Virtualization and network mirroring to deliver High Availability to Grid services



Similar documents
Performance Isolation of a Misbehaving Virtual Machine with Xen, VMware and Solaris Containers

High-Availability Using Open Source Software

HRG Assessment: Stratus everrun Enterprise

Virtual Machine Migration with an Open Source Hypervisor

Xen Live Migration. Networks and Distributed Systems Seminar, 24 April Matúš Harvan Xen Live Migration 1

Solution Brief Availability and Recovery Options: Microsoft Exchange Solutions on VMware

Enterprise Storage Solution for Hyper-V Private Cloud and VDI Deployments using Sanbolic s Melio Cloud Software Suite April 2011

A Project Summary: VMware ESX Server to Facilitate: Infrastructure Management Services Server Consolidation Storage & Testing with Production Servers

On- Prem MongoDB- as- a- Service Powered by the CumuLogic DBaaS Platform

Enabling Technologies for Distributed Computing

A Distributed Storage Architecture based on a Hybrid Cloud Deployment Model

Parallels Virtuozzo Containers

Cloud Storage. Parallels. Performance Benchmark Results. White Paper.

An Experimental Study of Load Balancing of OpenNebula Open-Source Cloud Computing Platform

High Availability & Disaster Recovery Development Project. Concepts, Design and Implementation

SanDisk ION Accelerator High Availability

Windows Server 2008 R2 Hyper-V Live Migration

ovirt and Gluster hyper-converged! HA solution for maximum resource utilization

Enabling Technologies for Distributed and Cloud Computing

The Benefits of Virtualizing

Feature Comparison. Windows Server 2008 R2 Hyper-V and Windows Server 2012 Hyper-V

EMC VPLEX FAMILY. Continuous Availability and data Mobility Within and Across Data Centers

VMware Virtual Machine File System: Technical Overview and Best Practices

White Paper. Recording Server Virtualization

Basics of Virtualisation

Models For Modeling and Measuring the Performance of a Xen Virtual Server

Open-E Data Storage Software and Intel Modular Server a certified virtualization solution

Developing a dynamic, real-time IT infrastructure with Red Hat integrated virtualization

High Availability with Windows Server 2012 Release Candidate

ovirt and Gluster hyper-converged! HA solution for maximum resource utilization

HAVmS: Highly Available Virtual machine Computer System Fault Tolerant with Automatic Failback and close to zero downtime

Enhancements of ETERNUS DX / SF

Technology Insight Series

4-2 A Load Balancing System for Mitigating DDoS Attacks Using Live Migration of Virtual Machines

Best Practices for Virtualised SharePoint

SQL Server Virtualization

Windows Server 2008 R2 Hyper-V Live Migration

Dell High Availability Solutions Guide for Microsoft Hyper-V

Google

Achieving High Availability & Rapid Disaster Recovery in a Microsoft Exchange IP SAN April 2006

High Availability with Postgres Plus Advanced Server. An EnterpriseDB White Paper

Intro to Virtualization

Enterprise-Class Virtualization with Open Source Technologies

DELL s Oracle Database Advisor

9/26/2011. What is Virtualization? What are the different types of virtualization.

Relational Databases in the Cloud

Availability Digest. Stratus Avance Brings Availability to the Edge February 2009

PARALLELS CLOUD STORAGE

Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies

Philips IntelliSpace Critical Care and Anesthesia on VMware vsphere 5.1

High-Availability Fault Tolerant Computing for Remote and Branch Offices HA/FT solutions for Cisco UCS E-Series servers and VMware vsphere

Virtual SAN Design and Deployment Guide

DeltaV Virtualization High Availability and Disaster Recovery

Best Practice of Server Virtualization Using Qsan SAN Storage System. F300Q / F400Q / F600Q Series P300Q / P400Q / P500Q / P600Q Series

Table of contents. Matching server virtualization with advanced storage virtualization

A Migration of Virtual Machine to Remote System

Violin: A Framework for Extensible Block-level Storage

How To Compare Performance Of A Router On A Hypervisor On A Linux Virtualbox 2.5 (Xen) To A Virtualbox (Xeen) Xen-Virtualization (X

NETAPP WHITE PAPER USING A NETWORK APPLIANCE SAN WITH VMWARE INFRASTRUCTURE 3 TO FACILITATE SERVER AND STORAGE CONSOLIDATION

