Josef Spillner

Josef Spillner

New cloud programming and deployment models pose challenges to software application engineers who are looking, often in vain, for tools to automate any necessary code adaptation and transformation. Function-as-a-Service interfaces are particular non-trivial targets when considering that most cloud applications are implemented in non-functional languages. Among the most widely used of these languages is Python. This starting position calls for an automated approach to transform monolithic Python code into modular FaaS units by partially automated decomposition. Hence, this paper introduces and evaluates Lambada, a Python module to dynamically decompose, convert and deploy unmodified Python code into AWS Lambda functions. Beyond the tooling in the form of a measured open source prototype implementation, the paper contributes a description of the algorithms and code rewriting rules as blueprints for transformations of other scripting languages.

Panagiotis Gkikopoulos, Valerio Schiavoni, Josef Spillner

Docker images are used to distribute and deploy cloud-native applications in containerised form. A container engine runs them with separated privileges according to namespaces. Recent studies have investigated security vulnerabilities and runtime characteristics of Docker images. In contrast, little is known about the extent of hardware-dependent features in them such as processor-specific trusted execution environments, graphics acceleration or extension boards. This problem can be generalised to missing knowledge about the extent of any hardware-bound instructions within the images that may require elevated privileges. We first conduct a systematic one-year evolution analysis of a sample of Docker images concerning their use of hardware-specific features. To improve the state of technology, we contribute novel tools to manage such images. Our heuristic hardware dependency detector and a hardware-aware Docker executor give early warnings upon missing dependencies instead of leading to silent or untimely failures. Our dataset and tools are released to the research community.

Panagiotis Gkikopoulos, Josef Spillner, Valerio Schiavoni

Reusable microservice artefacts are often deployed as black or grey boxes, with little concern for their properties and quality, beyond a syntactical interface description. This leads application developers to chaotic and opportunistic assumptions about how a composite application will behave in the real world. Systematically analyzing and tracking these publicly available artefacts will grant much needed predictability to microservice-based deployments. By establishing a distributed observatory and knowledge base, it is possible to track microservice repositories and analyze the artefacts reliably, and provide insights on their properties and quality to developers and researchers alike. This position paper argues for a federated research infrastructure with consensus voting among participants to establish and preserve ground truth about the insights.

Josef Spillner

Helm has recently been proposed by practitioners as technology to package and deploy complex software applications on top of Kubernetes-based cloud computing platforms. Despite growing popularity, little is known about the individual so-called Helm Charts and about the emerging ecosystem of charts around the KubeApps Hub website and decentralised charts repositories. This article contributes first quantified insights around both the charts and the artefact development community based on metrics automatically gathered by a proposed quality assessment tool named HelmQA. The work further identifies quality insufficiencies detectable in public charts, proposes a developer-centric hypothesis-based methodology to systematically improve the quality by using HelmQA, and finally empirically attempts to validate the methodology and thus the practical usefulness of the tool by presenting results of its application over a representative four-month period. Although one of our initial hypotheses does not statistically hold during the experiment, we still infer that using HelmQA regularly in continuous software development would lead to reduced quality issues.

Josef Spillner, Serhii Dorodko

Software developers are faced with the issue of either adapting their programming model to the execution model (e.g. cloud platforms) or finding appropriate tools to adapt the model and code automatically. A recent execution model which would benefit from automated enablement is Function-as-a-Service. Automating this process requires a pipeline which includes steps for code analysis, transformation and deployment. In this paper, we outline the design and runtime characteristics of Podilizer, a tool which implements the pipeline specifically for Java source code as input and AWS Lambda as output. We contribute technical and economic metrics about this concrete 'FaaSification' process by observing the behaviour of Podilizer with two representative Java software projects.