instant os updates via userspace checkpoint and restart
play

Instant OS Updates via Userspace Checkpoint-and-Restart Sanidhya - PowerPoint PPT Presentation

Mar 29, 2023 •269 likes •1.08k views

Instant OS Updates via Userspace Checkpoint-and-Restart Sanidhya Kashyap , Changwoo Min, Byoungyoung Lee, Taesoo Kim, Pavel Emelyanov OS updates are prevalent And OS updates are unavoidable Prevent known, state-of-the-art attacks

  1. Instant OS Updates via Userspace Checkpoint-and-Restart Sanidhya Kashyap , Changwoo Min, Byoungyoung Lee, Taesoo Kim, Pavel Emelyanov

  2. OS updates are prevalent

  3. And OS updates are unavoidable ● Prevent known, state-of-the-art attacks – Security patches ● Adopt new features – New I/O scheduler features ● Improve performance – Performance patches

  5. Unfortunately, system updates come at a cost ● Unavoidable downtime ● Potential risk of system failure

  6. Unfortunately, system updates come at a cost ● Unavoidable downtime ● Potential risk of system failure $109k per minute Hidden costs (losing customers)

  7. Example: memcached ● Facebook's memcached servers incur a downtime of 2-3 hours per machine – Warming cache (e.g., 120 GB) over the network

  8. Example: memcached ● Facebook's memcached servers incur a downtime of 2-3 hours per machine – Warming cache (e.g., 120 GB) over the network Our approach updates OS in 3 secs for 32GB of data from v3.18 to v3.19 for Ubuntu / Fedora releases

  9. Existing practices for OS updates ● Dynamic Kernel Patching (e.g., kpatch, ksplice) – Problem: only support minor patches ● Rolling Update (e.g., Google, Facebook, etc) – Problem: inevitable downtime and requires careful planning

  10. Existing practices for OS updates ● Dynamic Kernel Patching (e.g., kpatch, ksplice) Losing application state is inevitable – Problem: only support minor patches → Restoring memcached takes 2-3 hours ● Rolling Update (e.g., Google, Facebook, etc) – Problem: inevitable downtime and requires careful planning

  11. Existing practices for OS updates ● Dynamic Kernel Patching (e.g., kpatch, ksplice) Losing application state is inevitable – Problem: only support minor patches → Restoring memcached takes 2-3 hours ● Rolling Update (e.g., Google, Facebook, etc) Goals of this work: – Problem: inevitable downtime and requires ● Support all types of patches careful planning ● Least downtime to update new OS ● No kernel source modifjcation

  12. Problems of typical OS update Memcached OS OS OS OS Stop service

  13. Problems of typical OS update Memcached OS OS OS OS Stop service Soft reboot New OS

  14. Problems of typical OS update Memcached OS OS OS OS Stop service Soft reboot Start service Memcached New OS New OS

  15. Problems of typical OS update 2-3 hours of downtime Memcached OS OS OS OS Stop service Soft reboot Start service Memcached New OS New OS

  16. Problems of typical OS update 2-3 hours of downtime Memcached OS OS OS OS Stop service 2-10 minutes of downtime Soft reboot Start service Memcached New OS New OS

  17. Problems of typical OS update 2-3 hours of downtime Memcached OS OS OS OS Stop service 2-10 minutes of downtime Soft reboot Start service Memcached Is it possible to keep the New OS New OS application state?

  18. KUP: Kernel update with application OS updates loose application states checkpoint-and-restore (C/R) Memcached OS OS OS OS Stop service Soft reboot Start service Memcached New OS New OS

  19. KUP: Kernel update with application OS updates loose application states checkpoint-and-restore (C/R) Memcached Memcached OS OS OS OS Stop service Checkpoint Soft reboot Start service Memcached New OS New OS

  20. KUP: Kernel update with application OS updates loose application states checkpoint-and-restore (C/R) Memcached Memcached OS OS OS OS Stop service Checkpoint In-kernel Soft reboot switch Start service Memcached Memcahed New OS New OS

  21. KUP: Kernel update with application OS updates loose application states checkpoint-and-restore (C/R) Memcached Memcached OS OS OS OS Stop service Checkpoint In-kernel Soft reboot switch Start service Restore Memcached Memcahed New OS New OS

  22. KUP: Kernel update with application OS updates loose application states checkpoint-and-restore (C/R) KUP's life cycle Stop service Checkpoint In-kernel switch Start service Restore

  23. KUP: Kernel update with application OS updates loose application states checkpoint-and-restore (C/R) KUP's life cycle Stop service Checkpoint In-kernel 1-10 minutes of downtime switch Start service Restore

  24. KUP: Kernel update with application OS updates loose application states checkpoint-and-restore (C/R) KUP's life cycle Stop service Checkpoint In-kernel 1-10 minutes of downtime switch Start service Restore Challenge: how to further decrease New OS New OS the potential downtime?

