Virtu OS an operating system with kernel virtualization

  • Slides: 1
Download presentation
Virtu. OS: an operating system with kernel virtualization Ruslan Nikolaev, Godmar Back Virginia Tech,

Virtu. OS: an operating system with kernel virtualization Ruslan Nikolaev, Godmar Back Virginia Tech, Blacksburg 2. Related Work 1. Motivation Problem: Lack of isolation and protection for core systems code in monolithic OS. • Well-known problem – numerous studies & experience have indicated reliability rd problems, largely with 3 party code. User Processes Monolithic OS File System TCP/IP SATA kernel Ethernet Kernel Memory Manager Process Manager PCI Existing Designs: Rely on privilege separation and protection domains. Examples: µ-Kernels, User-level User Processes drivers and file systems, VMBased Isolation File TCP/IP System Challenge: provide isolation while retaining performance & Ethernet SATA compatibility. Virtual Guest OS 1 … Guest OS n Machines Approach: Decompose & Isolate Components. PCI Hypervisor µKernel OS Memory Manager Process Manager µKernel 4. Architecture: Primary & Service Domains 3. Virtu. OS Design Characteristics Virtu. OS Decomposition of vertical slices of a monolithic kernel into service domains Strong Isolation & Device Protection through hardwaresupported virtual machines Separate Failure & Recovery of service domains Transparent to kernel code Compatible with POSIX application code Good Performance due to fast interdomain communication User Processes Storage Domain Primary Domain Memory Manager Process Manager Network Domain File System TCP/IP SATA Ethernet PCI PCI Hypervisor 6. Experimental Results Dispatch libc-sclib Kernel Worker Thread 1. n . . . Resume Shared Regions Ready Queue syscall-backend 2. Apache Throughput Network domain abruptly terminates 60 40 Network domain Is restarted 20 0 Service Domain 1 storage network 0 50 0 0 25 Time, s Remote client resumes transfer virtuosos_4 K linux_4 K Kernel syscall-backend syscall-frontend syscall-xen Hypervisor Source Code available at: people. cs. vt. edu/~rnikola . . . Service Domain n 350 280 210 140 70 0 virtuos 0 100 200 300 Number of Threads 400 75 100 125 Concurrency virtuosos_8 K linux_8 K 150 virtuosos_16 K linux_16 K 4. File. IO/Sysbench 3. OLTP/Sysbench my. SQL Kernel Worker Thread n. k Throughput, req/s Request Queue Kernel Worker Thread n. 1 50 10 20 30 40 50 60 70 80 Remote client starts transfer … 100 Resume /dev/syscall Primary Domain Kernel Worker Thread 1. 1 Throughput, req/s User Process k Local system call M: N pthreads Request Queue 1. Failure Recovery Throughput, MB/s • Direct system call handling by remote domains via system call dispatch through shared memory request queues • Integrated with user-level M: N threading to avoid interdomain signaling cost • Shared lock free request and ready queues for dispatch & wakeup • Supports all of POSIX (including polling & signals) • Minimal changes to existing Linux system (<20 KLo. C) Failure Recovery scenario demonstrates isolation. A program using a storage domain is unaffected by the network domain’s failure. Good Performance is retained for both multiprocess & multithreaded workloads. [Results are consistent with relative stddev < 2%. ] Transfer Rate, MB/s 5. Virtu. OS Implementation Highlights 4000 3000 2000 1000 0 virtuos 0 100 200 300 Number of Threads 400