[trustable-software] No hypervisor required...
Paul Sherwood
paul.sherwood at codethink.co.uk
Mon Jun 18 09:32:32 BST 2018
Thanks Niall, Gerald.
Here's a link to Duncan's original comment (which I've now marked as
resolved) for posterity
https://docs.google.com/a/codethink.co.uk/document/d/1H8ymdyAxKqBHTDPWY_ltQOwihRQ3iIzTqxjuYQXF8O4/edit?disco=AAAAB6DYk8A
I also wanted to provide a link to Maciej Wolny's comments at:
https://docs.google.com/a/codethink.co.uk/document/d/1H8ymdyAxKqBHTDPWY_ltQOwihRQ3iIzTqxjuYQXF8O4/edit?disco=AAAABx0MKy8
There we covered similar ground, but I think we still got to the same
point: theoretical/sales claims for hypervisors don't really offer any
magic advantage versus best-of-breed OS separation, and in any case we
still have to deal with the realities/threats of contended hardware.
br
Paul
On 2018-06-17 17:58, Niall Dalton wrote:
<snip>
> Completely agree. When separately safety critical hard realtime
> from others, the OS / hypervisor discussion is a red herring. Neither
> are sufficient, and it's a system architecture problem (and we make
> the usual tradeoffs in boot sequences etc). The safety critical
> stack should be minimally sized as usual.
>
> When discussing the partition(s) of the system where most of the
> hardware will be, 99.99% of the software, and a vastly increasing
> amount of the compute will take place for the new workloads, then the
> partitioning mechanisms of both regular operating systems and
> hypervisor based systems are sufficient. When consolidating these
> workloads on fewer and much more capable platforms, it hasn't been the
> experience in other domains that the hypervisor is necessary, or that
> it pulls its weight.
>
> Even in poster-child environments for virtualization, such as public
> clouds, we're moving to 'bare metal' - shifting the administrative
> domains and protection into hardware components in the system. (E.g.
> the approach Amazon takes using their in-house ARM SOCs in x86
> servers).
More information about the trustable-software
mailing list