cloud computing (ltat.06.008) lecture 3- virtualization
TRANSCRIPT
Cloud Computing (LTAT.06.008)
Lecture 3- Virtualization
Mr. Shivananda R PoojaraResearch Assistant
Mobile and Cloud Lab
1
Outline- IaaS- Virtualization- Docker fundamentals
2
Lecture Outcome- Outline an IaaS service model, architecture and industry players- Understand the use of virtualization in cloud computing and its architecture, types & industry tools.- Understand the architecture of Docker and its working principles.
3
Lecture Content from the text book, chapter 3- Virtualization:
Mastering Cloud Computing – Book by Christian Vecchiola, Rajkumar Buyya, and S. Thamarai Selvi,
2013th edition.
Some presentations referred from Prof. Satish Srirama lecture in Spring 2019 https://courses.cs.ut.ee/MTAT.08.027/2019_spring/uploads/Main/L7_MoreAWSResearchMobileCloudLab2019.pdf
2/25/2020 Shivananda Poojara 4
http://nolegendhere.blogspot.com.ee/2012/06/presentation-4-5-7.html
Cloud Computing Services
Physical Infrastructure
Datacenter Cluster
Desktop /
Heterogeneous
ResourcesThird Party IaaS
Cloud
Infrastructure Management Software
SchedulingPricing /
Billing
Monitoring
QoS SLA
Management
ReservationVM Pool
ManagementVM Image Repository
Provisioning
Web Services, Portals, REST API
Web based Management Interface
Infrastructure as a service model
2/25/2020 Shivananda Poojara 5
http://buyya.com/
Corporate giants
2/25/2020 6• https://acemos.net/?page_id=71Shivananda Poojara
Cloud Providers and Services• Amazon Web Services – We will focus more..
• Compute: EC2
• Storage: S3, EBS
– Scaling: Elastic Load Balancing, Auto Scale, CloudWatch
• Eucalyptus
• OpenStack
• Management providers
• AWS Management Console
• OpenStack Horizon
• RightScale
• PaaS
• Google AppEngine
• Windows Azure
• Elastic MapReduce2/25/2020 Shivananda Poojara 7
Openstack
• Founded by NASA and Rackspace
• The open source cloud computing platform
• Feature-rich and massively scalable
• Powers cloud storage, compute, and networking
• A world-wide open source collaboration
• Openstack is Infrastructure as a Service which is knows as Cloud Operating System, that takes resources such as compute, storage and network, Virtualization technologies that control those resources at a data center level.
• > 110 + Companies >50 M Venture capital
• Motivation: Rackspace had $1.794 billion income
2/25/2020 Shivananda Poojara 8
Openstak Supporting companies
2/25/2020 Shivananda Poojara 9
Openstack high level architecture
2/25/2020 Shivananda Poojara 10
https://www.slideshare.net/kamesh001/openstack-101-update
2/25/2020 Shivananda Poojara 11
Communication
ServicesAmazon Simple
Queue Service
(SQS)
Amazon Simple
Notification Service
(EBS)
Amazon Simple
Email Service (SES)
Amazon Route 53
Amazon Virtual
Private Cloud (VPC)
Amazon Direct
Connect
Amazon Elastic
Load Balancing
Storage Services
Amazon Simple
Storage Service (S3)
Amazon Elastic
Block Store (EBS)
Amazon ElastiCache
Amazon SimpleDB
Amazon Relational
Database Service
(RDS)
Amazon CloudFront
Amazon
Import/Export
Compute Services
Amazon Elastic
Compute Cloud
(EC2)
Amazon Elastic
MapReduce
AWS Elastic
Beanstalk
AWS Cloudformation
Autoscaling
Amazon AWS Platform
Additional Services
Amazon GovCloud
Amazon Flexible
Payment Service
(FPS)
Amazon DevPay
Amazon Fullfillment
Web Service (FWS)
Amazon Mechanical
Turk
Alexa Web
Information Service
Amazon CloudWatch
Alexa Top Sites
Amazon Web Services stack
http://buyya.com/
Elastic container
service
Lamda
We will
focus in this
vertical-
IaaS
AWS Elastic Compute Cloud – EC2
• It provides scalable compute capacity in AWS cloud services.
• You can configure your own instance with security, networking and storage.
• Enables you to scale up and down to handle your workload.
• Characteristics:• Virtual computing environments known as instances.
• Preconfigured templates- Amazon Machine Images and package bits
• Various capacity types of instance – CPU, Memory, Storage
• Key pair for secure login
• Storage volumes for temporary data- instance store volumes
• Persistent storage volumes-Amazon EBS volumes
• Multiple physical locations for your resources-Regions and Availability Zones
• Security groups
• Static IPv4 addresses for dynamic cloud computing, known as Elastic IP addresses
• Connect to your own network, known as virtual private clouds (VPCs)
2/25/2020 Shivananda Poojara 12
AWS EC2 Dashboard
2/25/2020 Shivananda Poojara 13
AWS EC2 Instance Types• General purpose instance
• Uses: Scale-out workloads such as web servers, containerized micro services
• Compute Optimized
• Uses: High performance web servers, scientific modelling, batch processing, distributed analytics, machine/deep learning inference.
• Memory optimized instances
• Used for high performance databases, distributed web scale in-memory caches, real time big data analytics, and other enterprise applications.
• Accelerated Computing
• Machine/Deep learning, high performance computing, computational fluid dynamics,
• Storage optimized2/25/2020 Shivananda Poojara 14
AWS EC2 Spot Instances
• Spot Instances
• Spot Instances are available at a discount of up to 90% off compared to On-Demand pricing.
• Prices are set on spot based availability zone and region
• Used for known start and end types of applications
• Examples: fault-tolerant, or flexible applications such as big data, containerized workloads, CI/CD, web servers, high-performance computing (HPC),
2/25/2020 Shivananda Poojara 15
AWS cloud formation
• Provides an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion
• It is based on templates model
• Templates describe the AWS resources, the associated dependencies, and runtime parameters to run an app.
• The templates describe stacks, which are set of software and hardware resources.
• Something similar to CloudML and RightScale server templates
• Hides several details
• How the AWS services need to be provisioned
• Subtleties of how to make those dependencies work.
*handler operation durations above 30 seconds per operation, you will be charged $0.00008 per second above the threshold.
2/25/2020 Shivananda Poojara 16
Free tier 1,000 handler operations per month per account
Other $0.0009 per handler operation *
Inside AWS No price
Resources:
Ec2Instance:
Type: 'AWS::EC2::Instance'
Properties:
SecurityGroups:
- !Ref InstanceSecurityGroup
- MyExistingSecurityGroup
KeyName: mykey
InstanceType: t2.micro
ImageId: ami-7a11e213
InstanceSecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: Enable SSH access via port 22
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: 0.0.0.0/02/25/2020 17/37
Virtualization
• What is Virtualization?
• Being to Original but not…
• History of Virtualization:
• Virtualization’s roots go back to 1960’s from IBM in x86 Architecture.
• Jim Rymarcktz – first main frame virtualization.
• IBM’s CP-67 software to partitions and share.
• VmWare had become pioneer in the virtualization technologies.
• Virtualization transforms hardware into software.
• It is the creation of a fully functional virtual computer that can run its own applications and an operating system.
• Creates virtual elements of the CPU, RAM, and hard disk.
18
Virtualization- In nutshell
19https://www.redhat.com/en/topics/virtualization
Virtualization- DefinitionDefinition - What does Virtualization mean?
• Virtualization refers to the creation of a virtual resource such as a server, desktop, operating system, file, storage or network.
• Allows creation of secure, customizable and isolated execution environment for running applications.• Linux on Windows.
• Virtualization provides an abstract environment.
20
Virtualization- Motivation• Increased performance and computing capacity relevance to hardware
manufacturing.
• Underutilized Hardware and software Resources
• Lack of Space
• Greening Initiatives
• Rise of administrative costs • Administrative tasks include: labor intensive
• hardware monitoring
• defective hardware replacement
• server setup and updates
• resource monitoring backups
21
Three players in virtualization
Guest: direct contact with VL not to host
Virtualization Layer: recreating env. As like host. (Emulation)
Host : Original env. Where guest is managed
22
Virtualization Layer
Virtual Hardware Virtual NetworkingVirtual Storage
Software Emulation
HostPhysical
Hardware Physical Storage Physical Networking
GuestApplicationsApplicationsVirtual Image
http://buyya.com/
Characteristics of Virtualization• Increased Security
• Controlling the guest provides secure, controlled execution environment.
• Operations—Guest VM—emulate– Host– real operations.
• Resources can be hidden from guest not to install complex security policies.
Example:
- applets– download—run –sandbox version of JVM protects from guest to interact with host.
- Java and .NET provide such security policies for customizing execution environment.
• Managed Execution:
• Portability 23
Aggregati
onSharing Emulation Isolation Virtualization
Physical
Resources
Virtual
Resources
http://buyya.com/
Taxonomy of Virtualization Techniques
24
Virtualization
Execution
Environment
Storage
Network
….
Emulation
High-Level VM
Multiprogramming
Hardware-
assisted
Virtualization
Process
Level
System
Level
Paravirtualization
Full
Virtualization
How it is
done? TechniqueVirtualization
Model
Application
Programming
Language
Operating
System
Hardware
Partial
Virtualizationhttp://buyya.com/
Taxonomy of Virtualization Techniques
• Virtualization is mainly used to emulate execution environment , storage and networks.
• Execution Environment classified into two :
– Process-level – implemented on top of an existing operating system.
– System-level – implemented directly on hardware and do not or minimum requirement of existing operating system
• Computer system is complex, and yet it continue to evolve.
• Computer is designed as hierarchies of well-defined interfaces that separate level of abstraction.
• Simplifying abstractions hide lower-level implementation details.
25
Hypervisor• Hypervisor runs above the supervisor mode.
• It recreates a h/w environment. • It is a piece of s/w that enables us to run one or more VMs on a physical
server(host).
• Two major types of hypervisor -
26
Type –I
It runs directly on top of the hardware.
Takes place of OS.
Directly interact with the ISA exposed by the underlying hardware
Also known as native virtual machine.
Example: VmWare ESXi, MS HyperV
Type-II
It require the support of an operating system to provide virtualization services.
Programs managed by the OS.
Emulate the ISA of virtual h/w.
Also called hosted virtual machine
Example: KVM, Virtual Box
Type I & Type II Hypervisor
OS- Operating System
27
VM
ABI
Hardware
Operative System
ISA
Virtual Machine
Manager
ISA
APP
Hardware
ISA
Virtual Machine
Manager
ISA
http://buyya.com/
OS
Hardware virtualization Techniques• Full Virtualization
• Ability to run program (OS) directly on top of a virtual machine and without any modification.
• Para Virtualization• Guest OS need to be modified.
• Simply transfer the execution of instructions which were hard to virtualized, directly to the host.
• Partial Virtualization• Partial emulation of the underlying hardware and not allow complete isolation to guest OS.
• Hardware assisted Virtualization
• Hardware provides architectural support for building a VMM able to run a guest OS in complete isolation.
28
Different levels of Virtualization
29
Operative Systems
Execution S
tack
Hardware - level
Virtualization
Hardware
Programming Languages
Applications
OS- level
Virtualization
Programming
Language level
Virtualization
Application - level
Virtualization
http://buyya.com/
Cons of Virtualization
Disadvantages
– Performance degradation
– Inefficiency and degraded user experience
– As it interposes and abstraction layer between guest & host.
Some of specific features of the host is unexposed. Security holes and new threats
Case 1 – emulating a host in a completely transparent manner.
Case 2 - H/w virtualization , malicious programs can preload themselves before the OS and act as a thin VMM.
30
Containers• What is a container?
• LXC is a Linux container is a Linux operating system-level virtualization method for running multiple isolated linux based systems on single host controlled and managed by Namespaces and Cgroups.
• To understand the container technology, the following concepts play an important role:• Namespaces: Originally developed by IBM, Linux namespace partitions processes
and system resources so that only processes in the same namegroup get access to namegroup resources and processes.
Example: PID(Process Id), MNT(Mount file/folder), IPC,NET(Individual port and IP)
• Cgroups: Originally contributed by Google, Cgroups is a Linux kernel concept that governs the isolation and usage of system resources, such as CPU & memory, for a group of processes.
2/25/2020 31Shivananda Poojara
Ex: Filesystem namespaces
2/25/2020 Shivananda Poojara 32https://www.insecure.ws/linux/systemd_nspawn.html
2/25/2020 Shivananda Poojara 33https://twitter.com/goldshtn/status/988468555883696129/photo/1
Containers
• Containers decouple applications from operating systems, which means that users can have a clean and minimal Linux operating system and run everything else in some form of containers.
• Motivation
• Monolithic applications to distributed micro services application
• Evolution of DevOps
• Cross platform deployments
• Faster exploration and deployments
• Licensing costs
2/25/2020 34Shivananda Poojara
2/25/2020 35Shivananda Poojara
2/25/2020 36Shivananda Poojara
2/25/2020 37Shivananda Poojara
Difference between VM and Containers
2/25/2020 38https://rh6stzxdcl1wf9gj1fkj14uc-wpengine.netdna-ssl.com/wp-content/uploads/2017/01/VM-Diagram.png
Shivananda Poojara
Container Virtual Machine Bare metal server
Underlying platform OS or Virtual Machine or
X86 Bare metal Server
Hypervisor or Bare metal
server
--
Provisioning time seconds minutes Hours
Tenant isolation
enforcement
OS Kernel Hypervisor Physical
Performance: Speed and
Consistency
Average Average Fastest
2/25/2020 Shivananda Poojara 39
Container runtime platforms
• Docker
• CoreOS rkt
• Mesos
• LXC
• OpenVZ
• Containerd
2/25/2020 40
• Windows Server Containers.• Linux VServer.• Hyper-V Containers.• Unikernels.• Java containers.
Shivananda Poojara
Docker Overview
• Docker- Open source project(https://www.docker.com/)
• Docker Inc. – The company for enterprise deployments(https://www.docker.com/company)
2/25/2020 41Shivananda Poojara
Docker Architecture
2/25/2020 42Shivananda Poojara
Docker Architecture
2/25/2020 43
• The Docker Hub Registry:
• Public image registry
• The docker daemon talks to it via registry API.
• The Docker Client:
• The command line tool – The docker binary.
• Talks to the Docker daemon via the Docker API.
• The Docker daemon:
• Receives and processes an incoming Docker API requests.
Shivananda Poojara
Docker fundamentals
• Volumes
• Volumes are the data part of the container.
• It allows to persist and share a container’s data.
• Docker Image
• Images are read only templates build from Dockerfile.
• Each instruction from Dockerfile adds a layer in to the image.
• Layers are key to Docker’s lightweight and powerful structure.
• Docker uses Union File System.
• Duplication-free
• Layer segregation2/25/2020 44Shivananda Poojara
Docker fundamentals
• Dockerfile
• Its used to create docker image by using set of instructions.
2/25/2020 45Shivananda Poojara
Docker fundamentals
• Docker containers
• It’s a invisible box with everything the application needs to run.
• It includes OS, app code, runtime, system tools and libraries, etc.
• It built off from Docker images.
• Since image are read only, Docker adds a read-write file system over the read only file system to create the container.
• Docker creates network interface, executes the process specified when defining the image.
2/25/2020 46Shivananda Poojara
Docker container
2/25/2020 47Shivananda Poojara
https://linoxide.com/linux-how-to/dockerfile-create-docker-container/
2/25/2020 Shivananda Poojara 48https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/containerd
Linux Containers on Windows
2/25/2020 Shivananda Poojara 49https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/linux-containers
AWS Container Service• Elastic container service: (Container as a Service)
2/25/2020 50/37
Service name Use
Amazon ECR Store, encrypt, and manage container
images
Amazon ECS Run containerized applications or build
micro services
Amazon EKS Manage containers with Kubernetes
Amazon Fargate Run containers without managing
servers
References• Mastering Cloud Computing – Book by Christian Vecchiola, Rajkumar Buyya, and S. Thamarai
Selvi, 2013th edition.
• Docker Manual-pdf: http://wiki.zenoss.org/download/core/drich_slides/DockerSlides.pdf
• Docker Cheat Sheet: https://www.docker.com/sites/default/files/d8/2019-09/docker-cheat-sheet.pdf
• https://www.freecodecamp.org/news/a-beginner-friendly-introduction-to-containers-vms-and-docker-79a9e3e119b/
• https://www.snia.org/sites/default/files/CSI/SNIA_Intro_to_Containers_Container_Storage_and_Docker_Final.pdf
2/25/2020 51Shivananda Poojara
Next Lecture
Serverless Computing
2/25/2020 Shivananda Poojara 52