Ivannikov Institute for System Programming of the RAS

Scalability Problems In Cloud Environments And Reasons For Performance Degradation On Identity Service Openstack Keystone


I.V. Bogomolov, A.V. Aleksiyants, O.D. Borisenko, A.I. Avetisyan.


Cloud services are becoming increasingly popular and they are among the most convenient means for computations in wide range of tasks. Authorization and authentication services for resource management in open-source clouds are distinct from proprietary solutions. An «atom» in open-source solutions is not a personal account but a grouping entity (tenant/project/etc). This approach imposes restrictions on building authorization and authentication service. Besides, users and other cloud services interact with the same system which prevents the cloud from adding fake nodes. Identification systems in open cloud platforms rely on two common components: relational database management system and common algorithms of cryptography on stored data. None of the system developers put performance first in such systems but they provide some means for reliability and high availability. This article shows importance of scaling identification system in context of performance for Openstack Keystone. We provide experiments and analytics suggesting that using RDBMS is wrong for such a task due to the complexity of employed crypto-algorithms and centralized storage system. We show that this common approach leads to non-linear scalability on nodes count and number of users. We describe a new approach which allows to solve scalability issues by replacing RDBMS with In-Memory Data Grid(IMDG) solutions. Prototype solution has been implemented using Tarantool IMDG.

Full text of the paper in pdf (in Russian)


Identity service, Openstack Keystone, cloud computing, Denial of Service, cloud scalability



Research Group

Information Systems

All publications during 2016 All publications