Th is work is made freely available under open access. AUTHOR: TITLE: YEAR: OpenAIR citation: This work was submitted to- and approved by Robert Gordon University in partial fulfilment of the following degree: _______________________________________________________________________________________________ OpenAIR takedown statement: Section 6 of the “Repository policy for OpenAIR @ RGU” (available from http://www.rgu.ac.uk/staff-and-current- students/library/library-policies/repository-policies) provides guidance on the criteria under which RGU will consider withdrawing material from OpenAIR. If you believe that this item is subject to any of these criteria, or for any other reason should not be held on OpenAIR, then please contact [email protected] with the details of the item and the nature of your complaint. This (cid:410)(cid:346)(cid:286)(cid:400)(cid:349)(cid:400) is distributed under a CC ____________ license. ____________________________________________________ Architecting the Deployment of Cloud-hosted Services for Guaranteeing Multitenancy Isolation Laud Charles Ochei A thesis submitted in partial fulfilment of the requirements of Robert Gordon University for the degree of Doctor of Philosophy May 2017 Abstract Inrecentyears,softwaretoolsusedforGlobalSoftwareDevelopment(GSD)processes(e.g.,con- tinuousintegration,versioncontrolandbugtracking)areincreasinglybeingdeployedinthecloud to serve multiple users. Multitenancy is an important architectural property in cloud computing in which a single instance of an application is used to serve multiple users. There are two key challenges of implementing multitenancy: (i) ensuring isolation either between multiple tenants accessing the service or components designed (or integrated) with the service; and (ii) resolving trade-offsbetweenvaryingdegreesofisolationbetweentenantsorcomponents. Theaimofthisthesisistoinvestigatehowtoarchitectthedeploymentofcloud-hostedservice while guaranteeing the required degree of multitenancy isolation. Existing approaches for archi- tectingthedeploymentofcloud-hostedservicestoservemultipleusershavepaidlittleattentionto evaluatingtheeffectofthevaryingdegreesofmultitenancyisolationontherequiredperformance, resource consumption and access privilege of tenants (or components). Approaches for isolating tenants(orcomponents)areusuallyimplementedatlowerlayersofthecloudstackandoftenapply totheentiresystemandnottoindividualtenants(orcomponents). Thisthesisadoptsamultimethodresearchstrategytoprovidingasetofnovelapproachesfor addressing these problems. Firstly, a taxonomy of deployment patterns and a general process, CLIP (CLoud-based Identification process for deployment Patterns) was developed for guiding architects in selecting applicable cloud deployment patterns (together with the supporting tech- nologies) using the taxonomy for deploying services to the cloud. Secondly, an approach named COMITRE (COmponent-based approach to Multitenancy Isolation Through request RE-routing) wasdevelopedtogetherwithsupportingalgorithmsandthenappliedtothreecasestudiestoempir- icallyevaluatethevaryingdegreesofisolationbetweentenantsenabledbymultitenancypatterns for three different cloud-hosted GSD processes, namely-continuous integration, version control, andbugtracking. Afterthat,asynthesisoffindingsfromthethreecasestudieswascarriedoutto provideanexplanatoryframeworkandnewinsightsaboutvaryingdegreesofmultitenancyisola- tion. Thirdly,amodel-baseddecisionsupportsystemtogetherwithfourvariantsofametaheuristic solution was developed for solving the model to provide an optimal solution for deploying com- ponentsofacloud-hostedapplicationwithguaranteesformultitenancyisolation. Bycreatingandapplyingthetaxonomy,itwaslearntthatmostdeploymentpatternsarerelated and can be