Web QoS控制研究综述

Internet的服务模式正由传统的数据通信与信息浏览向电子交易与服务转变 ,Web服务器系统作为支持电子商务的核心设施 ,需要对不同的用户或HTTP请求提供区分服务和性能保证 ,因此必须具备建立和支持服务质量 (QualityofService ,QoS)控制的机制与策略 .该文综述了WebQoS控制的研究现状 ,包括Web请求的分类机制、Web服务器应用软件的QoS控制机制、操作系统的WebQoS控制机制、中间件的WebQoS控制机制以及Web服务器集群系统的QoS控制机制与策略 ,并分析了进一步的研究方向 .     

具有服务质量保证的Web服务器的设计

目前的因特网正从提供单一的数据传送服务转化为提供各种商业和多媒体的服务,为了在因特网上提供端到端的QoS保障,仅靠在网络的传输和路由方面的改进是不够的,服务器的效率和响应速度也是瓶颈之一。讨论了当前Web服务器设计的一些缺陷,提出了一些解决方法并解释了各个模块的实现机制。     

Web QoS及其保证方法

Internet的服务模式正由传统的数据通信与信息浏览向电子交易与服务转变,仅靠网络QoS机制并不能完全解决端到端的QoS控制问题。Web服务器系统作为核心设施,必须同样具备建立和支持QoS的机制与策略,对不同的用户或HTTP请求提供区分服务和性能保证。文中综述了Web QoS的发展情况、研究现状以及保证方法(包括请求分类机制的划分方法、Web服务供应商的Web系统解决方案以及无线网络的保证方法),并分析了进一步的研究方向。     

Web请求分配和选择的综合方案与性能分析

Internet的服务模式正由传统的通信与信息浏览向电子交易与服务转变,这就要求WWW服务器既支持电子商务类具有优先级的请求,同时也要维护各类Web应用的公平性.以实现系统负载均衡和满足不同请求的WebQoS需求及公平性为目标,讨论并提出了并行WWW服务器集群系统HTTP请求分配和选择的综合方案,并提供了这些方案的随机高级Petri网模型.为解决模型状态空间爆炸问题,还提出了一种可以显著简化模型求解复杂性的近似性能分析技术;给出了综合方案的数值分析结果和性能评价,建议了适合电子商务类应用的、实现高性能集群     

Design, implementation, and evaluation of differentiated caching services

With the dramatic explosion of online information, the Internet is undergoing a transition from a data communication infrastructure to a global information utility. PDAs, wireless phones, Web-enabled vehicles, modem PCs, and high-end workstations can be viewed as appliances that "plug-in" to this utility for information. The increasing diversity of such appliances calls for an architecture for performance differentiation of information access. The key performance accelerator on the Internet is the caching and content distribution infrastructure. While many research efforts addressed performance differentiation in the network and on Web servers, providing multiple levels of service in the caching system has received much less attention. It has two main contributions. First, we describe, implement, and evaluate an architecture for differentiated content caching services as a key element of the Internet content distribution architecture. Second, we describe a control-theoretical approach that lays well-understood theoretical foundations for resource management to achieve performance differentiation in proxy caches. An experimental study using the Squid proxy cache shows that differentiated caching services provide significantly better performance to the premium content classes.     

Web 服务器的鲁棒建模和过载控制

给出了一种Web 服务器的建模方法，说明了如何用控制理论管理不可预测的服务器负载。Web 服务器可以被仿真为一个多容器系统。该鲁棒Web 服务器模型适用于未知的负载干扰和不确定的匹配模型。过载控制技术基于自适应允许控制取得时间保证，用一个完整参数变化模型和大的过载来评估模型的性能。     

Web服务器中基于自适应控制的成比例延迟区分服务

Internet上Web应用日益广泛的使用,使得Web服务器需要在高负载下提供性能保证与区分服务,以满足用户的不同需求。响应延迟是评价Web服务器的一项关键性能指标,而成比例延迟区分服务是一种重要的区分服务模型。针对Apache Web服务器,提出并实现了基于自适应控制的成比例延迟区分服务。在每个采样周期,自适应控制器根据预设的延迟区分参数,通过动态计算并调节各个客户类别的服务线程数目,可保证Apache Web服务器上高优先级客户具有较低的平均连接延迟,而各个客户类别的平均延迟比保持不变。仿真结果表明,在动态变化的负载、参考输入以及不同的系统配置之下,控制器作用下的Apache Web服务器都能可靠地提供成比例延迟区分服务。     

Content Adaptation Architectures Based on Squid Proxy Server

The overwhelming popularity of Internet and the technology advancements have determined the diffusion of many different Web-enabled devices. In such an heterogeneous client environment, efficient content adaptation and delivery services are becoming a major requirement for the new Internet service infrastructure. In this paper we describe intermediary-based architectures that provide adaptation and delivery of Web content to different user terminals. We present the design of a Squid-based prototype that carries out the adaptation of Web images and combines such a functionality with the caching of multiple versions of the same resource. We also investigate how to provide some form of cooperation among the nodes of the intermediary infrastructure, with the goal to evaluate to what extent the cooperation in discovering, adapting, and delivering Web resources can improve the user-perceived performance.     

