UW Operating Systems
  Systems Seminar

I will describe Google's software architecture which aims to harness the power of thousands of cheap Linux PCs and organize them into a scalable, reliable, high-performance computing system. Our approach is to use cheap hardware and to achieve all the fault- tolerance and reliability in software.

Anurag Acharya is a Principal Engineer at Google. In previous lives, he has been an undergrad at IIT Kharagpur, a graduate student at Carnegie Mellon, a postdoc at the University of Maryland and an Assistant Professor at the University of California, Santa Barbara. He came to Google for a visit couple of years ago. He found the natives friendly and fascinating, so he stayed.

Robustness has long been a central design goal of the Internet. While the Internet has proven robust to hardware failures, the Internet remains extremely vulnerable to more arbitrary failures where, through either error or malice, a node issues syntactically correct responses that are not semantically correct. Such failures, some as simple as misconfigured routing state, can seriously undermine the functioning of the Internet. With the Internet playing such a central role in the global telecommunications infrastructure, this level of vulnerability is no longer acceptable.

In this talk, I argue that to make the Internet more robust to these kinds of arbitrary failures, we need to change the way we design network protocols. To this end, I will discuss several past examples of widespread Internet failures, discussing what could have been done to prevent the problem from occurring in the first place. The unifying theme behind the examples is that we need to design protocols more defensively, expecting malicious attack, misimplementation, and misconfiguration at every turn.

Tom Anderson is a Professor of Computer Science and Engineering at the University of Washington. His research interests span almost every aspect of computer systems design, from high-performance computer and network switch architectures, to operating systems, distributed file systems, wide area distributed systems, and most recently computer networks.

POSTPONED due to faculty candidate talk

This talk will overview current work in the storage systems research group at Seagate Research. This is a new group formed last year with a charter to expand the intelligence of storage devices. We will outline the goals of our research, and discuss initial projects we have underway. One of the key enablers for additional device intelligence is a change in the interfaces for talking to storage. We will also outline one current industry proposal - object-based storage devices (OSD) - for greatly expanding the SCSI interface that has provided valiant service for the last 20 years.

Seagate Research is a young organization with an ambitious charter - to develop the storage technologies that will carry the company and the industry 5-10 years in the future. The lab has grown from two people in a rented office to 100 researchers in a brand-new building over the past four years. In addition to details about the systems efforts, the talk will very briefly mention ongoing projects in other parts of the lab and in the company.

Speaker Bios

Erik Riedel leads the Interfaces & Architecture Department at Seagate Research in Pittsburgh, Pennsylvania. The group focusses on novel storage systems with increased intelligence for optimized performance, automated management, and content-specific optimizations. A basic requirement for such systems is new interfaces to storage systems as the current ones are quite outdated.

Before joining Seagate Research, he was a researcher in the storage program at Hewlett-Packard Laboratories in Palo Alto, California working on networked and distributed storage and security for storage. He received a doctorate in Computer Engineering from Carnegie Mellon University working with David Nagle and Garth Gibson in the Parallel Data Lab (PDL) and Christos Faloutsos in the Center for Automated Learning and Discovery (CALD). His thesis work was on Active Disks as an extension to Network-Attached Secure Disks (NASD). Over the years he has spent time looking at I/O in a number of areas, including parallel apps, data mining, database, file systems, and scientific data processing.

Dave Anderson is Director of Strategic Planning for Seagate and has over 20 years experience in the computer field. His responsibilities include overall interface strategy for all disc interfaces.

Dave has been involved in the architecture and planning of Fibre Channel since its first proposal as a disc interface. He was also one of the principal architects of the disc XOR commands that are now a part of the standard SCSI interface specification and was the author and original editor of the Object based Storage Device (OSD) proposal being developed by SNIA for submission to the SCSI standards committee. Dave was one of the original nine elected members of the SNIA (Storage Networking Industry Association) Technical Council. He was also one of the founding members of the Serial Attached SCSI working group, which defined this new interface.

References

http://www.cs.cmu.edu/~riedel
http://www.seagate.com

We describe a new system, called guievict, that enables the graphical user interface (GUI) of any application to be transparently migrated to or replicated on another display without premeditative steps such as re-linking the application program binary or re-directing the application process's window system communication through a proxy. Guievict is based on a small X window server extension that enables an application to retrieve its window session, a transportable representation of its GUI, from the window server and a library of GUI migration functionality that is injected in the application process at run time. We discuss the underlying technical issues: controlling and synchronizing the communication between the application and the window system, identifying and retrieving the GUI resources that form the window session, regenerating the window session in a new window system, and maintaining application transparency. We have implemented guievict for the XFree86 implementation of the X window system. The GUI migration performance of guievict is measurably but not perceptibly worse than that of a proxy-based system.

