Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cloud federation - SLAs

Similar presentations


Presentation on theme: "Cloud federation - SLAs"— Presentation transcript:

1 Cloud federation - SLAs
Christian Temporale, Hewlett Packard contrail is co-funded by the EC 7th Framework Programme under Grant Agreement nr contrail-project.eu

2 Agenda SLA concepts review Contrail SLA syntax SLA management
SLA terms Multilevel SLA management Federation Negotiation Provider/SLA selection SLA splitting contrail-project.eu

3 SLA concepts contrail-project.eu

4 SLA – Service Level Agreement
SLA: agreement (contract) between a Provider and a Consumer of a service A SLA is made of one or more SLOs SLO (Service Level Objective): it is a condition on a Term Term: measure of a given QoS or QoP attribute QoS (Quality of Service) attribute: it describes a specific measurable aspect of the quality of a service Examples: Response time, Throughput QoP (Quality of Protection) attribute: it describes a specific measurable aspect of the security of a service Examples: Authentication strength, Reputation, Resource location contrail-project.eu

5 Definitions of SLA ITIL (v3), Service Design Book – [A SLA is] an agreement between an IT Service Provider and a Customer. The SLA describes the IT service, documents Service Level Targets, and specifies the responsibilities of the IT Service Provider and the Customer. A single SLA may cover multiple IT Services or multiple customers. WS-Agreement specification - An agreement defines a dynamically-established and dynamically managed relationship between parties. The object of this relationship is the delivery of a service by one of the parties within the context of the agreement. The management of this delivery is achieved by agreeing on the respective roles, rights and obligations of the parties. The agreement may specify not only functional properties for identification or creation of the service, but also non-functional properties of the service such as performance or availability. Entities can dynamically establish and manage agreements via Web service interfaces. Contrail, D3.1 – A SLA is the part of a contract between the provider and the consumer of some service where the service itself is defined and the guarantees offered, usually by the provider, are stated. contrail-project.eu

6 SLA structure UUIDs: SLA ID and Template ID
SLA Validity UUIDs Parties Interface Declaration Variable Declaration Agreement Terms UUIDs: SLA ID and Template ID Validity: when the SLA is effective Parties: obliged parties: Provider and Customer Interface Declaration: identification of the Services that are object of the agreement Agreement Terms: Guarantees offered on the Services, including business attributes (price and penalties) contrail-project.eu

7 S L A A SLA template is… Like a pattern… …for a SLA
contrail-project.eu

8 SLAs and SLA Templates (SLA@SOI)

9 Agreement terms (SLA@SOI)
Description Detail Agreement terms contain Guaranteed States and/or Guaranteed Actions. contrail-project.eu

10 SLA syntax contrail-project.eu

11 BNF syntax of a simple SLA Template
sla_template { uuid = example_slat_1 // universally unique identifier for this SLAT sla_model_version = sla_at_soi_sla_model_v1.0 party { id = ACME role = provider } interface_declr { id = the_service // the ID used within the SLAT to refer to "TheService“ provider_ref = ACME interface_spec { // an "Interface.Specification“ name = TheService operation{ // an "Interface.Operation“ name = doStuff agreement_term { id = term_1 guaranteed_state { id = guaranteed_state_1 qos:completion_time(the_service) < 10s // a "ConstraintExpr“ UUID Provider party Interface declarations BNF (human-readable) syntax Only one party (the provider) because it’s a template Validity clauses are only in SLAs, not in SLA templates Variable declarations are optional Agreement terms contrail-project.eu

12 XML syntax of simple SLA Template 1/2
UUID Provider party Interface declarations BNF (human-readable) syntax Only one party (the provider) because it’s a template Validity clauses are only in SLAs, not in SLA templates Variable declarations are optional contrail-project.eu

13 XML syntax of simple SLA Template 2/2
Agreement terms BNF (human-readable) syntax Only one party (the provider) because it’s a template Validity clauses are only in SLAs, not in SLA templates Variable declarations are optional contrail-project.eu

14 SLA management contrail-project.eu

15 SLA Lifecycle Template definition Negotiation Provisioning Monitoring / Enforcement Expiration Templates are defined according to the available services Customer selects a SLA template Customer negotiates a SLA using a SLA template Provisioning: service execution Assessment and corrective actions during execution Termination and decommission of the service Text from: SLA Management Handbook - vol. 2 - Concepts and Principles, TeleManagement Forum, 2005 contrail-project.eu

