TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
Monitoring a virtual network infrastructure - An IaaS perspective
1. Monitoring a virtual network infrastructure
summary of the paper in Computer Communication Review
Nov. 2010
DOI:10.1145/1880153.1880161
Augusto Ciuffoletti
24 gennaio 2012
2. Provisioning networking for an IaaS infrastructure
• The IaaS approach has been initially aimed mainly at
storage/computing resources
3. Provisioning networking for an IaaS infrastructure
• The IaaS approach has been initially aimed mainly at
storage/computing resources
• Technology is ready to support the provision of network
resources as well
4. Provisioning networking for an IaaS infrastructure
• The IaaS approach has been initially aimed mainly at
storage/computing resources
• Technology is ready to support the provision of network
resources as well
• There is demand for composite networking infrastructures
(like Grids)
5. Provisioning networking for an IaaS infrastructure
• The IaaS approach has been initially aimed mainly at
storage/computing resources
• Technology is ready to support the provision of network
resources as well
• There is demand for composite networking infrastructures
(like Grids)
• However IaaS providers still offer flat LANs
6. Provisioning networking for an IaaS infrastructure
• The IaaS approach has been initially aimed mainly at
storage/computing resources
• Technology is ready to support the provision of network
resources as well
• There is demand for composite networking infrastructures
(like Grids)
• However IaaS providers still offer flat LANs
• We claim that the problem is in the interface between user
and provider
7. Why IaaS networking is difficult
• It is more difficult to describe a network than a host
8. Why IaaS networking is difficult
• It is more difficult to describe a network than a host
• Quite evident: (topology, technology, throughput) versus
single option (small, medium, large)
9. Why IaaS networking is difficult
• It is more difficult to describe a network than a host
• Quite evident: (topology, technology, throughput) versus
single option (small, medium, large)
• Monitoring and controlling the network is more complex
10. Why IaaS networking is difficult
• It is more difficult to describe a network than a host
• Quite evident: (topology, technology, throughput) versus
single option (small, medium, large)
• Monitoring and controlling the network is more complex
• Less evident: explaining why and how to cope with is the
topic of the paper
11. How to implement a network in the cloud
• The key technology is the virtual bridge (IEEE802.1Q)
12. How to implement a network in the cloud
• The key technology is the virtual bridge (IEEE802.1Q)
• This technology is mature and available OTS
13. How to implement a network in the cloud
• The key technology is the virtual bridge (IEEE802.1Q)
• This technology is mature and available OTS
• Implements an ethernet LAN over an arbitrary (bridged)
topology
14. How to implement a network in the cloud
• The key technology is the virtual bridge (IEEE802.1Q)
• This technology is mature and available OTS
• Implements an ethernet LAN over an arbitrary (bridged)
topology
• Frames (layer 2) labeled with a virtual network identifier (VNI)
15. How to implement a network in the cloud
• The key technology is the virtual bridge (IEEE802.1Q)
• This technology is mature and available OTS
• Implements an ethernet LAN over an arbitrary (bridged)
topology
• Frames (layer 2) labeled with a virtual network identifier (VNI)
• Bridges route labeled frames across ports based on a VNI
16. How to implement a network in the cloud
• The key technology is the virtual bridge (IEEE802.1Q)
• This technology is mature and available OTS
• Implements an ethernet LAN over an arbitrary (bridged)
topology
• Frames (layer 2) labeled with a virtual network identifier (VNI)
• Bridges route labeled frames across ports based on a VNI
• The same port can be associated with multiple VNI
20. Example
• Usual bridges force network topology to follow logistics
• Instead enterprise organization might prefer a different
arrangement...
