Architecture Overview Copyright 2016 Paperspace, Co. All Rights Reserved June - 1-2017 Technical Whitepaper
Paperspace Whitepaper: Architecture Overview Content 1. Overview 3 2. Virtualization 3 Xen Hypervisor 3 Virtual Machines 3 3. Networking 4 Public Traffic (Internet) 4 Private Traffic (Disk) 4 Public and Private IP Addresses 4 Customer Networks 5 4. Storage 7 Volumes 7 Shared Drives 7 Paperspace Copyright 2016 Paperspace, Co. All Rights Reserved -2-
Overview Cloud computing made simple Paperspace provides a managed cloud computing platform built on modern infrastructure, with options to integrate with your corporate network, customize security settings, configure networking and leverage various storage solutions. Paperspace provides: Virtual operating system environments, known as machines Various configurations for CPU, memory, storage, and GPU Secure login to your machines Persistent root storage volumes Shared storage Multiple physical datacenter locations, known as regions Virtual networks you can create that are logically isolated from the rest of the Paperspace cloud, and that you can optionally connect to your own network through a secure VPN tunnel. Virtualization A reliable, fast and secure hypervisor Xen Hypervisor The virtualization layer behind Paperspace is Xen, the de facto standard in cloudscale deployments. The hypervisor is an open source project maintained by the Linux Foundation and sponsored by Amazon, AMD, Cisco, Citrix, Google, Intel, Oracle, Samsung, Verizon and others. Xen is deployed in large production clouds such as Amazon Web Services, Linode and Rackspace. Virtual Machines Paperspace desktops are hardware virtual machines (HVM) which achieve near bare-metal performance. Machines are multi-tenant which means they run on shared hardware but are completely isolated at the hypervisor level. Paperspace provides each machine with a consistent and predictable amount of CPU, RAM and GPU capacity, regardless of its underlying hardware. Machines use persistent storage, ensuring a familiar experience, Copyright 2016 Paperspace, Co. All Rights Reserved - 3 -
comensurate with local computing. Networking Flexible, highly-available and fast Paperspace offers high-performance networking capabilities and various scenarios for isolation and connectivity. Public Traffic (Internet) Paperspace machines are connected to the internet through a 1 Gigabit, highly-available network. Private Traffic (Disk) Disk traffic runs over a 10 Gigabit, highly-available backend network. See the Storage section below for the IOPS and throuput performance of our different offerings. Public and Private IP Addresses Private IP addresses are not reachable over the Internet, and can be used for communication between the machines in your Private Network, if configured. Public IP addresses are reachable over the Internet, and can be used for communication between your machines and the Internet Private IP addresses When you launch a machine, a primary private IP address from the address range of the subnet is assigned to the default network interface. Each machine is also given an internal DNS hostname that resolves to the private IP address of the instance. Public IP addresses A public IP address is mapped to the primary private IP address through network address translation (NAT). When a public IP is provisioned, it is allocated from Paperspace s pool of public IP addresses and becomes associated with your account. When a public IP address is disassociated from your machine, it is not released back into the pool until you explicitly release it. This allows you to re-attach a known public IP to a different machine. This is commonly referred to as an elastic public IP. Copyright 2016 Paperspace, Co. All Rights Reserved - 4 -
Customer Networks Default Networking In the Default Networking configuration, every machine resides within it s own logically isolated network and cannot communicate with other machines, shared drives or other devices. In this scenario, a /30 (2 usable IPs) is carved out of an available pool of private IP space and assigned to the machine. From this /30, the first usable IP will be assigned to a sub-interface facing the customer network on the Router. The second usable (and only other usable) IP will be assigned to customer s VM. Traffic can flow through its gateway and NAT out to the Internet. Traffic to all other destinations is dropped. Should the customer change their IP, they will lose connectivity. Note: Unless a public IP address is added, all machines on a Default Network are not directly addressable on the web. Private Networking Private Networking can be added which establishes a dedicated virtual private network, logically isolated from other networks in the Paperspace cloud. Launching machines into your Private Network will allow them to communicate with each other. This virtual network closely resembles a traditional home or office network. Copyright 2016 Paperspace, Co. All Rights Reserved - 5 -
Private Networking is required for AD integration. The AD DC must reside within your Private Network unless a VPN is configured. Each private network is assigned a /16 from available private IP space. From this /16, the first usable IP will be assigned to a sub-interface facing the customer network on the Router. The second usable IP will be assigned to customer s first VM, and so forth. Traffic can flow through its gateway and NAT out to the Internet. Traffic to destinations within the Private Network is allowed. Should the customer change their IP(s), they will lose connectivity. Note: As in the Default Networking configuration, machines cannot be addressed directly from the internet unless a Public IP address is added. Private Gateway + VPN Private Networking is a prerequisite for establishing a VPN tunnel between your Paperspace network and other networks. Once in place, a VPN Private Gateway can be attached to your Private Network. When the VPN has been provisioned and configured on the customer side, all machines and shared drives within your Paperspace network will be directly addressable on your corporate network and visa versa. Paperspace supports IPsec VPN tunnels. A VPN is required for integrating with an AD domain that resides outside of your Private Network. Copyright 2016 Paperspace, Co. All Rights Reserved - 6 -
Storage Secure, resilient, and distributed Volumes Volumes provide a block-level storage device for use as the primary system drive on a Paperspace machine. Volumes appear to the operating system as locally attached storage which can be partitioned and formatted according to your needs. Volumes offer cost-effective storage that is ideal for a broad range of workloads. They are well suited to both applications that rely on random reads and writes, and to throughput-intensive applications that perform long, continuous reads and writes. These volumes deliver singledigit millisecond latencies and the ability to burst to 3,000 IOPS for extended periods of time. The throughput limit for PS volumes is 128 MiB/s. Regions: Volumes are region specific. Media: Volumes are backed by SSDs. Sizes: Volumes can be created in sizes ranging from 50 GB to 2 TB. Shared Drives Shared Drives are designed to provide a data source accessible to multiple machines concurrently. Drives are most commonly used to share files between machines and behave similar to a local office file server (commonly referred to as network attached storage or NAS). Drives are mounted using standard tools within the OS. Drives provide a file system interface and file system access control such Copyright 2016 Paperspace, Co. All Rights Reserved - 7 -
as strong consistency and file locking. All file systems deliver a consistent baseline performance of 50 MB/s per TB of storage, all file systems (regardless of size) can burst to 100 MB/s, Regions: Drives are region specific. Media: Drives are stored with a mix of SSDs and SAS drives with SSD caching. Sizes: Drives can be created in sizes ranging from 250 GB to 2 TB.* *Large sizes up to 16TB are available upon request. Copyright 2016 Paperspace, Co. All Rights Reserved - 8 -