Fine-Grain QoS Customization in Distributed ... - Semantic Scholar

Fine-Grain QoS Customization in Distributed Middleware Services  Matti A. Hiltunen and Richard D. Schlichting Department of Computer Science The University of Arizona Tucson, AZ 85721, USA email: hiltunen/[email protected] Abstract Quality of service (QoS) is increasingly being used to describe a broad collection of attributes, ranging from the performance-centric metrics used in the networking community to other metrics related to reliability, timeliness, and security. Moreover, QoS is also being applied to guarantees provided by a wider variety of services, ranging from communication services to higher level middleware services. In such a context, constructing a service that provides a fixed set of QoS guarantees is typically not sufficient since different applications that use the service may have very different requirements. The Cactus project is addressing these issues by providing facilities for performing fine-grain customization of QoS in distributed middleware services. Keywords: Configurability, tradeoffs, performance, reliability, real-time, security.

1 Customizing QoS Attributes Traditionally focused on network guarantees, the concept of quality of service (QoS) is increasingly being used to describe a broader collection of attributes and to apply to guarantees provided by higher levels of the system. For example, a middleware layer related to electronic commerce might provide QoS assurances related to security, as well as throughput and reliability. While useful, this wide range of attributes also makes it more difficult to construct services that have exactly the best combination of attributes for all possible applications. The solution is to provide facilities for customizing QoS in such services, preferably at a fine level of granularity. The goal of the Cactus project [SH97] is to provide exactly this kind of fine-grain customization for middleware services in distributed systems. Cactus intends to provide an integrated approach that addresses not only the performance-centric QoS of the networking community, but also other aspects such as reliability, timeliness, and security. The fine-grain customization allows application-specific control over attributes and the tradeoffs between attributes such as between performance and reliability. This fine-grained control over the integrated set of attributes distinguishes Cactus from other work in customizable QoS [SCSL97, MIS97, ZBS97]. As an integrated approach, Cactus addresses a wide range of QoS attributes. For example, the traditional reliability engineering concepts availability and reliability can be applied to most services. The response of a service can be further classified by its timeliness and correctness. Timeliness is defined as the probability that an operation will complete by its specified deadline, while correctness is a measure of how the provided response relates to a perfect response in the event the service can only provide an estimate because of time or other resource constraints. Furthermore, many services  This work supported in part by the Defense Advanced Research Projects Agency under grant N66001-97-C-8518 and the

Office of Naval Research under grant N00014-96-0207.

have consistency issues related to message ordering, failure and concurrency atomicity, and replica consistency. Most services also have attributes related to response time and resource consumption. We use performance as a measure of how fast the response is provided, and efficiency as a measure of operation throughput or consumption of resources such as CPU, memory, or bandwidth. Note that performance relates to the QoS as seen by one user, while efficiency relates to the system as a whole. Finally, security, defined as a measure of how well the system protects services or objects from being accessed or modified by unauthorized entities, applies to most services as well. The different QoS attributes are obviously not independent. For example, increasing the reliability of a service using replication typically increases response time and thus reduces performance. Such a relation between QoS attributes is a tradeoff, i.e., strengthening one QoS attribute will weaken another. Given a fixed amount of resources, most QoS attributes have a tradeoff relation. The importance of QoS tradeoffs is that such a relation makes it impossible for one service implementation to provide the precise combination of attributes that satisfies all possible applications. Thus, mechanisms must be provided for customizing QoS guarantees. The ability to customize QoS tradeoffs becomes especially important when available resources such as CPU processing power, available network bandwidth, or memory size are especially limited. Such conditions arise often in wireless networks, mobile computing, and embedded systems. Finally, considerable resource savings are also possible if each application is only provided with the QoS required.

