<%BANNER%>

On the Design, Performance, and Management of Virtual Networks for Grid Computing

Permanent Link: http://ufdc.ufl.edu/UFE0024970/00001

Material Information

Title: On the Design, Performance, and Management of Virtual Networks for Grid Computing
Physical Description: 1 online resource (153 p.)
Language: english
Creator: Tsugawa, Mauricio
Publisher: University of Florida
Place of Publication: Gainesville, Fla.
Publication Date: 2009

Subjects

Subjects / Keywords: architecture, cloud, design, distributed, grid, management, network, overlay, performance, virtualization
Electrical and Computer Engineering -- Dissertations, Academic -- UF
Genre: Electrical and Computer Engineering thesis, Ph.D.
bibliography   ( marcgt )
theses   ( marcgt )
government publication (state, provincial, terriorial, dependent)   ( marcgt )
born-digital   ( sobekcm )
Electronic Thesis or Dissertation

Notes

Abstract: Contemporary distributed systems, exemplified by grid environments, involve resources spanning multiple administrative domains. Existing networking techniques and solutions do not necessarily apply since they are generally designed to be used in enterprise networks i.e., single administrative domain. The presence of firewalls and network address translation devices compromise the connectivity among resources across different sites, and considerable effort is required from site administrators to offer, when possible, a computing environment for distributed applications. In this scenario, grid administrators need privileged access to core network equipment of every site, and possibly of network providers, in order to manage the grid networking an unrealistic requirement. Even when resource providers agree to release the control of network equipment, heterogeneity in terms of vendor, hardware and firmware make the management and operation of such an environment difficult. This dissertation advocates the use of user-level network virtualization to address the networking problems in grid environments, since such virtualization can be designed to not require changes in the core network infrastructure and it can be easily deployed in regular computers i.e., desktops, servers, and laptops. To this end, this work (1) describes the design of a virtual network infrastructure identifying and satisfying the grid network needs; (2) thoroughly investigates implementation options and its implications in virtual network performance; and (3) presents a virtual network management architecture that can help both providers and end users in the operation of virtual networks. The results of this research are reflected in the ViNe middleware package implementing a flexible virtual network approach based on the deployment of user-level virtual routers, which are machines loaded with ViNe processing software. ViNe software allows for dynamic run-time configuration, a feature that facilitates the management of virtual networks through the use of tools and middleware that hide the complexity of configuration processes. ViNe software packet routing capacity, in excess of 800 Mbps, has the best user-level virtual network performance levels reported to date. Finally, mechanisms to address networking challenges unique to cloud computing environments are developed and evaluated using an extended version of ViNe, called TinyViNe. TinyViNe enables end users to deploy virtual networks on cloud environments without the need for specialized networking knowledge.
General Note: In the series University of Florida Digital Collections.
General Note: Includes vita.
Bibliography: Includes bibliographical references.
Source of Description: Description based on online resource; title from PDF title page.
Source of Description: This bibliographic record is available under the Creative Commons CC0 public domain dedication. The University of Florida Libraries, as creator of this bibliographic record, has waived all rights to it worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.
Statement of Responsibility: by Mauricio Tsugawa.
Thesis: Thesis (Ph.D.)--University of Florida, 2009.
Local: Adviser: Fortes, Jose A.

Record Information

Source Institution: UFRGP
Rights Management: Applicable rights reserved.
Classification: lcc - LD1780 2009
System ID: UFE0024970:00001

Permanent Link: http://ufdc.ufl.edu/UFE0024970/00001

Material Information

Title: On the Design, Performance, and Management of Virtual Networks for Grid Computing
Physical Description: 1 online resource (153 p.)
Language: english
Creator: Tsugawa, Mauricio
Publisher: University of Florida
Place of Publication: Gainesville, Fla.
Publication Date: 2009

Subjects

Subjects / Keywords: architecture, cloud, design, distributed, grid, management, network, overlay, performance, virtualization
Electrical and Computer Engineering -- Dissertations, Academic -- UF
Genre: Electrical and Computer Engineering thesis, Ph.D.
bibliography   ( marcgt )
theses   ( marcgt )
government publication (state, provincial, terriorial, dependent)   ( marcgt )
born-digital   ( sobekcm )
Electronic Thesis or Dissertation

