Educational Infrastructure Using Virtualization Technologies: Experience at Kaunas University of Technology

Many factors influence education nowadays. Educational institutions are faced with budget cuttings, outdated IT, data security management and the willingness to integrate remote learning at home. Virtualization technologies provide innovative solutions to the problems. The paper presents an original educational infrastructure using virtualization technologies implemented in a training process at Kaunas University of Technology. This infrastructure allows university students and staff to access virtual desktops and applications via Web, both in computer classes at the University, and for self-working at home. This paper introduces virtualization technologies of the implemented infrastructure highlighting the benefits, outlines functions of the infrastructure and presents research experiments of network load monitoring that have been performed to find out problems of the infrastructure.


Introduction
Modern information technologies (IT) are becoming an integral part of an educational process. The IT change is providing it with new forms, so improving the quality of the education (Targamadze et al., 2010). However, educational institutions often lack the IT resources. One of the alternative solutions in the IT world is virtualization technologies that have a significant influence on the teaching-learning process. The virtualization technologies offer a way to expand the accessibility of education, particularly in remote learning by providing easier access to resources. The technologies offer a variety of computational environments. Students and teachers can quickly reach various courses and resources through virtual classrooms while the students are present in the classes or in their homes (Kurilovas and Dagiene, 2009).
Today, educational institutions are using virtualization technologies to reduce total cost of IT, simplify management of the technologies, and make environments available virtually anywhere and at any time. Many higher schools move in this direction. Universities have employed virtual technologies to address advantages associated with the modern technologies in many IT based courses (BouSaba et al., 2010;Miseviciene et al., 2011).
There are many works that have implemented virtualization platforms in the teachinglearning process. Murfy and McClelland (2009) introduce virtual computer laboratory. The virtual computer laboratory provides scalable, high performance computing resources requested through an internet browser and accessed through either a remote desktop connection or SSH client. Another paper of Dobrilovic and Zeljko (2006) presents the opinion how Virtual network laboratories are used in an operating system course. Lunsford (2010) investigate the use of virtualization in a business-oriented information system security course. The paper focuses on the formulation and implementation of policies for information assurance, desktop security, and the examination of security measures. Results proposed in the paper of Fuertes et al. (2009) focus on the effective usage of virtualization platforms. Galan et al. (2009) analyze implementation of Computer Network Laboratories for the teaching-learning process. The next paper of Giguere (2009) demonstrates benchmarked successful completion rates for online academic courses and compared those to off-line course benchmarks. Peng (2008) shares his experience on using virtualization technologies in information technology course.
This paper presents the educational infrastructure using virtualization technologies implemented in the training process at Kaunas University of Technology. This infrastructure allows the university students and the staff to access virtual desktops and applications via Web, both in computer classes at the University, and for self-working at home. The originality of the infrastructure is that there are implemented additional functions to manage users who are working with virtual resources. Administrators have opportunity to see how many users are working with virtual resources and to disconnect the users if they are using resources not for work (for example, user is downloading torrents, etc.).
The purpose of the paper is to present the application of the virtualization technologies in the training process at Kaunas University of Technology and to research whether the infrastructure ensures sufficient remote access to virtual resources.
The main research object is the effectiveness evaluation of the infrastructure at Kaunas University of Technology with experiments of network load monitoring to find out problems of the infrastructure. The monitoring was carried out in two different ways: the direct observation of data and the passive monitoring.
The next sections of the paper introduce virtualization technologies of the implemented infrastructure highlighting their benefits, outline functions of the infrastructure and present research experiments of network load monitoring.

