Abstract
Unikernel specializes a minimalistic LibOS and a target application into a standalone single-purpose virtual machine (VM) running on a hypervisor, which is referred to as (virtual) appliance. Compared to traditional VMs, Unikernel appliances have smaller memory footprint and lower overhead while guaranteeing the same level of isolation. On the downside, Unikernel strips off the process abstraction from its monolithic appliance and thus sacrifices flexibility, efficiency, and applicability.
In this article, we examine whether there is a balance embracing the best of both Unikernel appliances (strong isolation) and processes (high flexibility/efficiency). We present KylinX, a dynamic library operating system for simplified and efficient cloud virtualization by providing the pVM (process-like VM) abstraction. A pVM takes the hypervisor as an OS and the Unikernel appliance as a process allowing both page-level and library-level dynamic mapping. At the page level, KylinX supports pVM fork plus a set of API for inter-pVM communication (IpC, which is compatible with conventional UNIX IPC). At the library level, KylinX supports shared libraries to be linked to a Unikernel appliance at runtime. KylinX enforces mapping restrictions against potential threats. We implement a prototype of KylinX by modifying MiniOS and Xen tools. Extensive experimental results show that KylinX achieves similar performance both in micro benchmarks (fork, IpC, library update, etc.) and in applications (Redis, web server, and DNS server) compared to conventional processes, while retaining the strong isolation benefit of VMs/Unikernels.
- Erlangonxen.org. [n.d.]. Retrieved December 23, 2020 from https://github.com/cloudozer/ling.Google Scholar
- The LuaJIT Project. [n.d.]. Retrieved December 23, 2020 from http://luajit.org/.Google Scholar
- The Linux man-pages project. [n.d.]. Retrieved December 23, 2020 from https://man7.org/linux/man-pages/man2/syscalls.2.html.Google Scholar
- AWS. [n.d.]. Retrieved December 23, 2020 from https://aws.amazon.com/ec2/.Google Scholar
- AWS. [n.d.]. Retrieved December 23, 2020 from https://aws.amazon.com/cn/lambda/.Google Scholar
- Microsoft. [n.d.]. Retrieved December 23, 2020 from https://azure.microsoft.com/en-us/services/kubernetes-service/.Google Scholar
- Wikipedia. [n.d.]. Retrieved December 23, 2020 from https://en.wikipedia.org/wiki/Daytime_Protocol.Google Scholar
- Firecracker. [n.d.]. Retrieved December 23, 2020 from https://firecracker-microvm.github.io/.Google Scholar
- Thomas Porzelt. [n.d.]. Retrieved December 23, 2020 from https://github.com/lighttpd/weighttp/.Google Scholar
- gVisor. [n.d.]. Retrieved December 23, 2020 from https://gvisor.dev/.Google Scholar
- The HTTP server project. [n.d.]. Retrieved December 23, 2020 from https://httpd.apache.org/.Google Scholar
- Katacontainers. [n.d.]. Retrieved December 23, 2020 from https://katacontainers.io/.Google Scholar
- L4Linux. [n.d.]. Retrieved December 23, 2020 from https://l4linux.org/.Google Scholar
- Canonical Ltd. [n.d.]. Retrieved December 23, 2020 from https://linuxcontainers.org/.Google Scholar
- The OCaml Project. [n.d.]. Retrieved December 23, 2020 from https://ocaml.org/.Google Scholar
- MIT PDOS. [n.d.]. Retrieved December 23, 2020 from https://pdos.csail.mit.edu/6.828/2018/labs/lab6/.Google Scholar
- Intel. [n.d.]. Retrieved December 23, 2020 from https://qdms.intel.com/dm/i.aspx/5A160770-FC47-47A0-BF8A-062540456F0A/PCN114074-00.pdf.Google Scholar
- RedisLabs. [n.d.]. Retrieved December 23, 2020 from https://redis.io/.Google Scholar
