• A
  • A
  • A
  • ABC
  • ABC
  • ABC
  • А
  • А
  • А
  • А
  • А
Regular version of the site
  • HSE University
  • Publications of HSE
  • Articles
  • Проблемы масштабируемости облачных сред и поиск причин деградации центрального сервиса идентификации Openstack Keystone

Article

Проблемы масштабируемости облачных сред и поиск причин деградации центрального сервиса идентификации Openstack Keystone

Аветисян А. И., Богомолов И. В., Алексиянц А. В., Борисенко О. Д.

Cloud services are becoming increasingly popular and they are among the most convenient means for computations in wide range of tasks. Authorization and authentication services for resource management in open-source clouds are distinct from proprietary solutions. An «atom» in open-source solutions is not a personal account but a grouping entity (tenant/project/etc). This approach imposes restrictions on building authorization and authentication service. Besides, users and other cloud services interact with the same system which prevents the cloud from adding fake nodes. Identification systems in open cloud platforms rely on two common components: relational database management system and common algorithms of cryptography on stored data. None of the system developers put performance first in such systems but they provide some means for reliability and high availability. This article shows importance of scaling identification system in context of performance for Openstack Keystone. We provide experiments and analytics suggesting that using RDBMS is wrong for such a task due to the complexity of employed crypto-algorithms and centralized storage system. We show that this common approach leads to non-linear scalability on nodes count and number of users. We describe a new approach which allows to solve scalability issues by replacing RDBMS with In-Memory Data Grid(IMDG) solutions. Prototype solution has been implemented using Tarantool IMDG.