Application Virtualization for Cloudlet-Based Cyber-Foraging at the Edge

Cloud Computing Add comments

By Grace Lewis
Technical Lead, Edge-Enabled Tactical Systems Research
SEI Software Solutions Division

Grace LewisSoldiers and emergency workers who carry smartphones in the battlefield, or into  disaster recovery sites (such as Boston following the marathon bombing earlier this year) often encounter environments characterized by high mobility, rapidly-changing mission requirements, limited computing resources, high levels of stress, and limited network connectivity. At the SEI, we refer to these situations as “edge environments.” Along with my colleagues in the SEI’s Advanced Mobile Systems Initiative, my research aims to increase the computing power of mobile devices in edge environments where resources are scarce. One area of my work has focused on leveraging cloud computing so users can extend the capabilities of their mobile devices by offloading expensive computations to more powerful computing resources in a cloud. Some drawbacks to offloading computation to the cloud in resource-constrained environments remain, however, including latency (which can be exacerbated by the distance between mobile devices and clouds) and limited internet access (which makes traditional cloud computing unfeasible). This blog post is the latest in a series that describes research aimed at exploring the applicability of application virtualization as a strategy for cyber-foraging in resource-constrained environments.

Cloudlet-Based Cyber Foraging

Cyber-foraging is a technique for dynamically augmenting the computing resources of resource-limited mobile devices by opportunistically exploiting a fixed computing infrastructure nearby. This technique allows mobile users to offload computationally-expensive processing (such as face recognition, language translation, speech and image recognition) from a mobile device onto more powerful servers, thereby preserving device battery power and enabling more powerful cloud-based computing. These capabilities are valuable for soldiers or emergency workers who often operate in situations where these resource-intensive applications must be deployed reliably and quickly.

Our research focuses on cloudlet-based cyber foraging. Cloudlets, a concept created by Mahadev Satyanarayanan “Satya” of Carnegie Mellon University’s School of Computer Science, are discoverable, generic, stateless servers located in single-hop proximity of mobile devices. Cloudlets can operate in disconnected mode, which means that communication with the central core is only needed for provisioning. They are also virtual-machine (VM) based, which means that they promote flexibility and mobility, a perfect match for edge environments. My previous work in this field focused on cloudlets provisioned using VM synthesis, which was described in the SEI technical note Cloud Computing at the Tactical Edge.

When we first began using cloudlets for edge applications, we realized we would need to make changes to the provisioning process them so they would functional efficiently and effectively in resource-constrained environments. Satya first proposed using virtual machine (VM) synthesis to provision cloudlets. During VM synthesis, a file called an “application overlay” is transferred during runtime from the mobile device to the cloudlet. This application overlay is built offline and corresponds to the binary difference between a base VM and that VM after the server portion of an application is installed. After the VM overlay has been transferred, it is applied to the base VM. The result is a complete VM that is running the server portion of the application that is executed from a client running on a mobile device.

As you can imagine, VM synthesis involves large application overlay files, which can be costly to transfer in terms of battery and network bandwidth consumption in mobile and edge environments. As an alternative, we started looking at application virtualization as a possible solution to this problem.

Application Virtualization

Application virtualization uses a similar approach to operating system (OS) virtualization, which tricks the software into interacting with a virtual rather than the actual environment. While OS virtualization emulates the hardware for a guest OS, application virtualization emulates OS functionality for an application. To accomplish this emulation, a runtime component intercepts all system calls from an application and redirects these to resources inside the virtualized application.

As we described in our technical report, Application Virtualization as a Strategy for Cyber Foraging in Resource-Constrained Environments, the combination of cloudlets and application virtualization allowed us to support the following design goals:

  • Simplicity. Cloudlets should be set up quickly and conveniently. Preparing an application for deployment on a cloudlet should not involve extensive manual overhead, and cloudlet discovery should not require action from the user. Similarly, offloading the application to the cloudlet must be intuitive and simple. 
  • Generality. Packaged applications should be loosely coupled to the operating system so that they can run on multiple cloudlets. This loose coupling enables regular updates and upgrades to the operating system that runs virtual applications without breaking functionality. Applications that are not too deeply integrated into the operating system or too specific to special hardware should be eligible for offloading to the cloudlet.
  • Speed. The time from when the user selects an application to when it is ready for execution—which includes code offload time—should be reasonably small. The user must be able to track the deployment progress via messages from the cloudlet.

Our approach to application virtualization with cloudlets accomplishes these goals because it does not require any code modifications and provides a high degree of application portability. Application virtualization tools generate smaller files since they package only those dependencies that are necessary for portability. Our experiments (reported in our technical note) showed that a virtualized application is approximately five times smaller than its application overlay equivalent. Smaller file sizes also lead to smaller application-ready times, defined as the time between the start of the transfer of the virtualized application to the cloudlet and the time that the application is ready for execution on the cloudlet

Implementation

The two main components of our implementation are the mobile device and the cloudlet host. The cloudlet host serves as a machine that lends its resources to the mobile device.

In our implementation, all devices are connected to the same subnet within a wireless network. The cloudlet host runs a hypervisor to host multiple VMs, which provide a selection of various operating systems and versions.