Notes

Abstract: Contemporary distributed systems, exemplified by grid environments, involve resources spanning multiple administrative domains. Existing networking techniques and solutions do not necessarily apply since they are generally designed to be used in enterprise networks i.e., single administrative domain. The presence of firewalls and network address translation devices compromise the connectivity among resources across different sites, and considerable effort is required from site administrators to offer, when possible, a computing environment for distributed applications. In this scenario, grid administrators need privileged access to core network equipment of every site, and possibly of network providers, in order to manage the grid networking an unrealistic requirement. Even when resource providers agree to release the control of network equipment, heterogeneity in terms of vendor, hardware and firmware make the management and operation of such an environment difficult. This dissertation advocates the use of user-level network virtualization to address the networking problems in grid environments, since such virtualization can be designed to not require changes in the core network infrastructure and it can be easily deployed in regular computers i.e., desktops, servers, and laptops. To this end, this work (1) describes the design of a virtual network infrastructure identifying and satisfying the grid network needs; (2) thoroughly investigates implementation options and its implications in virtual network performance; and (3) presents a virtual network management architecture that can help both providers and end users in the operation of virtual networks. The results of this research are reflected in the ViNe middleware package implementing a flexible virtual network approach based on the deployment of user-level virtual routers, which are machines loaded with ViNe processing software. ViNe software allows for dynamic run-time configuration, a feature that facilitates the management of virtual networks through the use of tools and middleware that hide the complexity of configuration processes. ViNe software packet routing capacity, in excess of 800 Mbps, has the best user-level virtual network performance levels reported to date. Finally, mechanisms to address networking challenges unique to cloud computing environments are developed and evaluated using an extended version of ViNe, called TinyViNe. TinyViNe enables end users to deploy virtual networks on cloud environments without the need for specialized networking knowledge.
General Note: In the series University of Florida Digital Collections.
General Note: Includes vita.
Bibliography: Includes bibliographical references.
Source of Description: Description based on online resource; title from PDF title page.
Source of Description: This bibliographic record is available under the Creative Commons CC0 public domain dedication. The University of Florida Libraries, as creator of this bibliographic record, has waived all rights to it worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.
Statement of Responsibility: by Mauricio Tsugawa.
Thesis: Thesis (Ph.D.)--University of Florida, 2009.
Local: Adviser: Fortes, Jose A.

Record Information

Source Institution: UFRGP
Rights Management: Applicable rights reserved.
Classification: lcc - LD1780 2009
System ID: UFE0024970:00001


This item has the following downloads:


Full Text

PAGE 15

Gr id Computing

PAGE 16

Grid Networking Problem

PAGE 19

Solution Overview

PAGE 21

Contributions

PAGE 22

Organization

PAGE 23

Network Infrastructure for Grid Computing Problem D escription Full connectivity: Application friendly network programming model:

PAGE 24

Allow multiple independent and isolated networks to coexist: Platform independence: Management: Security: Grid Deployment Diffi culties in the Internet

PAGE 26

Virtual Network Approaches

PAGE 27

Virtual LAN (VLAN)

PAGE 29

Virtual Private Network (VPN)

PAGE 31

VNET Northwestern University

PAGE 33

SoftUDC vnet HP Labs.

PAGE 35

VIOLIN Purdue University

PAGE 37

X-Bone University of Southern California

PAGE 38

RON Massachusetts Institute of Technology

PAGE 40

Peer-to-peer (P2P) overlay networks

PAGE 41

OCALA University of California Berkeley

PAGE 43

IPOP University of Florida

PAGE 44

LogMeIn Hamachi Summary

PAGE 46

Virtual Networks for Grid Computing Network Address Space

PAGE 48

Network Interface

PAGE 49

Routing

PAGE 50

route

PAGE 53

Firewall traversal

PAGE 54

Design of a Vi rtual Ne twork (ViNe) Architecture f or Grid Computing

PAGE 57

ViNe Address Space and ViNe addresses ViNe Node Configuration

PAGE 58

ifconfig

PAGE 59

route ViNe Infrastructure

PAGE 60

Firewall traversal

PAGE 62

ViNe routing

PAGE 63

Multiple Isolated Virtual Networks

PAGE 64

Putting it all together

PAGE 65

Discussion

PAGE 68

Security Considerations Isolation between ViNe and the Internet: Physical network security reconfiguration: Attacks from the Internet:

PAGE 69

Attacks to the Internet: VR protection: ViNe node protection: V iNe Prototype Implementation VR -software components