Concepts of Virtualization
Various IT companies and a number of authors distinguish different concepts of virtualization. Virtualization concept for the first time introduced in 1960s describes how different operating systems could coexist on the same mainframe computer (Anisetti et al., 2007). The concept of the virtualization widely has been expanded today. Many authors (Chappell, 2008;Lunsford, 2010;Scarfone et al., 2011;Kuznecky, 2007;Brian, 2010;Citrix, 2009) distinguish between different virtualization types.
As the purpose of this paper is to investigate how the educational infrastructure implemented at Kaunas University of Technology supports teaching-learning processes this publication concerns only on the virtualization technologies associated with the educational infrastructure: Hardware, Application and Network virtualizations.
Traditionally, all components in the system without virtualization are installed in ordinary computers ( Fig. 1(a)). All layers of computing environments, hardware, operating systems, applications, and storage, are static and support only the specific computing solutions. The applications run directly on the operating system, which, in turn, runs directly on the physical computer hardware. Creating new capacity includes configuring the hardware, software, and interfaces which can be costly and time-tight (Chappell, 2008).
On the contrary, in the systems with virtualization technologies all elements are logically isolated and independent. Virtualization technologies separating the different layers free one layer from the other so creating greater flexibility to add, update, and support infrastructure elements. Scarfone et al. (2011) distinguish between two main types of virtualization environment: bare-metal and hosted virtualization environment. In baremetal virtualization, also known as native virtualization, the virtualization software runs directly on the underlying hardware, without a host operating system (OS). In the second (hosted) type the virtualization software is built completely on the top of a host operating system. This paper focuses only on the hosted virtualization platform. The typical structure of the environment consists of hardware with host operating system, virtualization soft- ware and series of virtual machines ( Fig. 1(b)). The host computer has a native operating system called the host operating system. Virtualization software, commonly known as a hypervisor, is a software layer running over the host OS. The hypervisor abstracts the physical resources of the host computer into discrete virtual machines (VM). The guest OS is installed in the virtual machine. When the operating system is running, every VM requires storage. To allow this a hypervisor provides a virtual hardware layer that the guest OS sees as its hardware. The OS system interacts with the virtual hardware, which behaves like physical hardware (Lunsford, 2010).

Benefits of Virtualization Technologies for Education
For a great part of IT people the word 'virtualization' today associates with running multiple operating systems on a single physical machine. This is often called hardware virtualization. With the hardware virtualization ( Fig. 2(a)) the hypervisor provides a virtual hardware layer that the guest operating system perceives as its hardware (Lunsford, 2010). As in each virtual machine the operating system, applications, stored data and personal settings are in an isolated environment, the errors in one virtual machine do not affect the others.
The hardware virtualization can be accomplished in different ways: (1) hardware virtualization for servers, (2) hardware virtualization of desktops and (3) virtual desktop infrastructure. When used on the client machines, the hardware virtualization is often called Desktop virtualization, but when using it on the server it is known as Server virtualization. The third virtualization technology mixes the server and desktop virtualization techniques. The way is called Virtual Desktop Infrastructure (VDI) and it executes the virtual machine operation on the server. In this way, the server hosts a number of desktop VM and the user can reach the virtual machine from any location (Chappell, 2008). The VDI technology supports sufficient communications between the client and the server.
All the technologies allow the access to virtual resources running in the data centre, centralize the data security and simplify administrative and management tasks.
All of these technologies are advantageous in education process (Chappell, 2008). Server virtualization provides the ability to integrate multiple servers on a highpowered server reducing the number of physical servers and managing the servers in a more efficient way. Using server virtualization, the hypervisor isolates each server's virtual machine, preventing the virtual machines from damaging one another's configurations and processes.
Desktop virtualization helps to solve incompatibility between applications and desktop OS. This problem can be solved by creating a VM that runs older operating system and installing the application in that VM. This enables the use of applications that run only on the older OS.
Virtual Desktop Infrastructure (VDI) allows each user to interact with the desktop located in a data centre through the network connection (using another desktop computer or a mobile device) so managing the user's own desktop without the expense and security risks.
As every application depends on its operating system, incompatibilities between an application and its operating system can also be resolved using Application virtualization. Application virtualization is a method by encapsulating applications from the underlying operating system with which they are executed. According to Fig. 2(b) the virtualization form encapsulates an application into a container along with the set of system files, memory allocation, device drivers, and is much more specifically associated with the application (Lunsford, 2010). This technology helps to avoid conflicts between applications running on the same operating system.
The Application virtualization takes advantages of managing and administration of applications. It reduces time and cost required to install and update applications so making new application installations much easier and avoiding incompatibilities between applications.
The next important form is Network virtualization. The term 'network virtualization' presents an idea of a virtual private network (VPN). The VPNs abstract the notion of a network connection, allowing a remote user to access the university's internal network just as they were physically attached to that network. The network security provided by the virtualization makes possible the connection of student-owned devices with the network without compromising the security.

