Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download sample PPT 2 - Virginia Tech
Document related concepts
Library (computing) wikipedia , lookup
Berkeley Software Distribution wikipedia , lookup
Distributed operating system wikipedia , lookup
Plan 9 from Bell Labs wikipedia , lookup
Burroughs MCP wikipedia , lookup
Linux kernel wikipedia , lookup
Spring (operating system) wikipedia , lookup
Security-focused operating system wikipedia , lookup
Unix security wikipedia , lookup
Process management (computing) wikipedia , lookup
Thread (computing) wikipedia , lookup
Transcript
VirtuOS: an operating system with kernel virtualization Ruslan Nikolaev, Godmar Back Virginia Tech, Blacksburg 2. Related Work 1. Motivation Problem: Lack of isolation and protection for core systems code in monolithic OS. • Well-known problem – numerous studies & experience have indicated reliability rd problems, largely with 3 party code. User Processes File System Monolithic OS TCP/IP kernel Ethernet SATA Kernel Memory Manager Process Manager PCI Existing Designs: Rely on privilege separation and protection domains. Examples: µ-Kernels, User-level User Processes drivers and file systems, VMBased Isolation File TCP/IP System Challenge: provide isolation while retaining performance & Ethernet SATA compatibility. Virtual Guest OS 1 … Guest OS n Machines Memory Manager Process Manager PCI Hypervisor Approach: Decompose & Isolate Components. µKernel OS µKernel 4. Architecture: Primary & Service Domains 3. VirtuOS Design Characteristics VirtuOS Decomposition of vertical slices of a monolithic kernel into service domains Strong Isolation & Device Protection through hardwaresupported virtual machines Separate Failure & Recovery of service domains Transparent to kernel code Compatible with POSIX application code Good Performance due to fast interdomain communication User Processes Storage Domain Primary Domain Memory Manager Process Manager Network Domain File System TCP/IP SATA Ethernet PCI PCI PCI Hypervisor 5. VirtuOS Implementation Highlights 6. Experimental Results • Direct system call handling by remote domains via system call dispatch through shared memory request queues • Integrated with user-level M:N threading to avoid interdomain signaling cost • Shared lock free request and ready queues for dispatch & wakeup • Supports all of POSIX (including polling & signals) • Minimal changes to existing Linux system (<20KLoC) Failure Recovery scenario demonstrates isolation. A program using a storage domain is unaffected by the network domain’s failure. Good Performance is retained for both multiprocess & multithreaded workloads. [Results are consistent with relative stddev < 2%.] ... Resume Shared Regions Ready Queue syscall-backend Service Domain 1 Network domain abruptly terminates 60 40 Network domain Is restarted 20 storage network 0 0 50 0 0 25 Time, s Remote client resumes transfer Kernel syscall-backend syscall-frontend syscall-xen Hypervisor Source Code available at: people.cs.vt.edu/~rnikola ... Kernel Worker Thread n.k Service Domain n virtuosos_4K linux_4K 280 210 140 70 virtuos 0 0 100 200 300 Number of Threads 400 100 125 150 virtuosos_8K linux_8K virtuosos_16K linux_16K 4. FileIO/Sysbench 3. OLTP/Sysbench mySQL 350 75 Concurrency Throughput, req/s Request Queue Kernel Worker Thread n.1 50 10 20 30 40 50 60 70 80 Remote client starts transfer … 100 Resume /dev/syscall Primary Domain Kernel Worker Thread 1.n Throughput, req/s User Process k Local system call M:N pthreads Kernel Worker Thread 1.1 2. Apache Throughput Throughput, MB/s libc-sclib Request Queue Transfer Rate, MB/s Dispatch 1. Failure Recovery 4000 3000 2000 1000 virtuos 0 0 100 200 300 Number of Threads 400
