The GNU/Hurd architecture, nifty features, and latest news



Similar documents
Debian GNU/Hurd Status update

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

DTC & DTC-Xen Running a VPS business with Xen Thomas Goirand, GPLHost CEO. Xen Summit Asia at Intel 2009

LSN 10 Linux Overview

PARALLELS SERVER BARE METAL 5.0 README

Week Overview. Running Live Linux Sending from command line scp and sftp utilities

VMWARE Introduction ESX Server Architecture and the design of Virtual Machines

PARALLELS SERVER 4 BARE METAL README

Converting Linux and Windows Physical and Virtual Machines to Oracle VM Virtual Machines. An Oracle Technical White Paper December 2008

Version 1.0. File System. Network Settings

System administration basics

HTTP-FUSE PS3 Linux: an internet boot framework with kboot

10 STEPS TO YOUR FIRST QNX PROGRAM. QUICKSTART GUIDE Second Edition

EXPLORING LINUX KERNEL: THE EASY WAY!

The BackTrack Successor

IT6204 Systems & Network Administration. (Optional)

Oracle VM Server Recovery Guide. Version 8.2

Survey of Filesystems for Embedded Linux. Presented by Gene Sally CELF

Windows Template Creation Guide. How to build your own Windows VM templates for deployment in Cloudturk.

Buildroot for Vortex86EX (2016/04/20)

Planning for an Amanda Disaster Recovery System

Network File System (NFS) Pradipta De

Practical Applications of Virtualization. Mike Phillips IAP 2008 SIPB IAP Series

OS Installation Guide Red Hat Linux 9.0

Virtualization of Linux based computers: the Linux-VServer project

The System Monitor Handbook. Chris Schlaeger John Tapsell Chris Schlaeger Tobias Koenig

Virtualization. Dr. Yingwu Zhu

Overview. Remote access and file transfer. SSH clients by platform. Logging in remotely

How do Users and Processes interact with the Operating System? Services for Processes. OS Structure with Services. Services for the OS Itself

Chapter 14 Virtual Machines

What this document covers: Physical to Virtual Migration with Portlock Storage Manager

Linux System Administration on Red Hat

A quantitative comparison between xen and kvm

InfiniBand Software and Protocols Enable Seamless Off-the-shelf Applications Deployment

RH033 Red Hat Linux Essentials or equivalent experience with Red Hat Linux..

ReactOS is (not) Windows. Windows internals and why ReactOS couldn t just use a Linux kernel

Easy Setup Guide 1&1 CLOUD SERVER. Creating Backups. for Linux

II. Installing Debian Linux:

Yocto Project Eclipse plug-in and Developer Tools Hands-on Lab

DiamondStream Data Security Policy Summary

Operating System Components and Services

Managed Backup Service - Agent for Linux Release Notes

Introduction to Operating Systems

Introduction to the EIS Guide

We mean.network File System

Cray DVS: Data Virtualization Service

Operating System Components

LOCKSS on LINUX. CentOS6 Installation Manual 08/22/2013

Application-Level Debugging and Profiling: Gaps in the Tool Ecosystem. Dr Rosemary Francis, Ellexus

CS 377: Operating Systems. Outline. A review of what you ve learned, and how it applies to a real operating system. Lecture 25 - Linux Case Study

KVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com

Full and Para Virtualization

Network Attached Storage. Jinfeng Yang Oct/19/2015

How To Install Acronis Backup & Recovery 11.5 On A Linux Computer

SUSE LINUX Enterprise Server for SGI Altix Systems

Implementing SAN & NAS with Linux by Mark Manoukian & Roy Koh

The QEMU/KVM Hypervisor

Example of Standard API

In this chapter, we want to make sure that your computer (and you) is ready for the Red Hat Linux installation.

CS197U: A Hands on Introduction to Unix

StarWind iscsi SAN Software: Using StarWind with VMware ESX Server

A candidate following a programme of learning leading to this unit will be able to:

System i and System p. Customer service, support, and troubleshooting

How to Backup XenServer VM with VirtualIQ

Virtualised MikroTik

Option nv, Gaston Geenslaan 14, B-3001 Leuven Tel Fax Page 1 of 14

Linux firewall. Need of firewall Single connection between network Allows restricted traffic between networks Denies un authorized users

Solution for private cloud computing

Operating System Structure

HARFORD COMMUNITY COLLEGE 401 Thomas Run Road Bel Air, MD Course Outline CIS INTRODUCTION TO UNIX

Abstract. Microsoft Corporation Published: August 2009

What is included in the ATRC server support

Building Docker Cloud Services with Virtuozzo

Introduction to Gluster. Versions 3.0.x

Virtualization and Performance NSRC

Kaspersky Endpoint Security 8 for Linux INSTALLATION GUIDE

Quick Start Guide. Quick Start Guide. taskit GmbH. for Portux920T EU / SW Portux Mini-PC Portux Panel-PC Panel-Card MoLUX Stamp

