Virtualization in the Cloud: Featuring Xen Lars Kurth Xen Community Manager

Similar documents
Virtualization in the Cloud Lars Kurth Xen Community Manager

Virtualization Introduction

Xen Project 4.4: Features and Futures. Russell Pavlicek Xen Project Evangelist Citrix Systems

Transforming XenServer into a proper open-source project

The only open-source type-1 hypervisor

Xen Community Update. Ian Pratt, Citrix Systems and Chairman of Xen.org

Chapter 5 C. Virtual machines

Xen. past, present and future. Stefano Stabellini

Originally prepared by Lehigh graduate Greg Bosch; last modified April 2016 by B. Davison

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Xen Project Overview and Update. Ian Pratt, Chairman of Xen.org, and Chief Scientist, Citrix Systems Inc.

Linux Virtualization Update

What is KVM? KVM patch. Modern hypervisors must do many things that are already done by OSs Scheduler, Memory management, I/O stacks

1 Virtualization Recap

Xen Project Status Ian Pratt 12/3/07 1

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

Distributed Systems COMP 212. Lecture 18 Othon Michail

Xen on ARM. Stefano Stabellini

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

Module 1: Virtualization. Types of Interfaces

XenServer Master Class Networking

Virtualization Food Fight. Rik van Riel

Virtualization. Michael Tsai 2018/4/16

Operating Systems 4/27/2015

Xen Summit Spring 2007

Xen and CloudStack. Ewan Mellor. Director, Engineering, Open-source Cloud Platforms Citrix Systems

Implementation and. Oracle VM. Administration Guide. Oracle Press ORACLG. Mc Grauv Hill. Edward Whalen

Lecture 5: February 3

Experiences with OracleVM 3.3

CS370 Operating Systems

SCALE 14X. The Bare-Metal Hypervisor as a Platform for Innovation. By Russell Pavlicek Xen Project Evangelist

CXS Citrix XenServer 6.0 Administration

Virtualization. Pradipta De

Virtualization. Dr. Yingwu Zhu

Optimizing and Enhancing VM for the Cloud Computing Era. 20 November 2009 Jun Nakajima, Sheng Yang, and Eddie Dong

Virtualisation: The KVM Way. Amit Shah

70-414: Implementing an Advanced Server Infrastructure Course 01 - Creating the Virtualization Infrastructure

SUSE An introduction...

What is Cloud Computing? Cloud computing is the dynamic delivery of IT resources and capabilities as a Service over the Internet.

Virtualization. Starting Point: A Physical Machine. What is a Virtual Machine? Virtualization Properties. Types of Virtualization

Virtualization (II) SPD Course 17/03/2010 Massimo Coppola

Virtualization. ! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized

The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014)

CHAPTER 16 - VIRTUAL MACHINES

Virtualization and Performance

Virtual Pc Manual Windows 7 64 Bit Guest On 32-bit Host

Hypervisor security. Evgeny Yakovlev, DEFCON NN, 2017

Virtualization. Virtualization

CSE543 - Computer and Network Security Module: Virtualization

CLOUD COMPUTING IT0530. G.JEYA BHARATHI Asst.Prof.(O.G) Department of IT SRM University

LINUX Virtualization. Running other code under LINUX

Cloud and Datacenter Networking

Citrix XenServer 6.5 Virtual Machine User's Guide. Published Thursday, 15 January Edition

CXS-203-1I Citrix XenServer 6.0 Administration

Lecture 09: VMs and VCS head in the clouds

Virtualizing Oracle 11g/R2 RAC Database on Oracle VM: Methods/Tips

CSC 5930/9010 Cloud S & P: Virtualization

ElasterStack 3.2 User Administration Guide - Advanced Zone

Virtual Machines Disco and Xen (Lecture 10, cs262a) Ion Stoica & Ali Ghodsi UC Berkeley February 26, 2018

