Download presentation
Presentation is loading. Please wait.
Published byMarcia Kimberly Bradford Modified over 8 years ago
1
Networking Technologies for Cloud Computing USTC-INY5316 Instructor: Chi Zhang Fall 2015 Welcome to
2
Part 2: outline Introduction to Cloud Computing –amazon’s story –basic definitions of cloud computing –history of cloud computing –cloud computing techniques –cloud concerns (security…) 2
3
Larry on Cloud Computing The interesting thing about cloud computing is that we‘ve redefined cloud computing to include everything that we already do. ---Oracle CEO Larry Ellison 3 I can't think of anything that isn't cloud computing with all of these announcements
4
ICT as a fashion industry The computer industry is the only industry that is more fashion-driven than women's fashion. 4 ---Oracle CEO Larry Ellison
5
Who is amazon.com? amazon.com’s three businesses 5
6
Amazon web services 6
7
Global AWS infrastructure 7
8
AWS cloud services 8
9
IT usage patterns: tradional 9
10
IT usage patterns: cloud computing 10
11
IT usage patterns: cloud computing 11
12
Business benefits of cloud computing Elastic capacity Quick and easy deployment No CapEx, no initial investment Pay as you go, for what you use Automation and reusable components 12
13
Elastic capacity Scaling up and down in minutes No needto provision Optimize resources based on your needs Can easily manage unexpected peaks 13
14
Quick and easy deployment IT infrastructure is no longer a barrier Easier to test different solutions No need to wait for provisioning Shorter development cycles 14
15
No CapEx, no initial investment No initial investment needed No termination fees No commitments Clear pricing model (on the website) 15
16
Pay as you go, for what you use Pay for servers “by the hour” (on-demand) Pay for storage “per Gigabyte” per month Pay for data transfer “per Gigabyte” Easy to turn resources on/off (running costs) 16
17
Automation and reusable components Automation, less repetitive tasks (70/30 rule) Better management tools Focus on your business No need to build from scratch, but instead “reuse” 17
18
Business benefits of cloud computing: recap 18
19
What do customers run on AWS? Enterprise applications Media and web applications Big data, HPC, analytics Archive, disaster recovery Mobile and games 19
20
Cloud computing in China 20 For individuals: network bandwidth problem For small and medium-sized enterprises: perfect match! For big companies: security & privacy problem
21
Today’s agenda Introduction to Cloud Computing –amazon’s story –basic definitions of cloud computing –history of cloud computing –cloud computing techniques –cloud concerns (security…) 21
22
What is cloud computing? 22
23
Cloud computing word cloud 23
24
My cloud computing definition 24
25
NIST definition of cloud computing Cloud computing is a model for enabling ubiquitous, convenient, on- demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models 25
26
NIST definition of cloud computing NIST cloud model is composed of five essential characteristics, three service models, and four deployment models 26
27
Cloud computing characteristics 27 Common Characteristics: Low Cost Software Virtualization Service Orientation Advanced Security Homogeneity Massive Scale Resilient Computing Geographic Distribution Essential Characteristics: Resource Pooling Broad Network Access Rapid Elasticity Measured Service On Demand Self-Service
28
Essential characteristics 28 NO INTERNET = NO CLOUDING
29
Essential characteristics 29
30
Essential characteristics 30 Rapid Elasticity
31
Scalability To vertically scale up is to increase overall application capacity by increasing the resources within existing nodes. 31
32
Scalability To horizontally scale out is to increase overall application capacity by adding nodes. 32
33
Essential characteristics 33
34
Essential characteristics 34
35
Cloud component 35
36
Infrastructure as a Service (IaaS) 36
37
Platform as a Service (PaaS) 37
38
Software as a Service (PaaS) 38
39
Cloud service models 39 + Network
40
Customer vs. service provider 40
41
Simple service map 41
42
“X” as a Service 42
43
Cloud deployment models 43
44
Public cloud Definition: the services are delivered to the client via the Internet from a third party service provider. Example: Amazon 44
45
Private cloud Definition: these services are managed and provided within the organization. There are less restriction on network bandwidth, fewer security exposures and other legal requirements compared to the public Cloud. Example: HP Data Centers 45
46
Public cloud or private cloud? 46
47
Hybrid cloud Definition: there is a combination of services provided from public and private Clouds. Example: –ERP in Private cloud –Sales & Email on public 47
48
Community cloud Definition: Infrastructure shared by several organizations, targeting a specific community It may be for one organization or for several organizations, but they share common concerns such as their mission, policies, security, regulatory compliance needs, and so on. A community cloud may be managed by the constituent organization(s) or by a third party. 48
49
Summary: 5-4-3 definition 49 5 Essential Characteristics : 4 Deployment Models: Private cloud Public cloud Community cloud Hybrid cloud 3 Service Models: Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS)
50
Risks and Challenges Increased Security Vulnerabilities 50
51
Risks and Challenges Reduced Operational Governance Control 51
52
Risks and Challenges Limited Portability Between Cloud Providers 52
53
Risks and Challenges Multi-Regional Compliance and Legal Issues 53
54
Today’s agenda Introduction to Cloud Computing –amazon’s story –basic definitions of cloud computing –history of cloud computing –cloud computing techniques –cloud concerns (security…) 54
