Abstract
Software-as-a-Service (SaaS) providers commonly support customization of their services to allow them to attract larger tenant bases. The nature of these customizations in practice ranges from anticipated configuration options to sophisticated code extensions. From a SaaS provider viewpoint, the latter category is particularly challenging as it involves executing untrusted tenant custom code in the SaaS production environment. Proper isolation of custom code in turn requires the ability to control the CPU and memory usage of each tenant.
In current practice, OS-level virtualization tools such as hypervisors or containers are predominantly used for this purpose. These techniques, however, constrain the number of tenants that a single node can cost-effectively accommodate.
In this paper, we present a practical solution for thread-level tenant isolation, vis-à-vis CPU and memory usage in presence of tenant-provided custom code. Both Java Runtime Environment (JRE) bytecode and tenant code are instrumented with usage control checkpoints which, based on data gathered using the Java Resource Consumption Management API (JSR-284), ensures that CPU and memory usage of tenants remain within their Service-level Agreements (SLA) limits.
Our experiments show that the tenant accommodation capacity of single node increases 59 times with the proposed solution instead of containers. This scalability improvement comes at the average cost of \(0.31\,\mathrm{ns}\) performance overhead per control checkpoint.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Storage and network resources are not dealt with in this paper because the Java RCM API already provides quite straightforward ways to control IO usage.
- 2.
This is specifically required for CPU because fulfilling F1 for the latter is feasible by suppressing the usage too much.
- 3.
The source code can be downloaded via http://people.cs.kuleuven.be/~majid.makki/icsoc-2019/main.html.
- 4.
The act of constantly recording these parameters has no impact on the obtained results.
- 5.
The claimed CPU usage control in fact restricts the response time of the untrusted script rather than its CPU usage.
References
Gupta, D., Cherkasova, L., Gardner, R., Vahdat, A.: Enforcing performance isolation across virtual machines in Xen. In: van Steen, M., Henning, M. (eds.) Middleware 2006. LNCS, vol. 4290, pp. 342–362. Springer, Heidelberg (2006). https://doi.org/10.1007/11925071_18
Somani, G., Chaudhary, S.: Application performance isolation in virtualization. In: IEEE International Conference on Cloud Computing, CLOUD 2009, pp. 41–48. IEEE (2009)
Li, Y., Li, W., Jiang, C.: A survey of virtual machine system: current technology and future trends. In: 2010 Third International Symposium on Electronic Commerce and Security (ISECS), pp. 332–336. IEEE (2010)
Vaquero, L.M., Rodero-Merino, L., Buyya, R.: Dynamically scaling applications in the cloud. ACM SIGCOMM Comput. Commun. Rev. 41(1), 45–52 (2011)
Weissman, C.D., Bobrowski, S.: The design of the force.com multitenant internet application development platform. In: Proceedings of the 2009 ACM SIGMOD International Conference on Management of Data, pp. 889–896. ACM (2009)
Song, H., Chauvel, F., Solberg, A.: Deep customization of multi-tenant SaaS using intrusive microservices. In: 2018 IEEE/ACM 40th International Conference on Software Engineering: New Ideas and Emerging Technologies Results (ICSE-NIER), pp. 97–100. IEEE (2018)
Li, X.H., Liu, T.C., Li, Y., Chen, Y.: SPIN: service performance isolation infrastructure in multi-tenancy environment. In: Bouguettaya, A., Krueger, I., Margaria, T. (eds.) ICSOC 2008. LNCS, vol. 5364, pp. 649–663. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89652-4_58
Lin, H., Sun, K., Zhao, S., Han, Y.: Feedback-control-based performance regulation for multi-tenant applications. In: 2009 15th International Conference on Parallel and Distributed Systems (ICPADS), pp. 134–141. IEEE (2009)
Leitner, P., Wetzstein, B., Rosenberg, F., Michlmayr, A., Dustdar, S., Leymann, F.: Runtime prediction of service level agreement violations for composite services. In: Dan, A., Gittler, F., Toumani, F. (eds.) ICSOC/ServiceWave -2009. LNCS, vol. 6275, pp. 176–186. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16132-2_17
Wang, W., Huang, X., Qin, X., Zhang, W., Wei, J., Zhong, H.: Application-level CPU consumption estimation: towards performance isolation of multi-tenancy web applications. In: 2012 IEEE 5th International Conference on Cloud computing (CLOUD), pp. 439–446. IEEE (2012)
Back, G., Hsieh, W.C., Lepreau, J.: Processes in KaffeOS: isolation, resource management, and sharing in Java. In: Proceedings of the 4th Conference on Symposium on Operating System Design & Implementation-Volume 4, p. 23. USENIX Association (2000)
Czajkowski, G., Daynès, L., Titzer, B.L.: A multi-user virtual machine. In: USENIX Annual Technical Conference, General Track, pp. 85–98 (2003)
