DOCSLIB.ORG

HPC Containers in Use

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

HPC Containers in Use Jonathan Sparks SC and Clusters R&D Cray Inc. Bloomington, MN, USA e-mail: [email protected] Abstract— Linux containers in the commercial world are environments. This study uses several different container changing the landscape for application development and technologies and applications to evaluate the performance deployments. Container technologies are also making inroads overhead, deployment, and isolation techniques for each. into HPC environments, as exemplified by NERSC’s Shifter Our focus is on traditional HPC use cases and applications; and LBL’s Singularity. While the first generation of HPC more general use cases have been covered by previous containers offers some of the same benefits as the existing open container frameworks, like CoreOS or Docker, they do not work, such as that by Lucas Chaufournier [17]. address the cloud/commercial feature sets such as virtualized This paper is organized as follows: Section II provides an networks, full isolation, and orchestration. This paper will overview of virtualization techniques; Section III presents explore the use of containers in the HPC environment and the different container runtime environments; Section IV summarize our study to determine how best to use these describes the motivation behind our study; Section V technologies in the HPC environment at scale. presents the experiments performed in order to evaluate both application performance and the system overhead incurred in Keywords- Shifter; HPC; Cray; container; virtualization; hosting the environment; Section VI presents related work. Docker; CoreOS Conclusions and future work are presented in Section VII. I. INTRODUCTION II. VIRTUALIZATION ontainers seem to have burst onto the infrastructure In this section we provide some background on the two C scene for good reason. Due to fast startup times, types of virtualization technologies that we study in this isolation, a low resource footprint, and encapsulation of paper. dependencies, they are rapidly becoming the tool of choice for large, sophisticated application deployments. To meet A. Hardware Virtualization the increasing demand for computational power, containers Hardware virtualization involves virtualizing the are now being deployed on HPC systems. hardware on a server and creating virtual machine instances Virtualization technologies have become very popular in (VMs) that provide the abstraction of a physical machine recent years, such as Xen [1] and KVM [2]. These (see Figure 1a). Hardware virtualization involves running a hypervisor-based virtualization solutions bring several hypervisor, also referred to as a virtual machine monitor benefits, including hardware independence, high (VMM), on the bare-metal server. The hypervisor emulates availability, isolation, and security. They have been widely virtual hardware such as the CPU, memory, I/O, and adopted in industry computing environments. For example, network devices for each virtual machine. Each VM then Amazon Elastic Cloud (EC2) [2] uses Xen and Google’s runs an independent operating system and applications on Compute Engine [4] utilizes KVM. However, their adoption top of that OS. The hypervisor is also responsible for is still constrained in the HPC context due to inherent VM multiplexing the underlying physical resources across the performance overheads and system dependencies, especially resident VMs. in terms of I/O [5]. Modern hypervisors support multiple strategies for On the other hand, lightweight container-based resource allocation and sharing of physical resources. virtualizations, such as Linux-VServer [6] and Linux Physical resources may be strictly partitioned (dedicated) to Containers (LXC) [7] or Docker [8], have attracted each VM or shared in a best-effort manner. The hypervisor considerable attention recently. Containers share the host’s is also responsible for isolation. Isolation among VMs is resources and provide process isolation, making the provided by trapping privileged hardware accesses by the container-based solution a more efficient competitor to the guest operating system and performing these operations in traditional hypervisor-based solution. It is anticipated that the hypervisor on its behalf. the container-based solution will continue to grow and influence the direction of virtualized computing. This paper will demonstrate that container-based virtualization is a powerful technology in HPC Control groups are a kernel mechanism for controlling the resource allocation to process groups [11]. Cgroups exist for each major resource group type: CPU, memory, network, block I/O, and devices. The resource allocation for each of these can be controlled individually, allowing the complete resource limits for a process or a process group to be