1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/REC-html40/loose.dtd">
<html>
<head>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type">
<title>The UML roadmap</title>
</head>
<body alink="#FF0000" vlink="#55188A" link="#0000EF" bgcolor="#FFFFFF" text="#000099">
<table border="0">
<tr align="left">
<td valign="top">
<table border="0">
<tr align="left"><td valign="top" >
<img src="http://user-mode-linux.sourceforge.net/uml-small.png" height="171" width="120"/>
</td></tr>
<tr align="left"><td valign="top" bgcolor="#e0e0e0">
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/index.html">Site Home Page</a></font>
<br>
<font size="-1"><a href="http://uml.harlowhill.com">The UML Wiki</a></font>
<br>
<font size="-1"><a href="http://usermodelinux.org">UML Community Site</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/roadmap.html">The UML roadmap</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/uses.html">What it's good for</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/case-studies.html">Case Studies</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/kernel.html">Kernel Capabilities</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/dl-sf.html">Downloading it</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/run.html">Running it</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/compile.html">Compiling</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/install.html">Installation</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/skas.html">Skas Mode</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/patches.html">Incremental Patches</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/tests.html">Test Suite</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/devanon.html">Host memory use</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/fs_making.html">Building filesystems</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/faq.html">Troubles</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/contrib.html">User Contributions</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/links.html">Related Links</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/todo.html">The ToDo list</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/projects.html">Projects</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/diary.html">Diary</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/thanks.html">Thanks</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/contacts.html">Contacts</a></font>
</td></tr>
<tr align="left"><td valign="top" bgcolor="#e0e0e0">Tutorials<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/UserModeLinux-HOWTO.html">The HOWTO (html)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/UserModeLinux-HOWTO.txt">The HOWTO (text)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/hostfs.html">Host file access</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/input.html">Device inputs</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/shared_fs.html">Sharing filesystems</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/fs.html">Creating filesystems</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/resize.html">Resizing filesystems</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/networking.html">Virtual Networking</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/mconsole.html">Management Console</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/debugging.html">Kernel Debugging</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/honeypots.html">UML Honeypots</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/gprof.html">gprof and gcov</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/xtut.html">Running X</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/trouble.html">Diagnosing problems</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/config.html">Configuration</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slack_readme.html">Installing Slackware</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/arch-port.html">Porting UML</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/iomem.html">IO memory emulation</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/2G-2G.html">UML on 2G/2G hosts</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/lksct/index.html">Adding a UML system call</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/nesting.html">Running nested UMLs</a></font>
</td></tr>
<tr align="left"><td valign="top" bgcolor="#e0e0e0">How you can help<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/help-gen.html">Overview</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/help-doc.html">Documentation</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/help-userspace.html">Utilities</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/help-kernel-v1.html">Kernel bugs</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/projects.html">Kernel projects</a></font>
</td></tr>
<tr align="left"><td valign="top" bgcolor="#e0e0e0">Screenshots<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/net.html">A virtual network</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/x.html">An X session</a></font>
</td></tr>
<tr align="left"><td valign="top" bgcolor="#e0e0e0">Transcripts<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/login.html">A login session</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/debug-session.html">A debugging session</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slackinst.html">Slackware installation</a></font>
</td></tr>
<tr align="left"><td valign="top" bgcolor="#e0e0e0">Reference<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/switches.html">Kernel switches</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slack_readme.html">Slackware README</a></font>
</td></tr>
<tr align="left"><td valign="top" bgcolor="#e0e0e0">Papers<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/als2000/index.html">ALS 2000 paper (html)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/als2000.tex">ALS 2000 paper (TeX)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slides/als2000/slides.html">ALS 2000 slides</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slides/lca2001/lca.html">LCA 2001 slides</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slides/ols2001/index.html">OLS 2001 paper (html)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/ols2001.tex">OLS 2001 paper (TeX)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/als2001/index.html">ALS 2001 paper (html)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/als2001.tex">ALS 2001 paper (TeX)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slides/ists2002/umlsec.htm">UML security (html)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slides/lca2002/lca2002.htm">LCA 2002 (html)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slides/wvu2002/wvu2002.htm">WVU 2002 (html)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slides/ists_rt/ists_rt.htm">Security Roundtable (html)</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slides/ols2002/ols2002.html">OLS 2002 slides</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/slides/lwe2005/LWE2005.html">LWE 2005 slides</a></font>
</td></tr>
<tr align="left"><td valign="top" bgcolor="#e0e0e0">Fun and Games<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/cgi-bin/hangman">Kernel Hangman</a></font>
<br>
<font size="-1"><a href="http://user-mode-linux.sourceforge.net/sdotm.html">Disaster of the Month</a></font>
</td></tr>
</table>
</td>
<td valign="top" align="left">
<center>
<h3>The UML roadmap</h3>
</center>
Here, I describe my view of the future of UML. It is almost always
seen as a standard virtual machine technology, since that is the only
way it can be currently used, but, because of its design as a virtual
OS rather than a virtual machine, it is a general-purpose
virtualization technology which can be put to a much wider array of
uses.
