On the Design of Virtual Machine Sandboxes for Distributed Computing in Wide-area Overlays of Virtual Workstations

With recent advances in virtual computing and the revelation that compute-intensive tasks run well on system virtual machines (VMs), the ability to develop, deploy, and manage distributed systems has been ameliorated. This paper explores the design space of VM-based sandboxes where the following techniques that facilitate the deployment of secure nodes in wide-area overlays of virtual workstations (WOWs) are employed: DHCP-based virtual IP address allocation, self-configuring virtual networks supporting peer-to-peer NAT traversal, stacked file systems, and IPsec-based host authentication and end-to-end encryption of communication channels. Experiments with implementations of single-image VM sandboxes, which incorporate the above features and are easily deployable on hosted I/O VMMs, show execution time overheads of 10.6% or less for a batch- oriented CPU-intensive benchmark.

[1]  Ian T. Foster,et al.  Globus: a Metacomputing Infrastructure Toolkit , 1997, Int. J. High Perform. Comput. Appl..

[2]  Michael Goldweber,et al.  Virtual square (V2) in computer science education , 2005, ITiCSE '05.

[3]  Ian T. Foster,et al.  Virtual workspaces: Achieving quality of service and quality of life in the Grid , 2005, Sci. Program..

[4]  Paul V. Mockapetris,et al.  Domain names: Concepts and facilities , 1983, RFC.

[5]  Andrea C. Arpaci-Dusseau,et al.  Deploying Virtual Machines as Sandboxes for the Grid , 2005, WORLDS.

[6]  Renato J. O. Figueiredo,et al.  A case for grid computing on virtual machines , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..

[7]  David E. Culler,et al.  PlanetLab: an overlay testbed for broad-coverage services , 2003, CCRV.

[8]  Xiaomin Zhu,et al.  From virtualized resources to virtual computing grids: the In-VIGO system , 2005, Future Gener. Comput. Syst..

[9]  Renato J. O. Figueiredo,et al.  Virtual Computing Infrastructures for Nanoelectronics Simulation , 2005, Proceedings of the IEEE.

[10]  Nazareno Andrade,et al.  Labs of the World, Unite!!! , 2006, Journal of Grid Computing.

[11]  Ian T. Foster,et al.  Virtual Workspaces in the Grid , 2005, Euro-Par.

[12]  Ian T. Foster,et al.  From sandbox to playground: dynamic virtual environments in the grid , 2004, Fifth IEEE/ACM International Workshop on Grid Computing.

[13]  Erez Zadok,et al.  Unionfs: Bringing Filesystems Together , 2004 .

[14]  Miron Livny,et al.  Condor-a hunter of idle workstations , 1988, [1988] Proceedings. The 8th International Conference on Distributed.

[15]  P. Oscar Boykin,et al.  IP over P2P: enabling self-configuring virtual IP networks for grid computing , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[16]  David C. Plummer,et al.  Ethernet Address Resolution Protocol: Or Converting Network Protocol Addresses to 48.bit Ethernet Address for Transmission on Ethernet Hardware , 1982, RFC.

[17]  Klaus Wehrle,et al.  OCALA: An Architecture for Supporting Legacy Applications over Overlays , 2006, NSDI.

[18]  Stephen Childs,et al.  Deployment of Grid Gateways Using Virtual Machines , 2005, EGC.

[19]  Stephen Childs,et al.  A single-computer grid gateway using virtual machines , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[20]  Brian Vinter,et al.  Minimum intrusion grid - the simple model , 2005, 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05).

[21]  Xuxian Jiang,et al.  VIOLIN: Virtual Internetworking on Overlay Infrastructure , 2004, ISPA.

[22]  Ralph E. Droms,et al.  DHCP Options and BOOTP Vendor Extensions , 1993, RFC.

[23]  Wei Zhao,et al.  The Southeastern University Research Association Coastal Ocean Observing and Prediction Program: integrating marine science and information technology , 2005, Proceedings of OCEANS 2005 MTS/IEEE.

[24]  Peter A. Dinda,et al.  Towards Virtual Networks for Virtual Machine Grid Computing , 2004, Virtual Machine Research and Technology Symposium.

[25]  José A. B. Fortes,et al.  A virtual network (ViNe) architecture for grid computing , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[26]  Jeffrey Katcher,et al.  PostMark: A New File System Benchmark , 1997 .

[27]  Mischa Schwartz,et al.  ACM SIGCOMM computer communication review , 2001, CCRV.

[28]  David Brumley,et al.  Virtual Appliances for Deploying and Maintaining Software , 2003, LISA.

[29]  Klaus Waldschmidt,et al.  The Self Distributing Virtual Machine (SDVM) - Making Computer Clusters Heal Themselves , 2005, Parallel and Distributed Computing and Networks.

[30]  P. Oscar Boykin,et al.  WOW: Self-Organizing Wide Area Overlay Networks of Virtual Workstations , 2006, 2006 15th IEEE International Conference on High Performance Distributed Computing.

[31]  Paul V. Mockapetris,et al.  Domain names - implementation and specification , 1987, RFC.

[32]  Erez Zadok,et al.  Kernel korner: unionfs: bringing filesystems together , 2004 .