COMP 3000 Essay 1 2010 Question 1
Question
To what extent can exokernels be seen as a compromise between virtual machines and microkernels? Explain how the key design characteristics of these three system architectures compare with each other.
Answer
Introduction
In Computer Science, the kernel is the component at the center of the majority of operating systems. The kernel is a bridge for applications to access the hardware level. It is responsible for managing the system's resources such as memory, disk storage, task management and networking. We are comparing Exokernels to Microkernels and Virtual Machines by looking at how the kernel goes about such management and its connections. In the Exokernel conceptual model, we can see exokernels become much smaller than microkernels because as this design shows, they are tiny and strive to keep functionality limited to protection and multiplexing of resources. The Virtual Machine Implementation of virtualizing all devices on the system may provide compatibility, but it also adds a layer of complexity within the system. This is less efficient than a real machine as it accesses the hardware indirectly. It can be observed by examining how the exokernel provides low level hardware access and provides custom abstraction to those devices. This is done in order to improve program performance as opposed to a VM's implementation. The exokernel concept has a design that can take the better concepts of microkernels and virtual machines to the extent that exokernels can be seen as a compromise between a virtual machine and a microkernel.
Microkernels
The kernel is the most important part of an operating system. An operating system could not function without the kernel. A kernel is the lowest level section of an operating system. Within a system, it has the most privileges. It runs along side of the ‘user space’. It is in the ‘user space’ where a user has access. This is also where the user can run its applications and libraries.[8] This leaves the kernel with the need to manage the other necessary processes. For example, the kernel could manage the File Systems and complete process scheduling. The kernel is layered with the most authoritative process on its lowest level.[8] A monolithic kernel, which is a kernel that contains all mandatory processes within itself, was the common kernel type of the earlier versions of today’s operating systems utilized. However, this architecture had problems. [8] If the kernel needed to be updated with more code, or a change in the system, the entire kernel would need to be compiled. Therefore, due to the amount of processes within it, it would take an inefficient amount of time. Here, a microkernel becomes practical.
The concept of a microkernel, is to reduce the code within the kernel. The microkernel is only included in the kernel if it would impact the system. There are a variety of ways the system could be affected if a microkernel were to be implemented, for example, there would be increased performance and efficiency. [7] Furthermore, a microkernel is a kernel that has a reduced amount of mandatory software within itself. This means that it contains less software to manage, and has a reduced size.
A microkernel that emerged at the end of the 1980’s to the early 1990’s has the structure that processes as if the File Systems and the Drivers are removed from it, leaving the kernel with process control and input/out control, and interrupts. [8] This new structure makes the system much more modular, and easier to provide solutions. If a driver must be patched or upgraded, the kernel does not need to be recompiled. [7] The old driver can be removed, and during the time the device waits for the system to recognize it, the operating system replaces the driver. This allows for real-time updating, that can be done while the computer is still functional. This can reduce the complete crash of the system. Therefore,if a device fails, the kernel will not crash itself, like a monolithic kernel would. The microkernel can reload the driver of the device that failed and continue functioning. [7]
Virtual Machines
A Virtual Machine, or VM, is a software abstraction of a physical machine. This entails virtualization of the physical machines resources in order to share them among OS run in the VM. Virtualizing these resources allow the OS to run as if it were on a full machine when, in reality, it is actually running in a virtualized environment on top of a hostOS. The OS is actually running on the machine, sharing the resources.
Virtual Machines generally contain two key components; both the Virtual Machine Monitor, or VMM and the VM. The VMM, also known as the hypervisor, manages the virtualization of the physical resources and the interactions with the VM running on top. [4] In other words, it mediates between the virtualized world and the physical world, keeping them separate and monitoring their interactions with each other. The hypervisor is what allows the VM to operate as if it were on its' own machine. This is done by handling any requests to resources and maintaining these requests with what has actually been provided to the VM, by the hostOS. The hostOS provides management for the VMM, as well as, allowing physical access to devices, hardware and drivers. [6]
The VM, is what contains the OS, we are running through virtualization. [6] This OS is called the guestOS. It will only be able to access any resources that have been made available to the VM by the hostOS. [6] Otherwise, the guestOS will not know about any other resources and does not have direct access to physical hardware. This will be taken care of by the VMM. While, the guestOS will execute as its own machine, unaware of this mediator.
There are various ways of implementing hardware virtualization in a system to allow VMs to run. This includes device emulation, paravirtualization and dedicated devices. [9]
In device emulation the VMM provides a complete virtualization of a device for the guestOS to interact with, in the software. [9] The VMM will map this virtualized device to the physical resource and handle any interactions between them. This will usually include converting instructions from the guestOS into instructions that are compatible with the device. [9] Device emulation allows for the VM to be migrated easily to another machine as it is not dependent on the physical devices but rather, on the software emulations instead. [9] It also allows for simpler multiplexing between multiple virtual machines as it can handle sharing though these virtualized devices. [9] A drawback of emulation, however, is poor performance. This is because the VMM must handle every request and convert them to be compatible with the physical device. [9] Nonetheless, despite its poor performance, emulation is still the most common form of virtualization.
