.-----------------------------------------------------------------------------. | | | Erlang Factory 2014 | | | | | | Comparison and Commentary on | | "Application Operating System" | | with Traditional Operating Systems | | | | | | C. Thomas Stover | | | | | | | | | | March 6, 2014 | | 17:00 Pacific Standard Time | | Crystal Lounge, 11th Floor | | Marines’ Memorial Club & Hotel | | San Francisco, California | | | | Alert Logic| '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | Who am I? | | | | | | | | C. Thomas Stover (thomasstover.com) | | | | tstover@alertlogic.com | | | | | | * Holistically support both systems level native and Erlang code base | | | | | | * Learning Native -> Erlang vs Erlang -> Native | | | | | | | | | | | | | | Alert Logic| '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | Who is Alert Logic? | | | | | | http://www.alertlogic.com/ ************************* | | * Looking for the Best! * | | Principle Engineering Locations: ************************* | | * Houston, Texas (United States) | | * Santiago de Cali Columbia | | | | Partnered with Reksoft in St. Petersburg Russia | | | | * Heavy Erlang Deployment | | * Heavy Native Code Users | | | | | | | | | | | | | | Alert Logic| '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | Intersection of Themes: | | | | I - Functional & Declarative vs. Procedural & Imperative | | | | II - Real Machine vs Virtual Machine | | | | III - Static vs Dynamic Typing | | | | IV - Human Performance vs Computing Performance | | | | V - The layers quagmire | | | | | | | | | | | | | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .--------------------------------------------------------------------------. | Provisioning & Orchestration | .--------------------------------------------------------------------------. | Logical Tasks | | Programs / Applications | .--------------------------------------------------------------------------. | User land | | shell, OTP libc, daemons, shell | .--------------------------------------------------------------------------. | Resource Multiplexing | | OS Kernel, Hypervisor, Bare Metal VM, libos | .--------------------------------. .---------------------------------------. | Machine Code API | | Hardware Abstraction | | ia32 ARM amd64 POWER ia64 | | OS Device Drivers, Hypervisor, | | SPARC MIPS PDP-11 etc... | | Bare Metal VM, libos | .--------------------------------------------------------------------------. | Physical Computer .---------------------. | | | Coreboot, BIOS, ... | | | .-----------------------------. .-----------------------------------. | | | CPU(s) .-----------.| | Devices .-----------.| | | | | Microcode || | | Firmware || | | | '-----------'| | '-----------'| | '--------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | | | Popular Resource Multiplexing Models | | | | .----------------------------------------------------------------. | | | Computer | | | |.--------------------------------------------------------------.| | | || Operating System || | | || .----------------------------. .----------------------------.|| | | || | Containerized Environment | | Containerized Environment ||| | | || | .-----------. | | .-----------. ||| | | || | | Workloads | | | | Workloads | ||| | | || | '-----------' | | '-----------' ||| | | || '----------------------------' '----------------------------'|| | | |'--------------------------------------------------------------'| | | '----------------------------------------------------------------' | | | | | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | | | .--------------------------------------------------------------------. | | | Computer | | | |.------------------------------------------------------------------.| | | || Operating System .-------------------------------.|| | | ||.-------------------------------.| Virtualized Environment ||| | | ||| Virtualized Environment ||.-----------------------------.||| | | ||| .----------------------------.||| Operating System |||| | | ||| | Operating System ||||.---------------------------.|||| | | ||| | .----------.||||| Virtual Machine.----------.|||| | | ||| | | Workload |||||| | Workload ||||| | | ||| | '----------'||||'----------------'----------'|||| | | ||| '----------------------------'||'-----------------------------'||| | | ||'-------------------------------''-------------------------------'|| | | |'------------------------------------------------------------------'| | | '--------------------------------------------------------------------' | | | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | | | .-------------------------------------------------------------------------. | | | Computer | | | |.-----------------------------------------------------------------------.| | | || Special Purpose Hypervisor OS || | | || .---------------------------------. .-------------------------------. || | | || | Virtualize Environment | | Virtualize Environment | || | | || |.------------------------------. | |.-----------------------------.| || | | || || Bare Metal Virtual Machine | | || libos || || | | || || | | || || || | | || || .----------. | | || Workload || || | | || || | Workload | | | || || || | | || || '----------' | | || || || | | || |'------------------------------' | |'-----------------------------'| || | | || '---------------------------------' '-------------------------------' || | | |'-----------------------------------------------------------------------'| | | '-------------------------------------------------------------------------' | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | .-----------------------------------. | | | Computer | | | |.---------------------------------.| | | || Traditional OS || | | || .------------------------------.|| | | || | Batch Scheduling & Dispatch ||| | | || '------------------------------'|| | | |'---------------------------------'| | | '-----------------------------------' | | | | .----------------------------------. .----------------------------------. | | | Computer | | Computer | | | |.--------------------------------.| |.--------------------------------.| | | || Single Tasking OS .----------. || || Single Tasking OS .