Virtual Desktop Infrastructure at Kaunas University of Technology
Virtual Desktop Infrastructure (VDI; Fig. 3) has been created at Kaunas University of Technology to provide virtual computing environment to staff and students in numerous training courses and research projects. Hardware, application and network virtualization technologies mentioned before implemented in the structure.
Various desktop virtualization platforms can be used. There are a number of players in the market but the two key ones in education are as follows: • VMware, • Microsoft Hyper-V.
Factors that have contributed to the choice of Microsoft Hyper-V platform are licensing infrastructure familiarity as well. KTU has signed a contract with the Microsoft, so it has reduced Licensing burden. Microsoft Hyper-V involves deployment of familiar tools  and infrastructure familiar to Windows-based interfaces and common management consoles.
The VDI consists of virtual servers that are installed on the four physical servers (Fig. 3). Table 1 presents the technical and software resources of the VDI infrastructure. The virtual server (VDI WEB Access) is responsible for virtual PCs and virtual applications accessibility for university network users. The users access all the virtual resources via a web browser from the page http://vdi.ktu.lt (Fig. 4).
The virtual server (VDI Connection Broker) distributes the users' connections to virtual machines and ensures that each user is connected only to one virtual machine. The array of physical and virtual servers (Hyper-V computers) is connected to a cluster. More than 100 virtual desktops are hosted in this cluster. The virtual server (VDI Host 01) protects the virtual server/host names and IP addresses and distributes user traffic while connecting it to a virtual work environment. The virtual server (Application Server) manages virtual programs using two functions (App-V server and Terminal server). Using App-V server functionality, the user can reach virtual applications from the university network PCs. With Terminal services, only the user interface of an application is presented to the client. The virtual servers (VDI Sequencer for Windows 7 and VDI Sequencer for Windows XP) convert applications to virtualized packages for Windows 7, Windows XP or older Windows versions, accordingly.
The created VDI provides a computing environment for students and teachers when using a variety of virtual resources via the internet connection. The standardized infrastructure provides the ability to quickly install the new working environments. This takes the opportunity for the students to have the same working conditions at computer rooms, libraries or even at home (anywhere where the user will be able to connect to the university network). The virtual environment guarantees the use of networked software licences, so giving the opportunity to start virtual resources on home computers without the risk that the resources will be infected with the virus.
Performance management characteristics of the VDI infrastructure are as follows: • Scalability for numbers of users and network traffic. 150 virtual desktops with Windows 7 operating system are created. Each VM is designed for 2.5 GB of RAM and 50 GB of disk storage. Users can simultaneously use a single VM, and receive 100% of the machine resources. 9 Gbits' network traffic comes to the server 'cluster', which serves the VM.
• Maintenance. All virtual computers are constantly updated with the installation of the system and software upgrades. One part of the virtual computers uses dynamic disks, and another part uses static ones (with the reserved disk space). Computers with the reserved disk space are cleared in time, restoring the original state of a computer. Virtual computers that use a dynamic disk space are cloned when changing software. Changes are made only to the main template. Old machines are erased and the new main template is derived from a cloned template. • Vulnerability in case of hardware or software problems. The biggest problem with the hardware can be caused by power loss or power surge, then the server reboots or shuts down often and all the virtual machines shut down with the servers. In this case, it is advisable to have a surge or UPS rectifier's sources. In our case, these machines are connected to voltage surges rectifiers. From the architectural point of view, the servers are connected into a group of servers (cluster), so if one server fails or shuts down, all machines on that server are automatically placed into the other servers. • Security threats. The system uses several levels of protection. First of all, virtual desktops are available from the websitehttps://vdi.ktu.lt. This site is implemented via a secure connection technology (using SSL certificates), which enables all users are automatically connected, so they do not need to enter your login information. The second tier of protection is automatic assignment of virtual machines to the consumer, i.e., website users see only a single virtual machine icon, which by clicking will be automatically connected with a randomly assigned computer. VDI broker server is responsible for the assignment of a virtual machine user, i.e., the user is connected to first find a free virtual machine. The last level of protection is Administrator's page (component), in which the administrator can see all the users currently working with the VDI system. Administrators have the ability to see what users are online, what applications they use and how long they work. If administrators notice the users performing unauthorized actions, they can disconnect them from the system. This component is designed by KTU scientists.