PAGE 70

Configuration Module

PAGE 72

Packet Interception Module

PAGE 74

Packet Injection Module Routing Module

PAGE 77

ViNe Prototype VR performance

PAGE 79

ViNe performance

PAGE 82

Characterizing Network Virtualiza tion

PAGE 83

Experimental Setup

PAGE 84

Virtual Network Processing

PAGE 86

Encapsulation Overhead LineSpeed Eth MTU ON Transport IPMTU Throughputoverhead overhead header header

PAGE 87

820 840 860 880 900 920 940 960 980 0 20406080100120140160 ON overhead (bytes) Throughput (Mbps) TCP UDP LineSpeed ON IP Eth Eth MTU Transport IPMTU Throughputoverhead header overhead overhead header header

PAGE 88

Packet Interception

PAGE 89

localhost 0 50000 100000 150000 200000 250000 300000 350000 400000 0 200400600800100012001400 packet size (bytes) Interception throughput (packets/s) gigabit raw(lo) tun(lo) nf(lo) raw(eth) tun(eth) nf(eth) localhost localhost

PAGE 90

localhost Packet Injection 0 200000 400000 600000 800000 1000000 1200000 1400000 1600000 0 500 1000 1500 Packet size (bytes) Packet Injection Throughput (packets/s) gigabit raw(lo) tun(lo) raw(eth)

PAGE 91

localhost Routing

PAGE 92

0 50 100 150 200 1 101001000100001000001000000 Number of elements Access time (ns) Array Hashtable Virtual Links

PAGE 93

0 100 200 300 400 500 600 700 800 900 1000 64 192 320 448 576 704 832 960 1088 1216 1344 1472 Message size (bytes) Throughput (Mbps) C UDP(eth) Java UDP(eth) C TCP(eth) Java TCP(eth) Cryptographic Operations 0 10000 20000 30000 40000 50000 60000 70000 80000 90000 AES AES-CBC RC4 BlowfishBlowfishCBC DES DES-CBC 3DES3DESCBC Algorithm Encryption time (ns) 1 10 50 100 500 1000 1100 1200 1300 1400 1500

PAGE 94

0 2000 4000 6000 8000 10000 12000 14000 16000 18000 1 1050100500100011001200130014001500 Data length (bytes) Time (ns) MD5 SHA1 Compression

PAGE 95

0 20000 40000 60000 80000 100000 120000 140000 160000 180000 200000 0 200400600800100012001400 Block size (bytes) Time (ns) 0 0.5 1 1.5 2 2.5 Compress txt Decompress txt Compress bin Decompress bin Compress jpg Decompress jpg txt compression ratio bin compression ratio jpg compression ratio

PAGE 96

Discussion Gap Interframe preambleEthernet Ethernet FrameSize LineSpeed FrameRate localhost

PAGE 98

IP Forwarding Performance Interception Thread { Loop { intercept an IP packet; encapsulate into an UDP message; forward to another router us ing UDP; } } Injection Thread { create an UDP server socket; Loop { receive an UDP message; recover the IP packet; deliver/inject the IP packet to the destination; } }

PAGE 99

throughputTCP throughputUDP IP Fragmentation throughputTCP

PAGE 100

throughputUDP Packet Interception vs. Copy

PAGE 101

Java Forwarder P erformance Tuning Effects of Virtual Network Processing Time

PAGE 102

0 100 200 300 400 500 600 700 800 900 1000 0 10 20 30 40 50 Processing delay (us) Maximum Throughput (Mbps) C-TCP C-UDP Java-TCP Java-UDP

PAGE 103

Using Worker Threads 0 100 200 300 400 500 600 700 800 900 1000 05 101520253035404550 Packet processing time (us) TCP Throughput (Mbps) 0 1 2 3 4 0 50 100 150 200 250 1002003004005006007008009001000 Packet processing time (us) TCP Throughput (Mbps) 0 1 2 3 4

PAGE 104

Case Study: OpenVPN

PAGE 105

Improving ViNe libnet

PAGE 106

Summary

PAGE 107

ping

PAGE 109

Managed Network

PAGE 110

Challenges in Network Management

PAGE 111

User -level Virtual Network Management

PAGE 112

Security

PAGE 113

Configuration and Operatio n Monitoring and Tuning

PAGE 114

VR load balancing VR-to VR communication Heartbeat Traffic pattern SSH https ViNe Management Architecture

