Recent device hardware trends enable a new approach to the design of network server operating systems. In a traditional operating system, the kernel mediates access to device hardware by server applications, to enforce process isolation as well as network and disk security.We have designed and implemented a new operating system, Arrakis, that splits the traditional role of the kernel in two. Applications have direct access to virtualized I/O devices, allowing most I/O operations to skip the kernel entirely, while the kernel is re-engineered to provide network and disk protection without kernel mediation of every operation.We describe the hardware and software changes needed to take advantage of this new abstraction, and we illustrate its power by showing improvements of 2-5 in latency and 9 in throughput for a popular persistent NoSQL store relative to a well-tuned Linux implementation.
This is a very detailed description of this project in the form of a proper scientific publication, and is part of the Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation, accompanied by a presentation. You may want to grab something to drink.
Sounds similar to an exokernel coupled with some extra facilities.
Just my though…
In this age of easy virtualization/containerization, you can wonder whether it still makes sense for the kernel to focus so much on process isolation – or whether it makes sense to use general-purpose OS’es on servers in the first place!
Unikernels like OpenMirage could become a lot more interesting again!
A “virtualized I/O device” is just a less efficient way to make a call to the kernel. Or in this case the hypervisor. Which is the kernel with a fancier name.
Oh wait, for efficiency we use special paravirtual devices. So that’s reinventing the system call.
So much snark, but did you actually watch the video or read the paper? What you’re talking about is not what they’re describing at all.
A good way to describe what they are doing is to say that modern I/O hardware supports per-process virtual I/O devices. They have this capability for doing virtualized I/O in hypervisor environments, but they’ve configured it so that the kernel sets up the I/O devices’ hardware virtualization to appear dedicated to the user space process. Then the process just reaches into the I/O device directly. This is much like how an MMU is configured and managed by the kernel, but a process doesn’t need to call out to the kernel on every memory access.
Do you really think they’d be presenting at Usenix if it was as misguided as you say?
While watching a presentation on it i found myself thinking about DOS in a VM with Page table managed IO (or something like that).
Edited 2014-11-18 10:03 UTC