Wednesday morning refereed papers

The best papers are the ones where after they're presented you say "I can't wait to take these back to work!" That's the case with the papers presented in Wednesday morning's session. Chris St. Pierre and Matt Hermanson started off with "Staging Package Deployment via Repository Management". In this paper, they describe how they use a three-level repository scheme to manage the testing and deployment of software packages.

The "upstream" repo is a daily mirror of the distribution's repositories. This repo gets checked against a package blacklist and copied to the "unstable" repo. Packages which have been in unstable for a week or more without issue get copied into the "stable" repo. This allows testing of packages on a limited number of hosts before being deployed more widely.

The next paper was Philip Guo's "CDE: Run Any Linux Application On-Demand Without Installation". His position is that packaging is hard, especially when applications require specific versions of many libraries. For users who lack root privileges, the challenge is especially daunting. Philip's solution is CDE (not to be confused with the desktop environment), which neatly packages an application's code, data, and environment.

By using ptrace magic, an unprivileged user can run an application and copy any necessary binaries and libraries into a tree. This package can then be shared with other users who can execute the package unprivileged in a chroot-like environment. CDE packages can also be streamed off of cloud-based services. By making self-contained packages, programs can be run on any other platform with the same architecture and kernel ABI-compatible to the build system. This means, for example, Fedora users can easily share applications with Ubuntu users.

The final paper of the session, entitled "Improving Virtual Appliance Management through Virtual Layered File Systems" was presented by Shaya Potter and co-authored by Jason Nieh. Their work focuses on reducing the effort and storage overhead of maintaining multiple VM images. As it turns out, VM appliances make for easy setup, but can be difficult to manage and lead to sprawl. By stratifying the VM's filesystem into many layers, even largely heterogeneous machines can be more easily managed.

Each individual application (e.g. Apache httpd) can exist in a separate layer. UnionFS is used to combine the appropriate read-only layers for each machine. A read-write layer is then added on top for local and volatile data. In addition to greatly reducing the disk overhead in large VM deployments, it also makes it much more difficult to compromise individual VMs.