cloud computing and networking - 國立中興大學
TRANSCRIPT
1
Chapter 1
Cloud Computing and Networking
Course Goal and Objectives
“To perform the conceptual, intermediate, and detailed design of a network infrastructure that supports the network solutions to achieve effective performance, scalability, and availability to meet the desired requirements” Describe how the Cisco Enterprise Network model is used in
the Service Oriented Network Architecture (SONA) framework for designing enterprise networks.
Create conceptual, intermediate, and detailed intelligent network service designs for network management, high availability, security, QoS, and IP multicast.
2
The Hierarchical Model
The foundation of the Cisco network architectures is the hierarchical network model.
Historically used in the design of enterprise LAN and wide area network (WAN) data networks.
A hierarchical model also applies to the infrastructure modules of SONA and the Cisco Enterprise Architecture.
3
The Hierarchical Model
It easier to design and build a deterministic scalable network.
The hierarchical network structure is composed of the access, distribution, and core layers.
Each layer has its own functions, which are used to develop a hierarchical network design.
4
The Hierarchical Model
Access layer: Grants user access to network devices. incorporates switched LAN devices with ports that provide
connectivity to workstations and servers. In the WAN environment, the access layer for teleworkers or
remote sites may provide access to the corporate network across WAN technology.
Distribution layer: Aggregates the wiring closets, using switches
to segment workgroups and isolate network problems in a campus environment. It aggregates WAN connections at the edge of the campus and
provides policy-based connectivity.
5
The Hierarchical Model
Core layer (also referred to as the backbone): A high-speed backbone, designed to switch packets as fast as possible.
Because the core is critical for connectivity, it must
provide a high level of availability and adapt to changes very quickly.
It also provides scalability and fast convergence
6
Hierarchical Network
7 Public Switched Telephone Network (PSTN)
The Hierarchical Model Three-layer hierarchical model : Access layer: must detect whether a telecommuter who is
dialing in is legitimate, yet must also require minimal telecommuter authentication steps.
Distribution layer: control access to resources that are available at the core layer and make efficient use of bandwidth.
Core layer: provide services that optimize communication transport within the network. In addition, core layer devices are expected to provide maximum
availability and reliability.
8
Enterprise Network Design Cisco developed three overlapping architectures for the
enterprise as part of a network architecture and design (Borderless Networks, collaboration, and virtualization (data center and desktop))
9
Enterprise Network Design for Cisco Architectures
Borderless Networks: workers are more mobile.
More workers are working from different locations. (anywhere, anytime, and from any device.)
providing high-performance secure mobile connectivity.
Collaboration:
integrates all these different means of communication.
integrating many different types of communication methods and devices.
an infrastructure is ready to support this mix of multimedia applications.
10
Enterprise Network Design for Cisco Architectures
Data center virtualization: Data centers contain the back-end services and data
that enable the applications that are used in the enterprise.
Applications can be scaled as demand changes. it is important that data centers be built in a cost-effective,
energy-efficient, resilient and scalable manner.
provisioning data storage and computing resources to applications in a highly scalable and resilient manner by leveraging virtualization technology.
11
Enterprise Network Design for Cisco Architectures
12
Review of Cisco SONA Cisco SONA uses the extensive product line, services,
proven architectures, and experience of Cisco and its partners to help enterprises achieve their business goals.
13
Service Oriented Network Architecture
Benefits of SONA
14
Review of Cisco SONA
SONA outlines these three layers: 1. The networked infrastructure layer: Customers is to
have anywhere and anytime connectivity.
2. The interactive services layer: enables efficient allocation of resources to applications and business processes delivered through the networked infrastructure.
3. The application layer: Customers is to meet business requirements and achieve efficiencies by leveraging the interactive services layer.
15
Infrastructure Services
16
Infrastructure Services Application Service:
Identity services: Maps resources and policies to the user and device
Mobility services: Allows users to access network resources regardless of their physical location.
Wireless services support mobile clients, and integrate with the wired network.
