Context Navigation

Changes between Version 7 and Version 8 of VirtualBox

Timestamp:: May 14, 2009, 3:26:49 PM (16 years ago)
Author:: dgquintas
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

VirtualBox

-                      v7
+                      v8
 == "Logistic" advantages ==
+. One order of magnitude lighter, both its installation package (~35 MB) and its installed size (~60 MB). Compare with the 500+ MB of VMWare Server 2.0, that increase in some 150 extra MB when installed.
+. License. Its OSE (Open Source Edition) is published under the GPL v.2, but even the non-libre version – PUEL, [http://www.virtualbox.org/wiki/VirtualBox_PUEL Personal Use and Evaluation License] – could be used for our purposes, but that's something to be checked by someone who actually knows something about licensing, unlike myself.
+. Faster and "less painful" installation process, partly due to its lighter weight. No license number required, hence less hassle for the user.
+. One order of magnitude lighter, both its installation package (~35 MB) and
+ its installed size (~60 MB). Compare with the 500+ MB of VMWare Server 2.0,
+ that increase in some 150 extra MB when installed.
+. License. Its OSE (Open Source Edition) is published under the GPL v.2, but
+ even the non-libre version -PUEL,
+ [http://www.virtualbox.org/wiki/VirtualBox_PUEL Personal Use and Evaluation
+ License]- could be used for our purposes, but that's something to be checked
+ by someone who actually knows something about licensing, unlike myself.
+. Faster and "less painful" installation process, partly due to its lighter
+ weight. No license number required, hence less hassle for the user.
 == Technical points ==
+The interaction with the VM is made possible even from the command line, in particular from the single command `VBoxManage` (extensive doc available at http://download.virtualbox.org/virtualbox/2.1.4/UserManual.pdf). Of particular interest for us are the following VBoxManager's arguments:
+The interaction with the VM is made possible even from the command line, in
+particular from the single command `VBoxManage` (extensive doc available in
+[http://download.virtualbox.org/virtualbox/2.2.2/UserManual.pdf the manual]). Of
+particular interest for us are the following VBoxManager's arguments:
     - startvm
     - controlvm  pause|resume|reset|poweroff|savestate ...
 …
     - registervm
+All the functionalities exposed by this command are also available throughout a C++ COM/XPCOM based API, as well as Python bindings. More on this later.
+Following the capabilities enumeration introduced by Kevin, !VirtualBox would compare to his analysis based on VMWare Server as follows:
+All the functionalities exposed by this command are also available throughout
+a C++ COM/XPCOM based API, as well as Python bindings. However, the `VBoxManage`
+is already ported to several platforms and it's flexible enough as to be relied on
+to interact with !VirtualBox.
+Following the capabilities enumeration introduced by Kevin, !VirtualBox would
+compare to his analysis based on VMWare Server as follows:
 . Manage the Image.  Covered by the "`snapshot`" command
 …
 . Copy files host -> guest: '''Not''' directly supported by the !VirtualBox API.
  We'd need to resource to external solutions
  such as a properly configured SSH server on the Appliance.
+ such as the one detailed below based on [http://www.cs.wisc.edu/condor/chirp/ Chirp].
 . Run a program on the guest. Same as 3.
 . Pause and the guest. Covered by "`controlvm pause/resume`"
 …
-== Tackling the interaction with the appliance ==
-A straightforward solution could be the configure the appliance to have a running ssh server, setup for public-key authentication such that communication with the host system is seamless. Moreover, this approach is complementary to whatever interaction support there might already be, such as the one provided by VIX: shell access to the appliance could provide us with certain information that would be impossible or just inconvenient to get ahold otherwise. Anything having to do with the running environment (`ulimits`, environment variables, etc) come to mind.
 == Bindings ==
+Both VMWare Server and !VirtualBox make available C/C++ APIs, as well as Python, with different levels of support – in case of VMWare, it's an unsupported project.  !VirtualBox's API is based on COM/XPCOM, and it's possible to implement a unified windows/linux approach based on the former technology. The actual code implementing the VBoxManage command is a very good reference (http://www.virtualbox.org/browser/trunk/src/VBox/Frontends/VBoxManage). Therefore, implementing a "hypervisor abstraction layer" is in principle feasible, with a common win/linux codebase both for VIX and !VirtualBox API. I'll be providing code snippets towards this goal in the following days. Interestingly enough, a working wrapper prototype could be implemented without much effort by taking advantage of the aforementioned VBoxManage command. That of course is somewhat "hackish", but nevertheless a convenient tool to have.