21. Example
• Enterprise might prefer separate networks for desktops
(VLAN1), printers (VLAN2) and archive (VLAN3)
22. Example
• Enterprise might prefer separate networks for desktops
(VLAN1), printers (VLAN2) and archive (VLAN3)
• Each having an interface on each floor
24. Example
• The introduction of IEEE802.1Q bridges solves the
problem (right)
• Virtual LANs span across floors
25. Example
• The introduction of IEEE802.1Q bridges solves the
problem (right)
• Virtual LANs span across floors
• Frames do not leak outside each VLAN (security)
26. Bridging virtual hosts
• Inside a IaaS cloud, a real host in a data-centre implements
several virtual hosts
27. Bridging virtual hosts
• Inside a IaaS cloud, a real host in a data-centre implements
several virtual hosts
• An internal software bridge splits communication across
virtual TAP interfaces
28. Bridging virtual hosts
• Inside a IaaS cloud, a real host in a data-centre implements
several virtual hosts
• An internal software bridge splits communication across
virtual TAP interfaces
• Virtual hosts appear as sharing a LAN
29. Bridging virtual hosts
• Inside a IaaS cloud, a real host in a data-centre implements
several virtual hosts
• An internal software bridge splits communication across
virtual TAP interfaces
• Virtual hosts appear as sharing a LAN
• Routing through the provider infrastructure is transparent to
the user
30. Bridging virtual hosts
• Inside a IaaS cloud, a real host in a data-centre implements
several virtual hosts
• An internal software bridge splits communication across
virtual TAP interfaces
• Virtual hosts appear as sharing a LAN
• Routing through the provider infrastructure is transparent to
the user
• Frames are confined within user’s virtual infrastructure
31. Bridging virtual hosts
• Inside a IaaS cloud, a real host in a data-centre implements
several virtual hosts
• An internal software bridge splits communication across
virtual TAP interfaces
• Virtual hosts appear as sharing a LAN
• Routing through the provider infrastructure is transparent to
the user
• Frames are confined within user’s virtual infrastructure
• Frame routing is efficiently managed at layer 2
32. Bridging virtual hosts
• Inside a IaaS cloud, a real host in a data-centre implements
several virtual hosts
• An internal software bridge splits communication across
virtual TAP interfaces
• Virtual hosts appear as sharing a LAN
• Routing through the provider infrastructure is transparent to
the user
• Frames are confined within user’s virtual infrastructure
• Frame routing is efficiently managed at layer 2
• Virtual networks can be dynamically configured using a
spanning tree protocol
33. Network monitoring (in the age of the cloud)
• The user needs to monitor the performance of the network
34. Network monitoring (in the age of the cloud)
• The user needs to monitor the performance of the network
• One basic need is load balancing
35. Network monitoring (in the age of the cloud)
• The user needs to monitor the performance of the network
• One basic need is load balancing
• Network load is not covered by ordinary load balancing
services
36. Network monitoring (in the age of the cloud)
• The user needs to monitor the performance of the network
• One basic need is load balancing
• Network load is not covered by ordinary load balancing
services
• In a composite network (not a 2-tiers WS), the provider
cannot anticipate what part of the network is under stress at a
certain time
37. Example: Grid in the Cloud
• Depending on processing phase, different links are
under stress
38. Example: Grid in the Cloud
• Collection of experimental data: Data acquisition to
Storage
39. Example: Grid in the Cloud
• Data retrieval: Storage to Web Server
40. Example: Grid in the Cloud
• Data processing: Storage to Computing resources
41. User configurable monitoring
• Under such circumstances, network monitoring requests
cannot be anticipated by the provider
42. User configurable monitoring
• Under such circumstances, network monitoring requests
cannot be anticipated by the provider
• The network monitoring activity should be dynamically
configured by the user
43. User configurable monitoring
• Under such circumstances, network monitoring requests
cannot be anticipated by the provider
• The network monitoring activity should be dynamically
configured by the user
• Configuration requires access to real and virtual network
interfaces and to switching devices
44. User configurable monitoring
• Under such circumstances, network monitoring requests
cannot be anticipated by the provider
• The network monitoring activity should be dynamically
configured by the user
• Configuration requires access to real and virtual network
interfaces and to switching devices
• The provider wants to maintain control over these devices
45. The network monitoring proxy
• A proxy interacts with the user willing to implement network
monitoring
46. The network monitoring proxy
• A proxy interacts with the user willing to implement network
monitoring
• A network of proxies covers the complex networking
infrastructure of the provider
47. The network monitoring proxy
• A proxy interacts with the user willing to implement network
monitoring
• A network of proxies covers the complex networking
infrastructure of the provider
• The proxy configures network probes so that they are ready to
respond to user requests in the expected way
48. The network monitoring proxy
• A proxy interacts with the user willing to implement network
monitoring
• A network of proxies covers the complex networking
infrastructure of the provider
• The proxy configures network probes so that they are ready to
respond to user requests in the expected way
