Virtualization.com

News and insights from the vibrant world of virtualization and cloud computing

O'Reilly Velocity

Rich Wolski on Eucalyptus: Open Source Cloud Computing (Video Interview – 2/2)

by Leave a Comment

In this second part of our video interview with Rich Wolski (see the first part here), recorded at the O’Reilly Velocity conference, we learn how Eucalyptus came around the Amazon subscription method, where credit cards are the key to authentication. Offering ‘free and open’ clouds in university environments was achieved by introducing a system administrator in between the user account request and the issuing of certificates. Upon user request, the Eucalyptus user subscription interface generates an e-mail to an administrator, who will then perform a ‘manual’ verification. This can be a phone call or a physical meeting.


Eucalyptus Director Rich Wolski on open source cloud computing, Xen and Amazon’s EC2 (part 2/2) from Toon Vanagt on Vimeo.

Users did not like Rocks (leading open source cloud management tool), but the community (in smaller community/ deployment supports) preferred to do this manually. So Eucalyptus 1.1 provides Guidance, a script to build from scratch by hand.

A ‘build with one button’ remains the goal for future versions.

The full Eucalyptus image is only 55 Mb (without Linux image) and includes the necessary packages in order to make sure all of the revision-levels are fully compatible. Eucalyptus comes as Free BSD Open-Source license with a small disclaimer that the University of Santa Barbara explicitly wants to avoid any intellectual property infringements and will take necessary steps if needed.

Virtualization is supported by Xen 3.1 for security sake (3.0 works too, but is discouraged).

Lessons learned in building clouds from open source are quite rare. Here are a few from Rich:

Unlike commercial environments (where one controls the configuration, hardware purchase and networking), the architectural decisions are very different in open source environment, where one does not know the installation. One of the current challenges is to build a system depending on the control you have over your specific installation, you could successfully remove more of the portability from the system as you needs fit.

A second lesson is that people do things by hand and this is an opportunity for automation. Nobody is deploying Linux manually, instead sys admin use distributions. Shouldn’t there be a similar cloud distribution product out there? The people at Puppet were eager to help on providing such scripts for cloud deployments. According to Rich, this illustrates how O’Reilly should be credited for creating a good atmosphere at the Velocity 08 conference where a lot of cross-fertilization happened.

Rich ends the interview by throwing a fundamental question at the cloud community. He classifies current cloud initiatives on a scale based on the ‘closeness’ of the application layer to the cloud API. At the one end of this spectrum, he puts Google Apps (with Python oriented function calls) and at the other end Amazon EC2 (a set of very simple web service interfaces to the underlying virtualization technology) and all other cloud offerings float in between. This impacts what you can do with virtualization. Google AppEngine becomes your compiler on their end of the scale.

Rich wonders if this tighter link to the Google AppEngine will become a liability or an asset in the future when it comes to virtualization capabilities?

We invite you to provide your answers in the comments below!

Rich Wolski on Eucalyptus: Open Source Cloud Computing (Video Interview – 1/2)

by 4 Comments

A month ago we reported on how you can build your own open source cloud on clusters to make your personal cloud dreams come true!  Simply put your datacenter to use by ordering Xen virtualization on the Rocks and then carefully roll it in fresh Eucalyptus leaves.

In order to learn what makes these clouds tick, we have sent our enthusiastic cloud computing koala Toon Vanagt to San Francisco to interview Eucalyptus Director Rich Wolski at the O’Reilly Velocity conference. Below, you can find the first part of this exclusive video interview (we’ll post the second part tomorrow).

Rich’s students came up with EUCALYPTUS, which stands for ‘Elastic Utility Computing Architecture for Linking Your Programs To Useful Systems’ as an open-source tool for doing “cloud computing”. Their tool is designed to stimulate the development, interest, experiments and research into the nascent concept and industry of cloud computing.

Eucalyptus was build in a modular fashion, so it can “mimic” the interface of popular commercial clouds, like the one they started off with, Amazon EC2. The team plans support for several cloud interfaces as long as they are public and well documented.

Rich underlined that Eucalyptus is designed to experiment and not to compete with industrial strength clouds as Amazon EC2. Although with some engineering, one could take parts of Eucalyptus, mature those and scale to specific needs.

When asked about the underlying virtualization experience, Xen is seen as a very useful technology in ‘cloud’ regards. Rich complements Xen on being well documented and conceptually easy to understand and he looks back at the Xen selection as a good first hypervisor choice. Due to the nature of their specific use, parts of Xen would ‘break’ under load and were modified to meet certain stability needs.

As LibVert is used, Eucalyptus should in theory be relatively easy be able to support other hypervisors such as VMware and KVM. If no major wrinkles appear on the development surface, Eucalyptus therefore expects to support VMware and KVM with its 2.0 release, scheduled for early September 2008.

Rich supportively points to the Enomalism elastic computing platform, an open source cloud platform that enables a scalable enterprise IT and local cloud infrastructure. as an alternative open source virtualization system.

Security remains an issue but in some respects, accountability and authentication are an even bigger problem to the open source community than within commercial projects. “In an academic space, where you are not paying for usage, it is not a credit card that you are accounting to, but a user”. So Eucalyptus had to devise a user accounting system that is based on certificates. On top of that components should not be ‘spoofable’, as there is no message encryption in Eucalyptus (yet). Because these messages can be spoofed, Rich’s team had to take care of an open source implementation of Web Services Security to make sure the cloud controllers cannot be ‘fooled’ by malicious messages of doubtful origin.

The shortage of public IP addresses in university environments was solved by using the open source technology VDE (Virtual Distributed Ethernet). [VDE is an ethernet compliant virtual network that can be spawned over a set of physical computer over the Internet. You can see VDE as the software incarnation of a hardware network switch plus attached cables. Using the vde_switch and vde_plug programs you are able to create quite complex virtual analogies of a network that can span several hosts, even across the Internet.

By creating a virtual Ethernet for every cluster allocation and make that a set of user space processes can tunnel through NATs (Network Address Translation). As a downside to this VDE implementation comes a performance penalty. So Eucaluptus is offered with 2 flavors, linked to the SLA-nature in cloud computing. The first option uses the described very flexible ‘Virtual VLAN’ independent of IP-addresses. The second option bypasses VDE and is faster but less scalable as limits user requests to the confines of a single cluster.

Tomorrow, we’ll publish the second part of this exclusive interview. Stay tuned!