Practical Solution: Award-Winning Paper Suggests New Path to Hardware Virtualization
A team of student researchers guided by Kyle Hale, assistant professor of computer science at Illinois Institute of Technology, earned the Gilles Muller Best Artifact Award at the European Conference on Computer Systems (EuroSys ’22) for their work on a software framework that enables easy isolation of functions within applications.
“Isolating Functions at the Hardware Limit with Virtines” questions the idea that hardware virtualization is slow and impractical. The Virtines software approach does not require the use of specialized hardware and applies easy-to-use language extensions to make hardware virtualization more practical to use.
“We asked, ‘Is it really slow, or is it just the way that it’s used?’” Hale says.
There had been some prior work in the community pointing out that lightweight operating systems, like Unikernels, can drastically lower virtualization costs. The team’s key insight was to apply this idea to the increasingly important domain of function isolation.
By working with existing hardware and developing language extensions that require changing just a handful of words in code, the Virtines platform executes virtualized functions while reducing the overhead of traditional environments. This allows users to isolate their applications in cloud computing, databases, third-party libraries, and serverless computing with ease—meaning that programmers can establish their applications within these platforms without worry that outside users will break into their applications and poach their data.
Although Hale serves as the conceptual lead on the Virtines project, he credits his team of student researchers for conducting the bulk of the work. Nicholas Wanninger (CS ’21), Joshua Bowden (CS/M.S. CS ’21), Kirtankumar Shetty (CS/M.S. CS 5th Year), and Ayush Garg (CS/M.S. CS 5th Year) all worked on the Virtines project as undergraduate students in Hale’s laboratory for high-performance, experimental systems and architecture (HExSA).
Wanninger, the lead author of the paper, became actively involved in HExSA Lab during his second year at Illinois Tech after taking a couple of courses with Hale. He says having the opportunity to conduct research as an undergraduate was undeniably key for him getting accepted into Northwestern University’s computer science Ph.D. program.
“Ph.D. programs are significantly more likely to accept students who have already shown interest in research,” he says. “In Professor Hale’s lab, I often attended meetings with the folks at Northwestern, and elsewhere, to get experience with the process of research.”
Wanninger also traveled to the conference in Rennes, France, to present the paper and represent the research team. He says he enjoyed the experience of traveling abroad and networking with other researchers.
Garg and Shetty both say this research experience introduced them to the world of serverless computing, and conducting research in this unfamiliar area was challenging. However, through their coursework, by reading research papers, and by having weekly meetings with Hale and the HExSA lab team, they were able to successfully carry out the project and get their work published.
“I gained technical skills that will not only help in a research setting but also help me in the industry,” Garg says. “As you keep up to date with the state of the art, you learn to look for varied/different approaches and their pros and cons while making decisions.”
“Being able to contribute to novelty is a skill that is critical to many research-driven organizations,” Shetty says. “I consider this experience as extremely important for my long-term career goal.”
Shetty and Garg were assigned to test Virtines on open-source serverless platforms, and after discovering that the Virtines framework was not compatible, they developed a new platform, Vespid, to support the serverless use case.
“We concluded that the existing open-source serverless platforms are very tightly integrated with containers, and re-engineering them to spawn Virtines would be a big challenge,” Shetty says. “So we decided to build our own platform.”
“There were times when we would get arbitrary and unexpected results, but instead of giving up, we would dig deeper until we found the root cause and then start from there,” Garg says. “The biggest lesson that I learned is that patience and persistence are the keys to successful research."
Although the research team has demonstrated that Virtines can function as a virtualization solution, more research will be conducted to automatically synthesize lightweight runtime environments, to understand the security implications, and to support more high-level languages.
“I believe that Virtines is the way forward to providing function as a service, but there is a lot of research that needs to be done to overcome the engineering challenges,” Shetty says.
Wanninger says that it took a long journey to get the work published. It had been submitted to other conferences before being accepted at EuroSys ’22, a top computer systems venue. Although it wasn’t accepted at the other conferences, he says that the team received valuable feedback to improve the work.
“We got a load of really helpful reviews that helped us to improve our paper, and we never really got discouraged as a result,” Wanninger says. “It might sound cliche, but I learned how to accept failure as a learning opportunity.”
“This was a great example of the peer review process working out,” Hale says. “We knew we had a good idea from the start, but by getting feedback and new perspectives from other researchers, we ended up with a better paper and better software, which is ultimately a win for everyone.”
Hale says he feels it is important to give students an early start in research, and HExSA Lab is always open to ambitious and curious researchers.
“It is important for students getting started in their research career to realize that learning how to leverage criticism from peers to positively improve the work is a critical part of the research process,” he says.
Photo: A diagram of how virtines work (provided)