Develop, Consolidate and Manage Virtual Environments Entirely ...
Upcoming SlideShare
Loading in...5
×
 

Develop, Consolidate and Manage Virtual Environments Entirely ...

on

  • 993 views

 

Statistics

Views

Total Views
993
Views on SlideShare
993
Embed Views
0

Actions

Likes
0
Downloads
37
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Develop, Consolidate and Manage Virtual Environments Entirely ... Develop, Consolidate and Manage Virtual Environments Entirely ... Presentation Transcript

  • OpenSolaris Virtualization Technologies Aaron Dailey Staff Engineer Solaris Storage Software
  • Agenda • Virtualization Overview • Zones > BrandZ > lx • Xen (xVM) • VirtualBox • Demo • Q&A
  • The Need for Virtualization • Driven by the need to consolidate multiple hosts and services on a single machine • Leads to... > Increased hardware utilization (currently average data center utilization is below 15%) > Greater flexibility in resource allocation > Reduced power requirements > Minimize management costs > Lower the cost of ownership
  • Use Cases • Server Consolidation • Testing and Development • Fail-over through replication • Provisioning compute resources • Legacy Applications • Secure Execution
  • Types of Virtualization • Hard Partitions > Ex: Sun Domains, IBM LPARS, HP nPARS • Virtual Machines > Para-virtualization > Ex: Xen, User-Mode Linux (UML) > Full Virtualization > Ex: LDOMS, VMWare, Parallels, Xen (VT or AMDV), Virtual Box • OS level Virtualization > Ex: Solaris Zones, Vservers, Jails
  • Types of Virtualization Hard Partitions Virtual Machines OS Virtualization Resource Mgmt. App OS Server Multiple OS's Single OS Trend to flexibility Trend to isolation Trend to observability Dynamic System Logical Domains Solaris Containers Solaris Resource Domains Xen (Zones + SRM) Manager (SRM) BrandZ CrossBow
  • ● OS level Virtualization
  • Solaris Zones Single OS instance – Many Virtual OSes • Virtualize OS services to emulate an OS instance • Isolates applications from each other • Improve security by intrusion-isolation • Boot and bring down zones independent of the OS instance • Compatible with existing applications • Complements existing resource management. • Almost arbitrary granularity in isolating and sharing resources
  • Facilities Virtualized for Zones • Processes • File Systems • Networking • Identity • Devices • Packaging
  • Zones Block Diagram global zone (v880-room2-rack5-1; 129.76.1.12) dns1 zone (dnsserver1) web1 zone (foo.org) web2 zone (bar.net) mail zone (mailserver) zone root: /zone/dns1 zone root: /zone/web1 zone root: /zone/web2 zone root: /zone/mail1 login services login services login services login services (SSH sshd) (SSH sshd) (SSH sshd, telnetd) (SSH sshd) network services network services network services network services Environment Application (named) (Apache, Tomcat) (IWS) (sendmail, IMAP) core services core services core services core services (inetd) (inetd) (inetd) (inetd) hme0:1 hme0:2 hme0:3 zcons zcons zcons zcons ce0:1 ce0:2 ce0:3 ce1:1 10 30 60 /usr /usr /usr /usr Platform Virtual zoneadmd zoneadmd zoneadmd zoneadmd pool1 (4 CPU), FSS pool2 (4 CPU) zone management (zonecfg(1M), zoneadm(1M), zlogin(1), ...) core services remote admin/monitoring platform administration (inetd, rpcbind, sshd, ...) (SNMP, SunMC, WBEM) (syseventd, devfsadm, ifconfig, metadb,...) storage complex network device network device network device (hme0) (ce0) (ce1)
  • BrandZ: Branded Zones • Extends Zones model to support “non-native” zones on a Solaris system > Only supports user-space environments > If you need a different kernel, see Xen • Each distinct zone type is called a Brand • Possible uses: > A Linux zone > A Solaris GNU zone (Nexenta/ShilliX/BeleniX) > Support for Solaris N-1 on Solaris N > A MacOS X zone
  • The lx Brand • Marketing Name: Solaris Containers for Linux Applications • Enables Linux Binaries to run unmodified on Solaris • Creates a zone for Linux application execution > Zone is populated only with Linux software > At boot, it runs the Linux init(1M), configuration scripts, and applications > It all runs on a Solaris kernel. • There is no Linux software delivered with BrandZ > This is not a new Linux distro > We install and run standard Linux distributions
  • Branded Zones Block Diagram global zone (v880-room2-rack5-1; 129.76.1.12) dns1 zone (dnsserver1) web1 zone (foo.org) web2 zone (bar.net) Linux zone (linux) zone root: /zone/dns1 zone root: /zone/web1 zone root: /zone/web2 zone root: /zone/lx login services login services login services linux user apps (SSH sshd) (SSH sshd) (SSH sshd, telnetd) (OpenSSH 3.6, acroread,MATLAB, network services network services network services yum, pandora) Environment Application (named) (Apache, Tomcat) (IWS) core services core services core services Linux core services (inetd) (inetd) (inetd) (NIS, xinetd, autofs) hme0:1 hme0:2 hme0:3 zcons zcons zcons zcons ce0:1 ce0:2 ce0:3 ce1:1 10 30 60 /usr /usr /usr /usr Platform Virtual zoneadmd zoneadmd zoneadmd zoneadmd pool1 (4 CPU), FSS pool2 (4 CPU) zone management (zonecfg(1M), zoneadm(1M), zlogin(1), ...) core services remote admin/monitoring platform administration (inetd, rpcbind, sshd, ...) (SNMP, SunMC, WBEM) (syseventd, devfsadm, ifconfig, metadb,...) storage complex network device network device network device (hme0) (ce0) (ce1)
  • BrandZ Use Cases • As a transition tool, reducing the Linux “barrier to exit” > Customer would like to move to Solaris, but has legacy Linux applications • Best of both worlds > Users familiar with Linux environment > Administrators want Solaris' enterprise-class features: resource management, fault management, DTrace • Developer/ISV workload > Solaris has strong development tools, let Linux developers leverage them. > We want Solaris to be a better Linux development platform than Linux.
  • What BrandZ is Not • Not a full system emulator or virtualization layer > No non-Solaris kernel code is ever executed. > You can't run any random Linux distribution. • Doesn't support all Linux kernel functionality. > No support for Linux file systems, kernel modules, or device drivers. > Not all system calls are fully supported. • Not simply binary emulation (like lxrun, wine, etc.) > You can't just run the Linux version of acroread from your Solaris shell prompt.
  • BrandZ Status • Available in Nevada (SX*) and s10u4 • Zones running a Red Hat Enterprise Linux 3.x or CentOS 3.x operating environment > Support for Linux 2.4.21 system call interface > Basic /proc and /dev support • DTrace support for Linux applications > Linux syscall provider > PID provider • Rapid deployment and teardown of Linux zones. > Perfect for building 'throwaway' zones for development/QA
  • ● Virtual Machines
  • Para- vs Full Virtualization • Para-virtualization > Runs OS ported to virtual machine arch > Uses “virtual” device drivers to communicate between guest and host operating systems > More efficient since it is hypervisor-aware > Xen, Logical Domains • Full virtualization > Runs binary image of “metal” OS > Must emulate real I/O devices > Can be slow, needs help from hardware > May use trap and emulate or rewriting > VMware, Parallels, Xen, Virtual Box
  • Xen • Open source hypervisor technology developed at the University of Cambridge > http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ • Supports both para- and full virtualization • Runs on x86/x64, PowerPC, Itanium • Supports Solaris, Linux, FreeBSD • OpenSolaris on Xen (xVM) community > http://www.opensolaris.org/os/community/xen
  • Xen 3.x Architecture dom0 domU1 domU2 domU3 VM0 VM1 VM2 VM3 Device Unmodified Unmodified Manager & User User Control s/w Software Software GuestOS GuestOS GuestOS Unmodified AGP (Solaris) (XenLinux ) (Solaris) GuestOS (WinXP )) ACPI Back -End Back -End SMP PCI Native Native VT-x Device Device Front -End Front -End Driver Driver Device Drivers Device Drivers AMDV Control IF Safe HW IF Event Channel Virtual CPU Virtual MMU 32/64bit Xen Virtual Machine Monitor Hardware (SMP, MMU, physical memory, Ethernet, SCSI/IDE)
  • Key Xen Capabilities • Multiple OSes running simultaneously > Linux, Solaris, Windows XP > No longer a boot-time decision • Special purpose kernels within DomUs for paravirtualized > Drivers, filesystems • Checkpoint/Restart and Live Migration > Provisioning > Grid operations
  • OpenSolaris on Xen Port • Platform rather than arch port > Able to leverage most of the Solaris x86 code base > Areas of greatest difference from “i86pc” > Privileged CPU operations turned into hypercalls > Low-level MMU, segmentation, exceptions > Xen “event” model of interrupts • New virtual device drivers for paravirtualization > net, disk, console • Dom0 infrastructure and tools • Paravirtualized DomU
  • Why Solaris Domain 0 • Observability, debugging tools • ZFS • FMA • Containers and TX • CrossBow (virtualized network support) • HW support
  • OpenSolaris on Xen Status • OpenSolaris domU and dom0 > 32/64-bit, UP, MP (virtual 32-way!) > Virtual disks, network, bridge > CPU and Memory Hot plug support • Currently available: > OpenSolaris build 75 and onwards > Xen 3.1 > PV drivers for Solaris and Windows
  • Sun xVM Sun xVM Server Sun xVM Ops Center • Hypervisor family • Physical and virtual • Consolidates Windows, resource management Linux and Solaris • Manage thousands • Implementations for x86 of hardware and and SPARC software entities Complete Virtualization and Management Solution
  • VirtualBox • Full x86 PC virtualization • Free and open source • Easy to Use • Host OS: Solaris, Windows, Linux, Mac (beta) • Guest OS: Solaris, Windows, Most Linux, *BSD, DOS, OS/2, others • Develop on VirtualBox, deploy on xVM Server • http://virtualbox.org
  • Join Us... • Our communities and projects are open on OpenSolaris.org: > Zones: http://opensolaris.org/os/community/zones > BrandZ: http://opensolaris.org/os/community/brandz > Xen: http://opensolaris.org/os/community/xen > CrossBow: http://opensolaris.org/os/project/crossbow • Where you will find: > Lively discussions, design docs, FAQs, source code drops, preliminary binary releases, etc...
  • OpenSolaris Virtualization Technologies aaron.dailey@sun.com
  • ● Backup Slides
  • Solaris Zones vs Hypervisors • Zones > Scalable, fast, virtual platform, platform agnostic > Emphasis on sharing, simpler administration > Improved fault isolation over “single system.” > Alternate brands • Hardware Virtualization > Emphasis on separation > Fault isolation, (Xen: SPOFs remain) > Live Migration > Foreign OSes
  • Zones and Resource Management • RM configured within zonecfg > New 'dedicated-cpu' and 'capped-memory' resources > All RM configuration performed when zone boots > RM configuration migrates with the zone • Temporary Pools • rcapd can run in global zone and cap zones > Improved RSS accounting • New zone.max-swap rctl • Simplified rctl syntax within zonecfg • Persistent RM configuration for global zone
  • ● Network Virtualization
  • The Need for Network Virtualization • ISP offering web and e-mail services > Consolidate multiple hosts on a single machine > Users expect minimal performance level per virtual host • Financial services > Consolidate multiple services on a single machine > Some services have minimum performance requirements, or higher priority
  • Crossbow • Building blocks for network virtualization and resource control • Virtualizes: stack, services, protocols or virtual machine. • Each virtual stack can be assigned its own priority and bandwidth. • Built into the architecture • Better defense against denial-of-service attacks
  • Functional Components • Virtual Network Interface Cards (VNICs) • Flow Management • Hardware Support of flow processing • Adminstration model > dladm(1M) > flowadm(1M)
  • CrossBow Virtual NICs • Carve up 1Gb/s and 10Gb/s hardware NIC into multiple virtual NICs • Implemented as a Nemo/GLDv3 MAC driver. • Assign NIC hardware resources (interrupts, rings, etc) to virtual NICs • Rely on hardware-based flow classification to steer traffic to VNICs and maximize performance • Assign VNICs to Zones or Xen domains
  • CrossBow Virtual NICs Example Compute Resources Zone 1 Zone 2 Zone 'n' Virtual Squeue Virtual Squeue .. . Virtual Squeue Zone 1 Virtual SQUEUE Zone 2 Virtual SQUEUE HTTP HTTPS Default Squeue Squeue .. . Squeue All Traffic VNIC1 VNIC2 Zone 1 Zone 1 Zone 1 Zone 2 .. . HTTP HTTPS Default All Traffic Ring Ring Ring .. . . Ring Flow Classifier NIC
  • CrossBow Virtual NICs for Xen Solaris Guest OS 2 Solaris Host OS Solaris Guest OS 1 NIC NIC Virtualization NIC Engine Virtualization Virtualization Engine Engine Guest OS 2 Host OS Guest 1 Virtual SQUEUE Virtual SQUEUE Virtual SQUEUE All Traffic HTTP HTTPS Default All Traffic Squeue Squeue .. . Squeue Guest OS 2 VNIC Host OS VNIC Solaris Guest OS 2 VNIC HOST OS Guest OS 1 Guest OS 1 Guest OS 1 Guest OS 2 All traffic Ring .. . . . HTTP Ring HTTPS Ring .. . Default Ring .. . . All Traffic Ring Flow Classifier NIC
  • Stack Instances for Zones and VNICs Global Zone 1 Zone 2 Zone Global Zone 2 Zone Zone 1 Specific Squeue Squeue Squeue To Shared Shared Exclusive Containers Network Stack with Network Network Stack Stack Stack Global Zone Virtual NIC Virtual NIC .. . Virtual NIC Common Global Zone Zone 1 Zone n .. . Ring Ring Ring To All Zones Flow Classifier NIC
  • CrossBow Status • Available on OpenSolaris: > Core VNIC functionality > Bandwidth Control for TCP • Available in Nevada (SX*) and s10u?: > Stack Instances