Report from GI-Dagstuhl Seminar 16394: Software Performance Engineering in the DevOps World

This report documents the program and the outcomes of GI-Dagstuhl Seminar 16394 "Software Performance Engineering in the DevOps World". The seminar addressed the problem of performance-aware DevOps. Both, DevOps and performance engineering have been growing trends over the past one to two years, in no small part due to the rise in importance of identifying performance anomalies in the operations (Ops) of cloud and big data systems and feeding these back to the development (Dev). However, so far, the research community has treated software engineering, performance engineering, and cloud computing mostly as individual research areas. We aimed to identify cross-community collaboration, and to set the path for long-lasting collaborations towards performance-aware DevOps. The main goal of the seminar was to bring together young researchers (PhD students in a later stage of their PhD, as well as PostDocs or Junior Professors) in the areas of (i) software engineering, (ii) performance engineering, and (iii) cloud computing and big data to present their current research projects, to exchange experience and expertise, to discuss research challenges, and to develop ideas for future collaborations

Developing A Multi Application Real-Time Platform Using Cloud Serverless Technologies

Magycal Interactive is a software company that has produced a significant impact in the Portuguese television sector. Magycal is Magycal Interactive’s cloud based server-side framework that was developed to standardize common services (chats, polls, authentication) provided by applications such as Viva Ronaldo, Secret Story e SPORT TV Digital Hub. As popularity and success of each application increases, Magycal becomes more technically outdated. Its monolithic architecture, which previously allowed for easy development is becoming a development bottleneck. Scaling the server is increasing in cost as the platform grows, and developing updates and new features is more difficult since services are becoming more tightly coupled with each release. In this work, we propose an architectural shift for Magycal where we decouple services for better scalability, development and deployment. After a study of existing architectural options, we have concluded that the most suitable candidate architecture that meets the demands of Magycal is the microservices architecture. To test our hypothesis and determine the feasibility of the architectural change, we have selected a service of Magycal that was implemented following a microservice-oriented design. Our implementation was validated via API calls to ensure the modifications maintained correct behavior of the framework. The new service had its implementation benchmarked and compared to the corresponded Magycal existing service. We concluded that the changes to Magycal yield a more robust framework with reduced costs of maintaining, development and deployment.A Magycal Interactive é uma empresa de software que produz um impacto significativo no setor televisivo português. Magycal é a plataforma servidor da empresa na cloud desenvolvida para padronizar serviços comuns (canais de conversa, votações, autenticação) fornecidos por aplicações como Viva Ronaldo, Secret Story e SPORT TV Digital Hub. À medida que a popularidade e o sucesso de cada aplicação aumenta, o Magycal tornase tecnicamente mais desatualizado. A sua arquitetura monolítica, que anteriormente permitia desenvolvimento fácil, torna-se um problema. O custo de escalabilidade do servidor está a aumentar à medida que a plataforma cresce, e o desenvolvimento de atualizações e novos recursos é mais difícil, pois os serviços tornam-se mais fortemente acoplados a cada nova versão. Neste trabalho, propomos uma mudança de arquitetura para o Magycal, onde dissociamos os serviços para melhor escalabilidade, desenvolvimento e deployment. Após um estudo das opções arquiteturais existentes, concluímos que a arquitetura candidata mais adequada às necessidades do Magycal é a arquitetura de microserviços. Para testar nossa hipótese e determinar a viabilidade da mudança arquitetural, selecionamos um serviço do Magycal que foi implementados seguindo um design orientado a microsserviços. A nossa implementação foi validada com chamadas API para garantir que as modificações mantiveram o comportamento correto da estrutura. O novo serviço teve a sua implementação medida e comparadas ao serviço existente no Magycal. Foi concluído que as mudanças no Magycal produzem uma estrutura mais robusta, com custos reduzidos de manutenção, desenvolvimento e implementação

The Computing Fleet: Managing Microservices-based Applications on the Computing Continuum

In this paper we propose the concept of "Computing Fleet" as an abstract entity representing groups of heterogeneous, distributed, and dynamic infrastructure elements across the Computing Continuum (covering the Edge- Fog-Cloud computing paradigms). In the process of using fleets, stakeholders obtain the virtual resources from the fleet, deploy software applications to the fleet, and control the data flow, without worrying about what devices are used in the fleet, how they are connected, and when they may join and exit the fleet. We propose a three-layer reference architecture for the Computing Fleet capturing key elements for designing and operating fleets. We discuss key aspects related to the management of microservices-based applications on the Computing Fleet and propose an approach for deployment and orchestration of microservices-based applications on fleets. Furthermore, we present a software prototype as a preliminary evaluation of the Computing Fleet concept in a concrete Cloud- Edge scenario related to remote patients monitoring.acceptedVersio

