Power Modeling and Resource Optimization in Virtualized Environments

The provisioning of on-demand cloud services has revolutionized the IT industry. This emerging paradigm has drastically increased the growth of data centers (DCs) worldwide. Consequently, this rising number of DCs is contributing to a large amount of world total power consumption. This has directed the attention of researchers and service providers to investigate a power-aware solution for the deployment and management of these systems and networks. However, these solutions could be bene\ufb01cial only if derived from a precisely estimated power consumption at run-time. Accuracy in power estimation is a challenge in virtualized environments due to the lack of certainty of actual resources consumed by virtualized entities and of their impact on applications\u2019 performance. The heterogeneous cloud, composed of multi-tenancy architecture, has also raised several management challenges for both service providers and their clients. Task scheduling and resource allocation in such a system are considered as an NP-hard problem. The inappropriate allocation of resources causes the under-utilization of servers, hence reducing throughput and energy e\ufb03ciency. In this context, the cloud framework needs an e\ufb00ective management solution to maximize the use of available resources and capacity, and also to reduce the impact of their carbon footprint on the environment with reduced power consumption. This thesis addresses the issues of power measurement and resource utilization in virtualized environments as two primary objectives. At \ufb01rst, a survey on prior work of server power modeling and methods in virtualization architectures is carried out. This helps investigate the key challenges that elude the precision of power estimation when dealing with virtualized entities. A di\ufb00erent systematic approach is then presented to improve the prediction accuracy in these networks, considering the resource abstraction at di\ufb00erent architectural levels. Resource usage monitoring at the host and guest helps in identifying the di\ufb00erence in performance between the two. Using virtual Performance Monitoring Counters (vPMCs) at a guest level provides detailed information that helps in improving the prediction accuracy and can be further used for resource optimization, consolidation and load balancing. Later, the research also targets the critical issue of optimal resource utilization in cloud computing. This study seeks a generic, robust but simple approach to deal with resource allocation in cloud computing and networking. The inappropriate scheduling in the cloud causes under- and over- utilization of resources which in turn increases the power consumption and also degrades the system performance. This work \ufb01rst addresses some of the major challenges related to task scheduling in heterogeneous systems. After a critical analysis of existing approaches, this thesis presents a rather simple scheduling scheme based on the combination of heuristic solutions. Improved resource utilization with reduced processing time can be achieved using the proposed energy-e\ufb03cient scheduling algorithm