Experiments of Network Load Monitoring
All virtual resources can be reached only from the university network ( Fig. 5 is similar to Fuertes et al., 2009). To access them from any other network (e.g., home), users should use the Virtual Private Network (VPN) service of Kaunas University of Technology. The VPN service allows university staff and students safely connect to the university computer network. Only university users are allowed to use the internal resources.
In order to investigate whether the resources of the VDI are sufficient to ensure teaching-learning processes the experiments of Network load monitoring have been carried out. The aim of the research was to collect experimental data of traffic generated by the virtual infrastructure. The monitoring was carried out in two different ways: direct observation of data and passive monitoring.  Traffic generated by the VDI can be monitored on the server and on network side. The network infrastructure that had been used for data transfer during VDI experiment is shown in Fig. 6.
The experiment has included network of classroom No.103 (classroom PC's and servers) which is the largest computer laboratory. The easiest way to find out the traffic related to the particular experiment was to monitor the uplink traffic from the room No.103 network distribution switch.
The traffic data of the monitored link obtained directly from the Monitoring station is shown in the Fig. 7 (direct observation of data). The traffic data shows a number of peaks.
Data of the daily load of the monitored link where Fig. 8 shows the insignificant increase of 5 to 10 Mbps of the total traffic (1 Gbps) calculating into 0.5-1 percent of the total capacity of the uplink. The Monitoring station polls the network only every 5 minutes to reduce the resources required for processing and transferring of the network  management data in both the network equipment and the monitoring station itself. The polling interval implies that all the dynamic data such as traffic values etc., will be averaged. While the pattern of the usage of VDI clusters and other virtualized resources heavily rely on the client-server model, where the intervals between clients request (e.g., an application execution) and server response (the actual execution of the program and the display of the interface to the client) are much faster than the polling interval. Thus actual peaks of traffic could be undetected by the network monitoring system still hindering the user experience and indicating possible problems.
The 'passive' monitoring architecture (Ubik et al., 2008) was used to perform a detail measurement of the traffic on the monitored line. It was configured so that the monitoring station receives a complete copy of the traffic flowing in and out the uplink interface. The results of the analysis are depicted in Fig. 9.
It can be clearly determined that the average increase of the traffic corresponds with the results obtained by the central monitoring station (Fig. 7). The traffic data also shows Fig. 9. Traffic data from the passive monitoring station for the period of the experiment. that the peaks have reached up to 120 Mbps during the experiment several times higher than the average.
Results of the experiment: 1. Direct observation method showed that the VDI infrastructure ensures availability of virtual resources. Data of the daily load of the monitored link showed 0.5-1 percent of the total capacity of the uplink. As the Monitoring station polls the network only every 5 minutes, actual peaks of traffic could be undetected still hindering the user experience and indicating possible problems. 2. Passive monitoring is a powerful tool providing a deep insight into actual traffic characteristics that are not possible to record otherwise. 3. The traffic peaks mean that during those peaks the 100 Mbps network infrastructure is being pushed to its limits creating a potential for network congestion and further decrease of user experience, especially taking into account that the usage of centralized and virtualized resources will increase.

Conclusions
This paper presents virtualization technologies and outlines the advantages that the virtual technologies provide for the education process. The most important one is an ability to deliver secure, on-demand 24/7 access to the students and teachers. Students can enjoy the possibility using the virtual resources when and where they want. VDI implemented in the study process of Kaunas University of Technology takes new opportunity for the students to have the same working conditions at computer rooms, libraries or even home (anywhere where user will be able to connect to the university network). The environment offers the opportunity for the students to work with the range of applications not available on their host computer.
The experimental results show that there is every opportunity for the students to use virtual resources thanks to VD infrastructure. Only the insignificant increase of 5 to 10 Mbps of the total traffic of the daily load was monitored (only 0.5-1 percent of the total capacity of the uplink).
A number of the traffic peaks has been caused by 100M b/s connection inside the class No.103 network. Such peak flows may already have computer network congestion, and thereby increase the network customer's waiting time.
R. Misevičienė is an associate professor at Kaunas University of Technology. Her research interests mainly include artificial intelligence, verification of knowledge base systems and research of problems in educational e-learning systems and distance study. D. Ambrazienė is the head of the Faculty Service Division at Information Technology Development Institute. D. Ambrazienė is a member of a national distance teaching association. Her interests include the use of virtual IT infrastructure in the study process.
R. Tuminauskas is the head of the Backbone Networks Group at the Centre of Computer Networks at KUT. The group is responsible for operating, planning and implementing the university campus backbone as well as Lithuanian national research and education network LITNET. Raimundas actively participates in network design and planning at various levels, including the design of Lithuanian rural area optical network RAIN. He is a member of LITNET expert board, and GEANT network supervisory committee.
N. Pažereckas now is studying software engineering master's degree at Kaunas University of Technology. He is working in Institute of Information Technology Development in Engineer position at KUT. He designs and develops virtual hosts and virtual software systems for the university staff and the students to ensure access to necessary resources.