Distributions

Rethinking the guest operating system

By Jonathan Corbet
September 18, 2013

New distributions come along rather frequently. It is somewhat less often that we see an entirely new operating system. A new system that is touted as "probably the best OS for cloud workloads," but which provides no separation between the kernel and user space and no multitasking is a rare thing indeed. But we have just such a thing in the newly announced OS^v system. Needless to say, it does not look like a typical Linux distribution.

OS^v is the result of a focused effort by a company called Cloudius Systems. Many of the people working on it will be familiar to people in the Linux community; they include Glauber Costa, Pekka Enberg, Avi Kivity, and Christoph Hellwig. Together, they have taken the approach that the operating system stack used for contemporary applications "congealed into existence" and contains a lot of unneeded cruft that only serves to add complexity and slow things down. So they set out to start over and reimplement the operating system with contemporary deployment scenarios in mind.

What that means, in particular, is that they have designed a system that is intended to be run in a virtualized mode under a hypervisor. The fundamental thought appears to be that the host operating system is already handling a lot of the details, including memory management, multitasking, dealing with the hardware, and more. Running a full operating system in the guest duplicates a lot of that work. If that duplication can be cut out of the picture, things should go a lot faster.

OS^v is thus designed from the beginning to run under KVM (ports to other hypervisors are in the works), so it does not have to drag along a large set of device drivers. It is designed to run a single application, so a lot of the mechanisms found in a Unix-like system has been deemed to be unnecessary and tossed out. At the top of the list of casualties is the separation between the kernel and user space. By running everything within a single address space, OS^v is able to cut out a lot of the overhead associated with context switches; there is no need for TLB flushes, for example, or to switch between page tables. Eliminating that overhead helps the OS^v developers to claim far lower latency than Linux offers.

What about security in this kind of environment? Much of the responsibility for security appears to have been passed to the host, which will run any given virtual machine in the context of a specific user account and limit accesses accordingly. Since OS^v only runs a single application, it need not worry about isolation between processes or between users; there are no other processes or users. For the rest, the system seems to target Java applications in particular, so the Java virtual machine (JVM) can also play a part in keeping, for example, a compromised application from running too far out of control.

Speaking of the JVM, the single-address-space design allows the JVM to be integrated into the operating system kernel itself. There are certain synergies that result from this combination; for example, the JVM is able to use the page tables to track memory use and minimize the amount of work that must be done at garbage collection time. Java threads can be managed directly by the core scheduler, so that switching between them is a fast operation. And so on.

The code is BSD licensed and available on GitHub. Quite a bit of it appears to have been written from scratch in C++, but, much of the core kernel (including the network stack) is taken from FreeBSD. A fresh start means that a lot of features need to be reimplemented, but it also makes it relatively easy for the system to use modern hardware features (such as huge pages) from the outset. The filesystem of choice would appear to be ZFS, but the presentation slides from CloudOpen suggest that the developers are looking forward to widespread availability of nonvolatile RAM storage systems, which, they say, will reduce the role of the filesystem in an application's management of data.

The cynical among us might be tempted to say that, with all this work, the OS^v developers have managed to reimplement MS-DOS. But what they really appear to have is the ultimate expression of the "just enough operating system" concept that allows an application to run on a virtual machine anywhere in whichever cloud may be of interest at the moment. For anybody who is just looking to have a system run on somebody's cloud network, OS^v may well look far more appealing than a typical Linux distribution: it does away with the configuration hassles, and claims far better performance as well.

So, in a sense, OS^v might indeed be (or become) the best operating system for cloud-based applications. But it is not really a replacement for Linux; instead, it could be thought of as an enhancement that allows Linux-based virtual machines to run more efficiently and with less effort. Anybody implementing a host will still need Linux around to manage separation between users, resource control, hardware, and more. But those who are running as guests might just be convinced to leave Linux and its complexity behind in favor of a minimal system like OS^v that can run their applications and no more.

Comments (19 posted)

Brief items

Distribution quotes of the week

Being entirely honest, the reason I stood for the board was that I was concerned about the potential for a refocusing of the project's direction in a way that didn't interest me. It's great that people chose to elect me, but right now I have no other involvement in Fedora's governance. My contributions to Fedora are fairly minimal - I work on a few tiny corners of some important packages, but otherwise I just talk a lot.

-- Matthew Garrett

Although I can see that it will work, and work with dgit too. Hmmm. Maybe my initial reaction is overblown and I should be thinking "neat hack".

-- Ian Jackson

You wake up inside an OS installer in Timbuktu, and it's six months in the future. But, there are bugs. Bugs everywhere.

-- Ankur Sinha took this screenshot during an update to Fedora 20 Alpha RC3

Comments (none posted)

Slackware 14.1 beta

From the September 18 entry in the Slackware changelog: "Hey folks, I'm calling this a beta! Really, it's been better than beta quality for a while. There will probably still be a few more updates here and there (and certainly updates to the docs). Enjoy, and please test."

Comments (32 posted)

Distribution News

Debian GNU/Linux

Bug Squashing party for Debian and Ubuntu in Oslo, Norway

There will be a Bug Squashing part (BSP) for Debian and Ubuntu in Oslo, Norway October 12-13, 2013.

Full Story (comments: none)

Fedora

Fedora 20 Alpha to slip by one week

Jaroslav Reznik reports that the Fedora 20 Alpha release will be delayed by one week. All other milestones will also be delayed as a result.

Full Story (comments: 8)

Newsletters and articles of interest

Distribution newsletters

Debian Project News (September 16)
This Week in CyanogenMod (September 13)
DistroWatch Weekly, Issue 525 (September 16)
MWKN Weekly News (September 16)
Ubuntu Weekly Newsletter, Issue 334 (September 15)

Comments (none posted)

Manjaro Past, Present and Future: A Virtual Roundtable (My Linux Rig)

Steven Ovadia interviews the developers of Manjaro Linux. "Building upon Arch is a bold move, given that it’s a philosophy as much as it’s a distribution. Arch is deliberately complex in order to give users the most control over their system. Manjaro’s goal of simplifying Arch can be seen as compromising that philosophy. But given Manjaro’s popularity, it’s filling a need for users who want a simpler Arch implementation — even at the cost of control over their system."

Comments (none posted)

Page editor: Rebecca Sobol
Next page: Development>>