16 Provider SLAM Architecture
Extternal user Provider SLAM initiateNegotiation negotiate createAgreement SLA Lifecycle manager & Negotiation VEP PE POC createCustomer SLA Enforcement PAC Web services SLA Repository Provisioning manager SLAR SLATR Provider architecture planned for next release is almost the same as the first release Objectives: automated SLA handling, ... createTemplate getSLA violation messages Monitoring contrail-project.eu

17 SLA negotiation and provisioning
contrail-project.eu

18 SLA enforcement contrail-project.eu

19 OVF (Open Virtualization Format)
OVF is a standard format used to describe multiple virtual resources, their properties and their connections Provisioning services in Contrail use OVF descriptors as input contrail-project.eu

20 Combining SLAs with OVF
Role of OVF: to describe resources Role of SLA: to express guarantees on services SLAs contain both a service description and guarantees about the service There is a semantic overlap between OVFs and SLAs for IaaS resources OVF SLA Logical Networks Resources description Virtual Machines Virtual Disks Startup instructions Validity period Service guarantees Price / Penalties Scaling rules Resource details Agreement Parties contrail-project.eu

21 Combining OVF and SLA Need a link between guarantees (SLA) and resources (OVF) To enforce SLA terms, resources referenced in the guarantees must be well known Need elasticity Contrail should support negotiation of long lasting SLAs for provisioning multiple OVFs A SLA should be defined independently from the OVFs to be provisioned Possible solutions Specific SLAs. They refer to specific appliances / OVF resources E.g. VM34 will have 8Gb of RAM Generic SLAs. They express guarantees that can be applied to all OVFs / appliances E.g. All VMs will have 4Gb of RAM contrail-project.eu

22 Specific SLAs Refer to a specific OVF file
Express guarantees about specific OVF items (e.g. Virtual Systems or VS Collections) VS Collection SLA OVF descriptor contrail-project.eu

23 Generic SLAs Do NOT refer to a specific OVF file
Express guarantees valid for all OVF appliances VS Collection SLA OVF descriptor contrail-project.eu

24 Specific SLA: reference to an OVF file
<slasoi:InterfaceDeclr> <slasoi:Text>Interface for overall OVF</slasoi:Text> <slasoi:Properties> <slasoi:Entry> <slasoi:Key>OVF_URL</slasoi:Key> <slasoi:Value>/opt/contrail/ ovf/lamp.ovf</slasoi:Value> </slasoi:Entry> </slasoi:Properties> <slasoi:ID>OVF-Descriptor-General</slasoi:ID> <slasoi:ProviderRef>ContrailProvider</slasoi:ProviderRef> <slasoi:Endpoint> <slasoi:Text/><slasoi:Properties /> <slasoi:ID>OVF-Endpoint</slasoi:ID> <slasoi:Location>VEP-ID</slasoi:Location> <slasoi:Protocol>http://www.slaatsoi.org/slamodel#HTTP</slasoi:Protocol> </slasoi:Endpoint> <slasoi:Interface> <slasoi:InterfaceResourceType> <slasoi:Name>OVFDescriptor</slasoi:Name> </slasoi:InterfaceResourceType> </slasoi:Interface> </slasoi:InterfaceDeclr> Reference type: OVF descriptor (file) contrail-project.eu

25 Specific SLA: reference to VirtualSystem
<slasoi:InterfaceDeclr> <slasoi:Text>Interface to specific OVF item</slasoi:Text> <slasoi:Properties><slasoi:Entry> <slasoi:Key>OVF_URL</slasoi:Key> <slasoi:Value>/opt/contrail/ ovf/lamp.ovf</slasoi:Value> </slasoi:Entry></slasoi:Properties> <slasoi:ID>OVF-Descriptor-LAMP</slasoi:ID> <slasoi:ProviderRef>ContrailProvider</slasoi:ProviderRef> <slasoi:Endpoint> <slasoi:Text/> <slasoi:Key>OVF_VirtualSystem_ID</slasoi:Key> <slasoi:Value>MyLampService</slasoi:Value> <slasoi:ID>VM-with-Linux-Apache-MySQL-PHP</slasoi:ID> <slasoi:Location>VEP-ID</slasoi:Location> <slasoi:Protocol>http://www.slaatsoi.org/slamodel#HTTP</slasoi:Protocol> </slasoi:Endpoint> <slasoi:Interface> <slasoi:InterfaceResourceType> <slasoi:Name>OVFAppliance</slasoi:Name> </slasoi:InterfaceResourceType> </slasoi:Interface> </slasoi:InterfaceDeclr> VirtualSystem ID inside the OVF Reference type: OVF appliance (VirtualSystem) contrail-project.eu

