Measuring the Characteristics of Hypervisor I/O Scheduling in the Cloud for Virtual Machine Performance Interference

Measuring the Characteristics of Hypervisor I/O Scheduling in the Cloud for Virtual Machine Performance Interference

Ziye Yang (EMC Labs, Shanghai, China), Haifeng Fang (EMC Labs, Shanghai, China), Yingjun Wu (EMC Labs, Shanghai, China) and Chunqi Li (EMC Labs, Shanghai, China)
Copyright: © 2013 |Pages: 25
DOI: 10.4018/ijghpc.2013100102
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

In virtualized environments, the customers who purchase virtual machines (VMs) from a third-party cloud would expect that their VMs run in an isolated manner. However, the performance of a VM can be negatively affected by co-resident VMs. In this paper, the authors propose vExplorer, a distributed VM I/O performance measurement and analysis framework, where one can use a set of representative I/O operations to identify the I/O scheduling characteristics within a hypervisor, and potentially leverage this knowledge to carry out I/O based performance attacks to slow down the execution of the target VMs. The authors evaluate their prototype on both Xen and VMware platforms with four server benchmarks and show that vExplorer is practical and effective. The authors also conduct similar tests on Amazon’s EC2 platform and successfully slow down the performance of target VMs.
Article Preview

1. Introduction

Today cloud providers employ virtualization techniques that allow physical machines to be shared by multiple virtual machines (VMs) owned by different tenants. While resource sharing improves hardware utilization and service reliability, this may also open doors to side channel or performance interference attacks by malicious tenants. For example, CPU cache based attack has been studied in cloud environment (Thomas, Eran, Hovav & Stefan, 2009; YinQian, Ari, Alina & Michael, 2011; Amittai, Sen, Bryan & Ramakrishna, 2010; Taesoo, Marcus & Gloria, 2012), which might be mitigated to a lesser degree when each core in new multi-core CPUs is used exclusively by a single VM (at the cost of reduced CPU utilization). On the other hand, I/O resources are mostly shared in virtualized environments, and I/O based performance attacks remains a great threat, especially for data-intensive applications (Jeremy, Ganesh, & Beng-Hong, 2001; Paul et al., 2003; Ron & Howie, 2011). In this paper, we discuss the possibility of such attacks, and especially focus on the effects of disk I/O scheduling in a hypervisor for VM performance interference.

The premise of virtual I/O based attacks is to deploy malicious VMs that are co-located with target VMs and aim to slow down their performance by over-utilizing the shared I/O resources. Previous work shows the feasibility of co-locating VMs on same physical machines in a public cloud (Thomas, Eran, Hovav & Stefan, 2009). In this work, we will demonstrate that a well-designed measurement framework can help study virtual I/O scheduling, and such knowledge can be potentially applied to exploit the usage of the underlying I/O resources.

Extracting the I/O scheduling knowledge of the hypervisor is challenging. Generally, hypervisors can be divided into two classes, i.e., open-source one (e.g., Xen) and close-source one (e.g., VMware ESX server). For an open-source hypervisor, while the I/O scheduler knowledge is public, which one is in use is unknown, thus we focus on classifying its scheduling algorithm. In detail, we use a gray-box analysis based on pattern matching of the generated I/O output to make the determination of the scheduler type. For a close-source hypervisor, we use a black-box analysis to classify the scheduling algorithm and obtain the scheduling properties such as I/O throughput, I/O execution latency, read/write priority and etc.

With the knowledge of I/O scheduling algorithm, a malicious user can intentionally slow down co-located (co-resident) VMs by launching various attacking workloads. The main feature of such I/O performance attack is to deploy representative I/O workloads and manipulate the shared I/O queues to have an unfair advantage. Note that the space and time locality are the two major considerations in I/O scheduling schedulers. For example, the scheduling algorithms (e.g., Deadline (“Deadline I/O scheduler,”) and CFQ (“Cfq I/O scheduler”)) merge the I/O requests that are continuous in logical block address (LBA) for better space locality, while other algorithms (e.g., AS (Sitaram & Peter, 2001)) have a time window to anticipatorily execute some incoming I/O requests which are adjacent with previous I/O requests in LBA. Clearly, once the knowledge of I/O scheduler is known, a malicious user would be able to carry out more effective attacking workloads.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 11: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 10: 4 Issues (2018): 1 Released, 3 Forthcoming
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing