Container-based network function virtualization for software-defined networks

Today's enterprise networks almost ubiquitously deploy middlebox services to improve in-network security and performance. Although virtualization of middleboxes attracts a significant attention, studies show that such implementations are still proprietary and deployed in a static manner at the boundaries of organisations, hindering open innovation. In this paper, we present an open framework to create, deploy and manage virtual network functions (NF)s in OpenFlow-enabled networks. We exploit container-based NFs to achieve low performance overhead, fast deployment and high reusability missing from today's NFV deployments. Through an SDN northbound API, NFs can be instantiated, traffic can be steered through the desired policy chain and applications can raise notifications. We demonstrate the systems operation through the development of exemplar NFs from common Operating System utility binaries, and we show that container-based NFV improves function instantiation time by up to 68% over existing hypervisor-based alternatives, and scales to one hundred co-located NFs while incurring sub-millisecond latency

The benefits of virtualization across the software development pipeline

Abstract. The emergence of cloud computing and the evolution into service-based solutions across the software industry have influenced many changes in software development paradigms and methods. As a result, various forms of virtualization and container-based solutions have become more and more commonplace throughout the field, with technologies and frameworks such as Docker and Kubernetes becoming industry standard solutions to virtualization. This thesis is a literature review into existing research on virtualization and containers, and their use in various categories of the software industry. The aim of the thesis is to look at the reasons for the proliferation of virtual machines and containers, along with their benefits for the software development process, the continuous integration and delivery pipeline, and the different cloud platforms and providers. The benefits of virtualization are clearest in the cloud infrastructure, as cloud services are inherently built to utilize virtual machines. Containers and container orchestration systems allow container management and dynamic resource allocation, improving efficiency and reducing costs. In software development and testing, the modular and self-contained nature of containers allows for faster iteration and more problem-averse development. And finally, in the continuous integration and delivery pipelines, containers and container management tools allows automation, and lower overhead and complexity, enabling lower-threshold software deployment. Along with enabling cloud infrastructure as it exists today, the evolution of virtualization and containers in the software industry provide benefits across the board

Containerization in Cloud Computing: performance analysis of virtualization architectures

La crescente adozione del cloud è fortemente influenzata dall’emergere di tecnologie che mirano a migliorare i processi di sviluppo e deployment di applicazioni di livello enterprise. L’obiettivo di questa tesi è analizzare una di queste soluzioni, chiamata “containerization” e di valutare nel dettaglio come questa tecnologia possa essere adottata in infrastrutture cloud in alternativa a soluzioni complementari come le macchine virtuali. Fino ad oggi, il modello tradizionale “virtual machine” è stata la soluzione predominante nel mercato. L’importante differenza architetturale che i container offrono ha portato questa tecnologia ad una rapida adozione poichè migliora di molto la gestione delle risorse, la loro condivisione e garantisce significativi miglioramenti in termini di provisioning delle singole istanze. Nella tesi, verrà esaminata la “containerization” sia dal punto di vista infrastrutturale che applicativo. Per quanto riguarda il primo aspetto, verranno analizzate le performances confrontando LXD, Docker e KVM, come hypervisor dell’infrastruttura cloud OpenStack, mentre il secondo punto concerne lo sviluppo di applicazioni di livello enterprise che devono essere installate su un insieme di server distribuiti. In tal caso, abbiamo bisogno di servizi di alto livello, come l’orchestrazione. Pertanto, verranno confrontate le performances delle seguenti soluzioni: Kubernetes, Docker Swarm, Apache Mesos e Cattle

Cloudy in guifi.net: Establishing and sustaining a community cloud as open commons

Commons are natural or human-made resources that are managed cooperatively. The guifi.net community network is a successful example of a digital infrastructure, a computer network, managed as an open commons. Inspired by the guifi.net case and its commons governance model, we claim that a computing cloud, another digital infrastructure, can also be managed as an open commons if the appropriate tools are put in place. In this paper, we explore the feasibility and sustainability of community clouds as open commons: open user-driven clouds formed by community-managed computing resources. We propose organising the infrastructure as a service (IaaS) and platform as a service (PaaS) cloud service layers as common-pool resources (CPR) for enabling a sustainable cloud service provision. On this basis, we have outlined a governance framework for community clouds, and we have developed Cloudy, a cloud software stack that comprises a set of tools and components to build and operate community cloud services. Cloudy is tailored to the needs of the guifi.net community network, but it can be adopted by other communities. We have validated the feasibility of community clouds in a deployment in guifi.net of some 60 devices running Cloudy for over two years. To gain insight into the capacity of end-user services to generate enough value and utility to sustain the whole cloud ecosystem, we have developed a file storage application and tested it with a group of 10 guifi.net users. The experimental results and the experience from the action research confirm the feasibility and potential sustainability of the community cloud as an open commons.Peer ReviewedPostprint (author's final draft