VIRTUALIZATION, The next step for online services

Microsoft SMB File Sharing Best Practices Guide

How To Virtualize A Storage Area Network (San) With Virtualization

What s New with VMware Virtual Infrastructure

Oracle Database Scalability in VMware ESX VMware ESX 3.5

Server and Storage Virtualization with IP Storage. David Dale, NetApp

OPTIMIZING SERVER VIRTUALIZATION

RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES

StACC: St Andrews Cloud Computing Co laboratory. A Performance Comparison of Clouds. Amazon EC2 and Ubuntu Enterprise Cloud

Nutanix Tech Note. Failure Analysis All Rights Reserved, Nutanix Corporation

Server Virtualization and Consolidation

VIRTUALIZATION 101. Brainstorm Conference 2013 PRESENTER INTRODUCTIONS

Connectivity. Alliance Access 7.0. Database Recovery. Information Paper

VERITAS Storage Foundation 4.3 for Windows

Virtualization. Pradipta De

Virtual Machines and Security Paola Stone Martinez East Carolina University November, 2013.

Running VirtualCenter in a Virtual Machine

Infrastructure as a Service (IaaS)

Performance Comparison of VMware and Xen Hypervisor on Guest OS

Expert. Briefing. \\\\ Best Practices for Managing Storage with Hyper-V

Technical Paper. Leveraging VMware Software to Provide Failover Protection for the Platform for SAS Business Analytics April 2011

Disaster Recovery Infrastructure

Is Virtualization Killing SSI Research?

Implementing Storage Concentrator FailOver Clusters

Migration of Virtual Machines for Better Performance in Cloud Computing Environment

A quantitative comparison between xen and kvm

TECHNICAL PAPER. Veeam Backup & Replication with Nimble Storage

What s new in Hyper-V 2012 R2

Windows Server 2008 R2 Hyper-V Server and Windows Server 8 Beta Hyper-V

Appendix A Core Concepts in SQL Server High Availability and Replication

Transcription:

Virtualization and network mirroring to deliver High Availability to Grid services Álvaro López García, Pablo Orviz Fernández Advanced Computing and e-science Group Instituto de Física de Cantabria, CSIC - UC, Spain aloga@ifca.unican.es, orviz@ifca.unican.es Abstract. Nowadays virtualization has become a commonly adopted solution within modern datacenters. Its advantages over traditional machines are widely known. In this paper we describe the work done at the IFCA facilities to implement an auto healing mechanism to a given set of Virtual Machines (VMs) by using disk mirroring over network. The resulting system is a secure, robust and fast failover mechanism that is able to perform an unattended commute of the execution host of a given set of VMs in case of any failure. Keywords: Xen, virtualization, auto-healing, failover, High Availability, redundancy, replication, DRBD. 1 Introduction The Instituto de Física de Cantabria (IFCA) [6] datacenter is a medium-sized computing center coordinating and participating in several European and Spanish [10] Grid computing initiatives, all of them sharing the same facilities. The density of machines required by the different projects and users become bigger and bigger along the time, since the infrastructures and the software are evolving in a day by day basis. Furthermore, some of the machines hosted at IFCA have a high level of criticality as the malfunctioning of some of them might hinder users from using the infrastructure or even cause a blackout total or partial of the infrastructure. Ensuring a high rate of availability to a given set of computing resources is a facing challenge due to the heterogeneity and the intrinsic complexity of both hardware and software components that are not always as reliable as expected. A good quality Grid infrastructure implies low degradation rates on its performance and functionality, which must be firstly achieved by reducing the downtime gaps of its core services and critical components. An effective method to accomplish the target stated above goes through the use of redundant and/or replicated components. A classical High Availability (HA) approach stands on top of hardware replication. Virtualization allows to move towards a reviewed and innovative approach, implementing similar functionality, without the need of real hardware replication.

2 Virtual Infrastructure Virtualization has become a common topic in the management of modern datacenters. It is known that, if used in the proper way, these techniques allow to adopt a new-minded, more flexible and powerful approach for a computing infrastructure, introducing new functionalities and benefits to profit from them. IFCA has been an early adopter of virtualization, specially since the consolidation and spread of the latest paravirtualization techniques (mainly the Xen hypervisor[13]) and the adoption of multicore technologies. Almost all services running at IFCA datacenter are running virtualized. By using such an approach, it is possible to adapt the resources to the different and changing demands of users, applications and projects. In this kind of schema it is possible to make a difference within critical machines namely the core services, needed by users, projects and the rest of the infrastructure to work and the non-critical machines e.g. the computing nodes. The latter group might not need any kind of redundancy nor HA, as any failure related with these machines should not have any significant impact on the whole production system. A fail-over mechanism is necessary for the machines hosting the critical services. In case of any failure or malfunctioning of such a service, a recover procedure must be triggered in an acceptable period of time, in order to minimize the possible blackout. Virtualization allows to implement such a mechanism without the overheads imposed by traditional HA, making affordable to implement it on a wider set of services and machines. The Virtual Infrastructure at IFCA is divided in two different and non overlapping sections according to the scenario described above and shown in the Figure 1. Fig. 1. Virtual infrastructure at IFCA Non-critical machines running on a virtualization farm hosting the different computing and non critical nodes. In this farm the bulk of machines are consid-