Improving the resilience of content distribution networks to large scale distributed denial of service attacks

Distributed Denial of Service (DDoS) attacks remain a daunting challenge for Internet service providers. Previous work on countering these attacks has focused primarily on attacks at a single server location and the associated network infrastructure. Increasingly, however, high-volume sites are served via content distribution networks (CDNs). In this paper, we propose two mechanisms to withstand and deter DDoS attacks on CDN-hosted Web sites and the CDN infrastructure. First, we present a novel CDN request routing algorithm which allows CDN proxies to effectively distinguish attacks from the requests from actual users. The proposed scheme, based on the keyed hash function, can significantly improve the resilience of CDNs to DDoS attacks. In particular, the resilience of a CDN, consisting of n proxies, becomes O(n²) with the proposed approach, when compared to a site hosted by a single server. We present performance numbers from a controlled test environment to show that the proposed approach is effective. Second, we introduce novel site allocation algorithms based on the well-established theory on binary codes. The proposed allocation algorithm guarantees an upper bound on the level of service outage of a CDN-hosted site even when a DoS attack on another site on the same CDN has been successful. Together, our schemes significantly improve the resilience of the Web sites hosted by CDNs, and complement other work on countering DoS.     

Feedback Control Architecture and Design Methodology for Service Delay Guarantees in Web Servers

This paper presents the design and implementation of an adaptive Web server architecture to provide relative and absolute connection delay guarantees for different service classes. The first contribution of this paper is an adaptive architecture based on feedback control loops that enforce desired connection delays via dynamic connection scheduling and process reallocation. The second contribution is the use of control theoretic techniques to model and design the feedback loops with desired dynamic performance. In contrast to heuristics-based approaches that rely on laborious hand-tuning and testing iteration, the control theoretic approach enables systematic design of an adaptive Web server with established analytical methods. The adaptive architecture has been implemented by modifying an Apache server. Experimental results demonstrate that the adaptive server provides robust delay guarantees even when workload varies significantly.     

Web服务器系统中基于反馈控制的比例延迟保证

随着Web应用在商业领域的广泛使用，Web服务器系统需要在高负载下提供区分服务，以满足用户的不同需求。为实现以延迟作为评价指标的区分服务，本文在Web服务器系统的连接管理和请求处理两个层次建立了基于反馈控制的比例延迟保证模型。模型中的反馈控制器通过动态计算和调节不同类别客户占用的资源：（服务线程和数据库连接），能保证高优先级的客户较快得到服务而不同类别客户的平均延迟比保持不变。为测试闭环系统的性能，设计了两种分别服从均匀分布和重尾分布的动态负载。仿真结果表明，即使并发客户连接的数目剧烈变化，控制器作用下的服务器系统仍然能够达到较好的比例延迟保证，可靠地为用户提供区分服务。     

视频点播服务器的服务质量控制框架

视频点播服务器工作于开放的网络环境中,系统负载难以预测,其运行时资源瓶颈依赖于实时服务类型.基于性能模型和实时负荷估计方法,本文提出视频点播服务器的服务质量控制框架,提供系统负荷监控、准入控制和区分服务等三种服务质量控制.实际系统的验证实验表明,本文的方法可以有效的对系统负荷进行监控,确保系统负荷稳定在服务提供商希望的水平线以下,向不同级别的用户提供不同质量级别的服务.     

代理Web Cache性能分析

采用WebCache技术提高当前Internet性能已成为一个主流的研究领域,其功能原理就象处理器和文件系统中的多级高速缓存一样。大规模Web高速缓存系统已成为许多国家Internet基础设施的重要组成部分。该文从三个不同访问规模的代理WebCache的跟踪日志出发,分析了WebCache的用户访问模式、Cache命中率、Cache服务器处理延迟等统计特征,提出基于分布式共享RAM和外存储结合的两级协同WebCache集群技术,可以提供可扩展的高性能并行Web高速缓存服务。     

Web Services系统的协同问题分析及其对策

Web Service是一种全新的分布式开发技术，它不是针对特定的计算机或特定的服务器，而是面向整个Internet的。由于采用标准的XML作为数据交换技术，使Web Service服务器程序可以位于Internet或Intranet上的任何位置，客户端也可以采用任意的技术实现。文中全面分析了web Services系统中所面临的各种协同性问题及其产生的根源，提出了相应的解决方法和对策。阐述了用Web Services架构开发协同Web服务应注意的一些问题。提出了解决Web Service协同问题的根本途径和发展方向。     

