legacy containers and os personalities
play

Legacy Containers and OS Personalities Carsten Weinhold Dresden, - PDF document

Jun 28, 2023 •169 likes •347 views

Faculty of Computer Science Institute for System Architecture, Operating Systems Group Legacy Containers and OS Personalities Carsten Weinhold Dresden, 2007-12-18 So far... So far: Basics Concepts: Tasks, Threads, IPC Memory,

  1. Faculty of Computer Science Institute for System Architecture, Operating Systems Group Legacy Containers and OS Personalities Carsten Weinhold Dresden, 2007-12-18 So far... So far: – Basics Concepts: ● Tasks, Threads, IPC ● Memory, Synchronization, ... – Device Drivers – Real-Time – Naming – Virtualization Today: – Legacy Containers / OS Personalities TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 2 von 34

  2. Motivation What are legacy containers / OS personalities? ● Emulation environment ● Allow to run legacy applications How is it different from virtualization? ● Adaptation can be above hardware / OS layer ● Often requires recompilation of the application Why? ● Reuse existing applications on new OS ● Reuse existing APIs for new applications ● Flexibility / Configurability ● Lower resource consumption TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 3 von 34 Where to Cut? Adaptation to underlying system can happen at various levels: • Hardware level (virtualization): – Legacy OS and applications are moved to new OS (full + para virtualization, e.g., L 4 Linux) • OS level: – Legacy OS's interfaces are reimplemented on top of new OS (e.g., Wine on Linux) • Application level: – Toolkits, framework (e.g., Qt) TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 4 von 34

  3. Straightforward Way to OS Personality Single-server approach: App App – All (legacy) system services provided by a single server Single Server (e.g., L 4 Linux) Syscall Entry – No isolation among services Ext2 VFAT IP – Provides high level of compatibility, as original Disk Driver NIC Driver implementations are reused – Ideally, applications do not need to be modified Microkernel TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 5 von 34 Application Scenarios for Single Server Hybrid applications (real time): App • “Enlightened” applications: – Major parts of applications (e.g., GUIs) do not require Single real-time guarantees Server Real-Time Server – Small parts may require real- time services running next to Real-Time Infrastructure legacy container • Examples: Microkernel – RT network, RT file system, Window with RT widget TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 6 von 34

  4. Application Scenarios for Single Server Hybrid applications (security): App • “Enlightened” applications: – Most parts are not security critical Single Server – Small parts require strong Security Server isolation from potentially insecure legacy container Security Infrastructure • Examples: – Secure file system that Microkernel encrypts all data More in following lectures! TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 7 von 34 Multiple Single Servers • Multiple instances of single-server OSes UNIX App UNIX App Windows App • Useful for isolation of applications Single Single Single Server Server Server • Not necessarily UNIX UNIX Windows identical OS personalities (e.g., have UNIX and Windows servers) Microkernel • “Virtual machines” TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 8 von 34

  5. Single Server to Multi Server Move from single server to multi server App App App App Monolith Syscall Entry Ext2 VFAT IP Ext2 VFAT IP Disk Driver NIC Driver Disk Driver NIC Driver Microkernel Microkernel Challenge: Application wants a consistent view in a distributed system TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 9 von 34 Approach: Central Server • Central server provides consistent view for both: – Applications App App • System resources (files, ...) – Servers • Client state (file tables, ...) Process / VFS / Net / ... • Problem: – Performance bottleneck Ext2 VFAT IP – Scalability Disk Driver NIC Driver – Complexity TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 10 von 34

  6. Approach: Emulation Library • Emulation library – Per application – Interacts with servers App App – Provides consistent view C Library C Library • Each servers keeps its own Emulation Emulation Library Library client state • In real world: – Applications use C library, Ext2 VFAT IP emulation library hidden below Disk Driver NIC Driver – Emulation provides POSIX API TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 11 von 34 Legacy Environment: POSIX • POSIX “Portable Operating System Interface” is a family of standards (POSIX 1003.*) • POSIX makes various UNIX-like systems compatible (even Windows NT and newer) • Defines interfaces and properties: – I/O: files, sockets, terminal, ... – Threads / synchronization: PThread – System tools – ... • POSIX API accessible via C library TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 12 von 34

  7. C Library: API to POSIX • Collection of various common functions • Abstraction layer above system calls • Functions with different abstraction levels ... – low level: memcpy (), strlen () – medium: fopen (), fread () – high level: getpwent () • ... and dependencies – none (freestanding): memcpy (), strlen () – small: malloc (): uses mmap () or sbrk () – strong: getpwent (): file access, “/etc/passwd”, name service, ... TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 13 von 34 Multi-Server Aware C Library • Observations: – C library depends on underlying OS – Specific implementation may differ Application Application memcpy(), fopen(), getpwent() libc + Backends open(), read(), Mem File Time ... libc + syscall bindings mmap() BE BE BE l4vfs_*(), rtc_*(), Memory File System System Call Interface Interface Interface dm_phys_*(), ... Memory Monolithic / File Single-Server OS Server System TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 14 von 34

