuration. Delivers content to the front-end and
Back-end: Delivers course content, manages enrollments, and
ensures website functionality. Integrates with analytics tools
grades assessments. Tracks student progress and facilitates
and third-party content sources.
communication between instructors and students. Integrates
with third-party learning tools and resources.

Customer Relationship Management (CRM) System:

Front-end: Sales teams can manage contacts, leads, and
opportunities. Customer service representatives can access
customer information and support requests.
Back-end: Stores customer data, tracks sales activities, and
automates workflows. Generates reports and analytics for sales

Ready-Made Environment Ready-Made Environment

• https://www.intellinetsystem.com/int eli-catalogue-oem.htm
Ready-Made Environment

Ready-Made Environment
 Ready-Made Environment

• 8: Specialized Cloud Mechanisms

– 8.2 Load Balancer
• Case Study Example
– 8.3 SLA Monitor
Cloud Computing Mechanism • Case Study Example
- Specialized Cloud Mechanism • SLA Monitor Polling Agent
• SLA Monitoring Agent
– 8.4 Pay-Per-Use Monitor
Module 4 • Case Study Example
– 8.5 Audit Monitor
• Case Study Example
– 8.6 Failover System
 • Active-Active Specialized cloud mechanisms
• Active-Passive
• Case Study Example • cloud technology architecture following
– 8.7 Hypervisor specialized cloud mechanisms
• Case Study Example – Load Balancer
– 8.8 Resource Cluster – SLA Monitor
• Case Study Example – Pay-Per-Use Monitor
– 8.9 Multi-Device Broker – Audit Monitor
• Case Study Example – Failover System
– 8.10 State Management Database – Hypervisor
• Case Study Example – Resource Cluster
– Multi-Device Broker
– State Management Database

Load Balancer
A load balancer implemented as a service agent transparently
Load Balancer distributes incoming workload request messages across two
redundant cloud service implementations, which in turn
• Balance a workload across two or more IT resources to increase maximizes performance for the cloud service consumers.
performance and capacity beyond what a single IT resource can
provide.
• Runtime agent, Does Horizontal scaling
• Exists on the communication path between the IT resources
generating the workload and the IT resources performing the
workload processing
• Load Balancer functions are
1. Asymmetric Distribution
• larger workloads are issued to IT resources with higher
processing
capacities
2. Workload Prioritization
• workloads are scheduled, queued, discarded, and
distributed workloads
according to their priority levels
3. Content-Aware Distribution
• requests are distributed to different IT
resources as dictated by the
request content
 Load Balancer

• A load balancer has

– Performance and qos rules
– Parameters
• Objectives of load balancer
– Optimizing IT resource usage
– Avoiding overloads
– Maximizing throughput.
• The load balancer mechanisms can exist as a:
– Multi-layer network switch
– Dedicated hardware appliance
– Dedicated software-based system (in server OS)
– Service agent

Load Balancer Load Balancer

New instances of the cloud services are automatically created to
Case Study meet increasing usage requests. The load balancer uses round-
robin scheduling to ensure that the traffic is distributed evenly
among the active cloud services.
• The Part Number Catalog cloud service has peak usage periods
during the first few days of every month that coincide with the
preparatory processing of heavy stock control routines at the
factories.
• The company upgraded the cloud service to be highly scalable
in order to support the anticipated workload fluctuations.
– Peak workloads are 1,000 times greater than their
average
workloads
 Load Balancer
SLA Monitor

• Observes the runtime performance of cloud services to ensure

QoS requirements are fullfilled
– QoS requirements are in SLAs
• SLA management system
– Process the data collected and aggregate them into SLA
reporting metrics.
• The system can proactively repair or failover cloud services when
exceptional conditions occur (eg, when cloud service is “down”)

The SLA monitor polls the cloud service thatsends

SLA Monitor polling request messages (MREQN+1 to
SLA Monitor The SLA monitor polls the cloud service by sending
MREQN+M). Polling response messages are not
over polling request messages (MREQ1 to MREQN).
The monitor receives polling response messages received (2a).
(MREP1 to MREPN) that report that the service was The response messages continue to time out, so the
“up” at each polling cycle (1a).
The SLA monitor stores the “up” time—time period
SLA monitor stores the “down” time—time period of
of all polling cycles 1 to N—in the log database (1b). all polling cycles N+1 to N+M—in the log
database (2b).
 The SLA monitor sends a polling request
SLA Monitor message (MREQN+M+1) and receives the
SLA Monitor
polling response message (MREPN+M+1)
(3a).The SLA monitor stores the “up” time in
the log database (3b).

SLA Monitor
SLA Monitor Case Study Example
• The standard SLA for virtual servers in a company’s leasing
• The SLA monitor polls the cloud service by sending over agreements defines a minimum IT resource availability of
polling request messages (MREQ1 to MREQN). 99.95%, which is tracked using two SLA monitors: 1) one based
• The monitor receives polling response messages (MREP1 to on a polling agent 2) Another based on a monitoring agent
MREPN) that report that the service was “up” at each polling
cycle (1a). • SLA Monitor Polling Agent
• The SLA monitor stores the “up” time—time period of all – Runs in the external perimeter network to detect physical
polling cycles 1 to N—in the log database (1b). server
• The SLA monitor polls the cloud service that sends polling timeouts.
request messages (MREQN+1 to MREQN+M). Polling response
messages are not received (2a). – Can identify data center network, hardware, and
• The response messages continue to time out, so the SLA monitor software failures that result in physical server non-
stores the “down” time—time period of all polling cycles N+1 to responsiveness.
N+M—in the log database (2b). – After three consecutive timeouts of 20-second polling periods
• The SLA monitor sends a polling request message an IT
(MREQN+M+1) resource is declared as unavailable
and receives the polling response message (MREPN+M+1) (3a).
• The SLA monitor stores the “up” time in the log database (3b). Three types of events are generated:
– PS_Timeout
 SLA Monitor SLA Monitor
• the physical server polling has timed out Case Study Example …
– PS_Unreachable – the physical server polling has
consecutively SLA Monitoring Agent
timed out three times • Event-driven API
– PS_Reachable – the previously unavailable physical server • Generates three events:
becomes responsive to polling again – VM_Unreachable – the VIM cannot reach the VM
– VM_Failure – the VM has failed and is unavailable
– VM_Reachable – the VM is reachable
• The events are
– Generated by the agents have timestamps
– Logged into an SLA event log database
– Used by the SLA management system to calculate IT
resource availability.

the steps taken by SLA monitors during a data center network failure and recovery.
SLA Monitor the steps taken by SLA monitors during a data center network failure and recovery.
SLA Monitor
At timestamp = t1, a
firewall cluster has
failed and all of the IT
resources in the data
center become
unavailable (1).
the steps taken by SLA monitors during a data center network failure and recovery.
SLA Monitor the steps taken by SLA monitors during a data center network failure and recovery.
SLA Monitor
The SLA monitor polling
agent stops receiving
responses from physical
servers and starts to issue
PS_timeout events (2).
The SLA monitor polling
agent starts issuing
PS_unreachable events
after three successive
PS_timeout events.
The timestamp is now t2
(3).

the steps taken by SLA monitors during a data center network failure and recovery.
SLA Monitor the steps taken by SLA monitors during a data center network failure and recovery.
SLA Monitor

PS_Timeout – the physical server polling has

timed out
PS_Unreachable – the physical server polling
hasconsecutively timed out three times
PS_Reachable – the previously unavailable
physical
server becomes responsive to polling again
the steps taken by SLA monitors during a data center network failure and recovery.

Case Study - 2
SLA Monitor
• The steps that are taken by the SLA monitors during the
failure and subsequent recovery of a physical server that is
Case Study Example …
hosting three virtual servers (VM1, VM2, VM3).

• The IT resource becomes operational at timestamp = t3 (4).

• The SLA monitor polling agent receives responses from the
physical servers and issues PS_reachable events. The
timestamp is now t4 (5).
• The SLA monitoring agent did not detect any unavailability
since the communication between the VIM platform and
physical servers was not affected by the failure (6).
• The SLA management system uses the information stored in
the log database to calculate the period of unavailability as t4
– t2, which affected all of the virtual servers in the data
center.

The steps that

subsequent are taken
recovery of aby the SLA
physical monitors
server that isduring the
hosting failure
three and
virtual
servers (VM1, VM2, VM3).

At timestamp = t1, the physical host server has failed and becomes unavailable (1).

The SLA monitor polling The SLA monitoring agent At timestamp = t2, the
agent stops receiving captures a VM_unreachable event The SLA monitor SLA monitoring agent
responses from the host that is generated for each virtual polling agent starts to captures a VM_failure event
server and issues server in the failed host server issue PS_unreachable that is generated for each of
PS_timeout events (2b). (2a) events after three the failed host server’s three
successive PS_timeout virtual servers (3a).
events at timestamp =
t3 (3b).
 The steps that are taken by the SLA monitors during the failure and
subsequent recovery of a physical server that is
hosting three virtual servers (VM1, VM2, VM3) ….
• VM_Unreachable – the VIM cannot reach the VM
• VM Failure – the VM has failed and is unavailable
The host server becomes operational at timestamp = t4 (4).
• VM_Reachable – the VM is reachable

At timestamp = t6, the SLA

The SLA monitor polling agent
monitoring agent captures a
receives responses from the
VM_reachable event that is
physical server and issues
generated for each virtual server
PS_reachable events at
(5b).
timestamp = t5 (5a).

t5
5b
5a

SLA Monitor

Case Study Example …

• At timestamp = t1, the physical host server has failed
The SLA management system calculates the unavailability and becomes unavailable (1).
period that affected all of the virtual servers as t6 – t2. • The SLA monitoring agent captures a VM_unreachable event
that is generated for each virtual server in the failed host server
(2a).
• The SLA monitor polling agent stops receiving responses from
the host server and issues PS_timeout events (2b).
• At timestamp = t2, the SLA monitoring agent captures a
PS_Reachable – the previously unavailable physical server VM_failure event that is generated for each of the failed host
becomes responsive to polling again server’s three virtual servers (3a).
VM_Reachable – the VM is reachable • The SLA monitor polling agent starts to issue PS_unreachable
events after three successive PS_timeout events at timestamp
= t3 (3b).
 SLA Monitor

Case Study Example …

Pay-Per-Use Monitor

• Measures cloud-based IT resource usage

– Based on predefined pricing parameters
• The host server becomes operational at timestamp = t4 (4). • Generates usage logs for fee calculations andbilling purposes.
• Monitoring metrics:
• The SLA monitor polling agent receives responses from the
– Request/response message quantity
physical server and issues PS_reachable events at timestamp
– Transmitted data volume (size)
= t5 (5a).
– Bandwidth consumption (bps)
• At timestamp = t6, the SLA monitoring agent captures a
• Billing management system process the collected data and
VM_reachable event that is generated for each virtual server calculates the payment fees
(5b).
• The SLA management system calculates the unavailability
period that affected all of the virtual servers as t6 – t2.

Pay-per-use monitor implemented as a resource agent used to determine

the usage period of a virtual server Pay-Per-Use Monitor
Resource Agent: Collects usage data on resources, Event-driven
program, Activated each time resource software is initiated ,
suspended, resumed, and scaled. The payper-use monitor receives
a “stop” event notification from
The IT resource is instantiated and The cloud consumer later requests
the resource software (5)
the pay-per- use monitor receives a that the
“start” event notification from the cloud service instance be stopped (4).
resource software (2).

The pay-peruse monitor stores the value

A cloud consumer requests the The pay-per use monitor stores the value timestamp in the log database (6).
creation of a timestamp in the log database (3).
new instance of a cloud service (1).
 Pay-Per-Use Monitor A pay-per-use monitor designed as a monitoring agent Pay-Per-Use Monitor

Pay-per-use monitor implemented as a resource agent Monitoring Agent

Intermediary, event-driven program; Existing on communication paths; Transparently monitors
used to determine the usage period of a virtual server … and analyzes dataflows; Measures network traffic and message metrics.

• A cloud consumer requests the creation of a new instance of a

cloud service (1).
• The IT resource is instantiated and the pay-per- use monitor
receives a “start” event notification from the resource software
(2).
• The pay-peruse monitor stores the value timestamp in the log
database (3).
• The cloud consumer later requests that the cloud service
instance be stopped (4).
• The payper-use monitor receives a “stop” event notification from
the resource software (5)
• The pay-peruse monitor stores the value timestamp in the log
database (6).

A pay-per-use monitor designed as a monitoring agent Pay-Per-Use Monitor A pay-per-use monitor designed as a monitoring agent Pay-Per-Use Monitor
Monitoring Agent Monitoring Agent
Intermediary, event-driven program; Existing on communication paths; Transparently monitors Intermediary, event-driven program; Existing on communication paths; Transparently monitors
and analyzes dataflows; Measures network traffic and message metrics. and analyzes dataflows; Measures network traffic and message metrics.

• A cloud service consumer sends a request message to the cloud

service (1).
• The pay-per-use monitor intercepts the message (2),
• Forwards the message to the cloud service (3a),
• Pay-per-use monitor stores the usage information in
accordance with its monitoring metrics (3b).
• The cloud service forwards the response messages back to the cloud
service
A pay-per-use monitor designed as a monitoring agent Pay-Per-Use Monitor Pay-Per-Use Monitor
Monitoring Agent Case Study Example
Intermediary, event-driven program; Existing on communication paths; Transparently monitors
and analyzes dataflows; Measures network traffic and message metrics.
• A company decides to invest in a commercial system capable
of generating invoices based on events pre-defined as “billable”
and customizable pricing models.
• The installation of the system results in two proprietary
databases: the billing event database and the pricing scheme
database.
• Runtime events are collected via cloud usage monitors that are
implemented as extensions to the VIM platform using the VIM’s
API.
consumer to provide the requested service (4). • The pay-per-use monitor agent periodically supplies the
billing system with billable events information.

The steps that are taken by pay-per-use

Case Study Example …
monitor during a typical usage event.
• A separate monitoring agent provides furthersupplemental
billing-related data, such as:
– Cloud Consumer Subscription Type
• Eg: pre-paid subscription with usage quota, post-paid
subscription with maximum usage quota, and post- paid
subscription with unlimited usage.
• Identifies the type of pricing model for usage fee
calculations.
– Resource Usage Category –
• normal usage, reserved IT resource usage, and
premium (managed) service usage.
• The billing management system uses this to identify
the range of usage fees
– Resource Usage Quota Consumption
• When usage contracts define IT resource usage quotas,
usage event conditions are typically supplemented with
quota consumption and updated quota limits.
The steps that are taken by pay-per-use The steps that are taken by pay-per-use
monitor during a typical usage event. monitor during a typical usage event.

• The cloud consumer (CS_ID = CS1) creates and starts a virtual

server (VM_ID = VM1) of configuration size type 1 (VM_TYPE
= type1) (1).
• The VIM creates the virtual server instance as requested (2a).
The VIM’s eventdriven API generates a resource usage event
with timestamp = t1, which is captured and forwarded to the
pay-per-use monitor by the cloud usage monitor (2b).
• The pay-per-use monitor interacts with the pricing scheme
database to identify the chargeback and usage metrics that
apply to the resource usage.
• A “started usage” billable event is generated and stored in the billable
event log database (3).
• The virtual server’s usage increases and reaches the auto-scaling
threshold (4).
• The VIM scales up Virtual Server VM1 (5a) from configuration
type 1 to type 2 (VM_TYPE = type2). The VIM’s event-driven
API generates a resource usage event with timestamp = t2,

The steps that are taken by pay-per-use Audit Monitor

monitor during a typical usage event.
which is captured and forwarded to the pay-per-use monitor by • Collects audit tracking data for networksand IT resources
the cloud usage monitor (5b). • This data support regulatory and
• The pay-per-use monitor interacts with the pricing scheme contractual obligations.
database to identify the chargeback and usage metrics that
apply to the updated IT resource usage. A “changed usage” • Audit Monitor
billable event is generated and stored in the billable event log – Intercepts “login” requests
database (6). – Stores following details in a log databases
• The cloud consumer shuts down the virtual server (7) and the • Requestor’s security credentials
VIM stops Virtual Server VM1 (8a). • Failed and successful login attempts,
• The VIM’s event-driven API generates a resource usage event with
timestamp = t3, which is – The stored details will be used for future
captured and forwarded to the payper- use monitor by the cloud audit reporting purposes.
usage monitor (8b).
• The pay-per-use monitor interacts with the pricing scheme
database to identify the chargeback and usage metrics that
apply to the updated IT resource usage.
• A “finished usage” billable event is generated and stored in the
billable event log database (9).
• The billing system tool can now be used by the cloud provider
to access the log database and calculate the total usage fee for
the virtual server as (Fee(VM1)) (10).
 Audit Monitor
An audit monitor implemented as a monitoring agent that
intercepts “login” requests and stores the requestor’s security
credentials, as well as both failed and successful login attempts,
in a log database for future audit reporting purposes.

Audit Monitor
Audit Monitor Case Study Example

• A cloud service consumer requests access to a cloud service • A key feature of Innovartus’ role-playing solution is its unique
by userinterface.
sending a login request message with security credentials (1). • However, the advanced technologies used for its design have
• The audit monitor intercepts the message (2) and forwards it to imposed licensing restrictions that legally prevent Innovartus
the from charging users in certain geographical regions for usage
authentication service (3). of the solution.
• The authentication service processes the security credentials. • Innovartus’ legal department is working on getting these issues
• A response message is generated for the cloud service consumer, in resolved.
addition to the results from the login attempt (4). • But in the meantime, it has provided the IT department with a
• The audit monitor intercepts the response message and stores the list of countries in which the application can either not be
entire collected login event details in the log database, as per the accessed by users or in which user access needs to be free of
organization’s audit policy requirements (5). charge.
• Access has been granted, and a response is sent back to the • In order to collect information about the origin of clients
cloud accessing the application, Innovartus asks its cloud provider to
service consumer (6). establish an audit monitoring system.
• The cloud provider deploys an audit monitoring agent to
 Audit Monitor Audit Monitor
intercept each inbound message, analyze its corresponding
HTTP header, and collect details about the origin of the end- Case Study Example …
user.
• As per Innovartus’ request, the cloud provider further adds a
log database to collect the regional data of each end-user
request for future reporting purposes.
• Innovartus further upgrades its application so that end-users
from select countries are able to access the application at no
charge

Audit Monitor Audit Monitor

Case Study Example … Case Study Example …

• An end-user attempts access to the Role Player cloud
service (1).
• An audit monitor transparently intercepts the HTTP request
message and analyzes the message header to determine the
geographical origin of the enduser (2).
• The audit monitoring agent determines that the end-user is
from a region that Innovartus is not authorized to charge a
fee for access to the application.
• The agent forwards the message to the cloud service (3a) and
generates the audit track information for storage in the log
database (3b).
• The cloud service receives the HTTP message and
grants the end-user access at no charge (4).
Failover System – Provides redundant implementations.
• https://www.druva.com/glossary/what-is-a-failover-definition-
and-related-faqs/
• Failover is the ability to switch automatically and seamlessly to
a
reliable backup system
• A failover system is configured to automatically switch over to
a redundant or standby IT resource instance whenever the
currently active IT resource becomes unavailable.
• Failover system uses resource replication mechanism
• A failover system can span more than one geographical region
• Used in
– Mission-critical programs
– Reusable services that can introduce a single point of failure
for
multiple applications.
• Adv
– Increases the reliability and availability of IT resources

Failover System … Active-Active

The failover system monitors the operational
status of Cloud Service A.
Failover systems come in two basic
configurations:
Active-Active, Active-Passive
1. Active-Active
– Redundant implementations of the IT resource
actively serve the workload synchronously
– Load balancing among active instances is
required.
– When a failure is detected, the failed instance is
removed from the load balancing scheduler
– Whichever IT resource remains operational when
a failure is detected takes over the processing
When a failure is detected in one Cloud Service A Active-Active
implementation, the failover system commands the load
balancer to switch over the workload to the redundant Cloud
Service A implementation.

Active-Active
The failed Cloud Service A implementation is recovered or replicated
into an operational cloud service. The failover system now
commands the load balancer to distribute the workload again.
Failover System … Active-Passive
The failover system monitors the operational status of Cloud
Service A. The Cloud Service A implementation acting as the
2. Active-Passive active instance is receiving cloud service consumer requests.
– A standby or inactive implementation isactivated to take over
the processing from the IT resource that becomes
unavailable,
– The corresponding workload is redirected to the instance
taking over the operation

Active-Passive
The Cloud Service A implementation acting as the active instance Active-Passive
The failed Cloud Service A implementation is recovered or
encounters a failure that is detected by the failover system, which
replicated an operational cloud service, and is now positioned as
subsequently activates the inactive Cloud Service A
the standby instance, while the previously invoked Cloud Service
implementation and redirects the workload toward it. The newly
A continues to serve as the active instance.
invoked Cloud Service A implementation now assumes the role of
active instance.
 Failover System …

• Some failover systems are designed to redirect workloads to active

IT resources that rely on specialized load balancers that detect
failure conditions and exclude failed IT resource instances from
the workload distribution.
• This type of failover system is suitable for IT resources that do
not require execution state management and provide stateless
processing capabilities.
• In technology architectures that are typically based on
clustering and virtualization technologies, the redundant or
standby IT resource implementations are also required to share
their state and execution context.
• A complex task that was executed on a failed IT resource can
remain operational in one of its redundant implementations.

Failover System … A resilient virtual server is established by replicating the virtual

server instance across two different data centers, as performed by
Case Study Example
the VIM that is running at both data centers. The active instance
receives the network traffic and is vertically scaling in response,
• DTGOV creates a resilient virtual server to support the while the standby instance has no workload and runs at the
allocation of virtual server instances that are hosting critical minimum configuration.
applications, which are being replicated in multiple data
centers.
• The replicated resilient virtual server has an associated active-
passive failover system.
• Its network traffic flow can be switched between the IT resource
instances that are residing at different data centers, if the active
instance were to fail.
Failover System … SLA monitors detect when the active virtualserver instance
becomes unavailable.

The failover system is implemented as an event-driven software

The failed virtual server instance is revived and scaled down tothe
agent that intercepts the message notifications the SLA monitors
minimum standby instance configuration after it resumes normal
send regarding server unavailability. In response, the failover
operation.
system interacts with the VIM and network management tools to
redirect all of the network traffic to the now-active standby
instance.
Hypervisor Hypervisor
Virtual servers are created via individual hypervisor on
individual physical servers.
• Fundamental part of virtualization infrastructure All three hypervisors are jointly controlled by the same VIM.
• Used to generate virtual server instances of a physical server.
• A hypervisor
– Limited to one physical server
– Can create virtual images of that server
– Assign virtual servers to resource pools that reside on the same
underlying physical server.
– A hypervisor has limited virtual server management
features, such as increasing the virtual server’s capacity or
shutting it down.
– Is installed directly in bare-metal servers.
– Provides features for controlling, sharing and scheduling
the usage of hardware resources, such as processor power,
memory, and i/o (these resources can appear to each
virtualserver’s os as dedicated resources)
• The VIM provides a range of features for administering
multiple hypervisors across physical servers.

Hypervisor
Case Study Example

• A company has established a virtualization platform in which

the same hypervisor software product is running on all
physical servers.
• The VIM coordinates the hardware resources in each data center
so that virtual server instances can be created from the most
convenient underlying physical server.
• As a result, cloud consumers are able to lease virtual
servers with autoscaling features.
• The company’s virtualization platform provides live VM
migration of virtual servers among physical servers inside the
same data center.
– where a virtual server live-migrates from one busy physical
server to another that is idle, allowing it to scale up in
response to an increase in its workload.
Hypervisor
A virtual server capable of auto-scaling
Case Study Example… experiences an increase in its workload
(1).
The VIM decides that the virtual server
cannot scale up because its underlying
physical server host is being used by
other virtual servers (2).

Hypervisor

Case Study Example…

 Resource Cluster
Case Study Example…

• A virtual server capable of auto-scaling experiences an

increase in its workload (1).
• The VIM decides that the virtual server cannot scale up because • Cloud-based IT resources that are geographically diverse can be
its underlying physical server host is being used by other
virtual servers (2). logically combined into groups to improve their allocation and
• The VIM commands the hypervisor on the busy physical server use.
to suspend execution of the virtual server (3). The VIM then • The resource cluster mechanism is used to group multiple IT
commands the instantiation of the virtual server on the idle resource instances so that they can be operated as a single IT
physical server.
resource.
• State information (such as dirty memory pages and processor
registers) is synchronized via a shared cloud storage device • Improves
(4). – computing capacity,
• The VIM commands the hypervisor at the new physical server to
resume the virtual server processing (5). – load balancing, and
– availability of the clustered IT resources

Resource Cluster
Resource Cluster Types
Resource Cluster
• Server Cluster
• Resource cluster architectures rely on high-speed dedicated – Physical or virtual servers are clustered to increase
network connections, or cluster nodes, between IT resource performance and availability.
instances to communicate about – Virtual servers are able to live migrate from one to another
– workload distribution,
• Database Cluster
– task scheduling,
– data sharing, – Designed to improve data availability
– system synchronization. – Synchronization feature maintains the consistency of
• cluster management platform is data being stored at different storage devices used in the
– A distributed middleware runs in all of the cluster nodes cluster.
– Responsible for workload distribution, task scheduling, • Large Dataset Cluster
data sharing, system synchronization
– Data partitioning and distribution is implemented so thatthe
– coordination function: allows distributed IT resources to
appear as one IT resource, target datasets can be efficiently partitioned without
– Executes IT resources inside the cluster. compromising data integrity or computing accuracy.
 Resource Cluster
Load balancing and resource replication are implemented
through a cluster-enabled hypervisor. A dedicated storage area
network is used to connect the clustered storage and the clustered
servers, which are able to share common cloud storage devices. This
simplifies the storage replication process, which is independently
carried out at the storage cluster.

Loosely Coupled vs tightly coupled servers

• The cluster nodes in high availability cluster architectures
need to access and share common storage IT resources.
• This can require two layers of communication between the
nodes—one for accessing the storage device and another to
execute IT resource orchestration
• Some resource clusters are designed with more loosely coupled
IT resources that only require the network layer

A loosely coupled server cluster that incorporates a load

balancer. There is no shared storage.
Resource replication is used to replicate cloud storage devices
through the network by the cluster software.
Two basic types of resourceclusters
Case Study Example
• Load Balanced Cluster
– Distributes workloads among cluster nodes to
increase IT resource capacity • DTGOV is considering introducing a clustered virtual server to
run in a high-availability cluster as part of the virtualization
– Provides centralization of IT resource platform
management. • The virtual servers can live migrate among the physical
• HA Cluster (high-availability cluster ) servers, which are pooled in a high- availability hardware
– Maintains system availability in the event of multiple node cluster that is controlled by coordinated cluster-enabled
failures, hypervisors.
– Provides redundant implementations of clustered IT • The coordination function keeps replicated snapshots of the
resources. running virtual servers tofacilitate migration to other physical
– A failover system monitors failure conditions and servers in the event of a failure.
automatically redirects the workload away from any failed
nodes.