Microservice Transition and its Granularity Problem: A Systematic Mapping Study

Microservices have gained wide recognition and acceptance in software industries as an emerging architectural style for autonomic, scalable, and more reliable computing. The transition to microservices has been highly motivated by the need for better alignment of technical design decisions with improving value potentials of architectures. Despite microservices' popularity, research still lacks disciplined understanding of transition and consensus on the principles and activities underlying "micro-ing" architectures. In this paper, we report on a systematic mapping study that consolidates various views, approaches and activities that commonly assist in the transition to microservices. The study aims to provide a better understanding of the transition; it also contributes a working definition of the transition and technical activities underlying it. We term the transition and technical activities leading to microservice architectures as microservitization. We then shed light on a fundamental problem of microservitization: microservice granularity and reasoning about its adaptation as first-class entities. This study reviews state-of-the-art and -practice related to reasoning about microservice granularity; it reviews modelling approaches, aspects considered, guidelines and processes used to reason about microservice granularity. This study identifies opportunities for future research and development related to reasoning about microservice granularity.Comment: 36 pages including references, 6 figures, and 3 table

Resource-aware Cyber Deception in Cloud-Native Environments

Cyber deception can be a valuable addition to traditional cyber defense mechanisms, especially for modern cloud-native environments with a fading security perimeter. However, pre-built decoys used in classical computer networks are not effective in detecting and mitigating malicious actors due to their inability to blend with the variety of applications in such environments. On the other hand, decoys cloning the deployed microservices of an application can offer a high-fidelity deception mechanism to intercept ongoing attacks within production environments. However, to fully benefit from this approach, it is essential to use a limited amount of decoy resources and devise a suitable cloning strategy to minimize the impact on legitimate services performance. Following this observation, we formulate a non-linear integer optimization problem that maximizes the number of attack paths intercepted by the allocated decoys within a fixed resource budget. Attack paths represent the attacker's movements within the infrastructure as a sequence of violated microservices. We also design a heuristic decoy placement algorithm to approximate the optimal solution and overcome the computational complexity of the proposed formulation. We evaluate the performance of the optimal and heuristic solutions against other schemes that use local vulnerability metrics to select which microservices to clone as decoys. Our results show that the proposed allocation strategy achieves a higher number of intercepted attack paths compared to these schemes while requiring approximately the same number of decoys

A microservices-based control plane for time sensitive networking

Time-Sensitive Networking (TSN) is a group of IEEE 802.1 standards that aim at providing deterministic communications over IEEE Ethernet. The main characteristics of TSN are low bounded latency and very high reliability, which complies with the strict requirements of industry and automotive applications. In this context, allocating time slots, configuration paths, and Gate Control Lists (GCLs) to contending TSN streams is often laborious. Software-Defined Networking (SDN) and the IEEE 802.1 Qcc standard provide the basis to design a TSN control plane to face these challenges. However, current SDN/TSN control plane solutions are monolithic applications designed to run on dedicated servers. None of them explores Microservice as a design pattern; these SDN controllers do not provide the required flexibility to escalate when facing increasing service requests. This work presents $\mu$TSN-CP, a microservices-based Control Plane (CP) architecture for TSN/SDN that provides superior scalability in situations with highly dynamic service demands. Using a qualitative approach, we evaluate our $\mu$TSN-CP solution compared to a monolithic solution in terms of CPU usage, RAM usage, latency, and percentage of successfully allocated TSN Streams. Our $\mu$TSN-CP architecture leverages the advantages of microservices, enabling the control plane to scale up or down in response to varying workloads dynamically. We achieve enhanced flexibility and resilience by breaking down the control plane into smaller, independent microservices. The experimental evaluation demonstrates that our TSN-CP outperforms the monolithic solution, with significantly lower CPU and RAM usage, reduced latency, and a higher percentage of successfully allocated TSN Streams. This advancement in TSN/SDN control plane design opens up new possibilities for highly scalable and adaptable networks, catering to the ever-increasing demands of time-sensitive applications in various industries.Objectius de Desenvolupament Sostenible::9 - Indústria, Innovació i Infraestructur