- The Xen Project. [n.d.]. Retrieved December 23, 2020 from https://wiki.xenproject.org/wiki/Mini-OS.Google Scholar
- Docker, Inc. [n.d.]. Retrieved December 23, 2020 from https://www.docker.com/.Google Scholar
- The GNU C Library Project. [n.d.]. Retrieved December 23, 2020 from https://www.gnu.org/software/libc/.Google Scholar
- Internet Systems Consortium, Inc. [n.d.]. Retrieved December 23, 2020 from https://www.isc.org/downloads/bind/.Google Scholar
- Philip Guenther. [n.d.]. Retrieved December 23, 2020 from https://www.openbsd.org/papers/eurobsdcon2014_securelazy/slide003a.html.Google Scholar
- Unikraft Team. [n.d.]. Retrieved December 23, 2020 from https://xenproject.org/developers/teams/unikraft/.Google Scholar
- The Core Project. [n.d.]. Retrieved December 23, 2020 from http://tinycorelinux.net/.Google Scholar
- The UML Project. [n.d.]. Retrieved December 23, 2020 from http://user-mode-linux.sourceforge.net/.Google Scholar
- The GNU Hurd Project. [n.d.]. Retrieved December 23, 2020 from https://www.gnu.org/software/hurd/hurd.html.Google Scholar
- Game Sparks Technologies Ltd. [n.d.]. Retrieved December 23, 2020 from http://www.gamesparks.com/.Google Scholar
- Oracle. [n.d.]. Retrieved December 23, 2020 from http://www.java.com/.Google Scholar
- Red Hat, Inc. [n.d.]. Retrieved December 23, 2020 from https://www.linux-kvm.org/.Google Scholar
- The Musl Libc Project. [n.d.]. Retrieved December 23, 2020 from http://musl.libc.org/.Google Scholar
- SAS Institute, Inc. [n.d.]. Retrieved December 23, 2020 from http://www.sas.com/en_us/home.html.Google Scholar
- Jack Clark. [n.d.]. Retrieved December 23, 2020 from https://www.theregister.com/2014/05/23/google_containerization_two_billion/.Google Scholar
- Mohammed Raffic. [n.d.]. Retrieved December 23, 2020 from http://www.vmwarearena.com/difference-between-vmware-esx-and-esxi/.Google Scholar
- Samer Al-Kiswany, Dinesh Subhraveti, Prasenjit Sarkar, and Matei Ripeanu. 2011. VMFlock: Virtual machine co-migration for the cloud. In Proceedings of the 20th International Symposium on High Performance Distributed Computing. ACM, 159--170.Google Scholar
Digital Library
- Melvin J. Anderson, Micha Moffie, and Chris I. Dalton. 2007. Towards Trustworthy Virtualisation Environments: Xen Library OS Security Service Infrastructure. Technical Report. HP Tech Report (2007), 88--111.Google Scholar
- Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Daniel O’Keeffe, Mark L. Stillwell, et al. 2016. SCONE: Secure Linux containers with Intel SGX. In Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI’16).Google Scholar
Digital Library
- Jeff Arnold and M. Frans Kaashoek. 2009. Ksplice: Automatic rebootless kernel updates. In Proceedings of the 4th ACM European Conference on Computer Systems. ACM, 187--198.Google Scholar
- Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, and Andrew Warfield. 2003. Xen and the art of virtualization. ACM SIGOPS Op. Syst. Rev. 37, 5 (2003), 164--177.Google Scholar
Digital Library
- Andrew Baumann, Paul Barham, Pierre-Evariste Dagand, Tim Harris, Rebecca Isaacs, Simon Peter, Timothy Roscoe, Adrian Schüpbach, and Akhilesh Singhania. 2009. The multikernel: A new OS architecture for scalable multicore systems. In Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles. ACM, 29--44.Google Scholar
Digital Library
- Andrew Baumann, Dongyoon Lee, Pedro Fonseca, Lisa Glendenning, Jacob R. Lorch, Barry Bond, Reuben Olinsky, and Galen C. Hunt. 2013. Composing OS extensions safely and efficiently with Bascule. In Proceedings of the 8th ACM European Conference on Computer Systems. ACM, 239--252.Google Scholar