specified. Namespaces provide an abstraction for a kernel resource that makes it appear to the container that it has its own private, isolated instance of the resource [12]. In Linux, there are namespaces for isolating process IDs, user IDs, file system mount points, networking interfaces, IPC, and host names. Figure 1. Hypervisor and container-based virtualization C. Containers in HPC B. Container-base Virtualization Implementing existing enterprise container solutions in Container-based virtualization involves virtualizing the HPC systems will require modifications to the software operating system rather than the physical hardware (Figure stack. HPC systems traditionally already have resource 1b). OS-level virtualizations are also referred to as management and job scheduling systems in place, so the containers. Each container encapsulates a group of container runtime environments will need to integrate into processes that are isolated from other containers or the existing system resource manager. The container processes on the system. The host OS kernel is responsible infrastructure should follow the core concepts of containers. for implementing the container environment, isolation, and That is, to abstract the application from the host’s software resources. This infrastructure allocates CPUs, memory, and stack, but be able to access host-level resources when network I/O to each container. necessary, notably the network and storage. Unfortunately, Containers provide lightweight virtualization since they modifying core components of the host to support do not run their own OS kernels like VMs, but instead rely containers introduces a portability problem. Standard on the underlying host kernel for OS services. In some resource managers provide the interfaces required to cases, the underlying OS kernel may emulate a different OS orchestrate a container runtime environment on the system. kernel version to processes within a container. This is a A resource manager such as Moab/Torque on Cray feature often used to support backward OS compatibility or systems utilizes scripts that are the core of the job execution, to emulate different OS APIs such as in Solaris zones [10]. and these job scripts have the responsibility for configuring OS virtualization is not a new technology, and many OS the environment and passing the required information at virtualization techniques exist including Solaris Zones, process start. In our experiments we use Cray ALPS as the BSD-jails [28], and Linux LXC (Figure 2). The recent application launcher to start both parallel MPI applications emergence of Docker, a container platform similar to LXC and serial workloads. but with a layered file system and added software engineering benefits like building and debugging, has III. CONTAINER RUNTIME ENVIRONMENTS renewed interest in container-based virtualization. In this section, we describe the container environments used in our experiments and certain common container attributes pertinent to this study. For the purposes of this paper, we defined container environments to be the tools used to create, manage, and deploy a container. We used two container environments used by the general community: runC [8] and rkt [9]; and two from HPC ⎯ Shifter [18] and Singularity [19]. A. runC The command-line utility runC executes applications packaged according to the Open Container Initiative (OCI) format [25] and is a compliant implementation of the Open Figure 2. Container technology Container Initiative specification. The program, runC, integrates well with existing process Linux containers in particular employ two key features: supervisors to provide a container runtime environment for control groups and namespaces. applications. It can be used with existing resource management tools, and the container will be executed as a 1) Host Level Access: The ability to accesses the host- child of the supervisor process. level resources from within the container. Typically these Containers are configured using the notion of bundles. A are the host’s network interfaces, either TCP/IP or Cray bundle for a container is defined as a directory that includes Aries native interface. a specification file named config.json and a root file system. 2) Privileged Operations: All jobs need to be run by the user and as the user. The system workload managers will B. rkt enforce this policy. If the container runtime requires root or elevated status, then special system configuration must be The application container engine rkt is the container manager and execution environment for Linux systems. applied. Designed for security, simplicity, and compatibility within 3) Runtime Environment Pass-through: A common cluster architectures, rkt discovers, verifies, fetches, and workflow
Recommended publications
  • Industrial Control Via Application Containers: Migrating from Bare-Metal to IAAS

    Industrial Control Via Application Containers: Migrating from Bare-Metal to IAAS

    Industrial Control via Application Containers: Migrating from Bare-Metal to IAAS Florian Hofer, Student Member, IEEE Martin A. Sehr Antonio Iannopollo, Member, IEEE Faculty of Computer Science Corporate Technology EECS Department Free University of Bolzano-Bozen Siemens Corporation University of California Bolzano, Italy Berkeley, CA 94704, USA Berkeley, CA 94720, USA fl[email protected] [email protected] [email protected] Ines Ugalde Alberto Sangiovanni-Vincentelli, Fellow, IEEE Barbara Russo Corporate Technology EECS Department Faculty of Computer Science Siemens Corporation University of California Free University of Bolzano-Bozen Berkeley, CA 94704, USA Berkeley, CA 94720, USA Bolzano, Italy [email protected] [email protected] [email protected] Abstract—We explore the challenges and opportunities of control design full authority over the environment in which shifting industrial control software from dedicated hardware to its software will run, it is not straightforward to determine bare-metal servers or cloud computing platforms using off the under what conditions the software can be executed on cloud shelf technologies. In particular, we demonstrate that executing time-critical applications on cloud platforms is viable based on computing platforms due to resource virtualization. Yet, we a series of dedicated latency tests targeting relevant real-time believe that the principles of Industry 4.0 present a unique configurations. opportunity to explore complementing traditional automation Index Terms—Industrial Control Systems, Real-Time, IAAS, components with a novel control architecture [3]. Containers, Determinism We believe that modern virtualization techniques such as application containerization [3]–[5] are essential for adequate I. INTRODUCTION utilization of cloud computing resources in industrial con- Emerging technologies such as the Internet of Things and trol systems.
  • Portability: Containers, Cloud

    Portability: Containers, Cloud

    JEDI Portability Across Platforms Containers, Cloud Computing, and HPC Mark Miesch, Rahul Mahajan, Xin Zhang, David Hahn, Francois Vandenberg, Jim Rosinski, Dan Holdaway, Yannick Tremolet, Maryam Abdioskouei, Steve Herbener, Mark Olah, Benjamin Menetrier, Anna Shlyaeva, Clementine Gas Academy website http://academy.jcsda.org/june2019 ‣ Instructions for accessing AWS ‣ Activity instructions ‣ Presentation slides ‣ Doxygen documentation for fv3-bundle We will add further content throughout the week Outline I) JEDI Portability Overview ✦ Unified vision for software development and distribution II) Container Fundamentals ✦ What are they? How do they work? ✦ Docker, Charliecloud, and Singularity III) Using the JEDI Containers ✦ How they are built and deployed ✦ Mac and Windows (Vagrant) IV) HPC and Cloud Computing ✦ Environment modules ✦ Containers in HPC? V) Summary and Outlook JEDI Software Dependencies ‣ Essential ✦ Compilers, MPI ✦ CMake Common versions among users ✦ SZIP, ZLIB and developers minimize ✦ LAPACK / MKL, Eigen 3 stack-related debugging ✦ NetCDF4, HDF5 ✦ udunits ✦ Boost (headers only) ✦ ecbuild, eckit, fckit ‣ Useful ✦ ODB-API, eccodes ✦ PNETCDF ✦ Parallel IO ✦ nccmp, NCO ✦ Python tools (py-ncepbufr, netcdf4, matplotlib…) ✦ NCEP libs ✦ Debuggers & Profilers (ddt/TotalView, kdbg, valgrind, TAU…) The JEDI Portability Vision I want to run JEDI on… Development ‣ My Laptop/Workstation/PC ✦ We provide software containers ✦ Mac & Windows system need to first establish a linux environment (e.g. a Vagrant/VirtualBox virtual machine) Development
  • Xen on X86, 15 Years Later

    Xen on X86, 15 Years Later

    Xen on x86, 15 years later Recent development, future direction QEMU Deprivileging PVShim Panopticon Large guests (288 vcpus) NVDIMM PVH Guests PVCalls VM Introspection / Memaccess PV IOMMU ACPI Memory Hotplug PVH dom0 Posted Interrupts KConfig Sub-page protection Hypervisor Multiplexing Talk approach • Highlight some key features • Recently finished • In progress • Cool Idea: Should be possible, nobody committed to working on it yet • Highlight how these work together to create interesting theme • PVH (with PVH dom0) • KConfig • … to disable PV • PVshim • Windows in PVH PVH: Finally here • Full PVH DomU support in Xen 4.10, Linux 4.15 • First backwards-compatibility hack • Experimental PVH Dom0 support in Xen 4.11 PVH: What is it? • Next-generation paravirtualization mode • Takes advantage of hardware virtualization support • No need for emulated BIOS or emulated devices • Lower performance overhead than PV • Lower memory overhead than HVM • More secure than either PV or HVM mode • PVH (with PVH dom0) • KConfig • … to disable PV • PVshim • Windows in PVH KConfig • KConfig for Xen allows… • Users to produce smaller / more secure binaries • Makes it easier to merge experimental functionality • KConfig option to disable PV entirely • PVH • KConfig • … to disable PV • PVshim • Windows in PVH PVShim • Some older kernels can only run in PV mode • Expect to run in ring 1, ask a hypervisor PV-only kernel (ring 1) to perform privileged actions “Shim” Hypervisor (ring 0) • “Shim”: A build of Xen designed to allow an unmodified PV guest to run in PVH mode
  • Xen to KVM Migration Guide