Multi-tier service differentiation by coordinated learning-based resource provisioning and admission control

Multiple Internet applications are often hosted in one datacenter, sharing underlying virtualized server resources. It is important to provide differentiated treatment to co-hosted applications and to improve overall system performance by efficient use of shared resources. Challenges arise due to multi-tier service architecture, virtualized server infrastructure, and highly dynamic and bursty workloads. We propose a coordinated admission control and adaptive resource provisioning approach for multi-tier service differentiation and performance improvement in a shared virtualized platform. We develop new model-independent reinforcement learning based techniques for virtual machine (VM) auto-configuration and session based admission control. Adaptive VM auto-configuration provides proportional service differentiation between co-located applications and improves application response time simultaneously. Admission control improves session throughput of the applications and minimizes resource wastage due to aborted sessions. A shared reward actualizes coordination between the two learning modules. For system agility and scalability, we integrate the reinforcement learning approach with cascade neural networks. We have implemented the integrated approach in a virtualized blade server system hosting RUBiS benchmark applications. Experimental results demonstrate that the new approach meets differentiation targets accurately and achieves performance improvement of applications at the same time. It reacts to dynamic and bursty workloads in an agile and scalable manner.     

基于Web的中间件系统集成框架--应用服务器的研究

以“八六三”项目为背景,在探讨应用服务器技术、组件和框架技术的基础上,通过结合CORBA开放性、跨平台、跨语言的特性和EJB业务处理能力,设计并实现了一个可伸缩、健壮的、支持Web分布式应用的中间应用服务器系统平台,其功能包括组件容器、管理控制台、事务服务、外部资源管理、名字服务等;并在实际中得到了初步应用,取得了很好的效果.与其它方式的服务相比,它有着易于开发、易于管理和易于加载服务等特点.对其理论背景、体系结构、关键技术以及其上的应用领域框架等进行了全面的研究.     

Trustworthy Web services: actions for now

It is possible to build in trustworthiness by creating a layer atop the current Web services framework. At present, the framework stops with WS-Security, a standard that IBM and Microsoft jointly proposed to enhance the quality of protection for Web services. The framework needs a new trustworthiness layer that defines criteria for determining that a Web service is indeed trustworthy and that measures, enhances, and guarantees trustworthiness. Web services can become untrustworthy for four reasons: unfulfilled requirements, malicious acts and code changes, erratic Internet behaviors or resource scarcity that result in unacceptable delays, and the poor interoperation of selected services. When Web services become mainstream, which could be soon, trustworthiness will become the bottleneck to their extensive adoption. A set of trustworthiness criteria and guidelines will provide an open and standard infrastructure for ensuring trustworthiness in this domain. Researchers must then set to work devising a technical strategy and roadmap, coupled with a standards-based architecture that is comprehensive yet flexible enough to meet the Web services trustworthiness needs of real business. There is serious work ahead, but the results will be far more rewarding if researchers take the first step now: Standardize on a precise and comprehensive definition of Web services trustworthiness. The rest of the tasks will follow logically from that.     

Web服务器安全威胁与防范技巧

WEB服务器主要是面向互联网的,随着人们对互联网服务的需求不断扩大,各种互联网应用服务日益增多,Web服务器便成为众多信息化应用中最容易遭受攻击的对象。文章中主要介绍了几种常见的Web服务器安全威胁,并提出了相应的安全防范技巧。     

一种基于在线辨识的Web 服务自适应接纳控制

设计并实现了一种基于量子行为粒子群算法(QPSO)系统模型在线辨识的Web服务自适应接纳控制,根据系统模型的变化在线调节比例积分控制器参数.通过接纳时间比反馈控制机制,调整控制周期内服务器接纳请求的时间长度,进而实现接纳控制.通过仿真实验,并与多种不同控制方法进行比较,所得结果表明,在线辨识自适应控制能够在服务器过载的情况下更有效地控制系统资源,进一步提高了服务质量.     

An analytical approach to providing controllable differentiated quality of service in Web servers

Provisioning quality of service (QoS) in Web servers has gained immense importance because Web servers are a major part of the Internet. To deliver the pledged QoS, Web service providers need control over the allocation of the resources in their Web servers. Control is also necessary for reaching the optimal resource allocation through proper service differentiation. In this paper, we propose and investigate an analytic approach that enables the service providers to deploy a differentiated service policy that offers this control. The proposed service policy is configurable by tunable control parameters. We devise the relationships between the performance measures and these parameters by adopting a unique queuing theoretic approach. Once these relationships are established, we describe how these parameters can be set to their most appropriate values depending on the objectives of the service providers. We illustrate the usefulness of our approach by conducting the analysis on a real Web trace.