- Andrew Baumann, Marcus Peinado, and Galen Hunt. 2014. Shielding applications from an untrusted cloud with haven. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI’14).Google Scholar
- Adam Belay, Andrea Bittau, Ali Mashtizadeh, David Terei, David Mazières, and Christos Kozyrakis. 2012. Dune: Safe user-level access to privileged CPU features. In Proceedings of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI’12). 335--348.Google Scholar
- Adam Belay, George Prekas, Ana Klimovic, Samuel Grossman, Christos Kozyrakis, and Edouard Bugnion. 2014. IX: A protected dataplane operating system for high throughput and low latency. In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI’14). 49--65.Google Scholar
Digital Library
- R. John Brockmann. 1990. The why, where and how of minimalism. In ACM SIGDOC Aster. J. Comput. Docum. 14 (1990). ACM, 111--119.Google Scholar
Digital Library
- Edouard Bugnion, Scott Devine, and Mendel Rosenblum. 1997. DISCO: Running commodity operating systems on scalable multiprocessors. In Proceedings of the 16th ACM Symposium on Operating System Principles (SOSP’97), Michel Banâtre, Henry M. Levy, and William M. Waite (Eds.). ACM, 143--156. DOI:https://doi.org/10.1145/268998.266672Google Scholar
Digital Library
- George Candea, Shinichi Kawamoto, Yuichi Fujiki, Greg Friedman, and Armando Fox. 2004. A microrebootable system—Design, implementation, and evaluation. In Proceedings of the 6th USENIX Symposium on Operating Systems Design and Implementation (OSDI’04).Google Scholar
- Haibo Chen, Jie Yu, Rong Chen, Binyu Zang, and Pen-Chung Yew. 2007. POLUS: A powerful live updating system. In Proceedings of the 29th International Conference on Software Engineering. IEEE Computer Society, 271--281.Google Scholar
Digital Library
- Patrick Colp, Mihir Nanavati, Jun Zhu, William Aiello, George Coker, Tim Deegan, Peter Loscocco, and Andrew Warfield. 2011. Breaking up is hard to do: Security and functionality in a commodity hypervisor. In Proceedings of the 23rd ACM Symposium on Operating Systems Principles. ACM, 189--202.Google Scholar
Digital Library
- John R. Douceur, Jeremy Elson, Jon Howell, and Jacob R. Lorch. 2008. Leveraging legacy code to deploy desktop applications on the web. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI’08), Vol. 8. 339--354.Google Scholar
- Dawson R. Engler, M. Frans Kaashoek et al. 1995. Exokernel: An operating system architecture for application-level resource management. In Proceedings of the 15th ACM Symposium on Operating Systems Principles. ACM.Google Scholar
- Bryan Ford and Jay Lepreau. 1994. Evolving mach 3.0 to a migrating thread model. In Proceedings of the USENIX Winter Technical Conference. USENIX Association, 97--114. Retrieved from https://www.usenix.org/conference/usenix-winter-1994-technical-conference/evolving-mach-30-migrating-thread-model.Google Scholar
- Diwaker Gupta, Sangmin Lee, Michael Vrable, Stefan Savage, Alex C. Snoeren, George Varghese, Geoffrey M. Voelker, and Amin Vahdat. 2010. Difference engine: Harnessing memory redundancy in virtual machines. Commun. ACM 53, 10 (2010), 85--93.Google Scholar
Digital Library
- Christopher M. Hayden, Edward K. Smith, Michail Denchev, Michael Hicks, and Jeffrey S. Foster. 2012. Kitsune: Efficient, general-purpose dynamic software updating for C. ACM SIGPLAN Not. 47 (2012). ACM, 249--264.Google Scholar
- Jin Heo, Xiaoyun Zhu, Pradeep Padala, and Zhikui Wang. 2009. Memory overbooking and dynamic control of Xen virtual machines in consolidated environments. In Proceedings of the IFIP/IEEE International Symposium on Integrated Network Management (IM’09). IEEE, 630--637.Google Scholar
