Stratus VOS

VOS or OpenVOS
Developer Stratus Technologies
OS family Multics-like
Working state Current
Source model Closed source
Platforms i860, x86, PA-RISC, 68k
Kernel type Monolithic kernel
License Kernel: Stratus Technologies
Drivers, libraries, and user-land programs: Stratus Technologies, Other
Official website http://www.stratus.com/

VOS (Virtual Operating System) is a proprietary operating system running on Stratus Technologies fault-tolerant computer systems. VOS is available on Stratus's ftServer and Continuum platforms.[1] VOS customers use it to support critical, high-volume transaction processing applications which require continuous availability. VOS is notable for being one of the few operating systems which run on fully lockstepped hardware.

History

VOS was designed from its inception as a high-security transaction-processing environment tailored to fault-tolerant hardware.[2] It incorporates much of the design experience that came out of the famous MIT/Bell-Laboratories/General-Electric (later Honeywell) MULTICS project.

In recent years, Stratus has added POSIX-compliance, and many open source packages can run on VOS.[3]

Development

Programming for VOS

VOS provides compilers for PL/I, COBOL, Pascal, FORTRAN, VOS C, BASIC, and C++.[4] Each of these programming languages can make VOS system calls (e.g. s$seq_read to read a record from a file), and has extensions to support varying-length strings in PL/I style. Developers typically code in their favourite VOS text editor, or offline, before compiling on the system; there are no VOS IDE applications.

In its history, Stratus has offered hardware platforms based on the Motorola 68000 microprocessor family ("FT" and "XA" series), the Intel i860 microprocessor family ("XA/R" series), the HP PA-RISC processor family ("Continuum" series), and the Intel Xeon x86 processor family ("V Series"). All versions of VOS offer compilers targeted at the native instruction set, and some versions of VOS offer cross-compilers.

Stratus added support for the POSIX API in VOS Release 14.3 (on Continuum), and added support for the GNU C/C++ compiler, GNU gdb debugger, and many POSIX commands in VOS Release 14.4. Each additional release of VOS has added more POSIX.1 capabilities, to the point where many user-mode open-source packages can now be successfully built. For this reason, beginning with Release 17.0, Stratus renamed VOS to OpenVOS.

Stratus offers supported ports of Samba, OpenSSL, OpenSSH, GNU Privacy Guard, OpenLDAP, Berkeley DB, MySQL Community Server, Apache, IBM WebSphere MQ, and the community edition of Java.

Numeric values in VOS are always big endian, regardless of the endianness of the underlying hardware platform. On little endian servers with x86 processors, the compilers do a byte swap before reading or writing values to memory to transform the data to or from the native little endian format.

Command Macro Language

VOS has a fairly complete command macro language which can be used to create menu systems, automate tasks etc. VOS command macros accept arguments on the command-line or via a user interface "form". Arguments are defined at the beginning of the command macro in a "parameters" section. The language supports a range of statements, including if/then/else, boolean operations, "while" loops, "goto" and excellent error reporting. The command macro language can be executed in interactive and non-interactive modes. It can be used to automate programs, capturing prompts and sending appropriate responses. This has led Stratus to limit the capabilities of the command macro language.[5]

The macro language lacks support for user-defined functions and does not easily support include files. The string handling is prone to errors, especially with embedded control characters.

Overview

VOS was coded mainly in PL/I with a small amount of assembly language before it was migrated to ftServer series but now it is coded in POSIX compliant C & C++, assembly language and legacy PL/I. Its overall structure has much in common with Multics, and many of the system's sophisticated features can be traced back to Multics to varying degrees. The system exposes a number of fundamental abstractions to the software designer or programmer, most notable being

A process is the scheduled entity in VOS and each process has a set of attributes that govern how it is manipulated by the system. For example processes have a user name and process name. The former is used by VOS to determine the process's access rights to external devices and items with the file system. Of fundamental significance is a process's privileged flag, which is a binary attribute. Privileged processes may perform privileged operations. This mechanism is used to restrict certain potentially powerful operations that can have system wide consequences (e.g. shutting down the system, dismounting a hard disk etc.).

Distribution

VOS is distributed only by Stratus Technologies. The distribution media is a 3.5 mm DAT tape for Continuum, and an SDLT tape for early V Series platforms. As of OpenVOS Release 17.0, Stratus offers support for distributing OpenVOS on a DVD or by downloading a release file. Software installations may be done by the Stratus Field Engineer or by the customer's system administrator.

Interface

The command-line interface is the main, and most powerful, user interface for a VOS system.

Users may be locked into "form" based sub-system by command macro scripts[6] if required, although a skilled user would be able to break out of this and get command-line access. (It is, in fact, possible for a Stratus system administrator to set up a user's account such that an attempt to break out of FMS—the Stratus Forms Management System—to the command line results in the user being logged out. Therefore this is not an approach to be recommended.)

Command macros and programs can be invoked with an argument to display a form listing all the available parameters, which the user can navigate using the "tab" key. Each parameter is generally restricted to control what the user can input. This includes lists of valid values, numeric-only, text-only, etc. Parameters can also be hidden using a "secret" tag, or made mandatory.

All commands in VOS are defined in full with underbars to separate words, for example change_current_dir to change directory to a given path. The VOS help system uses this convention to assist users who are looking for a subset of possible commands; for instance, those referring to "change." The command-line call to find this subset is help -match change.

Every user has a file which contains a list of standard abbreviations for common commands, command strings, or commands with common variables. Command abbreviations are conventionally named after the first letters of the command they represent, so ccd foodir may be expanded to change_current_dir foodir.

