The practice of developing the academic cloud using the Proxmox VE platform

. Cloud technologies provide users with efficient and secure tools for data management, computing, storage and other services. The article analyzes the projects for the introduction of cloud technologies in education and identifies the main advantages and risks in creating a cloud infrastructure for the university. Such startups contribute to the formation of a new paradigm of education. It involves the virtualization of education, the introduction of mobile and blended learning, ie the combination of cloud computing with modern learning concepts. In this paper, we highlight our experience in improving the academic cloud for the training of a bachelor’s degree in computer science. This is through the integration of the Proxmox VE platform into existing computing power by deploying the Proxmox VE system. In the study, we reveal some technical and methodological aspects of the organization of the educational process using this corporate cloud platform. The scheme of the organization of physical components of cloud infrastructure (nodes, virtual networks, routers, domain controller, VPN server, backup system of students’ virtual machines) is given. All characteristics of this environment and possibilities of their application are studied.


Introduction
Cloud computing and open access systems in education are technologically and cost-effective means of organizing the operation of digital systems without the need to spend large sums of money on the development of IT infrastructure. Therefore, over the past 10 years, cloud computing has become a popular paradigm in education. However, educational institutions in Ukraine have some problems such as limited technical and material resources of IT infrastructure, limited teaching staff, lack of technical experts and qualified IT staff. In this article, we continue to share our experience of using cloud platforms to provide virtualization of computing resources, such as operating systems, servers, storage devices, or network resources. This approach should improve the digital learning environment of our university students.
Cloud computing is an important alternative to the classical local model of organization of the educational environment of the university. Thanks to them, students and administrative staff have the opportunity to quickly and easily access various application platforms and resources through web pages on demand. This reduces organizational costs and offers more powerful functionality. In particular, such cost reductions apply to licenses for software, hardware, electricity, accommodation and maintenance. As a result, IT professionals are relieved of responsibility for maintaining certain services and repositories at the university. The use of cloud infrastructure redundancy eliminates the risks of disaster recovery and the high costs associated with it. Cloud services often offer new tools and applications to improve the performance and availability of digital environments. All this provides flexibility in decision-making to the management of each university.
Among the shortcomings of cloud computing is the lack of some services that may be needed by teachers and students. As a result, there are problems and restrictions on cloud application offerings, availability and service level agreements. Security issues should be singled out.
Currently, Ukrainian universities have some problems in organizing educational environments. They can be summarized as follows.
• Existing digital resources are distributed among educational institutions not on the basis of their needs, but on the basis of personal reasons or justification. This leads to unbalanced development of free economic zones. • Limited funding to support the needs of the university in terms of infrastructure and accessibility of student places. • Lack of technical knowledge to maintain and operate the existing infrastructure in some educational institutions. Qualified teachers now work not only in the field of education. In this way, they divide their efforts between learning and other activities.
The aim of this study is to describe the model of the academic cloud for the training of computer science teachers and to systematize the experience of its deployment based on the Proxmox VE platform.