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

DOUG GOLDSTEIN STAR LAB XEN SUMMIT AUG 2016 ATTACK SURFACE REDUCTION

Citrix XenServer 7.0 Virtual Machine User's Guide. Published October Edition

Roadmap for Challenging Times System Virtualiztion

Course CXS-203 Citrix XenServer 6.0 Administration

Oracle VM Tips and Best Practices

Cloud Networking (VITMMA02) Server Virtualization Data Center Gear

Course Review. Hui Lu

Virtualization. Guillaume Urvoy-Keller UNS/I3S

CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives

Designing the Stable Infrastructure for Kernel-based Virtual Machine using VPN-tunneled VNC

Citrix XenServer 7.1 Virtual Machine User's Guide. Published November Edition

Virtual Machine Security

I/O and virtualization

Citrix XenServer 7.2 Virtual Machine User's Guide. Published October Edition

CS 550 Operating Systems Spring Introduction to Virtual Machines

Amazon EC2 Deep Dive. Michael #awssummit

CSE543 - Computer and Network Security Module: Virtualization

SUSE Linux Enterprise Server: Supported Virtualization Technologies

Citrix XenServer 7.3 Virtual Machine User's Guide. Published December Edition

Xen on ARM ARMv7 with virtualization extensions

CSE543 - Computer and Network Security Module: Virtualization

Introduction to Virtualization. From NDG In partnership with VMware IT Academy

NON SCHOLAE, SED VITAE

CSE 120 Principles of Operating Systems

vnetwork Future Direction Howie Xu, VMware R&D November 4, 2008

Citrix XenServer 6 Administration

My VM is Lighter (and Safer) than your Container

Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles

Migration Strategies from vsphere to Linux and OpenStack via a shared virtualized network

How CloudEndure Works

Hostless Xen Deployment

Virtualization, Xen and Denali

Operating system hardening

Linux and Xen. Andrea Sarro. andrea.sarro(at)quadrics.it. Linux Kernel Hacking Free Course IV Edition

FAQ FOR VMWARE SERVER 2 - AUGUST, 2008

Server Virtualization Approaches

Red Hat Enterprise Virtualization Hypervisor Roadmap. Bhavna Sarathy Senior Technology Product Manager, Red Hat

QuickSpecs. HP Integrated Citrix XenServer. Overview. Retired

ENTERPRISE HYPERVISOR COMPARISON

Introduction to Cloud Computing and Virtualization. Mayank Mishra Sujesha Sudevalayam PhD Students CSE, IIT Bombay

Transcription:

Virtualization in the Cloud: Featuring Xen Lars Kurth Xen Community Manager lars.kurth@xen.org FREENODE: lars_kurth @lars_kurth @xen_com_mgr

A Brief History of Xen in the Cloud Late 90s XenoServer Project (Cambridge Univ.) The XenoServer project is building public infrastructure for wide-area distributed computing. We envisage a world in which XenoServer executon platorms will be scatered across the globe and available for any member of the public to submit code for executon. Global Public Computing This dissertation proposes a new distributed computing paradigm, termed global public computing, which allows any user to run any code anywhere. Such platforms price computing resources, and ultimately charge users for resources consumed. Evangelos Kotsovinos, PhD dissertaton, 2004

A Brief History of Xen in the Cloud Late 90s Oct 03 06 08 09 11 12 XenoServer Project (Cambridge Univ.) Xen Presented at SOSP Amazon EC2 and Slicehost launched Rackspace Cloud XCP 1.x Cloud Mgmt XCP Announced Linux 3.0 XCP packages in Linux Xen for ARM based Servers PVH mode

The Xen Hypervisor was designed for the Cloud straight from the outset!