  25. Techniques to decrease the downtime 1) Incremental checkpoint Checkpoint In-kernel switch Restore

  26. Techniques to decrease the downtime 1) Incremental checkpoint Checkpoint In-kernel switch Restore 2) On-demand restore

  27. Techniques to decrease the downtime 1) Incremental checkpoint Checkpoint 3) FOAM: a snapshot abstraction In-kernel switch Restore 2) On-demand restore

  28. Techniques to decrease the downtime 1) Incremental checkpoint Checkpoint 3) FOAM: a 4) PPP: reuse memory without an explicit dump snapshot abstraction In-kernel switch Restore 2) On-demand restore

  29. Techniques to decrease the downtime 1) Incremental checkpoint Checkpoint 3) FOAM: a 4) PPP: reuse memory without an explicit dump snapshot abstraction In-kernel switch Restore 2) On-demand restore

  30. Incremental checkpoint ● Reduces downtime (up to 83.5%) ● Problem : Multiple snapshots increase the restore time Naive S 1 S i Snapshot instance → checkpoint downtime Timeline

  31. Incremental checkpoint ● Reduces downtime (up to 83.5%) ● Problem : Multiple snapshots increase the restore time Naive S 1 S i Snapshot instance → checkpoint downtime Timeline Incremental S 1 checkpoint

  32. Incremental checkpoint ● Reduces downtime (up to 83.5%) ● Problem : Multiple snapshots increase the restore time Naive S 1 S i Snapshot instance → checkpoint downtime Timeline Incremental S 2 S 1 checkpoint

  33. Incremental checkpoint ● Reduces downtime (up to 83.5%) ● Problem : Multiple snapshots increase the restore time Naive S 1 S i Snapshot instance → checkpoint downtime Timeline Incremental S 2 S 3 S 1 checkpoint

  34. Incremental checkpoint ● Reduces downtime (up to 83.5%) ● Problem : Multiple snapshots increase the restore time Naive S 1 S i Snapshot instance → checkpoint downtime Timeline Incremental S 4 S 2 S 3 S 1 checkpoint downtime

  35. On-demand restore ● Rebind the memory once the application accesses it – Only map the memory region with snapshot and restart the application ● Decreases the downtime (up to 99.6%) ● Problem : Incompatible with incremental checkpoint

  36. Problem : both techniques together result in ineffjcient application C/R ● During restore, need to map each pages individually – Individual lookups to fjnd the relevant pages – Individual page mapping to enable on-demand restore An application has 4 pages as ● S 1 S 1 its working set size 1 2 3 4 Incremental checkpoint has 2 ● iterations – 1 st iteration all 4 pages (1, 2, 3, 4) are dumped → – 2 nd iteration 2 pages (2, 4) are dirtied → ● Increases the restoration downtime (42.5%)

  37. Problem : both techniques together result in ineffjcient application C/R ● During restore, need to map each pages individually – Individual lookups to fjnd the relevant pages – Individual page mapping to enable on-demand restore An application has 4 pages as ● S 2 S 1 S 1 its working set size 2 4 1 3 Incremental checkpoint has 2 ● iterations – 1 st iteration all 4 pages (1, 2, 3, 4) are dumped → – 2 nd iteration 2 pages (2, 4) are dirtied → ● Increases the restoration downtime (42.5%)

  38. New abstraction : fjle-ofgset based address mapping (FOAM) ● Flat address space representation for the snapshot – One-to-one mapping between the address space and the snapshot – No explicit lookups for the pages across the snapshots – A few map operations to map the entire snapshot with address space ● Use sparse fjle representation – Rely on the concept of holes supported by modern fjle systems ● Simplifjes incremental checkpoint and on-demand restore