Related work
Researchers are studying the problem of creating a cloud-oriented environment for higher and secondary education. In general, they interpret this concept as an environment for participants in educational and scientific processes, in which the implementation of computational and procedural functions is purposefully developed virtualized computer technology (corporate or hybrid) infrastructure [12]. Glazunova and Voloshyna [6] considers the concept of "academic cloud of the university" as a cloud-oriented electronic educational environment of the educational institution. It is a combination of technical, software, digital resources and services that operate on the basis of cloud computing technologies and provide educational activities for university students through the local network and the Internet [6]. The basic characteristics of the academic cloud are self-service, wide access to the network, pooling of resources, broad resilience, measurement of service and flexibility, structure, interactivity, personification and consideration of motivation [7,8].
The goal of the academic cloud is to leverage the capabilities of multiple networked computers to collaborate between faculty, researchers, and students. Cloud computing provides unique features such as • Virtualization of computing resources. Through the use of cloud technology, end users can access computing resources from a variety of devices anytime, anywhere. • High productivity. Modern cloud solutions provide significant computing power for processing and storing big data. • Reduced costs are possible through the purchase and maintenance of necessary resources or services on site. This advantage is especially significant in the long run. • Scalability of IT infrastructure. This approach requires the university to invest in the necessary infrastructure and cloud services.
Many universities already use virtualization and cloud computing technologies to create campus information and education environments. These environments are designed for teaching, research, management, activities [5]. The use of cloud services in the process of learning and research is an obvious need of the time and due to the development of digital technologies. The formation of openness of continuing education orients educational institutions to adapt their activities to the requirements by creating an effective information and educational environment that will meet the training requirements and improve the skills of working professionals.
The potential of cloud computing to increase efficiency, cost and convenience for the education sector has been recognized by US universities. For example, a deployed academic cloud allowed computer science students to experiment with large-scale distributed computing [4]. By adopting cloud computing, an educational institution can lease cloud infrastructure to computer providers. [3].
Selviandro, Suryani and Hasibuan [11] investigated the effectiveness of performance indicators to assess and compare the scalability of virtualization resources in cloud data centers. This method can be used by university risk analysts and security managers to conduct realistic and cost-effective risk assessments that are reliable and repeatable.
Baharuddin et al. [2] investigated the use of cloud computing services in the electrical engineering curriculum. They see cloud technology as a model of computing because resources such as processors or computing power, storage, networks, and software are abstracted and provided to students as online or Internet services.

Descriptive model of the academic cloud
In the academic cloud model, we consider the content, technical and organizational components. The content of training determines the technological requirements for each digital system. We are deploying an academic cloud to train future computer science teachers. Therefore, the cloud is a means of knowing information systems. It replaces physical computer systems and is the subject of study by scientists, teachers and students. Given that the academic cloud can be integrated with other means of the university's digital educational environment, there are requirements for its functions. Therefore, the content component of the model involves performing by cloud some functions such as • study of information systems based on their learning models a virtual computers and networks; • the most accurate correspondence of virtual objects to real information systems, in particular the possibility of applying the existing competencies in practice; • opportunity for a teacher or student to change the object of study for their own needs; • ubiquitous access to cloud infrastructure via the university's local network and the Internet; • personalized access to computing resources using single authentication data.
The technical and organizational component must be implemented through tasks • providing the ability to deploy a significant number of virtual machines; • providing access by means of standard protocols; functioning according to the model "infrastructure as a service" (IaaS); • creation of a significant number of virtual networks data routing between virtual and physical networks; • user authentication based on standard databases; ensuring the redistribution of corporate cloud computing resources.
The study was conducted in a joint research laboratory on the use of cloud technologies in education of Ternopil Volodymyr Hnatiuk National Pedagogical University and the Institute for Digitalisation of Education of the National Academy of Educational Sciences of Ukraine. At the time of writing, we have had considerable experience deploying an academic cloud based on the Apache CloudStack platform. It has undeniable advantages for use in student learning. In particular, it allows students to be divided into so-called domains according to academic groups. Provide authentication based on an external database, share virtual machines with many students. However, during the years of operation of the platform, we also had difficulties. They concerned the solution of technical problems such as • poor allocation of computing resources; • manually add users' accounts; • forcibly disabling, deleting or transferring virtual computers to another user, unlocking accounts; • cloud infrastructure backup (databases, VMs); lack of free mobile version of the platform.
Often we had to use the API and directly edit the Apache CloudStack database to solve these problems [9], so we decided to integrate the new infrastructure into the existing academic cloud based on a different platform. The following criteria were taken into account for her selection • openness and free platform; • cloud according to the IaaS model; • technical simplicity of cloud deployment and maintenance; • ensuring user authentication from external databases; • ability to create templates and backups of virtual computer disks; • scalability of the platform, through the addition of additional nodes and storages.