    Xen to KVM Migration Guide

    SUSE Linux Enterprise Server 12 SP4 Xen to KVM Migration Guide SUSE Linux Enterprise Server 12 SP4 As the KVM virtualization solution is becoming more and more popular among server administrators, many of them need a path to migrate their existing Xen based environments to KVM. As of now, there are no mature tools to automatically convert Xen VMs to KVM. There is, however, a technical solution that helps convert Xen virtual machines to KVM. The following information and procedures help you to perform such a migration. Publication Date: September 24, 2021 Contents 1 Migration to KVM Using virt-v2v 2 2 Xen to KVM Manual Migration 9 3 For More Information 18 4 Documentation Updates 18 5 Legal Notice 18 6 GNU Free Documentation License 18 1 SLES 12 SP4 Important: Migration Procedure Not Supported The migration procedure described in this document is not fully supported by SUSE. We provide it as a guidance only. 1 Migration to KVM Using virt-v2v This section contains information to help you import virtual machines from foreign hypervisors (such as Xen) to KVM managed by libvirt . Tip: Microsoft Windows Guests This section is focused on converting Linux guests. Converting Microsoft Windows guests using virt-v2v is the same as converting Linux guests, except in regards to handling the Virtual Machine Driver Pack (VMDP). Additional details on converting Windows guests with the VMDP can be found in the separate Virtual Machine Driver Pack documentation at https://www.suse.com/documentation/sle-vmdp-22/ . 1.1 Introduction to virt-v2v virt-v2v is a command line tool to convert VM Guests from a foreign hypervisor to run on KVM managed by libvirt .
  • L4 – Virtualization and Beyond

    L4 – Virtualization and Beyond

    L4 – Virtualization and Beyond Hermann Härtig!," Michael Roitzsch! Adam Lackorzynski" Björn Döbel" Alexander Böttcher! #!Department of Computer Science# "GWT-TUD GmbH # Technische Universität Dresden# 01187 Dresden, Germany # 01062 Dresden, Germany {haertig,mroi,adam,doebel,boettcher}@os.inf.tu-dresden.de Abstract Mac OS X environment, using full hardware After being introduced by IBM in the 1960s, acceleration by the GPU. Virtual machines are virtualization has experienced a renaissance in used to test potentially malicious software recent years. It has become a major industry trend without risking the host environment and they in the server context and is also popular on help developers in debugging crashes with back- consumer desktops. In addition to the well-known in-time execution. benefits of server consolidation and legacy In the server world, virtual machines are used to preservation, virtualization is now considered in consolidate multiple services previously located embedded systems. In this paper, we want to look on dedicated machines. Running them within beyond the term to evaluate advantages and virtual machines on one physical server eases downsides of various virtualization approaches. management and helps saving power by We show how virtualization can be increasing utilization. In server farms, migration complemented or even superseded by modern of virtual machines between servers is used to operating system paradigms. Using L4 as the balance load with the potential of shutting down basis for virtualization and as an advanced completely unloaded servers or adding more to microkernel provides a best-of-both-worlds increase capacity. Lastly, virtual machines also combination. Microkernels can contribute proven isolate different customers who can purchase real-time capabilities and small trusted computing virtual shares of a physical server in a data center.
  • Hands on Virtualization Using XEN

