云计算数据中心中节能安全的虚拟机实时迁移研究
发布时间:2018-07-23 11:03
【摘要】:数据中心的低效率是一个普遍存在并且日益严重的问题。物价上涨和越来越多的环境危害影响企业投资前景,威胁企业的利润,并且需要监管机构的审查。除了运营的成本高外,一个主要的问题是排放二氧化碳(CO2)所带来的能源消费。越来越多的顾客开始考虑在选择“绿色”方面的产品和服务。除了环境问题,企业已经开始面临被标上“环境不友好”所带来的风险。减少二氧化碳的排放是一个十分重要的问题。为了取得进一步进展,必须用计算机系统来解决。 云计算作为一种并行与分布系统的形式组成了动态配置的相互连接和虚拟的计算机的一个集合。表现为一个或更多个建立在由服务器和客户端协商形成的服务协议上的统一计算资源。一些新兴的云计算基础设施/平台如谷歌的App Engine,微软的Azure,亚马逊EC2和Aneka等。从能源效率的角度来看,一个云计算数据中心可以被定义为大量的计算和通信资源,我们可以使用它将接收的功率转换为计算或数据传输工作,以满足用户的需求。云计算的一个含义为动态调整(相应增加或者减少)在白天或者在黑夜观察到的可预测的或者由访问模式变更而产生的;或者在应用服务上的一个微小的增加引起的满足需求变化和应用的资源的数量。云计算的这种性能对弹性应用(自动缩放)特别有效。如虚拟主机,信息传递,社交网络等都易受这种性能的影响。这些应用常常呈现出瞬间行为(使用模式)和根据临界时间和用户的互动模式(在线/离线)所需要的不同质量服务(QoS)要求。 计算虚拟化是创造一个虚拟的(而不是实际)的版本。如一个硬件平台,一个操作系统,一个存储设备或者一个网络资源。虚拟化是IT企业总体趋势的一部分。IT企业总体趋势还包括自动计算、在IT环境将能够管理自己基于知觉活动的一个场景。随着虚拟化技术的快速发展,大多数数据中心都采用了云计算来设计新一代的数据中心框架。这项技术所带来的好处包括,提高资源利用率,降低运营成本和简化服务器管理。服务器整合和虚拟机实时迁移也可以用来实现负载均衡和节能。 虚拟化是已广泛应用于现代数据中心云计算来实现服务器节能行动的创新。虚拟机(VM)迁移带来多种益处,如资源分布和能源意识到巩固。服务器整合实现了能源利用效率,使操作系统的多个实例同时运行在一台机器。随着虚拟化,它可能通过虚拟机实时迁移来巩固服务器。然而,虚拟机迁移带来额外的能源消耗和全面采用这项技术而导致脱轨的严重的安全问题。 虽然以前的工作提供了高效节能的虚拟机分配,但是虚拟机安全性在能耗方面还没有被广泛的研究。本文就是要填补这个由其他研究人员所忽视的不足。因次,本文对其它研究人员而言是互补性的,它提供了在现实世界中部署服务器整合和安全方面的一些有益的见解。 针对论文前面提到的问题,它指出了一些有用的研究方向,以更好地提高数据中心的能源效率。本文针对如何提高云计算数据中心能源效率问题基于时间轮转算法提出了详细的解决方案,同时针对实时迁移导致的安全缺陷提出了一种安全的迁移策略。首先,采用时间轮转算法作为虚拟机调度算法,以减少用于运行虚拟机的物理服务器数量,同时为确保迁移过程中的虚拟机安全,在已有的虚拟机监控器中引入了安全模块;其次,本文通过工作量配置控制器及工作负载迁移控制器管理服务器集群的工作量,工作量配置控制器包括模拟单一服务器上的多个应用程序工作负载分配的组件和基于遗传算法用于检索服务器中大量可替换的工作量并记录发现的最好解决方案的优化搜索组件,工作量负载迁移控制器是一个基于模糊逻辑的反馈控制回路,此控制器初始化时记录所有相关服务器最近负载情况及工作量,并确定协调服务器负载均衡的适当行动,其顾问模块持续监控服务器的资源利用率,在资源利用率过高或过低时触发模糊控制模块采取适当的行动使服务器资源利用率恢复均衡;最后,本文深入论述了虚拟机实时迁移过程中已知的安全隐患,针对这些安全隐患本文提出了种安全迁移策略,此策略通过确保安全进程的存储页在迁移过程中对其他进程或操作系统是不可见的,保证虚拟机实时迁移过程中的完整性和隐私保护,以消除实时迁移导致的安全缺陷。 本文介绍了当前可用的仿真器,通过比较给出了为什么本文会选择CloudSim作为仿真框架。然后对CloudSim框架的细节进行了深入的研究,并对其进行修改以使其适应本文的需求。当前可用的云计算仿真器还比较少,CloudSim可能是其中最复杂的一个。相比GreeenCloud仿真器,CloudSim提供了更精确的时间单位。GreenCloud支持带期限的工作量,但是只有简单的单核服务器的调度策略,MDCSim的工作量仅仅被描述为计算需求,而且限定没有数据的迁移。CloudSim可以实现基于资源的虚拟化技术的复杂调度和任务执行策略。另外,CloudSim还支持能源节省和能源模型。