Description DISKLESS CLIENT USING A HYPERVISOR
[ 1 ] Field of the Invention
[2] The present invention relates to diskless clients and their effective and cost-efficient management.
[3] Background of the Invention
[4] The paradigm of desktop computers connected to a common server has long suffered from problems relating to cost and manageability. Primarily, significant concerns regarding security constantly arise given that each desktop has a hard drive, thus facilitating the unauthorized copying or downloading of files and greatly increasing the risk of system corruption in view of the difficulties with managing what may be introduced to each desktop.
[5] Accordingly, an ongoing trend among smaller and larger enterprises alike is to provide a diskless client that eliminates the multitude of desktop hard drives. All data thus is found on a central server, and all file management can be controlled at the one central location. System backup is greatly facilitated since a multitude of desktops do not need to be activated at the time that backup is carried out, and any needed "patch management" can be carried out at the server end.
[6] However, a major impediment to implementing the changes just described is that most operating systems (OS's) are not conducive to the type of remote booting that would normally be required in a diskless system. By and large, each OS tends to be configured for a specific type of booting that often requires some type of local storage, and thus lacks versatility in terms of the booting that can be accommodated. For instance, during a boot, the OS would have to be cognizant of whether the boot originates from remote storage or local storage, wirelessly, or from a LAN (local area network). Costly fixes generally need to be implemented to permit any appreciable degree of versatility.
[7] Accordingly, a compelling need has been recognized in connection with addressing these versatility issues, as well as related issues.
[8] Summary of the Invention
[9] In accordance with at least one presently preferred embodiment of the present invention, there is broadly contemplated herein an arrangement for facilitating remote booting in diskless client systems as just described. To this end, there is broadly contemplated herein the employment of a hypervisor that can freely accommodate a variety of booting arrangements for a given OS. This then ensures that few if any modifications, especially costly ones, would need to be made to the OS to ensure greater versatility.
[10] In summary, one aspect of the invention provides a system comprising: an operating system; a remote storage device in general communication with the operating system; and a hypervisor which captures communication actions from the operating system and diverts the communication actions to the remote storage device.
[11] Another aspect of the invention provides a method comprising: loading an operating system; loading a hypervisor; and employing the hypervisor to: capture communication actions from the operating system; and divert the communication actions to a remote storage device.
[12] Furthermore, an additional aspect of the invention provides a program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps comprising: loading an operating system; loading a hypervisor; and employing the hypervisor to: capture communication actions from the operating system; and divert the communication actions to a remote storage device.
[13] For a better understanding of the present invention, together with other and further features and advantages thereof, reference is made to the following description, taken in conjunction with the accompanying drawings, and the scope of the invention will be pointed out in the appended claims.
[14] Brief Description of the Drawings
[15] Fig. 1 schematically illustrates a Type 1 hypervisor.
[16] Fig. 2 schematically illustrates a system employing a hypervisor in accordance with at least one embodiment of the present invention.
[17] Description of the Preferred Embodiments
[18] As discussed above, there is broadly contemplated herein, in accordance with at least one presently preferred embodiment of the present invention, the employment of a hypervisor in a diskless client system to more efficiently facilitate and greatly expand the booting capabilities of an OS. More particularly, the hypervisor preferably "traps" (in a manner to be described below) all disk and LAN accesses from the OS.
[19] Expressed another way, to the extent that many OS's are normally configured to write to hard drive during a boot, and to the extent one may wish to incorporate such an OS into a diskless system, a hypervisor in accordance with the present invention obviates the need to expensively reconfigure the OS for a diskless environment in which the booting context will be significantly different. Any and all translation to remote storage, as performed by the hypervisor, is thus essentially "blind" to the OS.
[20] Conventionally, a hypervisor is embodied by a base set of code that runs under an OS to permit an OS to run in a virtualized environment, and can create a virtualized environment for a "Guest OS" (such as Microsoft XP). It thus allows OS's to run on the same hardware concurrently.
[21] Essentially there are two main types of hypervisors; a "Type 1" runs directly on
hardware and a "Type 2" runs under an existing OS. Figure 1 shows a Type 1 hy- pervisor environment (10). OS 1 (20) can be a User Operating System (UOS) such as Microsoft XP. OS 2 (30) is a Service Operating System (SOS) used for client manageability such as Linux, or Microsoft Windows PE. These two OS's, and the hy- pervisor itself (40) run on the same hardware (50).
[22] Generally, in accordance with a preferred embodiment of the present invention, a hy- pervisor (140) is first loaded (160) to run under an OS (120). More particularly, hy- pervisor (140) is preferably loaded first (160), then the OS (120) loads, such that the hypervisor (140) runs under OS (120). Once loaded , the hypervisor (140) then preferably establishes a connection to the central server (170) , loads user data, "hooks" disk access modules, and then proceeds along a normal boot path. By "hooking" disk access modules, essentially the hypervisor avails itself to disk access modules so as to be able to trap hard drive read/writes as will now be described.
