SlideShare a Scribd company logo

ARCHITECTING TENANT BASED QOS IN MULTI-TENANT CLOUD PLATFORMS

Arun prasath
Arun prasath

Achieving QOS in a multi-tenant cloud platforms is still a difficult task and many companies follow different approaches to solve this problem. Here in this document I tried architecting a simple solution for achieving different QOS for different tenants in a Multi-tenant cloud environment based on my experiments with containers , docker and cgroup on Openstack.

1 of 14
Downloaded 46 times
ARCHITECTING TENANT BASED QOS IN MULTI-TENANT CLOUD PLATFORMS - Arun prasath S
2
3 Table of Contents Introduction 4 Problem statement 4 Solution overview 5 Goals 5 Typical implementation in production environment 6 Linux Containers 8 Components of LXC 8 Control group (cgroup) 9 Subsystems 10 blkio Subsystem 10 CPU Subsystem 10 Memory Subsystem 10 Python Controller 11 Puppet 12 Docker 13 Other options 13 Summary 14 References 14
4 Introduction Achieving QOS in a multi-tenant cloud platforms is still a difficult task and many companies follow different approaches to solve this problem. Here in this document I tried architecting a simple solution for achieving different QOS for different tenants in a Multi-tenant cloud environment based on my experiments. Problem statement Openstack steps into platform as service by introducing a new component ‘Trove’ Database as Service (DBaaS) offering in its upcoming Icehouse release. But Openstack announced that Trove will be operating as Single tenant service (Which means, for each Database instance, a new VM will be created). This is a costly affair for cloud service providers and also resources may not be used efficiently in this scenario. Many big cloud service providers like Google and Amazon provides options for the same DBaaS as a multi-tenant service. In this case, many instances of the DB will run in a single virtual machine. This reduces the cost of running extra virtual machines. But it also have few problems like QOS, security and isolation. The QOS factors are CPU, Memory, IOPS (Input/Output Operations per second) etc. More than one DB instance will be running in a single machine. In worst case scenarios one DB Instance may end up eating large amount of resources which greatly affects other DB Instances. We need to guarantee the QOS as mentioned in the SLA. Since more than one DB Instance will be running in a single machine, we have some security considerations. When one customer’s database gets affected it must not affect other instances. Also consumers in Single tenant are charged based on their usages like number of IO, total space, CPU, memory etc. But when it comes to multi-tenant it’s hard to estimate the usage as more than one DB instance will be running in a single virtual machine. In another perspective, the existing solution of creating each VM for each customer has a drawback of running separate operating system for each customer. This separate operating system is an extra load for the service provider as it need a lot of data space and memory.
5 Solution overview In my proposed solution, I used Linux containers running inside a virtual machines for isolation DB Instances. Each database instance will be running inside a Container. Therefore we can achieve true isolation, resources can be controlled and metering is also quite easy. With cgroup feature we can control the IOPS of the container and thereby we can offer different service level (IOPS) for different tenants. Existing offering (In Openstack Trove) Proposed solution Goals  Tenant based QOS  Multi tenancy  True resource isolation for DB Instances  Perfect metering  Automation
6 Typical implementation in production environment This is a typical implementation in the production environment. The user requests for a database instance using the dashboard. Once when the request is initiated, the Python controller gets the resources specified for a particular flavor in Nova and then consolidates the existing containers. If there is space available in the any virtual machines, the container is created there. Or else a new nova virtual machine is created and then the container is created in that virtual machine with the user specified parameters (CPU, RAM and IOPS).
7 Each time a virtual machine is created, it is discovered by puppet and the container software (LXC or Docker) is installed. Each time a container is created, MySQL is installed. After the creation and provisioning of the containers the users are provided the access to the database. (IP Address, MySQL username and password). The above is a modular approach in provisioning server. However for smaller companies the architecture can be simplified by using pre-built vagrant or golden images. The following is the brief of all the components mentioned above.
8 Linux Containers Linux containers provide light weight operating system level virtualization which isolates processes and resources in a simpler way compared to full-scale virtual machines. LXC works in the way similar to virtualization but with the difference that it don’t need separate kernel instance. It allows us to create many number of sand box environment which is completely isolated from the host and other containers. Components of LXC  Namespaces – Used to provide process isolation  cgroups – Used to control System management and resource control  SELinux – Ensures isolation between host and the container and also Individual containers  Libvirt- Tool box to manage containers Since QOS is our primary objective, we are going to focus more on control groups.
9 Control group (cgroup) Control group is a kernel feature to limit the resources like CPU, System memory and network bandwidth among the user-defined groups of tasks. For example, we can limit a MySQL instance from using all memory. In the same way we can guarantee that the MySQL instance gets the specified resource. In this architecture, I am using cgroup feature on Linux containers to isolate DB Instances and guarantee the minimum QOS for the customer. Limits for a particular container is defined in the containers configuration file. Hence we can allocate different resources for different containers based on customer requirements. In our scenario the containers will be running as process and the processes inside the containers will be running as the sub process.
10 Subsystems Subsystems are kernel modules that are aware of cgroups. They are resource controllers that allocate varying level of system resources to different cgroups. The following are the subsystems of cgroup. blkio Subsystem The Block I/O subsystem controls and monitors access to I/O on block devices by tasks in cgroups. It offers features like proportional weight division and I/O throttling (Upper limit). Common parameters: blkio.throttle.read_iops_device - specifies the upper limit on the number of read operations a device can perform blkio.throttle.read_bps_device - specifies the upper limit on the number of read operations a device can perform blkio.throttle.write_bps_device - specifies the upper limit on the number of write operations a device can perform CPU Subsystem The cpu subsystem schedules CPU access to cgroups. Common parameters: cpu.shares - contains an integer value that specifies a relative share of CPU time available to the tasks in a cgroup cpu.rt_period_us - specifies a period of time in microseconds (µs, represented here as "us") for how regularly a cgroup's access to CPU resource should be reallocated Memory Subsystem The memory subsystem generates automatic reports on memory resources used by the tasks in a cgroup, and sets limits on memory use by those tasks Common parameters: memory.usage_in_bytes - reports the total current memory usage by processes in the cgroup (in bytes) memory.max_usage_in_bytes - reports the maximum memory used by processes in the cgroup (in bytes) memory.limit_in_bytes - sets the maximum amount of user memory There are also various other subsystems like cpuacct, cpuset, devices, freezer etc. Those can be used in our scenario for enhanced configurations.
11 Python Controller In a fresh Openstack environment when a user requests an instance, a new VM is created. But in our case we need to provision containers. Hence we need to modify the normal Openstack work flow. One popular way to do this is via REST based API. Since I am a python guy, I am doing this via Python APIs provided by Openstack. All details of the containers created by the users is saved in the local MySQL database. In this scenario, the user is shown a dashboard or a form for database provisioning. When the user requests the instance, this python controller takes control. It gets the flavor details we used to build nova VM by enquiring Openstack. Then it consolidates the containers provisioned by using the local database. If it could not find any space, then a new nova VM is created using API calls and then the process continues. If existing VM has necessary resource to provision a container, then the container is created in that existing VM. The following is a sample python code for creating an Instance. Initially we can set the resource level options for any particular flavor. nova-manage flavor set_key --name m1.small --key quota:disk_read_bytes_sec --value 10240000 nova-manage flavor set_key --name m1.small --key quota:disk_write_bytes_sec --value 10240000
12 Puppet Openstack can provide any number of machines based on demand. But to get all those machines into production (Installing required softwares like LXC or Docker in our scenario), we need some automation. There are various automation tools for change and configuration management. In this scenario I used puppet. Puppet can manage our servers. In a puppet environment, we describe the necessary machine state in a declarative code. Puppet clients connects to the server and ensures that they are in the state described by the manifest file in server. In our scenario we will be defining manifests for installing LXC or Docker. Once after the necessary container is installed we bring the container under control of puppet for software (MySQL) installation. Puppet manifest for MySQL is available in Github.
13 Docker Docker is an open source developer-friendly abstraction layer on the top of Linux containers (LXC). Docker gives a simple and meaningful layer to play with containers in a cloud environment. By using Docker we can actually build containers, use it and make changes based on our need, push our used containers to the Docker repository and pull any time and any number of time for further usage. This means a lot in a PAAS market. In a high level terminology, Docker can automate the deployment of applications as highly portable, self-sufficient containers which are independent of hardware, language, framework, packaging system and hosting provider. Docker also provides drivers for Openstack which embeds with Nova and provides ability to work with containers along with nova virtual machines. Since most Openstack production environment need to instantiate various different operating systems, we can have a work around and achieve our need. In this scenario we are going to run a Docker or LXC on the top of a virtual machine. Docker, along with puppet or chef can be very useful for the Platform as a Service providers. They are very useful in automated provisioning of platforms required for developers, in a very convenient and sophisticated way. Thus making operations team work much easier. Other options The above method is one way of creating multi-tenant cloud environment. But there are many number of ways to achieve it using various other options. Rackspace uses OpenVZ to build their cloud platforms. They uses OpenVZ to contain their customers database and for resource isolation. OpenVZ has many advantages over LXC. Resource allocation is made simple in OpenVZ. (i.e. Guaranteed RAM and Burstable RAM are specified using simple commands ). Live migrations are quite easy in OpenVZ when compared to LXC. Oracle follows an interesting architecture in its DBaaS offering. They created a customized ‘Container Database’. All the customer databases are in Pluggable database (PDB) format and they can be plugged to the container database and can work on.
14 Summary Thus the tenant based QOS feature is achieved in a multi-tenant cloud platform. I haven’t mentioned about some other features and drawbacks like migration, scale up, high availability etc. All those drawbacks can be rectified by having some workaround in the architecture. References 1) Linux Plumbers Conference 2013, Rackspace session 2) http://www.kernel.org/doc/Documentation/cgroups 3) http://docs.openstack.org/developer/trove/ 4) https://help.ubuntu.com/lts/serverguide/lxc.html 5) http://wwwkemper.informatik.tu-uenchen.de/research/publications/conferences/sigmod2008- mtd.pdf 6) http://blog.docker.io/2013/10/gathering-lxc-docker-containers-metrics/ 7) http://www.vldb.org/pvldb/vol7/p37-das.pdf
Ad

Recommended

Java 8 고급 (6/6)
Java 8 고급 (6/6)Java 8 고급 (6/6)
Java 8 고급 (6/6)
Kyung Koo Yoon
 
Docker vs kvm
Docker vs kvmDocker vs kvm
Docker vs kvm
Wilson Cunalata
 
The Case For Docker In Multi-Cloud Enabled Bioinformatics Applications
The Case For Docker In Multi-Cloud Enabled Bioinformatics ApplicationsThe Case For Docker In Multi-Cloud Enabled Bioinformatics Applications
The Case For Docker In Multi-Cloud Enabled Bioinformatics Applications
Ahmed Abdullah
 
Supporting bioinformatics applications with hybrid multi-cloud services
Supporting bioinformatics applications with hybrid multi-cloud servicesSupporting bioinformatics applications with hybrid multi-cloud services
Supporting bioinformatics applications with hybrid multi-cloud services
Ahmed Abdullah
 
Introduction to Apache ZooKeeper
Introduction to Apache ZooKeeperIntroduction to Apache ZooKeeper
Introduction to Apache ZooKeeper
Saurav Haloi
 
Kubernetes in 30 minutes (2017/03/10)
Kubernetes in 30 minutes (2017/03/10)Kubernetes in 30 minutes (2017/03/10)
Kubernetes in 30 minutes (2017/03/10)
lestrrat
 
Open stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzlyOpen stack day 2014 havana from grizzly
Open stack day 2014 havana from grizzly
Choe Cheng-Dae
 
Devoxx France 2018 : Mes Applications en Production sur Kubernetes
Devoxx France 2018 : Mes Applications en Production sur KubernetesDevoxx France 2018 : Mes Applications en Production sur Kubernetes
Devoxx France 2018 : Mes Applications en Production sur Kubernetes
Michaël Morello
 
CloudStackユーザ会〜仮想ルータの謎に迫る
CloudStackユーザ会〜仮想ルータの謎に迫るCloudStackユーザ会〜仮想ルータの謎に迫る
CloudStackユーザ会〜仮想ルータの謎に迫る
samemoon
 
Tutorial ceph-2
Tutorial ceph-2Tutorial ceph-2
Tutorial ceph-2
Tommy Lee
 
chubby_osdi06
chubby_osdi06chubby_osdi06
chubby_osdi06
Hiroshi Ono
 
Docker storage drivers by Jérôme Petazzoni
Docker storage drivers by Jérôme PetazzoniDocker storage drivers by Jérôme Petazzoni
Docker storage drivers by Jérôme Petazzoni
Docker, Inc.
 