----------. || | | || | Workload | || || | Workload | || | | || '----------' || || '----------' || | | |'--------------------------------'| |'--------------------------------'| | | '----------------------------------' '----------------------------------' | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | | | Theme V: Operating System vs "Application Operating System" | | aka "micro service" | | | | | | | | | | Definition "Operation System" | | | | Definition "Application Operating System" | | | | * Erlang can be both. | | | | * It can also mean more (network operating system) | | | | | | | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | Micro Kernel Architecture | | | | .-------------------------------------------. | | | Kernel Mode .------------------. | | | | | Message Passing | | | | | | Facility | | | | | .---------. '------------------' | | | | | Service -----------------------. message passing | | | '---------' .---------. .----v----. | | | | | Service | | Service |<-----. | | | '---------' '---------' | | System Call | | '-------------------------------------------' | | | .--------------------------|--------. | | | User Mode | | | | | | | | | | .---------. .---------. | | | | | Process | | Process | | | | | '---------' '---------' | | | '-----------------------------------' | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | | | Compare and Contrast Area I | | | | * Processes, Threads, Fibers | | | | - Protected Address Space | | | | - Shared Protected Address Space | | | | - Manual stack frame switching, or stackless | | | | | | | | | | | | | | | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | | | Erlang Process / Actors | | | | * fibers | | | | | | 1 - Mitigate drawbacks introduced with functional programming | | (state with immutable data) | | | | 2 - Program as a system, message passing paradigm | | ("application operating system") | | | | 3 - Bonus: strategy for concurrency problems | | | | | | 0 - Hardware was once different | | | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | Erlang Process / Actors | | | | | | Does this make things faster? | | No | | | | 1) Hardware vs. Virtual Machine | | | | 2) Memory management | | | | 3) Dynamic Types | | | | 4) No vector operations | | | | Well... | | | | 1) High level language; quality tool | | | | 2) Distributed programming | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | Compare and Contrast Area II | | | | * Security through brokered access | | | | | | -physical restricted access | | | | -network restricted access | | | | -memory protection | | | | -cryptography | | | | | | | | *intra-process security with fibers can only exist with virtual machines | | (or something like NaCL) | | | | * erlang security model is comparable to kernel mode programming | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | Compare and Contrast Area III | | | | | | * Supervisory Logic | | | | -OTP Supervisors | | | | -Sys V Init | | | | -SystemD | | | | -Service Control Manager | | | | | | | | | | | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | Compare and Contrast Area IV | | | | | | * Networking / Distribution | | | | - Message Passing | | | | - Sockets | | | | | | * IPC | | | | - Message Passing | | | | - Sockets | | | | - Memory Sharing | | | | - Signals | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | Compare and Contrast Area V | | | | | | * Resource Managment | | | | -Credentialed | | | | -Prioritized | | | | -Policied | | | | -Accounted | | | | | | | | | | | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | Compare and Contrast Area VI | | | | | | * Code Versioning | | | | -Dynamic Reloading | | | | -Kernel Modules | | | | -Disk backed versioning (ld.so) | | | | | | | | | | | | | | | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | | | Example: BBS System | | | | | | Requirements | | | | * Multi-node scalable | | * Multi-user secure | | * External program support (doors) | | * Chat server | | | | | | | | | | | | | | | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | .------------. | | | Supervisor | | | .--------------------. '------------' | | | Connection Handler | | | '--------------------' | | .-------------. | | .-----------------. | Chat Server | | | | session handler | '-------------' | | '-----------------' | | | | .-----------------. | | | session handler | | | '-----------------' .------------. .------------. | | | Doors Port | | Doors Port | | | .-----------------. '------------' '------------' | | | session handler | | | '-----------------' | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | .---------. | | | systemd | | | .--------------------. '---------' | | | sshd | | | '--------------------' | | .-------------. | | .-----------------. | Chat Server | | | | session handler | '-------------' | | '-----------------' | | | | .-----------------. | | | session handler | | | '-----------------' .--------------. .--------------. | | | Door process | | Door process | | | .-----------------. '--------------' '--------------' | | | session handler | | | '-----------------' | | | | | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. |.--------------------. .--------------------. | || Computer | .----------------------. | Computer | | ||.-----------------. | | Computer | |.-----------------. | | ||| sshd | | | | || sshd | | | ||'--------|--------' | | .-----------------. | |'-----------------' | | || | | | | session handler | | | | | | ||.--------v--------. | | '-----------------' | | v | | ||| session handler | | | ^ | |.-----------------. | | ||'-\---------------' | | | | || session handler | | | || \ | | | | |'----------------/' | | ||.---v-----------. | | .---------------. | | / | | ||| session proxy |---------->| session proxy |<--------.--------------v. | | ||'---------------' | | '---------------' | || session proxy | | | |'--------------------' | | | |'---------------' | | | | | | | | | | | v | '--------------------' | | | .-----------------. | | | | | session handler | | | | | '-----------------' | | | '----------------------' | | Alert Logic | '-----------------------------------------------------------------------------' .-----------------------------------------------------------------------------. | | | | | | | | | Thank You! | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Alert Logic| '-----------------------------------------------------------------------------' *