Xen and the Art of Virtualization

Similar documents
Xen and the Art of Virtualization

Lecture 7. Xen and the Art of Virtualization. Paul Braham, Boris Dragovic, Keir Fraser et al. 16 November, Advanced Operating Systems

Virtual machine architecture and KVM analysis D 陳彥霖 B 郭宗倫

Xen and the Art of Virtualiza2on

Xen and the Art of Virtualization. Nikola Gvozdiev Georgian Mihaila

Xen is not just paravirtualization

Virtual Machines Disco and Xen (Lecture 10, cs262a) Ion Stoica & Ali Ghodsi UC Berkeley February 26, 2018

Dynamic Translator-Based Virtualization

Virtualization with XEN. Trusted Computing CS599 Spring 2007 Arun Viswanathan University of Southern California

Xen and the Art of Virtualization. CSE-291 (Cloud Computing) Fall 2016

VMMS: DISCO AND XEN CS6410. Ken Birman

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

MODERN SYSTEMS: EXTENSIBLE KERNELS AND CONTAINERS

OS Virtualization. Why Virtualize? Introduction. Virtualization Basics 12/10/2012. Motivation. Types of Virtualization.

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

COS 318: Operating Systems. Virtual Machine Monitors

Virtualization. Pradipta De

Linux and Xen. Andrea Sarro. andrea.sarro(at)quadrics.it. Linux Kernel Hacking Free Course IV Edition

Operating Systems 4/27/2015

VIRTUALIZATION: IBM VM/370 AND XEN

We ve seen lots of examples of virtualization. This is another: a virtual machine monitor. A VMM virtualizes an entire hardware machine.

references Virtualization services Topics Virtualization

Today s Papers. Virtual Machines Background. Why Virtualize? EECS 262a Advanced Topics in Computer Systems Lecture 19

Advanced Operating Systems (CS 202) Virtualization

CSE 120 Principles of Operating Systems

Kernel Support for Paravirtualized Guest OS

Virtual Machines. Part 2: starting 19 years ago. Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Operating System Security

SR-IOV Networking in Xen: Architecture, Design and Implementation

Module 1: Virtualization. Types of Interfaces

Advanced Systems Security: Virtual Machine Systems

CSC 5930/9010 Cloud S & P: Virtualization

Virtualization. Part 1 Concepts & XEN

Background. IBM sold expensive mainframes to large organizations. Monitor sits between one or more OSes and HW

Supporting Isolation for Fault and Power Management with Fully Virtualized Memory Systems

24-vm.txt Mon Nov 21 22:13: Notes on Virtual Machines , Fall 2011 Carnegie Mellon University Randal E. Bryant.

Java. Measurement of Virtualization Overhead in a Java Application Server. Kazuaki Takahashi 1 and Hitoshi Oi 1. J2EE SPECjAppServer2004

The Future of Virtualization

Advanced Systems Security: Virtual Machine Systems

1 Virtualization Recap

CSCE 410/611: Virtualization

CSCE 410/611: Virtualization!

CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives

An Analysis of HPC Benchmarks in Virtual Machine Environments

CS 550 Operating Systems Spring Introduction to Virtual Machines

Originally prepared by Lehigh graduate Greg Bosch; last modified April 2016 by B. Davison

The Virtualization Reality

International Journal of Scientific & Engineering Research, Volume 7, Issue 11, November-2016 ISSN

Cloud Computing Virtualization

Virtual Machine Monitors (VMMs) are a hot topic in

Keywords: disk throughput, virtual machine, I/O scheduling, performance evaluation

The only open-source type-1 hypervisor

COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy

Virtualization. Operating Systems, 2016, Meni Adler, Danny Hendler & Amnon Meisels

Virtual Machines Measure Up

Is Virtualization Killing SSI Research? Jérôme Gallard Kerrighed Summit Paris February 2008

Virtual Machine Security

Chapter 5 C. Virtual machines

Virtualization. Michael Tsai 2018/4/16

NON SCHOLAE, SED VITAE

What is KVM? KVM patch. Modern hypervisors must do many things that are already done by OSs Scheduler, Memory management, I/O stacks

Lecture 5: February 3

G Xen and Nooks. Robert Grimm New York University

Virtualization History and Future Trends

Virtualization, Xen and Denali

Virtualization. Starting Point: A Physical Machine. What is a Virtual Machine? Virtualization Properties. Types of Virtualization

Virtual Machines. To do. q VM over time q Implementation methods q Hardware features supporting VM q Next time: Midterm?

Virtualization. ! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized

Services in the Virtualization Plane. Andrew Warfield Adjunct Professor, UBC Technical Director, Citrix Systems

Virtualization and memory hierarchy

CS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University

Support for Smart NICs. Ian Pratt

The Continuity of Out-of-band Remote Management Across Virtual Machine Migration in Clouds

Hypervisor security. Evgeny Yakovlev, DEFCON NN, 2017

Nested Virtualization Friendly KVM

Multi-Hypervisor Virtual Machines: Enabling An Ecosystem of Hypervisor-level Services

CHAPTER 16 - VIRTUAL MACHINES

Virtual Leverage: Server Consolidation in Open Source Environments. Margaret Lewis Commercial Software Strategist AMD

Xen and the Art of Virtualization

Xen Project 4.4: Features and Futures. Russell Pavlicek Xen Project Evangelist Citrix Systems