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating SystemOSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
NETWAYS
 
LXF #102 - Linux Virtual Server
LXF #102 - Linux Virtual Server LXF #102 - Linux Virtual Server
LXF #102 - Linux Virtual Server
guest69bec2
 
Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...
Jérôme Petazzoni
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Eueung Mulyana
 
OSv at Cassandra Summit
OSv at Cassandra SummitOSv at Cassandra Summit
OSv at Cassandra Summit
Don Marti
 
Changelog e athena
Changelog e athenaChangelog e athena
Changelog e athena
srwawa12
 
Project Final Report
Project Final ReportProject Final Report
Project Final Report
Kaushik Padmanabhan
 
Unix Automation using centralized configuration management tool
Unix Automation using centralized configuration management toolUnix Automation using centralized configuration management tool
Unix Automation using centralized configuration management tool
Torrid Networks Private Limited
 
On MongoDB backup
On MongoDB backupOn MongoDB backup
On MongoDB backup
William Yeh
 
Kubernetes
KubernetesKubernetes
Kubernetes
erialc_w
 
CoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love SystemdCoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love Systemd
Richard Lister
 
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Jérôme Petazzoni
 
Kubernetes #2 monitoring
Kubernetes #2 monitoring Kubernetes #2 monitoring
Kubernetes #2 monitoring
Terry Cho
 
OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...
OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...
OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...
NETWAYS
 
Zookeeper In Simple Words
Zookeeper In Simple WordsZookeeper In Simple Words
Zookeeper In Simple Words
Fuqiang Wang
 
Kubernetes From Scratch .pdf
Kubernetes From Scratch .pdfKubernetes From Scratch .pdf
Kubernetes From Scratch .pdf
ssuser9b44c7
 
Intro to Kubernetes
Intro to KubernetesIntro to Kubernetes
Intro to Kubernetes
Joonathan Mägi
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Paris Apostolopoulos
 
Ad

More Related Content

What's hot (19)

CloudStackユーザ会〜仮想ルータの謎に迫る
CloudStackユーザ会〜仮想ルータの謎に迫るCloudStackユーザ会〜仮想ルータの謎に迫る
CloudStackユーザ会〜仮想ルータの謎に迫る
samemoon
 
Tutorial ceph-2
Tutorial ceph-2Tutorial ceph-2
Tutorial ceph-2
Tommy Lee
 
chubby_osdi06
chubby_osdi06chubby_osdi06
chubby_osdi06
Hiroshi Ono
 
Docker storage drivers by Jérôme Petazzoni
Docker storage drivers by Jérôme PetazzoniDocker storage drivers by Jérôme Petazzoni
Docker storage drivers by Jérôme Petazzoni
Docker, Inc.
 
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating SystemOSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
NETWAYS
 
LXF #102 - Linux Virtual Server
LXF #102 - Linux Virtual Server LXF #102 - Linux Virtual Server
LXF #102 - Linux Virtual Server
guest69bec2
 
Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...
Jérôme Petazzoni
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Eueung Mulyana
 
OSv at Cassandra Summit
OSv at Cassandra SummitOSv at Cassandra Summit
OSv at Cassandra Summit
Don Marti
 
Changelog e athena
Changelog e athenaChangelog e athena
Changelog e athena
srwawa12
 
Project Final Report
Project Final ReportProject Final Report
Project Final Report
Kaushik Padmanabhan
 
Unix Automation using centralized configuration management tool
Unix Automation using centralized configuration management toolUnix Automation using centralized configuration management tool
Unix Automation using centralized configuration management tool
Torrid Networks Private Limited
 
On MongoDB backup
On MongoDB backupOn MongoDB backup
On MongoDB backup
William Yeh
 
Kubernetes
KubernetesKubernetes
Kubernetes
erialc_w
 
CoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love SystemdCoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love Systemd
Richard Lister
 
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Jérôme Petazzoni
 
Kubernetes #2 monitoring
Kubernetes #2 monitoring Kubernetes #2 monitoring
Kubernetes #2 monitoring
Terry Cho
 
OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...
OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...
OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...
NETWAYS
 
Zookeeper In Simple Words
Zookeeper In Simple WordsZookeeper In Simple Words
Zookeeper In Simple Words
Fuqiang Wang
 
CloudStackユーザ会〜仮想ルータの謎に迫る
CloudStackユーザ会〜仮想ルータの謎に迫るCloudStackユーザ会〜仮想ルータの謎に迫る
CloudStackユーザ会〜仮想ルータの謎に迫る
samemoon
 
Tutorial ceph-2
Tutorial ceph-2Tutorial ceph-2
Tutorial ceph-2
Tommy Lee
 
chubby_osdi06
chubby_osdi06chubby_osdi06
chubby_osdi06
Hiroshi Ono
 
Docker storage drivers by Jérôme Petazzoni
Docker storage drivers by Jérôme PetazzoniDocker storage drivers by Jérôme Petazzoni
Docker storage drivers by Jérôme Petazzoni
Docker, Inc.
 
