1 On the Design & Evolution of an Architecture for Testbed Federation Stephen Soltesz, David...
-
Upload
kerry-perkins -
Category
Documents
-
view
221 -
download
0
Transcript of 1 On the Design & Evolution of an Architecture for Testbed Federation Stephen Soltesz, David...
1
On the Design & Evolution of an Architecture for Testbed Federation
Stephen Soltesz, David Eisenstat, Marc Fiuczynski, Larry Peterson
2/17
The Original Problem• Give User access to an Owner’s Nodes
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
3/17
Contribution of PLC
princeton_codeennyu_dcornell_beehiveatt_mcashcmu_esmharvard_icehplabs_donutlabidsl_pseprirb_phiparis6_landmarksmit_dhtmcgill_cardhuji_enderarizona_storkucb_bambooucsd_shareumd_scriptroute…
N x NTrusted
Intermediary(PLC)
UsersPrincetonBerkeleyWashingtonMITBrownCMUNYUEPFLHarvardHP LabsIntelNEC LabsPurdueUCSDSICSCambridgeCornell…
Owners
4/17
Trust in PLC
OwnerPLCUser
1
2
3
4
1) PLC expresses trust in a user by issuing it credentials to access a slice
2) Users trust PLC to create slices on their behalf and respect credentials
3) Owner trusts PLC to vet users and map network activity to right user
4) PLC trusts owner to keep nodes physically secure and running
5/17
The New Problem
OwnersTestbed 1Users
OwnersTestbed 2Users
OwnersTestbed 3Users
?
?
6/17
Outline
• Federation Design• Tension in a Central Implementation• Two Authorities• Federation between Authorities
• Evolution during the last year• Delegation of Slice Creation• Federation With OneLab
• How to address Scale and Isolation
7/17
PLC is Centralized
princeton_codeennyu_dcornell_beehiveatt_mcashcmu_esmharvard_icehplabs_donutlabidsl_pseprirb_phiparis6_landmarksmit_dhtmcgill_cardhuji_enderarizona_storkucb_bambooucsd_shareumd_scriptroute…
TrustedIntermediary
(PLC)
UsersPrincetonBerkeleyWashingtonMITBrownCMUNYUEPFLHarvardHP LabsIntelNEC LabsPurdueUCSDSICSCambridgeCornell…
Owners
8/17
Two Authorities of PLC
• SA = Slice Authority• Represents Users• Names Slices
• MA = Management Authority• Represents Owners• Creates Slices on Nodes
User SA OwnerMA
PLC
9/17
Narrow Waist
• The New Narrow Waist• SA exports Slices• MA exports Nodes
• The Simplest form of Federation• Between Users and Node owners
SA MA
Slices
Nodes
UserUserUserUserUserUserUserUserUser
NodeNodeNodeNodeNodeNodeNodeNodeNodeNode
10/17
Federation with a Management Authority
• SA users benefit, access to more nodes
• MAs control policy on its nodes
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
11/17
Federation with a Slice Authority
• MA has a single infrastructure• SAs represent different user groups• Shared namespace
• Agreement between SA1 & SA2
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
12/17
Federation In Combination
• Slice & Management Federation
• This is the goal with Onelab
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
13/17
Outline
• Federation Design• Tension in a Central Design• Two Authorities• Federation between Authorities
• Evolution during the last year• Delegation of Slice Creation• Federation With OneLab
• How to address Scale and Isolation
14/17
Delegation as a Slice User
• PLC is default Slice Creation Service (SCS)• User A delegates Slice Creation
• User B calls Node Manager to create slice
• User B could be a Slice Authority
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
15/17
Federation with OneLab
• PLC1 caches PLC2, and vice versa• Concerns
• How to limit slices, or nodes?• Where to place policy?• How many peers can we maintain?• Who enforces namespaces?
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
16/17
Addressing Scale & Isolation
• What if…• The SA exports one slice to the MA
SA 1 MA MA - Node Manager
SA1_foo SA1_bar
Node
SA2_one
SA2_one_a SA2_one_b
SA 2
SA2_one
17/17
Conclusion
• PLC addresses disparate concerns• Pulls at the centralized implementation
• Proposed a general approach• Decouples PLC design into MA & SA
• Development efforts during the last year• Delegation and Federation
18/17
19/17
PLC Today
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
20/17
PLC with MA and SA
• Recursive MA and SA• User privilege from position in tree• Any MA or SA may be autonomous
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
21/17
22/17
23/17
User to VM
• MA and SA cache Owner and User info
• SA is an authority for Slice names
• MA is an authority for Node software
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
24/17
PLC with State on Nodes
• Node Owner Management• Hard state in a volatile environment• PLC state conflicts with Owner preference
• Solve by central policy management
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
25/17
Four Scenarios
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.QuickTime™ and a
TIFF (LZW) decompressorare needed to see this picture.
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
|Users| >> Size(node)O(N2)
O(N)