PAGE 115

ViNe Authority Address Allocation

PAGE 116

VN Creation and Tear down VN Merging and Splitting

PAGE 118

VN Membership

PAGE 119

Networking in Cloud Environments

PAGE 120

sky computing Network Protection in IaaS

PAGE 121

User -level Network Virtualization in IaaS

PAGE 122

Enabling Sky Computing

PAGE 125

TinyViNe Middleware Architecture and Organization

PAGE 126

Avoiding L2 Communication route

PAGE 128

Avoiding Packet Filtering TinyViNe Overlay Setup and Management

PAGE 129

wget curl

PAGE 130

Evaluation

PAGE 131

BLASTing On the Sky

PAGE 133

TinyViNe Overheads

PAGE 134

TinyViNe i ntrusion on o ther a pplications TinyViNe i mpact on c ommunication-intensive a pplications

PAGE 135

Summary

PAGE 137

Summary

PAGE 140

Future Work Connectivity recovery performance optimization Policy -driven VN management Overlay routing VN processing adaptation End -to -end QoS

PAGE 141

Source Code vine.core: vine.core.lownet vine.jni vine.security src |vine | ---core | -----lownet | ---jni | ---security | -----gsi | ---test | ---util

PAGE 142

vine.security.gsi vine.test vine.util Building ViNe ant dist vine.jar libvine.so make src/vine/jni Binary Code vine.jar libvine.so

PAGE 143

Running ViNe java -cp vine.jar vine.core.VirtualRouter Configuration java -cp vine.jar: log4j -1.2.15.jar vine.util.DefaultConfiguration # Datagram interception class: # Valid classes: vine.core.lownet.RawReader # vine.core.lownet.Tun # vine.core.lownet.Tap # vine.core.lownet.Netfilter vine.core.VirtualRouter.dic = vine.core.lownet.RawReader # Datagram interception device [et hx|tunx|tapx] vine.core.VirtualRouter.didev = eth1 # Datagram interception mode [eth|ip] vine.core.VirtualRouter.dimode = ip # Comma separated network/mask list to intercept. # Valid example: 192.168.240.0/20, 10.0.10.0/24 # 192.168.240.0/ 255.255.255.0 is not accepted. # This list is used for defining socket filters when applicable. vine.core.VirtualRouter.dinet = 192.168.240.0/20 # Length of datagram interception buffers in bytes. vine.core.VirtualRouter.dilen = 2048 # Maximum Transmissi on Unit typically 1500 bytes vine.core.VirtualRouter.mtu = 1500 # Default Router where all packets are forwarded when operating # the VR in full tunneling mode. Comma separated parameters should # follow the format below: # VNID, NetAddress, NetMask, VRID, VR, PROT, PORT, TYPE vine.core.VirtualRouter.defaultrouter = 0, 0.0.0.0, 255.255.255.255, 0, 0.0.0.0, 0, 0, 0

PAGE 144

ViNe .conf TinyViNe

PAGE 145

Int. J. High Performance Computing Applications, Grid computing: making the global infrastructure a reality et al. Future Gener. Comput. Syst., Proc. IEEE, et al.

PAGE 146

et al. IEEE Computer, et al. UNIX Network Programming: The Sockets Ne tworking API (vol. 1) The Virtual LAN Technology Report SCI: Scalable Coherent Interface, Architecture and Software for HighPerformance Compute Clusters Cisco IOS 12.0 Switching Services

PAGE 147

IEEE standard for local and metropolitan area networks virtual bridged local area networks et al. et al. IEEE Computer, et al. et al. IEEE Computer, et al.

PAGE 148

et al. et al. SIGOPS Oper. Syst. Rev ., e t al. et al. et al. et al. IEEE/ACM Trans. Netw., IEEE Inter net Computing, et al. et al. et al.

PAGE 149

et al. J. Grid Computing, et al. et al. Internetworking with TCP/IP: princip les, protocols, and architecture (vol. 1) et al. et al.

PAGE 150

et al. The Java Native Interface: Programmer's Guide and Specification et al. IEEE/ACM Trans. Netw., et al. IEICE Trans. Commun., et al. IEEE Micro,

PAGE 151

et al. et al. et al.

PAGE 152

et al. Computational Methods in Science and Technology, et al. et al. Journal of Molecular Biology,