+In case the direct usage of the `VBoxManage` command wouldn't be appropriate,
+it's possible to fallback to the low-level API.
+Both VMWare Server and !VirtualBox make available C/C++ APIs, as well as
+Python, with different levels of support -in case of VMWare, it's an
+unsupported project.  !VirtualBox's API is based on COM/XPCOM, and it's
+possible to implement a unified windows/linux approach based on the former
+technology. The actual code implementing the [http://www.virtualbox.org/browser/trunk/src/VBox/Frontends/VBoxManage VBoxManage]
+command is a very good reference.
+Therefore, implementing a "hypervisor abstraction layer" is in principle
+feasible, with a common win/linux codebase both for VIX and !VirtualBox API.
 == Interacting with the VM Appliance ==
+Another very nice feature of !VirtualBox is the possibility to interact with the running appliance through a Remote Desktop connection, which can be properly secured both in term of authentication and encrypted traffic (that is to say, these features are already supported by !VirtualBox).
+Another very nice feature of !VirtualBox is the possibility to interact with
+the running appliance through a Remote Desktop connection, which can be
+properly secured both in term of authentication and encrypted traffic (that is
+    to say, these features are already supported by !VirtualBox).
 == Conclusions ==
 !VirtualBox provides several appealing features, as powerful as those provided by VMWare at a lower cost – both in terms of inconveniences for the user and licensing. However, it lacks support for direct interacting with the guest appliance: there are no equivalents to VIX's `CopyFileFromGuestToHost`, `RunProgramInGuest`, etc. related to the seven points summarizing the requirements. This inconvenience can nevertheless be addressed as mentioned with certain additional benefits and no apparent drawbacks.
+== To-Do ==
  - Compare performance
  - Implement a working prototype based on the !VirtualBox API
  - ... such that it works with no of minimal code changes both in windows and linux
+ - Demonstrate it with a custom appliance implementing the ssh based communication mechanism
+!VirtualBox provides several appealing features, as powerful as those provided
+by VMWare at a lower cost -both in terms of inconveniences for the user and
+licensing. However, it lacks support for direct interacting with the guest
+appliance: there are no equivalents to VIX's `CopyFileFromGuestToHost`,
+  `RunProgramInGuest`, etc. related to the seven points summarizing the
+  requirements. This inconvenience can nevertheless be addressed as mentioned
+  with certain additional benefits and no apparent drawbacks.
 = Overcoming VirtualBox API Limitations =
 == Introduction ==
 In previous sections, two limitations of the API offered by VirtualBox
 where pointed out. Namely, the inability to directly support the
+In previous sections, two limitations of the API offered by !VirtualBox
+were pointed out. Namely, the inability to directly support the
 execution of command and file copying between the host and the guest.
 While relatively straightforward solutions exist, notably the usage of SSH,
 they raise issues of their own: the guest needs to (properly) configure this
+SSH server. For this to be effective, we obviously need the guest to
+be accessible "from the outside world". This is not always the case, most
+notably if the guest's networking is based on NAT, as it usually -and
+conveniently- is.
+SSH server.
 Thus, the requirements for a satisfactory solution would include:
   * Minimal or no configuration required on the guest side.
   * No assumptions on the network reachability of the guest. That is to say,
     guest should always act as a client.
+  * No assumptions on the network reachability of the guest. Ideally,
+    guests should be isolated from "the outside world" as much as possible.
 Additional features to keep in mind:
 …
   * File transfer from the guest to the host
-The main reason for differentiating between the last two points has to do
-with the no-servers-at-the-guest-side restriction. The file transfer mechanism will not
-be "symmetric".
