Computer Science Department
Duke University


Overview | Extensibility | Project Status | Publications | Members

Introduction

Shirako is a Java-based resource leasing manager for the Open Resource Control Architecture (Orca) project in the NICL lab at Duke Computer Science.

Shirako is a toolkit for building components of a utility service architecture. Utility services enable dynamic on-demand sharing of networked resources through programmatic interfaces. Resource provider sites might export a variety of resources including servers or clusters in data centers, virtual application servers, network storage objects, network-attached sensors, or even bandwidth-provisioned paths or virtualized routers within the network itself. Support for dynamic utility services is an important element of the next-generation Internet.

Shirako is based on a common, extensible resource leasing abstraction that can meet the evolving needs of several strains of systems for networked resource sharing---whether the resources are held in common by a community of shareholders, offered as a commercial hosting service to paying customers, or contributed in a reciprocal fashion by self-interested peers. Shirako contains an implementation of Cluster-On-Demand, which supports dynamic leasing of resources from cluster provider sites. In recent work we have used Shirako and COD to implement a dynamic resource control plane for Globus grids, based on Xen virtual machines.

Overview

The leasing abstraction enables resource consumers (guests) to negotiate access to resources over time, and assemble sets of resources to host a service or application. A lease in Shirako represents a contract that specifies resource type and quantity over an interval of time. Resources are defined by negotiated attributes, which may specify how to use or configure the resource, or provide an assurance of predictable service quality. The design of the Shirako toolkit decouples fundamental leasing mechanisms from resource allocation policies and the details of managing a specific resource or service.

The model can apply to any resource that is partitionable as a measured and metered quantity, including storage, network paths, physical servers, and virtual machines. For example, a lease could represent a reservation for a block of machines with specified processor and memory attributes (clock speed etc.), a storage partition with given capacity and peak I/O throughput, or a block of virtual machines with a best-effort service contract. Shirako leases are not necessarily reservations: resource attributes may also specify weaker assurances (e.g., a "best effort" virtual machine). The guests may be distributed services or applications, or they may be networked environments that further subdivide the resources assigned to them, such as virtual network overlays. For example, a guest may lease a set of virtual clusters at multiple sites linked to host a service such as a cross-institutional grid or a content distribution network.

The participants in the leasing protocols are long-lived software entities that interact to manage the resources over a network. These self-interested actors may represent different trust domains and identities, and may enter into various trust relationships or contracts with other actors, for which they are held accountable.

  • Service managers are associated with one (or more) guests. They monitor application demands and resource status, and negotiate to acquire leases for the mix of resources needed to host the guest.
  • Authorities control resource allocation at each resource provider site or domain, and are responsible for enforcing isolation among multiple guests hosted on the resources under its control.
  • Brokers maintain inventories of resources offered by sites, and match requests with their resource supply. They have power to coordinate resource allocation: site authorities delegate limited power to the brokers to match resource requests with types and quantities of offered resources. Brokering is fundamental as a basis to coordinate resource leasing across multiple sites, while leaving contributors the autonomy to control their own resources.

Extensibility

Shirako is a toolkit for constructing service managers, brokers, and authorities, built around a generic leasing core. A key objective of Shirako is to factor any dependencies on resources, guests, or policies out of the leasing core. The core defines plug-in interfaces for extension modules: policy modules for resource allocation, driver modules for resource-specific configuration actions, and event handlers in the guest for changes to the resource set.

Maintaining a clean decoupling is difficult in part because resource-specific or guest-specific information must pass through the core, since the core manages state storage and recovery for the actors, and mediates their protocol interactions. Our solution is to capture all such non-generic information in property lists, which are sets of (key, value) string pairs. The properties are opaque to the core; their meaning is a convention among the plug-in modules, which interpret them to guide policy decisions or drive configuration actions. The modules ignore properties whose keys they do not recognize.

For example, COD site authorities and service managers pass property lists that specify configuration properties (e.g., which OS image to boot) and attributes of the allocated machines (e.g., IP addresses).


Project Status

Shirako is implemented in Java as a generic substrate for leasing resources between system actors along with plug-in components for implementing specific pieces of Shirako functionality. Shirako actors run as a Java web service communicating with other actors using a plug-in communication protocol (e.g. local procedure call, SOAP, XML-RPC). Plug-in components exist for Shirako actors to manage specific types of resources, implement different resource allocation policies, and execute SHARP cryptographic operations.

We have implemented a variety of resource allocation policies ranging first-come-first-serve to atomic allocation of requests across multiple types to more complex economic policies (Cereus). The extensible architecture allows new resource managers, for supporting new resource types, and new allocation policies to be easily written and plugged-in to the common leasing substrate that defines the core interactions between the different system actors.

We expect a code release soon.

Publications
  • "Sharing Networked Resources with Brokered Leases", David Irwin, Jeff Chase, Laura Grit, Aydan Yumerefendi, David Becker, and Ken Yocum. USENIX Technical Conference, June 2006, Boston, Massachusetts [pdf].

  • "Toward a Doctrine of Containment: Grid Hosting with Adaptive Resource Control", Lavanya Ramakrishnan, Laura Grit, Anda Iamnitchi, David Irwin, Aydan Yumerefendi, and Jeff Chase. In the 19th Annual Supercomputing Conference (SC06), November 2006. [pdf]
  • "Virtual Machine Hosting for Networked Clusters: Building the Foundations for ``Autonomic'' Orchestration", Laura Grit, David Irwin, Aydan Yumerefendi, and Jeff Chase. In the First International Workshop on Virtualization Technology in Distributed Computing (VTDC), November 2006. [pdf]

  • "Shirako: Virtual Machine Hosting for Federated Clusters", Laura Grit, Jeff Chase, David Irwin, and Aydan Yumerefendi, Refereed poster and demo at the Seventh USENIX Symposium on Operating Systems Design and Implementation (OSDI), November 2006, Seattle, Washington. [pdf]
  • For publications relating to Cluster-On-Demand, see the COD page.

  • Shirako's leasing architecture derives from the SHARP framework for secure resource peering and distributed resource allocation. For more information on SHARP, see the 2003 SOSP paper (pdf).
Related Work
Project Members