CKRM, Riel said, is all about making more efficient resource management. When processes are competing for memory and processing time, the CKRM kernel patch improves the efficiency and allows all processes an equal chance at the CPU and RAM.
The particular task of CKRM is to prevent any one user or process from making the system so bogged down that other processes are not able to function. As an example, he said, with CKRM, should a Web site on a server be the recipient of a 'slashdotting', the kernel using this patch would ensure that other Web sites and services on the server would still have enough resources to function even while that one is no longer able to.
Protecting virtual machines -- from each other
The way it all works is that users and tasks can be assigned a level of priority, and a minimum amount of resources that they are guaranteed. There is the the whole system which is subdivided hierarchically into subclasses. Each is allowed a portion of its parents' resources, so it is not possible to assign more resources than are available.
One of the major uses, explained Riel, of CKRM is protecting virtual machines, discussed later in this article, from each other. If one virtual machine uses too many of the system's resources, it won't affect other virtual machines running on the same physical machine simply because CKRM won't allow it -- both will have minimum service levels and be limited so as to allow each other to function.
CKRM also allows IP addresses and ports to be managed the same way on a server. Should one port be receiving so much traffic that it is preventing another port's daemon from receiving any traffic, the kernel will step in and assign the minimum resources necessary to allow both to receive traffic.
The whole notion of CKRM is supported, Riel said, by Linux kernel leader Linus Torvalds, but large parts of it need changing.
CKRM has very low overhead above the existing kernel scheduler, he explained. In other words, doing this additional protection for processes on a Linux system does not significantly slow down the server.
CKRM will not prevent a process from using all the system's resources unless and until another process needs them, so the performance hit from it to individual processes is not significant, either.
Riel said the future of CKRM is setting it up for the priorities to be visible to users, and not just the administrator.
Chris Wright of Open Source Development Labs started off the second session of the day discussing Linux virtualization -- the setting up and use of virtual machines within Linux.
Wright told us that virtualization can be defined as compatible time-sharing systems. Timesharing, he told us, was developed by IBM in the interest of splitting processing time between multiple projects on what were then extremely expensive computers.
IBM's history on this subject
In 1964, IBM opted for batch processing rather than timesharing, much to the ire of university users. By 1965, IBM had gone back to the timesharing philosophy of multiple uses of one computer.
In 1972, IBM introduced system 370 with address relocation hardware.
Virtualization, Wright explained, is an abstraction layer which manages mappings from virtual to physical or real resources. It allows a program to believe it is really running directly on the hardware; in other words, even though it is only talking to another program -- a kernel -- which is talking to the hardware on its behalf without its knowledge.
Virtualization, or virtual machines, have a variety of uses, he said. Virtual machines can be used for resource isolation for the purposes of security, sandboxing, or honeypots.
The fundamental concept of virtual machines is that an operating system can run inside another, and thus provide an isolated environment. The operating system running inside the other cannot see the parent operating system and believes that it is actually the parent. Thus if it crashes, is compromised, or has any of a variety of problems, it can die without affecting the host computer. You can run several of these on the same computer providing many "computers" for people to use with only one real one. User-mode Linux is the best known such system and is often used by colocation providers to provide virtual servers to customers at a very low hardware cost, because the customers do not each need their own physical machines.
The goal of virtualization is complete virtual machines with their own hostname, IP addresses, /proc file system -- the directory unices use to store information about processes running on the system -- and so forth. A true virtual machine, he said, is not aware that it is virtual. The computer the virtual machine's operating system is running on is not a computer -- but, in fact, another operating system.
Wright said that a good test of virtual machines is to run them in inside each other. If they survive that, the virtualization is truly real, though such a system would run too inefficiently to be of any real use.
After lunch, Damian Conway of Linux Australia gave a presentation on what is new in Perl version 6.
The current version of the Perl scripting language, very common on the Internet -- including this Web site -- is 5. Perl 6 has been in development, Conway said, for four years now, and is expected to be released in about two more years, or mid-2006.
Conway described Perl 5 as the test version of Perl, and Perl 6 will be the real version. They are taking years to develop it, he said, to make sure they get it right. Its developers have learned what works well and what doesn't, what is intuitive, and what is counter-intuitive. Perl 6's intention is to fix it all.
Perl goal: Wider adoption of unicode
Perl 6 supports unicode characters natively within the code. Conway told the audience that one of the goals of Perl 6 is to bring in wider adoption of unicode.
Unicode is the multi-byte character system that allows more languages than just Latin to fit within our character set. Instead of the 100-odd characters to which we are currently limited, unicode allows for tens of thousands.
As a result, there are more characters available for Perl to use as instruction characters. The yen symbol, for example, Conway said, now represents the zippering together of two arrays; i.e., by using the yen character two arrays can be interlaced. One variable from each is considered, alternating back and forth.
The changes he outlined for Perl 6 over Perl 5 are extensive but do not eliminate the feel of the code being Perl. He explained that Perl 6 is a needed improvement. It is an opportunity for past mistakes in Perl to be rectified, and the development team will take as long as possible to make sure Perl is done right this time. He noted that there would not be much patience in the community for another major rewrite of the language. Perl 6, Conway said, must last 20 or 30 years.
One of the challenges facing the Perl development team is ensuring backward compatibility with Perl 5. Conway said they considered it and that there was only one solution.
Perl 6 will not be backward compatible with Perl 5, Conway advised us. There is no way to do it and still implement the necessary improvements. Perl code will have to be updated to use the new language features and keywords.
Perl 6 is a cleaner version of the language with more logical conventions. All scalar variables, and only scalar variables, for example, says Conway, will be identified with the '$' sign, instead of various uses of various variables getting various identifiers like $, @, and %. Virtually every available special character has been used using the new version of Perl, including some in the unicode space outside of standard ASCII, though all such characters have keyword alternatives.
The new version of Perl include a try() and catch() routine for risky functions that operates differently from other languages that use it. The catch() is found within the try() in Perl 6 instead of after the try() as it would be in Java, Conway explained.
'Linux on Laptops' session
In the evening, there was a session led by Len Brown and Rusty Lynch on "Linux on Laptops." The session was an interactive session, affectionally known in the community as a "Birds of the Feather," or "BOF" session.
Brown started it off by discussing suspend/resume operations on Linux laptops. Other than laptops with S3 video cards, he said, most Linux laptops do not take well to being put to sleep, often failing to wake up afterward. Unfortunately, he said, solving the problem will likely require laptop-specific drivers for sleep mode.
Docking station support, it was discussed, is virtually non-existent in Linux, and wireless nic support, though functional, has more work to be done to support especially newer cards like the 2200ipw, a brand new on-board wireless card that currently is not supported in Linux.
Power management support in Linux is also lacking. The topic was discussed at length, and it was agreed that simple measures such as reducing the brightness of the laptop's LCD can go a long ways toward preserving battery life.