Students' access rights to VM in the cloud
To ensure the functioning of the academic cloud, we have so far rented one refurbished physical server based on a used Intel Xeon processor with 32 Gb of RAM. This was also done because Ukraine is currently at war and it is difficult to say whether servers will be available as they are in university buildings.
Here are some technical tasks in the organizational component of the training model for future computer science teachers and IT professionals. One of the main such tasks is the distribution of students' access to computing resources of the academic cloud. To solve this problem, you need to divide users into groups. The Proxmox VE platform provides built-in groups with different credentials [10].
We offer two approaches to creating new VMs and containers. The first involves the administrator creating copies of VMs and giving students access to these VMs. Permissions may vary depending on the operations to be performed with these VMs. For example cloud administrator can provide students with administrative access to such VMs.
Another approach involves students cloning their own machines from the templates. To implement it, the administrator must provide permission in accordance with the table 1). Creating permissions that match the last row of the table requires defining <students_login> -<VM_ID> pairs. Finally, permission is granted through the command: pveum acl modify /vms/<WM_ID> <user <username> -role Administrator Later, using a simple script, we obtained a list of users from the LDAP directory and set the appropriate IDs for them. It is important that when cloning VM, students must indicate the ID provided by the teacher for VM (figure 1).
In order to share multiple users' VMs, they must be grouped together to share VMs with the same pveum command or through the platform's web interface. In our opinion, the preliminary preparation of the academic cloud for learning is a necessary task. A qualified specialist is required to perform the relevant tasks.

Unified access of student to academic cloud
To ensure the work of many students, we have configured user authentication based on the LDAP directory (Active Directory). It is located in the local network of the university. To do this, you need to specify some parameters such as • The IP address and port of the domain controller that contains the LDAP directory. • User data for reading data from the directory (Bind User). • Some user attributes (mail, belong to a group). • Filters to restrict access to certain organizational units of the directory. • Additional parameters (synchronization objects, operations with new users, deleting users).
To log in to the system, the administrator can add it manually, for example using the web interface. However, it is possible to automatically synchronize the directory with the pveum realm sync <realm> command.

Allocation of computing resources of the academic cloud
The problem with our previous implementation of the academic cloud is the irrational allocation of computing resources, which involves reserving them based on the number and performance of virtual machines (Apache CloudStack reserves guaranteed CPU frequency and RAM for each virtual machine). We solved this problem through CPU and RAM Overcommit. That is, the Apache CloudStack platform installs a multiplier that changes the frequency and amount of RAM. However, this approach often leads to instability in the cloud, including denial of service to virtual machines.
We used containers to better allocate computer resources. It is a cloud-like object of cloud infrastructure. Although virtual machines provide a complete environment, system containers offer an environment as close as possible to what the user receives from the virtual machine, but without the overhead of running a single kernel and simulating all the hardware [1]. From the point of view of the host OS (node), the processes from the container work in themselves. This allows you to run more of them compared to virtual machines. The main limitation of containers is the OS. It can not be other than the OS node (host). Another disadvantage is the lower security of the container. We conducted an experiment and found that the same equipment can run at least 5 times more containers than VM with the same computational characteristics. Figure 2 shows the load schedules of a server running 120 containers (one core, 768 MB RAM). At this time, the cloud generates approximately 40 Mbps of inbound and outbound traffic (figure 2). Unfortunately, we do not have the equipment to deploy identical academic clouds based on the CloudStack and Proxmox VE platforms. However, we can assume that the performance of the physical server with Proxmox VE should match the computing power of the two servers with CloudStack. Therefore, in the CLoudStack-based cloud, we left these 2 hosts active. We then loaded the same VMs on two clouds until their CPU load was 90%. Such VMs were Windows (Workstation and Server) and Linux (with CLI or GUI). Note that the Linux OS with CLI worked as Proxmox VE containers and as regular VMs in CloudStack. The number of VMs that were downloaded is shown in table 2.
As you can see from the table 2, the number of VMs loaded on Proxmox VE is slightly higher than Apache CloudStack. There is a particularly significant difference for VMs of the LinuxCLI type. This is because Proxmox VE used containers for them. Unfortunately, compared to Apache CLoudStack, Proxmox VE has worse results for VMs with nested virtualization. We use such EVE-NG VMs to model and study computer networks (last row of the table 2).