2 Implementing Customizable QoS: The Cactus Approach Different protocols and algorithms have been developed to provide various QoS guarantees, and many systems even allow some degree of customization. For example, the degree of process replication can often be changed to adjust availability and reliability, while the size of read and write quorums can be modified to adjust read and write availability for replicated data. However, our goal is to provide the ability to do fine-grained customization of each attribute and in particular, to allow customization between attributes in tradeoff situations. Our approach to constructing highly-customizable middleware services is based on implementing QoS guarantees as separate modules that interact using an event-driven execution model. The basic building block of this model is a micro-protocol, a software module that implements a well-defined property of the desired service. A micro-protocol is, in turn, structured as a collection of event handlers, which are procedure-like segments of code bound to be executed when a specified event occurs. Events are used to signify state changes of interest, e.g., “message arrival from the network”. When such an event occurs, all event handlers bound for that event are executed. Events can be raised by microprotocols or be raised implicitly by the runtime system. Execution of handlers is atomic with respect to concurrency, i.e., each handler is executed to completion without interruption. The binding of handlers to events can be changed at runtime. Event handler binding and invocation are implemented by a standard runtime system or framework that is linked with the micro-protocols to form a composite protocol. The framework also supports shared data (e.g., messages) that can be accessed by the micro-protocols configured into the framework. Once created, a composite protocol can be composed in a traditional hierarchical manner using system like the x-kernel [HP91] with other protocols to construct a middleware service. In the past, we have used the approach to construct highly-customizable versions of atomic multicast, group RPC, and membership services [BHSC97]. In these services, the main emphasis has been on reliability, availability, consistency, and performance. Reliability has addressed both communication 2

failures through retransmissions and site failures through support for replication. Consistency has been addressed in the form of various message ordering properties for communication and membership services that make it possible to maintain a chosen form of consistency for replicated objects or processes. Finally, performance issues have been addressed by allowing the services to be configured to only provide the required properties, which means no unnecessary overhead. We also provide alternate implementations of micro-protocols, each of which is optimized for various system conditions. Some of the other QoS attributes that we have not yet addressed can easily be added. For example, different security, authentication, and authorization methods can be implemented as micro-protocols to augment existing services, while new customizable security services can also be added as new composite protocols. Techniques for ensuring consistency properties such as failure and concurrency atomicity can be implemented in the same way. Timeliness issues are different in the sense that such guarantees cannot be implemented by providing additional micro-protocols, but rather must be implemented by controlling system execution through admission control and scheduling policies. Traditional real-time techniques can be applied to the micro-protocol approach with certain exceptions. For example, each service configuration will have its own execution time characteristics and may potentially send different number and type of messages. We are working on addressing these issues for Cactus [HHS97]. The micro-protocol approach provides unparalleled facilities for fine-grain customization of QoS attributes. It is easy to implement micro-protocols that realize different tradeoffs in different situations. For example, when both timeliness and consistency cannot be ensured for a message, we can implement one micro-protocol that sacrifices timeliness and another that sacrifices ordering. Another example is a group RPC service that allows configuration time choice of the failure model to be tolerated and thus, allows customization of the tradeoff between reliability, performance, and efficiency. We are currently constructing such an RPC service. Other current work involves designing and implementing micro-protocols that ensure different QoS attributes for various middleware services. We are also building a configuration support tool that translates abstract QoS requirements into a configuration of micro-protocols that satisfies these requirements.

References [BHSC97] N. Bhatti, M. Hiltunen, R. Schlichting, and W. Chiu. Coyote: A system for constructing fine-grain configurable communication services. Submitted for publication in ACM Transaction on Computer Systems. [HHS97]

M. Hiltunen, X. Han, and R. Schlichting. Real-time issues in Cactus. In Proceedings of the IEEE Workshop on Middleware for Distributed Real-Time Systems and Services, pages 214–221, San Francisco, CA, Dec 1997.

[HP91]

N. Hutchinson and L. Peterson. The x-kernel: An architecture for implementing network protocols. IEEE Transactions on Software Engineering, 17(1):64–76, Jan 1991.

[MIS97]

A. Mehra, A. Indiresan, and K. Shin. Structuring communication software for quality-of-service guarantees. IEEE Transactions on Software Engineering, 23(10):616–634, Oct 1997.

[SCSL97] B. Sabata, B. Chatterjee, M. Sydir, and T. Lawrence. Taxonomy for QoS specifications. In Proceedings of WORDS’97, Newport Beach, CA, Feb 1997. [SH97]

R. Schlichting and M. Hiltunen. The Cactus project. http://www.cs.arizona.edu/cactus/, 1997.

[ZBS97]

J. Zinky, D. Bakken, and R. Schantz. Architectural support for quality of service for CORBA objects. Theory and Practice of Object Systems, 3(1), 1997.

3