26 Negotiation model for specific SLA
Optimization problem: find “nearest” offer that fulfill user’s request Constraints: OVF (lower bound): provider can’t offer less than the request VM Handler (upper bound): provider can’t offer more than resource available OVF SLA Combined resources Provider Small VM Medium VM Big VM Resources available Proposal Map function Counter Offer

27 Pricing model Logic determining the price of the services in the SLA Offer: totalPrice = resourcesPrice + guaranteePrice resourcesPrice= (cpu_speed * cpu_speed_unit_price) + (vm_cores * vm_core_unit_price) + (memory * memory_unit_price) guaranteesPrice = (resourcesPrice * guaranteeModificationPricePercentage) It’s open and flexible to meet the particulars pricing policies of different cloud computing providers. It’s possible to associate a price for each individual resource (CPU, RAM, HDD, etc.), a specific OVF, or a particular VM configuration.

28 SLA terms contrail-project.eu

29 Classification of SLA Terms
Term type QoS (constraints on performance) QoP (level of protection) Evolvability Static (static properties, e.g. # of VM cores) Dynamic (non static props., e.g. RAM) Monitorability & Controllability Unobservable Observable Enforceable Categorization in a Quality Model (e.g. S-CUBE) Performance, Dependability, Reliability, Network-related, Infrastructure-related, Security, Auditability, Legal Observable Unobservable Enforceable contrail-project.eu

30 Quality Model new quality terms/categories contrail-project.eu
Figure 2 from D3.2 MTTF (Mean time to failure) MTTR (Mean time to repair) new quality terms/categories contrail-project.eu

31 Example QoS/QoP SLA Terms
Availability the probability that the cloud infrastructure is running over a predefined monitoring period (usually a month or a year) Virtualization factor ratio between virtual and physical CPU cores QoP Location country code where the resource (VM / storage) is located Isolation level depends on which measures are taken to ensure isolation between different users hosted on the same infrastructure (e.g. storage encryption, communication encryption, zero-filling released storage, …) See other example SLA terms in backup slides contrail-project.eu

32 SLA Terms supported in Contrail (v1.2)
Term name Description Type Evolv. Enforc. vm_cores number of cores assigned to a VM QoS static Enf. memory RAM size assigned to a VM dynamic cpu_speed CPU frequency assigned to a VM Enf. (*) cpu_load average system load over a 5-minute period location country code where the resource (VM / storage) is located QoP dynamic / static Obs. (*) quantized values contrail-project.eu

33 Additional SLA terms in next releases
Term name Description Type Evolv. Enforc. reservation Resources reservation QoS static Enf. co-location (rack) Location of VM in the same cluster/host minimum LoA Minimum level of authentication needed to access users’ resources QoP availability % of uptime of the whole provider infrastructure dynamic Obs. vm_cpu_load [5 min CPU avg load / # of cores] for the VM of a VirtualSystem host_cpu_load [5 min CPU avg load / # of cores] for the host of a VirtualSystem contrail-project.eu

34 Additional SLA terms in next releases /2
Term name Description Type Evolv. Enforc. location for storage replicas for the given volume are placed in the given countries QoP dynamic Obs. not-co-location (host) VMs are not allocated on the same cluster/host QoS static Enf. reliability for storage number N of replicas for the given volume bandwidth Applied to a single network defined in the OVF public IP address contrail-project.eu

35 Multilevel SLA management
contrail-project.eu

36 SLA Interaction Model … User negotiates a SLA with the Federation
Cloud user User negotiates a SLA with the Federation Federation negotiates SLAs with one or more providers, on behalf of the user SLAfed Contrail Federation Layer SLA1 Contrail Provider Layer Provider P1 IaaS1 Contrail Resource Layer PaaS1 SLAn Provider Pn IaaSn PaaSn contrail-project.eu

