| Author |
Message |
Casper H.S. Dik
Guest
|
 Posted:
Tue Feb 08, 2005 5:06 pm Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
Andrew Reilly <andrew-newspost@areilly.bpc-users.org> writes:
| Quote: | What do virtualizers provide that couldn't be incorporated into an OS?
|
It may help in time to market for future platforms; by putting the "bare
metal" stuff in the virtualization later, you can change relatvely
large parts of the hardware interfaces and just redo the virtualization
layer without having to bother to code even a single line for each of
the supported OSes.
Casper
--
Expressed in this posting are my opinions. They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth. |
|
| Back to top |
|
 |
Nick Maclaren
Guest
|
| Posted:
Tue Feb 08, 2005 5:32 pm Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
In article <pan.2005.02.08.11.41.56.474950@areilly.bpc-users.org>,
Andrew Reilly <andrew-newspost@areilly.bpc-users.org> writes:
|>
|> Now, I can see that this is pretty much a reaction to the seemingly large
|> success of things like VMWare and Microsoft's VirtualPC (on PC).
|> Finding ways to optimize popular software is always a good idea.
Yes, but it's more than just optimisation.
|> Also notwithstanding that there's an obvious pre-existing example of
|> wholesale virtualization in the IBM mainframes, is there actually a really
|> good reason to use virtualization on a day-to-day basis, or is it just a
|> practical acknowledement that there are failings of the OSes that are used
|> on these things?
Both.
|> I mean, OSes are supposed to be there to ration access to a machine's
|> hardware resources, for the benefits of the (several) applications that
|> want to share it.
One of their many functions. They also provide a suitable interface,
exactly as run-time systems provide a suitable interface for the user
program. And they provide security for access to resources.
|> What do virtualizers provide that couldn't be incorporated into an OS?
1) Provide the necessary primitives. It is relatively rare for
hardware to enable the secure emulation of privileged instructions,
for example, or even to allow them to be trapped in the first place.
Without that, you cannot provide a virtual machine interface, but
only a set of "library functions" to enable a cooperative client to
run in your "emulation" mode.
Exactly the same is true at the run-time system level, where it is
usually impossible for an unprivileged run-time system or debugger
to provide a virtual process environment. This in turn means that
the is a lot of crud moved into the operating system that need not
be there.
2) Enable the emulation to be done transparently enough to be
usable. This ISN'T simply a matter of convenience but of function,
and commonly applies to both speed and resource utilisation. There
are often some tight real-time limits on interrupt handling etc.,
as well as circumstances where you cannot practically allocate new
resources.
Note that this is generally soluble by changing the client to remove
the requirement, but you are then not emulating a virtual system.
It is the same as debuggers requiring the program to be recompiled
or even modified.
Regards,
Nick Maclaren. |
|
| Back to top |
|
|
Eric P.
Guest
|
| Posted:
Tue Feb 08, 2005 9:17 pm Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
Andrew Reilly wrote:
| Quote: |
On Tue, 08 Feb 2005 03:51:22 -0500, Arrvindh Shriraman wrote:
Pls take a look at intel's Vanderpool technology
http://www.intel.com/technology/computing/vptech/index.htm
Now, I can see that this is pretty much a reaction to the seemingly large
success of things like VMWare and Microsoft's VirtualPC (on PC).
Finding ways to optimize popular software is always a good idea.
Also notwithstanding that there's an obvious pre-existing example of
wholesale virtualization in the IBM mainframes, is there actually a really
good reason to use virtualization on a day-to-day basis, or is it just a
practical acknowledement that there are failings of the OSes that are used
on these things?
|
The virtualization products exist because people are willing to pay
money for them. Apparently some customers feel there are OS failings
that are addressed by these products or they wouldn't be buying this
stuff. Whether that perception is true or not is debatable given the
'improvements' that Intel is claiming for this technology:
dedicating resources in multiple user environments and improved
defenses against viruses or spy ware.
| Quote: | I mean, OSes are supposed to be there to ration access to a machine's
hardware resources, for the benefits of the (several) applications that
want to share it.
What do virtualizers provide that couldn't be incorporated into an OS?
|
By definition, nothing. A device register write is a device
register write, no matter how many wrappers you put around it.
The reason VM exists differs for different groups.
In Intel's case, adding new VMX instructions to the AMD64/EMT64
architecture gives them product differentiation and puts them
back in the x64 architecture drivers seat again. Looking at the pdf,
VT is just yet another hardware tasking mechanism wrapped
around their other hardware tasking mechanism that no one uses.
What VM does for customers is remove the control monopoly from OS
vendors who are unable or unwilling to react to customer demands for
certain features. At the same time it looses some features because
the virtual device is, by definition, a lowest common denominator.
One question is why would an OS vendor divert funding into
developing a virtualization product rather than applying
those funds to cleaning up the original problems in its code
(the ones the virtualization supposedly addresses)? The answer
appears to be because they get to sell you another product.
Eric |
|
| Back to top |
|
|
kirk johnson
Guest
|
| Posted:
Tue Feb 08, 2005 10:10 pm Post subject:
cell programming model |
|
|
so what kind of a programming model will cell present at the ISA
level? will the "attached cores" effectively be independent CPUs that
interact with the primary CPU in something approximating standard
threading models? or, alternately, will the "attached cores" look more
like coprocessors that are controlled directly by the primary CPU? or
perhaps something in between (e.g., coprocessor-like, but with the
primary CPU able to dispatch fairly high semantic content
"instructions" instead of individual floating point ops).
pushing things up to a higher level, what's the consensus about
programming language/compiler support for such a beast? do we expect
that compilers will be able to automatically extract sufficient
parallelism from nominally-sequential programs to take advantage of
all those "attached cores"? or, alternately, do we expect that
hand-coding and/or well-tuned libraries will be needed to achieve
significant performance gains?
inquiring minds want to know.
kirk |
|
| Back to top |
|
|
Anton Rang
Guest
|
| Posted:
Wed Feb 09, 2005 1:05 am Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
"Eric P." <eric_pattison@sympaticoREMOVE.ca> writes:
| Quote: | One question is why would an OS vendor divert funding into
developing a virtualization product rather than applying
those funds to cleaning up the original problems in its code
(the ones the virtualization supposedly addresses)? The answer
appears to be because they get to sell you another product.
|
Well, some customers have needs (or at least a desire) for:
(a) Running more than one OS, or more than one version of the OS,
on the same hardware. Maybe you have software that requires
Windows 98 or Solaris 6. No need to keep a separate box for
this one application. This also works for software which
wants to be installed in a particular location.
(b) Providing a full OS environment to clients. Maybe the client
wants the ability to manage their own system (install their
own software, potentially add new kernel modules, etc). If
you have hardware VM, you can let a client install their own
OS, reboot, give them root access, etc.
(c) Testing a new software release. As in the case of running
more than one OS, you can get by without having to buy and
manage another machine.
(d) Isolating customers from each other. The typical OS can
do this for ordinary users, but not administrators. What
if you want to run Unix or Linux, but allow a teacher or
their assistant to have "root" relative to their students,
to kill off rogue processes, be able to view files, etc?
You could add a new security model; but you could just
grant them root to their virtualized machine.
I'm sure there are other ideas for how this would be used.
-- Anton |
|
| Back to top |
|
|
Del Cecchi
Guest
|
| Posted:
Wed Feb 09, 2005 1:38 am Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
Anton Rang wrote:
| Quote: | "Eric P." <eric_pattison@sympaticoREMOVE.ca> writes:
One question is why would an OS vendor divert funding into
developing a virtualization product rather than applying
those funds to cleaning up the original problems in its code
(the ones the virtualization supposedly addresses)? The answer
appears to be because they get to sell you another product.
Well, some customers have needs (or at least a desire) for:
(a) Running more than one OS, or more than one version of the OS,
on the same hardware. Maybe you have software that requires
Windows 98 or Solaris 6. No need to keep a separate box for
this one application. This also works for software which
wants to be installed in a particular location.
(b) Providing a full OS environment to clients. Maybe the client
wants the ability to manage their own system (install their
own software, potentially add new kernel modules, etc). If
you have hardware VM, you can let a client install their own
OS, reboot, give them root access, etc.
(c) Testing a new software release. As in the case of running
more than one OS, you can get by without having to buy and
manage another machine.