Q N X S O F T W A R E D E V E L O P M E N T P L A T F O R M v Steps to Developing a QNX Program Quickstart Guide

2972 Linux Options and Best Practices for Scaleup Virtualization

Software SIParator / Firewall

VMware Server 2.0 Essentials. Virtualization Deployment and Management

VMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D

Module I-7410 Advanced Linux FS-11 Part1: Virtualization with KVM

Objectives. Chapter 2: Operating-System Structures. Operating System Services (Cont.) Operating System Services. Operating System Services (Cont.

Red Hat System Administration 1(RH124) is Designed for IT Professionals who are new to Linux.

The Virtual Environment

FAME Operating Systems

Windows Server 2003 default services

October Gluster Virtual Storage Appliance User Guide

Chapter 8: Installing Linux The Complete Guide To Linux System Administration Modified by M. L. Malone, 11/05

Ubuntu Linux Reza Ghaffaripour May 2008

Tivoli Storage Manager Lunch and Learn Bare Metal Restore Dave Daun, IBM Advanced Technical Support

Configuring Virtual Blades

BrightStor ARCserve Backup for Linux

Date: December 2009 Version: 1.0. How Does Xen Work?

How to set up multiple web servers (VMs) on XenServer reusing host's static IP

Transcription:

The GNU/Hurd architecture, nifty features, and latest news Samuel Thibault 2013 February 2nd 1

It's all about freedom #0 The freedom to run the program, for any purpose I.e.: Freedom from sysadmin! WTH is fdisk/mke2fs/... hidden in /sbin? I should be able to just work with my disk/network access Freedom to innovate Experimental filesystem, personal work-flow, new kind of process combination,... Also provide freedom from misbehaving programs 2

It's all about freedom #0 From: xxx <xxx@yyy.fr> Subject: Network expertise Date: Thu, 31 Jan 2013 12:37:34 +0100 [ ] Would it be possible to route to my VPN the traffic of only one application? Actually, also well-known classical issue of full-vpn: traffic of the VPN itself shouldn't go through the VPN! And yet, here root capabilities!! Spoiler: Yes, GNU/Hurd can already do it. Without asking root. 3

It's all about freedom #0 Extensibility for the user Mount one's own files Access archives content Access remote files Experiment with filesystems Access one's own network Access remote networks / VPN Access virtual machine network Redirect one's sound... Through network Sound effects Recording 4

Outline Monolithic/Gvfs/FUSE/micro-kernel layering Hurd layering Hurd nifty features Present and future 5

Traditional monolithic layering ifconfig mount sh cp root user VFS EXTxFS ISOFS NFS Kernel IP 6

Traditional monolithic layering User mounts through users option Need to ask root and frowned upon Only kernel-provided filesystems User network through tap Need to ask root No personal firewall tuning support 7

gvfs layering root VFS ifconfig mount user sh cp gedit gvfs EXTxFS ISOFS NFS Kernel IP 8

gvfs layering Supports a lot of nice features Transparent ftp, webdav, smb,... Only works for gnome applications Not even in gnome-terminal shells Not easily extensible i.e., does not compose well. 9

FUSE layering fuse ifconfig mount sh cp root user VFS FUSE EXTxFS ISOFS NFS Kernel IP 10

FUSE layering, user root ifconfig mount user fuse sh cp VFS FUSE EXTxFS ISOFS NFS Kernel IP 11

FUSE layering Provides a lot of nice features, but Does not combine well by default cd ~/.avfs/#ftp:ftp.gnu.org/.../coreutils 6.9.tar.bz2# does not work Does not optimize well by default fuseiso9660 ~/.avfs/#ftp:ftp.gnu.org/.../foo.iso ~/mnt downloads it all! Does not provide all root features by default How to deal with partitioned disk image? e2fsck what? Users are still second-class citizens 12

Micro-kernel layering ext2fs pfinet root auth proc user sh cp Kernel Tasks, memory, IPC 13

Micro-kernel layering ext2fs pfinet root auth proc user sh cp Kernel Tasks, memory, IPC 14

Micro-kernel layering Server crash? Not a problem Computer bought the farm is just an error, not something-of-the-death Easier to debug/tune Just run gdb, gprof, Can dare crazy things The Hurd console has dynamic font support See chinese support in pseudo-graphical mode (actually pure VGA textmode!) of Debian installer. Kernel only handles Tasks, memory, IPC 15

Hurd possibilities ext2fs pfinet root auth proc ftpfs user sh isofs cp Kernel 16

Hurd possibilities settrans ~/ftp: /hurd/hostmux /hurd/ftpfs / (just once for good) settrans a ~/mnt /hurd/iso9660fs ~/ftp://ftp.gnu.org/old gnu/gnu f2/hurd F2 main.iso ls ~/mnt README or FAIL Only downloads what is needed. Can be permanently stored in ext2fs settrans ~/.signature /hurd/run /usr/games/fortune 17

How does it work? ext2fs pfinet root auth proc ftpfs user sh libc isofs cp libc Kernel 18

Rationale - Everything is a (interposable) RPC - Translators exposed in the FS The user gets to decide what/how to interpose Without need for costly ptrace or fragile libc symbols interposition. Native fakeroot/chroot Fully virtualized and fine-grained interface Just need to use what's provided by the admin, e.g. $HOME/ TCP/IP stack and pile over it 19

Example: interpose TCP/IP stack settrans ca $HOME/servers/socket/2 /hurd/pfinet i $HOME/servers/tun0 hexdump $HOME/servers/tun0 & ~/remap/remap.sh /servers/socket/2 $HOME/servers/socket/2 wget www.gnu.org My own translator Can now plug my own VPN software Only wget accesses it (well, the shell too :) ) 20

But also ~/remap/remap.sh /bin/sh $HOME/bin/sh ~/remap/remap.sh /bin $HOME/unionbin Check out Guix! 21

Hurd possibilities (cont'ed) ext2fs pfinet root auth proc open vpn ftpfs pfinet part sh ext2fs isofs user cp Kernel 22

Hurd possibilities (cont'ed) ext2fs pfinet root auth proc open vpn ftpfs pfinet part sh ext2fs isofs user cp Kernel i.e. ISO image inside a partitioned disk image on ftp over a VPN 23

Hurd possibilities (cont'ed) VPN running as user Parted running as user Chroot running as user Tarfs, Xmlfs, cvsfs, httpfs, gopherfs,...... No less power than root Since root uses the same mechanism anyway! Except direct hardware access, of course And still, can chmod o+rw /dev/eth0 And still, could be interfaced safely thanks to I/O MMU More power for everybody (root and non-root) Combine translators, invent new ones without kernel programming,... 24

Neighbour Hurds user sh cp user sh cp ext2fs ext2fs auth auth pfinet root proc pfinet root proc Kernel 26

Neighbour Hurds user sh cp user sh cp ext2fs ext2fs auth auth root proc pfinet root proc Kernel 27

Sub-Hurd ext2fs pfinet root auth proc ext2fs pfinet user/root auth proc sh user cp Kernel 28

Neighbour/Sub-Hurd Looks like Linux containers Except they can be combined in many ways, including recursive Simply the standard features in the Hurd Safer, because ext2fs, pfinet, etc. are not shared And complete Since that's how a normal Hurd system is structured already. Linux containers have a hard time being completely contained, e.g. sound? 29

Current State Hardware support i686 DDE Linux 2.6.32 drivers layer for network boards In userland netdde translator! IDE, SCSI, PCMCIA, Xorg,... Xen PV domu No USB, no sound, no SATA. 30

Current State Software support Quite stable I don't remember when I last reinstalled by system, several years ago at least. Used only for development, though. Debian buildds keep building packages, usually hang after some weeks, out of some remaining memory leak. ~78% of Debian archive builds out of tree XFCE, almost gnome, almost KDE Firefox (aka iceweasel), gnumeric, Standard Debian Installation CD Will release some unofficial Debian Wheezy CDs Nix-based distribution 31

Future work Make an unofficial Debian GNU/Hurd Wheezy release!! Xen PVH support SATA driver X86_64 support Language bindings for translators Read-ahead {hdd,sound,usb}dde? Official Debian GNU/Hurd Jessie? Your own pet project? 32

Hardware support Æternam issue of all our nice micro-kernel projects KVM / Xen support Leverage existing system Not satisfactory, even if very good performance: users want to run on real hardware of course! DDE layer Leverage Linux drivers Still has to be maintained Shared maintenance? 33

People at work nowadays Emilio Pozuelo Monfort : gnome Jeremie Koenig : glibc, openjdk Olaf Buddenhagen : community, mentor Pino Toscano : KDE Samuel Thibault : debian installer, autobuilders Thomas Schwinge : GNU gdb, gcc And various porters : Gabriele Giacone, Svante Signell, You're welcome! 34

Thanks! http://hurd.gnu.org/ http://www.debian.org/ports/hurd/ http://people.debian.org/~mbanck/debian-hurd.pdf The increasing irrelevance of IPC performance for microkernel-based Operating Systems http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.37.9653&rep=rep1&type=pdf 35