Cloud Computing (LTAT.06.008)

Lecture 3- Virtualization

Mr. Shivananda R PoojaraResearch Assistant

Mobile and Cloud Lab

1

Outline- IaaS- Virtualization- Docker fundamentals

2

Lecture Outcome- Outline an IaaS service model, architecture and industry players- Understand the use of virtualization in cloud computing and its architecture, types & industry tools.- Understand the architecture of Docker and its working principles.

3

Lecture Content from the text book, chapter 3- Virtualization:

Mastering Cloud Computing – Book by Christian Vecchiola, Rajkumar Buyya, and S. Thamarai Selvi,

2013th edition.

Some presentations referred from Prof. Satish Srirama lecture in Spring 2019 https://courses.cs.ut.ee/MTAT.08.027/2019_spring/uploads/Main/L7_MoreAWSResearchMobileCloudLab2019.pdf

2/25/2020 Shivananda Poojara 4

http://nolegendhere.blogspot.com.ee/2012/06/presentation-4-5-7.html

Cloud Computing Services

Physical Infrastructure

Datacenter Cluster

Desktop /

Heterogeneous

ResourcesThird Party IaaS

Cloud

Infrastructure Management Software

SchedulingPricing /

Billing

Monitoring

QoS SLA

Management

ReservationVM Pool

ManagementVM Image Repository

Provisioning

Web Services, Portals, REST API

Web based Management Interface

Infrastructure as a service model

2/25/2020 Shivananda Poojara 5

http://buyya.com/

Corporate giants

2/25/2020 6• https://acemos.net/?page_id=71Shivananda Poojara

Cloud Providers and Services• Amazon Web Services – We will focus more..

• Compute: EC2

• Storage: S3, EBS

– Scaling: Elastic Load Balancing, Auto Scale, CloudWatch

• Eucalyptus

• OpenStack

• Management providers

• AWS Management Console

• OpenStack Horizon

• RightScale

• PaaS

• Google AppEngine

• Windows Azure

• Elastic MapReduce2/25/2020 Shivananda Poojara 7

Openstack

• Founded by NASA and Rackspace

• The open source cloud computing platform

• Feature-rich and massively scalable

• Powers cloud storage, compute, and networking

• A world-wide open source collaboration

• Openstack is Infrastructure as a Service which is knows as Cloud Operating System, that takes resources such as compute, storage and network, Virtualization technologies that control those resources at a data center level.

• > 110 + Companies >50 M Venture capital

• Motivation: Rackspace had $1.794 billion income

2/25/2020 Shivananda Poojara 8

Openstak Supporting companies

2/25/2020 Shivananda Poojara 9

Openstack high level architecture

2/25/2020 Shivananda Poojara 10

https://www.slideshare.net/kamesh001/openstack-101-update

2/25/2020 Shivananda Poojara 11

Communication

ServicesAmazon Simple

Queue Service

(SQS)

Amazon Simple

Notification Service

(EBS)

Amazon Simple

Email Service (SES)

Amazon Route 53

Amazon Virtual

Private Cloud (VPC)

Amazon Direct

Connect

Amazon Elastic

Load Balancing

Storage Services

Amazon Simple

Storage Service (S3)

Amazon Elastic

Block Store (EBS)

Amazon ElastiCache

Amazon SimpleDB

Amazon Relational

Database Service

(RDS)

Amazon CloudFront

Amazon

Import/Export

Compute Services

Amazon Elastic

Compute Cloud

(EC2)

Amazon Elastic

MapReduce

AWS Elastic

Beanstalk

AWS Cloudformation

Autoscaling

Amazon AWS Platform

Additional Services

Amazon GovCloud

Amazon Flexible

Payment Service

(FPS)

Amazon DevPay

Amazon Fullfillment

Web Service (FWS)

Amazon Mechanical

Turk

Alexa Web

Information Service

Amazon CloudWatch

Alexa Top Sites

Amazon Web Services stack

http://buyya.com/

Elastic container

service

Lamda

We will

focus in this

vertical-

IaaS

AWS Elastic Compute Cloud – EC2

• It provides scalable compute capacity in AWS cloud services.

• You can configure your own instance with security, networking and storage.

• Enables you to scale up and down to handle your workload.

• Characteristics:• Virtual computing environments known as instances.

• Preconfigured templates- Amazon Machine Images and package bits

• Various capacity types of instance – CPU, Memory, Storage

• Key pair for secure login

• Storage volumes for temporary data- instance store volumes

• Persistent storage volumes-Amazon EBS volumes

• Multiple physical locations for your resources-Regions and Availability Zones

• Security groups

• Static IPv4 addresses for dynamic cloud computing, known as Elastic IP addresses

• Connect to your own network, known as virtual private clouds (VPCs)

2/25/2020 Shivananda Poojara 12

AWS EC2 Dashboard

2/25/2020 Shivananda Poojara 13

AWS EC2 Instance Types• General purpose instance

• Uses: Scale-out workloads such as web servers, containerized micro services

• Compute Optimized

• Uses: High performance web servers, scientific modelling, batch processing, distributed analytics, machine/deep learning inference.

• Memory optimized instances

• Used for high performance databases, distributed web scale in-memory caches, real time big data analytics, and other enterprise applications.

• Accelerated Computing

• Machine/Deep learning, high performance computing, computational fluid dynamics,

• Storage optimized2/25/2020 Shivananda Poojara 14

AWS EC2 Spot Instances

• Spot Instances

• Spot Instances are available at a discount of up to 90% off compared to On-Demand pricing.

• Prices are set on spot based availability zone and region

• Used for known start and end types of applications

• Examples: fault-tolerant, or flexible applications such as big data, containerized workloads, CI/CD, web servers, high-performance computing (HPC),

2/25/2020 Shivananda Poojara 15

AWS cloud formation

• Provides an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion

• It is based on templates model

• Templates describe the AWS resources, the associated dependencies, and runtime parameters to run an app.

• The templates describe stacks, which are set of software and hardware resources.

• Something similar to CloudML and RightScale server templates

• Hides several details

• How the AWS services need to be provisioned

• Subtleties of how to make those dependencies work.

*handler operation durations above 30 seconds per operation, you will be charged $0.00008 per second above the threshold.

2/25/2020 Shivananda Poojara 16

Free tier 1,000 handler operations per month per account

Other $0.0009 per handler operation *

Inside AWS No price

Resources:

Ec2Instance:

Type: 'AWS::EC2::Instance'

Properties:

SecurityGroups:

- !Ref InstanceSecurityGroup

- MyExistingSecurityGroup

KeyName: mykey

InstanceType: t2.micro

ImageId: ami-7a11e213

InstanceSecurityGroup:

Type: 'AWS::EC2::SecurityGroup'

Properties:

GroupDescription: Enable SSH access via port 22

SecurityGroupIngress:

- IpProtocol: tcp

FromPort: '22'

ToPort: '22'

CidrIp: 0.0.0.0/02/25/2020 17/37

Virtualization

• What is Virtualization?

• Being to Original but not…

• History of Virtualization:

• Virtualization’s roots go back to 1960’s from IBM in x86 Architecture.

• Jim Rymarcktz – first main frame virtualization.

• IBM’s CP-67 software to partitions and share.

• VmWare had become pioneer in the virtualization technologies.

• Virtualization transforms hardware into software.

• It is the creation of a fully functional virtual computer that can run its own applications and an operating system.

• Creates virtual elements of the CPU, RAM, and hard disk.

18

Virtualization- In nutshell

19https://www.redhat.com/en/topics/virtualization

Virtualization- DefinitionDefinition - What does Virtualization mean?

• Virtualization refers to the creation of a virtual resource such as a server, desktop, operating system, file, storage or network.

• Allows creation of secure, customizable and isolated execution environment for running applications.• Linux on Windows.

• Virtualization provides an abstract environment.

20

Virtualization- Motivation• Increased performance and computing capacity relevance to hardware

manufacturing.

• Underutilized Hardware and software Resources

• Lack of Space

• Greening Initiatives

• Rise of administrative costs • Administrative tasks include: labor intensive

• hardware monitoring

• defective hardware replacement

• server setup and updates

• resource monitoring backups

21

Three players in virtualization

Guest: direct contact with VL not to host

Virtualization Layer: recreating env. As like host. (Emulation)

Host : Original env. Where guest is managed

22

Virtualization Layer

Virtual Hardware Virtual NetworkingVirtual Storage

Software Emulation

HostPhysical

Hardware Physical Storage Physical Networking

GuestApplicationsApplicationsVirtual Image

http://buyya.com/

Characteristics of Virtualization• Increased Security

• Controlling the guest provides secure, controlled execution environment.

