1

PCs for Mere Mortals

Monica Lam

Stanford University

2

PCs

• Hardware: Cheap and fast– $500: 2.6 GHz, 128 MB mem, 40GB disk

• Market penetration– 69% of U.S. households have PCs– 75% of U.S. people using the Internet– 24% of U.S. households have DSL

� Software� insecure, fragile, frustrating to use

3

Internet Worms

• MSBlaster, Nimda, CodeRed , …• Slammer

– infected > 75,000 machines, most within 10 minutes

– damage estimated to be $1 billion

• Patches were available before attacks– Not installed on computers:

at home, companies, Microsoft

4

System Management

• Set up– Software purchases and installations– Network of machines– File servers with back up– Firewalls

• Maintenance: – Security patches, software upgrades– Hardware upgrades

• Error recovery– Recover data from back up – Re-install OS + software

5

Home Computer Administration Tasks

• Fall on consumers• Cannot solve problems

by simply purchasing new computers!• How much does professional system

admin cost?

6

Professional System Admin

• Adminstration and support– $11,900 a PC a year (Gartner)

• Labor costs >> hardware costs • Hidden costs: loss of productivity• A linear function!

7

Incremental Improvement Insufficient

• Professional system admin is necessary!– Office users– Telecommuters– Consumers

• Must make system administration scalescale• Leverage hardware technology

– machine cycles– network bandwidth– storage capacity

8

How do we make computers as easy to use as TVs?

• Turn on computer connected to a network• Plug in personal “key” to unlock private

data• Dial to different channels of the latest

software

9

No software installation!No operating system re-install!

No computer viruses!Automatic backups

Global access everywhere

10

Appliances

• Unix-based PC• Fixed function• Simple and intuitive interface• Guaranteed automatic updates

11

+ OS, Applications, Data(bits)

Virtual Appliance

Appliance

12

Virtual Appliance Computing Model

VAPRepository

INTERNET

User Data

VAPreceivers

13

Appliance Flow

VAPRepository

INTERNET

User Data

VAPreceivers

(1) Publisher stores VAPs

14

VAPRepository

INTERNET

User Data

VAPreceivers

Appliance Flow

(2) User logs onto a VAP Receiver

15

VAPRepository

INTERNET

User Data

VAPreceivers

Appliance Flow

(3) VAP receiver authenticates user

16

VAPRepository

INTERNET

User Data

VAPreceivers

Appliance Flow

(4) VAP receiver gets latest copy of VAP, mounts user data

17

VAPRepository

INTERNET

User Data

VAPreceivers

Appliance Flow

(5) VAP receiver runs VAP and writes back user data

18

OSes are not run onOSes are not run onbarebone hardwarebarebone hardware

– Rich API– Impossible to perfect– Vulnerable– Who re-installs the OS?

Updates it and backs it up?

19

VAP receiver: A Service Plane

• A relatively small trusted computing base• Runs VAPs using a virtual machine

monitor – e.g. VMware GSX / ESX– Runs Linux, Windows software

• Provides service functions:– Transfers, updates, backs up VAPs

All without modification to appliancesAll without modification to appliances

20

Advantages

• Security– Up-to-date security patches– Pristine copy with each log in

• Appliance publication model is scalable• User mobility• Simple hardware management

– Anonymous hardware

21

Top 4 Questions

4. What if I wish to install a flash plug in? or new software?� Published appliance is a fully-tested superset of most users’ environments

� Use multiple VAPs� Company admins prepare 1 for each role� Distribution of software as VAPs� Install software in separate playpen VAP

22

4. What if I wish to install a flash plug in? or new software?

Top 4 Questions

� Limited software selection� Limited interactivity� Application lock-ins� Data privacy: photos? tax returns? email?

� Scattered data

3. Why not just more web applications?

23

3. Why not just more web applications?

Top 4 Questions

2. How slow is this model? 2. How slow is this model?

1. How to deploy this?1. How to deploy this?

4. What if I wish to install a flash plug in? or new software?

24

VAPs as a Data Type

• VAPs are large!• What is in a VAP? • Operations

– Create– Store– Update– Customize– Transfer– Back up

25

A Virtual Appliance

• Contents of the bits on an x86 machines• Program disk

– Default Windows XP: 1.5 GB– Red Hat version 7.2: 1.6 GB

• Data disk– Use CVS or network-mounted files for

sharing

• Suspended memory image (100s MB)

26

Virtual Networks of Virtual Appliances

Firewall

DNS LDAP

Plone

Mail

Parent Network

• A group appliance

27

Updates

Version 0

Diffs = Copy-on-write disks

• New software installation & upgrades– Sizes similar to installer and update

packages– Guaranteed to work

28

Customizations = InheritancePublisherupdates

� ��� ��

+ UserParameters

inheritance

��� �� �

� � � � � ��� � � �� � � + UserParameters

inheritance

��� �� �

� � � � � ��� � � �� � �

29

Transfer: Moving Memory Image• Move memory image, demand-fetch the

rest– Memory image holds working set– Eliminates boot-up overhead

• Especially significant for Java apps

– “Ballooning” reduces size of state

• Transfers a new memory image in about 10 minutes over DSL link

30

Transfer opt: Cache

• Opportunity:– Same appliances used on same machines

• Cache– Immutable appliances simplify caching– Speeds up re-use of similar appliances

31

Transfer opt: Portable storage

• USB flash drive: 1.5 GB, $175• Compact flash microdrive: 4 GB, $369• 1.8’’ portable hard disk: 40 GB, $180• 2.5’’ portable hard disk: 60 GB, $125

We can carry our cache with us!We can carry our cache with us!

32

Transfer opt: Portable storage

A bootable image of a VAP receiver + a cache• Easy deployment:

– Make any PC our own– Does not change the state of hosting PC

• Universal access:– Access to all VAPs on the network

• Network accelerator: – Fast access to appliances previously used

33

USB drives (cont.)

• Automatic storage management– A precharging process

pre-loads drive with popular blocks

• Automatic backup:– Continuously saves data in background– Keychain mostly carries redundant state

• Secure: leaves no trace on host computer

34

Collective Prototype

• CVL: a Collective virtual appliance language– Virtual appliance networks– Customization specified as inheritance

• Repository– Naming to keep track of versions

35

Collective Prototype (cont.)

• VAP Receiver – Assumes the computer can be connected to

the network using DHCP– 500 MB bootable image

• Knoppix Linux• VMware GSX virtual machine monitor

– Talks to the repository via NFS over SSH

36

Preliminary Results

• $4G Microdrive over simulated DSL speeds

• No perceivable difference – editing files– playing MP3

• local / remote music: same interface, no perf diff

37

Comparing with a local appliance

-2

0

2

4

6

8

10

12

14

Windows 2000Linux Redhat Linux kernel compile

LAN DSL NFS

cachednot

cached cachednot

cached

38

Replaces Labor with Technology

Manual labor � processor cycles� network bandwidth � storage

System admin� virtual machines� distributing VAPs over the network� portable storage as a network

accelerator

39

Conclusions

• Practical alternative to PC desktop model– Works with all x86 software– Runs on generic x86 PC connected to the

network

• Supports Windows, Linux, … Java machines simultaneously

• Up-to-date systems � better security• Easier-to-use software � more software