<p>
I'm dividing the descriptions below roughly by their timescale,
starting with ongoing stuff which will continue for the forseeable
future, and ending with things which are so far into the future that
they depend on enabling technologies which don't yet exist for Linux.
<a name="Ongoing work"/><table width="100%" bgcolor="#e0e0e0">
<tr>
<td>
<b>
<font color="black">Ongoing work</font>
</b>
</td>
</tr>
</table>
<blockquote head="Ongoing work">
Work that has been happening, and will continue to happen for the
foreseeable future include:
<ul>
<li>
bug fixes
</li>
<li>
functional enhancements - Small features will go in from ocassionally
as time permits to implement them, or as they are implemented by other
people who send me patches. Examples of this include:
<ul>
<li>
Finishing the hotplug support, including adding CPU and memory hotplug
</li>
<li>
Integrating
<a href="http://sysemu.sourceforge.net">sysemu</a>
support, and pushing the host patch to Linus
</li>
<li>
Adding support for valgrind, including describing the memory
allocators so it can track kernel memory usage
</li>
</ul>
</li>
<li>
keeping up with 2.4, 2.6, and -mm - UML will be updated to the latest
2.4 and 2.6 trees, with 2.4 maybe being dropped when it's clear that
the world has moved on to 2.6. I will pick up 2.7/2.8 when they
start. I'm also tracking the -mm kernels as a staging area for stuff
that destined for Linus.
</li>
<li>
Performance improvements - Profiling both the host and UML, looking
for ways to make UML more efficient as a guest and to make the host a
better host.
</li>
</ul>
</blockquote>
<a name="Externfs"/><table width="100%" bgcolor="#e0e0e0">
<tr>
<td>
<b>
<font color="black">Externfs</font>
</b>
</td>
</tr>
</table>
<blockquote head="Externfs">
externfs is the result of restructuring hostfs to better support
mounting arbitrary outside resources as UML filesystems. Currently,
there are two users of it, hostfs and humfs, both of which import host
directory hierarchies as UML filesystems. However, externfs allows
anything which can implement a standard set of file operations to be
mounted as a UML filesystem.
<p>
For example, a SQL database could be imported as a filesystem into a
UML. The sqlfs plug-in to externfs would define the mapping from
tables, rows, and columns to UML directories and files. Reads from
these files would trigger SQL lookups, and writes to them would
trigger updates. Since the data is stored in the database, the
database and its indexes will always be up to date.
<p>
Also, A special file (or directory) could be made
available which would allow SQL access to the underlying database.
So, if /mnt is a sqlfs mount,
<blockquote>
<tt>
<font color="#000000"> ls /mnt/sql/"select * from table where foo=3"</font>
</tt>
</blockquote>
could list the set of rows matching the select criteria, and changing
to that directory and looking at the files in it could show the data
in those rows.
