Gabor Terstyanszky1, Gab Pierantoni2, Tamas Kiss3
1University of Westminster, London, United Kingdom, firstname.lastname@example.org
2University of Westminster, London, United Kingdom, G.Pierantoni@westminster.ac.uk
3University of Westminster, London, United Kingdom, T.Kiss@westminster.ac.uk
Cloud computing has successfully and steadily addressed issues of how to run applications on complex distributed computing infrastructures. However, it must address specific deployment, scalability and security requirements. Nowadays, Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) solutions are widely used in academia, business and public sector to manage applications in the Cloud. At one hand, on-demand access to the Cloud in a flexible and elastic way could result in significant cost savings due to more efficient and convenient utilization. It can also replace large investment costs with long-term operational costs. On the other hand, however, the efficient and dynamic utilization of the Cloud to run applications is not trivial. The take up of cloud computing in some application areas is still relatively low due to limited application-level flexibility and shortages in cloud specific skills. As a result, the move to the Cloud has been somehow slower and more cautious in these areas due to both application- and infrastructure-level complexity.
To enable the execution of a large variety of applications in the Cloud in a cost effective, flexible, seamless and secure way, applications must be deployed, launched, executed and removed through a framework that hides cloud specific details. To manage applications in the Cloud it needs information, such as their architecture, resources and services they need, and QoS parameters they have to meet. Application description languages can define the application architecture, specify where to deploy and run applications, how to achieve their cost effective execution, and how to provide the required security to protect data.
TOSCA-BASEd HIGH-LEVEL Application description and execution
The Cloud Orchestration at the Level of Application (COLA) project , funded by H2020, aims at fostering the adoption of applications to the Cloud for public sector organisations and SMEs. COLA is elaborating a generic and pluggable framework, called Microservices-based Cloud Application-level Dynamic Orchestrator (MiCADO) , to support the optimal and secure deployment and run-time orchestration of cloud applications. Application Developers can describe applications including their Quality of Service (QoS) parameters related to deployment (flexibility), economic viability (costs), performance (scalability) and security (data protection and privacy) and submit this description to the MiCADO framework. This framework is based on existing low-level cloud container technologies (e.g. Docker Swarm , management and orchestration solutions (e.g. Occopus ), MiCADO is generic in the sense that its services are not restricted to particular technologies and can be implemented using different existing technologies and services.
We are focusing on application description and management in the Cloud. There are three major applications description approaches: cloud platform (Amazon, Microsoft Azure, etc.) and cloud orchestration tool dependent approaches (Chef, Heat etc.); and platform independent applications description languages (Camp and TOSCA). All these approaches properly describe the applications’ architecture specifying services they are composed of and how they are connected and artefacts and resources needed to run applications. Approaches used by cloud platforms and cloud orchestration tools are not based on standards and tied to specific implementations or platforms. As a result, it’s not easy to reuse their application descriptions in heterogeneous cloud environments. There are major differences in how these approaches specify and manage QoS properties. We use TOSCA  to describe applications that is emerging standard but it also has some limitations. TOSCA supports management of containers and virtual machines but these entities are assigned only node types not applications. TOSCA specification defines only abstract policy classes that cover only sub-set of QoS properties. Neither the original policy taxonomy nor the extended ones contains all parameters required to manage wide range of policies. Currently there is no a platform independent solution to process TOSCA application descriptions and run the applications in the Cloud. Considering these limitations we addressed the following challenges:
- how to describe and manage containerized applications with policies assigned to them,
- how to extend the TOSCA policy hierarchy to manage wide range of QoS properties and how TOSCA policies can parametrized to support these policies, and
- how to process and execute TOSCA specifications in a technology agnostic way.
To address these challenges we created three major contributions. First, to combine the flexibility offered by technology-oriented agnosticism with the expressiveness required to describe different properties of a large variety of applications we elaborated the Application Description Template (ADT) to specify two main aspects of applications: their architecture (application topology) and QoS properties (application policy). ADTs connect Application Developers to the application component. Each ADT contains a parameter section, a topology section with container and virtual image sub-sections, and a policies section. The first one holds the input and output parameters of the application. The topology section incorporates the container and virtual images sub-section. The policy section describes QoS parameters as TOSCA policies. As a second contribution we introduced a flexible policy hierarchy and extended the TOSCA policy hierarchy by adding a security policy with several sub-policies such as authentication, authorisation, data protection and further sub-policies to the deployment and scaling policy. We also defined a Policy Template to describe policy properties. Each template is divided into two main sections: description and properties section. The first one outlines in plain text to which service and when the policy is applied. The second one contains two types of parameters: common and specific properties. Finally, we extended the MiCADO framework with the MiCADO Submitter (Fig. 1) to process TOSCA descriptions. The ADT is submitted to the MiCADO Submitter and parsed and validated by the OpenStack TOSCA Parser and the MiCADO Validator. Next, the Mapper uses a key list to isolate information and pass it to adaptors that translate the information for the Container Orchestrator, which manages Docker containers, the Cloud Orchestrator, which handles Virtual Machines in which the containers are deployed and ran, the Policy Keeper, which manages all policies but security policies, and the Security Enforcer, which handles security policies, of the MiCADO framework.
Figure 1: MiCADO Submitter
To assess the applications descriptions and how applications are executed through the MiCADO framework, COLA tests its applicability using demonstrators and proof of concept case studies from four distinct application areas that include public sector organisations and SMEs. For example these use cases incorporate social media data analytics for local governments, simulation-based evacuation planning, data-intensive web applications, and simulation solutions for manufacturing and engineering.
This presentation will outline the MiCADO framework, the Application Description Template, the extended TOSCA policy architecture with the Policy Template and how ADTs are managed in the MiCADO framework. Further, it will present how a particular public sector organization’s application can be cost-effectively and efficiently executed through the MiCADO framework in the Cloud.
- COLA Project – Cloud Orchestration at the Level of Application, [Online]. Available:http://www.project-cola.eu/cola-project/
- T. Kiss, P. Kacsuk, J. Kovacs, B. Rakoczi, A. Hajnal, A. Farkas, G. GesmierG. Terstyanszky.: MiCADO –Microservice-based Cloud Application-level Dynamic Orchestrator, Future Generation Computer Systems, 2017,https://doi.org/10.1016/j.future.2017.09.050
- Docker Swarm overview, [Online], Available: https://docs.docker.com/swarm/overview/
- Kovács J. and Kacsuk P.: Occopus: a Multi-Cloud Orchestrator to Deploy and Manage Complex Scientific Infrastructures, Journal of Grid Computing, March 2018, Volume 16, issue 1, pp 19–37
- OASIS: TOSCA – Simple Profile in YAML Version 1.0, [On-line], available at: http://docs.oasis-open.org/tosca/TOSCA-Simple-Profile-YAML/v1.0/csd03/TOSCA-Simple-Profile-YAML-v1.0-csd03.html
Prof. Dr Gabor Terstyanszky is a Professor in Distributed Computing at the University of Westminster. His research interests include distributed and parallel computing, cloud, cluster and Grid computing. He supervised several European projects, such as: COPERNICUS, COST, WINPAR, HPCTI, and SEPP as local coordinator. He had a leading role in the FP7 EDGeS, DEGISCO, EDGI, SHIWA, SCI-BUS, ER-flow and H2020 CloudSME research projects. Currently ha is working on the H2020 COLA and CloudFacturing project. He published more than 130 technical papers at conferences and journals. He was member of programme committees of several conferences and workshops.