The Home Router

1. Command to get router address: Desktop$ route -n get default
   route to: default
   destination: default
   mask: default
   gateway: xx.xx.xx.1
   interface: en4
   flags: <UP,GATEWAY,DONE,STATIC,PRCLONING>
 recvpipe  sendpipe  ssthresh  rtt,msec    rttvar  hopcount      mtu     expire
       0         0         0         0         0         0      1500         0

VM Live Migration’s Impacts on the Running Applications

1. Will the IP address change after migration?

Both types of live migration exist, including changing and not changing IP address [5].

  • Based on Google cloud [1], it can migrate clients’ VM without affect the customers. That means the IP address of a VM would not be changed in this case.
    • To retain the same IP address, hyper-V requires the source and destination hosts to be within the same subnet. I think Google cloud may not have this requirement.
    • I think the virtual network [4] would be able to remove the restrictions on the locations of the destination hosts. “Hyper-V Network Virtualization decouples virtual networks for customer virtual machines from the physical network infrastructure.” 

2. Will the migration interrupt the Internet service?

This depends on the implementation. The answer is different regarding different implementation.

  • According to google cloud [1], there will be no service interruptions.
    • During post-migration brownout, the VM executes on the target. The source VM is present, and may be providing supporting functionality for the target. For instance, until the network fabric has caught up the new location of the VM, and source VM provides forwarding services for packets to and from the target VM
  • According to hyper-V [2]
    • the migration is not downtime-free, the interruption is almost immeasurably brief. Usually the longest delay is the network layer while the virtual machine’s MAC address is registered on the new physical switch port and its new location is propagated throughout the network. 
    • According to [3], in order to use live migration the VM needs to keep the same IP address across date centers in order to achieve the goal of continuous access from clients to the virtual machine during and after the migration. 

3. How the network is migrated?

The most challenging issue in VM migration is to keep the network working.

In LAN, different hypervisors using different strategies.

  • Xen
    • It uses ARP to bind the IP address to the new host. 
      • The VM sends ARP signal, broadcast that the IP address is moved to a new host.  But this may not be allowed for security reasons. 
  • VMware
    • VMotion uses VNIC to ensure the network connection. 
      • The VNIC will be migrated with VM as well. Every VNIC has a unique MAC address in LAN and is connected to one or multiple NIC. 
      • Since VNIC has a MAC address that is irrelevant to the physical network address, the network will be continued as normal using VM live migration. 
      • Note due to the restrictions of Ethernet, the source and destination hosts have to be in the same subnet

In WAN

  • The VM will be given a new IP address in the destination host. In order to ensure the network connection, we can use IP tunnel with combination of dynamic DNS, i.e., we can build a IP tunnel between the source IP and destination IP address, and use it to forward the packets from source host to destination host. Once migration is done, VM can response to the new network. It means the DNS is updated, and the network connection will refer to the new IP address. 

Reference
[1] Google cloud VM live migration
[2] Hyper-V live migration
[3] Live Migration — Implementation considerations
[4] Hyper-V 网络虚拟化概述 
[5] 虚拟机迁移研究

Build a Web Proxy in Amazon EC2

Prerequisite:

  • I already have an amazon ec2 instance (ubuntu) running in the cloud
What I do:
  • I choose to install tinyproxy
    • command: sudo apt-get install tinyproxy
  • Setup the IP you allowed for using the proxy
    • sudo vim /etc/tinyproxy.conf
    • unfortunately, tinyproxy does not support user authentication with username and password
  • Restart tinyproxy
    • sudo /etc/init.d/tinyproxy restart
  • Then you can setup your chrome to use the web proxy
    • it requires the IP address of your amazon ec2 instance and port (tinyproxy default port 8888) in setting up the web proxy
Comments:

  • With this proxy, you will be able to have free internet even if you are in a country with Internet censorship

How to test network bandwidth between two machines

http://askubuntu.com/questions/7976/how-do-you-test-the-network-speed-betwen-two-boxes

I use iperf. It’s a client server arrangement in that you run it in server mode at one end and connect to its from another computer on the other side of the network.
One both machines run:
sudo apt-get install iperf
Then on Computer A (Server):
iperf -s
And on Computer B (Client):
iperf -c <address of Computer A>

Session

Definition

A session is a semi-permanent interactive information interchange between two or more communication devices.

Implementation

The session is implemented by means of a database with information about the state of each session.
The reason of not implementing it with multiple processes or threads is due to large resource overhead.

Cluster of Servers

When a client may connect to any server in a cluster or servers, it is important to maintain consistency.
The client must be either directed to the same server for the duration of the session, or the servers must transmit server-side session information via a shared file system or database.

Client Side Web Sessions

Client-side sessions use cookies and cryptographic techniques to maintain state without storing as much data on the server. 
When presenting a dynamic web page, the server sends the current state data to the client (web browser) in the form of cookie. The client saves the cookie in memory or on disk. 
With each successive request, the client sends the cookie back to the server, and the server users the data to “remember” the state of the application for that client and generate an appropriate response.