implemented by combining with others, for example, in hybrid deployment scenarios tointegratedataresidinginmultipleclouds. Ithasbeenarguedthatthesharedcomponentisbetter for reducing resource consumption while the dedicated component is better in avoiding perfor- mance interference. However, as the experimental results show, there are certain GSD processes wherethatmightnotnecessarilybeso,forexample,inversioncontrol,whereadditionalcopiesof the files are created in the repository, thus consuming more disk space. Over time, performance beginstodegradeasmoretimeisspentsearchingacrossmanyfilesonthedisk. Extensiveperfor- mance evaluation of the model-based decision support system showed that the optimal solutions obtained had low variability and percent deviation, and were produced with low computational effortwhencomparedtoagiventargetsolution. Keywords: Cloud-hostedServices,CloudPattern,ApplicationComponent,GlobalSoftwareDe- velopment(GSD)tools,Multitenancy,DegreeofIsolation,Metaheuristic,ContinuousIntegration, Versioncontrol,Bugtracking. Acknowledgments My family has been very supportive. Thanks so much to Nkem, my darling wife, and our twin boys-DavidandDaniel. IwouldalsoliketothankmyMum,Dad,AuntiesandUncles,Grandma, in-laws,otherfamilymembersandfriends,fortheirsupportandprayers. I would like to thank my supervisors, Julian Bass and Andrei Petrovski, especially for the patience and understanding they showed me when I was struggling in the initial stages of the research. I would like to sincerely thank Julian Bass for agreeing to be part of my supervisory team despite leaving RGU in August 2015. I would like to thank Olivier for the comments I received during the modelling and simulation phase of the research. Many thanks to the School of Computing, IT staff: Colin Beagrie and Tommy Taylor for the technical support in setting up and managing the private cloud used for the experiment. I would also like to thank the School ofComputingforapprovingfundsformetoattendandpresentpapersatresearchconferencesin Nice(France),Cambridge(USA)andLondon(England). IalsowishtothankmynetworkoffriendsAnthonyEtuk,SadiqSani,Aminu,Amina,Mariam, Mayowa and Blessing and Ikechukwu. Thanks so much for sharing your experiences with me; that made the research process less stressful. Finally, I would like to thank Sylvester Ofogba, StanleyOkosodo,GbengaGoker,RhibetnanYaktal,fortheirencouragement;andmembersofthe FountainofLove(FOL),RCCG,Aberdeen,forbeingeverpresentwithloveandcheer. Lastly,IamgratefultoGodAlmighty,forHisloveandcareinmylife. ThisresearchwassponsoredbytheTertiaryEducationTrustFund(TETFUND)andtheUni- versity of Port Harcourt (UNIPORT), Nigeria. The views and conclusions contained in this doc- umentarethoseoftheauthor(s)andshouldnotbeinterpretedasrepresentingtheofficialpolicies oftheNigerianorUKGovernments. TETFUND,UNIPORT,theNigerianandU.K.Governments areauthorisedtoreproduceanddistributereprintsforGovernmentpurposesnotwithstandingany copyrightnotation. Declarations IdeclarethatIamthesoleauthorofthisthesisandthatallverbatimextractscontainedinthethesis have been identified as such and all sources of information have been specifically acknowledged in the bibliography. Parts of the work presented in this thesis have appeared in the following publications: • L. C. Ochei, J. M. Bass, and A. Petrovski, A novel taxonomy of deployment patterns for cloud-hosted applications: A case study of global software development (gsd) tools and processes, International Journal On Advances in Software., vol. volume 8, numbers 3 and 4,pp. 420434,2015. (Chapter4) • L. C. Ochei, J. M. Bass, and A. Petrovski, Evaluating degrees of multitenancy isolation: A case study of cloud-hosted gsd tools, in 2015 International Conference on Cloud and AutonomicComputing(ICCAC).IEEE,2015,pp. 