SLA-driven governance for RESTful systems

Sofware distribution models are moving to SaaS paradigms where customers no longer need to buy a perpetual license. In this con text, SaaS providers leverage the Service Level Agreement (SLA) concept to delimit the functionality and guarantees to which they commit to their customers. However, although formal specifications for the definition of SLAs have been proposed, providers usually have an ad-hoc approach with a low degree of automation. This approach confirms the fact that the SaaS industry has not incorporated the idea of an SLA model that can be implemented within the infrastructure as a decision mechanism. This instrumentation would be of special interest in RESTful microser vice architectures in providing an automated governance framework for the service catalog and regulating the behavior of each component in the context of the agreements reached with each client. This thesis project is divided in four stages: i) Establishing a sufficiently expressive specification for the description of RESTful microservices reg ulated by advanced SLAs; ii) Develop a catalog of SLA analysis and management operations to support the governance of micro-service ar chitectures; iii) Implement a SLAs management ecosystem to support the government of RESTful microservices; iv) Consolidation of the Governify platform to validate the proposal in industrial environments.Ministerio de Educación, Cultura y Deporte FPU15/02980Ministerio de Economía y Competitividad BELI (TIN2015-70560-R)Junta de Andalucia COPAS (P12–TIC-1867)

CrownLabs - A Collaborative Environment to Deliver Remote Computing Laboratories

The coronavirus pandemic hit the entire education sector hard. All students were sent home and lectures started to be delivered through video-conferencing systems. CrownLabs is an open-source project providing an answer to the problem of delivering remote computing laboratories. Simplicity is one of its main characteristics, requiring nothing but a simple web browser to interact with the system and being all heavyweight computations performed at the university premises. Cooperation and mentoring are also encouraged through parallel access to the same remote desktop. The entire system is built up using components from the Kubernetes ecosystem, to replicate a "cloud grade" infrastructure, coupled with custom software implementing the core business logic. To this end, most of the complexity has been delegated to the infrastructure, to speed up the development process and reduce the maintenance burden. An extensive evaluation has been performed in both real and simulated scenarios to validate the overall performance: the results are encouraging, as well as the feedback from the early adopters of the system