- Jon Howell, Bryan Parno, and John R. Douceur. 2013. Embassies: Radically refactoring the web. In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation. 529--545.Google Scholar
- Jon Howell, Bryan Parno, and John R. Douceur. 2013. How to run POSIX apps in a minimal picoprocess. In Proceedings of the USENIX Annual Technical Conference. 321--332.Google Scholar
- Tyler Hunt, Zhiting Zhu, Yuanzhong Xu, Simon Peter, and Emmett Witchel. 2016. Ryoan: A distributed sandbox for untrusted computation on secret data. In Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation. USENIX Association, 533--549.Google Scholar
- Van Jacobson and Bob Felderman. 2006. Speeding up networking. In Proceedings of the Ottawa Linux Symposium.Google Scholar
- Poul-Henning Kamp and Robert N. M. Watson. 2000. Jails: Confining the omnipotent root. In Proceedings of the 2nd International SANE Conference 43 (2000), 116.Google Scholar
- Svilen Kanev, Juan Pablo Darago, Kim M. Hazelwood, Parthasarathy Ranganathan, Tipp Moseley, Gu-Yeon Wei, and David M. Brooks. 2015. Profiling a warehouse-scale computer. In Proceedings of the 42nd International Symposium on Computer Architecture, Deborah T. Marr and David H. Albonesi (Eds.). ACM, 158--169. DOI:https://doi.org/10.1145/2749469.2750392Google Scholar
- Anti Kantee and Justin Cormack. 2014. Rump kernels: No OS? No problems!Mag. USENIX 8 SAGE 39, 5 (2014), 11--17.Google Scholar
- Avi Kivity, Dor Laor, Glauber Costa, Pekka Enberg, Nadav Har’El, Don Marti, and Vlad Zolotarov. 2014. OSv: Optimizing the operating system for virtual machines. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC’14). 61--72.Google Scholar
- Horacio Andrés Lagar-Cavilla, Joseph Andrew Whitney, Adin Matthew Scannell, Philip Patchin, Stephen M. Rumble, Eyal De Lara, Michael Brudno, and Mahadev Satyanarayanan. 2009. SnowFlock: Rapid virtual machine cloning for cloud computing. In Proceedings of the 4th ACM European Conference on Computer Systems. ACM, 1--12.Google Scholar
Digital Library
- Robert P. Cook and Insup Lee. 2003. Dymos: A dynamic modification system. ACM SIGSOFT Software Engineering Notes 18, 8 (2003), 202--202.Google Scholar
- Huiba Li, Yiming Zhang, Dongsheng Li, Zhiming Zhang, Shengyun Liu, Peng Huang, Zheng Qin, Kai Chen, and Yongqiang Xiong. 2019. URSA: Hybrid block storage for cloud-scale virtual disks. In Proceedings of the 14th EuroSys Conference. 15:1--15:17. DOI:https://doi.org/10.1145/3302424.3303967Google Scholar
Digital Library
- Huiba Li, Yiming Zhang, Zhiming Zhang, Shengyun Liu, Dongsheng Li, Xiaohui Liu, and Yuxing Peng. 2017. PARIX: Speculative partial writes in erasure-coded systems. In Proceedings of the USENIX Annual Technical Conference. USENIX Association, 581--587.Google Scholar
- James Litton, Anjo Vahldiek-Oberwagner, Eslam Elnikety, Deepak Garg, Bobby Bhattacharjee, and Peter Druschel. 2016. Light-weight contexts: An OS abstraction for safety and performance. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI’16). USENIX, 49--64.Google Scholar
- Jacob R. Lorch, Andrew Baumann, Lisa Glendenning, Dutch T. Meyer, and Andrew Warfield. 2015. Tardigrade: Leveraging lightweight virtual machines to easily and efficiently construct fault-tolerant services. In Proceedings of the 12th USENIX Symposium on Networked Systems Design and Implementation (NSDI’15). 575--588.Google Scholar
- Anil Madhavapeddy, Thomas Leonard, Magnus Skjegstad, Thomas Gazagnaire, David Sheets, Dave Scott, Richard Mortier, Amir Chaudhry, Balraj Singh, Jon Ludlam, et al. 2015. Jitsu: Just-in-time summoning of unikernels. In Proceedings of the 12th USENIX Symposium on Networked System Design and Implementation.Google Scholar