101112. (Chapter5and6) • L.C.Ochei,A.Petrovski,andJ.Bass,Evaluatingdegreesofisolationbetweentenantsen- abledbymultitenancypatternsforcloud-hostedversioncontrolsystems(vcs),International JournalofIntelligentComputingResearch,vol. 6,Issue3,pp. 601 612,2015. (Chapter5 and6) • L. C. Ochei, A. Petrovski, and J. Bass, An approach for achieving the required degree of multitenancy isolation for components of a cloud-hosted application, in 4th International IBMCloudAcademyConference(ICACON2016),2016. (Chapter5and6) • L. C. Ochei, J. Bass, and A. Petrovski, Implementing the required degree of multitenancy isolation: A case study of cloud-hosted bug tracking system, in 13th IEEE International ConferenceonServicesComputing(SCC2016). IEEE,2016.(Chapter5and6) • L.C.Ochei,A.Petrovski,andJ.Bass,OptimizingtheDeploymentofCloud-hostedAppli- cationComponentsforGuaranteeingMultitenancyIsolation,2016InternationalConference onInformationSociety(i-Society2016). BestPaperAward. (Chapter7) Contents 1 Introduction 1 1.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 ProblemContext . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.3 ResearchMotivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 1.4 ResearchAimandObjectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1.5 ContributionsoftheThesis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 1.6 ThesisStructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 2 LiteratureReview 15 2.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 2.2 Cloud-hostedGSDProcessesandSupportingTools . . . . . . . . . . . . . . . . 15 2.2.1 CloudComputing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 2.2.2 GlobalSoftwareDevelopment . . . . . . . . . . . . . . . . . . . . . . . 17 2.2.3 GSDToolsandSupportingProcesses . . . . . . . . . . . . . . . . . . . 18 2.2.4 DeploymentofSoftwareToolstotheCloud . . . . . . . . . . . . . . . . 20 2.3 ArchitecturesforCloud-hostedApplications . . . . . . . . . . . . . . . . . . . . 21 2.3.1 ArchitecturalPatterns. . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 2.3.2 CloudDeploymentPatterns . . . . . . . . . . . . . . . . . . . . . . . . 22 2.4 TaxonomiesandClassificationsofCloudDeploymentPatterns . . . . . . . . . . 23 2.4.1 WhatisaTaxonomyanditsPurpose? . . . . . . . . . . . . . . . . . . . 23 2.4.2 Related Work on Taxonomies and Classifications of Cloud Deployment Patterns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 2.5 ImplementingMultitenancyIsolationinaCloudComputingEnvironment . . . . 26 i CONTENTS ii 2.5.1 MultitenancyIsolation . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 2.5.2 RelatedWorkonApproachesforImplementingMultitenancy . . . . . . 27 2.5.3 RelatedWorkonDegreesofMultitenancyIsolation . . . . . . . . . . . . 28 2.6 OptimizingComponentsDeploymentforGuaranteeingMultitenancyIsolation . . 30 2.6.1 ConflictingTrade-offsinMultitenancyIsolation . . . . . . . . . . . . . 30 2.6.2 RelatedWorkonOptimalDeploymentandAllocationofCloudResources 31 2.7 ConclusionsfromLiteratureReview . . . . . . . . . . . . . . . . . . . . . . . . 32 2.8 ChapterSummary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 3 Methodology 37 3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 3.2 TheMultimethodResearchApproach . . . . . . . . . . . . . . . . . . . . . . . 37 3.3 Phase1: ExploratoryStudy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 3.3.1 SelectionofGSDToolsandProcesses . . . . . . . . . . . . . . . . . . . 39 3.3.2 ExploringCloudDeploymentPatterns . . . . . . . . . . . . . . . . . . . 40 3.4 Phase2: CaseStudyandCaseStudySynthesis . . . . . . . . . . . . . . . . . . 40 3.4.1 CaseStudy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 3.4.2 EvaluationoftheCaseStudy . . . . . . . . . . . . . . . . . . . . . . . . 