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating SystemOSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
NETWAYS
 
LXF #102 - Linux Virtual Server
LXF #102 - Linux Virtual Server LXF #102 - Linux Virtual Server
LXF #102 - Linux Virtual Server
guest69bec2
 
Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...
Jérôme Petazzoni
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Eueung Mulyana
 
OSv at Cassandra Summit
OSv at Cassandra SummitOSv at Cassandra Summit
OSv at Cassandra Summit
Don Marti
 
Changelog e athena
Changelog e athenaChangelog e athena
Changelog e athena
srwawa12
 
Project Final Report
Project Final ReportProject Final Report
Project Final Report
Kaushik Padmanabhan
 
Unix Automation using centralized configuration management tool
Unix Automation using centralized configuration management toolUnix Automation using centralized configuration management tool
Unix Automation using centralized configuration management tool
Torrid Networks Private Limited
 
On MongoDB backup
On MongoDB backupOn MongoDB backup
On MongoDB backup
William Yeh
 
Kubernetes
KubernetesKubernetes
Kubernetes
erialc_w
 
CoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love SystemdCoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love Systemd
Richard Lister
 
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Jérôme Petazzoni
 
Kubernetes #2 monitoring
Kubernetes #2 monitoring Kubernetes #2 monitoring
Kubernetes #2 monitoring
Terry Cho
 
OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...
OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...
OpenNebula Conf 2014 | Using Ceph to provide scalable storage for OpenNebula ...
NETWAYS
 
Zookeeper In Simple Words
Zookeeper In Simple WordsZookeeper In Simple Words
Zookeeper In Simple Words
Fuqiang Wang
 

Similar to ARCHITECTING TENANT BASED QOS IN MULTI-TENANT CLOUD PLATFORMS (20)

Kubernetes From Scratch .pdf
Kubernetes From Scratch .pdfKubernetes From Scratch .pdf
Kubernetes From Scratch .pdf
ssuser9b44c7
 
Intro to Kubernetes
Intro to KubernetesIntro to Kubernetes
Intro to Kubernetes
Joonathan Mägi
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Paris Apostolopoulos
 
prodops.io k8s presentation
prodops.io k8s presentationprodops.io k8s presentation
prodops.io k8s presentation
Prodops.io
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with Components
Ajeet Singh
 
A Survey of Performance Comparison between Virtual Machines and Containers
A Survey of Performance Comparison between Virtual Machines and ContainersA Survey of Performance Comparison between Virtual Machines and Containers
A Survey of Performance Comparison between Virtual Machines and Containers
prashant desai
 
Kubernetes: My BFF
Kubernetes: My BFFKubernetes: My BFF
Kubernetes: My BFF
Jonathan Yu
 
Openstack_administration
Openstack_administrationOpenstack_administration
Openstack_administration
Ashish Sharma
 
stupid-simple-kubernetes-final.pdf
stupid-simple-kubernetes-final.pdfstupid-simple-kubernetes-final.pdf
stupid-simple-kubernetes-final.pdf
DaniloQueirozMota
 
Container & kubernetes
Container & kubernetesContainer & kubernetes
Container & kubernetes
Ted Jung
 
Kubernetes
KubernetesKubernetes
Kubernetes
Lhouceine OUHAMZA
 
Unleashing k8 s to reduce complexities of an entire middleware platform
Unleashing k8 s to reduce complexities of an entire middleware platformUnleashing k8 s to reduce complexities of an entire middleware platform
Unleashing k8 s to reduce complexities of an entire middleware platform
Lakmal Warusawithana
 
Google Cloud Platform Kubernetes Workshop IYTE
Google Cloud Platform Kubernetes Workshop IYTEGoogle Cloud Platform Kubernetes Workshop IYTE
Google Cloud Platform Kubernetes Workshop IYTE
Gokhan Boranalp
 
Introduction to OS LEVEL Virtualization & Containers
Introduction to OS LEVEL Virtualization & ContainersIntroduction to OS LEVEL Virtualization & Containers
Introduction to OS LEVEL Virtualization & Containers
Vaibhav Sharma
 
Kubernetes Interview Question with answer by farshad nick
Kubernetes Interview Question with answer by farshad nickKubernetes Interview Question with answer by farshad nick
Kubernetes Interview Question with answer by farshad nick
farshad nickfetrat
 
Gdg izmir kubernetes
Gdg izmir kubernetesGdg izmir kubernetes
Gdg izmir kubernetes
Gokhan Boranalp
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Miloš Zubal
 
What is POD and Kubernetes details Like as
What is POD and Kubernetes details Like asWhat is POD and Kubernetes details Like as
What is POD and Kubernetes details Like as
MdTarequlIslam17
 
Survey of open source cloud architectures
Survey of open source cloud architecturesSurvey of open source cloud architectures
Survey of open source cloud architectures
abhinav vedanbhatla
 
Effective VM Scheduling Strategy for Heterogeneous Cloud Environment
Effective VM Scheduling Strategy for Heterogeneous Cloud EnvironmentEffective VM Scheduling Strategy for Heterogeneous Cloud Environment
Effective VM Scheduling Strategy for Heterogeneous Cloud Environment
International Journal of Science and Research (IJSR)
 
Kubernetes From Scratch .pdf
Kubernetes From Scratch .pdfKubernetes From Scratch .pdf
Kubernetes From Scratch .pdf
ssuser9b44c7
 
Intro to Kubernetes
Intro to KubernetesIntro to Kubernetes
Intro to Kubernetes
Joonathan Mägi
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Paris Apostolopoulos
 
prodops.io k8s presentation
prodops.io k8s presentationprodops.io k8s presentation
prodops.io k8s presentation
Prodops.io
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with Components
Ajeet Singh
 
A Survey of Performance Comparison between Virtual Machines and Containers
A Survey of Performance Comparison between Virtual Machines and ContainersA Survey of Performance Comparison between Virtual Machines and Containers
A Survey of Performance Comparison between Virtual Machines and Containers
prashant desai
 
Kubernetes: My BFF
Kubernetes: My BFFKubernetes: My BFF
Kubernetes: My BFF
Jonathan Yu
 
Openstack_administration
Openstack_administrationOpenstack_administration
Openstack_administration
Ashish Sharma
 
stupid-simple-kubernetes-final.pdf
stupid-simple-kubernetes-final.pdfstupid-simple-kubernetes-final.pdf
stupid-simple-kubernetes-final.pdf
DaniloQueirozMota
 
Container & kubernetes
Container & kubernetesContainer & kubernetes
Container & kubernetes
Ted Jung
 
