1 Types of virtualization

1. There are many possible levels of virtualization.

2. At a low level, one might emulate the HW. This is quite flexible but too slow.

3. At a higher level, a basic OS runs separate virtual machines, each with its own file system.

   1. Harmless machine instructions execute normally.

   2. Powerful ones are trapped and emulated.

   3. This requires a properly designed instruction set.

   4. IBM has been doing this commercially for 40 years, with something originally called CP/CMS.

   5. I think that IBM lucked out with their instruction set design, and didn't plan it.

   6. Well-behaved clients might have problematic code edited before running, to speed the execution.

   7. I think that Vmware does that.

   8. It seems that compute-intensive clients might have almost no overhead.

   9. However, the emulated file system can be pretty bad.

   10. With Vmware, several clients can all be different OSs, and the host can be any compatible OS.

   11. E.g., I've had a linux vmware host simultaneously running both linux and windows clients.

   12. SFAIK, Vmware currently doesn't run on Ubuntu because of recent linux security upgrades requiring that new modules installed in the kernel be signed.

   13. In linux, root no longer has infinite power.

4. The next level of virtualization has an nontrivial host OS, but separates the clients from each other.

   1. They see a private view of the process space, file system, and other resources.

   2. This is lighter weight, e.g., quicker to start a VM and less overhead.

   3. The host and client must be the same OS.

   4. This might be called paravirtualization.

   5. Linux supports this with things like namespace isolation and control groups (cgroups). Wikipedia et al describe this.

5. The next level up is the normal linux security.

   1. You can see all the processes and similar resources.

   2. The file system has the usual protections.

   3. This is hard to make secure when doing something complicated.

   4. How do I protect myself from firefox going bad?

   5. It's easy to describe what it should be allowed to do, but almost impossible to implement.

   6. That includes using apparmor etc.

6. In theory, packaging an app in a virtual machine has fewer dependencies and is more secure.

7. You can run the vm w/o changes on different hosts.

8. A Vmware client can run w/o change on both linux and windows hosts.

9. You can run a client on your own hardware, then spill over to a commercial cloudy platform when necessary.

2 Docker

1. Docker is a popular lightweight virtualization system, which Nvidia uses to distribute SW.

2. Docker runs images that define virtual machines.

3. Docker images share resources with the host, in a controlled manner.

4. For simple images, which is not nvidia/cuda, starting the image is so cheap that you can do it to run one command, and encapsulate the whole process in a shell function.

5. Docker is worth learning, apart from its use by Nvidia for parallel computing. You might also look up Kubernetes.

6. More info:

   1. https://www.docker.com/

   2. https://www.zdnet.com/article/what-is-docker-and-why-is-it-so-darn-popular/

   3. https://opensource.com/resources/what-docker

7. I installed docker on parallel to run nvidia images like pgc++. Then I removed it because it wasn't necessary, was complicated, and it was insecure.

3 Nvidia GPU and accelerated computing, 6

This is from https://developer.nvidia.com/teaching-kits-downloads

My local copy of what I'm using is in /parclass/2021/files/nvidia/GPU-Teaching-Kit-Accelerated-Computing.zip

Today we'll start from Module_9_Parallel_Computation_Patterns_Reduction/Slides/Lecture-9-1-reduction.pdf

This introduces some common parallel programming paradigms.

Today we did thru 10-2.