- Anil Madhavapeddy, Richard Mortier, Steven Smith, Steven Hand, and Jon Crowcroft. 2013. Unikernels: Library operating systems for the cloud. In Proceedings of the ACM Conference on Architectural Support for Programming Languages and Operating Systems. ACM, 461--472.Google Scholar
Digital Library
- Anil Madhavapeddy, Richard Mortier, Ripduman Sohan, Thomas Gazagnaire, Steven Hand, Tim Deegan, Derek McAuley, and Jon Crowcroft. 2010. Turning down the LAMP: Software specialisation for the cloud. In Proceedings of the 2nd USENIX Conference on Hot Topics in Cloud Computing (HotCloud’10). 11--11.Google Scholar
- Udi Manber and Sun Wu. 1994. GLIMPSE: A tool to search through entire file systems. In Proceedings of the USENIX Winter Technical Conference. 23--32.Google Scholar
- Filipe Manco, Costin Lupu, Florian Schmidt, Jose Mendes, Simon Kuenzer, Sumit Sati, Kenichi Yasukata, Costin Raiciu, and Felipe Huici. 2017. My VM is lighter (and safer) than your container. In Proceedings of the 26th ACM Symposium on Operating Systems Principles. ACM, 218--233.Google Scholar
Digital Library
- Joao Martins, Mohamed Ahmed, Costin Raiciu, Vladimir Olteanu, Michio Honda, Roberto Bifulco, and Felipe Huici. 2014. ClickOS and the art of network function virtualization. In Proceedings of the 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI’14). USENIX Association, 459--473.Google Scholar
Digital Library
- Derek Gordon Murray, Grzegorz Milos, and Steven Hand. 2008. Improving Xen security through disaggregation. In Proceedings of the 4th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments. ACM, 151--160.Google Scholar
Digital Library
- Iulian Neamtiu, Michael Hicks, Gareth Stoyle, and Manuel Oriol. 2006. Practical dynamic software updating for C. ACM SIGPLAN Not. 41 (2006). ACM.Google Scholar
- Pierre Olivier, Daniel Chiba, Stefan Lankes, Changwoo Min, and Binoy Ravindran. 2019. A binary-compatible unikernel. In Proceedings of the 15th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, (VEE’19), Jennifer B. Sartor, Mayur Naik, and Chris Rossbach (Eds.). ACM, 59--73. DOI:https://doi.org/10.1145/3313808.3313817Google Scholar
Digital Library
- Donald E. Porter, Silas Boyd-Wickizer, Jon Howell, Reuben Olinsky, and Galen C. Hunt. 2011. Rethinking the library OS from the top down. In Proceedings of the 16th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’11). ACM, 291--304.Google Scholar
- Ashwin Ramaswamy, Sergey Bratus, Sean W. Smith, and Michael E. Locasto. 2010. Katana: A hot patching framework for elf executables. In Proceedings of the International Conference on Availability, Reliability, and Security (ARES’10). IEEE, 507--512.Google Scholar
- Joanna Rutkowska and Rafal Wojtczuk. 2010. Qubes OS Architecture. Technical Report. Invisible Things Lab Tech Rep 54 (2010).Google Scholar
- Dan Schatzberg, James Cadden, Han Dong, Orran Krieger, and Jonathan Appavoo. 2016. EbbRT: A framework for building per-application library operating systems. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI’16). USENIX, 671--688.Google Scholar
- Stephen Soltesz, Herbert Pötzl, Marc E. Fiuczynski, Andy Bavier, and Larry Peterson. 2007. Container-based operating system virtualization: A scalable, high-performance alternative to hypervisors. ACM SIGOPS Op. Syst. Rev. 41 (2007). ACM, 275--287.Google Scholar
Digital Library
- Chia-che Tsai, Bhushan Jain, Nafees Ahmed Abdul, and Donald E. Porter. 2016. A study of modern Linux API usage and compatibility: What to support when you’re supporting. In Proceedings of the 11th European Conference on Computer Systems (EuroSys’16), Cristian Cadar, Peter R. Pietzuch, Kimberly Keeton, and Rodrigo Rodrigues (Eds.). ACM, 16:1--16:16. DOI:https://doi.org/10.1145/2901318.2901341Google Scholar
- Chia-Che Tsai, Kumar Saurabh Arora, Nehal Bandi, Bhushan Jain, William Jannen, Jitin John, Harry A. Kalodner, Vrushali Kulkarni, Daniela Oliveira, and Donald E. Porter. 2014. Cooperation and security isolation of library OSes for multi-process applications. In Proceedings of the 9th European Conference on Computer Systems. ACM, 9.Google Scholar
- Chia-Che Tsai, Donald E. Porter, and Mona Vij. 2017. Graphene-SGX: A practical library OS for unmodified applications on SGX. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC’17).Google Scholar
- Rich Uhlig, Gil Neiger, Dion Rodgers, Amy L. Santoni, Fernando Martins, Andrew V. Anderson, Steven M. Bennett, Alain Kägi, Felix H. Leung, and Larry Smith. 2005. Intel virtualization technology. Computer 38, 5 (2005), 48--56.Google Scholar
Digital Library
- Volkmar Uhlig, Joshua LeVasseur, Espen Skoglund, and Uwe Dannowski. 2004. Towards scalable multiprocessor virtual machines. In Proceedings of the Virtual Machine Research and Technology Symposium. 43--56.Google Scholar
- Wei Zhang, Jinho Hwang, Shriram Rajagopalan, K. K. Ramakrishnan, and Timothy Wood. 2016. Flurries: Countless fine-grained NFs for flexible per-flow customization. In Proceedings of the International Conference on emerging Networking EXperiments and Technologies (CoNEXT’16). ACM, 3--17.Google Scholar
Digital Library
- Yiming Zhang, Chuanxiong Guo, Dongsheng Li, Rui Chu, Haitao Wu, and Yongqiang Xiong. 2015. CubicRing: Enabling one-hop failure detection and recovery for distributed in-memory storage systems. In Proceedings of the 12th USENIX Symposium on Networked Systems Design and Implementation (NSDI’15). 529--542.Google Scholar
Digital Library
- Yiming Zhang, Dongsheng Li, Qiao Zhou, Feng Huang, Yingwen Chen, Yang Hu, Ping Zhong, Yongqiang Xiong, and Huaimin Wang. 2018. The fusion of VMs and processes: A system perspective of cKernel. In Proceedings of the 38th IEEE International Conference on Distributed Computing Systems (ICDCS’18). 1404--1409. DOI:https://doi.org/10.1109/ICDCS.2018.00141Google Scholar
Cross Ref
Index Terms
KylinX: Simplified Virtualization Architecture for Specialized Virtual Appliances with Strong Isolation
Recommendations
KylinX: a dynamic library operating system for simplified and efficient cloud virtualization
USENIX ATC '18: Proceedings of the 2018 USENIX Conference on Usenix Annual Technical ConferenceUnikernel specializes a minimalistic LibOS and a target application into a standalone single-purpose virtual machine (VM) running on a hypervisor, which is referred to as (virtual) appliance. Compared to traditional VMs, Unikernel appliances have ...
MirageManager: enabling stateful migration for unikernels
CCIoT '20: Proceedings of the Workshop on Cloud Continuum Services for Smart IoT SystemsUnikernels are a new lightweight virtualization technology born as an alternative to virtual machines and containers. Geared towards service provisioning for the Internet of Things (IoT) and edge computing, they offer extremely small memory footprint ...
VMtorrent: virtual appliances on-demand
SIGCOMM '10Virtual Appliances (VAs) are Virtual Machines (VMs) geared towards a specific set of tasks. They require little or no configuration, working out-of-the-box. VAs fit neatly into the Cloud Computing paradigm - many copies of an identical machine can be ...






Comments