Xen.org Guardian of Xen Hypervisor and related OSS Projects Xen Governance similar to Linux Kernel Projects Xen Hypervisor (led by 5 commiters, 2 from Citrix) Xen Cloud Platorm aka XCP (led by Citrix) Xen ARM : Xen for mobile devices (led by Samsung) PVOPS : Xen components and support in Linux Kernel (led by Oracle) 10+ vendors contributng more than 1% to the project (AWS, AMD, Citrix, GridCentric, Fujitsu, Huawei, iweb, Intel, NSA, Oracle, Samsung, Suse, )

Xen Overview

Hypervisor Architectures Type 1: Bare metal Hypervisor Type 2: OS Hosted A pure Hypervisor that runs directly on the hardware and hosts Guest OS s. A Hypervisor that runs within a Host OS and hosts Guest OS s inside of it, using the host OS services to provide the virtual environment. VMn User-level VMM User Apps VM1 VM0 VMn VM1 Device Models VM0 Guest OS and Apps Guest OS and Apps Host OS Scheduler Device Drivers/Models I/O Memory Hypervisor Device Drivers MMU CPUs Host HW Provides partition isolation + reliability, higher security Host HW I/O Ring-0 VM Monitor Kernel Memory CPUs Low cost, no additional drivers Ease of use & installation

Xen: Type 1 with a Twist Control domain (dom0) Thinner hypervisor Functionality moved to Dom0 Device Models Drivers Linux & BSD Scheduler MMU XSM VM0 VM1 VMn Guest OS and Apps Hypervisor Using Linux PV OPS Using Linux Device Drivers PV, PV on HVM and PVH modes Sharing components with KVM In other words Re-use of Dom0 kernel components I/O Memory CPUs Host HW Ease of use & Installation Isolation & Security 8

Xen and Linux Xen Hypervisor is not in the Linux kernel BUT: everything Xen and Xen Guests need to run is! Xen packages are in all Linux distros (except RHEL6) Install Dom0 Linux distro Install Xen package(s) or meta package Reboot Config stuff: set up disks, peripherals, etc. More info: wiki.xen.org/wiki/category:host_install

Basic Xen Concepts Console VMn Control domain (dom0) Toolstack Dom0 Kernel Scheduler I/O VM1 One or more driver, stub or service domains VM0 Guest OS and Apps MMU Memory XSM CPUs Hypervisor Host HW 10 Control Domain aka Dom0 Dom0 kernel with drivers Xen Management Toolstack Trusted Computng Base Guest Domains Your apps E.g. your cloud management stack Driver/Stub/Service Domain(s) A driver, device model or control service in a box De-privileged and isolated Lifetme: start, stop, kill

Xen Variants for Server & Cloud Xen Hypervisor XCP Toolstack / Console Default / XL (XM) Libvirt / VIRSH XAPI / XE Increased level of functonality and integraton with other components Get Binaries from Linux Distros Linux Distros Debian & Ubuntu ISO from Xen.org Products Oracle VM Huawei UVP Citrix XenServer Used by Many Others More info: xen.org/community/presentatons.html 11

Xen : Types of Virtualization

PV Domains & Driver Domains Guest VMn Control domain (dom0) Apps PV Back Ends PV Front Ends Driver Domain e.g. Disk Network PV Back End HW Driver HW Drivers Technology: Linux PV guests have limitations: Guest OS Dom0 Kernel* Xen Hypervisor I/O Memory CPUs Host HW limited set of virtual hardware Advantages Dom0 Kernel Paravirtualizaton Fast Works on any system (even without virt extensions) Driver Domains Security Isolaton Reliability and Robustness *) Can be MiniOS 13

HVM & Stub Domains Dom0 Guest VMn Stubdomn Guest VMn Technology: Shows emulaton using QEMU/Device Model (SW Virtualizaton) Device Model IO Emulation Device Model IO Emulation In other situaton HW can be used Disadvantages IO Event Dom0 Kernel VMEXIT IO Event Mini OS VMEXIT Xen Hypervisor Emulaton slower than PV (mainly I/O devices) Advantages No kernel support needed Host HW Stub Domains Security Isolaton Reliability and Robustness 14

