Transparent State Machine Replication for Kubernetes
State Machine Replication (SMR) is an approach widely used to implement fault-tolerant systems. In this approach, servers are replicated and client requests are deterministically executed in the same order by all replicas. Virtualization can be seen as a technique that favor development of fault-tolerant applications, since it provides an architecture that isolate virtual machines or containers. In order to provide support to the development of fault-tolerant virtualized applications, this work proposes an architecture to provide SMR for applications virtualized in containers managed by Kubernetes. Transparency is the main design principle addressed by the proposed architecture: applications are still being developed as in the traditional non-replicated approach and end users also access the system as in the traditional way. The open-source Bft-SMaRt SMR library was used to implement a prototype of the proposed architecture and a key-value store service. Experiments conducted with this service show the practical behavior of the proposed solutions.
This work was partially supported by RNP/CTIC (Brazil) through projects ATMOSPHERE and P4Sec.
- 2.Bessani, A., Santos, M., Felix, J., Neves, N., Correia, M.: On the efficiency of durable state machine replication. In: Proceedings of the USENIX Annual Technical Conference (2013)Google Scholar
- 3.Bessani, A., Sousa, J., Alchieri, E.: State machine replication for the masses with BFT-SMaRt. In: Proceedings of the International Conference on Dependable Systems and Networks (2014)Google Scholar
- 6.Docker: What is docker (2018). https://www.docker.com/what-docker. Accessed March 2018
- 8.Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Network and Distributed Systems Security Symposium (2003)Google Scholar
- 9.Goldberg, R.P.: Architecture of virtual machines. In: Proceedings of the Workshop on Virtual Computer Systems (1973)Google Scholar
- 10.Goldberg, R.P., Mager, P.S.: Virtual machine technology: a bridge from large mainframes to networks of small computers. In: Proceedings of the Compcon Fall (1979)Google Scholar
- 11.Hadzilacos, V., Toueg, S.: A modular approach to the specification and implementation of fault-tolerant broadcasts. Technical report, Department of Computer Science, Cornell (1994)Google Scholar
- 14.Jiang, X., Wang, X.: “out-of-the-box” monitoring of VM-based high-interaction honeypots. In: 10th International Conference on Recent Advances in Intrusion Detection (2007)Google Scholar
- 17.Laureano, M., Maziero, C., Jamhour, E.: Intrusion detection in virtual machine environments. In: Proceedings of 30th Euromicro Conference (2004)Google Scholar
- 18.Merkel, D.: Docker: lightweight linux containers for consistent development and deployment. ACM Linux J. 2014(239), 1–8 (2014)Google Scholar
- 19.Oliveira, C., Lung, L.C., Netto, H., Rech, L.: Evaluating raft in docker on kubernetes. In: Świa̧tek J., T. J. (eds.) International Conference on Systems Science (ICSS). Advances in Intelligent Systems and Computing, vol. 539, pp. 123–130. Springer (2016)Google Scholar
- 21.Schwarzkopf, M., Konwinski, A., Abd-El-Malek, M., Wilkes, J.: Omega: flexible, scalable schedulers for large compute clusters. In: European Conference on Computer Systems (2013)Google Scholar