Slides for Chapter 6:

Operating System support

From Coulouris, Dollimore and Kindberg

Distributed Systems:
Concepts and Design
Edition 3, Addison-Wesley 2001

Outline

Introduction
The operation system layer
Protection
Processes and threads
Communication and invocation
Operating system architecture
Summary

InstructorsGuideforCoulouris,Dollimore

6.1 Introduction
In this chapter we shall continue to focus on remote
invocations without real-time guarantee
An important theme of the chapter is the role of the system
kernel
The chapter aims to give the reader an understanding of the
advantages and disadvantages of splitting functionality
between protection domains (kernel and user-level code)
We shall examining the relation between operation system
layer and middle layer, and in particular how well the
requirement of middleware can be met by the operating
system
Efficient and robust access to physical resources
The flexibility to implement a variety of resource-management policies

InstructorsGuideforCoulouris,Dollimore

Introduction (2)
The task of any operating system is to provide
problem-oriented abstractions of the underlying
physical resources (For example, sockets rather
than raw network access)

the processors
Memory
Communications
storage media

System call interface takes over the physical

resources on a single node and manages them to
present these resource abstractions

InstructorsGuideforCoulouris,Dollimore

Introduction (3)
Network operating systems
They have a network capability built into them and so can
be used to access remote resources. Access is networktransparent for some not all type of resource.
Multiple system images
The node running a network operating system retain autonomy in
managing their own processing resources

Single
system image
Anoperatingsystemthatproducesasingle
One could envisage an operating system in which users
systemimagelikethisforalltheresourcesina
are never concerned with where their programs run, or the
distributedsystemiscalledadistributed
location of any resources. The operating system has
operatingsystem
control over all the nodes in the system

InstructorsGuideforCoulouris,Dollimore

Introduction (4) --Middleware and network operating systems

In fact, there are no distributed operating systems in
general use, only network operating systems
The first reason, users have much invested in their
application software, which often meets their current
problem-solving needs
The second reason against the adoption of distributed
operating systems is that users tend to prefer to have a
degree of autonomy for their machines, even is a closely
knit organization
Thecombinationofmiddlewareandnetworkoperatingsystems
providesanacceptablebalancebetweentherequirementfor
autonomy

InstructorsGuideforCoulouris,Dollimore

Figure 6.1
System layers

Applications, services
Middleware

OS: kernel,
libraries &
servers

OS1
Processes, threads,
communication, ...

OS2
Processes, threads,
communication, ...

Computer &
network hardware

Computer &
network hardware

Node 1

Node 2

InstructorsGuideforCoulouris,Dollimore

Platform

The operating system layer

Our goal in this chapter is to examine the impact of

particular OS mechanisms on middlewares ability to
deliver distributed resource sharing to users
Kernels and server processes are the components
that manage resources and present clients with an
interface to the resources

Provideausefulserviceinterface
Encapsulation
totheirresource
Protection
Concurrent processing
Communication
Scheduling
InstructorsGuideforCoulouris,Dollimore

Figure 6.2
Core OS functionality

Communication
betweenthreads
attachedtodifferent
processesonthesame
computer
Treadcreation,
synchronization
andscheduling
Dispatchingof
interrupts,Thread manager
systemcall
trapsandother
exceptions

Process manager

Communication
manager

Handlesthe
creationofand
operationsupon
process

Management
ofphysical
andvirtual
memory

Memory manager
Supervisor

InstructorsGuideforCoulouris,Dollimore

6.3 Protection

We said above that resources require protection from

illegitimate accesses. Note that the threat to a systems
integrity does not come only from maliciously contrived code.
Benign code that contains a bug or which has unanticipated
behavior may cause part of the rest of the system to behave
incorrectly.
Protecting the file consists of two sub-problem

thisisameaninglessoperation
The first is to ensure that each of the files twothatwouldupsetnormaluseof
operations ( read and
write)
to perform it
write can be performed only by clients with right
thefileandthatfileswould
The other type of illegitimate access, which we neverbedesignedtoexport
shall address here, is

where a misbehaving client sidesteps the operations that resource

exports
WecanprotectresourcefromillegitimateinvocationssuchassetFilePointRandomly
ortouseatypesafeprogramminglanguage(JAVAorModula3)

InstructorsGuideforCoulouris,Dollimore

Kernel and Protection

The kernel is a program that is distinguished by the facts that

it always runs and its code is executed with complete access
privileged for the physical resources on its host computer
A kernel process execute with the processor in supervisor
(privileged) mode; the kernel arranges that other processes
execute in user (unprivileged) mode
A kernel also sets up address spaces to protect itself and
other processes from the accesses of an aberrant process,
and to provide processes with their required virtual memory
layout
The process can safely transfer from a user-level address
space to the kernels address space via an exception such as
an interrupt or a system call trap

InstructorsGuideforCoulouris,Dollimore

6.4 Processes and threads

A thread is the operating system abstraction of an

activity (the term derives from the phrase thread of
execution)
An execution environment is the unit of resource
management: a collection of local kernel-managed
resources to which its threads have access
An execution environment primarily consists
An address space
Thread synchronization and communication resources
such as semaphore and communication interfaces
High-level resources such as open file and windows

InstructorsGuideforCoulouris,Dollimore

6.4.1 Address spaces

Region, separated by inaccessible areas of virtual

memory
Region do not overlap
Each region is specified by the following properties
Its extent (lowest virtual address and size)
Read/write/execute permissions for the processs threads
Whether it can be grown upwards or downward

InstructorsGuideforCoulouris,Dollimore

Figure 6.3
Address space

2N

Auxiliary
regions

Stack

Heap

Text
0

InstructorsGuideforCoulouris,Dollimore

6.4.1 Address spaces (2)

A mapped file is one that is accessed as an array of

bytes in memory. The virtual memory system
ensures that accesses made in memory are
reflected in the underlying file storage
A shared memory region is that is backed by the
same physical memory as one or more regions
belonging to other address spaces
The uses of shared regions include the following
Libraries
Kernel
Data sharing and communication
InstructorsGuideforCoulouris,Dollimore

6.4.2 Creation of a new process

The creation of a new process has been an

indivisible operation provided by the operating
system. For example, the UNIX fork system call.
For a distributed system, the design of the process
creation mechanism has to take account of the
utilization of multiple computers
The choice of a new process can be separated into
two independent aspects
The choice of a target host
The creation of an execution environment

InstructorsGuideforCoulouris,Dollimore

Choice of process host

The choice of node at which the new process will

reside the process allocation decision is a matter
of policy
Transfer policy
Determines whether to situate a new process locally or
remotely. For example, on whether the local node is lightly
or heavily load

Location policy
Determines which node should host a new process
selected for transfer. This decision may depend on the
relative loads of nodes, on their machine architectures and
on any specialized resources they may process

InstructorsGuideforCoulouris,Dollimore

Choice of process host (2)

Process location policies may be

Static
Adaptive

Load-sharing systems may be

Loadmanagercollect
informationaboutthe
nodesanduseitto
allocatenew
processestonode

Centralized Oneloadmanagercomponent
Hierarchical Severalloadmanagerorganizedinatreestructure
decentralized
Nodeexchangeinformationwithoneanotherdirecttomake
allocationdecisions

InstructorsGuideforCoulouris,Dollimore

Choice of process host (3)

In sender-initiated load-sharing algorithms, the node

that requires a new process to be created is
responsible for initiating the transfer decision
In receiver-initiated algorithm, a node whose load is
below a given threshold advertises its existence to
other nodes so that relatively loaded nodes will
transfer work to it
Migratory load-sharing systems can shift load at any
time, not just when a new process is created. They
use a mechanism called process migration

InstructorsGuideforCoulouris,Dollimore

Creation of a new execution environment

There are two approaches to defining and initializing

the address space of a newly created process
Where the address space is of statically defined format
For example, it could contain just a program text region, heap region and
stack region
Address space regions are initialized from an executable file or filled with
zeroes as appropriate

The address space can be defined with respect to an

existing execution environment
For example the newly created child process physically shares the
parents text region, and has heap and stack regions that are copies of the
parents in extent (as well as in initial contents)
When parent and child share a region, the page frames belonging to the
parents region are mapped simultaneously into the corresponding child
region

InstructorsGuideforCoulouris,Dollimore

Figure 6.4
Copy-on-write

Process As address space

RA

Thepagesareinitially
writeprotectedatthe
hardwarelevel
A's page
table

RB copied
from RA

RB

Kernel
Shared
frame

a) Before write

Process Bs address space

B's page
table

pagefault

Thepagefault
handler
allocatesanew
framefor
processBand
copiesthe
originalframes
dataintobyteby
byte

b) After write

InstructorsGuideforCoulouris,Dollimore

6.4.3 Threads

thread process
CPU Program Counter register
set stack space (task)
thread code section data section
(OS resource)
thread
multithreading
The next key aspect of a process to consider in
more detail and server process to possess more
than one thread.

InstructorsGuideforCoulouris,Dollimore

Figure 6.5
Client and server with threads

Workerpool
Thread 2 makes
requests to server

Input-output

Receipt &
queuing

Thread 1
generates
results

T1
Requests
N threads
Client
Server

Adisadvantageofthisarchitectureisitsinflexibility
Anotherdisadvantageisthehighlevelofswitchingbetweenthe
I/Oandworkerthreadsastheymanipulatethesharequeue

InstructorsGuideforCoulouris,Dollimore

Figure 6.6
Alternative server threading architectures (see also Figure 6.5)

Associatesathreadwith
eachconnection
request

workers

I/O

a. Thread-per-request

remote
objects

per-connection threads
remote
objects

b. Thread-per-connection

Associatesathread
witheachobject
per-object threads
I/O

remote
objects

c. Thread-per-object

Advantage:thethreads
Ineachoftheselasttwoarchitectures
Theirdisadvantageisthatclientsmaybe
Disadvantage:the
donotcontendfora
theserverbenefitsfromloweredthread
delayedwhileaworkerthreadhas
overheadsofthethread
sharedqueue,and
managementoverheadscomparedwith
severaloutstandingrequestsbutanother
creationanddestruction
throughputispotentially threadhasnoworktoperform
thethreadperrequestarchitecture.
operations
maximized
InstructorsGuideforCoulouris,Dollimore

Figure 6.7
State associated with execution environments and threads

Executionenvironment
Addressspacetables
Communicationinterfaces,openfiles

Thread
Savedprocessorregisters
Priorityandexecutionstate(suchas
BLOCKED)
Softwareinterrupthandlinginformation

Semaphores,othersynchronization
objects
Listofthreadidentifiers
Executionenvironmentidentifier
Pagesofaddressspaceresidentinmemory;hardwarecacheentries

InstructorsGuideforCoulouris,Dollimore

A comparison of processes and threads as follows

Creating a new thread with an existing process is

cheaper than creating a process.
More importantly, switching to a different thread
within the same process is cheaper than switching
between threads belonging to different process.
Threads within a process may share data and other
resources conveniently and efficiently compared with
separate processes.
But, by the same token, threads within a process are
not protected from one another.

InstructorsGuideforCoulouris,Dollimore

A comparison of processes and threads as follows (2)

The overheads associated with creating a process

are in general considerably greater than those of
creating a new thread.
A new execution environment must first be created,
including address space table

The second performance advantage of threads

concerns switching between threads that is,
running one thread instead of another at a given
process

InstructorsGuideforCoulouris,Dollimore

 A context switch is the transition between contexts

that takes place when switching between threads, or
when a single thread makes a system call or takes
another type of exception
It involves the following:
The saving of the processors original register state, and
loading of the new state
In some cases; a transfer to a new protection domain
this is known as a domain transition

InstructorsGuideforCoulouris,Dollimore

Thread scheduling

In preemptive scheduling, a thread may be suspended at any

point to make way for another thread
In non-preemptive scheduling, a thread runs until it makes a
call to the threading system (for example, a system call).
The advantage of non-preemptive scheduling is that any
section of code that does not contain a call to the threading
system is automatically a critical section
Race conditions are thus conveniently avoided

Non-preemptively scheduled threads cannot takes advantage

of multiprocessor , since they run exclusively

InstructorsGuideforCoulouris,Dollimore

Thread implementation

When no kernel support for multi-thread process is

provided, a user-level threads implementation
suffers from the following problems
The threads with a process cannot take advantage of a
multiprocessor
A thread that takes a page fault blocks the entire process
and all threads within it
Threads within different processes cannot be scheduled
according to a single scheme of relative prioritization

InstructorsGuideforCoulouris,Dollimore

Thread implementation (2)

User-level threads implementations have significant

advantages over kernel-level implementations
Certain thread operations are significantly less costly
For example, switching between threads belonging to the same
process does not necessarily involve a system call that is, a
relatively expensive trap to the kernel
Given that the thread-scheduling module is implemented outside the
kernel, it can be customized or changed to suit particular application
requirements. Variations in scheduling requirements occur largely
because of application-specific considerations such as the real-time
nature of a multimedia processing
Many more user-level threads can be supported than could
reasonably be provided by default by a kernel

InstructorsGuideforCoulouris,Dollimore

The four type of event that kernel notified to the user-level scheduler

Virtual processor allocated

The kernel has assigned a new virtual processor to the process, and this is the
first timeslice upon it; the scheduler can load the SA with the context of a
READY thread, which can thus can thus recommence execution

SA blocked
An SA has blocked in the kernel, and kernel is using a fresh SA to notify the
scheduler: the scheduler sets the state of the corresponding thread to
BLOCKED and can allocate a READY thread to the notifying SA

SA unblocked
An SA that was blocked in the kernel has become unblocked and is ready to
execute at user level again; the scheduler can now return the corresponding
thread to READY list. In order to create the notifying SA, the another SA in the
same process. In the latter case, it also communicates the preemption event to
the scheduler, which can re-evaluate its allocation of threads to SAs.

SA preempted
The kernel has taken away the specified SA from the process (although it may
do this to allocate a processor to a fresh SA in the same process); the
scheduler places the preempted thread in the READY list and re-evaluates the
thread allocation.

InstructorsGuideforCoulouris,Dollimore

Figure 6.10
Scheduler activations

Process
A

P added
SA preempted

Process
B
Process

SA unblocked
SA blocked

Kernel

Virtual processors
A. Assignment of virtual processors
to processes

Kernel

P idle
P needed

B. Events between user-level scheduler & kernel

Key: P = processor; SA = scheduler activation

Scheduleractivation(SA)isacall
fromkerneltoaprocess

InstructorsGuideforCoulouris,Dollimore

6.5.1 Invocation performance

Invocation performance is a critical factor in

distributed system design
Network technologies continue to improve, but
invocation times have not decreased in proportion
with increases in network bandwidth
This section will explain how software overheads
often predominate over network overheads in
invocation times

InstructorsGuideforCoulouris,Dollimore

Figure 6.11
Invocations between address spaces
(a) System call

Control transfer via

trap instruction

Thread

Control transfer via

privileged instructions
User

Kernel
Protection domain
boundary

(b) RPC/RMI (within one computer)

Thread 1

User 1

Thread 2

Kernel

User 2

(c) RPC/RMI (between computers)

Network

Thread 1

Thread 2

User 1

User 2
Kernel 1

Kernel 2

InstructorsGuideforCoulouris,Dollimore

Figure 6.12
RPC delay against parameter size
RPC delay

Clientdelayagainstrequested
datasize.Thedelayisroughly
proportionaltothesizeuntilthe
sizereachesathresholdatabout
networkpacketsize
Requested data
size (bytes)

1000

2000
Packet
size

InstructorsGuideforCoulouris,Dollimore

The following are the main components accounting for remote invocation delay,
besides network transmission times

Marshalling
Data copying
Packet initialization
Thread scheduling and context switching
Waiting for acknowledgements

Potentially,evenaftermarshalling,messagedataiscopiedseveraltimes
1.Marshallingandunmarshalling,whichinvolvecopyingand
Severalsystemcalls(thatis,contextswitches)aremadeduringan
Thisinvolvesinitializingprotocolheadersand
ThechoiceofRPCprotocolmay
convertingdata,becomeasignificantoverheadastheamountof
inthecourseofanRPC
RPC,asstubsinvokesthekernelscommunicationoperations
trailers,includingchecksums.Thecostis
influencedelay,particularlywhenlarge
datagrows
thereforeproportional,inpart,totheamountof
amountsofdataaresent
1.
2. Acrosstheuserkernelboundary,betweentheclientorserveraddress
Oneormoreserverthreadsisscheduled
datasent
spaceandkernelbuffers
3. Iftheoperatingsystememploysaseparatenetworkmanagerprocess,
2. Acrosseachprotocollayer(forexample,RPC/UDP/IP/Ethernet)
theneachSendinvolvesacontextswitchtooneofitsthreads
3. Betweenthenetworkinterfaceandkernelbuffers
InstructorsGuideforCoulouris,Dollimore

A lightweight remote procedure call

The LRPC design is based on optimizations

concerning data copying and thread scheduling.
Client and server are able to pass arguments and
values directly via an A stack. The same stack is
used by the client and server stubs
In LRPC, arguments are copied once: when they are
marshalled onto the A stack. In an equivalent RPC,
they are copied four times

InstructorsGuideforCoulouris,Dollimore

Figure 6.13
A lightweight remote procedure call

Client

Server

A stack

A
4. Execute procedure
and copy results

1. Copy args

User

stub

stub

Kernel
2. Trap to Kernel

3. Upcall

5. Return (trap)

InstructorsGuideforCoulouris,Dollimore

6.5.2 Asynchronous operation

A common technique to defeat high latencies is

asynchronous operation, which arises in two
programming models:
concurrent invocations
asynchronous invocations

An asynchronous invocation is one that is performed

asynchronously with respect to the caller. That is, it
is made with a non-blocking call, which returns as
soon as the invocation request message has been
created and is ready for dispatch

InstructorsGuideforCoulouris,Dollimore

Figure 6.14
Times for serialized and concurrent invocations
Serialised invocations
process args
marshal
Send

Receive
unmarshal
process results
process args
marshal
Send

Concurrent invocations

process args
marshal
Send
transmission
process args
marshal
Send
Receive
unmarshal
execute request
marshal
Send
Receive
unmarshal
process results

pipelining
Receive
unmarshal
execute request
marshal
Send
Receive
unmarshal
execute request
marshal
Send

Receive
unmarshal
process results
Receive
unmarshal
execute request
marshal
Send

time

Receive
unmarshal
process results
Client

Server

Client

Server

InstructorsGuideforCoulouris,Dollimore

6.6 Operating system architecture

Run only that system software at each computer

that is necessary for it to carry out its particular
role in the system architectures
Allow the software implementing any particular
service to be changed independently of other
facilities
Allow for alternatives of the same service to be
provided, when this is required to suit different
users or applications
Introduce new services without harming the
integrity of existing ones

InstructorsGuideforCoulouris,Dollimore

Figure 6.15
Monolithic kernel and microkernel

S4

.......

Microkernelprovidesonlythe
mostbasicabstraction.
Principallyaddressspaces,the
threadsandlocalinterprocess
communication
S1

S1

Key:
Server:

S2

S3

S2

S3

S4

.......

Monolithic Kernel
Kernel code and data:

Microkernel
Dynamically loaded server program:

Wherethesedesignsdifferprimarilyisinthedecisionas
towhatfunctionalitybelongsinthekernelandwhatisto
belefttoseverprocessesthatcanbedynamicallyloaded
torunontopofit
InstructorsGuideforCoulouris,Dollimore

.......

Figure 6.16
The role of the microkernel

Middleware
Language
support
subsystem

Language
support
subsystem

OS emulation
subsystem

Microkernel
Hardware

The microkernel supports middleware via subsystems

InstructorsGuideforCoulouris,Dollimore

....

Comparison

The chief advantages of a microkernel-based

operating system are its extensibility
A relatively small kernel is more likely to be free
of bugs than one that is large and more complex
The advantage of a monolithic design is the
relative efficiency with which operations can be
invoked

InstructorsGuideforCoulouris,Dollimore