Economics of Application Virtualization on AWS
CloudFoundry launched version 2.0 of its platform as a service earlier this month heralding a new platform architecture and running on Amazon's EC2 infrastructure. James Watters, Head of Product, Marketing & Ecosystem at Cloud Foundry recently described how the new Cloud Foundry uses Linux Container isolation within EC2 instances to lower hosting costs by up to a factor of 10.
Watters begins by looking at how EC2 reserved instances can save up to three times the cost of using on-demand instances for application hosting. EC2 reserved instances incur an up-front cost but have a lower charge per hour resulting in cost savings for long running workflows. But Watters further points out there are additional savings if you can cram more of your application needs into larger, cheaper instances.
Reserved instances cost almost 3x less per GB. While this is well known, using the largest memory XL instance saves almost as much‐over 2.5x/GB‐without pre-purchasing reserved instances.
In 2008 the Linux kernel version 2.6.24 introduced Control Groups which supports the isolation of process groups and enables operating system-level virtualization such as Linux Containers (LXC). Amazon EC2 pre-dated this capability and as a result EC2 is fixed to the virtual machine model which provides course-grained instances compared to the more efficient container-based systems.
Watters refers to a 2012 case study of EC2 instances to understand the financial impact of the EC2 model:
...a study of 250 companies using 250,000 instances found utilization rates of only 15%. The 200,000 medium/small instances would have a conservative monthly cost over $18M‐leaving room for $11m in savings for memory utilization. Pushing memory utilization to 80% and backing it with the [Cluster Memory] XL instances the $18M monthly spend is reduced to $2.7M.
So most EC2 usage is inefficient and the way to squeeze more compute power out of AWS is to deploy many applications onto large-memory reserved EC2 instances.
Watters reveals how Cloud Foundry utilizes Control Group isolation with a package that they developed called Warden. Warden provides an API for managing containers. The goals of Warden are similar to the goals of the LXC project, but unlike LXC, Warden is not explicitly tied to Linux. Warden runs as an OS independent daemon and supports specific operating systems via a pluggable back-end. The new Cloud Foundry architecture is built around Warden containers:
Using this approach, large memory VMs are transformed into hundreds of highly economical application containers, tightly packed without resource contention. This modern architecture eliminates the AWS pricing burden on small application instances.
Watters concludes his analysis by considering how EC2 might be forced to react to widespread adoption of container-based virtualization :
As the Cloud Foundry on AWS community grows it will be interesting to see how EC2 reacts. Their burden on small and medium instances is no doubt a rich cash cow within their portfolio and they may be unlikely to abandon it anytime soon.
Martin Thompson Jul 27, 2014