Storage services: Provides distributed and virtual storage across the infrastructure
Application-Oriented Networking: Compute services: Connects and virtualizes compute resources
based on the application Security services: Increase the integrity of the network by
protecting network resources and users from internal and external threats.
Voice services: Delivers the foundation by which voice can be carried across the network, such as security and high availability
17
Network Services Network management High availability: Ensures end-to-end availability
for services, clients, and sessions. QoS: Manages the delay, delay variation (jitter),
bandwidth availability, and packet loss parameters to meet the diverse needs of voice, video, and data applications.
IP multicasting: Delivering a single stream of information that is intended for many corporate recipients and homes throughout the transport network.
18
Network Applications Cisco Unified Communications: Includes voice,
video, and web conferencing solutions. Cisco Digital Media Systems: Includes applications
such as Cisco Digital Signage, which delivers video and application content to many large display monitors that are placed throughout the organization.
Cisco IP Video Surveillance: Provides real-time monitoring of the environment, people, and assets and provides recording for investigative purposes.
Cisco TelePresence: Provides a deeply immersive video experience. This application is key to the new generation of communication
experience and is becoming pervasive in many enterprises
19
Cisco Enterprise Architectures
20
Cisco Enterprise Architectures
Campus module: Combines a core infrastructure of intelligent switching and routing with tightly integrated productivity-enhancing technologies, including Cisco Unified Communications, mobility, and advanced security.
Edge architecture: Offers connectivity to voice, video, and data services outside the enterprise. QoS, service levels, and security are the main issues in the
Enterprise Edge module.
WAN and MAN module: offers the convergence of voice, video, and data services over a single Cisco Unified Communications network.
21
Summary
Cisco SONA is the enterprise framework for building intelligence in the network: Layer 1 is the integrated infrastructure layer. Layer 2 is the interactive services layer. Layer 3 is the applications layer.
22
Virtual Machine Systems
Question Can a “small” operating system simulate the
hardware of some machine so that Another operating system can run in that
simulated hardware? More than one instance of that operating system
run on the same hardware at the same time? More than one different operating system can
share the same hardware at the same time? Answer: Yes
Solution – Virtual Machine
A virtual machine provides interface identical to underlying bare hardware i.e., all devices, storages, memory, page
tables, etc.
Virtual Machine Operating System creates illusion of multiple processors Each VM executes independently No sharing, except via network protocols
History – CP67 / CMS
IBM Cambridge Scientific Center Ran on IBM 360/67
Alternative to TSS/360, which never sold very well
Replicated hardware in each “process” Virtual 360/67 processor Virtual disk(s), virtual console, printer, card reader, etc.
Cambridge Monitor System (CMS) A single user, interactive operating system
Commercialized as VM370 in mid-1970s
History (cont.)
Various other attempts with other machines
VMware Workstation Servers (for IT centers)
“Classic” Virtual Machine Copy of a real machine
“Any program run under the VM has an effect identical with that demonstrated if the program had been run in the original machine directly” 1
Isolated from other virtual machines “…transforms the single machine interface into the illusion of
many” 2 Efficient
“A statistically dominant subset of the virtual processor’s instructions is executed directly by the real processor” 2
Also known as a “system VM”
1 “Formal Requirements for Virtualizable Third-Generation Architectures”, G. Popek and R. Goldberg, Communications of the ACM, 17(7), July 1974
2 “Survey of Virtual Machine Research”, R. Goldberg, IEEE Computer, June 1974
Classic Virtual Machines Virtualization of instruction sets (ISAs)
Language-independent, binary-compatible (not JVM)
70’s (IBM 360/370..) – 00’s (VMware, Microsoft Virtual Server/PC, z/VM, Xen, Power Hypervisor, Intel Vanderpool, AMD Pacifica …)
ISA+ OS + libraries + software = execution environment
Definitions
Host Operating System: The operating system actually running on the
hardware Together with virtualization layer, it
simulates environment for … Guest Operating System:
The operating system running in the simulated environment
To do some thing or resource allocation
Process vs. System VMs In Smith and Nair’s
“The architecture of Virtual machines”, Computer, May 2005
Must Virtual Machine be Replica of Host Machine?