 The following diagram depicts a bird's eye view of the system's architecture:
+  [[Image(arch.png)]]
+  [[Image(STOMPArchV2.png)]]
+  === Network Setup ===
+  In the previous diagram, it was implied that both host and guests were
+  already connected to a common broker. This is clearly not the case upon startup. Both the
+  host and the guests need to share some knowledge about the broker's location, if it's going
+  to be running on an independent machine. Otherwise, it can be assumed that it listens on the
+  host's IP. Moreover, this can always be assumed if an appropriate port forwarding mechanism
+  is put in place in the host in order to route the connections to the broker.
+  The recent release of the 2.2 series of !VirtualBox is a very convenient one: the newly introduced
+  host-only networking feature fits our needs like a glove. From
+  [http://download.virtualbox.org/virtualbox/2.2.2/UserManual.pdf the manual] (section 6.7):
+    Host-only networking is another networking mode that was added with version 2.2
+    of !VirtualBox. It can be thought of as a hybrid between the bridged and internal
+    networking modes: like with bridged networking, the virtual machines can talk to
+    each other and the host as if they were connected through a physical ethernet switch.
+    Like with internal networking however, a physical networking interface need not be
+    present, and the virtual machines cannot talk to the world outside the host since they
+    are not connected to a physical networking interface.
+    Instead, when host-only networking is used, !VirtualBox creates a new software interface
+    on the host which then appears next to your existing network interfaces. In
+    other words, whereas with bridged networking an existing physical interface is used
+    to attach virtual machines to, with host-only networking a new “loopback” interface
+    is created on the host. And whereas with internal networking, the traffic between the
+    virtual machines cannot be seen, the traffic on the “loopback” interface on the host
+    can be intercepted.
+  That is to say, we have our own virtual "ethernet network". On top of that, !VirtualBox
+  provides an easily configurable DHCP server that makes it possible to set a fixed IP for the
+  host while retaining a flexible pool of IPs for the VMs.
+  Thanks to this feature, there is no exposure at all: not only do the used IPs belong to a private
+  intranet IP range, but the interface itself is purely virtual.
 …
   (arbitrary number of) guests need to know how many of the latter conform the system:
   new guest instances need only subscribe to these "broadcasted" messages on their own
   to become part of the overall system. This contributes to the '''scalability''' of the system.
+  to become part of the overall system. This contributes to the ''scalability'' of the system.
   === File Transfers ===
+  This is a trickier feature: transfers must be bidirectional, yet the guests can only
+  act as clients, with -a priori- no knowledge of the hosts' location (remember that the
+  only link between host and guest(s) is the broker).
+  The proposed solution consists of a simple HTTP server on the host side. The reasons
+  to consider HTTP are twofold:
+  * Bypassing firewalls. Even if this wouldn't usually be an issue -host and guests running
+    on the same machine-, HTTP is the less likely protocol to be filtered out by firewalls.
+  * Simplicity. It's possible to implement -or reuse- such a server with a small footprint.
+    Likewise for the guests' client side.
+  The only requirement on this HTTP server is that is must accept PUT requests, in order
+  for the guests to upload files.
+  To enable the guests to access this HTTP server, its host and port must be handed to them.
+  This is accomplished, how else, by message passing: because host and guests are all subscribed
+  to a common broker on a common topic, such information can be published (ie, broadcasted) in
+  a way very much similar to the one described in the previous point for commands. Once guests
+  have taken notice of the file host (which does '''not''' have to be the same as the BOINC host),
+  file transmission is handled in the same message-oriented way, once the guests
+  are aware of the file host details.
+  === The Devil in the Details ===
+  In the previous argumentations, it was implied that both host and guests were
+  already connected to a common broker. This is clearly not the case upon startup.
+  Elaborate mechanism might include the use of [http://www.zeroconf.org/ Zeroconf] methods
+  such as [http://avahi.org/ avahi] or
+  [http://bonjour.macosforge.org/ bonjour], but in principle and for the
+  time being, it can be assumed that the broker
+  will be accesible to the guest on the IP acting as its default gateway. In the common case
+  of a NAT setup for the guests, this IP is configurable at the hypervisor level, corresponding
+  to the BOINC host machine. Even if we wanted to balance the load, placing the broker somewhere
+  else, an adequate port forwarding mechanism could be setup at the BOINC host side.