• Operations—Guest VM—emulate– Host– real operations.

• Resources can be hidden from guest not to install complex security policies.

Example:

- applets– download—run –sandbox version of JVM protects from guest to interact with host.

- Java and .NET provide such security policies for customizing execution environment.

• Managed Execution:

• Portability 23

Aggregati

onSharing Emulation Isolation Virtualization

Physical

Resources

Virtual

Resources

http://buyya.com/

Taxonomy of Virtualization Techniques

24

Virtualization

Execution

Environment

Storage

Network

….

Emulation

High-Level VM

Multiprogramming

Hardware-

assisted

Virtualization

Process

Level

System

Level

Paravirtualization

Full

Virtualization

How it is

done? TechniqueVirtualization

Model

Application

Programming

Language

Operating

System

Hardware

Partial

Virtualizationhttp://buyya.com/

Taxonomy of Virtualization Techniques

• Virtualization is mainly used to emulate execution environment , storage and networks.

• Execution Environment classified into two :

– Process-level – implemented on top of an existing operating system.

– System-level – implemented directly on hardware and do not or minimum requirement of existing operating system

• Computer system is complex, and yet it continue to evolve.

• Computer is designed as hierarchies of well-defined interfaces that separate level of abstraction.

• Simplifying abstractions hide lower-level implementation details.

25

Hypervisor• Hypervisor runs above the supervisor mode.

• It recreates a h/w environment. • It is a piece of s/w that enables us to run one or more VMs on a physical

server(host).

• Two major types of hypervisor -

26

Type –I

It runs directly on top of the hardware.

Takes place of OS.

Directly interact with the ISA exposed by the underlying hardware

Also known as native virtual machine.

Example: VmWare ESXi, MS HyperV

Type-II

It require the support of an operating system to provide virtualization services.

Programs managed by the OS.

Emulate the ISA of virtual h/w.

Also called hosted virtual machine

Example: KVM, Virtual Box

Type I & Type II Hypervisor

OS- Operating System

27

VM

ABI

Hardware

Operative System

ISA

Virtual Machine

Manager

ISA

APP

Hardware

ISA

Virtual Machine

Manager

ISA

http://buyya.com/

OS

Hardware virtualization Techniques• Full Virtualization

• Ability to run program (OS) directly on top of a virtual machine and without any modification.

• Para Virtualization• Guest OS need to be modified.

• Simply transfer the execution of instructions which were hard to virtualized, directly to the host.

• Partial Virtualization• Partial emulation of the underlying hardware and not allow complete isolation to guest OS.

• Hardware assisted Virtualization

• Hardware provides architectural support for building a VMM able to run a guest OS in complete isolation.

28

Different levels of Virtualization

29

Operative Systems

Execution S

tack

Hardware - level

Virtualization

Hardware

Programming Languages

Applications

OS- level

Virtualization

Programming

Language level

Virtualization

Application - level

Virtualization

http://buyya.com/

Cons of Virtualization

Disadvantages

– Performance degradation

– Inefficiency and degraded user experience

– As it interposes and abstraction layer between guest & host.

Some of specific features of the host is unexposed. Security holes and new threats

Case 1 – emulating a host in a completely transparent manner.

Case 2 - H/w virtualization , malicious programs can preload themselves before the OS and act as a thin VMM.

30

Containers• What is a container?

• LXC is a Linux container is a Linux operating system-level virtualization method for running multiple isolated linux based systems on single host controlled and managed by Namespaces and Cgroups.

• To understand the container technology, the following concepts play an important role:• Namespaces: Originally developed by IBM, Linux namespace partitions processes

and system resources so that only processes in the same namegroup get access to namegroup resources and processes.

Example: PID(Process Id), MNT(Mount file/folder), IPC,NET(Individual port and IP)

• Cgroups: Originally contributed by Google, Cgroups is a Linux kernel concept that governs the isolation and usage of system resources, such as CPU & memory, for a group of processes.

2/25/2020 31Shivananda Poojara

Ex: Filesystem namespaces

2/25/2020 Shivananda Poojara 32https://www.insecure.ws/linux/systemd_nspawn.html

2/25/2020 Shivananda Poojara 33https://twitter.com/goldshtn/status/988468555883696129/photo/1

Containers

• Containers decouple applications from operating systems, which means that users can have a clean and minimal Linux operating system and run everything else in some form of containers.