<p>
I see this particular case as being more of a cute trick than
something that will be generally useful. However, a special case
could be very useful. If a Linux filesystem were stored in the
database, UML could boot from the sqlfs filesystem, and then the raw
SQL access would start being useful. Assuming that file metadata was
stored reasonably in the database, you could do queries such as
<blockquote>
<tt>
<font color="#000000"> ls /sql/"select name from files where setuid=1"</font>
</tt>
</blockquote>
<blockquote>
<tt>
<font color="#000000"> ls /sql/"select name from files where modified=<i>today</i>"</font>
</tt>
</blockquote>
<blockquote>
<tt>
<font color="#000000"> ls /sql/"select name from files where created=<i>today</i>
and owner="root"</font>
</tt>
</blockquote>
These have obvious security uses, and can be done casually and
quickly, since the file metadata is indexed in the underlying
database, rather than having to run a find over the entire
filesystem.
<p>
This idea could be extended to mounting specialized databases
containing certain types of data. For example, a UML user could store
email in a filesystem which is backed by a glimpse database on the
host. This would allow rapid searching of email using whatever
searching capabilities the filesystem makes available inside UML.
</blockquote>
<a name="Medium-term projects"/><table width="100%" bgcolor="#e0e0e0">
<tr>
<td>
<b>
<font color="black">Medium-term projects</font>
</b>
</td>
</tr>
</table>
<blockquote head="Medium-term projects">
For some time, I have been planning to do away with the double-caching
that UML causes on the host. When UML reads data, it does so in a way
that the data is stored in the host's page cache. That data also ends
up separately in the UML's page cache, so that there are two copies of
the data in the host's memory, which is an obvious waste. My solution
to this is two-fold:
<ul>
<li>
use O_DIRECT IO on private data
</li>
<li>
mmap shared data into the UML page cache
</li>
</ul>
Using O_DIRECT IO bypasses the host's page cache and causes the data
to be read (or written) directly into (or from) the UML's page cache.
For data which is private to the UML, this is perfect. However, if
there's shared data, such as a backing file with multiple COW files,
this will create one copy of the data in each UML which uses it. The
host copy is eliminated, which is an improvement, but it's possible to
do better in this case.
<p>
For shared data, the solution is to let the data go through the host's
page cache, and have the UMLs mmap it from there. This eliminates the
copying since all the UMLs have the same page of memory mapped into
their page caches.
<p>
This could obviously be done in the case of private data as well, but
mmap is expensive - mapping a page seems to be somewhat slower than
copying it. So, using mmap in the case of private data would just
slow it down. Of course, this is true of shared data as well, but
there are offsetting gains in the form of memory reductions, and
speedups for the second and later UMLs which access the data.
<p>
A related but separate project is the use of the AIO support in 2.6
hosts to improve UML's IO performance. humfs has AIO support, and
will use it if it's present on the host. This needs to be extended to
include the ubd driver and hostfs.
<p>
ports
swsusp
</blockquote>
<a name="UML in the kernel"/><table width="100%" bgcolor="#e0e0e0">
<tr>
<td>
<b>
<font color="black">UML in the kernel</font>
</b>
</td>
</tr>
</table>
<blockquote head="UML in the kernel">
It is possible to configure UML to run inside the host kernel rather
than in userspace. This involves making it use internal kernel calls
rather than the libc system call wrappers. This would turn UML into a
kernel module.
<p>
The most obvious advantage to doing this is speed. It would eliminate
a lot of the context switching that UML currently has to do. In
particular, it could greatly reduce the UML system call overhead.
Personally, I don't favor moving UML into the kernel just for
performance - there are much better reasons for doing it. My goal is
to get UML's userspace performance close enough to the hardware that
it would require measurement to tell the difference.
<p>
That being said, comparing the performance of a kernel UML instance
and a userspace instance would indicate where the overhead is, and
possibly point at new interfaces which would allow a userspace
instance to achieve performance closer to a kernel instance.
