With DevOps automation and an everything-as-code approach to lifecycle management for cloud-native applications, challenges emerge from an operational visibility and control perspective. Once a VM is deployed in production it typically becomes a hands-off entity in terms of restrictions towards inspecting or tuning it, for the fear of negatively impacting its operation. We present CIVIC (Cloning and Injection based VM Inspection for Cloud), a new mechanism that enables safe inspection of unmodified production VMs on-the-fly. CIVIC restricts all impact and side-effects of inspection inside a live clone of the production VM. New functionality over the replicated VM state is introduced using code injection. In this paper, we describe the design and implementation of our solution over KVM/QEMU. We demonstrate four of its use-cases- (i) attaching an intrusive anomaly detector to a live service, (ii) impact-heavy problem diagnostics and troubleshooting, (iii) safe reuse of system monitoring agents, and (iv) live tuning of a webserver’s configuration parameters. Our evaluation shows CIVIC is nimble and lightweight in terms of memory footprint as well as clone activation time (6.5s), and has a low impact on the original VM (<10%).
Sat 8 AprDisplayed time zone: Azores change
15:45 - 17:00
|Dancing with Wolves: Towards Practical Event-driven VMM Monitoring|
Liang Deng State Key Laboratory for Novel Software Technology, Nanjing University; SANGFOR TECHNOLOGIES CO., LTD., Peng Liu Purdue University, Jun Xu Information Sciences and Technology, Pennsylvania State University, Ping Chen Information Sciences and Technology, Pennsylvania State University, Qingkai Zeng State Key Laboratory for Novel Software Technology, Nanjing University, China
|Safe Inspection of Live Virtual Machines|
|Improving Virtualized Storage Performance with Sky|
Session 3DOI Authorizer link File Attached