No, virtualization layer can simulate any architecture
Typically used for debugging specialized systems Real-time systems, niche products, etc.
Guest architecture does not even have to
be real hardware!
Example – Page tables Suppose guest OS has its own page tables then
virtualization layer must Copy those tables to its own Trap every reference or update to tables and
simulate it
During page fault Virtualization layer must decide whether fault
belongs to guest OS or self If guest OS, must simulate a page fault
Likewise, virtualization layer must trap and simulate every privileged instruction in machine!
Virtual Machines (cont.)
The resources of the physical computer are shared to create the virtual machines CPU scheduling can create the appearance that each
user has own processor Spooling and a file system provide
virtual card readers, virtual line printers Disk partitioned to provide virtual disks A normal user time-sharing terminal serves as the
virtual machine operator’s console
Spool : simultaneous peripheral operations on-line
Virtual Machines (cont.)
Virtual-machine concept provides complete protection of system resources Each virtual machine is isolated from all other
virtual machines. However, it does not directly share the resources.
Virtualization layer Virtual-machine system is a good vehicle for operating-
systems research and development. System development is done on the virtual machine
does not disrupt normal operation. Multiple concurrent developers can work at same
time.
Virtual Machines (cont.)
Non-virtual Machine Virtual Machine
(a) Nonvirtual machine (b) virtual machine
Virtual Machines (cont.)
Some hardware architectures or features are impossible to virtualize Certain registers or state not exposed Unusual devices and device control Clocks, time, and real-time behavior
On-demand computing
Embodiments: Data-centers Grid-computing
“coordinated resource sharing and problem solving in dynamic, multi-institutional virtual organizations”
In the “The anatomy of the Grid,” Foster et. Al Local control, decentralized management Open general-purpose standards Non-trivial QoS
Data Center
Network Infrastructure
Server Farm
Resource sharing Traditional computing/data center solutions:
Multitask/multiuser operating systems, user accounts, file systems … Always available but static configurations
Sharing possible if apps run on similar execution environments
Centralized administration Tight control on security, availability, users, updates, etc
Distributed Grid/data center requirements Multiple administrative domains
Different policies and practices at each domain Many environments possible Dynamic availability
Must run all kinds of applications Application user will neither trust unknown users sharing the same
resource nor redevelop application to run in different environments Resource owner will neither trust arbitrary users nor change
environment for others’ applications
A B C
A B C
Ocean
1 user, 1 app, several environments
+CH3D +ArcView
Compute Server
Compute Server
Compute Server
Compute Server
Compute Server
Compute Server
Grid
Slide provided by M. Zhao
Many users, 1 app, many environments
Compute Server Compute Server Compute Server
Compute Server
Compute Server Compute Server
+CH3D VM
+ArcView
VM
Grid Middleware
+CH3D
+CH3D +CH3D
+ArcView
+CH3D Ocean
+ArcView
+ArcView
+ArcView
+CH3D
+ArcView
Slide provided by M. Zhao
Challenge: VM State Transfer
Compute Server Compute Server Compute Server
Compute Server
+CH3D VM
+ArcView
VM
Grid Middleware
VM State Servers + ArcView
Ocean
Dynamic, efficient transfer of large VM state is important
+ CH3D
+CH3D
+ArcView
+CH3D
+ArcView
+CH3D
+ArcView
Many users, apps and environments
Slide provided by M. Zhao
Virtualization Technology for Grids Resource virtualization technology
Enables a resource to simultaneously appear as multiple resources with possibly different functionalities Polymorphism, manifolding and multiplexing
Virtual networks, data, applications, interfaces, peripherals, instruments …
Public network A
Private network C
Private network B
Public network D
Internet
VR
Virtual network
Virtual network
Virtual network
Virtual network
R N F
Router
NAT
Firewall
Virtual Router
H Host
VH1 to VH2
VH3 to VH4
H N H4
H2 H
H
VH2
VRA
VH4
VH
VRC
R
F H3
H1 H
VRB
VH
N
VH1
VRD
H
H
VH3
Virtual Space
Physical Space
Virtual networks Logical links:
• multiple physical links, routing via native Internet routing • tunneling, virtual routers, switches, … • partial to total isolation
Slide provided by M. Tsugawa
Virtualization Data/File
NFS Client NFSD
Server
Mountd
Client
NFS Server ‘S’
Export /home to all uids on compute server C
Compute Server ‘C’
mount S:/home
Export /home/user_A to shadow1 on C
NFS Client NFSD
Server Client
Mountd
mount S:/home/user_A
GVFS Proxy
GVFS Proxy
NFS (Network File System) Grid Virtual File System (GVFS)
Grid Virtual File System (GVFS)
Originally named PVFS, is a virtualized distributed file system providing high-performance data access in grid
environments and seamless integration with unmodified applications.