Kubernetes
KubernetesKubernetes
Kubernetes
Lhouceine OUHAMZA
 
Unleashing k8 s to reduce complexities of an entire middleware platform
Unleashing k8 s to reduce complexities of an entire middleware platformUnleashing k8 s to reduce complexities of an entire middleware platform
Unleashing k8 s to reduce complexities of an entire middleware platform
Lakmal Warusawithana
 
Google Cloud Platform Kubernetes Workshop IYTE
Google Cloud Platform Kubernetes Workshop IYTEGoogle Cloud Platform Kubernetes Workshop IYTE
Google Cloud Platform Kubernetes Workshop IYTE
Gokhan Boranalp
 
Introduction to OS LEVEL Virtualization & Containers
Introduction to OS LEVEL Virtualization & ContainersIntroduction to OS LEVEL Virtualization & Containers
Introduction to OS LEVEL Virtualization & Containers
Vaibhav Sharma
 
Kubernetes Interview Question with answer by farshad nick
Kubernetes Interview Question with answer by farshad nickKubernetes Interview Question with answer by farshad nick
Kubernetes Interview Question with answer by farshad nick
farshad nickfetrat
 
Gdg izmir kubernetes
Gdg izmir kubernetesGdg izmir kubernetes
Gdg izmir kubernetes
Gokhan Boranalp
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Miloš Zubal
 
What is POD and Kubernetes details Like as
What is POD and Kubernetes details Like asWhat is POD and Kubernetes details Like as
What is POD and Kubernetes details Like as
MdTarequlIslam17
 
Survey of open source cloud architectures
Survey of open source cloud architecturesSurvey of open source cloud architectures
Survey of open source cloud architectures
abhinav vedanbhatla
 
Effective VM Scheduling Strategy for Heterogeneous Cloud Environment
Effective VM Scheduling Strategy for Heterogeneous Cloud EnvironmentEffective VM Scheduling Strategy for Heterogeneous Cloud Environment
Effective VM Scheduling Strategy for Heterogeneous Cloud Environment
International Journal of Science and Research (IJSR)
 
Ad

More from Arun prasath (9)

Managing Microservices traffic using Istio
Managing Microservices traffic using IstioManaging Microservices traffic using Istio
Managing Microservices traffic using Istio
Arun prasath
 
Istio
Istio Istio
Istio
Arun prasath
 
Elk with Openstack
Elk with OpenstackElk with Openstack
Elk with Openstack
Arun prasath
 
Openstack Heat
Openstack HeatOpenstack Heat
Openstack Heat
Arun prasath
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment
Arun prasath
 
HP CloudSystem Matrix
HP CloudSystem MatrixHP CloudSystem Matrix
HP CloudSystem Matrix
Arun prasath
 
Highly confidential security system - sole survivors - SRS
Highly confidential security system - sole survivors - SRSHighly confidential security system - sole survivors - SRS
Highly confidential security system - sole survivors - SRS
Arun prasath
 
Toll application - .NET and Android - SRS
Toll application - .NET and Android - SRSToll application - .NET and Android - SRS
Toll application - .NET and Android - SRS
Arun prasath
 
Toll app - Android project
Toll app - Android projectToll app - Android project
Toll app - Android project
Arun prasath
 
Managing Microservices traffic using Istio
Managing Microservices traffic using IstioManaging Microservices traffic using Istio
Managing Microservices traffic using Istio
Arun prasath
 
Istio
Istio Istio
Istio
Arun prasath
 
Elk with Openstack
Elk with OpenstackElk with Openstack
Elk with Openstack
Arun prasath
 
Openstack Heat
Openstack HeatOpenstack Heat
Openstack Heat
Arun prasath
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment
Arun prasath
 
HP CloudSystem Matrix
HP CloudSystem MatrixHP CloudSystem Matrix
HP CloudSystem Matrix
Arun prasath
 
Highly confidential security system - sole survivors - SRS
Highly confidential security system - sole survivors - SRSHighly confidential security system - sole survivors - SRS
Highly confidential security system - sole survivors - SRS
Arun prasath
 
Toll application - .NET and Android - SRS
Toll application - .NET and Android - SRSToll application - .NET and Android - SRS
Toll application - .NET and Android - SRS
Arun prasath
 
Toll app - Android project
Toll app - Android projectToll app - Android project
Toll app - Android project
Arun prasath
 
Ad

Recently uploaded (20)

MAQUINARIA MINAS CEMA 6th Edition (1).pdf
MAQUINARIA MINAS CEMA 6th Edition (1).pdfMAQUINARIA MINAS CEMA 6th Edition (1).pdf
MAQUINARIA MINAS CEMA 6th Edition (1).pdf
ssuser562df4
 
aset and manufacturing optimization and connecting edge
aset and manufacturing optimization and connecting edgeaset and manufacturing optimization and connecting edge
aset and manufacturing optimization and connecting edge
alilamisse
 
Mirada a 12 proyectos desarrollados con BIM.pdf
Mirada a 12 proyectos desarrollados con BIM.pdfMirada a 12 proyectos desarrollados con BIM.pdf
Mirada a 12 proyectos desarrollados con BIM.pdf
topitodosmasdos
 
Smart_Storage_Systems_Production_Engineering.pptx
Smart_Storage_Systems_Production_Engineering.pptxSmart_Storage_Systems_Production_Engineering.pptx
Smart_Storage_Systems_Production_Engineering.pptx
rushikeshnavghare94
 
Value Stream Mapping Worskshops for Intelligent Continuous Security
Value Stream Mapping Worskshops for Intelligent Continuous SecurityValue Stream Mapping Worskshops for Intelligent Continuous Security
Value Stream Mapping Worskshops for Intelligent Continuous Security
Marc Hornbeek
 
Dust Suppressants: A Sustainable Approach to Dust Pollution Control
Dust Suppressants: A Sustainable Approach to Dust Pollution ControlDust Suppressants: A Sustainable Approach to Dust Pollution Control
Dust Suppressants: A Sustainable Approach to Dust Pollution Control
Janapriya Roy
 
Elevate Your Workflow
Elevate Your WorkflowElevate Your Workflow
Elevate Your Workflow
NickHuld
 
