Preprint

Towards Semantic Detection of Smells in Cloud Infrastructure Code

Authors:
Preprints and early-stage research may not have been peer reviewed yet.
To read the file of this research, you can request a copy directly from the authors.

Abstract

Automated deployment and management of Cloud applications relies on descriptions of their deployment topologies, often referred to as Infrastructure Code. As the complexity of applications and their deployment models increases, developers inadvertently introduce software smells to such code specifications, for instance, violations of good coding practices, modular structure, and more. This paper presents a knowledge-driven approach enabling developers to identify the aforementioned smells in deployment descriptions. We detect smells with SPARQL-based rules over pattern-based OWL 2 knowledge graphs capturing deployment models. We show the feasibility of our approach with a prototype and three case studies.

No file available

Request Full-text Paper PDF

To read the file of this research,
you can request a copy directly from the authors.

ResearchGate has not been able to resolve any citations for this publication.
Article
Full-text available
Topology and Orchestration Specification for Cloud Applications (TOSCA) is an OASIS standard for specifying the topology of cloud applications, their deployment on physical or virtual cloud resources, and their orchestration. In recent years, the cloud research community has shown significant interest in TOSCA, leading to an increasing number of related publications. Such publications address a wide-ranging set of topics around TOSCA, e.g., devise sophisticated cloud orchestration methodologies using TOSCA, extend the language of TOSCA, or present tools for manipulating TOSCA models. To help researchers and practitioners overview this multifaceted area of research, this paper presents the results of a systematic survey of the relevant literature. We have processed over 120 papers and categorized them, leading to a taxonomy with 6 categories and 19 subcategories. The analysis of the results reveals several notable tendencies, as well as areas requiring future research.
Article
Full-text available
Service-based Systems (SBSs) are developed on top of diverse Service-Oriented Architecture (SOA) technologies or architectural styles. Like any other complex systems, SBSs face both functional and non-functional changes at the design or implementation-level. Such changes may degrade the design quality and quality of service (QoS) of the services in SBSs by introducing poor solutions-service antipatterns. The presence of service antipatterns in SBSs may hinder the future maintenance and evolution of SBSs. Assessing the quality of design and QoS of SBSs through the detection of service antipatterns may ease their maintenance and evolution. However, the current literature lacks a unified approach for modelling and evaluating the design of SBSs in term of design quality and QoS. To address this lack, this paper presents a meta-model unifying the three main service technologies: REST, SCA, and SOAP. Using the meta-model, it describes a unified approach, UniDoSA (Unified Specification and Detection of Service Antipatterns), supported by a framework, SOFA (Service Oriented Framework for Antipatterns), for modelling and evaluating the design quality and QoS of SBSs. We apply and validate UniDoSA on: (1) 18 RESTful APIs, (2) two SCA systems with more than 150 services, and (3) more than 120 SOAP Web services. With a high precision and recall, the detection results provide evidence of the presence of service antipatterns in SBSs, which calls for future studies of their impact on QoS.
Article
Full-text available
Modern cloud computing environments support a relatively high degree of automation in service provisioning, which allows cloud service customers (CSC) to dynamically acquire services required for deploying cloud applications. Cloud modeling languages (CMLs) have been proposed to address the diversity of features provided by cloud computing environments and support different application scenarios, e.g., migrating existing applications to the cloud, developing new cloud applications, or optimizing them. There is, however, still much debate in the research community on what a CML is and what aspects of a cloud application and its target cloud computing environment should be modeled by a CML. Furthermore, the distinction between CMLs on a fine-grained level exposing their modeling concepts is rarely made. In this article, we investigate the diverse features currently provided by existing CMLs. We classify and compare them according to a common framework with the goal to support CSCs in selecting the CML which fits the needs of their application scenario and setting. As a result, not only features of existing CMLs are pointed out for which extensive support is already provided but also in which existing CMLs are deficient, thereby suggesting a research agenda.
Article
Full-text available
While the number of cloud solutions is continuously increasing, the development and operation of large-scale and distributed cloud applications are still challenging. A major challenge is the lack of interoperability between the existing cloud solutions, which increases the complexity of maintaining and evolving complex applications potentially deployed across multiple cloud infrastructures and platforms. In this article, we show how the Cloud Modelling Framework leverages model-driven engineering and supports the DevOps ideas to tame this complexity by providing: (i) a domain-specific language for specifying the provisioning and deployment of multi-cloud applications, and (ii) a models@run-time environment for their continuous provisioning, deployment, and adaptation.
Article
Full-text available
TOSCA, the Topology and Orchestration Specification for Cloud Applications offers an OASIS-recognized, open standard domain-specific language (DSL) that enables portability and automated management of applications, services, and resources regardless of underlying cloud platform, software defined environment, or infrastructure. With a growing, interoperable eco-system of open source projects, solutions from leading cloud platform and service providers, and research, TOSCA empowers the definition and modeling of applications and their services (microservices or traditional services) across their entire lifecycle by describing their components, relationships, dependencies, requirements, and capabilities for orchestrating software in the context of associated operational policies. The authors introduce important TOSCA concepts and benefits in the context of commonly understood cloud use cases as a foundation to future discussions regarding advanced TOSCA concepts and additional breakthrough issues.
Article
Full-text available
Context Smells in software systems impair software quality and make them hard to maintain and evolve. The software engineering community has explored various dimensions concerning smells and produced extensive research related to smells. The plethora of information poses challenges to the community to comprehend the state-of-the-art tools and techniques. Objective We aim to present the current knowledge related to software smells and identify challenges as well as opportunities in the current practices. Method We explore the definitions of smells, their causes as well as effects, and their detection mechanisms presented in the current literature. We studied 445 primary studies in detail, synthesized the information, and documented our observations. Results The study reveals five possible defining characteristics of smells — indicator, poor solution, violates best-practices, impacts quality, and recurrence. We curate ten common factors that cause smells to occur including lack of skill or awareness and priority to features over quality. We classify existing smell detection methods into five groups — metrics, rules/heuristics, history, machine learning, and optimization-based detection. Challenges in the smells detection include the tools’ proneness to false-positives and poor coverage of smells detectable by existing tools.