  8. Example: uClibc on L4 • What is uClibc? – Reimplementation of C library – Designed for Embedded Linux – Compatible to GNU C library “glibc” • Why uClibc? – Small and portable – Optional C++ support available (uClibc++) – Licensed under LGPL • uClibc + backends provide applications with a consistent view of L4-based multi-server OS TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 15 von 34 C Library Backends • C library functions grouped in backends • Simple example: time unsigned int offset; void l4libc_init_time(void) 1. Initalization { Call time server int ret; l4_calibrate_tsc(); ret = l4rtc_get_offset_to_realtime(&offset); if (ret != 0) { extern unsigned int offset; /* RTC server not found, time_t time(time_t *t) /* assuming 1/1/1970, 0:00 */ { offset = 0; time_t t_temp; } l4_uint32_t s, ns; } l4_tsc_to_s_and_ns(l4_rdtsc(), &s, &ns); /* get (cached) system time offset */ t_temp = s + offset; 2. Usage: if (t) *t = t_temp; Locally calculate time (no return t_temp; call to time server necessary) } TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 16 von 34

  9. Flexibility of C Library Backends Multiple implementations for some backends: – Memory backends: • self_mem • sigma0_mem, sigma0_pool_mem • simple_mem • buddy_slab_mem, • TLSF (real-time memory allocator) – I/O backends: • minimal_log_io, io TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 17 von 34 Example: Minimalist I/O Backend • Minimalist I/O backend: – Simple backend for writing to STDOUT/STDERR – Uses L4/Fiasco kernel debugger #include <unistd.h> #include <errno.h> #include <l4/sys/kdebug.h> int write(int fd, const void *buf, size_t count) __THROW { /* just accept write to stdout and stderr */ if ((fd == STDOUT_FILENO) || (fd == STDERR_FILENO)) { l4kdb_outnstring((const char*)buf, count); return count; } /* writes to other fds shall fail fast */ errno = EBADF; return -1; } TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 18 von 34

  10. Example: Complex I/O Backend Application • Complex L4VFS I/O backend: (“test1”, 1c.2) Libc 1 5 1)App test1 's libc calls open () I/O fd table 2)Resolve name at name server Back- 0 (12.2):23 4 end 1 (12.2):24 (12.2):24 a)Backend calls name server 2 3 b)Name server calls server con_term , gets back con_term (12.2) client_state reference to tty1 23 ’vc2’:1c.2:’r’:0 2a ’vc2’:1c.2:’w’:0 24 3)Backend opens tty1 , server 25 ’vc5’:1e.4:’rw’:0 con_term updates client state 2b name_server 4)Backend updates local file table (11.0) 5)Backend returns file handle TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 19 von 34 Example: POSIX signals on L4 • Signals used to deliver asynchronous event notifications – CPU exceptions (SIGFPE, ...) – Kernel exceptions (SIGSEGV, SIGCHLD, ...) – Issued by applications (SIGUSR1, SIGUSR2, SIGTERM, ...) • Signals on Linux – built-in kernel mechanism – delivered upon return from kernel • Signals on L4 – implement in user space – map signals to L4 IPC? – Problem: IPC is synchronous! TU Dresden, 2007-12-18 MOS - Legacy Containers Slide 20 von 34

Recommend

MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in

MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in

MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in Children v. 13-16 Legacy in Eternity v. 17-31 LEGACY IN MARRIAGE 2 Schools of thought 1. Rabbi Sammai- Strict interpretation. Divorce only

775 views • 9 slides
Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are not going to be the answer to preventing your application from being compromised, but they can limit the damage from a compromise. How do

823 views • 25 slides
Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com

Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com

Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com Containers are great Containers are resource efficient Containers make deployment easy Containers can be monitored easily Containers are secure But are

508 views • 38 slides
Everything you need to know about Containers Security Track Containers Jos Manuel Ortega

Everything you need to know about Containers Security Track Containers Jos Manuel Ortega

Everything you need to know about Containers Security Track Containers Jos Manuel Ortega @jmortegac Agenda Introduction to containers security Linux Containers(LXC) Docker Security Security pipeline &amp;&amp; Container

807 views • 57 slides
SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54 What are Containers? A package/image that can be deployed anywhere (thats running a Linux Kernel) Developers create a layered image of their

996 views • 53 slides
Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at BlaBlaCar pgDay Paris, Mar 15, 2018 BlaBlaCar Overview Todays agenda PostgreSQL usage at BlaBlaCar Switching to a new implementation

844 views • 40 slides
Managing Your Teams Personalities Yours, theirs, and using them to get the best from your staff

Managing Your Teams Personalities Yours, theirs, and using them to get the best from your staff

Managing Your Teams Personalities Yours, theirs, and using them to get the best from your staff Necessary Ingredients: 1.Awareness 1. Substance 2. Style Everything you bring to a relationship is a combination of these two