ered to be short-lived and/or stateless, thus no HA nor redundancy mechanism is necessary. Critical machines which are executed on top of a smaller pool of virtualization servers. In this group of servers (outlined in Figure 2) there is a set of disk devices which are properly synchronized over a dedicated Ethernet network in order to establish a distributed mirror of that disk (that is, a RAID-1 over that network). The critical VMs will be then deployed on top those replicated disk devices. In this way, a given VM could be executed in any of the virtualization servers as long as a replica of the machine s device exists. In case of failure, a monitoring software determines if there are any replicas available on any other server, thus triggering the execution of the unresponsive VMs onto them. This replica server does not need to be a dedicated machine as the different replicas may be distributed in a flexible way within all the available virtualization servers (i.e. a mesh architecture). Fig. 2. System architecture

3 Architecture This section will describe the components that conform the failover system, as can be seen in the Figure 3, and that will be described in the following pages. The most relevant component of the stack, the DRBD layer, sits on top of the logical storage managers and serves the critical services (in form of VMs) with a ready-to-use mirrored solution. Fig. 3. Single node architecture 3.1 Disk mirroring Since the critical machines are running on VMs it is possible to replicate its disk images among the virtualization servers. Indeed, it is needed to replicate such data between the different serves, in order to allow the migration of the VMs in case of failure. The solution chosen is the Distributed Replicated Block Device (DRBD) [4], namely is a software based replicated storage solution that allows to implement real-time and synchronous mirroring of block devices over a network, with functionality similar to a traditional level 1 RAID. DRBD functionality is transparent to the end-applications using those devices [5]. DRBD replicates a block device within two different servers, guaranteeing that there is only one active device manipulating the data at a given time (this node is

the Primary node). This feature is indeed important, since it ensures protection against other possible storage solutions (such as iscsi, AoE, etc.), preventing the simultaneous write access to a device. It is important to remark that as long as the DRBD device has an active Primary node, its analogous will never be promoted to that role. DRBD thus presents a distributed network storage system that allows pointto-point synchronization and replication of block devices among two servers. It offers both specific logical block management at the lower level and userspace administration tools for a transparent and ease of use of the facilities provided. In this way, a HA cluster scenario can be deployed based on the whole block device mirroring through an Ethernet network. 3.2 Virtualization Hypervisor The virtualization is a key component on this structure, since all the core services will be running virtualized. The Xen hypervisor [13] has been chosen, because of its performance as it is shown in countless studies such as [1 3, 11, 12], stability and widespread. All the machines that will benefit from the failover system need to be virtualized and will run on top of Xen. Since the original machine kernel need to be replaced with a modified one, there might be any specific platform constraint that make difficult or impossible (e.g. extremely old legacy software) to execute them in paravirtualization mode. However, it is possible to use the hardware virtualization support from the Intel or AMD processors. However, paravirtualization is the preferred method whenever it is possible, because of its bigger flexibility. 3.3 Monitoring In order to be effective, the failover system needs to detect and diagnostic any malfunctioning and apply some recover directives. A decision maker software will trigger appropriate predefined actions to recover the infrastructure in a short amount of time. The diagnose made by this monitoring component should take into account several possible failures, depending of the nature of the problem. VM failure In this case the VM should be restarted on the same Physical Machine (PM) as the failure is considered to be local to such VM. This is performed by sending the order to the underlying hypervisor. Persistent VM failure If a VM persists on failing on the same PM it might be caused by a undetected malfunctioning of the PM, thus a migration of the VM should be triggered to another server. Hardware failure If there is any hardware failure on the PM the monitoring software should redistribute its hosted VMs to the nodes that contain the appropriate replicated devices. In the second and third case, the associated DBRD devices on the new PMs must be promoted to the Primary role before launching the new VMs. If any by