55
History of ICT techniques 55
56
Cloud, cloud, cloud… 56
57
Something old, something new Cloud computing is a revolutionary way of architecting & providing services based on evolutionary technical changes The cloud is something that you have been using for a long time now; it is the Internet. 57
58
ISP to cloud evolution 58
59
Computing techniques 59
60
Utility computing 60
61
IT does not matter 61
62
Grid computing 62
63
Grid computing 63
64
Grid vs. cloud 64 GridCloud Underlying conceptUtility Computing Main benefitSolve computationally complex problems Provide a scalable standard environment for network- centric application development, testing and deployment Resource distribution / allocation Negotiate and manage resource sharing; schedulers Simple user provider model; pay-per-use DomainsMultiple domainsSingle domain Character / historyNon-commercial, publicly funded Commercial
65
Distributed computing challenges 65 4) Cost 5) Security 2) Availability 3) Maintenance End Users 1) Scalability
66
The birth of cloud computing 66 Once upon a time… I’m Distributed Computing I allow computations to run on several networked computers I’m cool! I’m Utility Computing I package computing resources as a metered service I’m economic Cloud Computing They fell in love, and had a child…
67
Comparison 67 Amazon EC2 (August 2006) Google App Engine (April 2008) Microsoft Azure (Oct 2008) Facebook Platform (May 2007) Amazon S3 (March 2006) Salesforce AppExchange (March 2006)
68
Today’s agenda Introduction to Cloud Computing –amazon’s story –basic definitions of cloud computing –history of cloud computing –cloud computing techniques –cloud concerns (security…) 68
69
Google as an example 69
70
Computing paradigm Computing shifting to really small and really big devices 70
71
Hardware design philosophy Prefer low-end server/PC-class designs –Build lots of them! Why? –Single machine performance is not interesting Even smaller problems are too large for any single system Large problems have lots of available parallelism –Lots of commodity machines gives best performance/$ 71
72
Google 1997 @ Stanford 72
73
Google 1999 73
74
Google data center 2001 74
75
Google data center 2008 75
76
Data center as infrastructures 76 Google’s 36 world wide data centers (2008)
77
Future data center 77
78
Google’s top secrete 78
79
http://www.google.com/about/datacenters/ 79
80
Inter data center communication 80
81
Data center architecture 81 Requirements: High bandwidth Low latency Low power consumption
82
Data center architecture 82 Rack, ToR/Aggregate switch
83
Traditional scale-up model 83
84
Emerging scale-out model 84
85
Today’s production DCN structure 85 Aggregatio n switch (ToR switch) Top-of-Rack Core switch A Production DCN structure adopted from Cisco 1:1 1:5 ~ 1:20 1:240 Communication bottleneck
86
Research community: fattree 86 ToR Aggregation Core 16 Rearrangeably non- blocking, 1:1 provisioning
87
Network traffic characteristics The data centers can be classified in three classes: –university campus data centers –private enterprise data centers –cloud-computing data centers In some cases there are some common traffic characteristics (e.g., average packet size) in all data centers while other characteristics (e.g., applications and traffic flow) are quite different between the data center categories 87
88
Network traffic characteristics Applications: –campus data centers: HTTP traffic –private data centers and in data centers used for cloud computing: HTTP, HTTPS, LDAP, and DataBase (e.g., MapReduce) traffic Traffic flow locality: –data centers used by educational organization and private enterprises: intra-rack traffic ranges from 10 to 40% –data centers that are used for cloud computing: intra- rack communication up to 80% 88
89
Network traffic characteristics Traffic flow size and duration: –Most traffic flow sizes in the data center are considerably small (i.e., less than 10KB) and a significant fraction of these flows last under a few hundreds of milliseconds Concurrent traffic flows: –The average number of concurrent flows is around 10 per server in the majority of the data centers 89
90
Network traffic characteristics Packet size: –a bimodal pattern with most packet sizes clustering around 200 and 1,400 bytes –the packets are either small control packets or are parts of large files that are fragmented to the maximum packet size of the Ethernet networks (1,550 bytes). Link utilization: –link utilization inside the rack and in the aggregate level is quite low, while the utilization on the core level is quite high. –Inside the rack the preferable data rate links are 1 Gbps (in some cases each rack server hosts 2 or more 1 Gbps links), while in the aggregate and in the core network, 10Gbps are usually deployed. 90
91
Server data rate forecast 91
92
Bandwidth trend for networking & server I/O At 10Gb/s speeds and beyond, passive and active copper cables are impractical to use beyond a few meters of reach because of their bulky size, high loss at high data rates, and high required power consumption. 92
93
Power consumption Many data centers consume a tremendous amount of electricity; some consume the equivalent of nearly 180,000 homes The global demand for electricity from data centers was around 330bn kWh in 2007 (almost the same amount of electricity consumed by UK) This demand in power consumption demand is projected to more than triple by 2020 (more than 1,000bn kWh) The servers consume around 40% of the total IT power, storage up to 37% and the network devices consume around 23% of the total IT power Saving 1W from the IT equipment results in cumulative saving of about 2.84Win total power consumption 93
94
Optical interconnects 94
95
Optical network evolution 95
96
Virtualization 96 Hardware Operating System App Traditional Stack Hardware OS App Hypervisor OS Virtualized Stack
97
Virtual servers surpass physical Source: IDC 97
98
vSwitching and vMotion 98
99
Divide and Conquer (MapReduce) 99 “Work” w1w1 w2w2 w3w3 r1r1 r2r2 r3r3 “Result” “worker” Partition Combine
100
East-west traffic pattern 100
101
A very flexible IaaS platform 101
102
NaaS? Cloud Servers –On-demand, Elastic, Measured server provisioning Cloud Storage –Scalable/fault tolerant storage with object stores Cloud Networks –How to do on-demand, elastic, measured networking provisioning ? –How to program the network ? 102
103
Multi-tenancy 103 Physical Network Network Virtualization App Svr OS VM App Svr OS VM App Svr OS VM App Svr OS VM App Svr OS VM App Svr OS VM Tenant B Tenant A Tenant C App Svr OS VM App Svr OS VM Router
104
Capacity mismatch 104 CR AR S S S S S S S S A A A A A A … S S S S A A A A A A …... S S S S S S S S A A A A A A … S S S S A A A A A A … ~ 5:1 ~ 200:1 ~ 40:1
105
Size of the data center While economies of scale suggest that datacenters should be as large as possible, typically restricted by the amount of power available for the site, datacenters should also be distributed across the planet for fault tolerance and latency locality Ronald Coase: –Transaction cost –1937 paper: The Nature of the Firm –1991 Nobel Prize in Economic 105
106
Today’s agenda Introduction to Cloud Computing –amazon’s story –basic definitions of cloud computing –history of cloud computing –cloud computing techniques –cloud concerns (security…) 106
107
107 Pros and Cons
108
Networking challenges Conceptual model of the Internet supporting cloud computing 108
109
Access network 109
110
Transition network Traditional Internet, what is the problem? Architectural Stability –“Narrow Waist” –Everything over IP/IP over Everything Incremental Deployment –The persistence of the Internet’s architectural deficiencies is not because they are intellectually intractable, but because the current architecture puts them beyond the reach of incrementally deployable changes. Architectural Rigidity –The biggest problem with the current Internet architecture is not a particular functional deficiency, but its inability to accommodate innovation. 110
111
Clean-slate redesigns Clean-slate redesigns typically propose architectures that would be as static as our current one, presumably lasting relatively unchanged for a generation or more. Therefore, these clean-slate designs must not only meet current needs but also any future requirements that might arise in the next few decades. We do not believe we can predict the usage models for the Internet of 50 years hence. What we want: a clean-slate redesign without predicting the future 111
112
Supporting architectural evolvability What is architectural evolvability? –The ability to make gradual (but unlimited) changes in the entire architecture within the current market structure What are barriers to evolvability? –Protocols, formats, and information must be agreed upon by a large number of independent actors in the architecture; –There is no built-in mechanism that supports (and embraces) incremental deployment of new functionality with minimal friction; –ISPs have little incentive to deploy new architectures; –The coupling between architecture and infrastructure means that any significant architectural change involves sizable costs for vendors (for development) and network operators (for deployment). What makes an architecture evolvable? 112
113
Data center networking 113
114
Layer 2 vs. layer 3 114
115
Cloud concerns Yep Security is No 1 ! 115
116
A Cloud Technology Reference Model 116 Your Application Testing, Monitoring, Diagnostics and Verification Architectural Views Governance Life Cycle (Birth, Growth, Failure, Recovery, Death) Web of Metadata Categories, Capabilities, Configuration and Dependencies Resource Management Basic Monitoring Software & Hardware Infrastructure Facilities & Logistics Element Management (Split Responsibility) Element Management (Split Responsibility) Your Problem Their Problem
117
Software as a Service 117 Operating System Hypervisor Application Datacenter (Power, Cooling, Physical Security) Application Server MiddlewareDatabase CPUNetworking Storage YOUR DATA Backup Your Problem Their Problem
118
Platform as a Service 118 Operating System Hypervisor Your Application Datacenter (Power, Cooling, Physical Security) Application Server MiddlewareDatabase CPUNetworkingStorageBackup Your Problem Their Problem
119
Infrastructure as a Service 119 Your Operating System Hypervisor Your Application Datacenter (Power, Cooling, Physical Security) Your Application Server Your Middleware Your Database CPUNetworkingStorageBackup Your Problem Their Problem
120
Privacy in the cloud: encryption Encryption is the key element for privacy in the cloud Different encryption schemes –Symmetric –Asymmetric (PKI) Different encryption implementation –At Cloud provider –At third party –At the access device 120
121
Computing on encrypted data Privacy by design can be reached for cloud storage, but what if you want to process data in the cloud ? (Fully) Homomorphic encryption Searchable encryption Privacy-preserving techniques 121
122
Computing on encrypted data Wouldn’t it be nice to be able to… –Encrypt my data before sending to the cloud –While still allowing the cloud to search/sort/edit/… this data on my behalf –Keeping the data in the cloud in encrypted form Without needing to ship it back and forth to be decrypted 122 I want to delegate processing of my data, without giving away access to it.
123
Outsourcing computation privately 123 ClientServer/Cloud (Input: x )(Function: f) “I want to delegate the computation to the cloud” “I want to delegate the computation to the cloud, but the cloud shouldn’t see my input” Enc [ f( x ) ] Enc( x ) f
124
Alice’s jewelry store Alice’s workers need to assemble raw materials into jewelry But Alice is worried about theft –How can the workers process the raw materials without having access to them? 124
125
Alice’s jewelry store Alice puts materials in locked glovebox –For which only she has the key Workers assemble jewelry in the glovebox Alice unlocks box to get “results” 125
126
Outsourcing computation privately 126 $skj#hS28ksytA@ …
127
Outsourcing computation privately 127 $kjh9*mslt@na0 &maXxjq02bflx m^00a2nm5,A4. pE.abxp3m58bsa (3saM%w,snanba nq~mD=3akm2,A Z,ltnhde83|3mz{n dewiunb4]gnbTa* kjew^bwJ^mdns0
128
Asymmetric encryption 128 Merkle, Hellman and Diffie (1976)Shamir, Rivest and Adleman (1978) Encryption uses a public key, Decryption uses the secret key
129
Homomorphic encryption (Fully) Homomorphic Encryption –Homomorphic encryption: Form of encryption which allows operations on ciphertext without decrypting the ciphertext before –Big breakthrough: First Construction of fully homomorphic encryption (Gentry 09) –For practical implementation currently far too inefficient –High research activity Searchable Encryption –Symmetric searchable encryption –Asymmetric searchable encryption 129
130
FHE performance 130 DimensionKeyGenPK sizeAND 2048 800,000-bit integers 40 sec70 MByte31 sec 8192 3,200,000-bit integers 8 min285 MByte3 min 32768 13,000,000-bit integers 2 hours2.3 GByte30 min Large Medium Small Butler Lampson: “I don’t think we’ll see anyone using Gentry’s solution in our lifetimes…” – Forbes, Dec-19, 2011
131
Searchable encryption 131
132
Searchable encryption 132 Directly search on encrypted data without decryption on server side Encrypt word by word. For word W i –Block_ciphertext X i = E k (W i ), Word key k i = f k (X i ), Pseudorandom sequence T i = –Searchable_ciphertext C i = X i T i Search for a word W –Block_ciphertext X = E k (W), Word key k i = f k (X) –Check ciphertexts one by one to see if C X = (X i T i ) X is of the form for some random value s
133
Credentials 133 Org says Name Alice Address Birthdate Birthplace Citizenship … Alice Organization Service Reveals a lot of info on Alice! Org says Name Alice Address Birthdate Birthplace Citizenship …
134
Anonymous credentials 134 Alice Organization Service “I have a cred from Org saying WA resident Age >21” Cred from Org Name Alice Address Birthdate Birthplace Citizenship … Reveals only what Alice chooses to reveal Need not reveal her name (Need Accountability)
135
Anonymous credentials Alice Service “I have a cred from Org saying WA resident Age >18” Cred from Org Name Alice Address Birthdate Birthplace Citizenship … Organization Cannot Identify Alice (if her name is not provided) Learn anything beyond the info she gives (and what can be inferred) Distinguish two users with the same attributes Link multiple uses of the same credentials 135
136
Anonymous communication 136 User Tunnel Private Address Public Alias Address Real IP Address PNAT MIX1MIX2MIX3
137
Challenges: conflicting goals 137 Existing Services FunctionalityPerformance Confidentiality / Privacy High Low High Many Crypto Systems/Protocols Ideal State
138
138
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.