604 views • 31 slides
Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy

Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy

Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy and the spirit of Truc Lam Yen Zen Buddhism, the Legacy Yen Tu is an inspiring journey into the past. It offers travelers a stay filled with storied

688 views • 32 slides
Persistent storage for Containers Anil Degwekar What are we talking about? Containers have

Persistent storage for Containers Anil Degwekar What are we talking about? Containers have

Persistent storage for Containers Anil Degwekar What are we talking about? Containers have become popular replacing many Physical / Virtual Machine use cases But: The persistent storage problem for containers is still not fully solved

1.01k views • 17 slides
Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change

Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change

Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change An Approach Required Software Processes Cultural Changes Additional Concerns Lessons Learned Why This Talk? Containers are

678 views • 49 slides
Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs

Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs

Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs Google Wisdom: VMs and Containers are similar but different Try running containers in VMs for security Containers are best for scale-out

314 views • 17 slides
L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The Legacy Residents Association was created for the homeowners of Legacy, with the intent of augmenting the lifestyle in Legacy. The goal is to create

1.18k views • 56 slides
L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G WELCOME The Legacy Residents Association was created for the homeowners of Legacy, with the intent of augmenting the lifestyle in Legacy. The goal

412 views • 40 slides
LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM

LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM

LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM Qubec , is comprised of 163 charitable organizations that support its mission which is to encourage the population of Quebec to make a planned

312 views • 18 slides
Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com Case Study Migrating Legacy.com Jordan Ryan Product Owner Ankur Gupta Lead Developer Bassam Ismail Front-end Lakshmi Narasimhan RESTful

458 views • 45 slides
LEGACY/PACIFICSOURCE JOINT VENTURE George Brown, M.D. President and CEO, Legacy Health Systems

LEGACY/PACIFICSOURCE JOINT VENTURE George Brown, M.D. President and CEO, Legacy Health Systems

LEGACY/PACIFICSOURCE JOINT VENTURE George Brown, M.D. President and CEO, Legacy Health Systems I. Legacy Outline I. Legacy a) Mission and History b) People, Services, and Locations c) Financial Strength II. Partnership a)

603 views • 26 slides
our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can make us way more efficient containers can save us money on hosting containers sound interesting company founded in 2013

848 views • 30 slides
The proposed containers are &quot;Flat-pack&quot; type. Disassembled and reduced as

The proposed containers are &quot;Flat-pack&quot; type. Disassembled and reduced as

CON-IMEX CONTAINERS 2009 AKAR Logistics 70 Beecham Court Owings Mills, MD 21117 USA Sophia Akar Tel: + 410-961-7232 / + 410-961-0327 Fax: + 410-356-8267 sophia@akarlogistics.com 1 / 20 GENERAL The proposed containers are

313 views • 20 slides
Unique Personalities This is a programmer talk Quite technical Not super-technical

Unique Personalities This is a programmer talk Quite technical Not super-technical

Unique Personalities This is a programmer talk Quite technical Not super-technical Lots of movies 2 Two Big Goals Simulate a larger varied living world Make unique Sims Emergent Narrative Why those two goals? These

1.16k views • 78 slides
Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk

Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk

Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk Introductions David Porter Fairport Containers Director Steve Collinson Managing Director Fairport Containers Ltd Tam Unsworth Recycling Banks

552 views • 28 slides
The Manhattan Project - Personalities and Problems Fromm Institute Fall 2020

The Manhattan Project - Personalities and Problems Fromm Institute Fall 2020

11/5/20 The Manhattan Project - Personalities and Problems Fromm Institute Fall 2020 bebo.white@gmail.com Lecture 6 submitted questions/comments from lecture 5 1 11/5/20 revisiting the labs mission (and our course vision) Given

554 views • 30 slides
Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt

Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt

Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt Innsbruck Innsbruck Nov 2018 Overview Preliminaries Why containers Understanding Containers vs. Virtual Machines Comparison of

482 views • 37 slides
Alm dos Containers na Nuvem QConSP - Containers &amp; Devops 26 April 2017 Guilherme Rezende

Alm dos Containers na Nuvem QConSP - Containers &amp; Devops 26 April 2017 Guilherme Rezende

Alm dos Containers na Nuvem QConSP - Containers &amp; Devops 26 April 2017 Guilherme Rezende Globo.com About me Software Engineer at Globo.com/Tsuru @guilhermebr (GitHub) in/guilhermebr (LinkedIn) @gbrezende (Twitter) Agenda Cloud Native

636 views • 45 slides
The Manhattan Project - Personalities and Problems Fromm Institute Fall 2020

The Manhattan Project - Personalities and Problems Fromm Institute Fall 2020

11/5/20 The Manhattan Project - Personalities and Problems Fromm Institute Fall 2020 bebo.white@gmail.com Lecture 7 submitted questions/comments from lecture 6 1. Why do you have a clock stopped at 10:45 and 30? 2. Could you re-explain

428 views • 31 slides

More recommend