chance it is not possible to the DRBD system to obtain that role which indeed means that there is still another active Primary on the system the startup of the VMs will fail as DRBD will refuse to bring up the device. This prevents falsepositives, e.g. a PM that is not reachable but whose VMs are still active and working. In such a case the automatic and unattended recovery is not possible, and the system will stop the procedure, warning the datacenter responsible. 4 Implementation The solution described in the previous section relies on the features and possibilities that DRBD and virtualization bring together. Also a monitoring component is needed in order to detect the potential errors, accommodate the problematic VMs in a suitable virtualization server and launch there the VM to re-establish the critical service within in a matter of seconds. This turns the implementation into an automated rapid response mechanism that will take the appropriate decisions for us, resulting in a good QoS for a given production environment. 4.1 Logical Volume Management (LVM) Prior to the replica tasks take place, there is a need to define what type of block device should be selected to work with. One could just decide to use directly the vanilla block devices as they are present in the system, that is, with no intermediate layer in between. As it can be seen in Figure 3, LVM is used in the architecture presented at the storage volume management level. This tool contributes with a flexible method of mass-storage allocation to stripe together several conventional partitions into larger virtual ones, thus improving and facilitating the block device management allowing the interaction with the existing volumes in the system, even at runtime. These advantages clearly affect on the general performance of the system since there is no need to interrupt it in order to carry out the usual maintenance operations for storage concerns such as data migration, volume resizing, snapshoting, etc. The volume manager design relies on the existence of the Volume Group (VG). A VG is made up out of entire hard disks, partitions or even external LUNs. In LVM s terminology these components are known as Physical Volumes (PV), so each VG can be mapped to one or multiple PVs. In the upper layer of this design appears the Logical Volume (LV) concept, which is in fact the regular block device where, in most cases, a filesystem will be attached. This will not be the target of the LVs being created for the solution provided: LVs will appear as DRBD backing devices. 4.2 Distributed Replicated Block Device (DRBD) The previous section introduced the use of LVM s capabilities as the underlying block management software. DRBD will then work on top of it. Once a logical volume (LV) has been created on the system, a DRBD resource must be configured

on the two candidate servers. A resource in DRBD terminology refers to all the facets that define a particular replicated device. Each resource must have an unique identifier, DRBD device in a form of /dev/drbdx, network connection port way of communication with its associated in the replica server and the device where the data and metadata information will exist on the local server. The following shows a basic block device configuration:

resource voms01 { protocol C; } on v02 { address 10.10.50.2:7789; device /dev/drbd0; disk /dev/virtual_machines/voms01; meta-disk internal; } on v01 { address 10.10.50.1:7789; device /dev/drbd0; disk /dev/virtual_machines/voms01; meta-disk internal; } net { after-sb-0pri discard-zero-changes; after-sb-1pri discard-secondary; } The configuration of a DRBD s resource can be straightforward, as showed in the example above. Three group sections can be distinguished related to the Xen hypervisor servers (v01 and v02) and the network configuration needed for them to be synchronized. Indeed, the global parameter protocol refers to the degree of replication synchronicity. As explained in previous sections, a DRBD resource has a role, which may be Primary or Secondary. The main difference between them is that the former is the active one, that is, it points to the server s device currently being used and has unrestricted rights for read and write operations. As a consequence of mirroring data on block device, only the Primary resource can access the data is holding so the server with the DRBD device on Secondary role simply receives the updates being made with no access for I/O operations. The DRBD device showed in the example involves its deployment and initialization in both virtualization servers. This task can be accomplished in the following steps continuing with the example used : 1. Create device metadata $ drbdadm create-md voms01 2. DRBD resource and backing device association $ drbdadm attach voms01

3. Set the synchronization parameters $ drbdadm syncer voms01 4. Connection to peer $ drbdadm connect voms01 Once the resource is initiated in both servers, there is a final setup issue in order to fully synchronize the recently created DRBD device with its peer: $ drbdadm -- --overwrite-data-of-peer primary voms01 This final step must only be performed in one of the virtualization servers. After the full synchronization process has been finished, the device will be prepared for being used as a standard block device. In this way, the data to be attached to it will be automatically replicated between both virtualization servers so Xen hypervisor capabilities can now profit from this storage replication scenario and do the startup of a VM holding a critical service in the appropriate server. For this to be happen a final utility from the solution stack presented is needed: the Agrest monitoring tool. 4.3 Monitoring The monitoring component should be able to supervise the overall status of the failover system. Several common and already existing solutions might be used. However, in the solution described here, a monitoring software developed at IFCA (namely Agrest) has been used. Agrest [9] aims to be a modular and flexible monitoring engine which can be easily extended to fulfil the needs of the failover system. It is based on an agnosticism principle, as the Agrest core does not need to know anything about what it is monitoring, as long as it can be monitored with a piece of software. It is based on the scheduling of tests and the execution of interfaces. A test is a script or program as complex as desired. The only requisite is that it to determine the status of whatever it is monitoring and return a value according to Agrest API. An interface is another script or program which will perform some actions (for example send an SMS, an e-mail or publish the results on a web page) based on some tests results. An Agrest interface has been developed to manage the failover system. This interface needs to be configured in order to reflect the configuration of the VMs and its replicas. Then, it takes care of the actual situation of the system and performs the needed actions to recover from the failure.