An HA virtualization cluster of physical servers is deployed using acluster-enabled

hypervisor, which guarantees that the physical servers are constantly in sync.
Every virtual server that is instantiated in the cluster is automatically
replicated in at least two physical servers.
 All of the virtual servers that are hosted on a physical server
experiencing failure are automatically migrated to other physical
servers.

Multi-Device Broker

• A multi-device broker contains the mapping logic necessary to Multi-Device Broker …

transform data exchanges between a cloud service and different
types of cloud service consumer devices
• An individual cloud service may need to be accessed by a
range of cloud service consumers differentiated by their
hosting hardware devices and/or communication
requirements.
– To overcome incompatibilities between a cloud service and a
disparate cloud service consumer, mapping logic needs to be
created to transform (or convert) information that is
exchanged at runtime.
– The multi-device broker mechanism is used to facilitate
runtime data transformation so as to make a cloud service
accessible to a wider range of cloud service consumer
programs and devices.
 Multi-Device Broker …

A multi-device broker contains the mapping logic necessary to transform data exchanges • Multi-device brokers commonly exist as gateways or
between a cloud service and different typesof cloud service consumer devices.This scenario incorporate gatewaycomponents, such as:
depicts the multi- device broker as a cloud service with its own API.This mechanism canalso 1. XML Gateway – transmits and validates XML data
be implemented as a service agent that intercepts messages at runtime to perform
2. Cloud Storage Gateway – transforms cloud storage protocols
necessary transformations.
and encodes storage devices to facilitate data transfer and
storage
3. Mobile Device Gateway – transforms the communication
protocols used by mobile devices into protocols that are
compatible with a cloud service

Multi-Device Broker … Multi-Device Broker

• The levels at which transformation logic can be created Case Study Example
include: • Innovartus has decided to make its role-playing application
available to various mobile and smartphone devices. A
– transport protocols complication that hindered Innovartus’ development team
– messaging protocols during the mobile enhancement design stage was the difficulty
in reproducing identical user experiences across different mobile
– storage device protocols platforms. To resolve this issue, Innovartus implements a multi-
– data schemas/data models device broker to intercept incoming messages from devices,
identify the software platform, and convert the message format
• A multi-device broker may contain mapping logic that coverts into the native, server-side application format.
both transport and messaging protocols for a cloud service
consumer accessing a cloud service with a mobile device.
 Case Study Example
The multi-device broker intercepts incoming messages and detects the platform (Web
browser, iOS, Android) of the source device (1).
The multidevice broker transforms the message into the standard format required by
the Innovartus cloud service (2).
The cloud service processes the request and responds using the same standard format
(3).
The multi-device broker transforms the response message into the format required bythe
source device and delivers the message (4).

State Management Database State Management Database

• Storage device that is used to temporarily

persist state data for software programs.
• An alternative to caching state data in
memory
• Software programs
– off-load state data to the database in order to reduce the
amount of runtime memory they consume.
– By doing so, the software programs become more scalable.
• Used by long-running runtime activities.
State Management Database State Management Database
During the lifespan of a cloud service instance it may be required to
remain stateful and keep state data cached in memory, even when
idle.

State Management Database

By deferring state data to a state repository, the cloud service is able to transition to a
stateless condition (or a partially stateless condition), thereby temporarily freeing
system resources.
 State Management DatabaseCase
Study Example …
State Management Database

Case Study Example

• ATN is expanding its ready-made environment architecture to
allow for the deferral of state information for extended periods by
utilizing the statemanagement database mechanism.
• Following figures demonstrates how a cloud service consumer
working with a ready-made environment pauses activity,
causing the environment to off-load cached state data.

The cloud consumer accesses the ready-made environment and requires three virtual
servers to perform all activities (1).
The cloud consumer pauses activity. All of the state data needs to be preserved for
future access to the ready-made environment (2).
The underlying infrastructure is automatically scaled in by reducing the number of
virtual servers.
State data is saved in the state management database and one virtual server remains
active to allow for future logins by the cloud consumer (3).
 State Management Database
Case Study Example …
• The cloud consumer accesses the ready-made environment
and requires three virtual servers to perform all activities (1).
• The cloud consumer pauses activity. All of the state data
needs to be preserved for future access to the ready-made
environment (2).
• The underlying infrastructure is automatically scaled in by
At a later point, the cloud consumer logs in and accesses the ready-made environment reducing the number of virtual servers.
to continue activity (4). • State data is saved in the state management database and
The underlying infrastructure is automatically scaled out by increasing the number of one virtual server remains active to allow for future logins by
the cloud consumer (3).
virtual servers and by retrieving the statedata from the state management database
• At a later point, the cloud consumer logs in and accesses the
(5). ready-made environment to continue activity (4).
• The underlying infrastructure is automatically scaled out by
increasing the number of virtual servers and by retrieving the
state data from the state management database (5).

Module 5

• Multi Device Broker - State Management Database –

• Cloud Management Mechanism: Remote Administration
System, Resource Management System, SLA Management
System, Billing Management System.