The user can add, delete or modify the abbreviations, and many experienced VOS users have an abbreviations file built up over a long time that they bring with them to new systems and jobs.

VOS processes run a start-up command start_up.cm on login. Optionally, and on a per-line basis, this may apply to non-interactive processes. This command macro can be used for a variety of purposes including loading multiple custom abbreviations files, setting custom file-paths, loading emacs customisations etc. Experienced users will also generally have a custom start-up command macro that they may wish to use on new systems.

Applications

System applications

VOS is used on Continuum and ftServer systems, both of which are designed to be highly fault-tolerant. As such, these systems are typically used in safety-critical or mission-critical applications, typically banks, hospitals, telecommunications and transaction processing companies.[7]

Communications

VOS supports the following protocols[4]

Older versions of VOS implemented a non-OSI standard TCP/IP known as OS TCP/IP. VOS since version 14.x has implemented OSI-compliant Streams-TCP. Older applications using OS TCP/IP have to be ported in order to use STCP.[8] This can mean a loss of functionality as OS TCP/IP supported several functions that are not OSI-compliant and have therefore been abandoned. The ftServer hardware that V Series runs on only supports TCP/IP and X.25. Websphere MQ 6.0 (aka MQ Series) is TCP/IP based; so, that is also supported by ftServer hardware. Devices supporting the legacy protocols run on the Continuum hardware and may be accessed from current hardware over the Open StrataLINK[9] network.

Fault tolerance

Fault tolerance is built into VOS from the bottom up. On a hardware level, major devices are run in lock stepped duplex mode, meaning that there are two identical devices performing the same action at the same time. (In addition, each device, or board, is also duplexed in order to identify internal board failures at a hardware level, which is why Stratus hardware can be defined as "lock stepped".) These boards are actively monitored by the operating system which can correct any minor inconsistencies (such as bad disk-writes or reads). Any boards which report an unacceptable number of faults are removed from service by the system; the duplexed board will continue operation until the problem is resolved via a hot-fix. This includes CPUs, disk drives, and any other device that can logically be duplexed (which by definition, excludes communications devices). The system will continue processing as normal and will automatically raise a fault ticket with Stratus Customer Service via RSN (the Remote Service Network). Stratus Customer Service will then dial into the system using RSN to investigate the problem and dispatch replacement parts.

The operating system is designed to avoid crashes due to a simplexed hardware failure.

File system

VOS supports a number of unique file types:

The VOS API allows the creation of multiple indexes per file, sorting according to the contents of a record, or an external key, or an internal key, or a well-defined set of multiple keys. A VOS file with one or more indexes can be used as a C-ISAM database table.

VOS uses a proprietary file naming syntax which includes the system name, module name, disk number, and directory, with components separated by the ">" symbol. Typically the system disk will be housed in the same module as the CPU, #m1, so a system file for a VOS cluster would be referenced as

(%system)#m1_d01>system>devices.table

VOS disk allocation and memory is organised in "blocks", each block being 4,096 bytes. Memory takes the form of RAM or paging. VOS systems support paging partitions and paging files. In modern versions of VOS, paging files can be created dynamically by the SysAdmin (but not removed without a reboot). These paging files can in theory consist of more than one extent (which is viewed by the kernel as a mini-paging partition) which may or may not be contiguous. However, non-contiguous extents are NOT recommended as they greatly increase disk activity. Admin should create the largest possible extent for the paging files as early as possible after the system has been booted.[10]

File system security

VOS supports write, read, execute, and null access to all files, directories and devices (although directories and files have slightly different access lists). Access can be assigned to users, groups, or the world. Only read access is required to run an executable program, provided that the user has "execute" privileges for the directory in which that program sits.

VOS inherited access control lists from Multics and also implements directory access control lists. If a file does not have an access control list, the containing directory's default access control list applies.

Access to devices is typically controlled by creating a file which is linked to the device by the administrator. (This may be true in OpenVOS, but does not apply to the original operating system.) Access is then given to this file, and this sets the access on the device.

Access to operating systems commands is controlled by adding the command to a table in the system directory, and defining which users or groups have access to that command. Badly configuring this file has been known to force reboots of systems . In general, however, the VOS kernel is designed to be robust in the face of user-space errors, including misconfiguration of table files under #d01>system, which is intentionally the sole directory to contain configuration (table) files.

Open StrataLINK

VOS has always been a network aware operating system. Virtually every system call in the native API[11][12] has a parameter that determines what computer the operation affects. If the operation isn't local, it is redirected to the target computer via remote subroutine call. For example, file names are parsed to indicate which computer the file resides on.

The StrataLINK networking model has a two level hierarchy for naming computers: Each computer is called a module and modules are aggregated into systems. Each system is administered as a unit. In other words, all of the modules in a system are aware of all the disks and hardware devices on that system. The result of this is that a file name that begins with the system name refers to files on other computers and can be opened without the need for any special networking. The same is true for devices. Other system entities, such as processes, are referenced using module names which are written %system#module. The VOS system and module names have no defined relationship with IP addresses or domain names -- The VOS API was developed in late 1980 -- before the Internet was widely adopted and long before URLs were even invented.

Historically, StrataLINK was a proprietary 10Mb CSMA/CD ring network which allowed high performance (for the time) with very low memory overhead and CPU utilization. This was never developed beyond 10Mb and was dropped in favor of using TCP/IP because Ethernet became the dominant networking standard and because memory and CPU processing got cheaper.

Open StrataLINK can also use X.25 for wide area communications. Using the Open StrataLINK protocols for wide area communications is also referred to as StrataNET.

See also

References

External links