Platzhalter für Bild, Bild auf Titelfolie hinter das Logo einsetzen RailCloud: A Reliable PaaS Cloud for Railway Applications Bijun Li, Rüdiger Kapitza TU Braunschweig 06.10.2016 This work is supported by Siemens international Rail Automation Graduate School (irags)
RailCloud PaaS Cloud for Railway Applications A PaaS cloud for railway applications Shared by small and medium-sized transportation companies Reliability and safety guarantee 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 2
PaaS Cloud in a Nutshell What is a PaaS Cloud? A computing platform for software development delivered over the Internet How to use it? Software developers can quickly deploy applications, without infrastructure management tasks Applications Platform (OS, Middleware, Runtime) Existing PaaS Clouds? Google App Engine (GAE), Microsoft Azure, OpenShift, Cloud Foundry etc. Recent evolvement with container technology Networking Storage Servers Virtualization 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 3
Existing PaaS Clouds? Reliability? Horizontal Scalability Usually for load balancing Tolerate crash-stop failures Goal of RailCloud Mostly for stateless applications Issues Lack of support for replicated stateful applications Cannot tolerate malicious attackers Load Balancer Easy deployment of replicated stateful applications with automatic coordination to guarantee reliability Easy deployment of legacy railway applications App App App App Complex deployment and coordination for cloud customers 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 4
Outline Reliability in PaaS Clouds RailCloud Design Byzantine Fault-Tolerant Applications in the Cloud Trusted Proxy: Making ted Systems Transparent Conclusion and Future Work 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 5
RailCloud Architecture Client 1 Client 2 RailCloud Trusted Proxy Trusted Proxy Trusted Proxy Trusted Proxy BFT BFT BFT BFT APP APP APP APP Host 1 Host 2 Host 3 Host 4 Developer Request/response Flow BFT Message Exchanges Built-in Service of RailCloud Application Deployment 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 6
Byzantine Fault Tolerance in the Cloud Byzantine Fault-Tolerance (BFT) Protocols Tolerate crash-stop failures and arbitrary and malicious behaviors 3f +1 replicas to tolerate f faults Req Rep Req Message exchanges for agreement Rep Rep Integration of BFT into Cloud Infrastructures Infrastructure level: Depsky, Fitch, TClouds etc. Middleware level: Thema etc. RailCloud: PaaS Level + Automatic Deployment Extension 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 7
Base of RailCloud OpenShift Origin v3 Docker container packaging Kubernetes container cluster management Application lifecycle management Developers OpenShift API Server Build Controller Kubernetes API Server Kube Controller Deployment Controller OpenShift Master Scheduler tion Controller Kubernetes Master Kube Proxy Kube Proxy Kube Proxy Container Container Container Docker Container Container Docker Kubelet Docker Kubelet Kubelet Container MASTER(S) NODE(S) 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 8
Implementation and Deployment BFT Service Layer BFT image (BFT-SMaRt) BFT pods BFT services Application Deployment Networking Connect each BFT service to application service Expose BFT services BFT Service BFT Container App Service App Container BFT Service BFT Service BFT Service BFT Container BFT Container BFT Container App Service App Service App Service App Container App Container App Container RailCloud 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 9
Trusted Proxy: Making ted Systems Transparent Why transparent? Minimum modifications to clients HTTPS connections Web-based railway applications Implements client-side BFT library Friendly to low-bandwidth clients No redundant requests/replies Hide details of replicated system Simple and secure interface to clients Throughput improvement 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 10
Trusted Proxy in RailCloud Secure connection Client Secure connection Client Message Flow Read Optimization En/decrypt Reply vote (Fast read cache) Trusted Proxy En/decrypt Reply vote (Fast read cache) En/decrypt Reply vote (Fast read cache) En/decrypt Reply vote (Fast read cache) Trusted Proxy Trusted Proxy Trusted Proxy Ordering + Execution Ordering + Execution Ordering + Execution Ordering + Execution Host 1 Host 2 Host 3 Host 4 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 11
Outline Reliability in PaaS Clouds RailCloud Design Byzantine Fault-Tolerant Applications in the Cloud Trusted Proxy: Making ted Systems Transparent Conclusion and Future Work 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 12
Conclusion and Future Work RailCloud Integrate BFT for reliability demands into PaaS Cloud Easy deployment of BFT applications Automatic coordination among replicated services Using trusted proxy to make replicated system transparent Future Work Explore more functions of trusted proxy 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 13
Appendix Related Works Bessani, A., Correia, M., Quaresma, B., Andre, F., Sousa, P.: Depsky: dependable and secure storage in a cloud-of-clouds. ACM Transactions on Storage (TOS) 9(4), 12 (2013) Cogo, V.V., Nogueira, A., Sousa, J., Pasin, M., Reiser, H.P., Bessani, A.: Fitch: Supporting adaptive replicated services in the cloud. In: DAIS 13 Garraghan, P., Townend, P., Xu, J.: Using byzantine fault-tolerance to improve dependability in federated cloud computing. International Journal of Software and Informatics 7(2), 221 237 (2013) Verissimo, P., Bessani, A., Pasin, M.: The tclouds architecture: Open and resilient cloud-of-clouds computing. In: Dependable Systems and Networks Workshops (DSN-W), 2012 IEEE/IFIP 42nd International Conference on. pp. 1 6. IEEE(2012) Merideth, M.G., Iyengar, A., Mikalsen, T., Tai, S., Rouvellou, I., Narasimhan, P.: Thema: Byzantine-fault-tolerant middleware for web-service applications. In: Reliable Distributed Systems (SRDS), 2005 24th IEEE Symposium on. pp. 131 140. IEEE (2005) 06.10.2016 Bijun Li RailCloud: A Reliable PaaS Cloud for Railway Applications Page 14