Paravirtualization allows for a boost in performance by having the guestOS and the hostOS work together to improve performance. [9] In paravirtualization, the guestOS is not a native OS and must be modified so guestOS is aware that it is a virtualized system. [9] Since the guestOS is aware of this, it can now make better decisions about how it accesses devices. Seeing as the guestOS will be able to handle its decisions better, the VMM’s responsibility is reduced as it now does not have to translate between the guestOS and the physical devices. [9] Though the performance boost is a great advantage, there are many disadvantages to this. Some disadvantages are that you can only use paravirtualization if you can implement the modifications to the guestOS. As well, not everything can be paravirtualized and as such, this limits the cases in which this method can be used. [9] Also, every guestOS must be modified in order to be used in paravirtualization. The modifications will differ in various OS and so, there is also the task of implementing these changes to make a guestOS compatible. [9]
Instead of virtualizing the hardware and mediating between the VMM, dedicated devices allow mapping directly to the guestOS. [9] In this method, the device will use the guestOS’s drivers instead of the hostOS’s. [9] Using this method allows the guestOS to use the hardware to its full extent, without having to deal with the VMM. This then, simplifies the VMM by eliminating the overhead by virtualizating the hardware and handling the requests to devices. [9] However, there are limited physical resources to be dedicated to a guestOS. This also makes migration difficult as the guestOS is dependent on the physical device. [9]
Exokernels
Exokernels can be seen as a compromise between a microkernel and a VM. It can also be seen as simply dividing a monolithic kernel up into 2 parts. The management tasks of the kernel remain in the exokernel, these are the raw resource management tasks such as memory management. While the higher level abstractions such as file systems, address spaces, and interprocess communication is done at the application level[1]. These abstractions are usually provided by library OSs which allow applications to handle their own machine resources in ways not possible with the traditional kernel. Which in turn can cause large performance boosts in several areas which will be shown below.
The exokernel walks this fine line between management and control by only providing three functions for accessing the machine's resources. It will only track ownership of resources, ensure protection by guarding all resource usage and bind points and revoke access to the resources. [1] By doing so the exokernel allows the library OSs maximum freedom over the machine's resources without allowing them to interfere with one another's resources as you would see in an unmanaged system.
Through these three functions the exokernel can control and allow many different situations. By tracking the ownership of the resources the exokernel can export privileged instructions to the library OS so that traditional OS abstractions can be implemented as well as allowing application based resource management which is the best way to build flexible and efficient systems all while avoiding resource management except when inter-library conflict protection is required to maintain system integrity.[1] By exposing the allocation and the raw resources and their physical names to the application layer the exokernel is able to allow the library to request physical resources which removes the expensive overhead that is involved with translating the virtual names to their physical names [3] also the physical names capture more useful information and are safer and less resource intensive. [3] Finally by exposing revocation the exokernel allows well behaved library OSs to preform application level resource management [1] and allows the library OS to choose what instance of the resource to release[1].
Not only does the exokernel benefit from it's decreased task load but the library OSs also experience several benefits compared to operating on a microkernel or VM. Library OSs running on an exokernel have a reduction in the number of kernel crossings compared to a microkernel[1] also since the library OS is not trusted by the exokernel it can then be trusted by the application. While a library OS may choose to handle low level management tasks it self, there is still a notion of portability for applications working with the library OSs such that applications that use a library OS that has implement standard interfaces, such as POSIX, will be portable on any system with the same interface [1] and a library OS can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details. [1]
Exokernels follow the same design pattern of removing unnecessary code from within the kernel but without the same kernel to user space communication issues that microkernels experience. They also provide through their library OSs a simple yet effective way to emulate several different types of physical resource handling methods similar to virtual machines.
Conclusion
The kernel is the most important part of the operating system. It manages the processes, and interrupts. It controls the memory and drivers through process management. The microkernel is an improved design of the original kernel. It removed unnecessary processes from the kernel space and moved it into the user space. This made the kernel smaller, more portable and easier to manage. It reduced crashes caused by drivers and other problems. Virtual machines run software that can emulate hardware for an operating system to run on. This allows an operating system to run within an operating system, while sharing the same physical hardware. Though, microkernels and virtual machines have their faults. An Exokernel is seen as a compromise between microkernels and virtual machines. An exokernel contains a condensed kernel similar to a microkernel, and has better control over libraries than a virtual machine has. It can talk to the hardware directly, without the difficulty a microkernel has. Computers are always evolving. The further implementation of exokernels would make a great addition.
References
[1] Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076
[2]Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.
[3]Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644
[4]Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008 DOI= http://doi.acm.org/10.1109/PDP.2008.85
[5]Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950
[6]Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555
[7]Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075
[8] Roch, Benjamin 2004. Microkernel Verses Monolithic Kernel. Vienna University of Technology, Wien, Österreich. http://www.vmars.tuwien.ac.at/courses/akti12/journal/04ss/article_04ss_Roch.pdf
[9]Fisher-Ogden J. 2006. Hardware Support for Efficient Virtualization. University of California, San Diego. http://cseweb.ucsd.edu/~jfisherogden/hardwareVirt.pdf
Misc
- every thing is moved to discussion page