.. title: PAR Class 12, Mon 2021-03-08 .. slug: class12 .. date: 2021-03-08 .. tags: class .. category: .. link: .. description: .. type: text .. has_math: true .. raw:: html .. role:: red .. role:: blue .. sectnum:: .. contents:: Table of contents .. Types of virtualization ----------------------- #. There are many possible levels of virtualization. #. At a low level, one might emulate the HW. This is quite flexible but too slow. #. At a higher level, a basic OS runs separate virtual machines, each with its own file system. a. Harmless machine instructions execute normally. #. Powerful ones are trapped and emulated. #. This requires a properly designed instruction set. #. IBM has been doing this commercially for 40 years, with something originally called CP/CMS. #. I think that IBM lucked out with their instruction set design, and didn't plan it. #. Well-behaved clients might have problematic code edited before running, to speed the execution. #. I think that Vmware does that. #. It seems that compute-intensive clients might have almost no overhead. #. However, the emulated file system can be pretty bad. #. With Vmware, several clients can all be different OSs, and the host can be any compatible OS. #. E.g., I've had a linux vmware host simultaneously running both linux and windows clients. #. SFAIK, Vmware currently doesn't run on Ubuntu because of recent linux security upgrades requiring that new modules installed in the kernel be signed. #. In linux, root no longer has infinite power. #. The next level of virtualization has an nontrivial host OS, but separates the clients from each other. #. They see a private view of the process space, file system, and other resources. #. This is lighter weight, e.g., quicker to start a VM and less overhead. #. The host and client must be the same OS. #. This might be called paravirtualization. #. Linux supports this with things like namespace isolation and control groups (cgroups). Wikipedia et al describe this. #. The next level up is the normal linux security. a. You can see all the processes and similar resources. #. The file system has the usual protections. #. This is hard to make secure when doing something complicated. #. How do I protect myself from firefox going bad? #. It's easy to describe what it should be allowed to do, but almost impossible to implement. #. That includes using apparmor etc. #. In theory, packaging an app in a virtual machine has fewer dependencies and is more secure. #. You can run the vm w/o changes on different hosts. #. A Vmware client can run w/o change on both linux and windows hosts. #. You can run a client on your own hardware, then spill over to a commercial cloudy platform when necessary. Docker ------------------ #. Docker is a popular lightweight virtualization system, which Nvidia uses to distribute SW. #. Docker runs **images** that define virtual machines. #. Docker images share resources with the host, in a controlled manner. #. For simple images, which is not nvidia/cuda, starting the image is so cheap that you can do it to run one command, and encapsulate the whole process in a shell function. #. Docker is worth learning, apart from its use by Nvidia for parallel computing. You might also look up Kubernetes. #. More info: #. https://www.docker.com/ #. https://www.zdnet.com/article/what-is-docker-and-why-is-it-so-darn-popular/ #. https://opensource.com/resources/what-docker #. I installed docker on parallel to run nvidia images like pgc++. Then I removed it because it wasn't necessary, was complicated, and it was insecure. Nvidia GPU and accelerated computing, 6 --------------------------------------- This is from https://developer.nvidia.com/teaching-kits-downloads My local copy of what I'm using is in /parclass/2021/files/nvidia/GPU-Teaching-Kit-Accelerated-Computing.zip Today we'll start from Module_9_Parallel_Computation_Patterns_Reduction/Slides/Lecture-9-1-reduction.pdf This introduces some common parallel programming paradigms. Today we did thru 10-2.