BCS401 ADA Second IA Test Question Bank.pdf
BCS401 ADA Second IA Test Question Bank.pdfBCS401 ADA Second IA Test Question Bank.pdf
BCS401 ADA Second IA Test Question Bank.pdf
VENKATESHBHAT25
 
"Heaters in Power Plants: Types, Functions, and Performance Analysis"
"Heaters in Power Plants: Types, Functions, and Performance Analysis""Heaters in Power Plants: Types, Functions, and Performance Analysis"
"Heaters in Power Plants: Types, Functions, and Performance Analysis"
Infopitaara
 
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.
Kamal Acharya
 
QA/QC Manager (Quality management Expert)
QA/QC Manager (Quality management Expert)QA/QC Manager (Quality management Expert)
QA/QC Manager (Quality management Expert)
rccbatchplant
 
introduction to machine learining for beginers
introduction to machine learining for beginersintroduction to machine learining for beginers
introduction to machine learining for beginers
JoydebSheet
 
Explainable-Artificial-Intelligence-in-Disaster-Risk-Management (2).pptx_2024...
Explainable-Artificial-Intelligence-in-Disaster-Risk-Management (2).pptx_2024...Explainable-Artificial-Intelligence-in-Disaster-Risk-Management (2).pptx_2024...
Explainable-Artificial-Intelligence-in-Disaster-Risk-Management (2).pptx_2024...
LiyaShaji4
 
Lecture 13 (Air and Noise Pollution and their Control) (1).pptx
Lecture 13 (Air and Noise Pollution and their Control) (1).pptxLecture 13 (Air and Noise Pollution and their Control) (1).pptx
Lecture 13 (Air and Noise Pollution and their Control) (1).pptx
huzaifabilalshams
 
vlsi digital circuits full power point presentation
vlsi digital circuits full power point presentationvlsi digital circuits full power point presentation
vlsi digital circuits full power point presentation
DrSunitaPatilUgaleKK
 
five-year-soluhhhhhhhhhhhhhhhhhtions.pdf
five-year-soluhhhhhhhhhhhhhhhhhtions.pdffive-year-soluhhhhhhhhhhhhhhhhhtions.pdf
five-year-soluhhhhhhhhhhhhhhhhhtions.pdf
AdityaSharma944496
 
Engineering Chemistry First Year Fullerenes
Engineering Chemistry First Year FullerenesEngineering Chemistry First Year Fullerenes
Engineering Chemistry First Year Fullerenes
5g2jpd9sp4
 
Crack the Domain with Event Storming By Vivek
Crack the Domain with Event Storming By VivekCrack the Domain with Event Storming By Vivek
Crack the Domain with Event Storming By Vivek
Vivek Srivastava
 
Fourth Semester BE CSE BCS401 ADA Module 3 PPT.pptx
Fourth Semester BE CSE BCS401 ADA Module 3 PPT.pptxFourth Semester BE CSE BCS401 ADA Module 3 PPT.pptx
Fourth Semester BE CSE BCS401 ADA Module 3 PPT.pptx
VENKATESHBHAT25
 
Building Security Systems in Architecture.pdf
Building Security Systems in Architecture.pdfBuilding Security Systems in Architecture.pdf
Building Security Systems in Architecture.pdf
rabiaatif2
 
MAQUINARIA MINAS CEMA 6th Edition (1).pdf
MAQUINARIA MINAS CEMA 6th Edition (1).pdfMAQUINARIA MINAS CEMA 6th Edition (1).pdf
MAQUINARIA MINAS CEMA 6th Edition (1).pdf
ssuser562df4
 
aset and manufacturing optimization and connecting edge
aset and manufacturing optimization and connecting edgeaset and manufacturing optimization and connecting edge
aset and manufacturing optimization and connecting edge
alilamisse
 
Mirada a 12 proyectos desarrollados con BIM.pdf
Mirada a 12 proyectos desarrollados con BIM.pdfMirada a 12 proyectos desarrollados con BIM.pdf
Mirada a 12 proyectos desarrollados con BIM.pdf
topitodosmasdos
 
Smart_Storage_Systems_Production_Engineering.pptx
Smart_Storage_Systems_Production_Engineering.pptxSmart_Storage_Systems_Production_Engineering.pptx
Smart_Storage_Systems_Production_Engineering.pptx
rushikeshnavghare94
 
Value Stream Mapping Worskshops for Intelligent Continuous Security
Value Stream Mapping Worskshops for Intelligent Continuous SecurityValue Stream Mapping Worskshops for Intelligent Continuous Security
Value Stream Mapping Worskshops for Intelligent Continuous Security
Marc Hornbeek
 
Dust Suppressants: A Sustainable Approach to Dust Pollution Control
Dust Suppressants: A Sustainable Approach to Dust Pollution ControlDust Suppressants: A Sustainable Approach to Dust Pollution Control
Dust Suppressants: A Sustainable Approach to Dust Pollution Control
Janapriya Roy
 
Elevate Your Workflow
Elevate Your WorkflowElevate Your Workflow
Elevate Your Workflow
NickHuld
 
BCS401 ADA Second IA Test Question Bank.pdf
BCS401 ADA Second IA Test Question Bank.pdfBCS401 ADA Second IA Test Question Bank.pdf
BCS401 ADA Second IA Test Question Bank.pdf
VENKATESHBHAT25
 
"Heaters in Power Plants: Types, Functions, and Performance Analysis"
"Heaters in Power Plants: Types, Functions, and Performance Analysis""Heaters in Power Plants: Types, Functions, and Performance Analysis"
"Heaters in Power Plants: Types, Functions, and Performance Analysis"
Infopitaara
 
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.
Kamal Acharya
 
QA/QC Manager (Quality management Expert)
QA/QC Manager (Quality management Expert)QA/QC Manager (Quality management Expert)
QA/QC Manager (Quality management Expert)
rccbatchplant
 
introduction to machine learining for beginers
introduction to machine learining for beginersintroduction to machine learining for beginers
introduction to machine learining for beginers
JoydebSheet
 