CS370 Operating Systems

COLORADO, USA; 2 Usov Aleksey Yevgenyevich - Technical Architect, RUSSIAN GOVT INSURANCE, MOSCOW; 3 Kropachev Artemii Vasilyevich Manager,

Virtual Virtual Memory

Faithful Virtualization on a Real-Time Operating System

Microkernels. Overview. Required reading: Improving IPC by kernel design

Virtualization. Dr. Yingwu Zhu

LINUX Virtualization. Running other code under LINUX

The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014)

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

Xen-ophobia: On profiling boot startup

Unit 2. VMMs and hypervisors 2966-Network and Services Virtualisation First semester Assistant professor: Katja Gilly Departament: Physics

Multiprocessor Scheduling. Multiprocessor Scheduling

Nested Virtualization Update From Intel. Xiantao Zhang, Eddie Dong Intel Corporation


Introduction to Virtual Machines. Carl Waldspurger (SB SM 89 PhD 95) VMware R&D

System Virtual Machines

System Virtual Machines

Increase KVM Performance/Density

CLOUD COMPUTING IT0530. G.JEYA BHARATHI Asst.Prof.(O.G) Department of IT SRM University

SERVE. -Priyal Lokhandwala

Transcription:

Xen and the Art of Virtualization Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, Andrew Warfield Presented by Thomas DuBuisson

Outline Motivation Design What is the goal? Xen Drawing What does it look like? Design Details How? Performance How Well? Beyond the Paper

Motivation Requiring server consolidation co located hosting facilities distributed web services secure computing platforms mobility Numerous simultaneous OSes Isolation of: IO demands Computation Memory Minimal Overhead

Design Basic Concepts Unlike micro kernels of the 90s, hypervisors expose an idealized hardware interface to the higher level processes. Unlike typical VMMs, the OS must be modified to cooperate with the hypervisor. Not just for performance, but for basic operation.

Design Paravirtualization Emulation is expensive minor modifications* to the guest OS, making it more virtualization friendly and has huge performance payoffs. Application source code bases are huge ABI must remain compatible. OSes altered in this way are called Paravirtual Machines (PVMs) * 3000 lines of the Linux kernel sufficed ** The Xen patch to the Linux kernel is now over 14000 line

Typical View of Xen Interface Provides CPUs Memory IO Devices Management

Now for details! Memory Management CPU Virtualization IPC IO Rings Grant Tables Device Access

Memory Management Xen was originally x86 specific No tagged TLB No software managed TLB Guests are provided with a portion of machine memory from which the can allocate to their processes. No over committing of physical memory Instead of modifying the page tables, PVMs perform hypercalls requesting Xen make the desired modification.

Memory Management All Page Table and Segment Descriptor updates are validated by Xen. On page faults, Xen copies the faulting address from CR2 into a stack frame and send an event to the corresponding guest.

CPU Virtualization Xen runs in privileged mode (ring 0) Guest OS kernels run unprivileged (exact mode varies by architecture) Protected operations instead are performed by hypercalls from the guest to Xen.

CPU Virtualization Exceptions are propagated to the guest from Xen via event channels. Exceptions from system calls call directly from application into the guest OS. Guest OS registers a 'fast' exception hander. Xen validates the address is part of the guest address space and installs the handler.

Inter VM Communication (IVC) Hypercalls Events Like syscalls, but occur from PVM to Xen Xen sets a bitmask to specify which event(s) occurred then calls a previously registered handler belonging to the relevant domain.

Advanced IVC: IO Rings and Grant Tables IO Rings allow high bandwidth two way communication: Each cell of the ring contains a grant reference Grant references indicate the ability to map memory or completely transfer a page of memory

IO Devices Network cards Implemented as two rings (transmit, receive) Rings allow communication between a 'frontend' and 'back end' network driver. Guests are assigned virtual block devices Access to devices is governed by a round robbin scheduler.

Control Start new domains? Domain 0 Drivers for physical devices? Domain 0 Run device back ends? Domain 0 What is Domain 0? Linux

Performance (Macro)

Performance (Net) Near native performance for typical MTU Note the lack of CPU usage data during network activity Comparison with VMWare Workstation rather unfair

Performance (Micro) Typically better than Linux with SMP support. Even when significantly worse than Native, its much better than UML or VMW.

Performance (Multi Guest)

Performance (Scalability) Up to 192 domains... then crash

Auxiliary Slides

How Xen Should Look Security wise it is similar to single server micro kernels Perhaps IO MMU will help change that.

IO Rings Not a Xen primitive! Use the initial communication path with Dom0 to setups a grant ref with the other domain via XenStore or similar. Yes, this is a hack. Mapping in the grant ref results in a shared page between the two domains desiring to communication. The IO Ring may reside here. The IO Ring is just a fast way to communicate more grant references!

Non Standard PVMs Linux, *BSD, and Windows XP can all be ran as PVMs to some extent. Traditionally, these take up significant memory (which we can't over allocate!) Smaller, special, OSes exist: Mini OS: 'C' based for generic use. 12000 lines 4MB needed when running StubDom: Based on Mini OS 4MB needed Richer (standard C libraries included) Intended for driver domains HaLVM: Can compile Haskell code to run on bare Xen. 6MB needed Extremely rich, high level language Experimental and not yet released to the public

IVC Issues to Consider For intra PC network communication too many context switches are needed A builds gntref (hypercall to signal B) B receives ref (hypercall to transfer page) B builds response, A recieves response To setup Guest to Guest communication, XenStore is a free for all security blood bath.

Questions? Comments?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback