1 / 60

PlanetLab and OneLab Presentation at the GRID 5000 School 9 March 2006

PlanetLab and OneLab Presentation at the GRID 5000 School 9 March 2006. Timur Friedman Université Pierre et Marie Curie Laboratoire LIP6-CNRS PlanetLab slides based on slides provided courtesy of Larry Peterson. PlanetLab. An open platform for: testing overlays,

zazu
Download Presentation

PlanetLab and OneLab Presentation at the GRID 5000 School 9 March 2006

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PlanetLab and OneLab Presentation at the GRID 5000 School9 March 2006 Timur Friedman Université Pierre et Marie CurieLaboratoire LIP6-CNRS PlanetLab slides based on slidesprovided courtesy of Larry Peterson

  2. PlanetLab • An open platform for: • testing overlays, • deploying experimental services, • deploying commercial services, • developing the next generation of internet technologies. • A set of virtual machines • distributed virtualization • each of 350+ network services runs in its own slice

  3. PlanetLab nodes • 637 machines spanning 302 sites and 35 countries • nodes within a LAN-hop of > 2M users

  4. Slices

  5. Slices

  6. Slices

  7. User Opt-in Client Server NAT

  8. Per-Node View Node Mgr Local Admin VM1 VM2 VMn … Virtual Machine Monitor (VMM)

  9. Architecture (1) • Node Operating System • isolate slices • audit behavior • PlanetLab Central (PLC) • remotely manage nodes • bootstrap service to instantiate and control slices • Third-party Infrastructure Services • monitor slice/node health • discover available resources • create and configure a slice • resource allocation

  10. PlanetLab Nodes Service Developers Owner 1 Owner 2 Owner 3 Owner N U S E R S Slice Authority Request a slice Create slices New slice ID Identify slice users (resolve abuse) Learn about nodes Auditing data Management Authority . . . Software updates . . . Access slice Architecture (2)

  11. node database MA Owner VM NM + VMM Node Owner Service Developer VM SCS slice database SA Architecture (3) Node

  12. Long-Running Services • Content Distribution • CoDeeN: Princeton • Coral: NYU • Cobweb: Cornell • Internet Measurement • ScriptRoute: Washington, Maryland • Anomaly Detection & Fault Diagnosis • PIER: Berkeley, Intel • PlanetSeer: Princeton • DHT • Bamboo (OpenDHT): Berkeley, Intel • Chord (DHash): MIT

  13. Services (cont) • Routing • i3: Berkeley • Virtual ISP: Princeton • DNS • CoDNS: Princeton • CoDoNs: Cornell • Storage & Large File Transfer • LOCI: Tennessee • CoBlitz: Princeton • Shark: NYU • Multicast • End System Multicast: CMU • Tmesh: Michigan

  14. Usage Stats • Slices: 350 - 425 • AS peers: 6000 • Users: 1028 • Bytes-per-day: 2 - 4 TB • Coral CDN represents about half of this • IP-flows-per-day: 190M • Unique IP-addrs-per-day: 1M

  15. OneLab • A potential project, currently under negotiation with the European Commission • Project leader: UPMC/LIP6-CNRS • Technical direction: INRIA Sophia-Antipolis • Other partners: • Intel Research Cambridge, Universidad Carlos III de Madrid, Université Catholique de Louvain, Università di Napoli, France Telecom (Lannion), Università di Pisa, Alcatel Italia, Telekomunikacja Polska • Goals: • Extend PlanetLab into new environments, beyond the traditional wired internet. • Deepen PlanetLab’s monitoring capabilities. • Provide a European administration for PlanetLab nodes in Europe.

  16. Goal: New Environments • Problem: PlanetLab nodes are connected to the traditional wired internet. • They are mostly connected to high-performance networks such as Abilene, DANTE, NRENs. • These are not representative of the internet as a whole. • PlanetLab does not provide access to emerging environments. • OneLab will place nodes in new environments: • Wireless: WiMAX, UMTS, and wireless ad hoc networks. • Wired: multihomed nodes. • Emulated: for new and experimental technologies.