Explainable-Artificial-Intelligence-in-Disaster-Risk-Management (2).pptx_2024...
Explainable-Artificial-Intelligence-in-Disaster-Risk-Management (2).pptx_2024...Explainable-Artificial-Intelligence-in-Disaster-Risk-Management (2).pptx_2024...
Explainable-Artificial-Intelligence-in-Disaster-Risk-Management (2).pptx_2024...
LiyaShaji4
 
Lecture 13 (Air and Noise Pollution and their Control) (1).pptx
Lecture 13 (Air and Noise Pollution and their Control) (1).pptxLecture 13 (Air and Noise Pollution and their Control) (1).pptx
Lecture 13 (Air and Noise Pollution and their Control) (1).pptx
huzaifabilalshams
 
vlsi digital circuits full power point presentation
vlsi digital circuits full power point presentationvlsi digital circuits full power point presentation
vlsi digital circuits full power point presentation
DrSunitaPatilUgaleKK
 
five-year-soluhhhhhhhhhhhhhhhhhtions.pdf
five-year-soluhhhhhhhhhhhhhhhhhtions.pdffive-year-soluhhhhhhhhhhhhhhhhhtions.pdf
five-year-soluhhhhhhhhhhhhhhhhhtions.pdf
AdityaSharma944496
 
Engineering Chemistry First Year Fullerenes
Engineering Chemistry First Year FullerenesEngineering Chemistry First Year Fullerenes
Engineering Chemistry First Year Fullerenes
5g2jpd9sp4
 
Crack the Domain with Event Storming By Vivek
Crack the Domain with Event Storming By VivekCrack the Domain with Event Storming By Vivek
Crack the Domain with Event Storming By Vivek
Vivek Srivastava
 
Fourth Semester BE CSE BCS401 ADA Module 3 PPT.pptx
Fourth Semester BE CSE BCS401 ADA Module 3 PPT.pptxFourth Semester BE CSE BCS401 ADA Module 3 PPT.pptx
Fourth Semester BE CSE BCS401 ADA Module 3 PPT.pptx
VENKATESHBHAT25
 
Building Security Systems in Architecture.pdf
Building Security Systems in Architecture.pdfBuilding Security Systems in Architecture.pdf
Building Security Systems in Architecture.pdf
rabiaatif2
 

