1. Field of the Invention
The field of the invention is data processing, or, more specifically, methods, apparatus, and products for providing policy-based operating system services in a hypervisor on a computing system.
2. Description of Related Art
The development of the EDVAC computer system of 1948 is often cited as the beginning of the computer era. Since that time, computer systems have evolved into extremely complicated devices. Today's computers are much more sophisticated than early systems such as the EDVAC. Computer systems typically include a combination of hardware and software components, application programs, operating systems, processors, buses, memory, input/output devices, and so on. As advances in semiconductor processing and computer architecture push the performance of the computer higher and higher, more sophisticated computer software has evolved to take advantage of the higher performance of the hardware, resulting in computer systems today that are much more powerful than just a few years ago.
One area in which computer software has evolved to take advantage of high performance hardware is the operating system. Early computers lacked any form of operating system. A system administrator loaded an application that had sole use of the machine. To operate the computer, an application had to directly access and control the computer hardware. Later, computers came with libraries of support code which were linked into an application to assist in operations such as input and output. These libraries were the genesis of the modern-day operating system. The computers, however, still ran only a single application at a time. Modern operating systems are capable of running multiple applications simultaneously. These modern operating systems also provide applications with abstractions of the computer hardware to simplify application development and aid the ability to port applications from one hardware platform to another.
The kernel is the central part in most computer operating systems which manages the system's resources and the communication between hardware and software components. As a basic component of an operating system, a kernel provides abstraction layers for hardware, especially for memory, processors and I/O that allows hardware and software to communicate. The kernel also makes these facilities available to applications and other operating system services through inter-process communication mechanisms and system calls.
These kernel tasks are performed differently for different kernels, depending on their design and implementation. In a monolithic kernel, all operating system services reside in and are executed using the same memory area. Because a monolithic kernel attempts to execute all the code in the same address space, monolithic kernel architectures are easier to design and implement than other solutions and are extremely efficient if well-written. The main disadvantages of monolithic kernels are the dependencies between system components. Large kernels become very difficult to maintain, and a bug in one portion of the kernel may crash the entire system.
In a microkernel architecture, the kernel provides simple abstractions over the hardware, with a set of primitives or system calls to implement minimal operating system services such as, for example, memory management, multitasking, and inter-process communication. Other services, including those normally provided by the kernel such as, for example, networking, are implemented in user-space programs that typically have their own address space. Microkernels are easier to maintain than monolithic kernels, but the large number of system calls and context switches may slow down the system.
Regardless of the kernel architecture used to implement an operating system, the set of operating system services provided in current operating systems are generally fixed when the operating system is installed. That is, the operating system utilizes the same memory management algorithm, the same I/O scheduling algorithm, the same networking algorithm, and so on, without regard to the applications that run on the hardware managed by the operating system. Often, however, one application may efficiently utilize computer resources when using one operating system service, while another application inefficiently utilizes computer resources when using the same operating system service. For example, an operating system service that provides I/O scheduling in the operating system may result in efficient use of computer resources for an application that are I/O intensive and result in an inefficient use of computer resources for an application that is not I/O intensive. Because current operating systems provide the same operating system services without regard to applications, current operating systems often do not efficiently manage the interaction between applications and the computer hardware. Readers will therefore appreciate that room for improvement exists in the manner in which operating system service are provided in an operating system.
Another area in which computer software has evolved to take advantage of high performance hardware is the set of software tools referred to as hypervisors. A hypervisor is a layer of system software that runs on the computer hardware beneath the operating system layer to allows multiple operating systems to run, unmodified, on a host computer at the same time. Hypervisors were originally developed in the early 1970's, when company cost reductions were forcing multiple scattered departmental computers to be consolidated into a single, larger computer—the mainframe—that would serve multiple departments. By running multiple operating systems simultaneously, the hypervisor brought a measure of robustness and stability to the system. Even if one operating system crashed, the others would continue working without interruption. Indeed, this even allowed beta or experimental versions of the operating system to be deployed and debugged without jeopardizing the stable main production system and without requiring costly second and third systems for developers to work on.
A hypervisor allows multiple operating systems to run on a host computer at the same time by providing each operating system with a set of virtual resources. These virtual resources provide each operating system a portion of the actual resources of the computer. These portions are usually implemented as time slices of the total time the resources are available for use. Using a hypervisor, the distribution of computer resources within a single computer makes the computer appear to function as if it were two or more independent computers. Utilizing a hypervisor to allow multiple operating systems to run on a host computer at the same time, however, does have a drawback. The administrative overhead required to operate the hypervisor reduces the overall computer resources available for running operating systems and the applications. The administrative overhead occurs in the form of processor context switches between the hypervisor and each operating system. Readers will therefore appreciate that the administrative overhead of the hypervisor may be reduced by implementing some of the functionality of the operating system in the hypervisor.