000234534 001__ 234534
000234534 005__ 20190509132624.0
000234534 0247_ $$2doi$$a10.5075/epfl-thesis-8243
000234534 037__ $$aTHESIS
000234534 041__ $$aeng
000234534 088__ $$a8243
000234534 245__ $$aAdding flexibility to multi-tenant networks
000234534 260__ $$c2018$$bEPFL$$aLausanne
000234534 269__ $$a2018
000234534 300__ $$a121
000234534 336__ $$aTheses
000234534 502__ $$aProf. Willy Zwaenepoel (président) ; Prof. Aikaterini Argyraki (directeur de thèse) ; Prof. Edouard Bugnion, Prof. Guillaume Pierre, Prof. Alexander Wolf (rapporteurs)
000234534 520__ $$aCloud computing has been experiencing sharp development over the last years, leading to an increased demand for application migration to the cloud. Cloud providers, in an effort to attract more customers and earn their confidence, offer to tenants the illusion of an isolated network, exposing familiar abstractions. At the same time, creating this illusion poses challenging problems for the providers, as one tenant's traffic may interfere with another's in complicated, unpredictable ways.

First, new challenges have arisen in administering access-control rules (ACLs). On the one hand, installing ACLs at the server is incompatible with bare-metal support and introduces unnecessary performance overhead. On the other hand, offloading the most popular ACLs on the limited hardware memory in Top-of-Rack (ToR) switches should not be conducted naïvely, as the existence of wildcard rules presents inter-rule dependencies that must be respected.

Second, tenants' demands have evolved beyond requesting hardware resources; for instance, tenants may require bandwidth provisions between their resources or optimized access to a specific cloud service, e.g., a Mail server or a Database. Cloud providers have not adequately adapted to these expanding demands, therefore elevating hardware resources to "first class citizens," as non-hardware constraints are not considered during resource allocation, instead they are applied afterwards.

In this thesis we propose two architectures that facilitate cloud providers in managing their shared network resources in a flexible way. First, we demonstrate virtual flow tables, a ToR architecture that handles ACLs using a two-level memory hierarchy. The most popular ACLs are stored in the limited hardware memory, respecting any dependencies between wildcard rules, while the ToR's supervisor engine maintains access to the entire ACL rule-set. Second, we present a two-tiered architecture for scheduling cloud resources, consisting of a resource-agnostic scheduling layer and a resource-specific enforcement layer. Network resources and constraints are taken into consideration during resource scheduling, instead of afterwards, while resource provisioning, as well as general network-management policies, are delegated to the resource-specific tier.
000234534 6531_ $$acaching
000234534 6531_ $$acloud architecture
000234534 6531_ $$aflexibility
000234534 6531_ $$anetwork virtualization
000234534 6531_ $$ascheduling
000234534 6531_ $$awildcard rules
000234534 700__ $$0245812$$g215179$$aIoannidis, Georgios
000234534 720_2 $$aArgyraki, Aikaterini$$edir.$$g176638$$0243542
000234534 8564_ $$uhttps://infoscience.epfl.ch/record/234534/files/EPFL_TH8243.pdf$$s1413313
000234534 8564_ $$uhttps://infoscience.epfl.ch/record/234534/files/EPFL_TH8243.gif?subformat=icon$$s6568$$xicon
000234534 8564_ $$uhttps://infoscience.epfl.ch/record/234534/files/EPFL_TH8243.jpg?subformat=icon-180$$s7589$$xicon-180
000234534 8564_ $$uhttps://infoscience.epfl.ch/record/234534/files/EPFL_TH8243.jpg?subformat=icon-700$$s40584$$xicon-700
000234534 8564_ $$uhttps://infoscience.epfl.ch/record/234534/files/EPFL_TH8243.pdf?subformat=pdfa$$s2702282$$xpdfa
000234534 909C0 $$xU12550$$0252412$$pNAL
000234534 909CO $$pDOI$$pIC$$ooai:infoscience.tind.io:234534$$qDOI2$$qGLOBAL_SET$$pthesis
000234534 918__ $$dEDIC$$cIINFCOM$$aIC
000234534 919__ $$aNAL
000234534 920__ $$b2018$$a2018-02-01
000234534 970__ $$a8243/THESES
000234534 973__ $$sPUBLISHED$$aEPFL
000234534 980__ $$aTHESIS