Towards Formal-based Semantic Interoperability in Multi-Clouds: The FCLOUDS Framework

International audienceMulti-cloud computing has been proposed as a way to reduce vendor lock-in, to improve resiliency during outages and geo-presence, to boost performance and to lower costs. However, semantic differences between cloud providers, as well as their heterogeneous management interfaces, make changing from one provider to another very complex and costly. This is quite challenging for the implementation of multi-cloud systems. In this paper, we aim to take advantage of formal methods to define a precise semantics for multi-clouds. We propose fclouds, a formal-based framework for semantic interoperability in multi-clouds. This framework contains a catalogue of formal models that mathematically describe cloud APIs and reason over them. A precise alignment can be described between their concepts, which promotes semantic interoperability

A Model-Driven Tool Chain for OCCI

International audienceOpen Cloud Computing Interface (OCCI) is the only open standard for managing any kinds of cloud resources, e.g., Infrastructure as a Service, Platform as a Service, and Software as a Service. However, no model-driven tooling exists to assist OCCI users in designing, editing, validating, generating, and managing OCCI artifacts (i.e., extensions that represent specific application domains and configurations that define the running systems). In this paper, we propose the first model-driven tool chain for OCCI called OCCIware Studio. This tool chain is based on a metamodel defining the static semantics for the OCCI standard in Ecore and OCL. OCCIware Studio provides OCCI users facilities for designing, editing, validating, generating, and managing OCCI artifacts. We detail the tooled process to define an OCCI extension. In addition, we show how the cloud user can leverage the generated tooling for this extension to create his own OCCI configurations and manage them in the cloud.We illustrate our paper with the OCCI infrastructure extension proposed to define OCCI-compliant compute, network, and storageresources

Specifying Semantic Interoperability between Heterogeneous Cloud Resources with the FCLOUDS Formal Language

International audienceWith the advent of cloud computing, different cloud providers with heterogeneous services and Application Programming Interfaces (APIs) have emerged. Hence, building an interop-erable multi-cloud system becomes a complex task. Our idea is to design FCLOUDS framework to achieve semantic interoperability in multi-clouds, i.e., to identify the common concepts between cloud APIs and to reason over them. In this paper, we propose to take advantage of the Open Cloud Computing Interface (OCCI) standard and the Alloy formal specification language to define the FCLOUDS language, which is a formal language for specifying heterogeneous cloud APIs. To do so, we formalize OCCI concepts and operational semantics, then we identify and validate five properties (consistency, sequentiality, reversibility, idempotence and safety) that denote their characteristics. To demonstrate the effectiveness of our cloud formal language, we present thirteen case studies where we formally specify infrastructure, platform, Internet of Things (IoT) and transverse cloud concerns. Thanks to the Alloy analyzer, we verify that these heterogeneous APIs uphold the properties of FCLOUDS and also validate their own specific properties. Then, thanks to formal transformation rules and equivalence properties, we draw a precise alignment between our case studies, which promotes semantic interoperability in a multi-cloud system

A Precise Model for Google Cloud Platform

International audienceToday, Google Cloud Platform (GCP) is one of the leaders among cloud APIs. Although it was established only five years ago, GCP has gained notable expansion due to its suite of public cloud services that it based on a huge, solid infrastructure. GCP allows developers to use these services by accessing GCP RESTful API that is described through HTML pages on its website. However, the documentation of GCP API is written in natural language (English prose) and therefore shows several drawbacks, such as Informal Heterogeneous Documentation, Imprecise Types, Implicit Attribute Metadata, Hidden Links, Redundancy and Lack of Visual Support. To avoid confusion and misunderstandings, the cloud developers obviously need a precise specification of the knowledge and activities in GCP. Therefore, this paper introduces GCP MODEL, an inferred formal model-driven specification of GCP which describes without ambiguity the resources offered by GCP. GCP MODEL is conform to the Open Cloud Computing Interface (OCCI) metamodel and is implemented based on the open source model-driven Eclipse-based OCCIWARE tool chain. Thanks to our GCP MODEL, we offer corrections to the drawbacks we identified

Model-Driven Management of Docker Containers

International audienceWith the emergence of Docker, it becomes easier to encapsulate applications and their dependencies into lightweight Linux containers and make them available to the world by deploying them in the cloud. Compared to hypervisor-based virtualization approaches, the use of containers provides faster start-ups times and reduces the consumption of computer resources. However, Docker lacks of deployability verification tool for containers at design time. Currently, the only way to be sure that the designed containers will execute well is to test them in a running system. If errors occur, a correction is made but this operation can be repeated several times before the deployment becomes operational. Docker does not provide a solution to increase or decrease the size of container resources in demand. Besides the deployment of containers, Docker lacks of synchronization between the designed containers and those deployed. Moreover, container management with Docker is done at low level, and therefore requires users to focus on low level system issues. In this paper we focus on these issues related to the management of Docker containers. In particular, we propose an approach for modeling Docker containers. We provide tooling to ensure the deployability and the management of Docker containers. We illustrate our proposal using an event processing application and show how our solution provides a significantly better compromise between performance and development costs than the basic Docker container solution