(d) Isolating customers from each other. The typical OS can
do this for ordinary users, but not administrators. What
if you want to run Unix or Linux, but allow a teacher or
their assistant to have "root" relative to their students,
to kill off rogue processes, be able to view files, etc?
You could add a new security model; but you could just
grant them root to their virtualized machine.
I'm sure there are other ideas for how this would be used.
-- Anton
|
If you go wander around IBM's web site, I am confident you will find
plenty of information about the virtues of virtualization. It seems to
be a key element of the Server Value Proposition. Or whatever.
del cecchi |
|
| Back to top |
|
|
Martin Gregory
Guest
|
| Posted:
Wed Feb 09, 2005 4:10 am Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
Eric P. wrote:
| Quote: | Andrew Reilly wrote:
On Tue, 08 Feb 2005 03:51:22 -0500, Arrvindh Shriraman wrote:
Pls take a look at intel's Vanderpool technology
http://www.intel.com/technology/computing/vptech/index.htm
Now, I can see that this is pretty much a reaction to the seemingly large
success of things like VMWare and Microsoft's VirtualPC (on PC).
Finding ways to optimize popular software is always a good idea.
Also notwithstanding that there's an obvious pre-existing example of
wholesale virtualization in the IBM mainframes, is there actually a really
good reason to use virtualization on a day-to-day basis, or is it just a
practical acknowledement that there are failings of the OSes that are used
on these things?
The virtualization products exist because people are willing to pay
money for them. Apparently some customers feel there are OS failings
that are addressed by these products or they wouldn't be buying this
stuff.
|
"OS failings" are not the primary driver for people to use
this kind of technology.
Flexibility is the driver. The fact is that there are
applications that run under only one OS. People (like me)
use this sort of thing so that they can run all these applications
on the same hardware.
I guess you could call this a "failing" of the OS, but it's not something
that the OS writer can directly "correct". |
|
| Back to top |
|
|
Andrew Reilly
Guest
|
| Posted:
Wed Feb 09, 2005 4:55 am Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
On Tue, 08 Feb 2005 15:05:07 -0600, Anton Rang wrote:
| Quote: | "Eric P." <eric_pattison@sympaticoREMOVE.ca> writes:
One question is why would an OS vendor divert funding into
developing a virtualization product rather than applying
those funds to cleaning up the original problems in its code
(the ones the virtualization supposedly addresses)? The answer
appears to be because they get to sell you another product.
Well, some customers have needs (or at least a desire) for:
(a) Running more than one OS, or more than one version of the OS,
on the same hardware. Maybe you have software that requires
Windows 98 or Solaris 6. No need to keep a separate box for
this one application. This also works for software which
wants to be installed in a particular location.
|
However practical a reason (and I admit that it is one) that sounds like a
failure of OSes, in particular a failure of inter-operating system
standardisation. I guess that consumer pressure just hasn't managed to
mandate that yet, despite initiatives like POSIX. There are some
compatability mechanisms available for legacy software, though: Wine and
SoftWindows, executable tagging and compatability syscall vectors, etc.
The BSDs, for example, can (with the appropriate compatability shims built
in, and libraries installed) run executables for all previous released
versions (including old a.out binaries), for the other BSDs, for Linux,
and for SYSVR4 and R3. On top of that, NetBSD can load and execute
Windows PE executables, and is growing the ability to load and execute
Mach-O. Being experimental, volunteer efforts, these have some rough
edges. There's no reason why modern Windows shouldn't be able to support
Windows 98 (or earlier) applications, or for Solaris 10 to support Solaris
6 (or even SunOS-4) applications, since in both cases the companies own
all of the necessary library copyrights.
| Quote: | (b) Providing a full OS environment to clients. Maybe the client
wants the ability to manage their own system (install their own
software, potentially add new kernel modules, etc). If you have
hardware VM, you can let a client install their own OS, reboot,
give them root access, etc.
|
That sounds like a particular business model based around virtualization.
