This thesis was written for the Helsinki Institute of Physics Technology Program at Cern in Switzerland. Server-based computing (SBC) is an architecture in which all applications are installed, managed and executed on the server .
In this chapter we take a look at the Netgate 2 project and the research problem of this thesis. The study was conducted at the Helsinki Institute of Physics (HIP) technology program premises at CERN.
CERN Library Use-case
- ICA - Independent Computing Architecture
- RDP - Remote Desktop Protocol
- VNC - Virtual Network Computing
- X Window System
- NX - New X
You can extend the life cycle of an old and outdated PC by using it as a thin client. The user experience can also be improved by running some client-side programs.
Linux Terminal Server Project - LTSP
Java code is compiled against the Java environment and runs on top of the Java Virtual Machine. To be more precise, we concentrate on platform virtualization: techniques that allow multiple operating systems to run on top of one set of hardware.
The architecture used with paravirtualization was originally developed by IBM and used in the VM operating system 1. VIRTUALIZATION AND SYSTEM MANAGEMENT 18 There are many different implementations of the paravirtualization technique, but the main idea remains the same. Paravirtualization provides the guest operating system with a hardware abstraction that is similar to, but not an exact replica of, the underlying hardware.
These modifications reduce the complexity of the virtual machine monitor and improve its performance. A problem with paravirtualization is that the owners of proprietary operating systems may not be willing to change their operating systems. This complicates the choice of the OS flavor and makes the other virtualization methods more viable .
Some OS instructions need to be modified to allow the virtual machine to operate at the lower privilege level .
Both Intel and AMD versions of hardware support try to solve the problems of the x86 architecture, described above, by adding a separate mode for the guest operating system. In this mode, the guest operating system is able to run at the ring level 0 and execute privileged commands in a normal way [47, 53].
KVM - Kernel Virtual Machine
The Linux kernel turns into a virtual machine monitor by adding the KVM module. This means that KVM uses the scheduling and memory management features of the heavily developed Linux kernel. The KVM module enables near-hardware speed virtualization of the processor and virtualization of memory within the kernel.
Two major drawbacks to this otherwise simple and powerful virtualization technique are the emulation of user-space I/O devices and the need for dedicated hardware.
A segment on a node means that the owner of the segment has an active virtual machine running on that node. They are created via Planetlab's central server, leaving final control in the hands of the Planetlab administration . The centralized control also means that management actions are initiated by the central server.
VIRTUALIZATION AND SYSTEM MANAGEMENT 24 munity provides some tools for managing software on the disks 10. The code for the MyPLC code is freely available, allowing people to make their own versions of the Planetlab software .
For example, virtualized services can be easily moved to different locations and started on top of the abstraction provided by virtualization. These machines are then supplemented with virtual machines that contain the actual services such as web-server, print server, etc. All software can be found in Ubuntu Edgy and subsequent distributions, which means that all components used are open source.
Each leaf directory has special files, such as Packages.gz and Sources.gz, depending on the contents of the directory. The repository can be on local media, such as CD-ROM and DVD, or on a separate file server that can be accessed using familiar protocols such as FTP and HTTP. APT and Aptitude can be configured to use multiple repositories with the source.list configuration file.
The metadata from these files is then used to build the package database on the client. If the package exists in the database, the actual package is fetched from the repository and installed.
- Client Installation Media
- Image Server
- Configuration Server
- Package Manager
A version of the preset file, which is used in the NETGATE-2 project, can be found in Appendix A. The repository contains both actual packages and package metadata in a default tree directory structure. The repository public key, used to verify packages, is obtained during the basic installation due to the configurations in the preset file.
Installation using Debian packages automatically mounts the necessary files to the client machine's file system. When you install the image, all the files in it are placed on the root of the target machine according to the predefined tree structure. The package manager retrieves package lists from the configuration server and updates the machine's software accordingly.
Operation of the System
For example, if a software package that was on the previous list is not on the current list, it is removed from the machine. The listings also include some additional packages that contain virtual machines destined for the machine. Installing these packages causes the client server to start new virtual machines and removing these packages causes the virtual machines to shut down and remove all related files.
CERN Library Pilot
One of the old desktop computers was chosen as the server for the library's sbc environment. One to handle thin clients and one to provide desktop and thin client applications. To be able to deploy thin clients more freely, the clients connected to the server using wireless bridges.
Wireless bridges make the installation of cables easier as there is now a need for a cable network between the server and clients. The thin clients and the server are in the same local area network as if they were connected by a wire. Having wireless connections between the server and client also introduces security issues that are now handled with SSH encryption.
Distribution of Services
You can use physical partitions, logical volume manager (LVM) volumes, network file systems, or file-backed disks such as loopback devices. In our solution, we decided to use loopback devices, as they can be fully provisioned on the server side and easily configured on the client side. In our tests, we've seen that application-level loopback disk images perform as well or better than actual physical disks.
The environment had two almost identical virtual machines, except that one had its FS on a physical partition and the other on a loopback device image. The small files were similar in all tests and consisted of 3890 files with an average size of 7.9 kB. Large files were different in the two cases, 1GB file was used in the scp tests and 500MB in the local tests.
Security and Reliability
During the traffic recording time, the thin client was used to browse the Internet and write a small document. As can be seen, the amount of traffic that one thin client produces is significant, even when idle. The Xen project provides a multitude of tools for managing virtual machines and pools of servers.
The tools provided by the Xen project can be better reused in future development, and recent activity in the project promises more improvements in the future. Xen also has support for hardware virtualization and thus can run non-Linux operating systems such as Windows. Since all the services needed in this project can be found in Linux distributions, we don't need hardware virtualization support.
Distributing Virtualized SBC
All these can be turned into a virtual machine and serve as a module for the customers. However, these can be prepared well in advance, so that the actual installation and configuration effort on site remains minimal.
CERN Library Use-case
Part of office performance is the time it takes to set up additional software needed to perform basic office tasks. The latter part runs in the background, so the workstation can be used, but the background installation takes up most of the performance. In the case of SBC, the time required to install the first terminal comes from the hardware installation of both the server and the thin client and the installation of the server virtualization platform with two virtual machines.
The thin client itself does not require any additional installation other than hardware deployment. The difference in the initial setup time of these two systems is not so crucial since several Windows terminals can be installed in parallel. Some installations such as security patches can be automated, but sometimes full reinstalls may need to be done.
Here is a brief description of how to configure various parts of the remote management system. Keys will be generated in the user's home folder unless set otherwise. They are found inside bootingtools.tar.gz, which can be found from the root of the repository and inside the dom0config package.
After you have all the files in place, the creation of the Debian package is done with the following command. The modules must contain at least the musthave file, which defines the packages of the client machine. These bridges give more freedom to the placement of the thin clients and remove the need for a network infrastructure.
The personal settings of this account are used to initialize the home folders of the guest accounts used by the thin clients. 4] Environmental comparison of the relevance of desktop and thin client computing equipment to the climate, 2008.
Thin client and server roles
Simple X window system architecture
NX architecture (Courtesy of )
Traditional virtualization architecture
Xen hypervisor architecture (Courtesy of )
Kernel Virtual Machine architecture (Courtesy of )
Node management interface with the overall picture of node dis-
Distribution system overview
Virtualized SBC environment
Workflow of the system
CERN library pilot
Network traffic between the thin client and the server in Bytes/sec-
Thin client used in CERN library (Courtesy of Gadget Computer) 46
The network of thin client system