Inside cloud environments, the concept of computer clusters is widely used in order to increase the resiliency of services, improve the efficiency in usage of resources and protect applications running on it from hardware failure. This concept groups together several host nodes, creating a single logical pool of resources, such as a central processing units CPUs or memory that brings more flexibility to the applications.
Inside a cluster, a cluster resource management runs as a service. This service groups the resources of the different host nodes and presents the aggregated resources as one huge host to a virtual machine. The cluster resource management applies cluster resource allocation policies in order to decide which host node of the cluster will serve the virtual machine.
Cluster resource allocation policies can aim for different results such as having a load balanced cluster or having minimal power consumption. It can also help during upgrade procedures, since it is able to evacuate virtual machines from the host node to be upgraded. Regarding a load balancing policy, the active workload and available resources are continuously monitored. These resources are CPU and memory. When an unbalance is detected the cluster resource management leverages a procedure that moves the virtual machine to another host node in the computer cluster on which the amount of resources is sufficient and the state is healthy.
Another related service can be defined as storage resource manager. This service is based on the concept of clustering applied in the storage area. When the virtual machine is initially deployed, the administrator of the cloud environment is responsible to find the best storage volume for that virtual machine. This process is not done automatically and it is cumbersome, because there are multiple parameters that can influence which storage volume is the optimal for the specific virtual machine. Probably there will be several storage volumes to choose from. Further decisions can be made on the basis of load balancing strategies.
When using the storage resource manager, a group of storage volumes will be clustered together creating a single logical storage volume that represents the cluster system. The cloud administrator can choose the logical volume as the desired storage back-end for the specific virtual machine. Then checking the capacity needed by the virtual machine, its storage profile and how the cluster system is balanced influence which of the storage volumes of the cluster system is most suitable. A storage profile can include parameters such as maximum latency, read/write ratio, block size or other parameter, like a random/sequential ratio.
Understanding the storage profile of a virtual machine helps to identify the most performing storage volume. However, not only the storage area is affected, but also other resources such as CPU and memory. To address this problem and to simplify the optimal deployment of virtual machines in a cloud environment the Open Virtualization Format OVF is set up. OVF is a packaging standard designed to address the portability and deployment of virtual machines. OVF collects important parameters that define the resources needed by the virtual machine in order to run correctly. OVF is hypervisor agnostic and a project running under Distributed Management Task Force DMTF.
Today storage and the network can also be configured in order to fulfill different levels of data confidentiality and multi-tenancy. For example, data can be encrypted at different levels of the Storage Area Network SAN and stored in self-encrypted disks. Besides, there are also different configurations that could bring better security levels from the storage perspective such as providing one Logical Unit Number LUN per tenant.
In a cloud environment, different applications run with different security requirements. Even within a single application different security requirements depending on the data can be found. As a consequence, the network and storage solution may not only support a single security configuration, since this would not be sufficient for all applications. Instead, the storage solution adapts itself or offers a variety of security ecosystems that can coexist in the same cloud environment. These ecosystems are created by combining the distinct security features that are available in the network and storage solution and that can change during the lifetime of the application. However, during the whole lifetime Service Level Agreements of the providers related to storage security features should be met.
Migration of the virtual machine can lead to a degraded availability of storage resources, performance and Virtualized Network Functions VNF, to which the virtual machine contributes to. Telecommunication nodes are mostly clustered and comprise a number of virtual machines, when running virtualized. Without respect to security, the administrator of the cloud manually checks that the confidentiality of the data as well as the multi-tenancy requirements of the applications are fulfilled. Since this is a difficult task for the administrator, a chosen solution is easily over engineered or oversimplified.
When a virtual machine is migrated from one host node to another, existing migration mechanisms assure the compatibility of the destination host node with respect to available network resources or storage resources in use by the virtual machine on the target host. If the virtual machine is running on a computer cluster and the cluster manager service triggers the migration, the CPU and the memory in the new destination host will be verified. If everything is correct, the virtual machine is migrated.
Nevertheless, it can happen that the new destination host has not the same connectivity in terms of bandwidth, delay or jitter to the storage. For example, it may turn out that the new destination host node has only a path with 1 Gbps to the storage whereas the previous source host node had a path of 10 Gbps. This affects the performance of the virtual machine. Due to a lack of verification of the storage resources in the destination host node, it can happen that the virtual machine will not perform as well as in the original source host node and might even stop working. Thus, agreed performance levels cannot be maintained, as for example maximum latency to the storage.
Similar problems exist for service level agreements with respect to storage security, since there is no automatic mechanism in the cloud that combines the different security features of the network and storage solutions to provide the requested level of security. In addition there is also no mechanism that reacts to the changes that may affect the security. A cloud is a dynamic environment in which changes happen every day. Most of these changes affect security. For example, application data are moved to another storage solution having different security configurations, the application is evacuated to another board that uses a different Storage Area Network, new security features are added to the storage solutions or removed from or parts of the data are moved into faster tiers.
Network Functions Virtualization (NFV) is defined in Architectural Framework ETSI GS NFV 002 v1.1.1
Regarding storage, OVF 2.0 defines seven fields to describe the storage items needed for the virtual machine. This fields relate to an allocation of units, like a capacity needed; a description in human readable form, for example a virtual disk; an element name of the item to be created in order to provide the demanded storage; a unique instance ID; a reservation defining a minimum quantity of resources guaranteed to be available; a resource type defining the type of hardware that it is needed, like USB or Disk Drive; and a virtual quantity. However, even these parameters are not sufficient to describe the storage performance sufficiently. Despite of all these parameters storage performance related Service Level Agreements cannot be guaranteed within the clustered environment. A similar problem arises with respect to security related storage aspects in order to ensure a specific Service Level Agreement on storage security.
However, equally processing and checking a large number of target parameters with the same importance for their fulfillment is not efficient and may lead to inaccurate results if some parameters are in agreement and some are not in agreement for the virtual machine. If only some parameters are not in complete agreement, running of the virtual machine is prevented.