Resource containers: A new facility for resource management in server systems

UUNIVERSITYNIVERSITY OFOF M MASSACHUSETTS, ASSACHUSETTS, AAMHERST MHERST – – Department of Computer ScienceDepartment of Computer Science

Resource containers: A new facility for resource

management in server systemsG. Banga, P. Druschel and J.

MogulRice University

Presented by:Bhuvan Urgaonkar

UUNIVERSITYNIVERSITY OFOF M MASSACHUSETTS, ASSACHUSETTS, AAMHERST MHERST – – Department of Computer ScienceDepartment of Computer Science 2

Motivation

Web servers should be able to Provide resource guarantees Counter DoS attacks Do accurate billing

Shortcomings in OS abstractions

Process is unit of resource management Apps have no control over resources

kernel consumes for them

=> achieving above goals difficult


Outline

Motivation Shortcomings of OS Abstractions Resource Containers Performance Evaluation Conclusions/Comments


Resource Principals and Protection Domains

Resource Principals Entities for which separate resource

allocation and accounting done Protection Domain

Entities that need to be isolated from each other

Popular Operating Systems Process = resource principal Process = protection domain


A classical application

Process appropriate resource principal


A network-intensive application

Resources consumed by kernel unaccounted => process inappropriate as resource principal


A multi-process application

The resource principal should be the set of all processes


Single-process MT application

Correct resource principal smaller than a process


OS shortcomings: summary

OS unit of resource mgt. (process) often different from desired unit Apps cannot control resource

allocation to their activities Inaccurate accounting and

charging of resources Incorrect scheduling decisions


Resource container

Contains all system resources used for an independent activity

E.g. For a HTTP connection served by a web server CPU time spent on the connection sockets, PCBs, network buffers etc

Mechanisms for accurate accounting Lazy Receiver Processing (LRP)


Containers and CPU scheduling

Applications associate containers with independent activities

Dynamic binding between threads and containers

Thread’s consumption charged to right container


Containers and CPU scheduling

Threads scheduled based on combined allocation and usage of all associated containers

Apps can associate scheduling info with activities

Threads within a container may be scheduled as the app pleases

Resource container hierarchy


Other resources

Similar accounting mechanism possible for other resources

Support required to account for resources consumed by the kernel on behalf of applications


Containers in a MT server

New container created for new connection Serving thread bound to this container


Containers in event-driven server

New container created for new connection Thread’s binding changed as it serves

different connections


More examples

Different priorities to requests from different sources

Restrict resource consumption of certain requests Defend against DoS attacks

Generating accurate bills


Prototype implementation

Modifications to Digital UNIX 4.0D CPU scheduler TCP/IP subsystem: LRP

Server software: single-process, event-driven

Clients used the S-Client software


Costs of new primitives

Throughput of server unchanged on modified kernel


Prioritized handling of clients

Number of concurrent low-priority clients


Controlling resource usage of

CGI processing

Number of concurrent CGI requests


Immunity against SYN-flooding

SYN-Flood Rate (1000s of SYNs/sec)


Conclusions

Resource container, an OS abstraction to explicitly identify a resource principal

Prototype implementation in Digital UNIX

Combined with accurate resource accounting (e.g., LRP) can help web servers provide differentiated QoS

Documents

Resource containers: A new facility for resource management in server systems