Hybrid Cloud Workload Monitoring as a Service

Cloud computing and cloud-based hosting has become embedded in our daily lives. It is imperative for cloud providers to make sure all services used by both enterprises and consumers have high availability and elasticity to prevent any downtime, which impacts negatively for any business. To ensure cloud infrastructures are working reliably, cloud monitoring becomes an essential need for both businesses, the provider and the consumer. This thesis project reports on the need of efficient scalable monitoring, enumerating the necessary types of metrics of interest to be collected. Current understanding of various architectures designed to collect, store and process monitoring data to provide useful insight is surveyed. The pros and cons of each architecture and when such architecture should be used, based on deployment style and strategy, is also reported in the survey. Finally, the essential characteristics of a cloud monitoring system, primarily the features they host to operationalize an efficient monitoring framework, are provided as part of this review. While its apparent that embedded and decentralized architectures are the current favorite in the industry, service-oriented architectures are gaining traction. This project aims to build a light-weight, scalable, embedded monitoring tool which collects metrics at different layers of the cloud stack and aims at achieving correlation in resource-consumption between layers. Future research can be conducted on efficient machine learning models used on the monitoring data to predict resource usage spikes pre-emptively

An Autonomic Cross-Platform Operating Environment for On-Demand Internet Computing

The Internet has evolved into a global and ubiquitous communication medium interconnecting powerful application servers, diverse desktop computers and mobile notebooks. Along with recent developments in computer technology, such as the convergence of computing and communication devices, the way how people use computers and the Internet has changed people´s working habits and has led to new application scenarios. On the one hand, pervasive computing, ubiquitous computing and nomadic computing become more and more important since different computing devices like PDAs and notebooks may be used concurrently and alternately, e.g. while the user is on the move. On the other hand, the ubiquitous availability and pervasive interconnection of computing systems have fostered various trends towards the dynamic utilization and spontaneous collaboration of available remote computing resources, which are addressed by approaches like utility computing, grid computing, cloud computing and public computing. From a general point of view, the common objective of this development is the use of Internet applications on demand, i.e. applications that are not installed in advance by a platform administrator but are dynamically deployed and run as they are requested by the application user. The heterogeneous and unmanaged nature of the Internet represents a major challenge for the on demand use of custom Internet applications across heterogeneous hardware platforms, operating systems and network environments. Promising remedies are autonomic computing systems that are supposed to maintain themselves without particular user or application intervention. In this thesis, an Autonomic Cross-Platform Operating Environment (ACOE) is presented that supports On Demand Internet Computing (ODIC), such as dynamic application composition and ad hoc execution migration. The approach is based on an integration middleware called crossware that does not replace existing middleware but operates as a self-managing mediator between diverse application requirements and heterogeneous platform configurations. A Java implementation of the Crossware Development Kit (XDK) is presented, followed by the description of the On Demand Internet Computing System (ODIX). The feasibility of the approach is shown by the implementation of an Internet Application Workbench, an Internet Application Factory and an Internet Peer Federation. They illustrate the use of ODIX to support local, remote and distributed ODIC, respectively. Finally, the suitability of the approach is discussed with respect to the support of ODIC

Cloud computing with an emphasis on PaaS and Google app engine

Thesis on cloud with an emphasis on PaaS and Google App Engin

Moving social networking applications into the cloud

Social networking applications that are developed using traditional software and architecture have scalability issues. One way to overcome the high cost of scaling social applications is to use Cloud Computing (CC). There are various cloud computing platforms available. One very interesting CC platform is Google App Engine (GAE). This research focuses on using the “free” GAE as a way to re-implement existing social networking applications. The research focuses on how to move social applications into the cloud and on the evaluation of their performance. The thesis investigates the GAE platform, and its features. The study shows how to re-implement a social networking application using GAE cloud with limited code approximately 600 lines and evaluates the scalability of the applications