This is joint work with Bart Miller.

POSTPONED due to faculty candidate talk

Wide area computing has served CPU-bound workloads very well. However, an important class of data-bound workloads has struggled to benefit from distributed computing, despite the ubiquity of capable commodity networking and storage hardware. This is due to the essential problems of autonomy and failure natural to wide-area systems. In this talk, we describe Hawk, a prototype Migratory File Service (MFS) designed to allow data-intensive applications to scale across the wide area. In contrast to a traditional file system, Hawk deals gracefully with CPU failure and data loss through its high-level knowledge of workload structures. It employs aggressive caching, replication, and I/O classification to reduce wide area traffic and minimize the impact of such inevitable failures. Through a case study of data-intensive applications, we demonstrate the benefits of Hawk over traditional approaches, achieving local-area performance across the wide area.

We present the design and implementation of PLACE, a gray-box library for controlling file layout on top of FFS-like file systems. PLACE exploits its knowledge of FFS layout policies to let users place files and directories into specific and localized portions of disk. Applications can use PLACE to collocate files that exhibit temporal locality of access, thus improving performance. Through a series of microbenchmarks, we analyze the overheads of controlling file layout on top of the file system, showing that the overheads are not prohibitive, and also discuss the limitations of our approach. Finally, we demonstrate the utility of PLACE through two case studies: we demonstrate the potential of file layout rearrangement in a web-server environment, and we build a benchmarking tool that exploits control over file placement to quickly extract low-level details from the disk system. In the traditional gray-box manner, the PLACE library achieves these ends entirely at user level, without changing a single line of operating system source code.

We propose a new approach for I/O scheduling that performs on-line simulation of the underlying disk. When simulation is integrated within a system, three key challenges must be addressed: first, the simulator must be portable across the full range of devices; second, all configuration must be automatic; third, the computation and memory overheads must be low. Our simulator, the Disk Mimic, achieves these goals by building a table-based model of the disk as it observes the times for previous requests. We show that a shortest-mimicked-time-first (SMTF) scheduler performs nearly as well as an approach with perfect knowledge of the underlying device and that it is superior to traditional scheduling algorithms such as C-LOOK and SSTF; our results hold as the seek and rotational characteristics of the disk are varied.

From all indications, assured OS security seems to be an impossible goal. In this talk, I'll promote a complementary approach to network security in which each individual device erects its own security perimeter and defends its own critical resources (e.g., network link or storage media). Together with conventional border defenses, such self-securing devices could provide a flexible infrastructure for dynamic prevention, detection, diagnosis, isolation, and repair of breaches in borders and device security perimeters. I'll overview the self-securing devices approach and the siege warfare analogy that inspired it. In addition to general challenges of designing and managing self-securing devices, I'll describe self-securing storage devices and self-securing NICs (network interface cards) as concrete examples.

Greg Ganger is a professor in the ECE department at Carnegie Mellon University. He has broad research interests in computer systems, including storage systems, security, and operating systems. Some current projects explore self-* storage, storage survivability, more expressive storage interfaces, MEMS-based storage, and of course self-securing devices. Greg is the Director of CMU's Parallel Data Lab, academia's premiere storage systems research center. His Ph.D. in Computer Science and Engineering is from The University of Michigan, and he spent 2.5 years as a postdoc at MIT working on the Exokernel project.

Despite many competitors, Ethernet became the dominant protocol for local area networking due to its simplicity, robustness, and efficiency in wide variety of conditions and technologies. Reflecting on the current frailty of much software, grid and otherwise, we propose that the Ethernet approach to resource sharing is an effective and reliable technique for combining coarse-grained software when failures are common and poorly detailed. This approach involves placing several simple but important responsibilities on client software to acquire shared resources conservatively, to back off during periods of failure, and to inform competing clients when resources are in contention. We present a simple scripting language that simplifies and encourages the Ethernet approach, and demonstrate its use in several grid computing scenarios, including job submission, disk allocation, and data replication. We conclude with a discussion of the limitations of this approach, and describe how it is uniquely suited to high-level programming.

This is a practice talk for HPDC-12. This is joint work with Miron Livny.