<p>
There are better reasons for loading UML into the kernel:
<ul>
<li>
Direct hardware access
</li>
<li>
Resource control
</li>
</ul>
Giving UML the ability to directly control hardware would allow
partitioning the server between UML instances. In the most extreme
case, the host kernel would be not much more than a hypervisor which
just starts the UML instances, gives them hardware, and gets out of
the way. This would be a sort of soft partitioning, which wouldn't
require hardware partitioning support, but would also not provide the
protection offered by hardware support.
<p>
So, there's the full range of configurations, from fully virtualized
hardware, as with a default UML instance in the kernel, to fully
physical hardware, as just described. Also, any combination of
physical and virtual hardware. So, two instances could each be given
half of the physical memory (minus whatever the host needs), and half
the disks, but if there's only one physical NIC, then the host would
retain control of that, and provide each instance a virtual NIC in the
form of a TUN/TAP device.
<p>
Once UML can be loaded into the kernel, the next step will be to break
it into pieces, so that a subsystem can be loaded by itself, without
the rest of UML. These guest subsystems can be used as compartments
in which processes can be restricted to whatever resources were
provided to the compartment.
<p>
For example, loading a guest VM system into the kernel and giving it
512M of memory to manage, and then sticking some processes in it will
restrict those processes to that 512M. When they start using up that
memory, the guest VM system will start swapping or dropping clean
pages in order to free memory within the compartment. It will do even
if there is plenty of free memory on the system outside the
compartment.
<p>
Similarly, a guest scheduler can be used to restrict the CPU usage of
a set of processes, and a guest network stack can be used to restrict
their network bandwidth.
</blockquote>
<a name="Embedded UML"/><table width="100%" bgcolor="#e0e0e0">
<tr>
<td>
<b>
<font color="black">Embedded UML</font>
</b>
</td>
</tr>
</table>
<blockquote head="Embedded UML">
Going back to userspace, the next step is to make UML configurable as
a captive virtual machine. By this, I mean UML would be linked into
an application, which would gain an internal virtual machine for its
own use.
<p>
There are a number of possible uses for a captive UML:
<ul>
<li>
a general-purpose internal programming environment
</li>
<li>
a platform for managing a service from the "inside"
</li>
<li>
an internal authentication and authorization service
</li>
</ul>
I'll use Apache to illustrate these, but they also apply to other
services and applications. Apache already has internal scripting
environments in the form of mod_perl and mod_python, which embed Perl
and Python interpreters inside Apache, and probably others. An
embedded UML could be used for the same purpose by installing the
normal Perl or Python environments inside it, and running the scripts
there, rather than inside Apache itself.
<p>
This handles the actual execution of the scripts, but we need a way of
communicating between Apache and the scripts inside the UML. Apache
has to pass HTTP requests in, and receive HTTP responses back. One
way of doing this is with an Apache-specific (call it apachefs)
filesystem which is mounted inside the UML. Reads, writes, and other
file operations within this filesystem would be implemented by Apache.
So, one of the files would be read by the script inside the UML, and
whenever an HTTP request came in, it would be parsed, and sent to the
script via this special file. The script would block reading this
file until a request came in for it to handle. When it had the
results, it would write them back to Apache through a similar (and
possibly the same) file.
<p>
This has a bunch of advantages over the current mod_perl/mod_python
arrangement:
<ul>
<li>
The scripts are jailed, so they can't access the host, and their
resource consumption is restricted. This is a major advantage, since
anyone who wants to have a dynamically generated web site needs a
dedicated server for it. The less expensive shared server
arrangements offer, at best, cgi. This would allow dynamic HTML from
within a shared server. There would be a UML instance for each such
web site, but they could be a fairly small ones, so they wouldn't
necessarily increase host resource consumption drastically.
</li>
<li>
The scripts can be written in any language and run in any environment
supported by Linux. There doesn't need to be an appropriate mod_foo
for Apache, just the ability for Linux to execute the script.