• A proxy has an authority that may be limited to a part of the
provider infrastructure
49. The network monitoring interface
• An interface must be provided between the user application
and the proxy
50. The network monitoring interface
• An interface must be provided between the user application
and the proxy
• The interface should inform the user about relevant changes
in the virtual topology
51. The network monitoring interface
• An interface must be provided between the user application
and the proxy
• The interface should inform the user about relevant changes
in the virtual topology
• The interface has the effect of restricting the authority of a
user controlled sensor to owned traffic trunks
52. The network monitoring interface
• An interface must be provided between the user application
and the proxy
• The interface should inform the user about relevant changes
in the virtual topology
• The interface has the effect of restricting the authority of a
user controlled sensor to owned traffic trunks
• The interface may be implemted using tools like SOAP,
possibly embedded in a Enterprise System Bus
53. The network monitoring interface
• An interface must be provided between the user application
and the proxy
• The interface should inform the user about relevant changes
in the virtual topology
• The interface has the effect of restricting the authority of a
user controlled sensor to owned traffic trunks
• The interface may be implemted using tools like SOAP,
possibly embedded in a Enterprise System Bus
• For performance reasons the same interface is not used to
transfer streams of sensor results
55. Data streaming
• Data are treated as a stream flowing from the sensor to the
user
• The stream may be encoded for security purposes
56. Data streaming
• Data are treated as a stream flowing from the sensor to the
user
• The stream may be encoded for security purposes
• The stream may travel using owned traffic trunks
58. Grid legacy: Monalisa
• Distributed infrastructure management
• Glues together diverse monitoring tools
59. Grid legacy: Monalisa
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Dynamic control of sensors
60. Grid legacy: Monalisa
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Dynamic control of sensors
• Fully deployed
61. Grid legacy: Monalisa
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Dynamic control of sensors
• Fully deployed
• BUT
62. Grid legacy: Monalisa
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Dynamic control of sensors
• Fully deployed
• BUT
• Monitoring controlled by Grid Admin
63. Grid legacy: Monalisa
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Dynamic control of sensors
• Fully deployed
• BUT
• Monitoring controlled by Grid Admin
• Data stored in SQL repositories and retrieved to users
64. Grid legacy: Monalisa
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Dynamic control of sensors
• Fully deployed
• BUT
• Monitoring controlled by Grid Admin
• Data stored in SQL repositories and retrieved to users
Rigid, hardly scalable
66. Grid legacy: GD2
• Distributed infrastructure management
• Glues together diverse monitoring tools
67. Grid legacy: GD2
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Sensors are controlled by user application
68. Grid legacy: GD2
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Sensors are controlled by user application
• Monitoring sessions activated on demand
69. Grid legacy: GD2
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Sensors are controlled by user application
• Monitoring sessions activated on demand
• Data returned to the user with an UDP stream
70. Grid legacy: GD2
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Sensors are controlled by user application
• Monitoring sessions activated on demand
• Data returned to the user with an UDP stream
• BUT
71. Grid legacy: GD2
• Distributed infrastructure management
• Glues together diverse monitoring tools
• Sensors are controlled by user application
• Monitoring sessions activated on demand
• Data returned to the user with an UDP stream
• BUT
• only a proof of concept implementation
72. Grid legacy: GD2
• Host A issues a network monitoring request (e.g.,
bandwidth from X to Y)...
73. Grid legacy: GD2
• Host A issues a network monitoring request (e.g.,
bandwidth from X to Y)...
• that is taken in charge by the proxy in A’s domain...
74. Grid legacy: GD2
• that has authority to control a relevant sensor (agent in
gd2 terms)...
75. Grid legacy: GD2
• that has authority to control a relevant sensor (agent in
gd2 terms)...
• and data are returned to the originating host as a
stream.
76. Grid legacy: GD2
In principle this might be implemented in a virtual
infrastructure, using virtual components
78. Conclusions
• the techniques for complex networks in the cloud are available
OTS
• the hard issue is the control of the virtual network
79. Conclusions
• the techniques for complex networks in the cloud are available
OTS
• the hard issue is the control of the virtual network
• network monitoring must be translated from virtual to real
(and back)
80. Conclusions
• the techniques for complex networks in the cloud are available
OTS
• the hard issue is the control of the virtual network
• network monitoring must be translated from virtual to real
(and back)
• an effective infrastructure takes into accout multi-domain use
cases for scalability
81. Thank you!
Full reference:
Augusto Ciuffoletti. Monitoring a virtual network infrastructure: an IaaS
perspective. SIGCOMM Comput. Commun. Rev. 40, 5 47-52.
DOI=10.1145/1880153.1880161
http://doi.acm.org/10.1145/1880153.1880161
Download published version
Download preliminary version