Connection of networks between clouds based on Apache CloudStack and Proxmox VE
An important step in deploying our academic cloud is configuring networks in its infrastructure. We tried to allocate a separate VLAN for at least one academic group of students. The best option is to be able to provide a separate VLAN for each student. Another requirement for cloud infrastructure networks is their integration with the university's cloud infrastructure.
To do this, we configured the VPN server to Proxmox VE node. Since many VLANs are deployed in the university cloud infrastructure, it is necessary to choose VPN technology that encapsulates OSI channel layer data. That is, we plan to use the same VLANs in CloudStack and Proxmox VE infrastructures. This will allow them to transfer data without routing. OpenVPN, a free, secure VPN server, meets this requirement. It has one of the best bandwidths on the Internet, and is one of the most secure VPN services. However, the Proxmox VE platform does not support OpenVPN tap and tun tunnel interfaces. Therefore, we had to set up a separate VM based on MikroTik Cloud Hosted Router. It was configured as an OpenVPN server ( figure 3). It can operate both as a soft switch running within the hypervisors. As a result, VMs from different clouds can exchange traffic within the same VLANs. This allows you to build a hybrid cloud infrastructure, conduct research, and scale the academic cloud through both virtual and physical devices.

Ubiquitous access to the academic cloud via a mobile device
Another advantage of the useful feature of the Proxmox VE platform is the availability of an adapted web interface for mobile devices. The mobile interface does not allow the student to perform absolutely all operations, as the desktop. But it is suitable for urgent operations. This option will also be useful for distance learning when the student does not always have access to a computer or laptop.
Functional applications for Andriod and iOS are mostly paid. However, the mobile version of the Proxmox VE web interface allows students to perform basic VM management operations such as start, stop, pause, migrate VM to another node, view tasks and console (figure 4). Access to the VM interface (console) in the mobile version is also implemented. A student with some problems will be able to use it in Linux. At the same time, he/she has standard VM control options (start, stop, call the keyboard, press the system key combination, etc.) (figure 5).
It is worth noting that working with the mobile version of the VM console with Windows is not convenient. Nevertheless, the student will be able to perform basic operations with a graphical interface OS.

Backup of the academic cloud based Proxmox VE platform
Another important task of the technical component of the academic cloud is the backup of both the cloud infrastructure as a whole and its individual VMs. Here, Proxmox VE provides many tools, including storage and backup types [10]. We have set up a scheduled task to back up the cloud infrastructure to an NFS share that is connected via an OpenVPN server. This allows you to save the condition of all machines. The advantage of this method is the reservation of working VMs "on the fly" (figure 6).  However, it is important to encourage students to make backups and snapshots on their own. This is necessary because they are often taught by trial and error. To do this, you must additionally provide permission to the student to perform the operation Datastore.AllocateSpace. In general, we can say that scaling the cloud infrastructure will require configuring a separate Proxmox Backup Server.

Conclusions
From the analysis of scientific publications and our own experience, we can state that cloud technologies in universities have significant opportunities for application. One of the important components of the cloud-based learning environment is the academic cloud. It can be effectively used in the training of future computer science teachers. The academic cloud allows students to model in a virtualized environment the processes occurring in digital systems. This is especially popular for distance learning. At the same time, they will gain experience in applying theoretical knowledge to perform practical tasks, demonstrate properties, study and research digital objects. The study proposed a model of the academic cloud, which contains content, technical and organizational components.
Proxmox VE can perform the functions of all these components. It is a modern open platform for deploying corporate clouds. As our experience has shown, the process of cloud deployment is technically simpler and faster. This is even though we have installed Apache CloudStack many times and Proxmox VE for the first time. After deploying the academic cloud, we connected virtual local networks of academic clouds based on the Apache CloudStack and Proxmox VE platforms. It would be good to continue the integration of both platforms in the future.
A study of cloud performance based on Proxmox VE showed that it is almost not inferior to the computing power of Apache CloudStack. This is not surprising, since both platforms used the same KVM hypervisor. Proxmox VE has the advantage of using Linux containers. The Proxmox VE console interface is more advanced than Apache CloudStack. This fact, together with a good mobile version of the platform allows you to work with the cloud from different devices.
Regardless of the platform, the administrator or teachers should perform the maintenance of the academic cloud. In particular, regarding the preparation of student VMs, their migration between nodes, backup, etc. Using the academic cloud based on the Proxmox VE platform, both teachers and students can now have more experience with various system administration tools and use virtualization to perform teaching and research tasks.
Prospects for further research are in conducting the experiment that would confirm the usefulness of the proposed model.