    Hands on Virtualization Using XEN

    VirtualizationWorkshop09 < GridkaSchool09 < TWiki http://www-ekp.physik.uni-karlsruhe.de/~twiki/bin/view/GridkaSchool... Hands On Virtualization using XEN Hands On Virtualization using XEN General Setup The Machine Hardware Host Preparation (Standard UBUNTU XEN Host) Installation of the XEN Packages Modification of the Bootloader GRUB Reboot the Host System Explore Your New XEN dom0 Hardware Host Virtual Machine Preparation Start Your Virtual Machine Working with the Virtual Machines Network Setup on the Host System Start/Stop the Virtual Machines Change the Memory Allocated to the VM High Availability Shared Network Storage Solution Host Preparation Phase Configure the DRBD Device Startup the DRBD Device Setup the Filesystem on the Device Test the DRBD Raid Device Migration of the VMs Advanced tutorial (if you have time left): libvirt usage with XEN Installation of libvirt and tools VM libvirt configuration virsh usage libvirt GUI example "virt-manager" Additional Information General Setup The Machine Hardware The host systems are running Ubuntu 9.04 (Jaunty Jackalope). The following procedures will be possible on most common linux distributions with specific changes to the software installation steps. For Ubuntu we will use the Advanced Packaging Tool ( apt ) similar to Debian . RedHat or SuSE are using rpm or some GUI (Graphical User Interface) installation tool. Each workshop group has access to two hardware hosts: hostname gks- <1/2>-X .fzk.de gks- <1/2>-Y .fzk.de Replace <1/2> and X and Y with the numbers given on the workshop handout. Host Preparation (Standard UBUNTU XEN Host) 1 von 15 16.12.2009 15:13 VirtualizationWorkshop09 < GridkaSchool09 < TWiki http://www-ekp.physik.uni-karlsruhe.de/~twiki/bin/view/GridkaSchool..
  • Introduction to Containers

    Introduction to Containers

    Introduction to Containers Martin Čuma Center for High Performance Computing University of Utah [email protected] Overview • Why do we want to use containers? • Containers basics • Run a pre-made container • Build and deploy a container • Containers for complex software 06-Nov-20 http://www.chpc.utah.edu Slide 2 Hands on setup 1. Download the talk slides http://home.chpc.utah.edu/~mcuma/chpc/Containers20s.pdf https://tinyurl.com/yd2xtv5d 2. Using FastX or Putty, ssh to any CHPC Linux machine, e.g. $ ssh [email protected] 3. Load the Singularity and modules $ module load singularity 06-Nov-20 http://www.chpc.utah.edu Slide 3 Hands on setup for building containers 1. Create a GitHub account if you don’t have one https://github.com/join {Remember your username and password!} 2. Go to https://cloud.sylabs.io/home click Remote Builder, then click Sign in to Sylabs and then Sign in with GitHub, using your GitHub account 3. Go to https://cloud.sylabs.io/builder click on your user name (upper right corner), select Access Tokens, write token name, click Create a New Access Token, and copy it 4. In the terminal on frisco, install it to your ~/.singularity/sylabs-token file nano ~/.singularity/sylabs-token, paste, ctrl-x to save 06-Nov-20 http://www.chpc.utah.edu Slide 4 Why to use containers? 06-Nov-20 http://www.chpc.utah.edu Slide 5 Software dependencies • Some programs require complex software environments – OS type and versions – Drivers – Compiler type and versions – Software dependencies • glibc, stdlibc++ versions • Other libraries
  • Copy, Rip, Burn : the Politics of Copyleft and Open Source