37 Future: integration of external providers
Cloud user External providers will be integrated in future versions of Contrail The interaction model will not change for the user SLAfed Contrail Federation Layer SLA1 Contrail Provider Layer Provider P1 IaaS1 Contrail Resource Layer PaaS1 SLAn Contrail Provider (Proxy) Layer External Provider Pn (Amazon, Azure, …) contrail-project.eu

38 SLAs in Contrail are the main pillars for Cloud Federations
Federation: abstraction of providers SLA+OVF is a unified way for expressing user requirements QoS/QoP requested by each customer can be satisfied irrespective of the provider Federation: broker of providers Provider selection is based on SLAs new market and business model for intermediate players Federation: small providers can join forces SLA splitting allows distributing application over multiple providers Cloud B C A B Federation Contrail breakthrough results /2 C A B contrail-project.eu

39 Added value of Contrail approach: Federation as a Virtualization of Clouds
Contrail Federations relieve the user from managing cloud providers Inner complexity is hidden to users Federated Identity Management Best / cheapest cloud provider is automatically selected based on user preferences Comparing SLAs and selecting the best provider opens new Cloud mediators market Automatic SLA negotiation allows Cloud providers to personalize their offer Worldwide Clouds made possible Contrail SLA management benefits contrail-project.eu

40 Contrail high level architecture
contrail-project.eu

41 SLA management in a Cloud Federation
Provider Selection Federation SLA Management Accounting Application Splitting Federated Identity Provisioning Manager CSP SLA Mgmt. CSP SLA Mgmt. CSP SLA Mgmt. Security Monitoring VEP VEP VEP Cloud Provider Cloud Provider Cloud Provider contrail-project.eu

42 Multilevel SLA Management Architecture
Federation Federation SLAM Provider SLAM SLA Negotiation SLA Negotiation VEP SLA Repository SLA Repository SLA Enforcement SLA Enforcement Provisioning Manager Provider architecture planned for next release is almost the same as the first release Objectives: automated SLA handling, ... Monitoring Hub Monitoring Manager Federation Accounting Provider Accounting contrail-project.eu

43 General interaction model
Cloud user Federation Provider IaaS / PaaS Resource Negotiate Select / Split SLA Enforcement action Provision Monitoring events Adjustment SLA violation There is no negotiation between the Provider and the Resource level because the assumption is that the provider OWNS the resources contrail-project.eu

44 User access and applications retrieval
contrail-project.eu

45 SLA negotiation /1 contrail-project.eu
Application criteria: defines main characteristics of the application (cpu bound, memory bound, etc.) contrail-project.eu

46 SLA negotiation /2 contrail-project.eu

47 Selection contrail-project.eu

48 Provider selection Happens during user-federation negotiation
Driven by user-specified preferences May be guided also by provider reputation, if the federation keeps track of it Roles: The federation component gives the list of providers to be contacted by the Federation SLAM It might even vary for each negotiation round The Federation SLAM negotiate the SLA template (proposal) with each provider and then selects the best SLA offers contrail-project.eu

49 User preferences Users drive the provider selection process by specifying user preferences during the negotiation User preferences include: Selection criteria (e.g. minimize price or maximize quality or even maximize penalties) Positive or negative preference on individual providers (e.g. not on Azure) contrail-project.eu

50 User criteria Each criterion is a pair {Guarantee Term, Weight}, weight {0, 1} Weight express the importance of the term for that criterion (max importance = 1). By default, the weight is considered 0. Currently supported terms: cpu_speed core_number memory price contrail-project.eu

51 Provider list and User criteria - Syntax
The Federation uses the SLA proposal itself to pass User criteria and Provider list to the Federation SLAM contrail-project.eu

52 Apply evaluation algorithm
Selection process Normalize terms Weight values Apply evaluation algorithm Order SLA offers Filter offers Offer guarantee terms are normalized versus user’s proposal e.g. value of offer guarantee term / value of proposal guarantee term User criteria are extracted from SLA Template proposal Normalized values are weighted using Criteria related weight e.g. normalized term value * term weight An evaluation algorithm is applied to the set of weighted values SLA offers are ordered according to the output values of the evaluation algorithm. SLA offers are filtered contrail-project.eu

