A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By...
-
Upload
allen-morton -
Category
Documents
-
view
214 -
download
1
Transcript of A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By...
![Page 1: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/1.jpg)
A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable
HotCloud 10By Xuanran Zong
![Page 2: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/2.jpg)
Background
• Applications are moving to cloud– Pay-as-you-go basis– Resource multiplexing– Reduce over-provisioning cost
• Cloud service uncertainty– How do the clients know if the cloud provider
handles their data and logic correctly• Logic correctness• Consistency constraints• Performance
![Page 3: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/3.jpg)
Service level agreement (SLA)
• To ensure data and logic are handled correctly, service provider offers service level agreement to clients– Performance• e.g. One EC2 compute unit has the computation power
of 1-1.2 GHz
– Availability• e.g. the service would up 99.9% of the time
![Page 4: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/4.jpg)
SLA
• Problems– Few means are provided to clients to make a SLA
accountable when problem occurs• Accountable means we know who is responsible when
things go wrong• Monitoring is provided by provider
– Clients are often required to furnish evidence all by themselves to be eligible to claim credit for SLA violation
![Page 5: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/5.jpg)
EC2 SLA
Reference: http://usenix.org/events/hotcloud10/tech/slides/wangc.pdf
![Page 6: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/6.jpg)
Accountability service
• Provided by third party
• Responsibility– Collect evidence based on SLA– Runtime compliance check and problem detection
![Page 7: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/7.jpg)
Problem description
• Clients has a set of end-points {ep0, ep1, … , epn-1} that operate on data stored in multitenancy environment
• Many things can go wrong– Data is modified without owner’s permission– Consistency requirement is broken
• The accountability service should detect these issues and provide evidence.
![Page 8: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/8.jpg)
System architecture
• Wrapper provided by third party
• Wrapper captures input/ouput from epi and send to accountability service
![Page 9: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/9.jpg)
Accountability service
• The accountability service maintains a view of the data state– Reflects what data should be from users’
perspective– Aggregates data updating requests of users to
calculate the data state– Authenticates query results based on the
calculated data state
![Page 10: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/10.jpg)
Evidence collection and processing
• Logging service, wep, extract operation information and send log message to accountability service W– If it is a update service, W updates MB-tree– If it is a query service, W authenticates the result
with MB-tree and ensures correctness and completeness
– MB-tree maintains the data state
![Page 11: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/11.jpg)
Data state calculation
• Use Merkle B-tree to calculate data state• By combining the items in VO, we can recalculate
the root of the MB-tree and compare it with the root to reveal the correctness and completeness of the query result
![Page 12: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/12.jpg)
Consistency issue
• What if the log messages arrive out-of-order?– Assume eventual consistency– Clocks are synchronized– Maintains a sliding window of sorted log messages
based on timestamp– Time window size is determined by the maximum
delay of passing a log message from client to W
![Page 13: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/13.jpg)
Collaborative monitoring mechanism
• Current approach– Centralized: availability, scalability, trustworthy
• Let’s make it distributed– Data state is maintained by a set of services– Each service maintains a view of the data state
![Page 14: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/14.jpg)
Design choice I
• Log send to one data state service and the service then propagate the log to other services in a synchronous manner– Pros• Strong consistency• Request can be answered by any service
– Cons• Large overhead due to synchronous communication
![Page 15: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/15.jpg)
Design choice II
• Log send to one service and the service propagate the log asynchronously– Pros• Better logging performance
– Cons• Uncertainty in answering an authentication request
![Page 16: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/16.jpg)
Their design
• Somewhere in between of the two extremes• Partition the key range into a few disjoint regions• Log message only sends to its designated region• Log message is propagate synchronously within the
region and asynchronously across regions• Authentication request is directed to service whose
region overlaps most with request range– Answer with certainty if request range falls inside service
region– Wait, if not
![Page 17: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/17.jpg)
Evaluation
• Overhead– Centralized design– Where does the
overhead come from?
![Page 18: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/18.jpg)
Evaluation
• VO calculation overhead
![Page 19: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/19.jpg)
Evaluation
• Performance improvement with multiple data state service
![Page 20: A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accoutable HotCloud 10 By Xuanran Zong.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cff5503460f949d0d93/html5/thumbnails/20.jpg)
Discussion
• Articulate the problem clearly and show one solution that employs third party to make the data state accountable
• Which part is the main overhead?– Communication? VO calculation?
• Distributed design does not help much when query range is large
• Do people want to sacrifice their performance(at least double the time) in order to make the service accountable?
• Can we use similar design to make other parts accountable? For instance, performance?