Model-Driven Configuration Management of Cloud Applications with OCCI

International audienceTo tackle the cloud-provider lock-in, the Open Grid Forum (OGF) is developing the Open Cloud Computing Interface (OCCI), a standardized interface for managing any kind of cloud resources. Besides the OCCI Core model, which defines the basic modeling elements for cloud resources, the OGF also defines extensions that reflect the requirements of different cloud service levels, such as IaaS and PaaS. However, so far the OCCI PaaS extension is very coarse grained and lacks of supporting use cases and implementations. Especially, it does not define how the components of the application itself can be managed. In this paper, we present a model-driven framework that extends the OCCI PaaS extension and is able to use different configuration management tools to manage the whole lifecycle of cloud applications. We demonstrate the feasibility of the approach by presenting four different use cases and prototypical implementations for three different configuration management tools

A Context-Driven Modelling Framework for Dynamic Authentication Decisions

International audienceNowadays, many mechanisms exist to perform authentication, such as text passwords and biometrics. However, reasoning about their relevance (e.g., the appropriateness for security and usability) regarding the contextual situation is challenging for authentication system designers. In this paper, we present a Context-driven Modelling Framework for dynamic Authentication decisions (COFRA), where the context information specifies the relevance of authentication mechanisms. COFRA is based on a precise metamodel that reveals framework abstractions and a set of constraints that specify their meaning. Therefore, it provides a language to determine the relevant authentication mechanisms (characterized by properties that ensure their appropriateness) in a given context. The framework supports the adaptive authentication system designers in the complex trade-off analysis between context information, risks and authentication mechanisms, according to usability, deployability, security, and privacy. We validate the proposed framework through case studies and extensive exchanges with authentication and modelling experts. We show that model instances describing real-world use cases and authentication approaches proposed in the literature can be instantiated validly according to our metamodel. This validation highlights the necessity, sufficiency, and soundness of our framework

Inférer des modèles à partir d'APIs cloud et raisonner dessus: une approche outillée et formelle