    Copy, Rip, Burn : the Politics of Copyleft and Open Source

    Copy, Rip, Burn Berry 00 pre i 5/8/08 12:05:39 Berry 00 pre ii 5/8/08 12:05:39 Copy, Rip, Burn The Politics of Copyleft and Open Source DAVID M. BERRY PLUTO PRESS www.plutobooks.com Berry 00 pre iii 5/8/08 12:05:39 First published 2008 by Pluto Press 345 Archway Road, London N6 5AA www.plutobooks.com Copyright © David M. Berry 2008 The right of David M. Berry to be identifi ed as the author of this work has been asserted by him in accordance with the Copyright, Designs and Patents Act 1988. British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library ISBN 978 0 7453 2415 9 Hardback ISBN 978 0 7453 2414 2 Paperback Library of Congress Cataloging in Publication Data applied for This book is printed on paper suitable for recycling and made from fully managed and sustained forest sources. Logging, pulping and manufacturing processes are expected to conform to the environmental standards of the country of origin. The paper may contain up to 70% post consumer waste. 10 9 8 7 6 5 4 3 2 1 Designed and produced for Pluto Press by Chase Publishing Services Ltd, Sidmouth, EX10 9QG, England Typeset from disk by Stanford DTP Services, Northampton Printed and bound in the European Union by CPI Antony Rowe, Chippenham and Eastbourne Berry 00 pre iv 5/8/08 12:05:41 CONTENTS Acknowledgements ix Preface x 1. The Canary in the Mine 1 2. The Information Society 41 3.
  • Lars Kurth Community Manger, Xen Project Chairman, Xen Project Advisory Board Director, Open Source, Citrix Lars Kurth

    Lars Kurth Community Manger, Xen Project Chairman, Xen Project Advisory Board Director, Open Source, Citrix Lars Kurth

    Lars Kurth Community Manger, Xen Project Chairman, Xen Project Advisory Board Director, Open Source, Citrix lars_kurth Was a contributor to various projects Worked in parallel computing, tools, mobile and now virtualization Long history in change projects Community guy at Symbian Foundation Learned how NOT to do stuff Community guy for the Xen Project Working for Citrix Accountable to Xen Project Advisory Board Chairman of Xen Project Advisory Board 250000 200000 150000 More than 1 Projects Million Today 100000 Projected 50000 0 2006 2008 2010 2012 2014 Source: The 2013 Future of Open Source Survey Results Late 90’s Today Individuals & Hobbyist's Still about Individuals But, a majority are employees Companies have a huge stake Features How many users you have How many vendors back you How you are seen in the press … Different Management Disciplines can help you succeed Neutrality / Perception Support Infrastructure Expertise / Mentoring Vendor Network … BUT: You still need to do all the right things Case Study An Open Source Hypervisor > 10M Users Powering some of the biggest Clouds in Production Amazon Web Services, Rackspace Public Cloud, Terremark, … Several sub-projects Xen Hypervisor (including Xen on ARM), XAPI management tools, Mirage OS Linux Foundation Collaborative Project Sponsored by Amazon Web Services, AMD, Bromium, Calxeda, CA Technologies, Cisco, Citrix, Google, Intel, NetApp, Oracle, Samsung and Verizon 10 years old Four Key Issues Symptoms Consequences for Xen Fixes that were applied Effect this had (there may be others)
  • Design of the Next-Generation Securedrop Workstation Freedom of the Press Foundation

    Design of the Next-Generation Securedrop Workstation Freedom of the Press Foundation

    1 Design of the Next-Generation SecureDrop Workstation Freedom of the Press Foundation I. INTRODUCTION Whistleblowers expose wrongdoing, illegality, abuse, misconduct, waste, and/or threats to public health or safety. Whistleblowing has been critical for some of the most important stories in the history of investigative journalism, e.g. the Pentagon Papers, the Panama Papers, and the Snowden disclosures. From the Government Accountability Project’s Whistleblower Guide (1): The power of whistleblowers to hold institutions and leaders accountable very often depends on the critical work of journalists, who verify whistleblowers’ disclosures and then bring them to the public. The partnership between whistleblowers and journalists is essential to a functioning democracy. In the United States, shield laws and reporter’s privilege exists to protect the right of a journalist to not reveal the identity of a source. However, under both the Obama and Trump administrations, governments have attempted to identify journalistic sources via court orders to third parties holding journalist’s records. Under the Obama administration, the Associated Press had its telephone records acquired in order to identify a source (2). Under the Trump Administration, New York Times journalist Ali Watkins had her phone and email records acquired by court order (3). If source—journalist communications are mediated by third parties that can be subject to subpoena, source identities can be revealed without a journalist being aware due to a gag that is often associated with such court orders. Sources can face a range of reprisals. These could be personal reprisals such as reputational or relationship damage, or for employees that reveal wrongdoing, loss of employment and career opportunities.
  • Paravirtualizing Linux in a Real-Time Hypervisor

    Paravirtualizing Linux in a Real-Time Hypervisor

    Paravirtualizing Linux in a real-time hypervisor Vincent Legout and Matthieu Lemerre CEA, LIST, Embedded Real Time Systems Laboratory Point courrier 172, F-91191 Gif-sur-Yvette, FRANCE {vincent.legout,matthieu.lemerre}@cea.fr ABSTRACT applications written for a fully-featured operating system This paper describes a new hypervisor built to run Linux in a such as Linux. The Anaxagoros design prevent non real- virtual machine. This hypervisor is built inside Anaxagoros, time tasks to interfere with real-time tasks, thus providing a real-time microkernel designed to execute safely hard real- the security foundation to build a hypervisor to run existing time and non real-time tasks. This allows the execution of non real-time applications. This allows current applications hard real-time tasks in parallel with Linux virtual machines to run on Anaxagoros systems without any porting effort, without interfering with the execution of the real-time tasks. opening the access to a wide range of applications. We implemented this hypervisor and compared perfor- Furthermore, modern computers are powerful enough to mances with other virtualization techniques. Our hypervisor use virtualization, even embedded processors. Virtualiza- does not yet provide high performance but gives correct re- tion has become a trendy topic of computer science, with sults and we believe the design is solid enough to guarantee its advantages like scalability or security. Thus we believe solid performances with its future implementation. that building a real-time system with guaranteed real-time performances and dense non real-time tasks is an important topic for the future of real-time systems.
  • Paravirtualized Applications on Top of an L4/Fiasco Microkernel

    Paravirtualized Applications on Top of an L4/Fiasco Microkernel

    TECHNOLOGICAL EDUCATIONAL INSTITUTE OF CRETE Paravirtualized applications on top of an L4/Fiasco Microkernel by Emmanouil Fragkiskos Ragkousis A thesis submitted in partial fulfillment for the degree of Bachelor of Science in the Technological Educational Institute of Crete Department of Informatics Engineering March 31, 2019 TECHNOLOGICAL EDUCATIONAL INSTITUTE OF CRETE Σύνοψη Technological Educational Institute of Crete Department of Informatics Engineering Bachelor of Science by Emmanouil Fragkiskos Ragkousis In this thesis we added Zedboard support to L4/Fiasco, which allowed us to use it as a hypervisor. In this way we can achieve a better use of resources by sharing them between multiple operating systems and/or bare metal programs. It also allows us to achieve better security by controlling access to parts of the hardware. Thesis Supervisor: Kornaros Georgios Title: Assistant Professor at Department of Informatics Engineering, TEI of Crete TECHNOLOGICAL EDUCATIONAL INSTITUTE OF CRETE Σύνοψη Technological Educational Institute of Crete Department of Informatics Engineering Bachelor of Science by Emmanouil Fragkiskos Ragkousis Se αυτή thn πτυχιακή, prosjèsame υποστήριξη gia to Zedboard sto L4/Fiasco, me σκοπό na to χρησιμοποιήσουμε san hypervisor. Me αυτόn ton τρόπο μπορούμε na επιτύχουμε καλύτερη χρήση twn πόρων tou συστήματος, μοιράζοντας ton metaxύ diaforetik¸n leitourgik¸n συστημάτων kai efarmog¸n. EpÐshc mac epitrèpei na επιτύχουμε καλύτερη ασφάλεια elègqontac to thn πρόσβαση sto hardware. Epiblèpwn Πτυχιακής: Ge¸rgioc Κορνάρος TÐtloc: EpÐkouroc Καθηγητής tou τμήματoc Mhqanik¸n Πληροφορικής, TEI Κρήτης Acknowledgements This bachelor thesis is my first academic milestone and looking back I would like to thank all the people, that are not listed below, for their support and encouragement until today.