Geoffray, N., Thomas, G., Muller, G., Parrend, P., Frénot, S., Folliot, B.: I-JVM: a Java virtual machine for component isolation in OSGi. In: IEEE/IFIP International Conference on Dependable Systems & Networks, DSN 2009, pp. 544–553. IEEE (2009)
Czajkowski, G., Daynàs, L.: Multitasking without compromise: a virtual machine evolution. ACM SIGPLAN Not. 47(4a), 60–73 (2012)
Johnson, G., Dawson, M.: Introduction to Java multitenancy. Technical report (2015)
Herzog, A., Shahmehri, N.: Problems running untrusted services as Java threads. In: Nardelli, E., Talamo, M. (eds.) Certification and Security in Inter-Organizational E-Service. IOLCS, vol. 177, pp. 19–32. Springer, Boston (2005). https://doi.org/10.1007/11397427_2
Rodero-Merino, L., Vaquero, L.M., Caron, E., Muresan, A., Desprez, F.: Building safe PaaS clouds: a survey on security in multitenant software platforms. Comput. Secur. 31(1), 96–108 (2012)
JCP: JSR 284: Resource Consumption Management API. https://jcp.org/en/jsr/detail?id=284. Accessed 04 Dec 2018
Czajkowski, G., Hahn, S., Skinner, G., Soper, P., Bryce, C.: A resource management interface for the Java\(^{\rm TM}\) platform. Softw. Pract. Exp. 35(2), 123–157 (2005)
Grove, D., DeFouw, G., Dean, J., Chambers, C.: Call graph construction in object-oriented languages. ACM SIGPLAN Not. 32(10), 108–124 (1997)
OSGi Alliance: OSGi specification (2012). https://osgi.org/download/r4v43/osgi.core-4.3.0.pdf. Accessed 19 Apr 2017
Simão, J., Lemos, J., Veiga, L.: \(A^{2}\)-VM: a cooperative Java VM with support for resource-awareness and cluster-wide thread scheduling. In: Meersman, R., et al. (eds.) OTM 2011. LNCS, vol. 7044, pp. 302–320. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25109-2_20
Kim, Y.J., Lee, Y.C., Han, H., Kang, S.: Hierarchical recursive resource sharing for containerized applications. In: Pahl, C., Vukovic, M., Yin, J., Yu, Q. (eds.) ICSOC 2018. LNCS, vol. 11236, pp. 781–796. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03596-9_56
Makki, M., Van Landuyt, D., Joosen, W.: Towards PaaS offering of BPMN 2.0 engines: a proposal for service-level tenant isolation. In: Mann, Z.Á., Stolz, V. (eds.) ESOCC 2017. CCIS, vol. 824, pp. 5–19. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-79090-9_1
Truyen, E., Van Landuyt, D., Reniers, V., Rafique, A., Lagaisse, B., Joosen, W.: Towards a container-based architecture for multi-tenant SaaS applications. In: Proceedings of the 15th International Workshop on Adaptive and Reflective Middleware, p. 6. ACM (2016)
Ochei, L.C., Bass, J.M., Petrovski, A.: Degrees of tenant isolation for cloud-hosted software services: a cross-case analysis. J. Cloud Comput. 7, 22 (2018)
Zhang, X., Tune, E., Hagmann, R., Jnagal, R., Gokhale, V., Wilkes, J.: CPI 2: CPU performance isolation for shared compute clusters. In: Proceedings of the 8th ACM European Conference on Computer Systems, pp. 379–391. ACM (2013)
Krebs, R., Spinner, S., Ahmed, N., Kounev, S.: Resource usage control in multi-tenant applications. In: 2014 14th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), pp. 122–131. IEEE (2014)
Walraven, S., De Borger, W., Vanbrabant, B., Lagaisse, B., Van Landuyt, D., Joosen, W.: Adaptive performance isolation middleware for multi-tenant SaaS. In: 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC), pp. 112–121. IEEE (2015)
Lama, P., Wang, S., Zhou, X., Cheng, D.: Performance isolation of data-intensive scale-out applications in a multi-tenant cloud. In: 2018 IEEE International Parallel and Distributed Processing Symposium (IPDPS), pp. 85–94. IEEE (2018)
Binder, W., Hulaas, J.G., Villazón, A.: Portable resource control in Java. ACM SIGPLAN Not. 36, 139–155 (2001)
Janik, A., Zieliński, K.: Transparent resource management with Java RM API. In: Alexandrov, V.N., van Albada, G.D., Sloot, P.M.A., Dongarra, J. (eds.) ICCS 2006. LNCS, vol. 3994, pp. 1023–1030. Springer, Heidelberg (2006). https://doi.org/10.1007/11758549_136
Activiti. https://www.activiti.org/. Accessed 04 Dec 2018
Rhino. https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Rhino/. Accessed 04 Dec 2018
HoseinyFarahabady, M.R., Lee, Y.C., Zomaya, A.Y., Tari, Z.: A QoS-aware resource allocation controller for function as a service (FaaS) platform. In: Maximilien, M., Vallecillo, A., Wang, J., Oriol, M. (eds.) ICSOC 2017. LNCS, vol. 10601, pp. 241–255. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69035-3_17
Acknowledgment
This research is partially funded by the Research Fund KU Leuven (project GOA/14/003 - ADDIS) and the strategic basic research (SBO) project DeCoMAdS.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Makki, M., Van Landuyt, D., Lagaisse, B., Joosen, W. (2019). Thread-Level CPU and Memory Usage Control of Custom Code in Multi-tenant SaaS. In: Yangui, S., Bouassida Rodriguez, I., Drira, K., Tari, Z. (eds) Service-Oriented Computing. ICSOC 2019. Lecture Notes in Computer Science(), vol 11895. Springer, Cham. https://doi.org/10.1007/978-3-030-33702-5_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-33702-5_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-33701-8
Online ISBN: 978-3-030-33702-5
eBook Packages: Computer ScienceComputer Science (R0)