42 3.4.3 SynthesizingthefindingsoftheCaseStudies . . . . . . . . . . . . . . . 50 3.4.4 DrawingConclusionsandDiscussingtheImplicationsoftheStudy . . . 50 3.5 Phase3: ModellingandSimulation . . . . . . . . . . . . . . . . . . . . . . . . . 51 3.5.1 DatasetandInstanceGeneration . . . . . . . . . . . . . . . . . . . . . . 51 3.5.2 EvaluationMetricandAnalysisforSimulation . . . . . . . . . . . . . . 55 3.5.3 Applicability of the Experiments and Frameworks in other Cloud Envi- ronments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 3.6 MultimethodResearch: combiningexploratorystudy, casestudy, casestudysyn- thesis,andsimulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 3.6.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 3.6.2 Howthedifferentmethodsfitintotheresearchprocess . . . . . . . . . . 60 3.7 ChapterSummary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 CONTENTS iii 4 TaxonomyofDeploymentPatternsforCloud-hostedServices 62 4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 4.2 DevelopingaTaxonomyofCloudDeploymentPattterns . . . . . . . . . . . . . 63 4.2.1 ProcedureforDevelopingtheTaxonomy . . . . . . . . . . . . . . . . . 63 4.2.2 DescriptionoftheTaxonomy . . . . . . . . . . . . . . . . . . . . . . . . 66 4.2.3 ValidationoftheTaxonomy . . . . . . . . . . . . . . . . . . . . . . . . 67 4.3 GSDToolSelection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 4.3.1 ResearchSite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 4.3.2 DerivedDatasetofGSDTools . . . . . . . . . . . . . . . . . . . . . . . 69 4.4 ApplyingtheTaxonomy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 4.4.1 PositioningGSDToolsontheTaxonomy . . . . . . . . . . . . . . . . . 70 4.4.2 HowtoIdentifyApplicableDeploymentPatternsusingtheTaxonomy . . 71 4.4.3 CaseStudy: SelectingPatternsforAutomatedBuildVerificationProcess 73 4.5 Findings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76 4.6 RecommendationsforusingtheTaxonomy . . . . . . . . . . . . . . . . . . . . 79 4.7 ChapterSummary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 5 CaseStudiesofDegreesofMultitenancyIsolationusingCOMITREApproach 84 5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 5.2 COMITRE:AnApproachforImplementingMultitenancyIsolation . . . . . . . 85 5.2.1 ArchitectureandProcedureforImplementation . . . . . . . . . . . . . . 85 5.2.2 AlgorithmsforSupportingCOMITRE . . . . . . . . . . . . . . . . . . . 87 5.2.3 ValidatingtheImplementationofMultitenancyIsolation . . . . . . . . . 90 5.2.4 ScenariosforIllustratingMultitenancyIsolation . . . . . . . . . . . . . 91 5.3 CaseStudy1-ContinuousIntegration . . . . . . . . . . . . . . . . . . . . . . . 93 5.3.1 ImplementingMultitenancyIsolationinHudson . . . . . . . . . . . . . 93 5.3.2 ExperimentalProcedureforCasestudy1 . . . . . . . . . . . . . . . . . 93 5.3.3 ResultsforCaseStudy1 . . . . . . . . . . . . . . . . . . . . . . . . . . 94 5.4 CaseStudy2-VersionControl . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 5.4.1 ImplementingMultitenancyIsolationinFileSystemSCMPlugin . . . . 98 5.4.2 ExperimentalProcedureforCaseStudy2 . . . . . . . . . . . . . . . . . 98 CONTENTS iv 5.4.3 ResultsforCaseStudy2 . . . . . . . . . . . . . . . . . . . . . . . . . . 100 5.5 CaseStudy3-BugTrackingwithBugzilla . . . . . . . . . . . . . . . . . . . . 101 5.5.1 ImplementingMultitenancyIsolationinBugzilla . . . . . . . . . . . . . 101 5.5.2 ExperimentalProcedureforCaseStudy3 . . . . . . . . . . . . . . . . . 103 5.5.3 ResultsforCaseStudy3 . . . . . . . . . . . . . . . . . . . . . . . . . . 104 5.6 ChapterSummary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 6 DegreesofMultitenancyIsolation: SynthesisofthreeCasestudies 108 6.