其方便的可扩展性和可用性,使得它成为本文方案中的首选。 CloudSim采用多层次的软件框架和架构构件设计。主要分为用户代码层和核心层。用户代码层可以指定仿真的相关设置,包括仿真的场景,用户的需求,应用的配置以及用户和数据中心的调度协议等,核心层包括了供用户代码层使用的接口,虚拟机服务,网络拓扑设置,云服务资源以及调度策略等。CloudSim框架提供了基本的模型和实体来实现验证和评价能耗敏感的扩展的技术和算法。本文对CloudSim进行了一系列的扩展使得它能够在资源和虚拟机层次模拟高效能耗敏感配置策略。通过扩展处理单元(PE)对象使其包括一个额外的能耗模型对象,来管理每个云主机基础上的能源消耗。为了支持不同的功耗模式和电源管理技术,如动态电压和频率缩放(DVFS)的建模与仿真,本文提供了一个抽象的实施称为PowerModel。该抽象类已经由一个PE的模拟定制能源消费模式来扩展。论文重写了该类的getPower方法,该方法的的输入参数是云主机的当前利用率,输入参数为当前的能源消耗值。该改进使得CloudSim能够创造需要实时能耗信息的能耗敏感配置协议,而且还能统计系统仿真器件的能源消耗总和。 本论文还基于CloudSim实现了安全模块。CloudSim实体实时产生的每一个事件将被存储在队列中,这类事件被称为未来事件。这些事件按时间参数顺序插入到队列中。接下来,事件模拟的每一步调度都将使得事件从未来事件队列中删除,并转移到延迟事件队列。在此之后,一个事件处理方法和安全模块被每个实体调用,从延迟事件队列中选择事件并执行相应的动作。这样的组织,允许仿真器灵活的组织,并提供了虚拟机保护与防止重放攻击、实体的钝化和在模拟运行时中止并重新启动的强有力的功能。 针对本文提出的算法,本文进行了仿真实验,实验中使用CloudSim框架进行修改,证明该方法是有效的。在本文中提出两种实验来评估该算法,第一组的测试实验是采用两层(2T)、三层(3T)及三层高速架构(3Ths)的方法,先是固定计算节点的数量为1500,对比原因是三种拓扑结构数量和互联网交换机的不同。第二组实验是验证所提出的节能技术VM配置技术的有效性。在这个实验中,本文研究比较了两个节能资源管理技术相对一个基准琐碎技术,并没有考虑在VM优化配置期间到主机。基准测试技术是处理器在最大频率下工作,该种情况下进行操作能使处理能力达到最高。在实验中通过CloudSim提供的工具包来估计该算法,CloudSim工具包提供了一些新特性,另外还有其提供的独特功能有可用的虚拟化引擎和灵活处理核心共享空间和时间共享之间的切换分配到虚拟化服务。 从实验结果可以使我们确信采用动态循环制算法来进行服务器整合在要求绝对安全的数据中心下对降低能耗是一种非常可行的解决方案。在虚拟机迁移中使用动态循环算法应用于服务器整合是一个以减少数据中心能源消耗,而不会危及安全的非常可行的解决方案。与现有的方案,如动态电压频率缩放相比,我们的策略也有较低的软件许可侵犯。实验证明,提出的在迁移过程中缓解安全策略,对著名的虚拟机的攻击,如恢复订购和重放攻击是可行的。
[Abstract]:The low efficiency of the data center is a widespread and increasingly serious problem. Rising prices and increasing environmental hazards affect enterprise investment prospects, threaten business profits, and require regulatory scrutiny. In addition to the high cost of operation, a major problem is the energy consumption caused by the emission of carbon dioxide (CO2). The more customers begin to consider the "green" products and services. In addition to the environmental problems, enterprises have begun to face the risk of being labeled "environmentally unfriendly". Reducing carbon dioxide emissions is a very important problem. In order to make further progress, the computer system must be used to solve it.
Cloud computing forms a set of dynamically configured interconnections and virtual computers as a form of parallel and distributed systems. It represents one or more unified computing resources built on service protocols formed by server and client negotiation. Some emerging cloud computing infrastructure / platforms, such as Google's App Engi NE, Microsoft's Azure, Amazon EC2 and Aneka, and so on. From an energy efficiency point of view, a cloud computing data center can be defined as a large number of computing and communication resources, and we can use it to convert the received power into computing or data transmission to meet the user's needs. One of the meaning of cloud computing is dynamic adjustment (Xiang Yingzeng Additive or reduced) predictability or changes in access patterns observed during the day or in the night; or the number of resources that meet demand changes and applications in a small increase in application services. This performance of cloud computing is particularly effective for elastic applications (automatic scaling), such as virtual hosts. Transmission, social networks, etc. are easily affected by this performance. These applications often present instantaneous behavior (use pattern) and the different quality service (QoS) requirements required by the critical time and user's interactive mode (online / offline).
Computational virtualization is a virtual (rather than practical) version, such as a hardware platform, an operating system, a storage device, or a network resource. Virtualization is part of the overall trend of the IT enterprise, and the overall trend of the.IT enterprise includes automatic computing, and a field that will be able to manage its own perception based activities in the IT environment. With the rapid development of virtualization technology, most data centers have adopted cloud computing to design a new generation of data center frameworks. The benefits of this technology include improving resource utilization, reducing operating costs and simplifying server management. Server integration and virtual machine real-time migration can also be used to achieve load balancing. And energy saving.
Virtualization is an innovation that has been widely used in modern data center cloud computing to achieve server energy saving action. Virtual machine (VM) migration brings many benefits, such as resource distribution and energy awareness to consolidate. Server integration implements energy efficiency and makes multiple instances of the operating system run on a machine at the same time. With virtualization, it can The virtual machine can be migrated to consolidate the server. However, the virtual machine migration brings additional energy consumption and the full use of this technology, which leads to the serious security problem of derailment.
Although previous work provides efficient and energy-efficient virtual machine allocation, virtual machine security has not been widely studied in terms of energy consumption. This article is to fill this inadequacy that is ignored by other researchers. This article is complementary to other researchers, which provides the deployment of servers in the real world. Some useful views on combination and safety.
In view of the problems mentioned above, it points out some useful research directions to better improve the energy efficiency of the data center. This paper presents a detailed solution based on the time rotation algorithm on how to improve the energy efficiency of the cloud computing data center. At the same time, a kind of security defect caused by real-time migration is put forward. First, the time rotation algorithm is used as a virtual machine scheduling algorithm to reduce the number of physical servers used to run the virtual machine. At the same time, in order to ensure the security of the virtual machine in the migration process, the security module is introduced in the existing virtual machine monitor. The load migration controller manages the workload of the server cluster, and the workload configuration controller includes components that simulate multiple application workload allocation on a single server and an optimized search component based on a genetic algorithm for retrieving a large amount of replaceable workload in the server and recording the best solution for the discovery, and the workload load The migration controller is a feedback control loop based on fuzzy logic, which is initialized to record the load and workload of all related servers and to determine the appropriate action to coordinate the load balance of the server. The consultant module continuously monitors the resource utilization of the server and triggers the mode when the resource utilization rate is too high or too low. The paste control module takes appropriate action to restore the balance of server resource utilization. Finally, this paper discusses the hidden security risks known in the process of real time migration of virtual machines. In this paper, a security migration strategy is proposed for these hidden dangers. This strategy ensures that the storage page of the security progress is used in the migration process to other processes. Or the operating system is invisible to ensure the integrity and privacy protection of the virtual machine during real-time migration, so as to eliminate the security defects caused by real-time migration.
This article introduces current available emulators, and gives a comparison of why this article selects CloudSim as a simulation framework. Then, the details of the CloudSim framework are deeply studied and modified to adapt to the requirements of this article. The current available cloud computing simulator is still relatively small, and CloudSim may be the most complex. One. Compared to the GreeenCloud emulator, CloudSim provides a more precise time unit.GreenCloud to support the workload of the time limit, but only a simple single kernel server scheduling strategy, the workload of the MDCSim is only described as the computing requirement, and the limited data free migration.CloudSim can implement resource based virtualization technology. In addition, the CloudSim also supports energy saving and energy models. The convenience of scalability and availability makes it the first choice in this paper.
CloudSim uses a multilevel software framework and architecture component design. It is divided into user code layer and core layer. The user code layer can specify simulation settings, including simulation scenarios, user requirements, application configuration, and scheduling protocols for users and data centers. The core layer includes the interface for user code layer. .CloudSim frameworks such as virtual machine services, network topology settings, cloud service resources, and scheduling policies provide basic models and entities to validate and evaluate energy sensitive extension techniques and algorithms. A series of extensions to CloudSim are made in this paper to enable it to simulate efficient energy consumption sensitive matching at the source and virtual machine levels. In order to support different power consumption patterns and power management technologies, such as dynamic voltage and DVFS modeling and simulation, this paper provides an abstract implementation called PowerMod. This article provides an abstract implementation called PowerMod. El. this abstract class has been extended by a PE simulation custom energy consumption pattern. The paper rewrites the getPower method of this class. The input parameter of this method is the current utilization of the cloud host and the input parameter is the current energy consumption value. This improvement enables the CloudSim to create an energy consumption sensitive configuration protocol that requires real-time energy consumption information. It can also calculate the total energy consumption of the system simulation device.
On the basis of CloudSim, each event generated by the security module.CloudSim entity will be stored in the queue, which is called the future event. These events are inserted into the queue in a time parameter order. Next, each step of the event simulation will make the event delete from the future event queue and turn the event into the queue. Move to the delay event queue. After that, an event processing method and security module are called by each entity, selecting events from the delayed event queue and performing corresponding actions. Such organizations allow the emulator to be organized flexibly, and provide a virtual machine protection and prevention of replay attacks, the inactivation of the entity, and the discontinuation of the simulation run. And reboot the powerful function.
In this paper, a simulation experiment is carried out in this paper. In the experiment, the CloudSim framework is used to modify the method to prove that the method is effective. In this paper, two experiments are proposed to evaluate the algorithm. The first test experiment is the method of using two layers (2T), three layers (3T) and three layer high speed architecture (3Ths). First, the number of fixed computing nodes is fixed. For 1500, the comparison is due to the difference between the number of three topology structures and the Internet switch. The second set of experiments is a validation of the effectiveness of the proposed energy saving technology VM configuration technology. In this experiment, this paper compared two energy saving resource management technologies relative to a benchmark trivial technique, and did not consider the owner to the master during the optimal configuration. The standard test technique is the processor working at the maximum frequency, in which the operation makes the highest processing power. In the experiment, the algorithm is estimated by the tool package provided by the CloudSim, the CloudSim toolkit provides some new features, and the unique features provided by it have the available virtualization engines and flexibility. The switch between core sharing and time sharing is allocated to virtualization services.
From the experimental results we can make sure that the use of dynamic cyclic algorithm for server integration is a very feasible solution to reduce energy consumption in a data center requiring absolute security. In virtual machine migration, the application of dynamic loop algorithm to server integration is one to reduce the energy consumption of data centers, but not A very feasible solution that endangers security. Compared with existing schemes, such as dynamic voltage scaling, our strategy also has a lower software license violation. Experiments show that the proposed mitigation strategy in the migration process, the attack on the famous virtual machine, such as restoring order and replay attacks, is feasible.
【学位授予单位】:中南大学
【学位级别】:硕士
【学位授予年份】:2012
【分类号】:TP308
本文编号:2139193
[Abstract]:The low efficiency of the data center is a widespread and increasingly serious problem. Rising prices and increasing environmental hazards affect enterprise investment prospects, threaten business profits, and require regulatory scrutiny. In addition to the high cost of operation, a major problem is the energy consumption caused by the emission of carbon dioxide (CO2). The more customers begin to consider the "green" products and services. In addition to the environmental problems, enterprises have begun to face the risk of being labeled "environmentally unfriendly". Reducing carbon dioxide emissions is a very important problem. In order to make further progress, the computer system must be used to solve it.
Cloud computing forms a set of dynamically configured interconnections and virtual computers as a form of parallel and distributed systems. It represents one or more unified computing resources built on service protocols formed by server and client negotiation. Some emerging cloud computing infrastructure / platforms, such as Google's App Engi NE, Microsoft's Azure, Amazon EC2 and Aneka, and so on. From an energy efficiency point of view, a cloud computing data center can be defined as a large number of computing and communication resources, and we can use it to convert the received power into computing or data transmission to meet the user's needs. One of the meaning of cloud computing is dynamic adjustment (Xiang Yingzeng Additive or reduced) predictability or changes in access patterns observed during the day or in the night; or the number of resources that meet demand changes and applications in a small increase in application services. This performance of cloud computing is particularly effective for elastic applications (automatic scaling), such as virtual hosts. Transmission, social networks, etc. are easily affected by this performance. These applications often present instantaneous behavior (use pattern) and the different quality service (QoS) requirements required by the critical time and user's interactive mode (online / offline).
Computational virtualization is a virtual (rather than practical) version, such as a hardware platform, an operating system, a storage device, or a network resource. Virtualization is part of the overall trend of the IT enterprise, and the overall trend of the.IT enterprise includes automatic computing, and a field that will be able to manage its own perception based activities in the IT environment. With the rapid development of virtualization technology, most data centers have adopted cloud computing to design a new generation of data center frameworks. The benefits of this technology include improving resource utilization, reducing operating costs and simplifying server management. Server integration and virtual machine real-time migration can also be used to achieve load balancing. And energy saving.
Virtualization is an innovation that has been widely used in modern data center cloud computing to achieve server energy saving action. Virtual machine (VM) migration brings many benefits, such as resource distribution and energy awareness to consolidate. Server integration implements energy efficiency and makes multiple instances of the operating system run on a machine at the same time. With virtualization, it can The virtual machine can be migrated to consolidate the server. However, the virtual machine migration brings additional energy consumption and the full use of this technology, which leads to the serious security problem of derailment.
Although previous work provides efficient and energy-efficient virtual machine allocation, virtual machine security has not been widely studied in terms of energy consumption. This article is to fill this inadequacy that is ignored by other researchers. This article is complementary to other researchers, which provides the deployment of servers in the real world. Some useful views on combination and safety.
In view of the problems mentioned above, it points out some useful research directions to better improve the energy efficiency of the data center. This paper presents a detailed solution based on the time rotation algorithm on how to improve the energy efficiency of the cloud computing data center. At the same time, a kind of security defect caused by real-time migration is put forward. First, the time rotation algorithm is used as a virtual machine scheduling algorithm to reduce the number of physical servers used to run the virtual machine. At the same time, in order to ensure the security of the virtual machine in the migration process, the security module is introduced in the existing virtual machine monitor. The load migration controller manages the workload of the server cluster, and the workload configuration controller includes components that simulate multiple application workload allocation on a single server and an optimized search component based on a genetic algorithm for retrieving a large amount of replaceable workload in the server and recording the best solution for the discovery, and the workload load The migration controller is a feedback control loop based on fuzzy logic, which is initialized to record the load and workload of all related servers and to determine the appropriate action to coordinate the load balance of the server. The consultant module continuously monitors the resource utilization of the server and triggers the mode when the resource utilization rate is too high or too low. The paste control module takes appropriate action to restore the balance of server resource utilization. Finally, this paper discusses the hidden security risks known in the process of real time migration of virtual machines. In this paper, a security migration strategy is proposed for these hidden dangers. This strategy ensures that the storage page of the security progress is used in the migration process to other processes. Or the operating system is invisible to ensure the integrity and privacy protection of the virtual machine during real-time migration, so as to eliminate the security defects caused by real-time migration.
This article introduces current available emulators, and gives a comparison of why this article selects CloudSim as a simulation framework. Then, the details of the CloudSim framework are deeply studied and modified to adapt to the requirements of this article. The current available cloud computing simulator is still relatively small, and CloudSim may be the most complex. One. Compared to the GreeenCloud emulator, CloudSim provides a more precise time unit.GreenCloud to support the workload of the time limit, but only a simple single kernel server scheduling strategy, the workload of the MDCSim is only described as the computing requirement, and the limited data free migration.CloudSim can implement resource based virtualization technology. In addition, the CloudSim also supports energy saving and energy models. The convenience of scalability and availability makes it the first choice in this paper.
CloudSim uses a multilevel software framework and architecture component design. It is divided into user code layer and core layer. The user code layer can specify simulation settings, including simulation scenarios, user requirements, application configuration, and scheduling protocols for users and data centers. The core layer includes the interface for user code layer. .CloudSim frameworks such as virtual machine services, network topology settings, cloud service resources, and scheduling policies provide basic models and entities to validate and evaluate energy sensitive extension techniques and algorithms. A series of extensions to CloudSim are made in this paper to enable it to simulate efficient energy consumption sensitive matching at the source and virtual machine levels. In order to support different power consumption patterns and power management technologies, such as dynamic voltage and DVFS modeling and simulation, this paper provides an abstract implementation called PowerMod. This article provides an abstract implementation called PowerMod. El. this abstract class has been extended by a PE simulation custom energy consumption pattern. The paper rewrites the getPower method of this class. The input parameter of this method is the current utilization of the cloud host and the input parameter is the current energy consumption value. This improvement enables the CloudSim to create an energy consumption sensitive configuration protocol that requires real-time energy consumption information. It can also calculate the total energy consumption of the system simulation device.
On the basis of CloudSim, each event generated by the security module.CloudSim entity will be stored in the queue, which is called the future event. These events are inserted into the queue in a time parameter order. Next, each step of the event simulation will make the event delete from the future event queue and turn the event into the queue. Move to the delay event queue. After that, an event processing method and security module are called by each entity, selecting events from the delayed event queue and performing corresponding actions. Such organizations allow the emulator to be organized flexibly, and provide a virtual machine protection and prevention of replay attacks, the inactivation of the entity, and the discontinuation of the simulation run. And reboot the powerful function.
In this paper, a simulation experiment is carried out in this paper. In the experiment, the CloudSim framework is used to modify the method to prove that the method is effective. In this paper, two experiments are proposed to evaluate the algorithm. The first test experiment is the method of using two layers (2T), three layers (3T) and three layer high speed architecture (3Ths). First, the number of fixed computing nodes is fixed. For 1500, the comparison is due to the difference between the number of three topology structures and the Internet switch. The second set of experiments is a validation of the effectiveness of the proposed energy saving technology VM configuration technology. In this experiment, this paper compared two energy saving resource management technologies relative to a benchmark trivial technique, and did not consider the owner to the master during the optimal configuration. The standard test technique is the processor working at the maximum frequency, in which the operation makes the highest processing power. In the experiment, the algorithm is estimated by the tool package provided by the CloudSim, the CloudSim toolkit provides some new features, and the unique features provided by it have the available virtualization engines and flexibility. The switch between core sharing and time sharing is allocated to virtualization services.
From the experimental results we can make sure that the use of dynamic cyclic algorithm for server integration is a very feasible solution to reduce energy consumption in a data center requiring absolute security. In virtual machine migration, the application of dynamic loop algorithm to server integration is one to reduce the energy consumption of data centers, but not A very feasible solution that endangers security. Compared with existing schemes, such as dynamic voltage scaling, our strategy also has a lower software license violation. Experiments show that the proposed mitigation strategy in the migration process, the attack on the famous virtual machine, such as restoring order and replay attacks, is feasible.
【学位授予单位】:中南大学
【学位级别】:硕士
【学位授予年份】:2012
【分类号】:TP308
【参考文献】
相关期刊论文 前1条
1 陈康;郑纬民;;云计算:系统实例与研究现状[J];软件学报;2009年05期
,本文编号:2139193
本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/2139193.html
