This talk describes how virtualization is changing the way computing is done in the industry today and how it is causing users to rethink how they view hardware, operating systems, and application programs. The talk will describe this new view of computing and the benefits driving users to adopt it. The roles of hardware and operating systems will be discussed, along with what changes will be needed to support this new computing model efficiently and simply.
(I missed the opening remarks and awards, which doesn't really
bother me because I know (from previous conferences) that there
really isn't that much useful
information in them.)
In addition to being Associate Professor of Computer Science at Stanford University, Mendel is one of the VMware Co-Founders. For Mendel's talk, he'll be wearing his VMware hat as well as his Stanford hat, both due to insights that the VMware aspect gives him, and because he can get VMware to make really cool PowerPoint slides for him.
The ability to record the execution of a virtual machine (especially in a compact and high-performance way) is a new concept in virtualization that didn't exist back in the 1960s.
Mendel envisions a future where all physical hardware has a virtualization layer on top of it, including individual desktops. In this model, desktop PCs sprinkled throughout the organization are all hardware resources that can be allocated and reallocated by the virtualization layer as appropriate.
For example, a user comes in in the morning, walks up to his PC, and taps the keyboard. In the old model, the screen saver would turn off, the monitor would come out of sleep mode, and the user would login.
In world Mendel envisions, the user's morning routine looks almost
the sameāhe walks up to his PC, taps the keyboard, and gets his
login screen. But what happens behind the scenes is that the
virtualization layer shuts down whatever virtual machines were
running on his PC hardware overnight, finds his virtual machine
(which had been suspended and stored the previous day, when the
virtualization layer realized the he had left for the day and his
virtual machine was idle), migrates the virtual machine to the
physical desktop, and activates it. Depending on how beefy
the physical hardware is, it may continue to host other virtualized
services. Or, if the user is doing something really intensive, the
virtualization layer will augment his physical hardware with other
resources (additional disk space, distributed processing power,
etc.).
Why didn't the OS vendor push virtualization? Mendel's view is because OS vendors have a drive to support as many applications as they can. This results in complexity, which is the enemy of security.
Mendel thinks that virtualization will radically simplify operating systems. If the hardware is virtualized, the operating system won't need to have ten million different Ethernet drivers, a billion different SCSI adapters, etc. He thinks specialized, appliance-oriented operating systems will arise to more effectively utilize virtual hardware.
Mendel teaches a class on operating systems. He starts the class by
asking the students: Why are you taking a class on operating
systems? Why not a class on spreadsheets, or word processors, or
security libraries? Why do you think an operating system is
special?
Mendel believes the OS will become a library; applications will choose the OS based on functionality and assurance requirements. For most applications, the OS will be a relatively small part of the application. This will lead to the creation of completely new operating systems that don't even exist today... for example, an OS just to run Java applications, or an operating system just to run online games, or an operating system just for banking applications (to embed specific security features into the OS). This starts looking a lot like 1980s microkernel technology.
Conclusions: virtualization is having a large impact on computing. The change in how we view and manage hardware is the most obvious change, but what is currently less obvious is how the role of operating systems will change. If Mendel is right, and everything's virtualized in the future, then not only will the operating systems of the future look radically different than today, but there will be many, many more of them, tailored to specific applications.
Mendel hopes that we'll all learn from our previous mistakes, and that we can get the hardware vendors to cooperate on trying to keep things simple.
Every time I hear the word DRM, I tend to get
agitated and walk off, so I'll try not to do that.
There
might be some ways to reconcile these desires,
Again, Mendel hopes we'll all learn from our previous mistakes.
We need to fight the trend to collapse functionality back into the operating system, as virtualization layers ten to lend themselves to microkernel-like approaches.
Mendel thinks it's fundamentally impossible to build a VMM that's undetectable; it's fairly trivial for any arbitrary software package (including malware!) to detect whether you're running in a VMM or not. However, we think that this question is only going to be relevant during the transition period. At some point in the future, we think this will be a pointless question to ask, because the answer will always be yes.
performance reasons? In other words, will we come full circle? (Again?)
We could, but Mendel thinks (hopes?) that that won't happen.
shared library?
There is some potential for optimization here, but a lot of things would probably be very, very difficult to do correctly/safely.
This is a challenging question, and I'm tempted to agree with you, to a degree.
Not at all; BEA built a lightweight OS that supported a gazillion threads incredibly efficiently.
We just announced VMware parallels. Steve Jobs doesn't want you to run MacOS in a VMM, so you should go bug him about that. If I'm right about the future, companies that don't like VMMs (e.g., because they're tying software license enforcement off of CPU IDs, or using other DRM-like technology that depends on hardware) will either adapt or go out of business, because everything will be virtualized.
You can go to the index of my Usenix notes.