The Virtualization Spectrum VS VH P Virtualized (SW) Virtualized (HW) Paravirtualized Disk and Network Interrupts, Timers Emulated Motherboard, Legacy boot Privileged Instructons and page tables Fully Virtualized (FV) VS VS VS VH FV with PV disk & network P VS VS VH PVHVM P P VS VH PVH x86 Xen 4.3 P P P VH PVH ARM v7+ Xen 4.3 P VH P VH Fully Paravirtualized (PV) P P P P HVM mode/domain PV mode/domain

The Virtualization Spectrum Optmal performance Scope for improvement Poor performance Disk and Network Interrupts, Timers Emulated Motherboard, Legacy boot Privileged Instructons and page tables Fully Virtualized (FV) VS VS VS VH FV with PV disk & network P VS VS VH PVHVM P P VS VH PVH x86 Xen 4.3 P P P VH PVH ARM v7+ Xen 4.3 P VH P VH Fully Paravirtualized (PV) P P P P HVM mode/domain PV mode/domain

PVH Benefits Solves a number of historical problems with PV and HVM AMD 64 bit and x86-64 architecture is not a good match for PV for Privileged Instructons and Page Tables Will allow to simplify the Xen and PVOPS architecture in the longer term Fastest of PV and HVM on all architectures No need for emulaton Uses HW virtualizaton where it is fastest Uses PV where PV is fastest Should provide the best trade-offs for most work-loads More info: wiki.xen.org/wiki/virtualizaton_spectrum & More info: xen.org/xensummit/xs12na_talks/m9.html

XCP Project

XCP Xen Cloud Platform Complete stack for server virtualization Extends Xen to cover multple hosts Adds further functonality and integratons for cloud, storage and networking to Xen HV GPLv2 XenServer is a commercial XCP distro Two Flavours Appliance (ISO using CentOS Dom0) Packages in Debian & Ubuntu (more distros to come)

Major XCP Features VM lifecycle: live snapshots, checkpoint, migraton Resource pools: flexible storage and networking Event tracking: progress, notficaton Upgrade and patching capabilites Real-tme performance monitoring and alertng Built-in support and templates for Windows and Linux guests Open vswitch support built-in (default) More info: wiki.xen.org/wiki/xcp_release_features

XCP 1.6 Beta Internal Improvements: Xen 4.1.2, CentOS 5.7 with kernel 2.6.32.43, Open vswitch 1.4.1 New format Windows drivers: installable by Windows Update Service Networking: Beter VLAN scalability, LACP bonding, IPv6 More guest OS templates: Ubuntu Precise 12.04, RHEL/CentOS, Oracle Enterprise Linux 6.1 & 6.2, Windows 8 Storage XenMotion: Migrate VMs between hosts or pools without shared storage Move a VM s disks between storage repositories while the VM is running More info: xen.org/download/xcp/releasenotes_1.6.0.html & More info: xen.org/download/xcp/index_1.6.0.html

XCP and Cloud Orchestration Stacks

Challenges for FOSS hypervisors

Security and QoS/Reliability are amongst the top 3 blockers for cloud adoption www.colt.net/cio-research

System characteristics cloud users care about: Robustness, Performance, Scalability & Security Results XCP User Survey 2012 90% of users quoted these as most important attributes

Disaggregation Split Control Domain into Driver, Stub and Service Domains See: Breaking up is hard to do @ Xen Papers See: Domain 0 Disaggregaton for XCP and XenServer Unique benefit of the Xen architecture Robustness: ability to safely restart parts of the system (e.g. just 275ms outage from failed Ethernet driver) Performance: lightweight, Xen scheduler Scalability: more distributed system (less reliable on Dom0) Security: Minimum privilege; Narrow interfaces; Restart domains Used today by Qubes OS and Citrix XenClient XT Prototypes for XCP and XenServer