</li>
<li>
The scripts can be monitored, debugged, and modified from inside the
live server by anyone who can ssh in to the UML. Of course, doing
this on a production server is risky, but the capability would be
there when it's really needed.
</li>
</ul>
<p>
Once there's a way of communicating HTTP requests and responses back
and forth between Apache and something running inside its captive UML
via apachefs, it's relatively easy to communicate other information
back and forth via other files within that filesystem. In particular,
it could be used as something analogous to procfs for the kernel.
procfs is a window on the kernel's internal state, and procfs files
can be used to read and modify that state. Similarly, apachefs could
be used as a window on Apache's internal state. Statistics would be
available from read-only files, and configuration variables would be
available from read-write files.
<p>
This would allow the Apache user to configure that web site from
within Apache. This would obviously need to be controlled so that
only variables relevant to a single web site could be configured from
within that site's captive UML. Doing this would relieve the host's
system manager from handling configuration changes.
<p>
If this was done on a server running multiple services, and all the
services had this "management from the inside" arrangement with a
captive UML, then the server's admin wouldn't normally need to deal
with the services. The managers of the services wouldn't even need
accounts on the server - all they need is an account on their service's
captive UML. So, this would be a nice security arrangement for the
server.
<p>
Finally, just as we can load UML subsystems into the kernel with
useful results, we can link UML subsystems into applications and get
something that's similarly useful. Consider linking a captive VM
system into an application, which then uses it for its memory
allocation. The biggest difference between this and malloc is that
the Linux VM system is restricted to using a certain amount of memory,
and won't go beyond that. In contrast, malloc will allocate as much
memory as the system will allow. When the Linux VM system starts
running out of free memory, it will start releasing memory that's not
needed any more. In the context of an application, that means that
its memory consumption is limited, and when it starts approaching that
limit, it will start swapping.
<p>
This can make the application much better behaved with respect to the
system. If it starts getting overloaded, it will slow down, but it
won't affect the rest of the system and whatever else is running on
it. If everything else on the system is similarly configured, then
the memory usage will be very predictable. There won't be any
possibility of one service going crazy and grabbing all the memory on
the system.
<p>
As another example, consider linking a filesystem into an application
which uses it to store its internal state. The filesystem would flush
this data out to storage on the host, and the consistency semantics
provided by the popular filesystems would guarantee a level of
consistency for this data in the event of an application crash. So,
it could resume after the crash more or less where it was when it
crashed. This would provide automatic checkpointing, so that it could
be shut down in a controlled way, and resumed later from where it left
off.
</blockquote>
<a name="Application clustering and SMP with UML"/><table width="100%" bgcolor="#e0e0e0">
<tr>
<td>
<b>
<font color="black">Application clustering and SMP with UML</font>
</b>
</td>
</tr>
</table>
<blockquote head="Application clustering and SMP with UML">
As Linux is made to run well on increasingly large systems, its SMP
scalability is improving. Large multi-threaded applications have many
of the same problems as an OS kernel running on a large SMP system.
So, the efforts made to improve the SMP scalability of the Linux
kernel can benefit a multi-threaded application which links against
UML and uses whatever kernel facilities it can.
<p>
Similarly, some applications are going to need built-in clustering.
An example of this is Oracle clustering with its ocfs filesystem. As
the Linux kernel gains clustering abilities, they will automatically
become available to applications which wish to use them via UML. If
an application needs to distribute its data across many instances of
itself, it can link against whatever UML subsystems it needs -
minimally, a cluster filesystem such as gfs or ocfs and the network
stack. The instances will then store their data in the filesystem,
which will take care of the clustering.
</blockquote>
</td>
</tr>
</table>
<center>
<font size="-1">Hosted at </font>
<a href="http://sourceforge.net">
<img src="http://sourceforge.net/sflogo.php?group_id=429" width="88" height="31" border="0" alt="SourceForge Logo">
</a>
</center>
</body>
</html>
|
