ZeroVM: Difference between revisions
No edit summary |
No edit summary |
||
| Line 16: | Line 16: | ||
'''ZeroVM''' is an [[open source]] light-weight virtualization and sandboxing technology. It virtualizes a single process using the [[Google Native Client]] platform. Since only a single process is virtualized (instead of a full operating system), the startup overhead is in the order of 5 ms. |
'''ZeroVM''' is an [[open source]] light-weight virtualization and sandboxing technology. It virtualizes a single process using the [[Google Native Client]] platform. Since only a single process is virtualized (instead of a full operating system), the startup overhead is in the order of 5 ms. |
||
| ⚫ | |||
| ⚫ | ZeroVM creates a sandbox around a single process, the sandbox is based on [[Google Native Client]] (NaCl). The programs executed in ZeroVM must first be cross-compiled to the NaCl platform. ZeroVM can only execute NaCl code compiled for the [[x86-64]] platform, not the [[portable Native Client]] (PNaCl) format. |
||
| ⚫ | Programs executed in ZeroVM cannot call normal [[system calls]] and can initially not interact with the host environment. All communication with the outside world takes place over ''channels'', which must be declared before the program starts. Outside the sandbox, a channel can be connected to a local file, to a TCP socket, a [[OpenStack#Object_Storage_.28Swift.29|Swift]] object.<ref>{{cite web |
||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | It does this by replacing parts of the [[C standard library]]. In particular, ZRT replaces [[C file input/output]] functions such as <code>fopen</code> and <code>opendir</code> with versions that operate on an in-memory filesystem. The root filesystem is provided as a tarball. This allows a program to "see" a normal Unix environment. |
||
| ⚫ | The ZRT also replaces [[C date and time functions]] such as <code>time</code> to give program a fixed and ''deterministic'' environment. With fixed inputs, every execution is guaranteed to give the same result. Even non-[[Functional programming|functional]] programs become deterministic in this restricted environment.<ref>{{cite web |
||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
== History == |
== History == |
||
| Line 60: | Line 94: | ||
| date=19 April 2013 |
| date=19 April 2013 |
||
}}</ref> |
}}</ref> |
||
| ⚫ | |||
| ⚫ | ZeroVM creates a sandbox around a single process, the sandbox is based on [[Google Native Client]] (NaCl). The programs executed in ZeroVM must first be cross-compiled to the NaCl platform. ZeroVM can only execute NaCl code compiled for the [[x86-64]] platform, not the [[portable Native Client]] (PNaCl) format. |
||
| ⚫ | Programs executed in ZeroVM cannot call normal [[system calls]] and can initially not interact with the host environment. All communication with the outside world takes place over ''channels'', which must be declared before the program starts. Outside the sandbox, a channel can be connected to a local file, to a TCP socket, a [[OpenStack#Object_Storage_.28Swift.29|Swift]] object.<ref>{{cite web |
||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | It does this by replacing parts of the [[C standard library]]. In particular, ZRT replaces [[C file input/output]] functions such as <code>fopen</code> and <code>opendir</code> with versions that operate on an in-memory filesystem. The root filesystem is provided as a tarball. This allows a program to "see" a normal Unix environment. |
||
| ⚫ | The ZRT also replaces [[C date and time functions]] such as <code>time</code> to give program a fixed and ''deterministic'' environment. With fixed inputs, every execution is guaranteed to give the same result. Even non-[[Functional programming|functional]] programs become deterministic in this restricted environment.<ref>{{cite web |
||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
== See also == |
== See also == |
||
Revision as of 08:41, 14 April 2014
| Original author(s) | Camuel Gilyadov and Constantine Peresypkin |
|---|---|
| Developer(s) | Rackspace |
| Preview release | 0.9.4
/ November 26, 2013 |
| Repository | |
| Written in | C |
| Operating system | Linux |
| Platform | x86-64 |
| Type | Paravirtualization |
| License | Apache License 2.0 |
| Website | zerovm |
ZeroVM is an open source light-weight virtualization and sandboxing technology. It virtualizes a single process using the Google Native Client platform. Since only a single process is virtualized (instead of a full operating system), the startup overhead is in the order of 5 ms.
Sandboxing
ZeroVM creates a sandbox around a single process, the sandbox is based on Google Native Client (NaCl). The programs executed in ZeroVM must first be cross-compiled to the NaCl platform. ZeroVM can only execute NaCl code compiled for the x86-64 platform, not the portable Native Client (PNaCl) format.
Programs executed in ZeroVM cannot call normal system calls and can initially not interact with the host environment. All communication with the outside world takes place over channels, which must be declared before the program starts. Outside the sandbox, a channel can be connected to a local file, to a TCP socket, a Swift object.[1] Inside the sandbox, the program sees the channel as a file descriptor. The sandboxed program can read/write data from/to the channel, but does not know where the channel is connected in the host.
Programs compiled for ZeroVM can optionally use the ZeroVM Runtime library called ZRT. This library aims to provide the program with a POSIX environment.[2]
It does this by replacing parts of the C standard library. In particular, ZRT replaces C file input/output functions such as fopen and opendir with versions that operate on an in-memory filesystem. The root filesystem is provided as a tarball. This allows a program to "see" a normal Unix environment.
The ZRT also replaces C date and time functions such as time to give program a fixed and deterministic environment. With fixed inputs, every execution is guaranteed to give the same result. Even non-functional programs become deterministic in this restricted environment.[3]
This makes programs easier to debug since their behavior is fixed.
Integration with Swift
ZeroVM has been integrated with Swift, the distributed object storage component of OpenStack.[4] When the ZeroCloud middleware is installed into Swift, a client can make a request to Swift containing a ZeroVM program. The program is then executed directly on the storage nodes. This means that the program has direct access to the data.
History
ZeroVM was developed by LiteStack, an Israeli startup, which was later bought by Rackspace.[5] [6] [7] ZeroVM participated in Techstars Cloud 2013 incubator program and got $500,000 in seed funding.[8] [9]
See also
External links
References
- ^ "ZeroVM Channels". Retrieved 14 April 2014.
- ^ "ZRT Readme". Retrieved 14 April 2014.
- ^ "ZeroVM Architecture". Retrieved 14 April 2014.
- ^ "ZeroCloud". Retrieved 14 April 2014.
- ^ Lindberg, Van. "ZeroVM: Smaller, Lighter, Faster". Rackspace Blog. Retrieved 14 April 2014.
- ^ Shamah, David (October 24, 2013). "Rackspace picks up ZeroVM's 'built-for-cloud' hypervisor". Retrieved 14 April 2014.
- ^ Clark, Jack (25 October 2013). "Rackspace goes to Israel, picks up slick new weapon for cloud wars". The Register. Retrieved 14 April 2014.
- ^ Idan, Henn (3 November 2013). "Israeli ZeroVM acquired by RackSpace". Geektime. Retrieved 14 April 2014.
- ^ Lorek, Laura (19 April 2013). "ZeroVM Creates Software for Cloud Computing". Silicon Hills News. Retrieved 14 April 2014.