Fair enough. If your clients just want to be able to install programs and
be root on a shared box, then there are operating systems that support
that (vis jails on FreeBSD and chroot environments (a lower standard of
protection) on other unices, or perhaps user-mode linux).
| Quote: | (c) Testing a new software release. As in the case of running
more than one OS, you can get by without having to buy and manage
another machine.
|
That's kind of neat, but if you're testing, then you may well want more
diagnostics of the sort that simulation can provide, rather than simple
virtualization. In any case, software developers wouldn't seem to be a
large enough community to support this sort of feature on their own.
| Quote: | (d) Isolating customers from each other. The typical OS can
do this for ordinary users, but not administrators. What if you
want to run Unix or Linux, but allow a teacher or their assistant
to have "root" relative to their students, to kill off rogue
processes, be able to view files, etc? You could add a new
security model; but you could just grant them root to their
virtualized machine.
|
To the extent that that sort of facility doesn't exist (see jails: it
does), then that would be a failing of the OSes in question, for that
application. I think that Multics allowed that sort of privelige nesting
as a standard feature, didn't it? The isolation wouldn't be much better
than is available in a multi-user OS anyway: the resources are still
shared. You have just replaced explicit interaction and communication
with implicit or covert interaction and communication. You also don't get
to use non-lowest-common-denominator hardware interfaces, and you don't
get the sort of process and resource accounting that a "real" OS gives you.
Didn't the PC revolution do away with that time-sharing model anyway, and
give all users root access of the box that they were using?
| Quote: | I'm sure there are other ideas for how this would be used.
|
I'm sure there are.
--
Andrew |
|
| Back to top |
|
|
Anne & Lynn Wheeler
Guest
|
| Posted:
Wed Feb 09, 2005 5:43 am Post subject:
Re: intel's Vanderpool and virtualization in general |
|
|
"Eric P." <eric_pattison@sympaticoREMOVE.ca> writes:
| Quote: | The virtualization products exist because people are willing to pay
money for them. Apparently some customers feel there are OS failings
that are addressed by these products or they wouldn't be buying this
stuff. Whether that perception is true or not is debatable given the
'improvements' that Intel is claiming for this technology:
dedicating resources in multiple user environments and improved
defenses against viruses or spy ware.
|
so if you want something of the historical evoluation ... cp/40 was
done for a 360/40 with custom modified virtual memory hardware. when
the standard virtual memory processor came out, the 360/67 ... cp/40
was retargeted to 360/67 (even tho the virtual memory architecture was
somewhat different). bunch of science center stuff
http://www.garlic.com/~lynn/subtopic.html#545tech
the big monolithic operating systems were sometimes having trouble
focusing on specific issues ... in some respects because there is no
clearly deliniated architecture and feature/function requirements
between the various components.
cp/67 and virtual machine architecture ... provided a microkernel
architecture ... with relatively clearly deliniated areas of
responsibility for various components. because cp67 had clearly
delineated interfaces, responsibilities and duties ... it provided
quite stringent security partitioning ... something as a side-effect.
in the late 60s, you started seeing cp67 based time-sharing service
bureaus ... deliverying online personal computing in highly secure
manner to places like the financial and gov. market segments. this
continued with the morphing of cp67 to vm370 supporting the 370
computer line. virtual machine partitioning providing security
partitioing for personal computing delivery platform (that was hard to
find in other infrastructures).
http://www.garlic.com/~lynn/subtopic.html#timeshare
the other thing that i assert was that because you could run your
environment on the bare metal and under cp67 ... focus was naturally
drawn to cp67 pathlengths (how many operating systems do the users
focus on the performance difference between running their application
with and w/o the operating system ... the traditional answer has been
that is just part of the cost of having an operating system).
anyway as a result ... i got to rewrite large portions of the
(micro-)kernel code ... in some cases improving pathlength performance
by a factor of 100. somewhat enabling this ... was the microkernel
implementation made it a lot easier to be able to go thru every line
of code and decide what needed rewriting and what didn't. I also got
to invent fair share scheduling, new page replacement algorithms, disk
arm scheduling stuff ... and all sorts of other interesting stuff
.... and it would get picked up and shipped in the standard product.
the personal computing paradigm provided by the virtual machine
metaphor also heavily contributed to the invention of various kinds of
interactive related stuff. GML (precursor to sgml, html, xml, and
the markup language genre) was invented in that environment at the
science center in 1969.
