Conventional large-scale computing systems rely on powerful clusters of thousands of central processing unit (CPU) cores. For example a Cray XK7 located at the Oak Ridge National Laboratory in the United States uses 560,640 Opteron cores to provide about 17590 tera-floating point operations per second (TFlops) with each Opteron 6274 core providing 282 giga-floating point operations per second (GFlops). The Cray XK7 just described costs about 100 million United States dollars, requires a large space to install, consumes significant power, and requires constant costly maintenance. Because of the high cost and resource requirements associated with operating these large-scale computing systems few enterprises can afford to purchase and operate them.
As the preferred computing platform of users' shifts from desktop and traditional laptop computers toward mobile devices such as smartphone, phablets, and tablet devices, the number of available mobile computing devices has increased dramatically. By some estimates there are over a billion smartphones available worldwide, many of which may be accessed via a common network infrastructure. Most of these mobile computing devices are equipped with processing cores based on the instruction sets and architectures developed by ARM Holdings Incorporated such as the popular Cortex core. Most of these mobile computing devices run Linux based operating systems. A single Cortex A15 core can provide about 100 GFlops, and three Cortex A15 cores provide a computational capability comparable to a single Opteron 6274 core. For example, using 1.7 million mobile devices, assuming each mobile device contains at least one Cortex A15 core, a cluster can be formed with computing power on par with some of the largest super computers in the world.
Using the spare computing power of mobile devices presents a number of challenges. Mobile computing devices such as cell phones and tablets have access to sensitive personal and business related information. Use of spare computing resources on these devices will therefore require strong and reliable security. Users of cell phones or other mobile computing devices do not tolerate data latency or slow response times. Therefore response times and latency in mobile computing devices, especially in phone or other user centric applications, must be kept low.
Cloud based computing is a recently evolving metaphor for providing computing services and/or resources using a group of remotely deployed computing resources communicating over a common wide area network. As used herein the term cloud service infrastructure refers to a collection of remotely deployed computing resources communicating over a common network such that any portion or all of the resources can be coordinated to solve a common computing problem or execute a coordinated set of computing tasks. A cloud service infrastructure may be viewed as a type of computing cluster where the individual computing resources or cluster nodes are distributed, communicate over a wide area network, and may execute related but not necessarily the same computing task.
Cluster technologies such as the Linux Containers (LXC) developed by a consortium of software corporations, Docker an open source container technology designed for the Windows operating system, and Rocket a standards based application container technology, have been widely deployed on servers in computing data centers. These technologies allow applications to be executed in isolated environments for security purposes, and ease the deployment of applications on heterogeneous hardware infrastructures.
Container technologies for embedded devices, such as mobile computing devices, are currently being studied and introduced. Some early examples include KNOX being developed by Samsung Corporation, and McAfee Secure Container for Android being developed by a subsidiary of the Intel Corporation. These container implementations require that the same operating system be used in all containers on a device, and certain applications are configured such that they can only be run in a container. In these implementations, data isolation is provided by the containers, so the data belongs to the application running inside a container and cannot be accessed by any other application running outside the container or in another container. The application, running inside a container, also cannot access data of any other application.
An alternative solution has been proposed based on a type of virtualization. This solution allows multiple different operating systems to be run on the same embedded device by running several containers each having its own operating system. These containers are created by a root namespace which also runs services, such as wireless access service, that can be accessed simultaneously by the various operating systems running in the containers. There have been other attempts at building clusters of embedded devices however, these approaches did not use container-like technologies for data isolation.
Thus there is a need for improved methods and apparatus for creating and managing resources of secure containers on mobile computing devices and for methods and apparatus for creating a cloud service infrastructure based on the spare computing resources of a population of mobile computing devices.