cloud computing (ltat.06.008) lecture 2- virtualization
TRANSCRIPT
Cloud Computing (LTAT.06.008)
Lecture 2- Virtualization
Mr. Shivananda R PoojaraResearch Assistant
Mobile and Cloud Lab
1
Lecture Outcome and Outline- Outline an IaaS service model, architecture and industry players- Understand the use of virtualization in cloud computing and its architecture, types & industry tools.- Understand the architecture of Docker and its working principles.
2
Lecture Content from the text book, chapter 3- Virtualization:
Mastering Cloud Computing – Book by Christian Vecchiola, Rajkumar Buyya, and S. Thamarai Selvi,
2013th edition.
Presentations from 7-24 referred from Prof. Satish Srirama lecture in Spring 2019 https://courses.cs.ut.ee/MTAT.08.027/2019_spring/uploads/Main/L7_MoreAWSResearchMobileCloudLab2019.pdf
2/16/2021 Shivananda Poojara 3
Cloud Computing Services
Physical Infrastructure
Datacenter Cluster
Desktop /
Heterogeneous
ResourcesThird Party IaaS
Cloud
Infrastructure Management Software
SchedulingPricing /
Billing
Monitoring
QoS SLA
Management
ReservationVM Pool
ManagementVM Image Repository
Provisioning
Web Services, Portals, REST API
Web based Management Interface
Infrastructure as a service model
2/16/2021 Shivananda Poojara 4
http://buyya.com/
Cloud Providers and Services• Amazon Web Services – We will focus more..
• Compute: EC2
• Storage: S3, EBS
– Scaling: Elastic Load Balancing, Auto Scale, CloudWatch
• Eucalyptus
• OpenStack
• Management providers
• AWS Management Console
• OpenStack Horizon
• RightScale
• PaaS
• Google AppEngine
• Windows Azure
• Elastic MapReduce2/16/2021 Shivananda Poojara 5
Openstack• Founded by NASA and Rackspace
• The open source cloud computing platform
• Feature-rich and massively scalable
• Powers cloud storage, compute, and networking
• A world-wide open source collaboration
• Openstack is Infrastructure as a Service which is knows as Cloud Operating System, that takes resources such as compute, storage and network, Virtualization technologies that control those resources at a data center level.
• > 110 + Companies >50 M Venture capital
• Motivation: Rackspace had $1.794 billion income
2/16/2021 Shivananda Poojara 6
Openstack supporting companies
2/16/2021 Shivananda Poojara 7
Openstack high level architecture
2/16/2021 Shivananda Poojara 8
https://www.slideshare.net/kamesh001/openstack-101-update
2/16/2021 Shivananda Poojara 9
Communication
ServicesAmazon Simple
Queue Service
(SQS)
Amazon Simple
Notification Service
(EBS)
Amazon Simple
Email Service (SES)
Amazon Route 53
Amazon Virtual
Private Cloud (VPC)
Amazon Direct
Connect
Amazon Elastic
Load Balancing
Storage Services
Amazon Simple
Storage Service (S3)
Amazon Elastic
Block Store (EBS)
Amazon ElastiCache
Amazon SimpleDB
Amazon Relational
Database Service
(RDS)
Amazon CloudFront
Amazon
Import/Export
Compute Services
Amazon Elastic
Compute Cloud
(EC2)
Amazon Elastic
MapReduce
AWS Elastic
Beanstalk
AWS Cloudformation
Autoscaling
Amazon AWS Platform
Additional Services
Amazon GovCloud
Amazon Flexible
Payment Service
(FPS)
Amazon DevPay
Amazon Fullfillment
Web Service (FWS)
Amazon Mechanical
Turk
Alexa Web
Information Service
Amazon CloudWatch
Alexa Top Sites
Amazon Web Services stack
http://buyya.com/
Elastic container
service
Lamda
We will
focus in this
vertical-
IaaS
AWS Elastic Compute Cloud – EC2
• It provides scalable compute capacity in AWS cloud services.
• You can configure your own instance with security, networking and storage.
• Enables you to scale up and down to handle your workload.
• Characteristics:• Virtual computing environments known as instances.
• Preconfigured templates- Amazon Machine Images and package bits
• Various capacity types of instance – CPU, Memory, Storage
• Key pair for secure login
• Storage volumes for temporary data- instance store volumes
• Persistent storage volumes-Amazon EBS volumes
• Multiple physical locations for your resources-Regions and Availability Zones
• Security groups
• Static IPv4 addresses for dynamic cloud computing, known as Elastic IP addresses
• Connect to your own network, known as virtual private clouds (VPCs)
2/16/2021 Shivananda Poojara 10
AWS EC2 Instance types
2/16/2021 Shivananda Poojara 11
AWS EC2 Instance Types
• General purpose instance
• Uses: Scale-out workloads such as web servers, containerized micro services
• Compute Optimized
• Uses: High performance web servers, scientific modelling, batch processing, distributed analytics, machine/deep learning inference.
• Memory optimized instances
• Used for high performance databases, distributed web scale in-memory caches, real time big data analytics, and other enterprise applications.
• Accelerated Computing
• Machine/Deep learning, high performance computing, computational fluid dynamics,
• Storage optimized
2/16/2021 Shivananda Poojara 12
AWS EC2 Spot Instances
• Spot Instances • Spot Instances are available at a discount of up to 90% off compared to On-
Demand pricing.
• Prices are set on spot based availability zone and region
• Used for known start and end types of applications
• Examples: fault-tolerant, or flexible applications such as big data, containerized workloads, CI/CD, web servers, high-performance computing (HPC)
2/16/2021 Shivananda Poojara 13
AWS cloud formation
• Provides an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion
• It is based on templates model
• Templates describe the AWS resources, the associated dependencies, and runtime parameters to run an app.
• The templates describe stacks, which are set of software and hardware resources.
• Something similar to CloudML and RightScale server templates
• Hides several details
• How the AWS services need to be provisioned
• Subtleties of how to make those dependencies work.
*handler operation durations above 30 seconds per operation, you will be charged $0.00008 per second above the threshold.
2/16/2021 Shivananda Poojara 14
Free tier 1,000 handler operations per month per account
Other $0.0009 per handler operation *
Inside AWS No price
Resources:
Ec2Instance:
Type: 'AWS::EC2::Instance'
Properties:
SecurityGroups:
- !Ref InstanceSecurityGroup
- MyExistingSecurityGroup
KeyName: mykey
InstanceType: t2.micro
ImageId: ami-7a11e213
InstanceSecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: Enable SSH access via port 22
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: 0.0.0.0/02/16/2021 15/37
Virtualization
• What is Virtualization?
• Being to Original but not…
• History of Virtualization:
• Virtualization’s roots go back to 1960’s from IBM in x86 Architecture.
• Jim Rymarcktz – first main frame virtualization.
• IBM’s CP-67 software to partitions and share.
• VmWare had become pioneer in the virtualization technologies.
• Virtualization transforms hardware into software.
• It is the creation of a fully functional virtual computer that can run its own applications and an operating system.
• Creates virtual elements of the CPU, RAM, and hard disk.
16
Virtualization- In nutshell
17https://www.redhat.com/en/topics/virtualization
Virtualization- DefinitionDefinition - What does Virtualization mean?
• Virtualization refers to the creation of a virtual resource such as a server, desktop, operating system, file, storage or network.
• Allows creation of secure, customizable and isolated execution environment for running applications.• Linux on Windows.
• Virtualization provides an abstract environment.
18
Virtualization- Motivation• Increased performance and computing capacity relevance to hardware
manufacturing.
• Underutilized Hardware and software Resources
• Lack of Space
• Greening Initiatives
• Rise of administrative costs • Administrative tasks include: labor intensive
• hardware monitoring
• defective hardware replacement
• server setup and updates
• resource monitoring backups
19
Three players in virtualization
Guest: direct contact with VL not to host
Virtualization Layer: recreating env. As like host. (Emulation)
Host : Original env. Where guest is managed
20
Virtualization Layer
Virtual Hardware Virtual NetworkingVirtual Storage
Software Emulation
HostPhysical
HardwarePhysical Storage Physical Networking
GuestApplicationsApplicationsVirtual Image
http://buyya.com/
Characteristics of Virtualization• Increased Security
• Controlling the guest provides secure, controlled execution environment.
• Operations—Guest VM—emulate– Host– real operations.
• Resources can be hidden from guest not to install complex security policies.
Example:
- applets– download—run –sandbox version of JVM protects from guest to interact with host.
- Java and .NET provide such security policies for customizing execution environment.