SLICING-BASED RESOURCE ALLOCATION AND MOBILITY MANAGEMENT FOR EMERGING WIRELESS NETWORKS

The proliferation of smart mobile devices and user applications has continued to contribute to the tremendous volume of data traffic in cellular networks. Moreover, with the feature of heterogeneous connectivity interfaces of these smart devices, it becomes more complex for managing the traffic volume in the context of mobility. To surmount this challenge, service and resource providers are looking for alternative mechanisms that can successfully facilitate managing network resources and mobility in a more dynamic, predictive and distributed manner. New concepts of network architectures such as Software-Defined Network (SDN) and Network Function Virtualization (NFV) have paved the way to move from static to flexible networks. They make networks more flexible (i.e., network providers capable of on-demand provisioning), easily customizable and cost effective. In this regard, network slicing is emerging as a new technology built on the concepts of SDN and NFV. It splits a network infrastructure into isolated virtual networks and allows them to manage network resources based on their requirements and characteristics. Most of the existing solutions for network slicing are facing challenges in terms of resource and mobility management. Regarding resource management, it creates challenges in terms of provisioning network throughput, end-to-end delay, and fairness resources allocation for each slice, whereas, in the case of mobility management, due to the rapid change of user mobility the network slice operator would like to hold the mobility controlling over its clients across different access networks, rather than the network operator, to ensure better services and user experience. In this thesis, we propose two novel architectural solutions to solve the challenges identified above. The first proposed solution introduces a Network Slicing Resource Management (NSRM) mechanism that assigns the required resources for each slice, taking into consideration resource isolation between different slices. The second proposed v solution provides a Mobility Management architecture-based Network Slicing (MMNS) where each slice manages its users across heterogeneous radio access technologies such as WiFi, LTE and 5G networks. In MMNS architecture, each slice has different mobility demands (e.g,. latency, speed and interference) and these demands are governed by a network slice configuration and service characteristics. In addition, NSRM ensures isolating, customizing and fair sharing of distributed bandwidths between various network slices and users belonging to the same slice depending on different requirements of each one. Whereas, MMNS is a logical platform that unifies different Radio Access Technologies (RATs) and allows all slices to share them in order to satisfy different slice mobility demands. We considered two software simulations, namely OPNET Modeler and OMNET++, to validate the performance evaluation of the thesis contributions. The simulation results for both proposed architectures show that, in case of NSRM, the resource blocking is approximately 35% less compared to the legacy LTE network, which it allows to accommodate more users. The NSRM also successfully maintains the isolation for both the inter and intra network slices. Moreover, the results show that the NSRM is able to run different scheduling mechanisms where each network slice guarantee perform its own scheduling mechanism and simultaneously with other slices. Regarding the MMNS, the results show the advantages of the proposed architecture that are the reduction of the tunnelling overhead and the minimization of the handover latency. The MMNS results show the packets delivery cost is optimal by reducing the number of hops that the packets transit between a source node and destination. Additionally, seamless session continues of a user IP-flow between different access networks interfaces has been successfully achieved

On the Use of Migration to Stop Illicit Channels

Side and covert channels (referred to collectively as illicit channels) are an insidious affliction of high security systems brought about by the unwanted and unregulated sharing of state amongst processes. Illicit channels can be effectively broken through isolation, which limits the degree by which processes can interact. The drawback of using isolation as a general mitigation against illicit channels is that it can be very wasteful when employed naively. In particular, permanently isolating every tenant of a public cloud service to its own separate machine would completely undermine the economics of cloud computing, as it would remove the advantages of consolidation. On closer inspection, it transpires that only a subset of a tenant's activities are sufficiently security sensitive to merit strong isolation. Moreover, it is not generally necessary to maintain isolation indefinitely, nor is it given that isolation must always be procured at the machine level. This work builds on these observations by exploring a fine-grained and hierarchical model of isolation, where fractions of a machine can be isolated dynamically using migration. Using different units of isolation allows a system to isolate processes from each other with a minimum of over-allocated resources, and having a dynamic and reconfigurable model enables isolation to be procured on-demand. The model is then realised as an implemented framework that allows the fine-grained provisioning of units of computation, managing migrations at the core, virtual CPU, process group, process/container and virtual machine level. Use of this framework is demonstrated in detecting and mitigating a machine-wide covert channel, and in implementing a multi-level moving target defence. Finally, this work describes the extension of post-copy live migration mechanisms to allow temporary virtual machine migration. This adds the ability to isolate a virtual machine on a short term basis, which subsequently allows migrations to happen at a higher frequency and with fewer redundant memory transfers, and also creates the opportunity of time-sharing a particular physical machine's features amongst a set of tenants' virtual machines

Towards a performance-aware power capping orchestrator for the Xen hypervisor

In the last few years, multi-core processors entered into the domain of embedded systems: this, together with virtualization techniques, allows multiple applications to easily run on the same System-on-Chip (SoC). As power consumption remains one of the most impacting costs on any digital system, several approaches have been explored in literature to cope with power caps, trying to maximize the performance of the hosted applications. In this paper, we present some preliminary results and opportunities towards a performanceaware power capping orchestrator for the Xen hypervisor. The proposed solution, called XeMPUPiL, uses the Intel Running Average Power Limit (RAPL) hardware interface to set a strict limit on the processor's power consumption, while a software-level Observe-Decide-Act (ODA) loop performs an exploration of the available resource allocations to find the most power efficient one for the running workload. We show how XeMPUPiL is able to achieve higher performance under different power caps for almost all the different classes of benchmarks analyzed (e.g., CPU-, memory-and IO-bound)