  39. Techniques to decrease the downtime 1) Incremental checkpoint Checkpoint 3) FOAM: a 4) PPP: reuse memory without an explicit dump snapshot abstraction In-kernel switch Restore 2) On-demand restore

  40. Redundant data copy ● Application C/R copies data back and forth ● Not a good fjt for applications with huge memory Memcached OS RAM 1 2 3 4 In-kernel Running Running Checkpoint Restore Running switch

  41. Redundant data copy ● Application C/R copies data back and forth ● Not a good fjt for applications with huge memory Memcached OS RAM S 1 Snapshot 1 2 3 4 In-kernel Running Checkpoint Checkpoint Restore Running switch

  42. Redundant data copy ● Application C/R copies data back and forth ● Not a good fjt for applications with huge memory Memcached Memcached New OS OS RAM S 1 Snapshot 1 2 3 4 In-kernel In-kernel Running Checkpoint Restore Running switch switch

  43. Redundant data copy ● Application C/R copies data back and forth ● Not a good fjt for applications with huge memory Memcached Memcached New OS OS RAM 1 2 3 4 S 1 Snapshot 1 2 3 4 In-kernel Running Checkpoint Restore Restore Running switch

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Checkpoint/Restart in Linux Sukadev Bhattiprolu IBM Linux Technology Center 09/2009 Linux is a

Checkpoint/Restart in Linux Sukadev Bhattiprolu IBM Linux Technology Center 09/2009 Linux is a

Checkpoint/Restart in Linux Sukadev Bhattiprolu IBM Linux Technology Center 09/2009 Linux is a registered trademark of Linus Torvalds. Agenda What and Why Checkpoint/Restart Prerequisites and Requirements Usage Overview Kernel

487 views • 31 slides
Application-Transparent Checkpoint/Restart for MPI Programs over InfiniBand Qi Gao, Weikuan Yu,

Application-Transparent Checkpoint/Restart for MPI Programs over InfiniBand Qi Gao, Weikuan Yu,

Application-Transparent Checkpoint/Restart for MPI Programs over InfiniBand Qi Gao, Weikuan Yu, Wei Huang, Dhabaleswar K. Panda Network-Based Computing Laboratory Department of Computer Science & Engineering The Ohio State University

635 views • 26 slides
Exploration of Lossy Compression for Application- level Checkpoint/Restart Naoto Sasaki 1 ,

Exploration of Lossy Compression for Application- level Checkpoint/Restart Naoto Sasaki 1 ,

LLNL-PRES-670952 Exploration of Lossy Compression for Application- level Checkpoint/Restart Naoto Sasaki 1 , Kento Sato 3 , Toshio Endo 1,2 , Satoshi Matsuoka 1,2 1 Tokyo institute of technology 2 Global Scientific Information and

1.36k views • 36 slides
Optimizing Asynchronous Multi-Level Checkpoint/Restart Configurations with Machine Learning Ton

Optimizing Asynchronous Multi-Level Checkpoint/Restart Configurations with Machine Learning Ton

Optimizing Asynchronous Multi-Level Checkpoint/Restart Configurations with Machine Learning Ton onmoy oy Dey ey, Ken ento Sato2, Sa Ji Jian an Gu Guo2, Bog ogdan Nicol olae3, Jen ens Dom omke2, Wei eikuan Yu

329 views • 10 slides
Scalable in-memory checkpoint for hard and soft error protection with automatic restart on failure

Scalable in-memory checkpoint for hard and soft error protection with automatic restart on failure

Charm++ Workshop Scalable in-memory checkpoint for hard and soft error protection with automatic restart on failure Xiang Ni Parallel Programming Laboratory University of Illinois at Urbana-Champaign May, 2013 1 / 25 Charm++ Workshop Fault

778 views • 28 slides
OACTE Success Series Matthew Wells Health Science Updates CTE Office Updates Reset and Restart

OACTE Success Series Matthew Wells Health Science Updates CTE Office Updates Reset and Restart

OACTE Success Series Matthew Wells Health Science Updates CTE Office Updates Reset and Restart Agenda Topics Perkins Data & Accountability Quality Program Review Work based Learning Equity Initiatives Industry Credential Updates