http://www.garlic.com/~lynn/subtopic.html#sgml
the internal network technology was also developed for this platform
at the science center; the internal network for almost the whole period
until sometime mid-85 was larger than arpanet/internet
http://www.garlic.com/~lynn/subnetwork.html#internalnet
possible one of the largest time-sharing service delivery operations
was also based on this platform was an internal operation called HONE
.... it supported world-wide sales, marketing and filed people. In the
early days as HONE was preducing clones around the world ... I got
to hand deliver some number of the installations ... and supporting
hone was one of my hobbies for something like 15 years
http://www.garlic.com/~lynn/subtopic.html#hone
the original sql/rdbms (system/r) database was developed at sjr on
this platform ... and then there was technology transfer from sjr to
endicott for product sql/ds (also on this platform)
http://www.garlic.com/~lynn/subtopic.html#systemr
later as you go into the 80s, you start seeing mainframes
incorporating more and more virtualization related function as part of
the native hardware until you eventually arrive with the whole LPAR
paradigm ... it is possible to do a subset of virtual machine function
.... and split the machine into maybe 10-15 partitions. It uses
dedicated real storage ... and base/bound technology for real machine
storage addresses ... but otherwise allows shared used of processor
resources (including options like dedicated specific processors to
specific LPARs). Part of this is allowed the same real hardware to
support production machine operations concurrent with test operations.
Another part was allowing a business operation to partition things
into smaller dedicated pieces for more focused manageability.
Note that within an LPAR, it was still possible to run the virtual
machine operating system ... which in turn allowed much finer grain
partitioning. one such example was that a couple years ago ... on a
small, resource restricted LPAR they ran a test with the virtual
machine operation system ... where they in turn created 42,000
separate LINUX virtual machines.
a couple relatively recent postings mentioning LPAR:
http://www.garlic.com/~lynn/2004q.html#18 PR/SM Dynamic Time Slice calculation
http://www.garlic.com/~lynn/2004q.html#72 IUCV in VM/CMS
http://www.garlic.com/~lynn/2005b.html#5 Relocating application architecture and compiler support
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/ |
|
| Back to top |
|
|
Joe Seigh
Guest
|
| Posted:
Wed Feb 09, 2005 6:31 am Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
On Tue, 08 Feb 2005 22:41:58 +1100, Andrew Reilly <andrew-newspost@areilly.bpc-users.org> wrote:
| Quote: | On Tue, 08 Feb 2005 03:51:22 -0500, Arrvindh Shriraman wrote:
What do virtualizers provide that couldn't be incorporated into an OS?
(Save on porting effort for applications coded against a different API?
Save some memory space, compared to the various JIT/Dynamic recompilation
alternatives?)
|
You can run multiple OSes at the same time. I run windows and Linux on
separate boxes for that reason plus I didn't feel like wasting a lot of
time getting multi-booting to work and stay working. Re-install of an
OS, especially windows, tended to clobber the boot partition no matter what
you tried to do. You can run OSes that don't play nice and use shared
disk formats, like Solaris. And windows, if it sees an unformatted disk,
won't let you make it a standard patitioned disk. You have to use
Linux or PartitionMagic to do that. With VM, you don't have to worry
about what the guest machine is going to do to its virtual disk since
it can't possibly affect the other guest machines.
Simpler device drivers. When you virtualize something like a disk, you
aren't going to reproduce the actual complexity of the real disk drive.
It's going to be an simpler idealized disk. Writing the virtual drivers
for the guest machines will be a lot simpler. The char and block drivers
for disks are likely to be just simple wrappers.
VM/CMS did that. It didn't have device drivers. Or a virtual memory subsystem
to get a memory space larger than physical memory. Sort of like DOS 1.0
using BIOS to do i/o. If you wanted to write an experimental OS without
getting bogged down in a lot of hardware specific details, VM would be
ideal for that.
Kernel debugging would be a lot easier. You could instruction step through
a boot sequence even. Though I'll have to say when debugging VM under VM
(multiple levels of virtual machines) you really had to keep your wits about
you to figure out and keep track of what level you were looking at.
--
Joe Seigh
Lock-free synchronization primitives
http://atomic-ptr-plus.sourceforge.net/ |
|
| Back to top |
|
|
HP
Guest
|
| Posted:
Wed Feb 09, 2005 6:39 am Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
"Andrew Reilly" <andrew-newspost@areilly.bpc-users.org> wrote in message news:pan.2005.02.08.23.55.39.59408@areilly.bpc-users.org...
| Quote: | "Eric P." <eric_pattison@sympaticoREMOVE.ca> writes:
(d) Isolating customers from each other. The typical OS can
do this for ordinary users, but not administrators. What if you
want to run Unix or Linux, but allow a teacher or their assistant
to have "root" relative to their students, to kill off rogue
processes, be able to view files, etc? You could add a new
security model; but you could just grant them root to their
virtualized machine.
To the extent that that sort of facility doesn't exist (see jails: it
does), then that would be a failing of the OSes in question, for that
application. I think that Multics allowed that sort of privelige nesting
as a standard feature, didn't it? The isolation wouldn't be much better
than is available in a multi-user OS anyway: the resources are still
shared. You have just replaced explicit interaction and communication
with implicit or covert interaction and communication. You also don't get
to use non-lowest-common-denominator hardware interfaces, and you don't
get the sort of process and resource accounting that a "real" OS gives you.
Didn't the PC revolution do away with that time-sharing model anyway, and
give all users root access of the box that they were using?
|
What if they are renting a web server or something. This VT thing allows you to
run a mix of unmodified operating systems all on on one box, one virtual server
per customer.
Actually, there are much more evil uses for it than that - look at how Microsoft
managed to use virtualisation in 16 bit Windows - VxDs could run under user
code and do almost anything. You could imagine adding a VxDlike layer
underneath a 32 or 64 bit OS much like Windows 3.1 added a layer underneath
16 bit code. Mind you if you only want to virtualise non privileged code you
probably don't need VT - just trapping IO and memory access is enough.
|
|
| Back to top |
|
|
Chris Barts
Guest
|
| Posted:
Wed Feb 09, 2005 7:53 am Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
Andrew Reilly wrote:
| Quote: | On Tue, 08 Feb 2005 03:51:22 -0500, Arrvindh Shriraman wrote:
Pls take a look at intel's Vanderpool technology
http://www.intel.com/technology/computing/vptech/index.htm
Now, I can see that this is pretty much a reaction to the seemingly large
success of things like VMWare and Microsoft's VirtualPC (on PC).
Finding ways to optimize popular software is always a good idea.
|
I agree. I think it's a smart business strategy to make
virtualization/emulation more efficient, because people have a large
investment in software that doesn't want to run on modern hardware/OS
pairs. Give them a good way to not invalidate that investment and you
will get rich.
| Quote: |
Also notwithstanding that there's an obvious pre-existing example of
wholesale virtualization in the IBM mainframes, is there actually a really
good reason to use virtualization on a day-to-day basis, or is it just a
practical acknowledement that there are failings of the OSes that are used
on these things?
|
Both, as has been said. And there's a lot of DOS-only software that
Windows people want to use, Windows-only software that must be used by
people who don't want to deal with Microsoft's OS licensing agreements,
and so on and so forth.
Plus, IBM is very big on backwards-compatibility. A modern z/OS system
can run software developed for the System/360 in 196x and not modified
since Johnson was in office.
| Quote: | I mean, OSes are supposed to be there to ration access to a machine's
hardware resources, for the benefits of the (several) applications that
want to share it.
|
That's only one thing most OSes do. Exokernels only do the partitioning
and leave client OSes to actually give everything else an API and a
filesystem and so on. I think IBM's VM is like this, and VM is always
used with client OSes because talking to VM isn't that much different
from talking to the bare metal (exokernels provide as few abstractions
as possible). VM can support multiple client OSes at the same time, up
to the limits of the hardware, and you can debug kernels running under
VM (I think).
MIT exokernel page: http://www.pdos.lcs.mit.edu/exo.html
Microkernels aren't much different, except they aren't as pared-down.
You usually don't run multiple client OSes under a microkernel, but you
do run userland servers that provide most OS services (one server per
service, and they can be hot-swapped and debugged). NeXTstep was like
this (an OS built on the Mach microkernel and servers), and the GNU HURD
is another example of this. Microkernels are used in real-time systems
and research projects.