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 6.2 SynthesisofCaseStudiesFindings . . . . . . . . . . . . . . . . . . . . . . . . . 109 6.2.1 Cross-caseAnalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 6.2.2 NarrativeSynthesis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 6.3 ExplanatoryFrameworkforDegreesofMultitenancyIsolation . . . . . . . . . . 118 6.3.1 MappingofMultitenancyIsolationtoGSDProcessesandResources. . . 119 6.3.2 ExploringTrade-offsforAchievingMultitenancyIsolation . . . . . . . . 121 6.4 ValidityoftheCaseStudySynthesis . . . . . . . . . . . . . . . . . . . . . . . . 124 6.5 ChapterSummary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 7 OptimalDeploymentofComponentsforGuaranteeingMultitenancyIsolation 127 7.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 7.2 ProblemFormalizationandNotation . . . . . . . . . . . . . . . . . . . . . . . . 128 7.2.1 SystemModelandDescriptionoftheProblem . . . . . . . . . . . . . . 128 7.2.2 SystemNotationsandAssumptions . . . . . . . . . . . . . . . . . . . . 129 7.2.3 MappingtheProblemtoaMultichoiceMultidimensionalKnapsackprob- lem(MMKP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 7.3 OpenMulticlassQueuingNetworkModel . . . . . . . . . . . . . . . . . . . . . 134 7.4 MetaheuristicSearch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135 7.5 DecisionSupportSystemforOptimalDeploymentofComponents . . . . . . . . 140 7.5.1 ArchitectureoftheDecisionSupportSystem . . . . . . . . . . . . . . . 140 7.5.2 OptimalDep: AnalgorithmforOptimalDeploymentofComponents . . . 142 7.6 EvaluationandResults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 7.6.1 ExperimentalSetupandProcedure . . . . . . . . . . . . . . . . . . . . . 145 CONTENTS v 7.6.2 Comparison of Solutions obtained from optimalDep Algorithm with the OptimalSolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 7.6.3 Comparison of Solutions obtained from optimalDep algorithm with the TargetSolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 7.6.4 StatisticalAnalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156 7.7 ChapterSummary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 8 Discussion 160 8.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160 8.2 DiscussionofFindings: Exploratory,CaseStudies,SynthesisandModelling . . . 160 8.2.1 DiscussiononFindingsfromExploratoryStudyonDeploymentPatterns 160 8.2.2 DiscussionofFindingsfromCaseStudiesandCaseStudySynthesis . . . 163 8.2.3 DiscussionofFindingsfromModellingandSimulation . . . . . . . . . . 165 8.3 ChallengesandRecommendations . . . . . . . . . . . . . . . . . . . . . . . . . 168 8.3.1 TypeandLocationoftheapplicationcomponentorprocesstobeshared . 168 8.3.2 CustomizabilityoftheGSDtoolandsupportingprocess . . . . . . . . . 168 8.3.3 OptimizationofCloudResourceduetochangingWorkload . . . . . . . 169 8.3.4 HybridCloudDeploymentConditions . . . . . . . . . . . . . . . . . . . 170 8.3.5 TaggingComponentswiththeRequiredDegreeofIsolation . . . . . . . 171 8.3.6 ErrorMessagesandSecurityChallengesduringImplementation . . . . . 171 8.4 PracticalApplications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 8.5 ChapterSummary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 9 Conclusion 176 9.1 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 9.2 ResearchContributionsRevisited . . . . . . . . . . . . . . . . . . . . . . . . . . 177 9.3 ResearchScopeandLimitations . . . . . . . . . . . . . . . . . . . . . . . . . . 181 9.4 ReflectiononthePhD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 9.5 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 9.6 FutureWork . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 9.6.1 MultitenancyIsolationProblem: ExploringotherModelsandMetaheuristics188 9.6.2 PredictingQoSofComponentsbasedonRequiredDegreeofIsolation . . 189