An adaptive policy-based framework for network services management

This paper presents a framework for specifying policies for the management of network services. Although policy-based management has been the subject of considerable research, proposed solutions are often restricted to condition-action rules, where conditions are matched against incoming traffic flows. This results in static policy configurations where manual intervention is required to cater for configuration changes and to enable policy deployment. The framework presented in this paper supports automated policy deployment and flexible event triggers to permit dynamic policy configuration. While current research focuses mostly on rules for low-level device configuration, significant challenges remain to be addressed in order to:a) provide policy specification and adaptation across different abstraction layers; and, b) provide tools and services for the engineering of policy-driven systems. In particular, this paper focuses on solutions for dynamic adaptation of policies in response to changes within the managed environment. Policy adaptation includes both dynamically changing policy parameters and reconfiguring the policy objects. Access control for network services is also discussed.Accepted versio

TOWARDS AUTOMATING POLICY- BASED MANAGEMENT SYSTEMS

The goal of distributed systems management is to provide reliable, secure and efficient utilization of the network, processors and devices that comprise those systems. The management system makes use of management agents to collect events and data from managed objects while policies provide information on how to modify the behaviour of a managed system. Systems as well as policies governing the behaviour of the system and its constituents can change dynamically. The aim of this work is to provide the services and algorithms needed to automatically identify and deploy management entities and be able to respond automatically to both changes to the system itself as well as to changes in the way the system is to be managed, i.e., changes to the set of management policies or sets of management agents. One significant challenge in the use of policy-based management systems is finding efficient mechanisms to address and simplify the gap between expressing and specifying policies and an actual configuration of a management system that realizes and makes use of policies. Little work has been done to define how the monitoring operations are to be configured and updated according to the policies. This Thesis proposes a general architecture for a policy-based management system for distributed systems which allows for expressing and automating the deployment of a wide range of management policies. The proposed solution is based on the matching between the management operations that are carried out by the management agents and the policies. The matching process relies on the attributes that the agents can monitor and the extracted attributes from the components of the policies. One major contribution of this Thesis is to build the policy model and services on existing management services found in commercial management systems. The work of this Thesis also focuses in finding87 strategies for selecting and configuring agents to be used to keep the time of a policy deployment low. The Thesis introduces the Policy-Management Agent Integrated Console (PMagic) prototype. The PMagic prototype has been implemented to provide a practical validation of the policy based management system model proposed. The approach, architecture and prototype have demonstrated that it is possible to create a more autonomic management system, particularly one that can instantiate agents to react to changes in sets of policies

A Policy-Based Resource Brokering Environment for Computational Grids

With the advances in networking infrastructure in general, and the Internet in particular, we can build grid environments that allow users to utilize a diverse set of distributed and heterogeneous resources. Since the focus of such environments is the efficient usage of the underlying resources, a critical component is the resource brokering environment that mediates the discovery, access and usage of these resources. With the consumer\u27s constraints, provider\u27s rules, distributed heterogeneous resources and the large number of scheduling choices, the resource brokering environment needs to decide where to place the user\u27s jobs and when to start their execution in a way that yields the best performance for the user and the best utilization for the resource provider. As brokering and scheduling are very complicated tasks, most current resource brokering environments are either specific to a particular grid environment or have limited features. This makes them unsuitable for large applications with heterogeneous requirements. In addition, most of these resource brokering environments lack flexibility. Policies at the resource-, application-, and system-levels cannot be specified and enforced to provide commitment to the guaranteed level of allocation that can help in attracting grid users and contribute to establishing credibility for existing grid environments. In this thesis, we propose and prototype a flexible and extensible Policy-based Resource Brokering Environment (PROBE) that can be utilized by various grid systems. In designing PROBE, we follow a policy-based approach that provides PROBE with the intelligence to not only match the user\u27s request with the right set of resources, but also to assure the guaranteed level of the allocation. PROBE looks at the task allocation as a Service Level Agreement (SLA) that needs to be enforced between the resource provider and the resource consumer. The policy-based framework is useful in a typical grid environment where resources, most of the time, are not dedicated. In implementing PROBE, we have utilized a layered architecture and façade design patterns. These along with the well-defined API, make the framework independent of any architecture and allow for the incorporation of different types of scheduling algorithms, applications and platform adaptors as the underlying environment requires. We have utilized XML as a base for all the specification needs. This provides a flexible mechanism to specify the heterogeneous resources and user\u27s requests along with their allocation constraints. We have developed XML-based specifications by which high-level internal structures of resources, jobs and policies can be specified. This provides interoperability in which a grid system can utilize PROBE to discover and use resources controlled by other grid systems. We have implemented a prototype of PROBE to demonstrate its feasibility. We also describe a test bed environment and the evaluation experiments that we have conducted to demonstrate the usefulness and effectiveness of our approach

Management of high availability services using virtualization

This thesis examines the use of virtualization in management of high availability services using open source tools. The services are hosted in virtual machines, which can be seamlessly migrated between the physical nodes in the cluster automatically by high availability software. Currently there are no complete open source solutions that provide migration of virtual machines as a method for repair. The work is based on the high availability software Heartbeat. In this work, an add-on to Heartbeat is developed, allowing Heartbeat to be able to seamlessly migrate the virtual machines between the physical nodes, when shut down gracefully. This add-on is tested in a proof of concept cluster, where Heartbeat runs Xen virtual machines with high availability. The impact of migration has been measured for both TCP and UDP services, both numerically and heuristically. The outages caused by graceful failures (e.g. rebooting) are measured to be around 1/4 seconds. Practical tests are also performed. The impression is that the outages are not noticed by the users of latency critical services as game servers or streaming audio servers.Master i nettverks- og systemadministrasjo

Developing a methodological generic framework through introducing autonomy and self-adaptation to information systems thinking

There is a requirement for systems methodologies and approaches that can cope with real life information systems that are subject to changing situations and therefore changing requirements. This has not been achieved previously and has seen a gap open up between information systems and information technology. it is recognised that information technology solutions can adapt to changing situations and subsequently changing requirements, however, this has not been possible for information systems thinking. This represents itself in the real world through information systems being used that no longer meet their original objectives and can provide a significant blockage to achieving effective work