ARCHITECTING TENANT BASED QOS IN MULTI-TENANT CLOUD PLATFORMS

  • 1. ARCHITECTING TENANT BASED QOS IN MULTI-TENANT CLOUD PLATFORMS - Arun prasath S
  • 2. 2
  • 3. 3 Table of Contents Introduction 4 Problem statement 4 Solution overview 5 Goals 5 Typical implementation in production environment 6 Linux Containers 8 Components of LXC 8 Control group (cgroup) 9 Subsystems 10 blkio Subsystem 10 CPU Subsystem 10 Memory Subsystem 10 Python Controller 11 Puppet 12 Docker 13 Other options 13 Summary 14 References 14
  • 4. 4 Introduction Achieving QOS in a multi-tenant cloud platforms is still a difficult task and many companies follow different approaches to solve this problem. Here in this document I tried architecting a simple solution for achieving different QOS for different tenants in a Multi-tenant cloud environment based on my experiments. Problem statement Openstack steps into platform as service by introducing a new component ‘Trove’ Database as Service (DBaaS) offering in its upcoming Icehouse release. But Openstack announced that Trove will be operating as Single tenant service (Which means, for each Database instance, a new VM will be created). This is a costly affair for cloud service providers and also resources may not be used efficiently in this scenario. Many big cloud service providers like Google and Amazon provides options for the same DBaaS as a multi-tenant service. In this case, many instances of the DB will run in a single virtual machine. This reduces the cost of running extra virtual machines. But it also have few problems like QOS, security and isolation. The QOS factors are CPU, Memory, IOPS (Input/Output Operations per second) etc. More than one DB instance will be running in a single machine. In worst case scenarios one DB Instance may end up eating large amount of resources which greatly affects other DB Instances. We need to guarantee the QOS as mentioned in the SLA. Since more than one DB Instance will be running in a single machine, we have some security considerations. When one customer’s database gets affected it must not affect other instances. Also consumers in Single tenant are charged based on their usages like number of IO, total space, CPU, memory etc. But when it comes to multi-tenant it’s hard to estimate the usage as more than one DB instance will be running in a single virtual machine. In another perspective, the existing solution of creating each VM for each customer has a drawback of running separate operating system for each customer. This separate operating system is an extra load for the service provider as it need a lot of data space and memory.
  • 5. 5 Solution overview In my proposed solution, I used Linux containers running inside a virtual machines for isolation DB Instances. Each database instance will be running inside a Container. Therefore we can achieve true isolation, resources can be controlled and metering is also quite easy. With cgroup feature we can control the IOPS of the container and thereby we can offer different service level (IOPS) for different tenants. Existing offering (In Openstack Trove) Proposed solution Goals  Tenant based QOS  Multi tenancy  True resource isolation for DB Instances  Perfect metering  Automation
  • 6. 6 Typical implementation in production environment This is a typical implementation in the production environment. The user requests for a database instance using the dashboard. Once when the request is initiated, the Python controller gets the resources specified for a particular flavor in Nova and then consolidates the existing containers. If there is space available in the any virtual machines, the container is created there. Or else a new nova virtual machine is created and then the container is created in that virtual machine with the user specified parameters (CPU, RAM and IOPS).
  • 7. 7 Each time a virtual machine is created, it is discovered by puppet and the container software (LXC or Docker) is installed. Each time a container is created, MySQL is installed. After the creation and provisioning of the containers the users are provided the access to the database. (IP Address, MySQL username and password). The above is a modular approach in provisioning server. However for smaller companies the architecture can be simplified by using pre-built vagrant or golden images. The following is the brief of all the components mentioned above.
  • 8. 8 Linux Containers Linux containers provide light weight operating system level virtualization which isolates processes and resources in a simpler way compared to full-scale virtual machines. LXC works in the way similar to virtualization but with the difference that it don’t need separate kernel instance. It allows us to create many number of sand box environment which is completely isolated from the host and other containers. Components of LXC  Namespaces – Used to provide process isolation  cgroups – Used to control System management and resource control  SELinux – Ensures isolation between host and the container and also Individual containers  Libvirt- Tool box to manage containers Since QOS is our primary objective, we are going to focus more on control groups.
  • 9. 9 Control group (cgroup) Control group is a kernel feature to limit the resources like CPU, System memory and network bandwidth among the user-defined groups of tasks. For example, we can limit a MySQL instance from using all memory. In the same way we can guarantee that the MySQL instance gets the specified resource. In this architecture, I am using cgroup feature on Linux containers to isolate DB Instances and guarantee the minimum QOS for the customer. Limits for a particular container is defined in the containers configuration file. Hence we can allocate different resources for different containers based on customer requirements. In our scenario the containers will be running as process and the processes inside the containers will be running as the sub process.
  • 10. 10 Subsystems Subsystems are kernel modules that are aware of cgroups. They are resource controllers that allocate varying level of system resources to different cgroups. The following are the subsystems of cgroup. blkio Subsystem The Block I/O subsystem controls and monitors access to I/O on block devices by tasks in cgroups. It offers features like proportional weight division and I/O throttling (Upper limit). Common parameters: blkio.throttle.read_iops_device - specifies the upper limit on the number of read operations a device can perform blkio.throttle.read_bps_device - specifies the upper limit on the number of read operations a device can perform blkio.throttle.write_bps_device - specifies the upper limit on the number of write operations a device can perform CPU Subsystem The cpu subsystem schedules CPU access to cgroups. Common parameters: cpu.shares - contains an integer value that specifies a relative share of CPU time available to the tasks in a cgroup cpu.rt_period_us - specifies a period of time in microseconds (µs, represented here as "us") for how regularly a cgroup's access to CPU resource should be reallocated Memory Subsystem The memory subsystem generates automatic reports on memory resources used by the tasks in a cgroup, and sets limits on memory use by those tasks Common parameters: memory.usage_in_bytes - reports the total current memory usage by processes in the cgroup (in bytes) memory.max_usage_in_bytes - reports the maximum memory used by processes in the cgroup (in bytes) memory.limit_in_bytes - sets the maximum amount of user memory There are also various other subsystems like cpuacct, cpuset, devices, freezer etc. Those can be used in our scenario for enhanced configurations.
  • 11. 11 Python Controller In a fresh Openstack environment when a user requests an instance, a new VM is created. But in our case we need to provision containers. Hence we need to modify the normal Openstack work flow. One popular way to do this is via REST based API. Since I am a python guy, I am doing this via Python APIs provided by Openstack. All details of the containers created by the users is saved in the local MySQL database. In this scenario, the user is shown a dashboard or a form for database provisioning. When the user requests the instance, this python controller takes control. It gets the flavor details we used to build nova VM by enquiring Openstack. Then it consolidates the containers provisioned by using the local database. If it could not find any space, then a new nova VM is created using API calls and then the process continues. If existing VM has necessary resource to provision a container, then the container is created in that existing VM. The following is a sample python code for creating an Instance. Initially we can set the resource level options for any particular flavor. nova-manage flavor set_key --name m1.small --key quota:disk_read_bytes_sec --value 10240000 nova-manage flavor set_key --name m1.small --key quota:disk_write_bytes_sec --value 10240000
  • 12. 12 Puppet Openstack can provide any number of machines based on demand. But to get all those machines into production (Installing required softwares like LXC or Docker in our scenario), we need some automation. There are various automation tools for change and configuration management. In this scenario I used puppet. Puppet can manage our servers. In a puppet environment, we describe the necessary machine state in a declarative code. Puppet clients connects to the server and ensures that they are in the state described by the manifest file in server. In our scenario we will be defining manifests for installing LXC or Docker. Once after the necessary container is installed we bring the container under control of puppet for software (MySQL) installation. Puppet manifest for MySQL is available in Github.
  • 13. 13 Docker Docker is an open source developer-friendly abstraction layer on the top of Linux containers (LXC). Docker gives a simple and meaningful layer to play with containers in a cloud environment. By using Docker we can actually build containers, use it and make changes based on our need, push our used containers to the Docker repository and pull any time and any number of time for further usage. This means a lot in a PAAS market. In a high level terminology, Docker can automate the deployment of applications as highly portable, self-sufficient containers which are independent of hardware, language, framework, packaging system and hosting provider. Docker also provides drivers for Openstack which embeds with Nova and provides ability to work with containers along with nova virtual machines. Since most Openstack production environment need to instantiate various different operating systems, we can have a work around and achieve our need. In this scenario we are going to run a Docker or LXC on the top of a virtual machine. Docker, along with puppet or chef can be very useful for the Platform as a Service providers. They are very useful in automated provisioning of platforms required for developers, in a very convenient and sophisticated way. Thus making operations team work much easier. Other options The above method is one way of creating multi-tenant cloud environment. But there are many number of ways to achieve it using various other options. Rackspace uses OpenVZ to build their cloud platforms. They uses OpenVZ to contain their customers database and for resource isolation. OpenVZ has many advantages over LXC. Resource allocation is made simple in OpenVZ. (i.e. Guaranteed RAM and Burstable RAM are specified using simple commands ). Live migrations are quite easy in OpenVZ when compared to LXC. Oracle follows an interesting architecture in its DBaaS offering. They created a customized ‘Container Database’. All the customer databases are in Pluggable database (PDB) format and they can be plugged to the container database and can work on.
  • 14. 14 Summary Thus the tenant based QOS feature is achieved in a multi-tenant cloud platform. I haven’t mentioned about some other features and drawbacks like migration, scale up, high availability etc. All those drawbacks can be rectified by having some workaround in the architecture. References 1) Linux Plumbers Conference 2013, Rackspace session 2) http://www.kernel.org/doc/Documentation/cgroups 3) http://docs.openstack.org/developer/trove/ 4) https://help.ubuntu.com/lts/serverguide/lxc.html 5) http://wwwkemper.informatik.tu-uenchen.de/research/publications/conferences/sigmod2008- mtd.pdf 6) http://blog.docker.io/2013/10/gathering-lxc-docker-containers-metrics/ 7) http://www.vldb.org/pvldb/vol7/p37-das.pdf