Management on Cloud 2011

cipi

Centro di Ricerca sull’Ingegneria delle Piattaforme Informatiche

Sticky Session Support in Auto Scaling Sticky Session Support in Auto Scaling IaaS Systems IaaS Systems

Michele Stecca, Luca Bazzucco, and Massimo Maresca

Follow me on Twitter: @steccamiE-mail: [email protected]

Computer Platform Research Center (CIPI)

University of Padova & Genova (Italy)

Washington D.C., July 9th 2011

cipi


22

AgendaAgenda

1.1. IntroductionIntroduction

2.2. Web Apps’ Session ManagementWeb Apps’ Session Management Session StickinessSession Stickiness Session Stickiness in Elastic ArchitecturesSession Stickiness in Elastic Architectures

3.3. Architectural Solutions for Session mgmtArchitectural Solutions for Session mgmt

4.4. Session Management in the Eucalyptus IaaS Session Management in the Eucalyptus IaaS systemsystem

5.5. ConclusionsConclusions

cipi


33

1. Introduction1. IntroductionDesign IssuesDesign Issues

How can we manage HTTP Sessions? How can we manage HTTP Sessions? Session Replication?Session Replication?

Where are Session data stored?Where are Session data stored? DB vs. in-memory?DB vs. in-memory?

How many servers do we need?How many servers do we need? Under- vs. Over- provisioning problemsUnder- vs. Over- provisioning problems

What if we migrate such an architecture What if we migrate such an architecture in elastic systems like IaaS? in elastic systems like IaaS?

Session Management? Load Balancer Session Management? Load Balancer support?support?

The deployment schema of a scalable system

supporting the execution of Web Applications

cipi


44

2. 2. Web Apps’ Session ManagementWeb Apps’ Session Management (1/4) (1/4)

Session Stickiness: general aspectsSession Stickiness: general aspects

Sticky SessionsSticky Sessions The Load Balancer can be configured to redirect the HTTP requests The Load Balancer can be configured to redirect the HTTP requests

related to the same Session to the same back-end noderelated to the same Session to the same back-end node Back-end nodes are independent and don’t need to share Sessions’ Back-end nodes are independent and don’t need to share Sessions’

datadata Sessions data are usually stored in-memorySessions data are usually stored in-memory

Non Sticky SessionsNon Sticky Sessions The Load Balancer can dispatch the HTTP requests regardless the The Load Balancer can dispatch the HTTP requests regardless the

specific Session they belong tospecific Session they belong to Back-end nodes need to share the Sessions’ dataBack-end nodes need to share the Sessions’ data Session data can be stored in-memory (a Session replication Session data can be stored in-memory (a Session replication

mechanism is needed) or in a common Databasemechanism is needed) or in a common Database

cipi


55


Session Stickiness: comparisonSession Stickiness: comparison

Sticky SessionsSticky Sessions The Load Balancer is supposed to keep track the ongoing Sessions to The Load Balancer is supposed to keep track the ongoing Sessions to

dispatch HTTP requests correctlydispatch HTTP requests correctly Back-end nodes are independent and doesn’t need to share Sessions’ Back-end nodes are independent and doesn’t need to share Sessions’

data (no synchronization overheads are added)data (no synchronization overheads are added) In case of a node failure all the Sessions running on that node are lostIn case of a node failure all the Sessions running on that node are lost

Non Sticky SessionsNon Sticky Sessions A “dumb” Load Balancer is allowedA “dumb” Load Balancer is allowed Back-end nodes need to share the Sessions’ data (e.g., by means of Back-end nodes need to share the Sessions’ data (e.g., by means of

specific protocols like JGroup)specific protocols like JGroup) Robust solution from a Fault Tolerance point-of-view (Sessions’ data Robust solution from a Fault Tolerance point-of-view (Sessions’ data

are shared among back-end nodes)are shared among back-end nodes)

cipi


66


Session Stickiness in elastic architectures (1/2)Session Stickiness in elastic architectures (1/2)

ElasticElastic means that the number of back-end servers may means that the number of back-end servers may change according to different metrics (e.g., the number of change according to different metrics (e.g., the number of incoming requests, the response time of the servers, etc.)incoming requests, the response time of the servers, etc.) Number of Servers can increase (Number of Servers can increase (scale-upscale-up operation) operation) Number of Servers can decrease (Number of Servers can decrease (scale-downscale-down operation) operation)

We focus on migration of Sticky Session-based systems to We focus on migration of Sticky Session-based systems to elastic architectures because Sticky Sessions: elastic architectures because Sticky Sessions: Don’t need to share a consistent state (e.g., through the JGroup Don’t need to share a consistent state (e.g., through the JGroup

protocol)protocol) Provide better performanceProvide better performance Often fulfill also the Fault Tolerance requirements (i.e., for non-Often fulfill also the Fault Tolerance requirements (i.e., for non-

mission-critical applications like e-commerce)mission-critical applications like e-commerce)

cipi


77


Session Stickiness in elastic* architectures (2/2)Session Stickiness in elastic* architectures (2/2)

The scale-up operation is safe by construction (we are adding The scale-up operation is safe by construction (we are adding resources)resources)

The scale-down operation isThe scale-down operation is Safe in the Non Sticky case (Session Data are replicated)Safe in the Non Sticky case (Session Data are replicated) Not safe in the Sticky case (by removing a back-end server we are Not safe in the Sticky case (by removing a back-end server we are

also removing all the Sessions running on it)also removing all the Sessions running on it) OUR AIM IS SUPPORTING SCALING DOWN OUR AIM IS SUPPORTING SCALING DOWN

OPERATIONS IN THE STICKY CASE WITHOUT LOSING OPERATIONS IN THE STICKY CASE WITHOUT LOSING ONGOING SESSIONSONGOING SESSIONS

*In this paper “elastic architecture” = “IaaS system”*In this paper “elastic architecture” = “IaaS system”

cipi


88

3. 3. Architectural Solutions for Session mgmt (1/5)Architectural Solutions for Session mgmt (1/5)Session Monitoring (1/2)Session Monitoring (1/2)

Definition: a back-end server is in “zombie-mode” when it can Definition: a back-end server is in “zombie-mode” when it can process ongoing sessions while it process ongoing sessions while it cannotcannot process process newnew sessionssessions

The Scaling down operation is performed as follows: The Scaling down operation is performed as follows: 1.1. Choose one of the active back-end servers to be turned off and call it Choose one of the active back-end servers to be turned off and call it

Terminating Server – TSTerminating Server – TS2.2. Put TS in zombie-modePut TS in zombie-mode3.3. Start monitoring the number of active sessions in TS (the Load Start monitoring the number of active sessions in TS (the Load

Balancer stores this information)Balancer stores this information)4.4. When the number of active sessions in TS = 0, issue a “turn off” When the number of active sessions in TS = 0, issue a “turn off”

command for TS in the IaaS systemcommand for TS in the IaaS system

cipi


99

3. 3. Architectural Solutions for Session mgmt (2/5)Architectural Solutions for Session mgmt (2/5)Session Monitoring (2/2)Session Monitoring (2/2)

AdvantagesAdvantages It is easy to implementIt is easy to implement The Load Balancer is supposed to provide only one “additional” The Load Balancer is supposed to provide only one “additional”

functionality (i.e., retrieveActiveSessionsForBackEndServer)functionality (i.e., retrieveActiveSessionsForBackEndServer) It can be applied to all available Web Servers because they don’t need It can be applied to all available Web Servers because they don’t need

to be changedto be changed

DisadvantagesDisadvantages It doesn’t minimize the expenditures because TS isn’t turned off It doesn’t minimize the expenditures because TS isn’t turned off

immediatelyimmediately The mechanism is vulnerable to attacks consisting of keeping The mechanism is vulnerable to attacks consisting of keeping

sessions alive for long timesessions alive for long time

cipi


3. 3. Architectural Solutions for Session mgmt (3/5)Architectural Solutions for Session mgmt (3/5)

The Scaling down operation is done The Scaling down operation is done as follows: as follows: 1.1. Choose one of the active back-end Choose one of the active back-end

servers to be turned off and call it servers to be turned off and call it Terminating Server – TSTerminating Server – TS

2.2. The Load Balancer invokes the The Load Balancer invokes the migrateSessions migrateSessions serviceservice in TS(1 in Fig.)in TS(1 in Fig.)

3.3. Migration of TS’ sessions to another Web Migration of TS’ sessions to another Web Server called NewServer through the Server called NewServer through the acceptSessionsacceptSessions service (2 in Fig.) service (2 in Fig.)

4.4. While the migration is in progress the While the migration is in progress the Load Balancer buffers all the requests Load Balancer buffers all the requests directed to TS. Turn off TS as soon as directed to TS. Turn off TS as soon as the Migration phase is endedthe Migration phase is ended

5.5. From now on the Load Balancer From now on the Load Balancer redirects all the requests originally redirects all the requests originally directed to TS to NewServerdirected to TS to NewServer 1010

Session Migration (1/2)Session Migration (1/2)

cipi


1111

3. 3. Architectural Solutions for Session mgmt (4/5)Architectural Solutions for Session mgmt (4/5)Session Migration (2/2)Session Migration (2/2)

AdvantagesAdvantages It leads to money savings because TS is immediately turned offIt leads to money savings because TS is immediately turned off It doesn’t suffer attacks consisting of keeping sessions alive for long It doesn’t suffer attacks consisting of keeping sessions alive for long

timetime

DisadvantagesDisadvantages It is more complicated to implementIt is more complicated to implement The Load Balancer must support more complex functionalities like The Load Balancer must support more complex functionalities like

“buffering”“buffering” Web Servers must provide the Web Servers must provide the migrateSessionsmigrateSessions and and acceptSessionsacceptSessions

APIsAPIs In order to create a “generic” autoscaling system, Web Servers should In order to create a “generic” autoscaling system, Web Servers should

provide standardized APIsprovide standardized APIs

cipi


1212

3. 3. Architectural Solutions for Session mgmt (5/5)Architectural Solutions for Session mgmt (5/5)Session Monitoring vs. Session MigrationSession Monitoring vs. Session Migration

Session Migration allows money savings because TS is Session Migration allows money savings because TS is immediately turned off but…immediately turned off but…

Web Servers don’t provide standardized APIs thus… Web Servers don’t provide standardized APIs thus…

We chose the Session Monitoring approach for secure We chose the Session Monitoring approach for secure scale-down operations in Sticky Session elastic scale-down operations in Sticky Session elastic systems.systems.

We added such a feature to the We added such a feature to the Eucalyptus Open Source IaaS system.Eucalyptus Open Source IaaS system.

cipi


1313

4. 4. Session mgmt in the Eucalyptus IaaS system (1/4)Session mgmt in the Eucalyptus IaaS system (1/4)Overview of the Eucalyptus systemOverview of the Eucalyptus system

It is an Open Source IaaS system compliant with Amazon EC2 interfacesIt is an Open Source IaaS system compliant with Amazon EC2 interfaces

cipi


1414

4. 4. Session mgmt in the Eucalyptus IaaS system (2/4)Session mgmt in the Eucalyptus IaaS system (2/4)Components added to the Eucalyptus systemComponents added to the Eucalyptus system

The Load Balancer, the Monitor, and the Control DaemonThe Load Balancer, the Monitor, and the Control Daemon

cipi


1515

4. Session mgmt in the Eucalyptus IaaS system (3/4)4. Session mgmt in the Eucalyptus IaaS system (3/4)

The Monitor is in charge of monitoring the actual resource The Monitor is in charge of monitoring the actual resource usage of each running instance in the back-endusage of each running instance in the back-end Implemented in JavaImplemented in Java

The Load Balancer supports the “zombie-mode” as well as The Load Balancer supports the “zombie-mode” as well as provides the number of active sessions for each serverprovides the number of active sessions for each server We extended the HaProxy Open Source Load Balancer which We extended the HaProxy Open Source Load Balancer which

supports hot-reconfigurationsupports hot-reconfiguration

The Control Daemon interacts with other Eucalyptus The Control Daemon interacts with other Eucalyptus components to start/stop virtualized servers on the basis of components to start/stop virtualized servers on the basis of performance indicatorsperformance indicators Implemented in JavaImplemented in Java

cipi


1616

4. Session mgmt in the Eucalyptus IaaS system (4/4)4. Session mgmt in the Eucalyptus IaaS system (4/4)Scaling-down operation implementationScaling-down operation implementation

The Control Daemon detects the need to perform a Scaling-The Control Daemon detects the need to perform a Scaling-down operation;down operation;

The Control Daemon sets the Terminating Server in zombie-The Control Daemon sets the Terminating Server in zombie-mode. From now on all new sessions will be forwarded to mode. From now on all new sessions will be forwarded to other servers;other servers;

The Control Daemon periodically polls the Load Balancer until The Control Daemon periodically polls the Load Balancer until all the sessions associated to the terminating node have all the sessions associated to the terminating node have expired;expired;

When all the sessions associated to the terminating node When all the sessions associated to the terminating node have expired, the Control Daemon turns off the TS VM and it have expired, the Control Daemon turns off the TS VM and it updates the Load Balancer configuration by removing the updates the Load Balancer configuration by removing the entry related to the terminated virtual machine.entry related to the terminated virtual machine.

cipi


1717

5. Conclusions5. Conclusions

We described the issues related to Web Apps’ Session We described the issues related to Web Apps’ Session mgmt in scalable architecturesmgmt in scalable architectures

We identified and compared two possible solutions for We identified and compared two possible solutions for safe scaling down operations in Sticky systems (Session safe scaling down operations in Sticky systems (Session Migration vs. Session Monitoring)Migration vs. Session Monitoring)

We described in details both the solutionsWe described in details both the solutions We implemented the Session Monitoring approach in the We implemented the Session Monitoring approach in the

Eucalyptus IaaS system supporting a safe Scaling-down Eucalyptus IaaS system supporting a safe Scaling-down operationoperation

In the future we plan to perform evaluation tests on the In the future we plan to perform evaluation tests on the prototype.prototype.

cipi


1818

Thank you for Thank you for your attention!your attention!

Follow me on Twitter: @steccamiEmail: [email protected]

Michele Stecca

Management on Cloud 2011

Technology

Transcript of Management on Cloud 2011