53 Evaluation algorithms
Evaluation algorithms, used to order SLA offers, and so determine the best one, take into account user criteria weights for impacted terms in each offer The problem is transformed in maximizing the Euclidean distance of a point from the origin, in an n-dimensional space. Dimensions can be: Terms Terms x VirtualSystems SLA Offer1 SLA Offer2 Term-1 Term-2 PVS2,O1 PVS3,O1 PVS3,O2 PVS1,O1 PVS2,O2 Term-3 d PVS1,O2 Term-n contrail-project.eu

54 Evaluation algorithms
Different evaluation algorithms have been identified for ranking the SLA offers Based upon user criteria, one can privilege the offer including the most convenient VirtualSystem, etc. The Federation SLA Manager is configurable: the Federation Administrator can select the preferred algorithm, or can write their own Java class for it (implementing a common interface) contrail-project.eu

55 Algorithm example 1: best virtual system /1
For each VirtualSystem of each SLA offer, the algorithm computes the Euclidean distance from the origin of a t-dimensional point, t=NumTerms cpu_speed memory P(W1, W2, W3, W4) d_{j}=\sqrt{\sum_{i=1}^tWi^2 } W1 core_number d dj = distance of j-th VirtualSystem Wi = weighted value of i-th term price contrail-project.eu

56 Algorithm example 1: best virtual system /2
The SLA offers are ranked based on their VirtualSystems distances The best SLA Offer is the one including the farther VirtualSystem from origin SLA Offer1 SLA Offer2 Term-1 Term-2 PVS2,O1 PVS3,O1 PVS3,O2 PVS1,O1 PVS2,O2 Term-3 PVS1,O2 Term-n contrail-project.eu

57 Algorithm example 2: best mean offer /1
For each SLA offer, the algorithm computes the Euclidean distance from the origin of an {t*v}-dimensional point t=NumTerms, v=NumVirtualSystems SLA Offerj Term1-VS1 Term2-VS2 P dj Term3-VS3 d_{j}=\sqrt{\sum_{i=1}^tWi_1^ \sum_{i=1}^tWi_v^2} j = {1 .. NumOffers} Wi k = weighted value of i-th term for the k-th virtualSystem Term1-VS2 Term2-VS2 Termi-VSk contrail-project.eu

58 Algorithm example 2: best mean offer /2
The SLA offers are ranked based on their distances The best SLA Offer is the farthest one SLA Offerj Term1-VS1 Term2-VS2 Term3-VS3 P dj d_{j}=\sqrt{\sum_{i=1}^tWi_1^ \sum_{i=1}^tWi_v^2} Term1-VS2 Termi-VSk Term2-VS2 contrail-project.eu

59 Other algorithms Select the offer having the best “average” VirtualSystem Select the offer having the best VirtualSystem in relation to the average of the same VirtualSystem for the other n-1 offers Select the offer having the best average VirtualSystem in relation to the other offers contrail-project.eu

60 SLA splitting contrail-project.eu

61 Why splitting SLAs? The SLA (or application) requires services that cannot be found on only one provider E.g.: the customer wants to distribute its application in several countries The amount of resources required goes beyond what a single provider can offer (and guarantee) A service provider does not have to be the size of Amazon to participate in the Federation The required performance cannot be guaranteed by any single provider alone Scaling across multiple providers The Federation, according to its own risk management strategy, wants to distribute the risk of satisfying the user SLA An example of a good reason for splitting is when the customer wants to distribute its application in more than one country (e.g. to have local access point in several countries, or for legal/political reasons), say India and Canada. Either the Federation finds a single provider offering resources in both of these countries, or there is the need to split the user SLA… contrail-project.eu

62 Splitting SLAs The Federation splits the user SLA and assigns the resulting SLAs to multiple providers Three types of SLA splitting strategies are considered: Service-based SLA splitting Resource-based SLA splitting Performance-based SLA splitting Selection of the best split for a given SLA is a multi-objective optimization problem (total price, QoS offered, reputation…) Some terms cannot be split (invariant terms, typically QoP) Not only the SLA, but also the application must be split contrail-project.eu

63 Service-based SLA splitting
Cloud user Contrail Federation Layer SLAfed ServiceA ServiceB ServiceC SLA1 SLA2 ServiceB ServiceC Provider P1 Provider P2 Generation of several candidate splits, each with candidate providers Selection of the best split according to total price, QoS offered, reputation… contrail-project.eu