Application for managing container-based software development environments

Abstract. Virtualizing the software development process can enhance efficiency through unified, remotely managed environments. Docker containers, a popular technology in software development, are widely used for application testing and deployment. This thesis examines the use of containers as cloud-based development environments. This study explores the history and implementation of container-based virtualization before presenting containers as a novel cloud-based software development environment. Virtual containers, like virtual machines, have been extensively used in software development for code testing but not as development environments. Containers are also prevalent in the final stages of software production, specifically in the distribution and deployment of completed applications. In the practical part of the thesis, an application is implemented to improve the usability of a container-based development environment, addressing challenges in adopting new work environments. The work was conducted for a private company, and multiple experts provided input. The management application enhanced the container-based development environment’s efficiency by improving user rights management, virtual container management, and user interface. Additionally, the new management tools reduced training time for new employees by 50%, facilitating their integration into the organization. Container-based development environments with efficient management tools provide a secure, efficient, and unified platform for large-scale software development. Virtual containers also hold potential for future improvements in energy-saving strategies and organizational work method harmonization and integration.Sovellus konttipohjaisten ohjelmistonkehitysympäristöjen hallintaan. Tiivistelmä. Ohjelmistokehitysprosessin virtualisointi voi parantaa tehokkuutta yhtenäisten, etähallittujen ympäristöjen avulla. Ohjelmistonkehityksessä suosittu ohjelmistonkehitysteknologia, Docker-kontteja käytetään laajalti sovellusten testaamisessa ja käyttöönotossa. Tässä opinnäytetyössä tarkastellaan konttien käyttöä pilvipohjaisina kehitysympäristöinä. Tämä tutkimus tutkii konttipohjaisen virtualisoinnin historiaa ja toteutusta, jonka jälkeen esitellään konttien käyttöä uudenlaisena pilvipohjaisena ohjelmistokehitysympäristönä. Virtuaalisia kontteja, kuten virtuaalikoneita, on käytetty laajasti ohjelmistokehityksessä kooditestauksessa, mutta ei kehitysympäristöinä. Kontit ovat myös yleisiä ohjelmistotuotannon loppuvaiheissa, erityisesti valmiiden sovellusten jakelussa ja käyttöönotossa. Opinnäytetyön käytännön osassa toteutetaan konttipohjaisen kehitysympäristön käytettävyyttä parantava sovellus, joka vastaa uusien työympäristöjen käyttöönoton haasteisiin. Työ suoritettiin yksityiselle yritykselle, ja sen suunnitteluun osallistui useita asiantuntijoita. Hallintasovellus lisäsi konttipohjaisen kehitysympäristön tehokkuutta parantamalla käyttäjäoikeuksien hallintaa, virtuaalisen kontin hallintaa ja käyttöliittymää. Lisäksi uudet hallintatyökalut lyhensivät uusien työntekijöiden koulutusaikaa 50%, mikä helpotti heidän integroitumistaan organisaatioon. Säiliöpohjaiset kehitysympäristöt varustettuina tehokkailla hallintatyökaluilla tarjoavat turvallisen, tehokkaan ja yhtenäisen alustan laajamittaiseen ohjelmistokehitykseen. Virtuaalisissa konteissa on myös potentiaalia tulevaisuuden parannuksiin energiansäästöstrategioissa ja organisaation työmenetelmien harmonisoinnissa ja integroinnissa

Resource management in a containerized cloud : status and challenges

Cloud computing heavily relies on virtualization, as with cloud computing virtual resources are typically leased to the consumer, for example as virtual machines. Efficient management of these virtual resources is of great importance, as it has a direct impact on both the scalability and the operational costs of the cloud environment. Recently, containers are gaining popularity as virtualization technology, due to the minimal overhead compared to traditional virtual machines and the offered portability. Traditional resource management strategies however are typically designed for the allocation and migration of virtual machines, so the question arises how these strategies can be adapted for the management of a containerized cloud. Apart from this, the cloud is also no longer limited to the centrally hosted data center infrastructure. New deployment models have gained maturity, such as fog and mobile edge computing, bringing the cloud closer to the end user. These models could also benefit from container technology, as the newly introduced devices often have limited hardware resources. In this survey, we provide an overview of the current state of the art regarding resource management within the broad sense of cloud computing, complementary to existing surveys in literature. We investigate how research is adapting to the recent evolutions within the cloud, being the adoption of container technology and the introduction of the fog computing conceptual model. Furthermore, we identify several challenges and possible opportunities for future research

A survey of the European Open Science Cloud services for expanding the capacity and capabilities of multidisciplinary scientific applications

Open Science is a paradigm in which scientific data, procedures, tools and results are shared transparently and reused by society as a whole. The initiative known as the European Open Science Cloud (EOSC) is an effort in Europe to provide an open, trusted, virtual and federated computing environment to execute scientific applications, and to store, share and re-use research data across borders and scientific disciplines. Additionally, scientific services are becoming increasingly data-intensive, not only in terms of computationally intensive tasks but also in terms of storage resources. Computing paradigms such as High Performance Computing (HPC) and Cloud Computing are applied to e-science applications to meet these demands. However, adapting applications and services to these paradigms is not a trivial task, commonly requiring a deep knowledge of the underlying technologies, which often constitutes a barrier for its uptake by scientists in general. In this context, EOSC-SYNERGY, a collaborative project involving more than 20 institutions from eight European countries pooling their knowledge and experience to enhance EOSC\u27s capabilities and capacities, aims to bring EOSC closer to the scientific communities. This article provides a summary analysis of the adaptations made in the ten thematic services of EOSC-SYNERGY to embrace this paradigm. These services are grouped into four categories: Earth Observation, Environment, Biomedicine, and Astrophysics. The analysis will lead to the identification of commonalities, best practices and common requirements, regardless of the thematic area of the service. Experience gained from the thematic services could be transferred to new services for the adoption of the EOSC ecosystem framework