Home > Blogs > VMware Company Blog > Monthly Archives: July 2007

Monthly Archives: July 2007

Get Juiced!

[photo of Srinivas Krishnamurti]

Posted by Srinivas Krishnamurti
Director of Product Management and Market Development

Just what the heck is Juice?  Juice is the pronunciation for JeOS, which stands for “Just Enough OS.”  So, why should you care about JeOS, or Just Enough of the OS?  Why would you install JeOS instead of the full blown general purpose operating system?  Before I get into the details, I want to clarify that this is not an operating system that VMware is developing, marketing or selling.  JeOS is a concept for what an operating system should look like in the context of a virtual appliance. 

Let’s start at the beginning. 

Traditionally, the general purpose OS has performed two high-level functions:

  1. Provided a stable and consistent set of interfaces and libraries to support the range of applications the operating system might need to run.
  2. Managed and allocated the various hardware resources of the host system, thereby abstracting the specific type of hardware from the application that sits on top.   

How has this changed recently?

Over time, the general purpose OS has grown significantly in size and complexity.  This expansion has come from its need to support a growing number of applications and devices.  To support the increasingly complex needs of this myriad of applications, OS vendors have added more interfaces, libraries, and functions with each release.  As a result, operating systems have ballooned, becoming bloated, complex, and far less secure.  Most operating systems now require at least 1 GB of RAM just to run because of the various necessary and unnecessary services that are loaded into memory, as well as a few GB of disk space.  Because the foot print is huge, keeping the OS and your data center secure requires that it be patched more often than ever before.

So, how can virtualization help?

The first is by virtualizing your environment with VMware Infrastructure.  Traditionally, in a non-virtualized environment, the general purpose operating system has to be able to interface with thousands of different devices, with each and every NIC and IDE drive, etc. that are present in a typical server box.  But, by installing VMware Infrastructure’s thin hypervisor layer which presents a select set of hardware devices and resources to the OS layer above, the components of the OS that were responsible for managing every variation of device ever manufactured are no longer needed.  Poof, off they go!  The OS has now been reduced in size.

But, can we do better?

Most servers today run just a single application – one database or one file/print server or one Exchange server – but never multiple disparate applications all at once on the same OS instance.  The question then is, if you run just one app per server, wouldn’t it make more sense to have only the OS components needed for that app rather than a general purpose OS that is slow, less secure and hard to manage?  Do you really need an ActiveX control on your Exchange server?  Do you really need all those services that are running in memory?

By ripping out the operating system interfaces, functions, and libraries and automatically turning off the unnecessary services that your application does not require, and by tailoring it to the needs of the application, you are now down to a lithe, high performing, secure operating system – Just Enough of the Operating System, that is, or JeOS. 

Why should you get juiced?

An OS finely tuned to the application it supports is smaller, more secure, easier to manage, and higher performing than a general purpose OS.   A smaller footprint means IT organizations can run more instances per server.  Tailoring the OS specifically to the app enables the removal of vulnerable components such as the browser from Windows and therefore significantly reduces the number of vulnerabilities and patches required to address those vulnerabilities.

Bringing it all together…

Ok, you get it.  JeOS makes sense.  But, how do we really make software hassle free?  How do we enable customers to gain value from their enterprise applications immediately and not get bogged down in managing the OS?  We run JeOS in a Virtual Appliance.  To recap from one of my earlier blog postings, Virtual Appliances are pre-built, pre-configured, ready-to-run enterprise software applications packaged along with an operating system within a virtual machine.  With the ISV tailoring the general purpose operating system down to a JeOS and packaging it along with their app inside a Virtual Appliance, all of the headaches associated with deploying, patching, and managing the OS are removed.  The ISV now takes responsibility for managing the Virtual Appliance (which includes both the JeOS and the app) and the customer can now focus managing their business, not the OS.  Furthermore, because the ISV now has full accountability for the entire Virtual Appliance, customers can be assured that they will invest more in fully integrating and testing the solution so that it works better together, faster.   

Real world JeOS examples

  1. BEA:  BEA announced in December 2006 that they are working on a technology that allows Java applications to run directly on virtualized hardware running VMware Infrastructure to offer better flexibility and efficiency.  WLS-VE combines WebLogic Server with BEA’s Liquid VM, a virtualization-optimized JVM.  Liquid VM is a slimmed down OS written only to run Java virtual machines and is not a general purpose OS.  Supposedly it requires only 100MB of RAM.  Now you’re talking…

  2. VMware: As part of VMware ACE 2, VMware is shipping a virtual appliance that offers management capabilities.  We ripped out parts of Debian we didn’t need and reduced the OS size to be ~20 MB.  That’s all the OS we needed to run the ACE Management Server.

  3. Microsoft: One of the interesting features first introduced in Windows Server 2003 and enhanced immensely in Longhorn is roles, described in the Server Core section on the Longhorn overview page as follows (emphasis mine):

    Server Core: Beginning with the Beta 2 release of Windows Server "Longhorn," administrators can choose to install Windows Server with only the services required to perform the DHCP, DNS, file server, or domain controller roles. This new installation option will not install non-essential services and applications and will provide base server functionality without any extra overhead. While the Server Core installation option is a fully functioning mode of the operating system supporting one of the designate roles, it does not include the server graphic user interface (GUI). Because Server Core installations include only what is required for the designated roles, a Server Core installation will typically require less maintenance and fewer updates as there are fewer components to manage. In other words, since there are fewer programs and components installed and running on the server, there are fewer attack vectors exposed to the network, resulting in a reduced attack surface. If a security flaw or vulnerability is discovered in a component that is not installed, a patch is not required.

There you have it…  Even Microsoft Windows is adopting JeOS concepts. :-) The next step would be to allow users to create their own roles so they can create their own juiced Windows.

JeOS is a slimmed down version of an OS that is tailored to match the needs of the application it supports.  It is therefore smaller, more secure, easier to manage and definitely a much better way to go.  Thin is definitely in!

The benefits of deploying juiced operating systems in the form of virtual appliances are simply too significant for customers to not ask for them.  This trend in operating systems is exciting and game changing (see press coverage).  It will be interesting to see how OS vendors adapt both in terms of technology as well as pricing/licensing.  Either way, next time you’re thinking about buying a new application, ask the vendor for a virtual appliance – it is the best way to simplify your IT landscape.

[For more information on virtual appliances and to download one today, visit the Virtual Appliance Marketplace.]