  17. Goal: Deepen Monitoring • Problem: PlanetLab provides limited facilities to make applications aware of the underlying network • OneLab’s monitoring components • Passive monitoring: Track packets at the routers • Topology monitoring: Provide a view of the route structure

  18. PlanetLab Before OneLab

  19. PlanetLab After OneLab

  20. New Environments

  21. Monitoring Capabilities

  22. Goal: European Administration • Problem: Changes to PlanetLab must come through the administration at Princeton. • PlanetLab in the US is necessarily less responsive to European research priorities. • OneLab will create a PlanetLab Europe. • It will federate with PlanetLab in the US, Japan, and elsewhere. • The federated structure will allow: • PlanetLab Europe to set policy in accordance with European research priorities, • PlanetLab Europe to customize the platform, so long as a common interface is preserved.

  23. PlanetLab and GRID 5000 • Some goals in common • Some differences in architecture • Possibilities for cooperation between OneLab and GRID 5000

  24. Common goals • Test at the scale of the internet, with internet conditions • Test new architectures and services • Even radical departures from the current internet • PlanetLab a precursor to the GENI initiative

  25. Internet • GRID 5000 is at the scale of the internet • Reserved fibre to interconnect clusters • Cross-traffic can be injected, if wished • Ability to control and replay experiments • PlanetLab works over the internet • Connections between nodes pass via the public internet • Cross-traffic comes from the internet itself • Test services in a real setting • A challenged environment is interesting • PlanetLab provides services to internet users

  26. Clusters • GRID 5000 consists of clusters of many machines • To participate in GRID 5000, one signs up with one of the cluster administrators • Access is to university and state-sponsored research labs • There are typically two PlanetLab nodes to a site • To participate in PlanetLab, one provides two nodes • University and state-sponsored research labs pay no fees • For-profit organizations pay fees of $25K/yr.+ • Available for use by industry

  27. Virtualization • GRID 5000 designed for the installation of any OS on top of the hardware of any node • One OS per machine • PlanetLab designed for the installation of multiple virtual machines on top of a VMM (virtual machine manager) on any node • VMM currently linux-vserver • Could be xen-domain, or other • Virtual machines currently only Linux • Eventually could be any suitably adapted OS • GRID 5000’s OS could be a VMM, if desired

  28. Reservations • Users reserve GRID 5000 nodes • No two users have the same node at the same time • Users have access to completely unloaded machines • Users share PlanetLab nodes • The load affects the performance • Problems arise close to major conference deadlines • Services allow one to select a subset of nodes based on their load characteristics • Services allow one to make a reservation for higher priority on certain machines

  29. Cooperation • Test PlanetLab architectures on GRID 5000 • OneLab topology monitoring component will be tested on GRID 5000 • Joint work: Pierre Sens and Timur Friedman • Test GRID 5000 architectures on PlanetLab? • The European Commission invites such forms of cooperation

  30. Fin

  31. More About PlanetLab

  32. PlanetLab Architecture • What is the PlanetLab architecture? • more a question of synthesis than cleverness • Why is this the right architecture? • non-technical requirements • technical decisions that influenced adoption • What is a system architecture anyway? • how does it accommodate change (evolution)

  33. Requirements • Global platform that supports both short-term experiments and long-running services. • services must be isolated from each other • performance isolation • name space isolation • multiple services must run concurrently Distributed Virtualization • each service runs in its own slice: a set of VMs

  34. Requirements • It must be available now, even though no one knows for sure what “it” is. • deploy what we have today, and evolve over time • make the system as familiar as possible (e.g., Linux) Unbundled Management • independent mgmt services run in their own slice • evolve independently; best services survive • no single service gets to be “root” but some services require additional privilege

  35. Requirements • Must convince sites to host nodes running code written by unknown researchers. • protect the Internet from PlanetLab Chain of Responsibility • explicit notion of responsibility • trace network activity to responsible party

  36. Requirements • Sustaining growth depends on support for autonomy and decentralized control. • sites have the final say about the nodes they host • sites want to provide “private PlanetLabs” • regional autonomy is important Federation • universal agreement on minimal core (narrow waist) • allow independent pieces to evolve independently • identify principals and trust relationships among them

  37. Requirements • Must scale to support many users with minimal resources available. • expect under-provisioned state to be the norm • shortage of logical resources too (e.g., IP addresses) Decouple slice creation from resource allocation Overbook with recovery • support both guarantees and best effort • recover from wedged states under heavy load

  38. Tension Among Requirements • Distributed Virtualization / Unbundled Management • isolation vs one slice managing another • Federation / Chain of Responsibility • autonomy vs trusted authority • Under-provisioned / Distributed Virtualization • efficient sharing vs isolation • Other tensions • support users vs evolve the architecture • evolution vs clean slate

  39. Synergy Among Requirements • Unbundled Management • third party management software • Federation • independent evolution of components • support for autonomous control of resources

  40. Architecture (1) • Node Operating System • isolate slices • audit behavior • PlanetLab Central (PLC) • remotely manage nodes • bootstrap service to instantiate and control slices • Third-party Infrastructure Services • monitor slice/node health • discover available resources • create and configure a slice • resource allocation

  41. Princeton Berkeley Washington MIT Brown CMU NYU ETH Harvard HP Labs Intel NEC Labs Purdue UCSD SICS Cambridge Cornell … princeton_codeen nyu_d cornell_beehive att_mcash cmu_esm harvard_ice hplabs_donutlab idsl_psepr irb_phi paris6_landmarks mit_dht mcgill_card huji_ender arizona_stork ucb_bamboo ucsd_share umd_scriptroute … Trust Relationships Trusted Intermediary (PLC) N x N

  42. 2 4 3 1 Trust Relationships (cont) Service Developer (User) Node Owner PLC 1) PLC expresses trust in a user by issuing it credentials to access a slice 2) Users trust to create slices on their behalf and inspect credentials 3) Owner trusts PLC to vet users and map network activity to right user 4) PLC trusts owner to keep nodes physically secure

  43. 4 6 2 Service Developer (User) Node Owner Mgmt Authority 3 5 1 Trust Relationships (cont) Slice Authority 1) PLC expresses trust in a user by issuing credentials to access a slice 2) Users trust to create slices on their behalf and inspect credentials 3) Owner trusts PLC to vet users and map network activity to right user 4) PLC trusts owner to keep nodes physically secure 5) MA trusts SA to reliably map slices to users 6) SA trusts MA to provide working VMs

  44. PlanetLab Nodes Service Developers Owner 1 Owner 2 Owner 3 Owner N U S E R S Slice Authority Request a slice Create slices New slice ID Identify slice users (resolve abuse) Learn about nodes Auditing data Management Authority . . . Software updates . . . Access slice Architecture (2)

  45. node database MA Owner VM NM + VMM Node Owner Service Developer VM SCS slice database SA Architecture (3) Node

  46. PlanetFlow SliceStat pl_scs pl_mom SliverMgr Proper Linux kernel (Fedora Core) + Vservers (namespace isolation) + Schedulers (performance isolation) + VNET (network virtualization) Per-Node Mechanisms Node Mgr Owner VM VM1 VM2 VMn … Virtual Machine Monitor (VMM)

  47. VMM • Linux • significant mind-share • Vserver • scales to hundreds of VMs per node (12 MB each) • Scheduling • CPU • fair share per slice (guarantees possible) • link bandwidth • fair share per slice • average rate limit: 1.5Mbps (24-hour bucket size) • peak rate limit: set by each site (100Mbps default) • disk • 5 GB quota per slice (limit run-away log files) • memory • no limit • pl_mom resets biggest user at 90% utilization

  48. VMM (cont) • VNET • socket programs “just work” • including raw sockets • slices should be able to send only… • well-formed IP packets • to non-blacklisted hosts • slices should be able to receive only… • packets related to connections that they initiated (e.g., replies) • packets destined for bound ports (e.g., server requests) • essentially a switching firewall for sockets • leverages Linux’s built-in connection tracking modules

  49. Node Manager • SliverMgr • creates VM and sets resource allocations • interacts with… • bootstrap slice creation service (pl_scs) • third-party slice creation & brokerage services (using tickets) • Proper: PRivileged OPERations • grants unprivileged slices access to privileged info • effectively “pokes holes” in the namespace isolation • examples • files: open, get/set flags • directories: mount/unmount • sockets: create/bind • processes: fork/wait/kill

  50. Auditing & Monitoring • PlanetFlow • logs every outbound IP flow on every node • accesses ulogd via Proper • retrieves packet headers, timestamps, context ids (batched) • used to audit traffic • aggregated and archived at PLC • SliceStat • has access to kernel-level / system-wide information • accesses /proc via Proper • used by global monitoring services • used to performance debug services

More Related