• Managed Execution:
• Portability 21
Aggregati
onSharing Emulation Isolation Virtualization
Physical
Resources
Virtual
Resources
http://buyya.com/
Taxonomy of Virtualization Techniques
22
Virtualization
Execution
Environment
Storage
Network
….
Emulation
High-Level VM
Multiprogramming
Hardware-
assisted
Virtualization
Process
Level
System
Level
Paravirtualization
Full
Virtualization
How it is
done? TechniqueVirtualization
Model
Application
Programming
Language
Operating
System
Hardware
Partial
Virtualization
http://buyya.com/
Taxonomy of Virtualization Techniques
• Virtualization is mainly used to emulate execution environment , storage and networks.
• Execution Environment classified into two :
– Process-level – implemented on top of an existing operating system.
– System-level – implemented directly on hardware and do not or minimum requirement of existing operating system
• Computer system is complex, and yet it continue to evolve.
• Computer is designed as hierarchies of well-defined interfaces that separate level of abstraction.
• Simplifying abstractions hide lower-level implementation details.
23
Hypervisor• Hypervisor runs above the supervisor mode.
• It recreates a h/w environment. • It is a piece of s/w that enables us to run one or more VMs on a physical
server(host).
• Two major types of hypervisor -
– Type –I – Type-II• It runs directly on top of the hardware.
• Takes place of OS.
• Directly interact with the ISA exposed by the
underlying hardware.
• Also known as native virtual machine.
Example: VmWare ESXi, MS HyperV
24
• It require the support of an operating system to provide virtualization services.
• Programs managed by the OS.• Emulate the ISA of virtual h/w.• Also called hosted virtual machine.Example: KVM, Virtual Box
Type I & Type II Hypervisor
OS- Operating System
25http://buyya.com/
Type IType II
Hardware virtualization Techniques• Full Virtualization
• Ability to run program (OS) directly on top of a virtual machine and without any modification.
• Para Virtualization• Guest OS need to be modified.
• Simply transfer the execution of instructions which were hard to virtualized, directly to the host.
• Partial Virtualization• Partial emulation of the underlying hardware and not allow complete isolation to guest OS.
• Hardware assisted Virtualization
• Hardware provides architectural support for building a VMM able to run a guest OS in complete isolation.
26
Different levels of Virtualization
27
Operative Systems
Execution S
tack
Hardware - level
Virtualization
Hardware
Programming Languages
Applications
OS- level
Virtualization
Programming
Language level
Virtualization
Application - level
Virtualization
http://buyya.com/
Cons of Virtualization
Disadvantages
– Performance degradation
– Inefficiency and degraded user experience
– As it interposes and abstraction layer between guest & host.
Some of specific features of the host is unexposed. Security holes and new threats
Case 1 – emulating a host in a completely transparent manner.
Case 2 - H/w virtualization , malicious programs can preload themselves before the OS and act as a thin VMM.
28
Containers• What is a container?
• LXC is a Linux container is a Linux operating system-level virtualization method for running multiple isolated linux based systems on single host controlled and managed by Namespaces and Cgroups.
• To understand the container technology, the following concepts play an important role:• Namespaces: Originally developed by IBM, Linux namespace partitions processes
and system resources so that only processes in the same namegroup get access to namegroup resources and processes.
• Cgroups: Originally contributed by Google, Cgroups is a Linux kernel concept that governs the isolation and usage of system resources, such as CPU & memory, for a group of processes.
2/16/2021 29Shivananda Poojara
Namespaces• Namespaces are a feature of the Linux kernel that partitions kernel resources such that
one set of processes sees one set of resources while another set of processes sees a different set of resources.
Examples: PID(Process Id), MNT(Mount file/folder), IPC,NET(Individual port and IP)
Process Id namespace Filesystem namespace
2/16/2021 30Shivananda Poojarahttps://blog.codecentric.de/en/2019/06/docker-demystified/
https://www.toptal.com/linux/separation-anxiety-isolating-your-system-with-linux-namespaces
Broad view of Filesystem namespace
2/16/2021 Shivananda Poojara 31https://www.insecure.ws/linux/systemd_nspawn.html
2/16/2021 Shivananda Poojara 32https://twitter.com/goldshtn/status/988468555883696129/photo/1
Containers in nutshell
• Containers decouple applications from operating systems, which means that users can have a clean and minimal Linux operating system and run everything else in some form of containers.
• Motivation
• Monolithic applications to distributed micro services application
• Evolution of DevOps
• Cross platform deployments
• Faster exploration and deployments
• Licensing costs
2/16/2021 33Shivananda Poojara
Difference between VM and Containers
2/16/2021 34https://rh6stzxdcl1wf9gj1fkj14uc-wpengine.netdna-ssl.com/wp-content/uploads/2017/01/VM-Diagram.png
Shivananda Poojara
Container Virtual Machine Bare metal server
Underlying platform OS or Virtual Machine or
X86 Bare metal Server
Hypervisor or Bare metal
server
--
Provisioning time seconds minutes Hours
Tenant isolation
enforcement
OS Kernel Hypervisor Physical
Performance: Speed and
Consistency
Average Average Fastest
2/16/2021 Shivananda Poojara 35
Container runtime platforms
• Docker
• CoreOS rkt
• Mesos
• LXC
• OpenVZ
• Containerd
2/16/2021 36
• Windows Server Containers.• Linux VServer.• Hyper-V Containers.• Unikernels.• Java containers.
Shivananda Poojara
Docker
• In 2013, Solomon Hykes started Docker as an internal project in dotCloud.
• Docker released to open source(moby project) in March 2013.
• Docker enterprise edition introduced in 2016 as a first commercial product.
• Docker community edition is free and community supported with 3400+ contributors.
2/16/2021 37Shivananda Poojara
Docker architecture
2/16/2021 38Shivananda Poojara https://docs.docker.com/get-started/overview/
Docker basics• Docker Image
• The basis of a Docker container
• Images are read only templates build from Dockerfile.
• Docker uses Union File System.
• Duplication-free
• Layer segregation
• Docker Engine• The software that executes commands for containers. Networking and
volumes are part of Engine. Can be clustered together.
• Docker Registry• Stores, distributes and manages Docker Images.
• Docker Container• The image when it is running, The standard unit for application service.2/16/2021 39Shivananda Poojara
Docker Image Docker Volumes
2/16/2021 40Shivananda Poojara
https://linoxide.com/linux-how-to/dockerfile-create-docker-container/https://docs.docker.com/storage/
Build, Ship and Run any application, anywhere
• Build • Construct a docker image which includes code, a runtime, libraries,
environment variables and config files using Dockerfile.
• Ex: docker build command with (Dockerfile)
• Ship• Push the image in to destination location/infrastructure/docker
registry(docker hub/ org. registry)
• Ex: docker push command
• Run• Pull an image from registry and run in seconds without any dependencies.
• Ex: docker pull, run commands
2/16/2021 41Shivananda Poojara
Docker Compose• A tool for defining and running a multi container Docker applications.
• Uses a single YAML file to configure all application services.
• With single command create and start all services with dependency.
2/16/2021 42Shivananda Poojara
With Compose Without Compose
Build and run one container at a time Define multi container app in
compose.yaml
Manually connect the containers together Single command to deploy entire app
Careful with start up order and depencies Automated management of container
dependencies
Docker installation and orchestration
• Docker installation:• Supported in Linux and Windows operating system.
• Earlier, natively supported in Linux and Linux VM based deployment in Windows
• Windows containers can be deployed in Windows OS and Linux containers are supported with WSL in Windows.
• Docker Orchestration• Docker Swarm
• Kubernetes
2/16/2021 43Shivananda Poojara
Key benefits of docker• Efficiency
• Less OS overhead
• Improved VM density in VM + docker environment
• Portability • Less dependencies between process layers = ability to move between
infrastructure
• Repeatability • Do not depend on the runtime, build once's, use many times
• Automation• Build and run anywhere in moments
• Speed• No OS to boot = applications online in seconds
2/16/2021 44Shivananda Poojara
References• Mastering Cloud Computing – Book by Christian Vecchiola, Rajkumar Buyya, and S. Thamarai
Selvi, 2013th edition.
• Docker Manual-pdf: http://wiki.zenoss.org/download/core/drich_slides/DockerSlides.pdf
• Docker Cheat Sheet: https://www.docker.com/sites/default/files/d8/2019-09/docker-cheat-sheet.pdf
• https://www.freecodecamp.org/news/a-beginner-friendly-introduction-to-containers-vms-and-docker-79a9e3e119b/
• https://www.snia.org/sites/default/files/CSI/SNIA_Intro_to_Containers_Container_Storage_and_Docker_Final.pdf
2/16/2021 45Shivananda Poojara
Next Lecture
Platform as a Service
2/16/2021 Shivananda Poojara 46