+  As a particularity of VirtualBox NAT system, there is no out-of-the-box connectivity between
+  the hypervisor host and the VM (for details, see the VirtualBox Manual, section 6.4).
+  Fortunately, VirtualBox includes a port forwarding mechanism that makes it possible to map
+  ports on the VM to the hypervisor's host, circumventing this problem.
+  On the other hand, there should be no need to forward any port from the VM, as it's
+  supposed to perform only client-side operations.
+  On the other hand, if other -unrelated- services, such as the CernVM's web-based administration
+  mechanism, need be accessed, it's convenient to keep in mind this feature. Details are available
+  at the aforementioned VirtualBox Manual, section 6.4.1.
+  This is a trickier feature: transfers must be bidirectional, yet we want to avoid any kind
+  of exposure or (complex) configuration.
+  The proposed solution takes advantage of the [http://www.cse.nd.edu/~ccl/software/chirp/ Chirp protocol and set of tools].
+  This way, we don't even require privileges to launch the server instances. Because
+  the file sharing must remain private, the chirp server is run on the guests. The host agent
+  would act as a client that'd send or retrieve files. We spare ourselves from all the
+  gory details involved in the actual management of the transferences, delegating the job
+  to chirp (which deals with it brilliantly, by the way).
+  The only bit missing in this argumentation is that the host needs to be aware of the guests'
+  IP addresses in order to communicate with these chirp servers. This is a no-issue, as the
+  custom STOMP-based protocol implemented makes it possible for the guests to "shout out" their
+  details so that the host can keep track of every single one of them.
 …
 == Implementation ==
 [http://cernvm.cern.ch/cernvm/ CernVM] has been taken as the base guest system.
+In order to run the developed prototype, the
+following packages need to be installed (by running conary update <package>):
+  - subversion
+  - gcc
+The following python projects (in the following order)
+  have to be downloaded and installed using the provided setup.py:
+  - Zope interfaces (http://www.zope.org/Products/ZopeInterface)
+  - twisted (http://twistedmatrix.com)
+  - stomper (subversion repository @ http://stomper.googlecode.com/svn )
+'''Note''': if more than one CernVM instance is to be run on the same
+hypervisor, the UUID of the virtual machine's harddisk image has to be
+changed: at least in the !VirtualBox case, no two disk images (globally) can
+have the same UUID. Luckily this can be quickfixed, taking into account we
+are looking for the following pattern:
+{{{
+dgquintas@portaca:$ grep -n -a -m 1 "uuid.image" cernvm-1.2.0-x86.vmdk
+:ddb.uuid.image="ef98873f-7954-4ed8-919a-aae7fb7443a8"
+}}}
+Notice the -m 1 flag, to avoid going through the many megabytes the file is
+worth. In place modifications of this UUID can be trivially performed in-place
+by using, for instance, sed.
 This prototype has been implemented in Python, given its cross-platform nature and the suitability
 …
   === Unique Identification of Guests ===
+  The preferred way to identify guests is based on [http://tools.ietf.org/html/rfc4122 UUID].
+  Python includes a uuid module since version 2.5. Unfortunately, CernVM ships with version 2.4,
+  so the uuid.py file define this module had beed to include "by hand".
+  The preferred way to identify guests is based simply on their IP.
   === Tailor-made STOMP Messages ===
+  For command execution:
+  The whole custom made protocol syntax is encapsulated in the
+  classes of the "words" package. Each of these words correspond
+  to this protocol's commands, which are always encoded as
+  the first single word of the exchanged STOMP messages.
+  It is the !MsgInterpreter class responsability to "interpret"
+  the incoming STOMP messages and hence route them towards
+  the appropriate "word" in order to perform the corresponding
+  action.
+  The "words" considered so far are:
+    CMD_RUN::
+      Requested by the host agent in order for
+      VMs to run a given command.
+{{{
+HEADERS:
+  to: a vm
+  cmd-id: unique request id
+  cmd: cmd to run
+  args: args to pass cmd
+  env: mapping defining exec env
+  path: path to run the cmd in
+}}}
+{{{
+BODY:
+  CMD_RUN
+}}}
+    CMD_RESULT::
+      Encapsulates the result of a command execution. It's
+      sent out by a VM upon a completed execution.