User VM User VM NF BF NF BF NB gntdev NB gntdev gntdev Dom0 Domain manager healthd xenopsd libxl Xen Network drivers networkd vswitch NFS/ iscsi drivers Dom0 storaged tapdisk blktap3 Qemu xapi Qemu Network NFS/ Local drivers iscsi storage drivers drivers qemu syslogd xapi eth eth eth eth scsi.... xapi Dom0 Xen qemu networkd vswitch storaged tapdisk blktap3 storaged tapdisk blktap3 NIC (or SR- IOV VF) NIC (or SR- IOV VF) CPU RAM RAM CPU NIC (or SR- IOV VF) NIC (or SR- IOV VF) RAID

User VM User VM NF BF NF BF NB gntdev NB gntdev gntdev Dom0 Domain manager healthd xenopsd libxl Network driver domain networkd vswitch NFS/ iscsi driver domain storaged tapdisk blktap3 Qemu domain qemu xapi domain xapi D o m 0... Logging domain syslogd Network driver domain networkd vswitch NFS/ iscsi driver domain storaged tapdisk blktap3 Local storage driver domain storaged tapdisk blktap3 dbus over v4v dbus over v4v eth eth eth eth scsi Xen Xen NIC (or SR- IOV VF) NIC (or SR- IOV VF) CPU RAM RAM CPU NIC (or SR- IOV VF) NIC (or SR- IOV VF) RAID

Xen Security Advantages Even without Advanced Security Features Well-defined trusted computng base (much smaller than on type-2 HV) Minimal services in hypervisor layer Xen Security Modules (or XSM) Developed, maintained and contributed to Xen by NSA Generalized Security Framework for Xen Compatble with SELinux (tools, architecture) XSM object classes maps onto Xen features XSM together with Disaggregaton Security sensitve Desktop use-cases developed for the NSA 29

User VM User VM NF BF NF BF NB gntdev NB gntdev gntdev Dom0 Domain manager healthd xenopsd libxl Network driver domain networkd vswitch NFS/ iscsi driver domain storaged tapdisk blktap3 Qemu domain qemu xapi domain xapi D o m 0... Logging domain syslogd Network driver domain networkd vswitch NFS/ iscsi driver domain storaged tapdisk blktap3 Local storage driver domain storaged tapdisk blktap3 dbus over v4v dbus over v4v eth eth eth eth scsi XSM policy restricting access Xen Xen NIC (or SR- IOV VF) NIC (or SR- IOV VF) CPU RAM RAM CPU NIC (or SR- IOV VF) NIC (or SR- IOV VF) RAID

News from the Xen Community

Cool new functionality & initiatives New PVH virtualizaton mode (Oracle) Patches being up-streamed to Xen and Linux (3.7 & 3.8) as we speak Sweet spot for performance Xen for ARM servers (using new PVH mode) Cortex A15/ ARM v7: can start guests on Versatle Express; Samsung Chromebook next ARM v8: portng work started on simulator and patches being up-streamed New Xen ports FreeBSD Xen port (SpectraLogic & HP) Xen MIPS port (by BroadCom) Language run-tmes running on bare-metal Xen ErlangOnXen.org, Openmirage.org More info: wiki.xen.org/wiki/xen_roadmap/4.3 & wiki.xen.org/wiki/xcp_roadmap

Summary: Why Xen?

Designed for the Cloud : many advantages for cloud use! Resilience, Robustness & Scalability Security: Small surface of atack, Isolaton & Advanced Security Features Widely used by Cloud Providers and Vendors XCP Ready for use with cloud orchestraton stacks Packages in Linux distros: flexibility and choice Open Source with a large community and eco-system Excitng new developments in the pipeline

IRC: ##xen @ FREENODE Mailing List: xen-users & xen-api (lists.xen.org) Wiki: wiki.xen.org Ecosystem pages: xen.org/community/ecosystem.html Presentations & Videos: xen.org/community/presentatons.html Questions @lars_kurth @xen_com_mgr FREENODE: lars_kurth Slides available under CC-BY-SA 3.0 From www.slideshare.net/xen_com_mgr

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback