Introduzione al Cloud computing
Roberto Beraldi
Outline
•
•
•
•
What is cloud computing
Benefit of cloud computing
Types of cloud computing
Examples
What is cloud computing
A style of computing in which dynamically
scalable and often virtualized resources are
provided as a service over the Internet.
[Wikipedia]
Why is it called cloud?
User
Cloud with servers
•
•
•
•
Services provided on virtualised resources
Virtual machines spawned on demand
Location of services no longer certain
Pay as you go price model
User
A new IT model?
• “Cloud computing is likely to have the same impact on
software that foundries have had on the hardware industry”*
Semiconductor foundries that
produce chips for others
“fab-less” semiconductor
companies,whose value is
innovative chip design
Multiplex of state-of-the-art
fabrication line
[*] Above the Clouds: A Berkeley View of Cloud Computing
A new IT model?
Production
Utility computing
Transportation
Users
Benefit of cloud computing
• Flexibility:
-Flexible provisioning
-Add machines on demand
-Add storage on demand
• Effort:
-Low barrier to entry
-Elimination of up-front commitment of cloud users
-Initial effort: no need to spec and set up physical
infrastructure
-No need to maintain physical infrastructure
Benefit of cloud computing
• Cost:
-No Initial capital expenditure
-No Costs of over-provisioning for scalability
-Pay for what you use
• Reliability:
-Redundancy
-Trust reliability of provider
-Data backups
-..but, what happens when provider goes down?
- …What about Security? Privacy?
Example: provisioning
Provisioning for peak load
Underprovisioning -1
Underprovisioning - 2
Storage service in the cloud
Cloud computing flavors
(SaaS)Software as a Service
XaaS
(PaaS) Platform as a Service
(IaaS) Infrastructure as a Service
XaaS
Web URL
(standard HTTP methods)
Service
web brower
HTTP
IaaS
PaaS
(a.k.a. web API) SaaS
Rest,XML-RPC,etc
HTTP
Application
Programmatic Service Access
(many methods)
• A service is delivered through two access points:
• Standard web browsing (HTTP) and
• Programmatic access (Rest,XML-RPC,SOAP, etc. over HTTP)
Software as a Service
SW Component
SW application
Client SW
• A SW application that runs remotely
• Does not require any local special installation (accessed through standard
methods), e.g., js program making calls from within a browser
• SW components do not interact with each other; rather they are
‘orchestrated’ remotely…
Example
Top Web API*
1)
2)
Google Maps – mapping: 5 billion calls /day and 2184 mashups
Facebook - social networking: 5 billion calls /day and 237
mashups
3) Flickr- photos sharing : 567 mashups
4) Twitter – microblogging : 3 billion calls /day , 75% of all
traffic and 547 mashups
5) Netflix – video : about 1 billion calls/day
6) eBay – auction : about half billion calls/ day and 206 mashups
7) Amazon- online storage : over 100 billion objects stored in S3
8) Salesforce.com – CRM : over 50% of all their transactions
9) Twilio – telephony: 144 mashups
10) Box.net – online storage: 70 mashups
(*) Source: GetApp.com@2011
Example: Doodle®
SaaS example
Google forms
Edit
publish
https://spreadsheets.google.com/viewform?formkey
read
Google docs®
Google APIs
Flickr® API
•Le funzioni del sito sono
rese disponibili come
servizi web
•Ci sono 3 differenti ‘endpoint’, ciascuno per un
formato di richiesta
differente
http://api.flickr.com/services/rest/
http://api.flickr.com/services/soap/
http://api.flickr.com/services/xmlrpc/
Facebook API
•
“The Graph API presents a simple, consistent view of the Facebook social graph,
uniformly representing objects in the graph (e.g., people, photos, events, and
pages) and the connections between them (e.g., friend relationships, shared
content, and photo tags).”
Graph API, simple but great idea
friend relationship
People
home
…
People
books
Example
Object ID
Example: query the object..
Facebook API
Another example: ORANGE
Storage as a Service
• Dropbox is a free (up to 2GB), web-based cloud storage mechanism
–
–
–
–
file backup service
data sharing
Data sync among different clients
Mobile applications
Windows
.mp3
.avi
.jpg
Linux
iPhone
iPad
REST / JSON
Blackberry
MAC
Android
Features
Dropbox API
The Dropbox API utilizes a REST-style architecture over the HTTP
protocol. In other words, many of the functions in it use standard URLs
via GET or POST. All messaging is delivered in the JSON format
Technology supported
Example of applications
Example (SourceKit)
• A Textmate like lightweight programmer's text editor right inside of
Chrome. It saves files directly to Dropbox, so if you have the Dropbox sync
software installed, the changes will appear locally as if you did so with a
text editor! Changes will be stored remotely so naturally this same
extension will pull up the same copy of the file everywhere!
Another example
Platform as a Service
• Provide a ‘platform’ for application
development
• Developers do have access to a SDK that
allows to develop a new application and to
deploy it in the cloud
• Impact on the programming model
• Google’s app engine, Windows Azure,
Picloud…
PaaS – Ex1: GAE
• Cloud service for running web applications on the
Google data center
• Do one thing well
– Simple configuration
– Transparent scalability
• “infinite” number of applications, req/sec storage
– Security
• All applications run inside a sandbox, do not have direct access to
file system, cannot open other connections
GAE architecture
• Google App Engine speaks with web applications
through the Web Server Gateway Interface (WSGI)
standard protocol
• App Engine and SDK includes the webapp2
framework that implements WSGI
– Advanced frameworks can be used, e.g., Django
WSGI Protocol
HTTP Requests
WEB Server
WEB App
GAE: supported language
• Java
– JVM, Java servlet, …
– SDK Eclipse extension
• Python
– Standard library (without ‘unsecure’ calls)
• Go
LAB: Hello Word in GAE
• What we need:
– Google account
– GAE registration
• Plafond free (10 app)
– Register a new application
• The application ID will be used to deploy the
application
– SDK
– Python 2.7 (does not support 3.x)
Hello Word in GAE
Step 1
Code
Step 4
Deploy
helloworld.py
“Google Cloud”
Web-based Admin console
Conf
app.yaml Step 3
Simulator
Step 2
Hello Word in GAE
Step 1
Code
helloworld.py
• Define a handler for the HTTP requests as a class that extends
webapp2.RequestHandler class (MainPage)
– Attributes : response, request (instance of class Request, Response)
– Methods: get,post, etc.. (to override)
• Map HTTP get request to get method (also post, put, etc..)
• Write data to HTTP response through self.response
• app is a global name that must assigned to the application
Step 3
Conf
app.yaml
Step 4
Deploy
“Google Cloud”
appcfg.py update .
Web-based Admin console
• An application name helloword must be registered with the
google engine
– helloworld.appspot.com
GAE architecture (simplified view)
Load
Balancer
HTTP Requests
Other
Google
Service
App Eng
Front End
App Eng
Front End
App Eng
Front End
App Server
App Server
App Server
API layer
APP
APP
APP
Python GAE architecture
Stateless Google API
REQ/REP
Services
CGI
URLfetch
mail
Python
VM
images
Sandbox
Standard
Lib
App
Read-only
File system
Stateful API
BigTable
MEMCACHE
DATASTORE
Source: Google App Engine – Guido van Rossum
Python GAE architecture (scaling)
HTTP (e.g., service time <10 sec,
Size of a file < 1 MB)
Stateless Google API
REQ/REP
Services
CGI
URLfetch
mail
Python
VM
images
Sandbox
Standard
Lib
•Queue of precreated
processes
•Quota on resources
App
Read-only
File system
Stateful API
BigTable
MEMCACHE
DATASTORE
Source: Google App Engine – Guido van Rossum
More complex example
• Use a google calendar through your own
application
• OAuth 2.0 required to grant access (token)
• Calendar API call requires the token
• Application must be registered to the Google
API console
Google Calendar
• Event
• Calendar
• CalendarList
REST
API
Actors
define: redirect_uri
develop
Developer
register
Web application
Google API console
OAuth Authorization
server
authenticate
consent
User
User consent
User authentication and consensus
http://accounts.goole.com /o/oauth2/auth
Authorization
Server
GET accounts.google.com/o/oauth2/auth?
response_type=code&
scope=https://www.googleapis.com/auth/calendar&
redirect_uri=https://xxxxxx/oauth2callback&
client_id=<given at registration time>&
hl=it
…
http://code.google.com/intl/it-IT/apis/accounts/docs/OAuth2.html
http://code.google.com/intl/it-IT/apis/accounts/docs/OAuth2WebServer.html
Passing authorization
Browser
GET
Autherization
Server
Redirect (302)
Location: http:// code=..
Callback
Web application
Registering the application
to be used inside authetication requests
URI used to redirect the browser after authentication
(specified during application registration)
Obtaining an access token
Cloud Application
OAuth Server
oauth2callback.py
…
home.py
app.yaml
- url: /.*
script: home.app
- url: /oauth2callback.*
script: oauth2callback.app
secure: always
Performing operations
Cloud Application
Calendar
oauth2callback.py
Rest endpoint
Mobile cloud computing
Repubblica del 31 marzo
Get the list of events from a calendar
• Demo
Another example: Trip support
• In this example, events are trips from one city
to another
• We add support by weather conditions and
directions
PaaS example2: Windows Azure
• It is a set of integrated cloud technologies each
providing a specific set of services to application
developers
• Windows Azure provides developer-accessible
services for creating applications
• Strongly integrated with Visual studio
– Development fabric simulator
– Development storage simulator
Architectural view
Windows Azure provides a
Window-based environment for
running applications and storing
data in MS datacenters
SQL Azure provides data service in
the cloud on SQL Server
AppFabric provides cloud
service for connecting
applications running in the
cloud or on premises
Windows Azure Architecture
Compute service: allows to
run applications following a
specific programming model
Storage service is available to
cloud and on-premises
applications. Accessed via
REST
The fabric layer provides
virtualization (Hyper-V)
Azure: Service Model
• Developers write their code and describes a service
model
• Service model includes role definitions, VM size,
instance count, endpoints, etc.
• Packaged code + the service model are uploaded to
Azure, which deploys the service in the Microsoft
Datacenters according the service
Deployement
1. Register (Live-id)
Web Portal
2. Create Hosted-Service
http://xxxx.cloudapp.net
Service
3. Package upload
.csconf + .cspkg
Service
Fabric
Controller
Conf
(n.inst. =3)
Service
.cspkg
Service
Difference with traditional
programming model
• Interaction with the OS
– Previous release allows only run application in the
user mode. Now removed
– Modify the system property is critical, however. The
application can moved on other VM
• Storage must be external to role instances.
– File system is not a persistent storage!
• Interactions among roles
– Asynchronous through queues (though direct
interaction is possible)
– Instances must be stateless
Programming model
• A Windows Azure application is built from one or more roles
• A Windows Azure application runs multiple instances of the
each role
– Each on these instances run inside a VM provided by the hypervisor
Hyper-V®
– Number of instances are defined via a configuration file (is not varied
automatically)
• A Windows Azure application behaves correctly when any role
instance fail
Roles
•
Web roles are intended to accept and process HTTP requests
using IIS (Internet Information Service)
– Developers can create Web role instances using various technologies
including ASP.NET, Windows Communication Foundation (WCF), PHP
and java
• Worker roles are intended to perform background jobs. They
typically interact with the Web role via a queue
• VM roles run an image (Virtual Hard Disk, VHD) of a Windows
Server 2008 R2 virtual machine
– The VHD is created using on-premises machine
Example
2 tier application model: web
role (front-end) and worker
role (back-end)
•Application designed to
scale-out (multiple copies on
different VM) rather than
scale-up (one copy on a
‘bigger’ machine)
•No affinity among roles:
multiple request can be sent
to different instances
PiCloud (python)
Iaas: Amazon Web Service
IaaS Example: SeeWEB
Calcolatore
http://www.seeweb.it/cloudserver/
La “nuvola italiana”
Cloud actors
Grid computing
• Use of a ‘computational grid’
• Allows to share computation resources (computers,
clusters,.. storage, db) and special devices (e.g.,
telescopes) among virtual organizations
• Resources are managed by different organization
• Usually for scientific purpose
• Simple yet effective example: Seti@home
– More precisely it desktop grid or ‘Volunteer
computing’
SETI: Search for Extra-Terrestrial Intelligence
Internet
Data is recorded on highdensity tapes at the Arecibo
telescope in Puerto Rico and
sent to Berckely
The data is then divided into
0.25 Mbyte chunks (which
we call "work-units")
10 KHz x 2 (Nyquist) x 100 s
x 8 bit
These are sent
from the
Seti@Home server
over the Internet
to people around
the world to
analyze.