 {{{
     HEADERS:
+      cmd: cmd-to-execute
+      stdout: stdout-file
+      stderr: stderr-file
+      [shell: shell-to-use] (def: /bin/sh)
+      cwd: cwd-to-use
+      env: mapping-defining-exec-env
+      cmd-id: the execution unique id this msg replies to
 }}}
 {{{
     BODY:
+      VM-RUN-CMD
+}}}
+  For file transfers:
+    The negotiation for the direct connection between the file host and the guest(s) takes
+    place using the following message:
+    Once the guests have this information, the following message format deals with the actual
+    file transfer requests:
+{{{
+    HEADERS:
+      host: file-host-address
+      port: file-host-port
+      path: path-to-files
+      files: list-of-files
+}}}
+{{{
+    BODY:
+      UP[-TO-HOST] | DOWN[-TO-HOST]
+}}}
+(TODO: actually provide the code plus instructions to setup and operate the prototype)
+      CMD_RESULTS <json-ed dict. of results>
+}}}
+      This word requires a bit more explanation.
+      Its body encodes the command execution results as
+      a dictionary with the following keys:
+{{{
+  results:
+    {
+      'cmd-id': same as in the word headers
+      'out': stdout of the command
+      'err': stderr of the command
+      'finished': boolean. Did the command finish or was it signaled?
+      'exitCodeOrSignal': if finished, its exit code. Else, the
+      interrupting signal
+      'resources': dictionary of used resources as reported by Python's resource module
+    }
+}}}
+      This dictionary is encoded using JSON, for greater interoperability.
+    HELLO (resp. BYE)::
+      Sent out by a VM upon connection (resp. disconnection).
+{{{
+  HEADERS:
+    ip: the VM's unique IP.
+}}}
+{{{
+  BODY:
+    HELLO (resp. BYE)
+}}}
+    AINT::
+      Failback when the parsed word doesn't correspond to any of
+      the above. The rationale behind this word's name follows the
+      relatively known phrase "Ain't ain't a word".
+== API Accesibility ==
+The host agent functionalities are made accesible through a XML-RPC
+based API. This choice aims to provide a simple yet fully functional,
+standard and multiplatform mechanism of communication between this
+agent and the outside world, namely the BOINC wrapper.
+== Dependencies ==
+This section enumerates the external packages (ie, not included in the
+standard python distribution) used. The version used during development
+is given in parenthesis.
+  * [http://pypi.python.org/pypi/netifaces/0.5 Netifaces] (0.5)
+  * [http://code.google.com/p/stomper/ Stomper] (0.2.2)
+  * [http://twistedmatrix.com/ Twisted] (8.2.0), which indirectly requires
+     [http://www.zope.org/Products/ZopeInterface Zope Interfaces] (3.5.1)
+  * [http://code.google.com/p/simplejson/ simplejson] (2.0.9). Note that this
+    package has been included as part of the standard library as "json" in Python 2.6.
+== Miscelaneous Features ==
+  * Multiplatform: it runs wherever a python runtime is available. All
+  the described dependencies are likewise portable.
+  * Fully asynchronous. Thanks to the usage of the Twisted framework, the
+  whole system developed is seamlessly multithreaded, even though no
+  threads are used (in the developed code at least). Instead, all the
+  operations rely on the asynchronous nature of the Twisted mechanism,
+  about which details are given
+  [http://twistedmatrix.com/projects/core/documentation/howto/async.html here].
+== Prototype ==
+The current source code can be browsed as a
+[http://bitbucket.org/dgquintas/boincvm/ mercurial repository], or downloaded from that same webpage.
+=== Structure ===
+[[Image(classDiagram.png)]]
 == Conclusions ==
-(TODO)
 Note that the described approach is equally valid for any hypervisor, rendering
 …
+== Alternatives ==
+XMPP?
+== TO-DO ==
+  * Implement a "beacon" based mechanism in order to keep track of available VMs
+  * Unify the hypervisor of choice's API and the custom made API under a single
+    XML-RPC (or equivalent) accessible entry point for the BOINC wrapper to
+    completely operate with the wrapped VM-based computations.