Cloud Management Systems

Multi Device Broker - State Management Database , Cloud
Management Mechanism

Module 5
 Cloud Management Mechanisms

• Cloud-based IT resources need to be set up,

configured, maintained, and monitored.
• The following management-related mechanisms are
used in Cloud
• 9: Cloud Management Mechanisms – Remote Administration System
– 9.1 Remote Administration System – Resource Management System
• Case Study Example – SLA Management System
– 9.2 Resource Management System – Billing Management System
• Case Study Example • These systems typically provide integrated APIs
and can be offered as
– 9.3 SLA Management System
– individual products
• Case Study Example
– custom applications, or
– 9.4 Billing Management System
– combined into various product suites or
• Case Study Example
multifunction applications.

Remote Administration System

• Provides tools and user-interfaces for external cloud resource

administrators to configure and administer cloud-based IT
resources.

• A remote administration system can establish a portal for

access to administration and management features of various
underlying systems,
– Resource management,
– SLA management,
– Billing management systems
The remote administration system abstracts underlying management systems to
expose and centralize administration controls to external cloud resource Remote Administration System …
administrators.
The system provides a customizable user console, while programmatically
interfacing with underlying management systems via their APIs.
• Two primary types of portals that are created with the remote
administration system:
• Usage and administration portal
– Centralizes management controls to different cloud-based
IT resources
– Further provide IT resource usage reports.
• Self-service portal
– Allows cloud consumers to search an up-to-date list of cloud
services and it resources that are available from a cloud
provider.
– The cloud consumer submits its chosen items to
the cloud provider for provisioning.

Remote Administration System … Remote Administration System …

new
 Remote Administration System … Remote Administration System …

• A cloud resource administrator uses the usage and

administration portal to configure an already leased virtual
server (not shown) to prepare it for hosting (1).
• The cloud resource administrator then uses the self- service
portal to select and request the provisioning of a new cloud
service (2).
• The cloud resource administrator then accesses the usage and
administration portal again to configure the newly
provisioned cloud service that is hosted on the virtual server
(3).
a scenario involving a remote administration system and both • Throughout these steps, the remote administration system
usage and administration and self-service portals interacts with the necessary management systems to perform
the requested actions (4).

Remote Administration System

…
Remote Administration System …
Depending on:
Tasks performed by cloud consumers via a remote – The type of cloud product or cloud delivery model the cloud
administration console: consumer is leasing or using from the cloud provider,
• Configuring and setting up cloud services – The level of access control granted by the cloud provider to the
• Provisioning and releasing IT resource for on-demand cloud cloud consumer, and
services – Which underlying management systems the remote
• Monitoring cloud service status, usage, and performance administration system interfaces with
• Monitoring qos and SLA fulfillment
• Managing leasing costs and usage fees
• Managing user accounts, security credentials, authorization,
and access control
• Tracking internal and external access to leased services
• Planning and assessing IT resource provisioning
• Capacity planning
Remote Administration System …

Standardized APIs published by remote administration

systems from different clouds enable a cloud consumer to
develop a custom portal that centralizes a single IT resource
management portal for both cloud-based and onpremise IT
resources.

Remote Administration System

… Remote Administration System …
• Advantage of standardized APIs over Propreitary Uis
– A cloud consumer can create own front-end late it can be Case Study Example
reused if it decides to move to another cloud provider that DTGOV has been offering its cloud consumers a user-friendly
supports the samestandardized API. remote administration system for some time, and recently
determined that upgrades are required in order to accommodate the
– The cloud consumer would be able to centrally administer growing number of cloud consumers and increasing diversity of
IT resources from multiple cloud providers and/or IT requests.
resources residing in cloud and on-premise environments.
DTGOV is planning a development project to extend the remote
– User-interface provided by the remote administration system administration system to fulfill the following requirements:
will tend to be proprietary to the cloud provider – Cloud consumers need to be able to self-provision virtual
servers and virtual storage devices.
– A single sign-on mechanism needs to be incorporated to
centrally authorize and control cloud consumer access.
– An API that supports the provisioning, starting, stopping,
releasing, updown scaling, and replicating of commands
for virtual servers and cloud storage devices needs to be
exposed.
In support of these features, a self-service portal is developed and
the feature-set of DTGOV’s existing usage and administration
portal is extended.
Resource Management System Resource Management System

• A resource management system encompassing a VIM

• Helps coordinate IT resources in response platform and a virtual machine image repository.
– to management actions performed by both cloud • The VIM may have additional repositories, including one
consumers and cloud providers
dedicated to storing operational data.
• Core to this system is the virtual infrastructure manager
(VIM)
– VIM coordinates the server hardware so that virtual server
instances can be created from the mostexpedient/convenient
underlying physical server.
– A VIM manages a range of virtual IT resources across
multiple physical servers.
– A VIM creates and manages multiple instances of a
hypervisor across different physical servers or allocate a
virtual server on one physical server to another (or to a
resource pool).

Resource Management System Resource Management System

• Tasks that are typically automated and implemented • Resource management system functions can be accessed by
through the resource management system include: cloud resource administrators employed by the cloud provider
– Managing virtual IT resource templates that are used to create or cloud consumer.
pre-built instances, such as virtual server images – Cloud resource administrators employed by the cloud
– Allocating and releasing virtual IT resources into the provider can access the resource management system’s
available physical infrastructure in response to the native console.
starting, pausing, resuming, and termination of virtual IT
resource instances – Cloud resource administrators employed by the cloud
– Coordinating IT resources in relation to the involvement of consumer can access usage and administration portals
other mechanisms, such as resource replication, load balancer, built using APIs of Resource management systems .
and failover system
– Enforcing usage and security policies throughout the
lifecycle of cloud service instances
– Monitoring operational conditions of IT resources
Resource Management System Resource Management System

The cloud consumer’s cloud resource administrator accesses a usage and administration
portal externally to administer a leased IT resource(1).
The cloud provider’s cloud resource administrator uses the nativeuser-interface
provided by the VIM to perform internal resource management tasks (2).