In recent years, multi-cloud computing which aims to combine different offerings or migrate applications between different cloud providers, has become a major trend. Multi-clouds improve the performance and costs of cloud applications, and ensure their resiliency in case of outages. But with the advent of cloud computing, different cloud providers with heterogeneous cloud services (compute, storage, network, applications, etc.) and Application Programming Interfaces (APIs) have emerged. This heterogeneity complicates the implementation of an interoperable multi-cloud system. Several multi-cloud interoperability solutions have been developed to address this challenge. Among these solutions, Model-Driven Engineering (MDE) has proven to be quite advantageous and is the mostly adopted methodology to rise in abstraction and mask the heterogeneity of the cloud. However, most of the existing MDE solutions for the cloud remain focused on only designing the cloud without automating the deployment and management aspects, and do not cover all cloud services. Moreover, MDE solutions are not always representative of the cloud APIs and lack of formalization.To address these shortcomings, I present in this thesis an approach based on Open Cloud Computing Interface (OCCI) standard, MDE and formal methods. OCCI is the only community-based and open recommendation standard that describes every kind of cloud resources. MDE is used to design, validate, generate and supervise cloud resources. Formal methods are used to effectively reason on the structure and behaviour of the encoded cloud resources, by using a model checker verifying their properties. This research takes place in the context of the OCCIware project, which provides OCCIware Studio, the first model-driven tool chain for OCCI. It is coupled with OCCIware Runtime, the first generic runtime for OCCI artifacts targeting all the cloud service models (IaaS, PaaS, and SaaS). In this dissertation, I provide two major contributions implemented on top of the OCCIware approach. First, I propose an approach based on reverse-engineering to extract knowledge from the ambiguous textual documentation of cloud APIs and to enhance its representation using MDE techniques. This approach is applied to Google Cloud Platform (GCP), where I provide GCP Model, a precise model-driven specification for GCP. GCP Model is automatically inferred from GCP textual documentation, conforms to the OCCIware Metamodel and is implemented within OCCIware Studio. It allows one to perform qualitative and quantitative analysis of the GCP documentation. Second, I propose in particular the fclouds framework to achieve semantic interoperability in multi-clouds, i.e., to identify the common concepts between cloud APIs and to reason over them. The fclouds language is a formalization of OCCI concepts and operational semantics in Alloy formal specification language. To demonstrate the effectiveness of the fclouds language, I formally specify thirteen case studies and verify their properties. Then, thanks to formal transformation rules and equivalence properties, I draw a precise alignment between my case studies, which promotes semantic interoperability in multi-clouds.Ces dernières années, l'informatique multi-nuages, qui vise à combiner différentes offres ou à migrer des applications entre différents fournisseurs de services en nuage, est devenue une tendance majeure. Les multi-nuages améliorent les performances et les coûts des applications hébergées dans les nuages et garantissent leur résilience en cas de panne. Mais avec l'avènement de l'informatique en nuage, différents fournisseurs offrant des services en nuage (calcul, stockage, réseau, applications, etc.) et des interfaces de programmation d'applications (APIs) hétérogènes sont apparus. Cette hétérogénéité complique la mise en œuvre d'un système de multi-nuages interopérable.Plusieurs solutions pour l'interopérabilité de multi-nuages ont été développées pour relever ce défi. Parmi ces solutions, l'Ingénierie Dirigée par les Modèles (IDM) s'est révélée très avantageuse et constitue la méthodologie la plus largement adoptée pour monter en abstraction et masquer l'hétérogénéité du nuage. Cependant, la plupart des solutions IDM existantes pour le l'informatique en nuage restent concentrées sur la conception des nuages sans automatiser les aspects de déploiement et de gestion, et ne couvrent pas tous les services en nuage. De plus, les solutions IDM ne sont pas toujours représentatives des APIs de nuages et manquent de formalisation.Pour remédier à ces limitations, je présente dans cette thèse une approche basée sur le standard Open Cloud Computing Interface (OCCI), les approches IDM et les méthodes formelles. OCCI est le seul standard ouvert qui décrit tout type de ressources de nuages. L'IDM est utilisée pour concevoir, valider, générer et superviser des ressources de nuage. Les méthodes formelles sont utilisées pour raisonner efficacement sur la structure et le comportement des ressources de nuage encodées, à l'aide d'un vérificateur de modèle analysant leurs propriétés.Cette recherche a lieu dans le contexte du projet OCCIware, qui fournit OCCIware Studio, la première chaîne d'outils pilotée par les modèles pour OCCI. OCCIware Studio est associé à OCCIware Runtime, le premier environnement d'exécution générique pour les artefacts OCCI ciblant tous les modèles de service de nuages (IaaS, PaaS et SaaS). Dans cette thèse, je fournis en particulier deux contributions majeures qui sont mises en œuvre en se basant sur l'approche OCCIware. Premièrement, je propose une approche basée sur la rétro-ingénierie pour extraire des connaissances des documentations textuelles ambigües des APIs de nuages et améliorer leur représentation à l'aide des techniques IDM. Cette approche est appliquée à Google Cloud Platform (GCP), où je propose GCP Model, une spécification précise et basée sur les modèles pour GCP. GCP Model est automatiquement déduit de la documentation textuelle de GCP, est conforme à OCCIware Metamodel et est implémenté dans OCCIware Studio. Il permet d'effectuer des analyses qualitatives et quantitatives de la documentation de GCP. Deuxièmement, je propose le cadre fclouds pour assurer une interopérabilité sémantique entre plusieurs nuages, i.e., pour identifier les concepts communs entre les APIs de nuages et raisonner dessus. Le langage fclouds est une formalisation des concepts et de la sémantique opérationnelle d'OCCI en employant le langage de spécification formel Alloy. Pour démontrer l'efficacité du langage fclouds, je spécifie formellement treize APIs et en vérifie les propriétés. Ensuite, grâce aux règles de transformation formelles et aux propriétés d'équivalence, je peux tracer un alignement précis entre mes études de cas, ce qui favorise l'interopérabilité sémantique dans un système de multi-nuages

A Study of Virtual Machine Placement Optimization in Data Centers

International audienceIn recent years, cloud computing has shown a valuable way for accommodating and providing services over the Internet such that data centers rely increasingly on this platform to host a large amount of applications (web hosting, e-commerce, social networking, etc.). Thus, the utilization of servers in most data centers can be improved by adding virtualization and selecting the most suitable host for each Virtual Machine (VM). The problem of VM placement is an optimization problem aiming for multiple goals. It can be covered through various approaches. Each approach aims to simultaneously reduce power consumption, maximize resource utilization and avoid traffic congestion. The main goal of this literature survey is to provide a better understanding of existing approaches and algorithms that ensure better VM placement in the context of cloud computing and to identify future directions

Towards Formal-based Semantic Interoperability in Multi-Clouds: The FCLOUDS Framework

International audienceMulti-cloud computing has been proposed as a way to reduce vendor lock-in, to improve resiliency during outages and geo-presence, to boost performance and to lower costs. However, semantic differences between cloud providers, as well as their heterogeneous management interfaces, make changing from one provider to another very complex and costly. This is quite challenging for the implementation of multi-cloud systems. In this paper, we aim to take advantage of formal methods to define a precise semantics for multi-clouds. We propose fclouds, a formal-based framework for semantic interoperability in multi-clouds. This framework contains a catalogue of formal models that mathematically describe cloud APIs and reason over them. A precise alignment can be described between their concepts, which promotes semantic interoperability