[23] Accordingly, each time the OS (120) attempts (175) to access a file on a local hard drive (180), the hypervisor (140) can preferably "trap" this access (175), thus preventing what would otherwise be communication (185) with a hard drive (180), and then essentially read (190) the requisite data from the server (170). In other words, when the OS (120) undertakes what is presumed to be a hard drive read or write, the hypervisor (140) traps or intercepts the read or write (175), redirects the read or write to remote storage on the network , and in this manner OS (120) "thinks" it is read/ writing the local drive when actually it is going across the network to a remote drive. LAN traffic is also preferably trapped so that there is not a conflict in access. (In other words, normal LAN data is preferably treated differently; priority can preferably be given to reads/writes from a remote drive, to the point of devoting, e.g., up to 80% or more of the bandwidth thereto as opposed to normal network traffic.)
[24] Expressed another way, the OS (120) is essentially "shrink-wrapped" and isolated from components or items with which it would normally communicate (e.g. a hard drive [180]) and the hypervisor (140) acts as a buffer or intermediary through which given types of communication will now take place. Or, a hypervisor (140) in accordance with at least one presently preferred embodiment of the present invention can "fool" a client OS (120) into "thinking" that it is booting from (or performing any type of reading or writing with respect to) a hard drive (180) when instead, for instance, calls (175) to a hard disk read sector are trapped and then sent (190) to the server (170). Accordingly, a hypervisor (140) is preferably configured to capture and accommodate normal booting communication (175) from an OS (120), that itself is normally configured to read or write with respect to a very specific medium (such as a hard drive [180]) and then divert (190) such communication to another location (e.g. server [170]) that can more freely and ably accommodate a variety of booting
commands. Thus, the OS (120) does not need to undergo any costly reconfiguration to ensure versatility; the hypervisor (140) acts as a buffer or intermediary to obviate that need. The remote location to which communication is diverted, of course, does not necessarily need to be a server as discussed above; it can be essentially any form of remote storage device, such as a SAN (storage area network) or NAS (network attached storage).
[25] It should be appreciated that although the use of a hypervisor to "trap" reads and writes to a hard drive has just been discussed, a hypervisor can certainly be much more versatile than this. For instance, if an OS is configured to read from or write to something other than a hard drive, a hypervisor can still "trap" such reads and writes. Essentially, in accordance with at least one presently preferred embodiment of the present invention, any read/write from an OS can be redirected by a hypervisor to remote storage.
[26] A variety of known processes are conceivable for securely loading (160) a hypervisor
(140). For instance, loading (160) could be accomplished via Flash, via a UEFI driver, or via a secure PXE (Preboot Execution Environment) boot (this could use Boot Integrity Services [BIS] or it could use any secure load method). The presently preferred loading mechanism is the use of a device utilizing the iSCSI (Internet Small Computer Systems Interface) protocol. Additional information on PXE boots is available in the Preboot Execution Environment (PXE) Specification (http colon dot dot slash slash www dot pix dot net slash software slash pxeboot slash archive slash pxespec dot pdf). Additional information on the iSCSI protocol is available in RFC 3720. (http colon slash slash www dot faqs dot org slash rfcs slash rfc3720 dot html). Though essentially any suitable hypervisor may be used in accordance with the embodiments of the present invention, the "Xen" hypervisor is the presently preferred hypervisor. The Xen hypervisor is an open source software development. Additional information about a Xen hypervisor may be found at http colon slash slash www xensource dot com.
[27] It is conceivable to run more than one OS on the base of a common hypervisor in accordance with the embodiments of the present invention. For instance, Windows XP and Linux could run simultaneously on top of a single hypervisor, and the hypervisor could translate reads/writes from both OS's from local to remote storage. In point of fact, there is conceivably no limit to the number of OS's that could run on the base of a common hypervisor.
[28] It is to be understood that the present invention, in accordance with at least one presently preferred embodiment, includes elements that may be implemented on at least one general-purpose computer running suitable software programs. These may also be implemented on at least one Integrated Circuit or part of at least one Integrated
Circuit. Thus, it is to be understood that the invention may be implemented in hardware, software, or a combination of both.
[29] If not otherwise stated herein, it is to be assumed that all patents, patent applications, patent publications and other publications (including web-based publications) mentioned and cited herein are hereby fully incorporated by reference herein as if set forth in their entirety herein.
[30] Although illustrative embodiments of the present invention have been described herein with reference to the accompanying drawings, it is to be understood that the invention is not limited to those precise embodiments, and that various other changes and modifications may be affected therein by one skilled in the art without departing from the scope or spirit of the invention.