←back to thread

Asterinas: OS kernel written in Rust and providing Linux-compatible ABI

(github.com)
235 points Klasiaster | 5 comments | 15 Oct 24 12:01 UTC | HN request time: 0.001s | source
Show context
justmarc ◴[15 Oct 24 21:02 UTC] No.41853080[source]
I'm interested in these kind of kernels to run very high performance network/IO specific services on bare metal, with minimal system complexity/overheads and hopefully better (potential) stability and security.

The big concern I have however is hardware support, specifically networking hardware.

I think a very interesting approach would be to boot the machine with a FreeBSD or Linux kernel, just for the purposes of hardware as well as network support, and use a sort of Rust OS/abstraction layer for the rest, bypassing or simply not using the originally booted kernel for all user land specific stuff.

replies(4): >>41853111 #>>41853348 #>>41853724 #>>41855929 #
cgh ◴[15 Oct 24 21:34 UTC] No.41853348[source]
If you want truly high-performance networking, you can bypass the kernel altogether with DPDK. So you don't have to worry about alternative kernels for other tasks at all. On the downside, DPDK takes over the NIC entirely, removing the kernel from the equation, so if you need the kernel to see network traffic for some reason, it won't work for you.

You can check out hardware support here: https://core.dpdk.org/supported/nics/

replies(1): >>41853538 #
jauntywundrkind ◴[15 Oct 24 21:58 UTC] No.41853538[source]
This was true a decade ago, with modern io_uring dpdk is probably an anti-pattern.
replies(2): >>41853574 #>>41854804 #
1. cgh ◴[15 Oct 24 22:03 UTC] No.41853574[source]
Interesting, it's been awhile since I looked at this stuff so I did a little searching and found this: https://www.diva-portal.org/smash/get/diva2:1789103/FULLTEXT...

Their conclusion is io_uring is still slower but not by much, and future improvements may make the difference negligible. So you're right, at least in part. Given the tradeoffs, DPDK may not be worth it anymore.

replies(4): >>41854008 #>>41856349 #>>41856769 #>>41856892 #
2. loeg ◴[15 Oct 24 23:03 UTC] No.41854008[source]
There are also just a bunch of operational hassles with using DPDK or SPDK. Your usual administrative commands don't work. Other operations aren't intermediated by the kernel -- instead you need 100% dedicated application devices. Device counters usually tracked by the kernel aren't. Etc. It can be fine, but if io_uring doesn't add too much overhead, it's a lot more convenient.
3. renox ◴[16 Oct 24 07:06 UTC] No.41856349[source]
Not by much?? You're exaggerating..
4. guenthert ◴[16 Oct 24 08:17 UTC] No.41856769[source]
That's an interesting and valuable study. I was slightly disappointed though that only a single host was used in the 'network' performance tests:

"SR-IOV was used on the NIC to enable the use of virtual functions, as it was the only NIC that was available during the study for testing and therefore the use of virtual functions was a necessity for conducting the experiments."

5. guenthert ◴[16 Oct 24 08:38 UTC] No.41856892[source]
"io_uring had a maximum throughput of 5.0 Gbit/s "

Wut? More than 10 years ago, a cheap beige box could saturated a 1Gbps link with a kernel as it came from e.g. Debian w/o special tuning. A somewhat more expensive box could get a good share of a 10Gbps link (using Jumbo frames), so these new results are, er, somewhat underwhelming.