• Motivation

• Monolithic applications to distributed micro services application

• Evolution of DevOps

• Cross platform deployments

• Faster exploration and deployments

• Licensing costs

2/25/2020 34Shivananda Poojara

2/25/2020 35Shivananda Poojara

2/25/2020 36Shivananda Poojara

2/25/2020 37Shivananda Poojara

Difference between VM and Containers

2/25/2020 38https://rh6stzxdcl1wf9gj1fkj14uc-wpengine.netdna-ssl.com/wp-content/uploads/2017/01/VM-Diagram.png

Shivananda Poojara

Container Virtual Machine Bare metal server

Underlying platform OS or Virtual Machine or

X86 Bare metal Server

Hypervisor or Bare metal

server

--

Provisioning time seconds minutes Hours

Tenant isolation

enforcement

OS Kernel Hypervisor Physical

Performance: Speed and

Consistency

Average Average Fastest

2/25/2020 Shivananda Poojara 39

Container runtime platforms

• Docker

• CoreOS rkt

• Mesos

• LXC

• OpenVZ

• Containerd

2/25/2020 40

• Windows Server Containers.• Linux VServer.• Hyper-V Containers.• Unikernels.• Java containers.

Shivananda Poojara

Docker Overview

• Docker- Open source project(https://www.docker.com/)

• Docker Inc. – The company for enterprise deployments(https://www.docker.com/company)

2/25/2020 41Shivananda Poojara

Docker Architecture

2/25/2020 42Shivananda Poojara

Docker Architecture

2/25/2020 43

• The Docker Hub Registry:

• Public image registry

• The docker daemon talks to it via registry API.

• The Docker Client:

• The command line tool – The docker binary.

• Talks to the Docker daemon via the Docker API.

• The Docker daemon:

• Receives and processes an incoming Docker API requests.

Shivananda Poojara

Docker fundamentals

• Volumes

• Volumes are the data part of the container.

• It allows to persist and share a container’s data.

• Docker Image

• Images are read only templates build from Dockerfile.

• Each instruction from Dockerfile adds a layer in to the image.

• Layers are key to Docker’s lightweight and powerful structure.

• Docker uses Union File System.

• Duplication-free

• Layer segregation2/25/2020 44Shivananda Poojara

Docker fundamentals

• Dockerfile

• Its used to create docker image by using set of instructions.

2/25/2020 45Shivananda Poojara

Docker fundamentals

• Docker containers

• It’s a invisible box with everything the application needs to run.

• It includes OS, app code, runtime, system tools and libraries, etc.

• It built off from Docker images.

• Since image are read only, Docker adds a read-write file system over the read only file system to create the container.

• Docker creates network interface, executes the process specified when defining the image.

2/25/2020 46Shivananda Poojara

Docker container

2/25/2020 47Shivananda Poojara

https://linoxide.com/linux-how-to/dockerfile-create-docker-container/

2/25/2020 Shivananda Poojara 48https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/containerd

Linux Containers on Windows

2/25/2020 Shivananda Poojara 49https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/linux-containers

AWS Container Service• Elastic container service: (Container as a Service)

2/25/2020 50/37

Service name Use

Amazon ECR Store, encrypt, and manage container

images

Amazon ECS Run containerized applications or build

micro services

Amazon EKS Manage containers with Kubernetes

Amazon Fargate Run containers without managing

servers

References• Mastering Cloud Computing – Book by Christian Vecchiola, Rajkumar Buyya, and S. Thamarai

Selvi, 2013th edition.

• Docker Manual-pdf: http://wiki.zenoss.org/download/core/drich_slides/DockerSlides.pdf

• Docker Cheat Sheet: https://www.docker.com/sites/default/files/d8/2019-09/docker-cheat-sheet.pdf

• https://www.freecodecamp.org/news/a-beginner-friendly-introduction-to-containers-vms-and-docker-79a9e3e119b/

• https://www.snia.org/sites/default/files/CSI/SNIA_Intro_to_Containers_Container_Storage_and_Docker_Final.pdf

2/25/2020 51Shivananda Poojara

Next Lecture

Serverless Computing

2/25/2020 Shivananda Poojara 52