C.B. Browne's page on microkernel projects:
http://www.cbbrowne.com/info/microkernel.html
Most OSes are like Linux and Windows, and put everything the userland
programs don't do into kernel space for efficiency. This is called a
monolithic design. If it isn't a microkernel or an exokernel, it's
monolithic. |
|
| Back to top |
|
|
Andrew Reilly
Guest
|
| Posted:
Wed Feb 09, 2005 7:56 am Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
On Tue, 08 Feb 2005 21:31:20 -0500, Joe Seigh wrote:
| Quote: | You can run multiple OSes at the same time. I run windows and Linux on
separate boxes for that reason plus I didn't feel like wasting a lot of
time getting multi-booting to work and stay working. Re-install of an
OS, especially windows, tended to clobber the boot partition no matter
what you tried to do. You can run OSes that don't play nice and use
shared disk formats, like Solaris. And windows, if it sees an
unformatted disk, won't let you make it a standard patitioned disk. You
have to use Linux or PartitionMagic to do that. With VM, you don't have
to worry about what the guest machine is going to do to its virtual disk
since it can't possibly affect the other guest machines.
|
But OSes aren't an end in themselves. What you really want to do is to be
able to run applications. What you have is applications written against
different, incompatible APIs. Yes, that's a problem, but it seems to me
that virtualization is a sledge-hammer answer that seriously limits
interoperability and naturalness with respect to the other applications
that you're running on that machine. You can't really use virtualization
to support a windowing application because there's no such thing as a raw
window-managed frame buffer to virtualize: you have to work at the level
of whole screens, or whole disk drives. Consider, as an alternative, Wine
(or one of the commercial alternatives that use actual Windows libraries)
in one direction, or cygwin/etc in the other. Or Linux emulation under
Solaris or BSD. Or even X11 under Mac OSX (not that there are many
MachO/PowerPC/X11 executables out there. AIX perhaps?)
| Quote: | Simpler device drivers. When you virtualize something like a disk, you
aren't going to reproduce the actual complexity of the real disk drive.
|
And so you must also not be reproduing the actual capabilities of the disk
drive. Nor are you effectively sharing that disk resource with other
applications running on the machine.
| Quote: | It's going to be an simpler idealized disk. Writing the virtual drivers
for the guest machines will be a lot simpler. The char and block
drivers for disks are likely to be just simple wrappers.
|
But someone still has to write the actual device driver that knows how to
get optimal use out of the actual hardware.
| Quote: | VM/CMS did that. It didn't have device drivers. Or a virtual memory
subsystem to get a memory space larger than physical memory. Sort of
like DOS 1.0 using BIOS to do i/o. If you wanted to write an
experimental OS without getting bogged down in a lot of hardware
specific details, VM would be ideal for that.
|
Or you could just start with an existing OS and build on its existing
device drivers. It's going to have to deal with device details
eventually, because that's what an OS is for. Alternatively, you could
start with a simple net-booting, serial-console crash box, and not worry
much about devices at all.
| Quote: | Kernel debugging would be a lot easier. You could instruction step
through a boot sequence even.
|
That's even easier with a JTAG debugger on a second system, because you
can power-cycle the development system/box, if you manage to wedge some
peripheral.
Cheers,
--
Andrew |
|
| Back to top |
|
|
Joe Seigh
Guest
|
| Posted:
Wed Feb 09, 2005 7:57 am Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
On Wed, 09 Feb 2005 13:57:47 +1100, Andrew Reilly <andrew-newspost@areilly.bpc-users.org> wrote:
| Quote: | On Tue, 08 Feb 2005 21:31:20 -0500, Joe Seigh wrote:
But OSes aren't an end in themselves. What you really want to do is to be
able to run applications. [...]
|
What *I* want to do is run multiple OSes because I'm porting stuff to the
OSes. VM doesn't get me around the different hardware stuff but it
would let me get by without mulitple systems with the same hardware.
| Quote: |
Simpler device drivers. When you virtualize something like a disk, you
aren't going to reproduce the actual complexity of the real disk drive.
And so you must also not be reproduing the actual capabilities of the disk
drive. Nor are you effectively sharing that disk resource with other
applications running on the machine.
|
Well, it's been a while since I wrote an application that issued native
SCSI commands, so I don't think I'll miss it. The ironic thing was that
the SCSI functions I was using weren't used by the OS or any applications,
so I don't think anyone will miss that capability either for routine stuff.
And I'm missing something here. Why would sharing a disk by VM be less
efficient than sharing a disk by some other OS or by a logical volume
manager?
| Quote: |
It's going to be an simpler idealized disk. Writing the virtual drivers
for the guest machines will be a lot simpler. The char and block
drivers for disks are likely to be just simple wrappers.
But someone still has to write the actual device driver that knows how to
get optimal use out of the actual hardware.
|
Yes, but it only has to be written once for VM. The guest OS drivers would be
trivial. Plus you can always have the guest machines access specified
devices in non-shared mode with a native device driver if desired.
--
Joe Seigh
Lock-free synchronization primitives
http://atomic-ptr-plus.sourceforge.net/ |
|
| Back to top |
|
|
Andrew Reilly
Guest
|
| Posted:
Wed Feb 09, 2005 7:57 am Post subject:
Re: intel's Vanderpool and virtualization in general (was Re |
|
|
On Wed, 09 Feb 2005 00:05:13 -0500, Joe Seigh wrote:
| Quote: | On Wed, 09 Feb 2005 13:57:47 +1100, Andrew Reilly wrote:
But OSes aren't an end in themselves. What you really want to
do is to be able to run applications. [...]
What *I* want to do is run multiple OSes because I'm porting stuff
to the OSes. VM doesn't get me around the different hardware
stuff but it would let me get by without mulitple systems with
the same hardware.
|
Well, that's a good use for a VM, but is the developer community
enough of a market to support a whole new architectural feature?
I doubt it. There must be a real pull from consumers. Presumably
the web server virtualization thing, but that seems like a fairly
small market too, once you take all of the really big sites (who
use real hardware for their servers) and the really tiny sites (who
are happy to be hosted on whatever real OS is running on the web
hosting server).
From the software development perspective, too, how sure are you
that your OS won't misbehave when the wall-clock time keeps jumping
forward unexpectedly? What's that going to do to your carefully
tuned thread priorities in your real-time multimedia game/application?
| Quote: | Simpler device drivers. When you virtualize something like a disk, you
aren't going to reproduce the actual complexity of the real disk drive.
And so you must also not be reproduing the actual capabilities of the disk
drive. Nor are you effectively sharing that disk resource with other
applications running on the machine.
Well, it's been a while since I wrote an application that issued native
SCSI commands, so I don't think I'll miss it. The ironic thing was that
the SCSI functions I was using weren't used by the OS or any applications,
so I don't think anyone will miss that capability either for routine stuff.
And I'm missing something here. Why would sharing a disk by VM be less
efficient than sharing a disk by some other OS or by a logical volume
manager?
|
The efficiency I meant was space efficiency, not (necessarily)
access time efficiency. Real OSes let applications share disk space
at the file and sector level (or even finer), not just at the volume
or partition level. You could achieve this between VM client
instances with something like a SAN cluster FS and a distributed
lock manager, but I don't know if any of those work across different
operating systems.
I expect that most of the software development community actually
use "network" file systems served by the client OS, rather than
doing much virtual disk access. From my personal use of VirtualPC
on my Mac laptop, I know that actually using the boot file system
for anything is a drag, because you can't acess the results at all
as soon as you quit the application and shut down the VM.
| Quote: | It's going to be an simpler idealized disk. Writing the virtual drivers
for the guest machines will be a lot simpler. The char and block
drivers for disks are likely to be just simple wrappers.
But someone still has to write the actual device driver that knows how to
get optimal use out of the actual hardware.
Yes, but it only has to be written once for VM. The guest OS drivers would be
trivial. Plus you can always have the guest machines access specified
devices in non-shared mode with a native device driver if desired.
|
Only one VM? The commodity OS market may have something to say
about that. In the "all the world is Windows" world that we mostly
live in now, device drivers are only written once anyway, for
Windows. Why would Microsoft want to cede that space? The last
time Intel tried to make Windows a client OS (of RTMX) Microsoft
was very upset, and the product was quickly discontinued.
--
Andrew |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in