64 Resource-based SLA splitting
Generation … Selection … Penalties cannot be split Federation, according to its risk management strategy, may ask more to providers to have some tolerance Cloud user Contrail Federation Layer SLAfed 100 x ResourceA SLA1 60 x ResourceA SLA2 50 x ResourceA Provider P1 Provider P2 contrail-project.eu

65 Performance-based SLA splitting
Generation … Selection … Penalties… Tolerance… Common entry point with load balancing across providers More complex if Service not stateless Cloud user Contrail Federation Layer SLAfed 100 requests/sec SLA1 60 requests/sec SLA2 50 requests/sec Provider P1 Provider P2 contrail-project.eu

66 SLA splitting steps (without selection)
Simple case. SLA splitting can be combined with Provider selection: see next slide contrail-project.eu

67 SLA splitting with selection
contrail-project.eu

68 We Need You! Penalties support Support for new SLA terms
Provider Federation (requires a risk management algorithm) Support for new SLA terms New selection algorithms SLA splitting Cloud bursting Cloud bursting: Providers that need resources can ask the Federation itself for them contrail-project.eu

69 References Contrail web site
Public deliverables (SLA-related: D3.1, D3.2, D3.3, and D2.2): Provider SLA Manager online documentation: First version of Provider SLA Manager: Last release packages list (contrail-provider-sla and contrail-provider-tools): Contacts Cloud bursting: Providers that need resources can ask the Federation itself for them contrail-project.eu

70 Thank you!

71 http://contrail-project.eu contrail is co-funded by the
EC 7th Framework Programme Funded under: FP7 (Seventh Framework Programme) Area: Internet of Services, Software & Virtualization (ICT ) Project reference: FP7-IST Total cost: 11,29 million euro EU contribution: 8,3 million euro Execution: From till Duration: 36 months Contract type: Collaborative project (generic) contrail-project.eu

72 Backup slides

73 SLA@SOI vs WS-Agreement
WS-Agreement SLA Terms Service Terms Guarantee Terms Context Name SLA Validity UUIDs Parties Interface Declrs Variable Declrs Agreement Terms contrail-project.eu

74 Contrail current -and future- features
Multi-level SLA Negotiation At Federation level, users negotiate SLAs with the Federation At Provider level, the Federation negotiates SLAs with multiple Cloud Providers, on behalf of end users Provider selection: F-SLAM selects best SLA offer according to user criteria SLA splitting: SLA may be split among different cloud providers, according to their specific capabilities SLA Enforcement At provisioning time, monitoring of allocated resources is started at Provider level Support for proactive enforcement When SLA is violated, the SLA manager is informed and may take a (corrective) action. Scope of corrective actions depend on the level: resources (provider level) or cloud providers (federation level) Accounting The monitoring component records resource consumption information contrail-project.eu

75 SLAs – the Business side…
A service is a means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs and risks [ITIL v3 Overview] A Service Level Agreement (SLA) between a service provider and its customers will assure customers that they can get the service they pay for and will obligate the service provider to achieve its service promises [Jin] Failing to meet SLAs could result in serious financial consequences for a provider. Hence, service providers are interested in gaining a good understanding of the relationship between what they can promise in an SLA and what their IT infrastructure is capable of delivering [Jin] contrail-project.eu

76 Examples of SLA QoS terms
VM Cores VM CPU Speed VM Memory Size VM Quantity Appliance availability Infrastructure availability VM Disk Throughput Bandwidth (VM Net Throughput) Colocation Database transactions per second Web application requests per second MTTF - Mean time to Service Availability Failure MTTR - Mean time to Recovery from a Service Availability Failure Database query latency Key/Value store latency Map/Reduce makespan Bag of tasks makespan Bag of tasks execution cost contrail-project.eu

77 Examples of SLA QoP terms
Authenticated accesses Authorized accesses Isolation from external subjects Isolation among users Isolation from Cloud provider Integrity of users' data Communication Confidentiality Communication Integrity Operation logging Physical location contrail-project.eu

78 Violation message example

79 Pricing tables


Download ppt "Cloud federation - SLAs"

Similar presentations


Ads by Google