The two main architectural components of our implementation are

  • The mobile device. We developed on Android 4.1, which supports multicast and is required for the discovery mechanism. All the elements of the cyber-foraging-ready application are stored on the mobile device including the application client, the application metadata, and the application package that contains the application server.
  • The cloudlet host. This component comprises a multicast-supporting machine that runs the VM hypervisor.
  • At the SEI, we used two tools to create and execute the virtualized applications for both Linux and Windows systems.
  • Code, Data, and Environment (CDE) is an application virtualization tool for Linux developed by Philip J. Guo and Dawson Engler. CDE allows for virtualizing applications by monitoring their execution. Through the ptrace system call, the supervising CDE program finds files that have been accessed during execution and packages them. The resulting package also contains the environment settings and the CDE runtime environment, which executes the application.
  • Cameyo, an application virtualizer for Windows, packages the application and its dependencies into one single, executable file. Unlike CDE, which monitors execution, Cameyo monitors the installation process and offers two mechanisms for accomplishing the virtualization.  The first mechanism involves taking a snapshot of the system, installing the application, taking another snapshot, and then computing the dependencies and modified registry keys in the difference between the two snapshots. Instead of snapshots, the second mechanism simulates the installation process, tracking all of the installer’s actions. This simulated installation does not have any permanent effect on the system.

Benefits and Drawbacks of Our Approach

Application virtualization has an advantage over VM synthesis in terms of its performance while deployed. We relied on two metrics to evaluate our approach: deployment time and energy consumption. These two metrics are related because the greater the amount of data transmitted, the greater amounts of battery power required. One benefit of application virtualization is significantly smaller file sizes, the result of packaging just the application and not calculating a binary difference between virtual machine images. Another benefit of application virtualization is the loose coupling between an application and its required cloudlet environment.

We did realize some drawbacks of our approach. Application virtualization is not suitable for every type of environment. For example, device drivers interact with the hardware directly and cannot be virtualized. It is also hard to virtualize software that interacts with OS internals, such as antivirus programs.

Application virtualization also requires careful dependency management to ensure that an application operates correctly on a cloudlet. If all dependencies are not included in the virtualized application then it will not work. Moreover, missing dependencies must be added manually, which is tedious and error-prone. 

Future Work in Advanced Mobile Systems

Our Advanced Mobile Systems Initiative is building a portfolio of capabilities and options for use by soldiers and emergency workers who operate in various environments with different quality attribute requirements. Cyber-foraging is one of three areas that we are investigating and our body of work on support for resource-constrained environments is growing. The other two areas of work in the SEI’s Advanced Mobile Systems Initiative are

  • group-context-aware mobile applications in which groups of mobile devices share contextual information so that teams and their mobile devices can make better decisions regarding resource consumption These types of applications also give users a better understanding of environmental factors and the activities being performed by the group based on information gathered by sensors on the mobile device or connected to the mobile device.
  • user-configured situational awareness mashups that allow soldiers and emergency workers to filter and combine geo-located data such as DoD situational awareness SA feeds and public data sources into a single map-based user interface.

In developing this cyber-foraging strategy, I collaborated with Dominik Messenger, a student from the Karlsruhe Institute of Technology (KIT) in Germany. He came to CMU last year via the InterACT exchange program. His advisor at KIT contacted me and said that he was very interested in our research. This research and the resulting technical report were part of his diploma thesis.
We look forward to your feedback on our work in the comments section below.

Additional Resources

To view the SEI technical note, Application Virtualiation as a Strategy for Cyber Foraging in Resource-Constrained Environments, please visit
http://www.sei.cmu.edu/library/abstracts/reports/13tn007.cfm.

To read the SEI technical note, Cloud Computing at the Tactical Edge, please visit
http://www.sei.cmu.edu/library/abstracts/reports/12tn015.cfm.

For more information on the SEI’s research in the field of pervasive mobile computing, please visit
http://www.sei.cmu.edu/mobilecomputing/research/index.cfm

To read the paper, The Case for VM-Based Cloudlets in Mobile Computing, please visit
http://www.cs.cmu.edu/~satya/docdir/satya-ieeepvc-cloudlets-2009.pdf.

Share this

Share on Facebook Send to your Twitter page  Save to del.ico.us  Save to LinkedIn  Digg this  Stumble this page.  Save this page on your Google Home Page 

2 responses to “Application Virtualization for Cloudlet-Based Cyber-Foraging at the Edge”

  1. Major Jaime Villa Says:
    Grace, I love your article on coudlet based application virtualization at the 'edge.' As a military engineering member who has deployed as well as designed and helped develop lighter and more accessible mobile systems for the warfigther, I'm in total agreement with your approach to the metrics (deployment time and energy consumption). Keep in mind though, that not all deployments of mobile devices have the same limiting factors, for one must consider "mounted" vs. "dismounted" employments of the technology. Mounted employments, such as tactical vehicles, have greater power availability than the dismounted-on foot soldier, but maintain the same secured accessibility issues to the data via satellite or line of sight. Security, in my opinion, is the greatest challenge faced for military implementations of advanced mobile systems. Any virtualization efforts must consider efforts to effectively secure the data being transferred by these virtual mobile apps in a way that does not render their usability ineffective.
  2. Grace Lewis Says:
    Thanks so much for your comment. I totally agree with you that the quality attributes change for mounted vs. dismounted and that security is key. With this in sight, our focus for FY14 will be on two things: 1) Take a step back and look at different architectures and techniques for cyber-foraging and how to choose one vs. another depending on the quality attributes to promote, and 2) making cloudlets secure assets. Thanks again!

Add Comment


Leave this field empty: