LightVMs vs. Unikernels

Transcription

1 1. Introduction LightVMs vs. Unikernels Due to the recent developments in technology, present day computers are so powerful that they are often times under-utilized. With the advent of virtualization, this problem is solved by hosting multiple guest operating systems on a single computer. However, this comes with its share of problems. Some of them are isolation, security and efficiency. The hypervisor, the key component for virtualization is already designed to provide necessary isolation and security. But the major issue is efficiency. Extensive research is done and being done on addressing this problem. In this paper, we are going to discuss two different papers on this: Unikernels: The Rise of the Virtual Library Operating Systems[1] and My VM is Lighter (and Safer) than your Container[2]. Though the papers have different approaches and goals, the key underlying problem that is addressed is related to efficiency and longer boot times. The rest of this paper is organized as follows: Section 2 talks about the goals of unikernels and lightvms. Section 3 compares and contrasts the goals. Section 4 argues that the lightvm approach is better than the unikernel approach. Section 5 concludes the paper. 2. Goals of the papers 2.1 Goals of Unikernels According to Unikernels: Rise of the Virtual Library Operating Systems: Unikernels are specialized OS kernels that are written in a high-level language and act as individual software components. [1] In other words, Unikernels = Library Operating System + Application (compiled together) Library OS is an implementation of higher-level abstractions that can be implemented as required by the applications to improve its performance and functionality. It contains only the libraries needed by the application it binds to. This is not a new innovation with this paper. Many others have already explored it for example, Exokernel [3]. However, due to the lack of the required ecosystem, and trying to do a lot at the same time like addressing the general purpose OS thereby putting a lot of

2 responsibility and work on application developers made it not so popular. But the idea of libos can be borrowed. The main problem that these unikernels address is that it reduces the unwanted layers of abstraction and indirection, which makes debugging difficult for the developer. The goal of unikernels is to organize the VMs in such a way that the kernel and user code is divided into small modular components that are flexible, secure and reusable[1]. By doing so, the application is statically compiled with the framework needed rather than dynamically linking them, thus reducing the boot times. Figure 1: Traditional OS structure (left) vs unikernel[4] 2.2 Goals of LightVM According to My VM is Lighter (and Safer) than your Container: LightVM is a new virtualization solution based on Xen that is optimized to offer fast boot-times regardless of the number of active VMs. [2] The goal of LightVMs is to address the problems of containers i.e. weaker isolation and the problems of traditional VMs i.e. efficiency and low density of VMs on a host. It wants to develop a solution that takes the best of the both worlds and create a light version of VM that is as quick as containers and as secure as traditional VMs. 3. Compare and contrast between the goals In this section, we will look at the similarities and differences between the goals of both unikernels and lightvms. Comparison: Though the motivation behind the unikernels and lightvms is different, the main underlying goal or the result is the same: faster boot times through lighter guest operating systems [Figure 2]. Also, they both target virtual machine hosts that run a single application. They do not address the general purpose or multiple applications scenario in detail. I think this is acceptable as most of the deployed VMs in real world usually perform only single function such as acting as a database or webserver.

3 Figure 2: Boot times grow linearly with VM size[2] Contrast: There are no differences in the key goal. However, different motivations lead to different approaches. There are few differences in the approaches that are listed below. In unikernel approach, it does not make any changes to the underlying hypervisor. They depend on OS virtualization to provide strong resource isolation and providing the device driver writers. Also, it heavily relies on the programming language used to implement it exploiting the features such as type safety, static checking, memory management, and many more. However, in the lightvm approach, it makes extensive changes to the underlying Xen hypervisor by replacing XenStore with noxs architecture and employing split tool stack. Also, its results depend on the image size of the VM. 4. LightVM better than Unikernel LightVMs goals depend on reducing the image size and memory footprint of guest VMs. So, they use either unikernels or Tinyx, a tool that creates a lighter version of Linux. But the results of lightvm when run on unikernels are better than Tinyx. Below are some figures from My VM is Lighter (and Safer) than your Container paper that supports the above statement. Figure 3: Boot times for unikernel and Tinyx guests over lightvm[2] Figure 4: Scalability of VM memory usage for different VMs[2] Note: Here, Minipython is unikernel.

4 However, building a unikernel is not always feasible due to the amount of expert time needed and also it is a very complicated process. So, in case we are not able to create a unikernel due to time constraints, we can still rely on using Tinyx whose results are comparable to unikernel in most cases. Below are few figures from experiments that support the above statement. Figure 5: CPU usage for a unikernel and Tinyx[2] Also, a point to be noted here is that the advantages of lightvm not only comes from the reduction in the size of VMs but also due to the architectural changes made to the underlying hypervisor (here Xen). Below is the figure that shows that even though the load is same across all the implementations, the one that uses lightvm has considerably low creation time. Here xl is Xen without any optimizations. Figure 10: Creation times for up to 1,000 instances of the daytime unikernel for all combinations of LightVM s mechanisms.[2] Observe that lightvm performs much better than non-optimized Xen for the same load. So, we can say that lightvm alone can give us positive results. But when coupled with unikernels or Tinyx, it yields better results.

5 However, that is not the case with unikernels. Unikernels are application dependent and is tightly coupled with the implementation language. So, it is has to be redesigned every time you change the application or the platform. But for lightvms, most of the components used for one type of virtualization can be reused by another. For example, components developed for Xen can be reused by KVM. Also, Tinyx do not require application porting[2]. Due to the benefits discussed above, we can say that lightvm approach is better than unikernel approach. 4. Conclusion As we have seen, the goals of lightvm and unikernels are closely related. They only differ in their motivation and hence their approaches are different. Due to the replacement of Xenstore with noxs architecture and split tool stack, lightvm performs well even without the aid from unikernels and Tinyx. However, to reap full benefits of lightvm, it should be built over unikernels. In conclusion, we can say that success of lighter virtualization by lightvm and unikernels go hand in hand. 5. References [1]. MADHAVAPEDDY, A., AND SCOTT, D. Unikernels: The rise of the virtual library operating system. Communications of the ACM 57, 1 (Jan. 2014), [2]. MANCO, F., LUPU, C., SCHMIDT, F., MENDES, J., KUENZER, S., SATI, S., YASUKATA, K., RAICIU, C., AND HUICI, F. My VM is Lighter (and Safer) than your Container. In Proceedings of the 26th Symposium on Operating Systems Principles, pages ACM, [3]. ENGLER, D., KAASHOEK, M., AND O'TOOLE, J. Jr. Exokernel: An Operating System Architecture For Application-Level Resource Management. In Proceedings of SOSP '95, December [4]. BRIGGS, I., DAY, M., GUO, Y., MARHEINE, P., AND EIDE, E. A Performance Evaluation of Unikernels. Prepared for CS6480, Advanced Computer Networking, Fall 2014 by students of School of Computing, University of Utah. [5].