Sapan Bhatia

SAPAN BHATIA
ASSOCIATE RESEARCH SCHOLAR

Coordinates

35, Olden Street
Princeton University
Princeton, NJ
sapanb @ cs . princeton . edu
WWW: http://www.cs.princeton.edu/~sapanb/
Office: 318B

(New) vsys: A programmable sudo. Sapan Bhatia, Giovanni Di Stasi, Thom Haddow, Andy Bavier, Steve Muir and Larry Peterson. USENIX 'ATC 2011.
The presentation was picked up by Slashdot and PC World.

(New) sfatables: A firewall-like policy engine for federated systems. Sapan Bhatia, Andy Bavier, Larry Peterson, Soner Sevinc. ICDCS 2011.

Research

VICCI - Virtual Cloud Computing Infrastructure
VICCI is a testbed for research in cloud computing services and mechanisms. It consists of a deployment across the United States (Princeton, Stanford, University of Washington, Georgia Tech) consisting of 280 nodes each with 48 Gigs of RAM and 12 cores. Sites are connected over 1GB links over Internet 2. The infrastructure is fully deployed and functional, with other sites in Japan and Europe to follow. If you are at a participating site, then please contact your local VICCI coordinator to get access. For other users, other forms of access may become available soon. Please contact us for details. .
Chopstix
Chopstix is a tool for diagnosing intermittent problems on production systems. Most people who have maintained such systems can relate to problems that seemingly come and go and are hard to reproduce. Chopstix collects system-wide profiles of high-frequency events such as process scheduling, memory allocation and page mapping based on the belief that these events are sensitive to changes in system behavior. These profiles are reconstructed offline to pinpoint problems. Chopstix collects partial stack traces for every unique event, making it possible to trace a problem to its underlying root cause.

Lightweight, High-Resolution Monitoring for Troubleshooting Production Systems Sapan Bhatia, Abhishek Kumar, Marc E. Fiuczynski and Larry Peterson. Proceedings of OSDI '08 .
VINI
VINI is a virtual network infrastructure that allows network researchers to evaluate their protocols and services in a realistic environment that also provides a high degree of control over network conditions. We are building on native virtualization support in the Linux kernel to make virtual networking in VINI efficient and robust.

Lightweight OS support for a scalable and robust virtual network infrastructure. Sapan Bhatia, Marc Fiuczynski, Andy Bavier and Larry Peterson. Poster session at NSDI'07. Extended abstract. Poster. An extended version appeared at ROADS'07.
Misc
Selective and Non-Selective Autophagic Degradation of Mitochondria in Yeast. Ingrid Kissova, Benedicte Salin, Jacques Schaeffer, Sapan Bhatia, Stephen Manon and Nadine Camougrand. Autophagy journal. Vol 3/Issue 4. July/August 2007.

For my old publications, please visit here.

Development

sfatables
Sfatables is a firewall-like administrative tool for federated systems. If you have resources in any form (host resources, bandwidth) and you would like to make them available to a third party without losing control over their use, then sfatables is for you.

patchdep
Patch dependency analyzer. You specify the set of patches that you would like in your kernel, along with the set that you don't support and patchdep will compute the minimal subset of patches that you need along with the conflicts you need to resolve.

PlanetFlow2
PlanetFlow2 is PlanetLab's Netflow collection and query system. It uses an extended version of fprobe to collect and store data, and silk-tools to archive and query it. Audits between 5-10 Terabytes of data every day.

vnet+
VNET+ consists of an iptables match that associates packets with VM ids on PlanetLab; as well as additions to the network stack for using this association to filter traffic. The iptables match is available to all iptables targets and can be used for slice-specific filtering, policy routing etc.

vsys
vsys is to PlanetLab, what the /sys directory is to a Linux server. It is a mechanism to export privileged scripts to PlanetLab slices. vsys has a backend directory, located in root context on the node, and a frontend directory, which appears in the context of a slice. Scripts stored at the backend appear at the frontend as FIFO pipes, which slices can use to invoke and manage the scripts. vsys is written in ocaml and can be checked out of the Planet-Lab CVS.

shortbridge
We found that bridging ethernet devices has a high overhead and can reduce the throughput of forwarding experiments by up to a factor of 5. Shortbridge (abbr. for 'short-circuit bridge') overcomes this problem for pairs of devices, by cross-wiring the corresponding device objects. Implemented as a kernel module + patch for linux 2.6.20. New It looks like the macvlan module for Linux, released recently, subsumes the above functionality, and will probably replace shortbridge.

Misc

My favorite iPhone apps :-)
Handwriting App for the iPhone/iPad

Pain

I'm going to start collecting bugs that I have a hard time finding, in the hope that somebody looking for the same information will find it.
Inotify sometimes misses events because it coalesces them