William C. Arnold

An architecture for virtual solution composition and deployment in infrastructure clouds

The combination of virtual server technology and the Infrastructure-as-a-Service (IaaS) approach to utility computing promises to revolutionize the way in which distributed software services are deployed. Server virtualization technology can be used to capture complete reusable software stacks, shifting the complexity of middleware installation and configuration from deployment to packaging. IaaS clouds provide a set of interfaces for controlling virtual machines and configuring their hardware and network environment, substantially reducing the complexity of service provisioning. In this paper we identify and tackle a few of the remaining challenges in fulfilling the promise of radical simplification of distributed software service composition and deployment. We propose an approach and architecture for composition and deployment of virtual software services in cloud environments. We introduce a virtual appliance model which treats virtual images as building blocks for composite solutions. Virtual appliances use a port abstraction to negotiate their communication parameters. A solution architect creates a virtual solution model by composing virtual appliances and defining requirements on the environment in a cloud-independent manner. The virtual solution model is transformed to a cloud-specific virtual solution deployment model used to generate a parameterized deployment plan that can be executed by an unskilled user. We validated our approach through a prototype implementation demonstrating flexible composition and automated deployment in our local lab virtualization infrastructure and in Amazon EC2.

Pattern Based SOA Deployment

A key function of a Service Oriented Architecture is the separation between business logic and the platform of its implementation and deployment. Much of the focus in SOA research has been on service design, implementation, composition, and placement. In this paper we address the challenge of configuring the hosting infrastructure for SOA service deployment. The functional and non-functional requirements of services impose constraints on the configuration of their containers at different levels. Presently, such requirements are captured in informal documents, making service deployment a slow, expensive, and error-prone process. In this paper, we introduce a novel approach to formally capturing service deployment best-practices as model-based patterns. Deployment patterns capture the structure of a solution, without bindings to specific resource instances. They can be defined at different levels of abstraction supporting reuse, and role-based iterative refinement and composition. We show how we extended an existing model driven deployment platform to support pattern based deployment. We formally define pattern semantics, validation, and refinement. We also present an algorithm for automatically instantiating such patterns on multiple distributed service environments. Our approach has been verified in a large prototype that has been used to capture a variety of functional and non-functional deployment constraints, and demonstrate their end-to-end maintenance and realization.

Automatic Realization of SOA Deployment Patterns in Distributed Environments

Deployment patterns have been proposed as a mechanism to support the provisioning of SOA-based services. Deployment patterns represent the structure and constraints of composite solutions, including non-functional properties, such as performance, availability, and security, without binding to specific resource instances. In previous work [1], we have presented a formal mechanism for capturing such service deployment patterns using models. Our pattern models define abstract connectivity and configuration requirements which are then realized by an existing or planned infrastructure. Realization mapping is used to enforce policies, and is materialized at deployment time. In this paper we extend that work to address the problem of automatic pattern realization over a given infrastructure. We first formalize the problem and present three variations of increasing power and complexity. We then present a variation of a search-based graph isomorphism algorithm with extensions for our pattern model semantics. Next, we show that our worst-case exponential complexity algorithm performs well in practice, over a number of pattern and infrastructure combinations. We speculate that this is because deployment topologies represent heavily labeled and sparse graphs. We present a number of heuristics which we have compared experimentally, and have identified one which performs best across most scenarios. Our algorithm has been incorporated into a large deployment modeling platform, now part of the IBM Rational Software Architect (RSA) tool [2].

An evaluation system for the physical security of computing systems

Physical security technology is being used more often to protect the integrity of computing systems and the assets they contain. A physical security rating system is defined in terms of the difficulty of mounting a successful physical attack against it, quality assurance documentation and system testing. An evaluation system is presented for determining adequate physical security, as a function of the environment in which the system is placed and the value of the assets resident in the system.<<ETX>>

Workload orchestration and optimization for software defined environments

The software defined environment (SDE) provides a powerful programmable interface to a cloud infrastructure through an abstraction of compute, network, and storage resources. A workload refers to the application to be deployed in such an infrastructure. To take advantage of the SDE interface, the workload is described using a declarative workload definition language and is then deployed in the infrastructure through an automated workload orchestration and optimization layer. This paper describes the architecture and algorithms that make up this layer. Given a definition of the workload, including the virtual components of the application and their resource needs, as well as other meta-information relating to factors such as performance, availability, and privacy, the function of the workload orchestration and optimization layer is to map virtual resources to physical resources and realize such a mapping in the infrastructure. This mapping, known as placement, is optimized so that the infrastructure is efficiently utilized, and the workload requirements are satisfied. We present the overall architecture of the workload orchestration and optimization runtime. We focus on the workload placement problem and describe our optimization framework. Then, we consider a real application, IBM Connections, as a use-case to demonstrate the orchestration and optimization functionalities.