Enterprise Digital Infrastructure

Cloud vs fog computing

Cloud computing: it enables on-demand network access to a shared pool of computing resources that can be rapidly provisioned and released with minimal effort.

• Provisioning: requesting resources when needed.
• Releasing: releasing resources when not needed.

Fog computing: the resources are closer to the user, so there's less latency. It's also called edge computing.

Cloud/compute continuum

• CLOUD
• WAN
• FOG
• LAN
• USER/IOT

Choice of the infrastructure

The choice will depend on:

• type of service or application = what is the system used for
• workload and traffic
• quality and performance requirements
• costs

There must be a balance of quality and cost. Sometimes over provisioning is performed, so the quality is higher than needed to satisfy future needs. There can also be under provisioning to keep costs low.

Performance challenges

- On-demand services: it's hard to predict the user behavior, so it's also hard to predict what will be the maximum load.

- Popularity: the number of users vary over time due to external factors.

• Network effect: user behavior is influenced by the behavior of other users, and will tend to be the same.
• Flash crowd: it's a sudden increase of the number of requests of a service that lasts a short amount of time.
• Slashdot effect: sudden increase of requests due to an event, such as a post made by a famous person.

- Location-based services: location data can be used to customize content. It might be difficult to predict where users will be located.

- Geographically distributed services.

- Composition of services under the control of multiple providers.

Requirements

Functional requirements: technical properties (what the application does). These are tied to software engineering.

Non-functional requirements: description of the behavior of a system and the experience of the users.

NFR are usually represented by a Kiviat diagram; The area should be as big as possible.

• Flexibility
• Availability
• Usability
• Scalability
• Interoperability
• Security
• Performance
• Maintainability

Trustworthiness

Trustworthiness is the ability of a system to protect data, devices and infrastructure.

Confidentiality, Integrity and Availability (CIA triad) of information is a common model used to develop security systems.

Denial of Service attacks

A DoS is an attack whose objective is to take down a system to make it unavailable.

It's implemented by flooding the victim with fake traffic using a botnet. DDoS = Distributed Denial of Service. It's more effective than DoS. Botnet = a set of compromised devices controlled from a remote location, sometimes without the owner's knowledge. Botnets created from IoT devices are called Thingbot. Devices can be infiltrated using brute-force attacks, exploiting CVEs (Common Vulnerabilities and Exposures).

DDoS attacks are categorized based on their goal:

1. Volumetric (flood-based) = designed to consume network bandwidth (implemented at transport, network or application layers);
2. Computational = designed to consume CPU and memory (usually implemented via TCP);
3. Vulnerability-based = exploit SW vulnerabilities.

Attacks can also be classified as asymmetric or symmetric based on the fact that they need less or the same amount of resources needed by the affected system to deal with the attack.

Reflection: the attacker that has a spoofed IP makes a request to a target, and the response is sent to a victim (that has this IP).

Performance degradation

It might originate from unforeseen interactions between components. Cascade effect: the failure of a component might cause performance degradation of other components.

Bottleneck = component that limits the performance of a system. To assess if a component is a bottleneck or not, knowing if it fast or slow is not enough. We also have to take into account its usage.

Performance engineering

It's the discipline that studies the efficiency of systems and the quality experienced by the users. It doesn't operate randomly, but follows a methodology.

For example, removing a bottleneck might simply move it and won't improve the overall performance.

There are two types of approaches:

1. Reactive = find remedies as soon as problems appear, by applying tuning actions.
2. Proactive = try to predict performance problems by applying capacity planning actions (what-if analysis).

How to identify and remove performance issues:

• Monitoring
• Identification
• Solution

These activities require domain knowledge, so the detailed knowledge of functionalities and behavior of a system.

Traceroute

This tool is aimed at discovering the network topology. It utilizes the TTL header field of IP packets.

From the vantage point, independent sequences of packets with different TTL are sent to the target (increasing from TTL=1).

A TTL equal to zero elicits an ICMP TIME-EXCEEDED response from a router along the path back to the vantage point.

When the target is reached, it responds with an ICMP “port unreachable”.

Active monitoring with traceroute

• Why: discover network topology
• Who: server B
• What: path between vantage point and target, RTTs between vantage point and all routers and target
• Where: computer A
• How: traceroute

Limitations of traceroute (20-3)

There are limitations affecting the accuracy of the measurements:

• asymmetric paths due to network congestion. A path is asymmetric if A to B is different than B to A;
• unstable paths due to temporary failures;
• blocked paths due to disconnected networks or routers discarding packets. These are also called barriers, and in this case we would not get a response.

Measurement platforms

They are technological infrastructures exploited to collect performance measurements.

M-Lab (Measurement Lab) - it's a large project aimed at providing customers with tools that will give them useful information about their internet performance. All data collected is made publicly available.

RIPE Atlas - it is a measurement platform that uses a global network of probes that measure internet connectivity and reachability. Probes perform active measurements, and the collected data is aggregated and made publicly available. Users who host a probe can use the entire RIPE Atlas network to conduct customized measurements.

Measurements vs objectives

Measurements must be consistent with the objectives of the project. We set an objective, then instead of following random conjectures and testing with a single technique, we should perform detailed investigations following a methodology, combining various tools and techniques.

DNS database

The unique mappings [hostname -> IP] are stored in a distributed database characterized by:

• Scalability;
• Decentralized maintenance = the responsibility is shared by many organizations;
• Robustness;
• Global scope = names mean the same everywhere;
• No need for atomicity;
• No need of strong consistency (eventual consistency).

Each NS stores only a subset of the entire database. Every node only knows about its children and parents:

• Root Name Servers know names and addresses of all NSs associated with all Top Level Domains.
• Each NS of a TLD knows names and IPs of all NSs associated with its Second Level Domains.
• Each NS of a SLD knows names and IPs of all devices registered under its domain name, and knows all names and IPs addresses of the NSs associated with its TLD.
• Special rule: every NS knows the names and IPs of all Root Name Servers (just 4kB of data).
• Every NS can potentially get the IP of every other node.