TREDIS – A Trusted Full-Fledged SGX-Enabled REDIS Solution

Currently, offloading storage and processing capacity to cloud servers is a growing trend among web-enabled services managing big datasets. This happens because high storage capacity and powerful processors are expensive, whilst cloud services provide cheaper, ongoing, elastic, and reliable solutions. The problem with this cloud-based out sourced solutions are that they are highly accessible through the Internet, which is good, but therefore can be considerably exposed to attacks, out of users’ control. By exploring subtle vulnerabilities present in cloud-enabled applications, management functions, op erating systems and hypervisors, an attacker may compromise the supported systems, thus compromising the privacy of sensitive user data hosted and managed in it. These attacks can be motivated by malicious purposes such as espionage, blackmail, identity theft, or harassment. A solution to this problem is processing data without exposing it to untrusted components, such as vulnerable OS components, which might be compromised by an attacker. In this thesis, we do a research on existent technologies capable of enabling appli cations to trusted environments, in order to adopt such approaches to our solution as a way to help deploy unmodified applications on top of Intel-SGX, with overheads com parable to applications designed to use this kind of technology, and also conducting an experimental evaluation to better understand how they impact our system. Thus, we present TREDIS - a Trusted Full-Fledged REDIS Key-Value Store solution, implemented as a full-fledged solution to be offered as a Trusted Cloud-enabled Platform as a Service, which includes the possibility to support a secure REDIS-cluster architecture supported by docker-virtualized services running in SGX-enabled instances, with operations run ning on always-encrypted in-memory datasets.A transição de suporte de aplicações com armazenamento e processamento em servidores cloud é uma tendência que tem vindo a aumentar, principalmente quando se precisam de gerir grandes conjuntos de dados. Comparativamente a soluções com licenciamento privado, as soluções de computação e armazenamento de dados em nuvens de serviços são capazes de oferecer opções mais baratas, de alta disponibilidade, elásticas e relativa mente confiáveis. Estas soluções fornecidas por terceiros são facilmente acessíveis através da Internet, sendo operadas em regime de outsourcing da sua operação, o que é bom, mas que por isso ficam consideravelmente expostos a ataques e fora do controle dos utiliza dores em relação às reais condições de confiabilidade, segurança e privacidade de dados. Ao explorar subtilmente vulnerabilidades presentes nas aplicações, funções de sistemas operativos (SOs), bibliotecas de virtualização de serviços de SOs ou hipervisores, um ata cante pode comprometer os sistemas e quebrar a privacidade de dados sensíveis. Estes ataques podem ser motivados por fins maliciosos como espionagem, chantagem, roubo de identidade ou assédio e podem ser desencadeados por intrusões (a partir de atacantes externos) ou por ações maliciosas ou incorretas de atacantes internos (podendo estes atuar com privilégios de administradores de sistemas). Uma solução para este problema passa por armazenar e processar a informação sem que existam exposições face a componentes não confiáveis. Nesta dissertação estudamos e avaliamos experimentalmente diversas tecnologias que permitem a execução de aplicações com isolamento em ambientes de execução confiá vel suportados em hardware Intel-SGX, de modo a perceber melhor como funcionam e como adaptá-las à nossa solução. Para isso, realizámos uma avaliação focada na utilização dessas tecnologias com virtualização em contentores isolados executando em hardware confiável, que usámos na concepção da nossa solução. Posto isto, apresentamos a nossa solução TREDIS - um sistema Key-Value Store confiável baseado em tecnologia REDIS, com garantias de integridade da execução e de privacidade de dados, concebida para ser usada como uma "Plataforma como Serviço"para gestão e armazenamento resiliente de dados na nuvem. Isto inclui a possibilidade de suportar uma arquitetura segura com garantias de resiliência semelhantes à arquitetura de replicação em cluster na solução original REDIS, mas em que os motores de execução de nós e a proteção de memória do cluster é baseado em contentores docker isolados e virtualizados em instâncias SGX, sendo os dados mantidos sempre cifrados em memória

Cloud Framework on Infrastructure as a Service

Práce se zabývá podrobnou analýzou požadavků na moderní aplikační rámec pro prostředí cloud. Za pomoci standardních návrhových vzorů a technik připravuje teoretický základ a pravidla, která musí uvnitř rámce platit. V práci je realizována referenční implementace a připravena demonstrační aplikace středního rozsahu, aby představila výhody plynoucí z užití frameworku.The thesis covers an in-depth analysis of the requirements for a modern application framework that runs in the cloud environment. It uses standard design patterns and approaches to prepare guidelines for the framework. A reference implementation is created to prove framework concept. The medium-sized demo application is also developed to prove the framework benefits.

Integration of different aspects of multi-tenancy in an open source enterprise service bus

The EU project 4CaaSt aims to create an advance PaaS Cloud platform which supports the optimized and elastic hosting of composite Internet-scale multi-tier applications. Cloud computing is essentially changing the way services are built, provided and consumed. Nowadays applications are composed out of multiple reusable services consisting of newly developed services as well as legacy applications made available as services. These services do not necessarily use the same protocols for communication. So a component for the mediation between various protocols, dynamic service selection and routing based on non-functional requirements is needed. Nowadays an Enterprise Service Bus (ESB) is used in Service-Oriented Architectures (SOAs) to serve precisely these objectives. One important aspect of bringing an ESB as building block into the Cloud is to enable multi-tenancy. This includes multi-tenant aware management and administration of the ESB as well as multi-tenant aware messaging. In this student thesis we design and implement the extensions of the ESB and the components needed for the integration and evaluation of two approaches to extend an open source ESB for multi-tenancy support: the first covers the multi-tenant aware administration and management and the second covers the multi-tenant aware messaging. Both approaches require the extension of the ESB, which implements the Java Business Integration (JBI). As a result, we provide an integrated prototype based on a scenario emerged from the EU project 4CaaSt and a performance's evaluation of the extended JBI Components in the ESB

Dynamic deployment of specialized ESB instances in the cloud

In the last years the interaction among heterogeneous applications within one or among multiple enterprises has considerably increased. This fact has arisen several challenges related to how to enable the interaction among enterprises in an interoperable manner. Towards addressing this problem, the Enterprise Service Bus (ESB) has been proposed as an integration middleware capable of wiring all the components of an enterprise system in a transparent and interoperable manner. Enterprise Service Buses are nowadays used to transparently establish and handle interactions among the components within an application or with consumed external services. There are several ESB solutions available in the market as a result of continuously developing message-based approaches aiming at enabling interoperability among enterprise applications. However, the configuration of an ESB is typically custom, and complex. Moreover, there is little support and guidance for developers related to how to efficiently customize and configure the ESB with respect to their application requirements. Consequently, this fact also increments notably the maintenance and operational costs for enterprises. Our target is mainly to simplify the configuration tasks at the same time as provisioning customized ESB instances to satisfy the application's functional and non-functional requirements. Similar works focus on optimizing existing ESB configurations based on runtime reconfiguration rather than offering customized light-weight middleware components. This Master thesis aims at providing the means to build customized and specialized ESB instances following a reusable and light-weight approach. We propose the creation of a framework capable of guiding the application developer in the tasks related to configuring, provisioning, and executing specialized ESB instances in an automatic, dynamic, and reusable manner. Specialized ESB instances are created automatically and provided to application developers that can build an ESB instance with a specific configuration which may change over time. The proposed framework also incorporates the necessary support for administering, provisioning, and maintaining a clustered infrastructure hosting the specialized ESB instances in an isolated manner