4.4 Virtualization manager A final layer needed on the system is the virtualization manager, which will able Agrest to shutdown and start the corresponding machines from the monitoring node. The software chosen is Libvirt [7] as has been extensively used in the IFCA datacenter in the past, and has demonstrated to be a stable and mature solution for both the local and remote management of VMs. 5 Conclusions Preliminary benchmarking and stress tests have been made in order to evaluate both the performance impact of the solution on a given machine and the recovery time of a faulty node. (a) Read performance (b) Write performance Fig. 4. Disk access performance

Two different benchmarking suites have been examined to measure the disk access performance: IOzone and Bonnie++. These tests threw similar results, as they are presented in the Figures 4(a) and 4(b). These tests have been done without any further tuning of the DRBD layer, on a virtualized machine with 1GB of RAM memory and using DRBD s synchronous replication. As it can be seen, the read throughput within the DRBD and non-drbd systems are extremely similar, since the read operations are performed locally. However, there is a bigger penalty on the write operations, as synchronization is needed among the replicated block devices. This performance loss might not be negligible if the machine needs to deal with files over a certain size (in the case presented in the benchmarks 512MB). However, this impact may be reduced by using the DRBD s asynchronous or semi-synchronous modes which should indeed reduce the penalty at the expense of introducing the risk of losing data. However, if the application can afford such a data-loss situation, the asynchronous mode may be the best choice as it will benefit the overall performance. The present work has thus described the design and implementation of a automated failover mechanism based on the application of virtualization and mirroring over network of block devices. The architecture proposed consists in a three-level tool stack that provides a mechanism to prevent clusters with strict QoS from single points of failure of their critical services. The automated recovery process makes possible to recover from a failure without human intervention at all, reducing the downtime gap to a few seconds, which is a more that acceptable downtime for Grid environments. Furthermore, the DRBD Primary/Secondary role gives additional protection from previous solutions (such as the direct usage of iscsi targets [8]) when facing false-positives, as it makes impossible to launch two VMs using the same block device. The system has been intensively used at IFCA datacenter, and experimental results have demonstrated its robustness and reliability in several unexpected situations. References 1. Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, and Andrew Warfield. Xen and the art of virtualization. In SOSP 03: Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 164 177, New York, NY, USA, 2003. ACM. 2. Bryan Clark, Todd Deshane, Eli Dow, Stephen Evanchik, Matthew Finlayson, Jason Herne, and Jeanna Neefe Matthews. Xen and the art of repeated research. In ATEC 04: Proceedings of the annual conference on USENIX Annual Technical Conference, pages 47 47, Berkeley, CA, USA, 2004. USENIX Association. 3. T. Deshane, Z. Shepherd, J. Matthews, M. Ben-Yehuda, A. Shah, and B. Rao. Quantitative comparison of xen and kvm. In Xen summit. USENIX association, June 2008. 4. DRBD. Drbd web site. http://www.drbd.org. 5. Florian Haas, Philipp Reisner, and Lars Ellenber. The DRBD User s Guide. LINBIT HA Solutions GmbH, january 18, 2010 edition. 6. IFCA. Ifca web site. http://www.ifca.es. 7. libvirt. The virtualization api. http://libvirt.org.

8. Alvaro Lopez Garcia, Mirko Mariotti, Davide Salomoni, and Leonello Servoli. A high availability solution for GRID services. Proceedings of Science, ACAT:013, 2007. 9. The Agrest monitoring engine. Agrest web site. http://devel.ifca.es/agrest/. 10. NGI. Ngi-es web site. http://es-ngi.eu. 11. Guillaume Thouvenin. Bull xen benchmarks. http://www.bullopensource.org/xen/benchs.html. 12. VMware. A performance comparison of hypervisors. VMware white paper, 2007. 13. Xen. Xen web site. http://xen.org.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information