Conference Paper
Full-text available
Infrastructure as Code (IaC) is the practice of specifying computing system configurations through code, and managing them through traditional software engineering methods. The wide adoption of configuration management and increasing size and complexity of the associated code, prompt for assessing, maintaining, and improving the configuration code's quality. In this context, traditional software engineering knowledge and best practices associated with code quality management can be leveraged to assess and manage configuration code quality. We propose a catalog of 13 implementation and 11 design configuration smells, where each smell violates recommended best practices for configuration code. We analyzed 4,621 Puppet repositories containing 8.9 million lines of code and detected the cataloged implementation and design configuration smells. Our analysis reveals that the design configuration smells show 9% higher average co-occurrence among themselves than the implementation configuration smells. We also observed that configuration smells belonging to a smell category tend to co-occur with configuration smells belonging to another smell category when correlation is computed by volume of identified smells. Finally, design configuration smell density shows negative correlation whereas implementation configuration smell density exhibits no correlation with the size of a configuration management system.
Article
Full-text available
Code and design smells are poor solutions to recurring implementation and design problems. They may hinder the evolution of a system by making it hard for software engineers to carry out changes. We propose three contributions to the research field related to code and design smells: 1) Decor, a method that embodies and defines all the steps necessary for the specification and detection of code and design smells, 2) Detex, a detection technique that instantiates this method, and 3) an empirical validation in terms of precision and recall of Detex. The originality of Detex stems from the ability for software engineers to specify smells at a high level of abstraction using a consistent vocabulary and domain-specific language for automatically generating detection algorithms. Using Detex, we specify four well-known design smells: the antipatterns Blob, Functional Decomposition, Spaghetti Code, and Swiss Army Knife, and their 15 underlying code smells, and we automatically generate their detection algorithms. We apply and validate the detection algorithms in terms of precision and recall on Xerces v2.7.0, and discuss the precision of these algorithms on 11 open-source systems.
Conference Paper
Full-text available
The Semantic Web is a powerful vision that is getting to grips with the challenge of providing more human-oriented web services. Hence, reasoning with and across distributed, partially implicit assumptions (contextual knowledge), is a milestone. Ontologies are a primary means to deploy the Semantic Web vision, but few work has been done on them to manage the context-dependency of Web knowledge. In this paper we introduce an ontology for representing a variety of reified contexts and states of affairs, called D&S, currently implemented as a plug-in to the DOLCE foundational ontology, and its application to two cases: an ontology for communication situations and roles, and an ontology for peer-to-peer communication. The reified contexts represented in D&S have a rich structure, and are a middleware between full-fledged formal contexts and theories, and the often poor vocabularies implemented in Web ontologies.
Article
Context: Open standards are urgently needed for enabling software interoperability in Cloud Computing. Open Cloud Computing Interface (OCCI) provides a set of best design principles to create interoperable REST management APIs. Although OCCI is the only standard addressing the management of any kind of cloud resources, it does not support a range of best principles related to REST design. This often worsens REST API quality by decreasing their understandability and reusability. Objective: We aim at assisting cloud developers to enhance their REST management APIs by providing a compliance evaluation of OCCI and REST best principles and a recommendation support to comply with these principles. Method: First, we leverage patterns and anti-patterns to drive respectively the good and poor practices of OCCI and REST best principles. Then, we propose a semantic-based approach for defining and detecting REST and OCCI (anti)patterns and providing a set of correction recommendations to comply with both REST and OCCI best principles. We validated this approach by applying it on cloud REST APIs and evaluating its accuracy, usefulness and extensibility. Results: We found that our approach accurately detects OCCI and REST(anti)patterns and provides useful recommendations. According to the compliance results, we reveal that there is no widespread adoption of OCCI principles in existing APIs. In contrast, these APIs have reached an acceptable level of maturity regarding REST principles. Conclusion: Our approach provides an effective and extensible technique for defining and detecting OCCI and REST (anti)patterns in Cloud REST APIs. Cloud software developers can benefit from our approach and defined principles to accurately evaluate their APIs from OCCI and REST perspectives. This contributes in designing interoperable, understandable, and reusable Cloud management APIs. Thank to the compliance analysis and the recommendation support, we also contribute to improving these APIs, which make them more straightforward.
Article
Antipatterns provide information on commonly occurring solutions to problems that generate negative consequences. The number of software project management antipatterns that appears in the literature and the Web increases to the extent that makes using antipatterns problematic. Furthermore, antipatterns are usually inter-related and rarely appear in isolation. As a result, detecting which antipatterns exist in a software project is a challenging task which requires expert knowledge. This paper proposes SPARSE, an OWL ontology based knowledge-based system that aims to assist software project managers in the antipattern detection process. The antipattern ontology documents antipatterns and how they are related with other antipatterns through their causes, symptoms and consequences. The semantic relationships that derive from the antipattern definitions are determined using the Pellet DL reasoner and they are transformed into the COOL language of the CLIPS production rule engine. The purpose of this transformation is to create a compact representation of the antipattern knowledge, enabling a set of object-oriented CLIPS production rules to run and retrieve antipatterns relevant to some initial symptoms. SPARSE is exemplified through 31 OWL ontology antipattern instances of software development antipatterns that appear on the Web.