http://feedly.com/e/xovndRmh
You may have heard the new buzz word "Cloud Operating System" in the last few months. The term gained prominence when Cloudius Systems launched OSv at LinuxCon in September. Many people working on OSv - namely Glauber Costa, Pekka Enberg, Avi Kivity and Christoph Hellwig - are well known in the Linux community, due to their role in creating KVM. But the concept of a cloud operating system isn't new. There are many cloud OSes from which to choose, including the Xen Project's Mirage OS, which had its first release a few weeks ago.
Cloud Operating Systems: A New Incarnation of an Older Idea
The approach taken by OSv (as well as others before OSv), revisits an old approach to operating system construction - the Library OS - and puts it in the context of cloud computing within a virtual machine. The basic premise of this approach is to simplify the application stack in the cloud significantly, removing layers of abstraction and offering the promise of less complexity, increased system security and simplified management of application stacks in the cloud.
 |
| Figure 1: on the left, you see a typical application stack run in the cloud today. Of course this is a simplification (leaving out AWS or other cloud APIs). On the right you see. that Cloud Operating systems such as OSv remove the Operating System and replace it with a Language Runtime that is designed to cooperate with the virtual environment the Hypervisor provides (which may include access to Hypervisor APIs). |
As you can see, Cloud Operating Systems are designed to run a single application within a single Virtual Machine: thus much of the functionality in a general purpose operating system is simply removed. In other words, you strip out everything that your language and APIs do not need and let the hypervisor take care of it: what you end up with a lean language specific software stack that runs much faster than a normal VM, and is more secure simply because there is less code that could be attacked.
Examples of Cloud Operating Systems
As stated earlier, OSv is not the first Cloud Operating System on the market. To the credit of OSv's creators, it did put the technology on the map by creating lots of buzz.
| Cloud OS | Language which is targeted | Available for |
| C++ | Xen | |
| C | Windows "picoprocess" | |
| Erlang | Xen | |
| Haskell | Xen | |
| Java | Xen | |
| C | Xen | |
| OCaml | Xen, kFreeBSD, POSIX, WWW/js | |
| C | NetBSD, Xen, Linux kernel, POSIX | |
| Java | KVM, Xen |
Of course, many of these projects are still under development and it will come down to how easy it will be to port existing applications to a Cloud Operating System for a specific language. This depends to a large degree on how rich and well defined language runtimes are.
Are Cloud Operating Systems bad for Security?
When OSv was launched in September, one of the overwhelming reactions by the Linux community was that OSv (and by extension Cloud Operating Systems) are bad for Security. How secure a system is depends on two factors. 1. The amount of code in the system: more code => more potential exploits => less security. On the flip side: less code => fewer potential exploits => more security. Thus removing layers of code is a good thing from a security perspective. 2. What damage an exploit can do: in a typical cloud application, an attack always starts with input that would either lead to an attack of the underlying OS or application and will then try and get to some user data, take over your OS, another application or other resources in the system.
In the Cloud Operating System case, we only have one application and a language runtime. In a nutshell, an attacker would not gain more than access to the already running application. As the Language runtime for a Cloud Operating System is smaller than in the case of a general purpose OS, an attack vector through the Language runtime is harder and less likely. You may argue, that such an attacker could then jump into another VM. However, that possibility exists today: if you trust an application stack running in a public cloud today, you would actually be better off in the new model.
Porting Existing Applications to Cloud Operating Systems
As you see from the list of available solutions above, Cloud Operating Systems exists for languages such as Java, Erlang and Haskell. In the case of Java (and OSv), a typical use-case would be to take NoSql, MemCache or Tomcat and test it within OSv (hopefully it will just all work). Besides security benefits, there should be clear benefits when it comes to garbage collection, which ought to be more predictable and low latency. An interesting experiment would also be to take Apache CloudStack and try and run it within OSv. For Erlang (and ErlangOnXen) it should be relatively straightforward to take applications such as Riak, Jaws or Chef and run it within a Cloud Operating Systems. Rather than listing other examples, I will leave possibilities to your imagination.
Writing distributed portable Applications and specialized Appliances easily
As I work for the Xen Project, I wanted to talk a little bit about our own Cloud OS - Mirage OS - including the design goals behind it. Mirage OS represents our desire for a radically simpler way of building complex distributed systems using a modern modular, functional and type-safe programming language such as OCaml. Unlike other Cloud Operating Systems such as OSv, Mirage OS does not attempt to optimize existing code, but provide a toolkit to make it easy to quickly assemble new systems without having to be a domain expert in (e.g.) kernel programming. Mirage OS implemented clean-slate libraries for TCP/IP, DNS, Xen device drivers, VNC, HTTP and other common Internet protocols. All are written in a completely type-safe fashion so that they are resistant to attacks such as buffer overflows that are plaguing the Internet. The downside to this approach is Mirage OS can only work with open protocols, since we cannot build clean-slate versions of closed protocols for which we have no specification.
The upside is that Mirage OS appliances are extremely portable. The first target environments for Mirage OS are Linux, OSX and Xen. But Mirage OS has prototypes that compile the same application source code (e.g. ) to run as kernel modules inside FreeBSD, or even to JavaScript. This opens many possibilities for non-cloud use-cases: such as NFV, middleboxes, avionics and the internet of things.
Another interesting possibility is Mirage OS'es potential for XenServer's new architecture called Windsor. XenServer's management stack is written in OCaml and Mirage OS is ideal to break the management stack into small co-operating appliances, each running in its own tiny VM. XenServer is already using some of the Mirage OS libraries and work has been upstreamed to the Xen Hypervisor (coming with Xen 4.4) that removes scalability limits to allow 1000's of tiny VMs to be run on top of Xen.
Challenges for Adoption in the Cloud
The biggest challenge for Cloud Operating Systems today is that most cloud providers do not provide support for very small, high density VM deployments. To fix this, cloud billing resolution will need to adapt to allow charging for much smaller Virtual Machines that run for very short times (less RAM, less disk space, VM lifespan measured in seconds rather than hours). Whether Cloud Service Providers like Amazon will move in this direction is anybody's guess, but it is probably more a matter of when than if.
No comments:
Post a Comment