Resource Management System Resource Management System

Case Study Example Case Study Example …

The DTGOV resource management system is an extension of a The DTGOV resource management system is an extension of a
new VIM product it purchased, and provides the following new VIM product it purchased, and provides the following
primary features ….
primary features:
• An API for the creation and management of virtual servers
– Management of virtual IT resources with a flexible allocation and virtual storage devices
of pooled IT resources across different datacenters • An API for the creation of network access control rules
– Management of cloud consumer databases • An API for the up-down scaling of virtual IT resources
• An API for the migration and replication of virtual IT
– Isolation of virtual IT resources at logical perimeter resources across multiple data centers
networks • Interoperation with a single sign-on mechanism through an
– Management of a template virtual server image inventory LDAP (lightweight directory access protocol) interface
available for immediate instantiation • Custom-designed SNMP (simple network management
protocol) command scripts are further implemented to
– Automated replication (“snapshotting”) of virtual server interoperate with the network management tools to establish
images for virtual server creation isolated virtual networks across multiple data centers.
– Automated up-down scaling of virtual servers according to
usage thresholds to enable live VM migration among
physical servers
 SLA Management System SLA Management System

• Provides features like administration, collection, storage, • An SLA management system has
reporting, and runtime notification of SLA data – A repository used to store and retrieve collected
SLA data
• An SLA management system has
• Done based on pre-defined metrics and reporting
– An SLA manager parameters.
– A QoS measurements repository. – One or more SLA monitor mechanisms
• To collect the SLA data that can then be made
available in near-real time to usage and administration
portals to provide on-going feedback regarding active
cloud services.
• The metrics monitored for individual cloud services are aligned
with the SLA guaranteesin corresponding cloud provisioning
contracts.

SLA Management System

SLA Management System

• A cloud service consumer interacts with a cloud service
(1).
• An SLA monitor intercepts the exchanged messages, evaluates
the interaction, and collects relevant runtime data in relation
to quality-of-service guarantees defined in the cloud service’s
SLA (2A).
• The data collected is stored in a repository (2B) that is
part of the SLA management system (3).
• Queries can be issued and reports can be generated for an
external cloud resource administrator via a usage and
administration portal (4) or
• for an internal cloud resource administrator via the SLA
management system’s native user-interface (5).
SLA Management System SLA Management System
individual IT resources. Information about each IT resource
can only be accessed by the cloud provider and the cloud
consumer leasing or owning the IT resource.
Case Study Example …
– Per-Cloud Consumer SLA Report – This report consolidates
• DTGOV implements an SLA management system that
and summarizes SLA statistics for cloud consumer IT
interoperates with its existing VIM. This integration allows
resources, including downtimes and other timestamped
DTGOV cloud resource administrators to monitor the
SLA events.
availability of a range of hosted IT resources via SLA
monitors. DTGOV works with the SLA management system’s
report design features to create the following pre-defined reports
that are made available via custom dashboards:
– Per-Data Center Availability Dashboard – Publicly
accessible, dashboard shows the overall operational
conditions of each group of IT resources at each data center,
in realtime.
– Per-Cloud Consumer Availability Dashboard – This
dashboard displays realtime operational conditions of

Billing Management System Billing Management System

• Collects and processes usage data • A billing management system comprised of
– For cloud provider accounting
– A pricing and contract manager
– For cloud consumer billing.
– A pay-per-use measurements repository.
• Billing management system
– Uses pay-peruse monitors to gather
runtime usage data
– This usage data is stored in a repository
– Then this usage data is retrieved for
billing, reporting, and invoicing purposes.
 Billing Management System

Billing Management System

• A cloud service consumer exchanges messages with a cloud
service (1).
• A pay-per-use monitor keeps track of the usage and collects
data relevant to billing (2A),
• which is forwarded to a repository that is part of the billing
management system (2B).
• The system periodically calculates the consolidated cloud service
usage fees and generates an invoice for the cloud consumer (3).
• The invoice may be provided to the cloud consumer through the
usage and administration portal (4).

Billing Management System Billing Management System

• Pricing models Case Study Example
– Traditional pay-per-use models,
DTGOV decides to establish a billing management system that
– Flat-rate
enables them to create invoices for custom-defined billable events,
– Pay-per-allocation modes,
such as subscriptions and IT resource volume usage. The billing
– Combinations
management system is customized with the necessary events
– Custom pricing models on a per cloud consumer
and/or per IT resource basis and pricing scheme metadata.
• Payments It includes the following two corresponding proprietary databases:
– Pre-usage and post-usage payments. –billable event repository
– Post-usage payments
–pricing scheme repository
• Has pre-defined limits
– Usage quotas.
– Usage is blocked if quotas are exceeded.
• Unlimited usage
Billing Management System …

Case Study Example …

• Usage events are collected from pay-per-use monitors that are
implemented as extensions to the VIM platform.
–Thin-granularity usage events, such as virtual server
starting, stopping, up-down scaling, and decommissioning,
are stored in a repository managed by the VIM platform.
• The pay-per-use monitors report billable events periodically
• Either a standard or customized pricing model is applied to
cloud consumer contracts.