XeMPUPiL: Towards a Performance-aware Power Capping Orchestrator for the Xen Hypervisor

In the era of Cloud Computing, services and computational power are provided in an as a Service (aaS) fashion, reducing the need of buying, building and maintaining proprietary systems. In the last few years, many services moved from being proprietary to the as a Service paradigm: this, together with virtualization techniques, allows multiple applications to easily run on the same machine. However, the burden of costs optimization is left to the Cloud Provider, that still faces the problem of consolidating multiple workloads on the same infrastructure. As power consumption remains one of the most impacting costs of any digital system, several approaches have been explored in literature to cope with power caps, trying to maximize the performance of the hosted applications. These approaches were usually classified in two macro families, the software and hardware techniques. The former family is typically adopted when the goal consists in minimizing the power consumption, while providing the best possible performance for the running workloads. This approaches are characterized by obtaining high efficiency, but lacks in timeliness. Instead, the latter family is exploited when there are strict constraints regarding the power budget and the main goal consists in respecting them, while trying to maximize the performance of the running applications. In this case, the main characteristic consists in respecting the concept of timeliness, totally neglecting the concept of efficiency. In this thesis, we present results and opportunities obtained towards a performance- aware power capping orchestrator for the Xen hypervisor, that exploit a novel emerging family introduced in the literature: the hybrid approach. This fresh set of techniques aims to adopt synergically and concurrently both hardware and software approaches in order to achieve at the same time the concept of efficiency and timeliness, masking the weak spots of the two common approaches when adopter alone. The proposed solution, called XeMPUPiL, uses the Intel RAPL hardware interface to set a strict limit on the processor’s power consumption, while a software-level ODA control loop performs an exploration of the available resource allocations to find the most power efficient one for the running workload. We show how XeMPUPiL is able to achieve higher performance under different power caps for almost all the different classes of benchmarks analyzed (e.g., CPU-, memory- and IO-bound)

System Support for Managing Risk in Cloud Computing Platforms

Cloud platforms sell computing to applications for a price. However, by precisely defining and controlling the service-level characteristics of cloud servers, they expose applications to a number of implicit risks throughout the application’s lifecycle. For example, user’s request for a server may be denied, leading to rejection risk; an allocated resource may be withdrawn, resulting in revocation risk; an acquired cloud server’s price may rise relative to others, causing price risk; a cloud server’s performance may vary due to external factors, triggering valuation risk. Though these risks are implicit, the costs they bear on the applications are not. While some risks exist in all Infrastructure-as-a-Service offerings, they are most pronounced in an emerging category called transient cloud servers. Since transient servers are carved out of instantaneous idle cloud capacity, they exhibit two distinct features: (i) revocations that are intentional, frequent and come with advanced warning, and (ii) prices that are low in average but vary across time and location. Thus, despite enabling inexpensive access to at-scale computing, transient cloud servers expose applications to risks, the scale of which were unseen in the past platforms. Unfortunately, the current generation system software are not designed to handle these risks, which in turn results in inconsistent performances, unexpected failures, missed savings, and slower adoption. In this dissertation, we elevate risk management to a first-class system design principle. Our goal is to identify the risks, quantify their costs, and explicitly manage them for applications deployed on cloud platforms. Towards that goal, we adapt and extend concepts from finance and economics to propose a new system design approach called financializing cloud computing. By treating cloud resources as investments, and by quantifying the cost of their risks, financialization enables system software to manage the risk-reward trade-offs, explicitly and autonomously. We demonstrate the utility of our approach via four contributions: (i) mitigating revocation risk with insurance policy, (ii) reducing price risk through active trading, (iii) eliminating uncertainty risk by index tracking, and (iv) minimizing server’s valuation risk via asset pricing. We conclude by observing that diversity and asymmetry in the creation and consumption of cloud compute resources is on the rise, and that financialization can be effectively employed to manage its complexity and risks