1 / 22

Resource containers: A new facility for resource management in server systems

Resource containers: A new facility for resource management in server systems. G. Banga, P. Druschel and J. Mogul Rice University Presented by: Bhuvan Urgaonkar. Motivation. Web servers should be able to Provide resource guarantees Counter DoS attacks Do accurate billing

evonne
Télécharger la présentation

Resource containers: A new facility for resource management in server systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Resource containers: A new facility for resource management in server systems G. Banga, P. Druschel and J. Mogul Rice University Presented by: Bhuvan Urgaonkar

  2. Motivation • Web servers should be able to • Provide resource guarantees • Counter DoS attacks • Do accurate billing • Shortcomings in OS abstractions • Process is unit of resource management • Apps have no control over resources kernel consumes for them => achieving above goals difficult

  3. Outline • Motivation • Shortcomings of OS Abstractions • Resource Containers • Performance Evaluation • Conclusions/Comments

  4. Resource Principals and Protection Domains • Resource Principals • Entities for which separate resource allocation and accounting done • Protection Domain • Entities that need to be isolated from each other • Popular Operating Systems • Process = resource principal • Process = protection domain

  5. A classical application • Process appropriate resource principal

  6. A network-intensive application • Resources consumed by kernel unaccounted => process inappropriate as resource principal

  7. A multi-process application • The resource principal should be the set of all processes

  8. Single-process MT application • Correct resource principal smaller than a process

  9. OS shortcomings: summary • OS unit of resource mgt. (process) often different from desired unit • Apps cannot control resource allocation to their activities • Inaccurate accounting and charging of resources • Incorrect scheduling decisions

  10. Resource container • Contains all system resources used for an independent activity • E.g. For a HTTP connection served by a web server • CPU time spent on the connection • sockets, PCBs, network buffers etc • Mechanisms for accurate accounting • Lazy Receiver Processing (LRP)

  11. Containers and CPU scheduling • Applications associate containers with independent activities • Dynamic binding between threads and containers • Thread’s consumption charged to right container

  12. Containers and CPU scheduling • Threads scheduled based on combined allocation and usage of all associated containers • Apps can associate scheduling info with activities • Threads within a container may be scheduled as the app pleases • Resource container hierarchy

  13. Other resources • Similar accounting mechanism possible for other resources • Support required to account for resources consumed by the kernel on behalf of applications

  14. Containers in a MT server • New container created for new connection • Serving thread bound to this container

  15. Containers in event-driven server • New container created for new connection • Thread’s binding changed as it serves different connections

  16. More examples • Different priorities to requests from different sources • Restrict resource consumption of certain requests • Defend against DoS attacks • Generating accurate bills

  17. Prototype implementation • Modifications to Digital UNIX 4.0D • CPU scheduler • TCP/IP subsystem: LRP • Server software: single-process, event-driven • Clients used the S-Client software

  18. Costs of new primitives • Throughput of server unchanged on modified kernel

  19. Prioritized handling of clients Number of concurrent low-priority clients

  20. Controlling resource usage of CGI processing Number of concurrent CGI requests

  21. Immunity against SYN-flooding SYN-Flood Rate (1000s of SYNs/sec)

  22. Conclusions • Resource container, an OS abstraction to explicitly identify a resource principal • Prototype implementation in Digital UNIX • Combined with accurate resource accounting (e.g., LRP) can help web servers provide differentiated QoS

More Related