SETI
• Find deviations
from Gaussian
• Get data chunk
from the central
server (radiotelescope)
• FFT as
screensaver
http://lhcathome.cern.ch/grid/index.shtml
Macchine virtuali
• Una macchina virtuale è una macchina Logica
“realizzata in software” (ML) che gira su una
macchina Fisica (MF)
• Due tipi principali di emulazione
• Emulazione non nativa. ML≠MF
– Tipicamente Process virtual machine
• Emulazione nativa. ML=MF
– Tipicamente System virtual machine
Process virtual machine
• Gira come processo SW
• Utile per ottenere portabilità ed interoperabilità di
applicazioni
• Java Virtual Machine
• Common Language Runtime (CLR), cuore
dell’architettura .NET
Macchina virtuali ed interoperabilità
• Java Virtual Machine (JVM)
– ISA: Macchina a stack (zero-register)
– Linguaggio macchina: Bytecode
Java
• Portabilità:
“write once run
everywhere”
JVM
MF1
MF2
MFn
Macchina virtuali ed interoperabilità
• Common Language Runtime (CLR); .NET framework
– Macchina a stack (zero-register)
– Common Intermediate Language (CIL); MSIL
C#
• Cross-language
integration
VB
F#
Compiltatore di
front-end
IL
MF1
MF2
MFn
Compiltatore di
back-end
Just In Time (JIT)
System virtual machine
• La Macchina virtuale riproduce la stessa
macchina fisica (“Efficient, isolated duplicate
of a real machine”*)
• La virtualizzazione è realizzata da un Virtual
Machine Monitor (VMM) o hypervisor
• Processo : SO = Supervisor : Hypervisor
System virtual machine
• Due tipologie principali di hypervisor
• Full virtualization
– Il SO gira senza alcuna modifica (VMWare)
– Necessario per SO legacy
• Paravirtualization
– Il SO deve essere modificato per effettuare Hyper
Calls (Xen)
– Maggiore efficienza
VMM- propietà
• Fidelity
– Ogni programma che gira sulla VM (dal VMM) deve
avere lo stesso comportamento dello stesso
programma eseguito sul sistema fisico
• Safety
– Controllo completo delle risorse virtualizzate
• Efficiency
– Una buona percentuale di istruzioni deve essere
esguita senza l’intervento del VMM
Risorse
• Xen and the Art of Virtualization, Pratt et al.
SOSP 2003.
• A Comparison of Software and Hardware
Techniques for x86 Virtualization, K. Adams,
O. Agesen. ASPLOS 2006.
Classical virtualization
• “A classical VMM executes guest operating system directly, but at a
reduced privileged level. The VMM intercepts traps from the deprivileged guest, and emulates the trapping instruction against a
virtual machine state”[*]
• Teorema: Se tutte le istruzioni sensibili (che possono modificare lo
stato delle risorse) girano in modalità protetta, allora è possibile
realizzare un VMM seguendo la “classical virtualization”
• Le archietterure x86 (32 e 64 bit) no hw assisted non sono
virtualizzabili in modo classico (p.e. popf non genera trap)
• Tali architetture x86 sono virtualizzate mediante altre tecniche,
come la tecnica “Binary Translation” usata nei VMM della VMWare
[*]”A camparison of Software and Hardware Techniques for x86
Virtualization”, K.Adams, O.Agesen, ASPLOS 2006
Classical virtualization, esempio
a. La CPU esegue un’istruzione
privilegiata, ma si trova in
modalità utente
b. La CPU genera una trap
c. Il controllo passa al VMM che
emula l’istruzione ed esce (il
controllo ritorna al SO guest)
d. Nota 2’ non e’ la stessa
istruzione 2 ma un insieme di
istruzioni che emulano la 2
modificando lo stato della
macchina
virtuale
(per
esempio, CLI VCPU.IF=0)
Livello User
Livello Kernel
Guest OS
VMM
1
2
3
4
5
tempo
Istruzione non privilegiata
Istruzione privilegiata
p.e. CLI, Clear Interrupts
trap
2’
verde = User Mode
rosso = System Mode
Software Virtualization
• L’architettura x86 non è virtualizzabile in modo classico (p.e.,
popf non genera trap)
• Una tecnica alternativa di virtualizzazione è scrivere un
interprete software che esegue le istruzioni modificando una
CPU virtuale, VCPU (anche diversa da quella fisica)
•
Binary Translation (BT): Il codice macchina viene “tradotto” in
codice eseguibile direttamente dalla CPU (emulazione nativa)
Software Virtualization
• Molte istruzioni sono in realtà identiche a quelle di partenza!
• Solo quelle sensibili sono tradotte in una serie di istruzioni che
modificano la VCPU e le strutture dati di supporto al S.O.
• La traduzione del codice binario è dinamica (avviene a runtime, interleaving di traduzione di blocchi di codice – p.e. 12
istruzioni - ed esecuzione) e on-demand
Type-1 hypervisor (bare metal)
• Il Guest OS gira senza alcuna modifica (full virtualization)
• Hardware Server (cloud computing)
• Esempi: Hyper-V(Microsoft) , VMWare ESX
Type-2 hypervisor (hosted)
• Gira sopra un Sistema Operativo (detto Host)
• Guest OS non modificato (full virtualization); Guest OS gira al “3 livello”
(minore efficienza)
• Spesso usato lato client
Paravirtualization
• Richiede una modifica (porting) del Sistema
Operativo poichè è necessario prevedere
chiamate esplicite all’hypervisor (hypercall)
• Elevata efficienza
Big view
Full
Virtualization
Type 1
Hypervisor
Type 2
Hypervisor
System Level
Virtualization
Para
Virtualization
Virtualization
Java
Process Level
Virtualization
.NET