575 views • 36 slides
Checkpoint-Restart for a Network of Virtual Machines Rohan Garg, Komal Sodha, Zhengping Jin, Gene

Checkpoint-Restart for a Network of Virtual Machines Rohan Garg, Komal Sodha, Zhengping Jin, Gene

Checkpoint-Restart for a Network of Virtual Machines Rohan Garg, Komal Sodha, Zhengping Jin, Gene Cooperman College of Computer and Information Science Northeastern University, Boston Boston, Massachusetts 02115 { rohgarg, komal, jinzp, gene }

668 views • 34 slides
Restart to Recover Restart and debottleneck your business operations to adjust to changes in

Restart to Recover Restart and debottleneck your business operations to adjust to changes in

Restart to Recover Restart and debottleneck your business operations to adjust to changes in operations, workforce, supply chain and sales In partnership with www.b3cmsme.org 1 Restart Start in mission-mode to problem-solve through Rebuild

352 views • 9 slides
TEXAS INSTANT RACING OVERVIEW AND POTENTIAL IMPACT INSTANT RACING Instant Racing is a

TEXAS INSTANT RACING OVERVIEW AND POTENTIAL IMPACT INSTANT RACING Instant Racing is a

COMMITTEE ON THE CURRENT STATE OF HORSE AND GREYHOUND RACING IN TEXAS INSTANT RACING OVERVIEW AND POTENTIAL IMPACT INSTANT RACING Instant Racing is a pari-mutuel wagering system played in Arkansas at Oaklawn Park and Southland Greyhound

428 views • 5 slides
AGENDA School Start Date Parent Survey Results Instructional Models &

AGENDA School Start Date Parent Survey Results Instructional Models &

CHARLESTON COUNTY SCHOOL DISTRICT July 10, 2020 Meeting CCSD SAFE RESTART TASK FORCE Advisory group on the safe reopening of CCSD schools in August 2020 CCSD SAFE RESTART TASK FORCE OVERVIEW CCSD Safe Restart Plan Updates AGENDA School

459 views • 12 slides
The Range iWhite range overview 1. iWhite Instant kit 1 2. iWhite Instant kit 2 3. iWhite

The Range iWhite range overview 1. iWhite Instant kit 1 2. iWhite Instant kit 2 3. iWhite

The Range iWhite range overview 1. iWhite Instant kit 1 2. iWhite Instant kit 2 3. iWhite Instant Toothpaste 4. iWhite Instant Mouthwash 5. iWhite Toothbrush 6. iWhite Instant Polisher & paste 7. iWhite interdental Whitener 8.

154 views • 14 slides
Noble County COVID-19 Responsible Restart Ohio Conversation Noble County Updates by: Noble

Noble County COVID-19 Responsible Restart Ohio Conversation Noble County Updates by: Noble

Noble County COVID-19 Responsible Restart Ohio Conversation Noble County Updates by: Noble County Health Commissioner, Shawn E. Ray, RS, MPH & Kirby Moore, RS, Dir. of Environmental Health Noble County Emergency Management

228 views • 10 slides
Logistics The Renderman Shading Language Checkpoint 3 Grading underway Checkpoint 4

Logistics The Renderman Shading Language Checkpoint 3 Grading underway Checkpoint 4

Logistics The Renderman Shading Language Checkpoint 3 Grading underway Checkpoint 4 Due Monday RenderMan Assigned today (but not due for several weeks) Project Proposals All should have received e-mail feedback.

608 views • 12 slides
Logistics Checkpoint 2 Mostly graded. Note on grading -- Regaining points

Logistics Checkpoint 2 Mostly graded. Note on grading -- Regaining points

Texture Mapping Logistics Checkpoint 2 Mostly graded. Note on grading -- Regaining points Checkpoint 3 Due Monday Project Proposals All should have received e-mail feedback. 1 Logistics Checkpoint 2 Another

525 views • 35 slides
Constructing a Model of the Cochlea From OCT Images Checkpoint Presentation Students: Paul

Constructing a Model of the Cochlea From OCT Images Checkpoint Presentation Students: Paul

Constructing a Model of the Cochlea From OCT Images Checkpoint Presentation Students: Paul Wilkening and Emily Daggett (Group 2) Mentors: Russell Taylor and Jin Kang Presentation Outline v Overview v Dependency Updates v Progress