It leverages existing NFS (Network File System) support in operating systems, and uses user-level proxies to authenticate and forward RPC (Remote Procedure Call) requests between the native NFS client and server, and map user identities between different domains.
46
A Grid-building Recipe
Virtualize to fit needed environments Use services to generate “virtuals” Aggregate and manage “virtuals” Repeat as needed
• Net result: • Users interact with virtual entities provided by services • Middleware interacts with physical resources
Architectural Components of VM Service
VM Creation Request from Client
(1) VM Request
(6) VM ID
(2) Request Estimate
(3) VM Creation Cost
(4) Create VM
(5) VM ID
mcnabb
vws010
VMPlant Daemon
brady
vws001
VMPlant Daemon
favre
vws005
VMPlant Daemon
mcnair
vws002
manning
vws003
VMShop (VMArchitect VMCreator, VMCollector, VMReporter)
Host OS (VMPlant) Host OS (VMPlant) Host OS
(VMPlant)
VMPlant Daemon
Slide provided by Arijit Ganguly
Create VM Steps 1. Clone VM
Instantiate a new container Fast copying of a base VM image
Virtual disk Suspended memory (if available)
2. Configure VM Execute scripts/jobs inside container to tailor to a
particular instance Communication crossing container boundaries to provide
inputs/retrieve outputs
3. Destroy VM Terminate container, delete non-persistent state
User-level Extensions
kernel NFS server proxy
VM state server S
WAN
Compute server C
VMM
Client-side proxy disk caching
buffer block- based cache
proxy
Application-specific meta-data handling Encrypted file system channels and cross-domain
authentication
[Zhao, Zhang, Figueiredo, HPDC’04]
file- based cache
disk mem
VM state
VMware – Modern Virtual Machine System
Founded 1998, Mendel Rosenblum et al. Research at Stanford University
VMware Workstation Separates Host OS from virtualization layer Host OS may be Windows, Linux, etc. Wide variety of Guest operating systems < $200
http://www.vmware.com/
CS502 Spring 2006
VMware Architecture
VMware Server
Free version released in 2006 http://www.vmware.com/products/server/ Runs on any x86 server hardware and OS Windows Server and Linux Host OS’s
Partition a physical server into multiple virtual server machines
Target market – IT centers providing multiple services Allows separate virtual servers to be separately configured
for separate IT applications Portability, replication, etc.
VMware Server ESX
Total decoupling between hardware and applications
High-end, high-performance IT applications Oracle, SQL Server, Microsoft Exchange server,
SAP, Siebel, Lotus Notes, BEA WebLogic, Apache
Dynamically move running application to different hardware
Maintenance, hardware replacement Provisioning new versions, etc.
VMware ESX is an enterprise-level computer virtualization product offered by VMware
The Java Virtual Machine
Own idealized architecture Stylized machine language
Byte codes
Readily available interpreter
Virtual Machine