Issues

  • Browser limits the number and size of cookies that may be stored by a web site.

HTTP Session Token

  • A session token is a unique identifier that is generated and sent from a server to a client to identify the current interaction session. The client usually stores and sends the token as an HTTP cookie and/or sends it as a parameter in GET or POST queries. 
The reason of using session tokens is that
  • The client only has to handle the identifier
  • All session data is stored on the server (usually in a database).

Web Applications Client & Server

Figure 1 [1] illustrates the web application architecture in the server side and client side.

Server Side

  • Logic Layer
    • Implements the application business logic using high-level programming languages, such as Java, PHP, or Python. 
  • Web Server Layer
    • Receive HTTP request, and passes the request to the appropriate server-side program, e.g., Apache web server, Windows IIS, or Nginx.
  • Data Storage Layer
    • Stores the web application state and user data. Popular data storage systems are traditional SQL databases, which include MySQL, PorsgreSQL, or MSSQL
  • Infrastructure Layer
    • Runs the operating systems. An infrastructure could be a physical machine or virtualization platform which manages multiple virtual machines. 

Client Side

The client side receives HTTP response from the server-side, and the job of the client is to convert the HTML contained in the HTTP response into a graphical interface from the user. 

  • Logic Layer (Presentation Layer)
    • It is written in a combination of HTML, CCS, and JavaScript, with JavaScript providing a way for the sever-side code to execute application logic on the client

  • Browser 
    • Retrieves the presentation layer code from the server, interprets it, and presents it as a graphic interface to the user. 

  • Storage Layer
    • For the presentation layer code to store data. Available storage methods include cookies, local storage, IndexedDB, and File APIs.
  • Operating System Layer
    • Runs the browser

Reference
[1] Toward a Moving Target Defense for a Web Applications, by Marhony Taguinod, in International Conference on Information Reuse and Integration 2015

Web Service — REST

What is REST

  • a design pattern for implementing networked systems, stands for “Representational State Transfer”
  • A client references a web resources using a URL
  • The web serves as a guiding framework for the web
  • HTTP is not just a protocol
    • It provides an API (POST, GET, PUT, DELETE) for create, read, update, and delete operations on a resource
  • Approach isolates application complexity at the end points (client and server) and keeps it out of the transport

Three Fundamental Aspects of REST

  • Resources
    • Every distinguishable entity is a resource. A resource may be a web site, an HTML page, and XML document etc.
  • URLs
    • Every resource is uniquely identified by a URL.
  • Simple operations

REST vs. SOAP

REST

  • The web is the universe of globally accessible information
  • Resource oriented
  • User-driven interactions via forms
  • Few operations (generic interface) on many resources
  • URI: Consistent naming mechanism for resources
  • Focus on scalability and performance of large scale distributed hypermedia systems

SOAP

  • The web is the universal transport of message
  • Activity/Service oriented
  • Orchestrated reliable event flows
  • Many operations (service interface) on few resources
  • Lack of standard naming mechanism
  • Focus on design of integrated (distributed) applications

Web Service

Web Services Fundamentals

Two Competing Approaches

  • REST-style
  • SOAP-style

Four Fundamental Technologies

  • XML
    • Describing information sent over the network
  • WSDL
    • Defining web service capability
  • SOAP
    • Accessing web services
  • UDDI
    • Finding web services

Web Service Infrastructure and Components

XML

  • Has emerged as the standard solution for describing information exchanged between heterogeneous system
  • Can be read by programs and interpreted in an application-specific way
  • Example
    • <Account>xx</Account>

WSDL: Describing the web service

  • Provides functional description of network services
    • IDL description
    • Protocol and deployment details
    • Platform independent description
    • Extensible language
  • As extended IDL: WSDL allows tools to generate compatible client and server stubs
    • Allows industries to define standardized service interfaces
    • Allows advertisement of service descriptions, enables dynamic discovery and binding of compatible services
      • Used in conjunction with UDDI registry
  • The main elements in a WSDL description

UDDI: Finding Web Service

  • Universal Description, Discovery, Integration
  • UDDI defines the operation of a service registry
    • Data structures for registering
      • Business
      • Technical specification: tModel is a keyed reference to a technical sepcifcaiton
      • Service and service endpoints
        • Referencing the supported tModels
  • The main UDDI data structures

SOAP

  • Why SOAP
    • A “wire protocol” necessary for accessing distributed object services
    • Vendor and/or platform-specific wire protocols hinder interoperability
  • SOAP
    • An Internet standard specification, the goal of which is to define a platform and vendor-neural WIRE PROTOCOL based on Internet standard protocols [HTTP & XML] to access Web Services. 
  • Features
    • Uses XML to package requests for services exposed by Web Services, and responds generates by Web services
    • Typically uses HTTP as a transport protocol
  • SOAP message
    • Convey documents
    • Support client-server communication

RESTful Approach

  • Focus on using HTTP operations (GET, PUT, POST, DELETE) to manipulate data resources represented in XML
    • No WSDL + SOAP