489 views • 23 slides
Paper Summaries Any takers? Procedural Shading Announcement Logistics Checkpoint 2

Paper Summaries Any takers? Procedural Shading Announcement Logistics Checkpoint 2

Paper Summaries Any takers? Procedural Shading Announcement Logistics Checkpoint 2 SIGGRAPH animation screenings Due last Thursday!!! Every Monday Checkpoint 3 12:30pm -- 2pm Due Today 07-1315 Checkpoint 4

276 views • 15 slides
Vulnerability disclosure Dont forget overall goal: improve software safety Consider

Vulnerability disclosure Dont forget overall goal: improve software safety Consider

Vulnerability disclosure Dont forget overall goal: improve software safety Consider incentives for researchers, software vendors, customers Supply chain can be complex Software component developers Open source Resellers

621 views • 20 slides
Security Risk Assessment and Risk Treatment for Integrated Modular Communication Hamid Asgari,

Security Risk Assessment and Risk Treatment for Integrated Modular Communication Hamid Asgari,

Security Risk Assessment and Risk Treatment for Integrated Modular Communication Hamid Asgari, Senior Member IEEE , Sarah Haines, and Adrian Waller Thales UK Limited, Research & Technology, Worton Drive, Worton Grange Business Park, Reading

635 views • 7 slides
Microservices stress-free and without increased heart-attack risk Uwe Friedrichsen (codecentric AG)

Microservices stress-free and without increased heart-attack risk Uwe Friedrichsen (codecentric AG)

Microservices stress-free and without increased heart-attack risk Uwe Friedrichsen (codecentric AG) microxchg Berlin, 12. February 2015 @ufried Uwe Friedrichsen | uwe.friedrichsen@codecentric.de | http://slideshare.net/ufried |

893 views • 46 slides
Modelling and simulation of a defense strategy to face indirect DDoS flooding attacks A. Furfaro,

Modelling and simulation of a defense strategy to face indirect DDoS flooding attacks A. Furfaro,

Modelling and simulation of a defense strategy to face indirect DDoS flooding attacks A. Furfaro, P. Pace, A. Parise, L. Molina Valdiviezo Universit` a della Calabria D.I.M.E.S 87036 Rende(CS) - Italy Email: a.furfaro@unical.it A. Furfaro

510 views • 18 slides
Presentations Trustworthy Cyber Infrastructure for Power (TCIP) Protection Detection and

Presentations Trustworthy Cyber Infrastructure for Power (TCIP) Protection Detection and

Trustworthy Cyber Infrastructure for the Power Grid Presentations Trustworthy Cyber Infrastructure for Power (TCIP) Protection Detection and Response Mechanisms Klara Nahrstedt , Illinois , Zbigniew Kalbarczyk , Illinois University of

256 views • 15 slides
Advanced Man-at-the-end Attacks and Defenses Bjorn De Sutter ISSISP 2018 Canberra 1

Advanced Man-at-the-end Attacks and Defenses Bjorn De Sutter ISSISP 2018 Canberra 1

Advanced Man-at-the-end Attacks and Defenses Bjorn De Sutter ISSISP 2018 Canberra 1 Lecture Overview 1. Advanced MATE attacks models tools & techniques 2. Protected code comprehension processes 3. Advanced MATE defenses 4.

1.79k views • 114 slides
CREST Workshop Rick Schantz, Partha Pal, Aaron Paulos, Joe Loyall, Kurt Rohloff Distributed

CREST Workshop Rick Schantz, Partha Pal, Aaron Paulos, Joe Loyall, Kurt Rohloff Distributed

Multiple Views on Multiplicity Computing: Opportunities Viewed through a Cyber-Security Lens CREST Workshop Rick Schantz, Partha Pal, Aaron Paulos, Joe Loyall, Kurt Rohloff Distributed Systems Technology Group March 23, 2012 1982: R&D

489 views • 29 slides
Data Transmission Analog and Digital Impairments Capacity ITS323: Introduction to Data

Data Transmission Analog and Digital Impairments Capacity ITS323: Introduction to Data

ITS323 Data Transmission Terminology Time Domain Frequency Domain Data Transmission Analog and Digital Impairments Capacity ITS323: Introduction to Data Communications Sirindhorn International Institute of Technology Thammasat University

813 views • 44 slides

More recommend