TY - JOUR
T1 - Declarative infrastructure configuration synthesis and debugging
AU - Narain, Sanjai
AU - Levin, Gary
AU - Malik, Sharad
AU - Kaul, Vikram
N1 - Funding Information:
Acknowledgements This material is based upon work funded by Dr. Carl Landwehr and supported by Air Force Rome Laboratories (AFRL) under contract FA8750-07-C-0030. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of Air Force Rome Laboratories. We thank Professor Daniel Jackson, Emina Torlak and Felix Chang at MIT, Professor Simon Ou at Kansas State University, Professor Ehab Al-Shaer at DePaul University and Professor Geoffrey Xie at Naval Post Graduate School for very helpful comments on this paper.
PY - 2008/9
Y1 - 2008/9
N2 - There is a large conceptual gap between end-to-end infrastructure requirements and detailed component configuration implementing those requirements. Today, this gap is manually bridged so large numbers of configuration errors are made. Their adverse effects on infrastructure security, availability, and cost of ownership are well documented. This paper presents ConfigAssure to help automatically bridge the above gap. It proposes solutions to four fundamental problems: specification, configuration synthesis, configuration error diagnosis, and configuration error repair. Central to ConfigAssure is a Requirement Solver. It takes as input a configuration database containing variables, and a requirement as a first-order logic constraint in finite domains. The Solver tries to compute as output, values for variables that make the requirement true of the database when instantiated with these values. If unable to do so, it computes a proof of unsolvability. The Requirement Solver is used in different ways to solve the above problems. The Requirement Solver is implemented with Kodkod, a SAT-based model finder for first-order logic. While any requirement can be directly encoded in Kodkod, parts of it can often be solved much more efficiently by non model-finding methods using information available in the configuration database. Solving these parts and simplifying can yield a reduced constraint that truly requires the power of model-finding. To implement this plan, a quantifier-free form, QFF, is defined. A QFF is a Boolean combination of simple arithmetic constraints on integers. A requirement is specified by defining a partial evaluator that transforms it into an equivalent QFF. This QFF is efficiently solved by Kodkod. The partial evaluator is implemented in Prolog. ConfigAssure is shown to be natural and scalable in the context of a realistic, secure and fault-tolerant datacenter.
AB - There is a large conceptual gap between end-to-end infrastructure requirements and detailed component configuration implementing those requirements. Today, this gap is manually bridged so large numbers of configuration errors are made. Their adverse effects on infrastructure security, availability, and cost of ownership are well documented. This paper presents ConfigAssure to help automatically bridge the above gap. It proposes solutions to four fundamental problems: specification, configuration synthesis, configuration error diagnosis, and configuration error repair. Central to ConfigAssure is a Requirement Solver. It takes as input a configuration database containing variables, and a requirement as a first-order logic constraint in finite domains. The Solver tries to compute as output, values for variables that make the requirement true of the database when instantiated with these values. If unable to do so, it computes a proof of unsolvability. The Requirement Solver is used in different ways to solve the above problems. The Requirement Solver is implemented with Kodkod, a SAT-based model finder for first-order logic. While any requirement can be directly encoded in Kodkod, parts of it can often be solved much more efficiently by non model-finding methods using information available in the configuration database. Solving these parts and simplifying can yield a reduced constraint that truly requires the power of model-finding. To implement this plan, a quantifier-free form, QFF, is defined. A QFF is a Boolean combination of simple arithmetic constraints on integers. A requirement is specified by defining a partial evaluator that transforms it into an equivalent QFF. This QFF is efficiently solved by Kodkod. The partial evaluator is implemented in Prolog. ConfigAssure is shown to be natural and scalable in the context of a realistic, secure and fault-tolerant datacenter.
KW - Diagnosis
KW - Model finder
KW - Partial evaluation
KW - Requirement solver
KW - SAT solver
KW - Troubleshooting
UR - http://www.scopus.com/inward/record.url?scp=55349083998&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=55349083998&partnerID=8YFLogxK
U2 - 10.1007/s10922-008-9108-y
DO - 10.1007/s10922-008-9108-y
M3 - Article
AN - SCOPUS:55349083998
SN - 1064-7570
VL - 16
SP - 235
EP - 258
JO - Journal of Network and Systems Management
JF - Journal of Network and Systems Management
IS - 3
ER -