  Challenges to build virtual machines
     Performance isolation
        Process Scheduling
        Memory Usage
    ...
Conventional                                  Xen

  Full Virtualization                    Paravirtualization
      Gu...
  Multiplexes resources at the granularity of an entire
   OS
     Follows the ideology of Exokernel
     As opposed to...
  Depending on the hardware supports
     Software managed TLB
          Associate address space IDs with TLB tags
    ...
  X86 supports 4 levels of
                   privileges
                     0 for OS, and 3 for
                      ...
  Separation of policy and
                                                                                  mechanism

 ...
  Hypercall: synchronous calls from a domain to Xen
     Analogous to system calls
     Allows domains to perform a syn...
  Safe indirect way to share I/O devices among OSes
  Circular queue accessible by Xen and a domain
  Borrowed virtual time scheduling
     Allows temporary violations of fair sharing to favor
      recently-woken domain...
  No shadow pages (VMWare)
  Xen provides constrained but direct MMU updates
  All guest OSes have read-only accesses t...
  Reserved at domain creation times

  Memory statically partitioned among domains

  Does not guarantee contiguous reg...
  Virtual firewall-router attached to all domains
  Round-robin packet scheduler
  To send a packet, enqueue a buffer d...
  Only Domain0 has direct access to disks
  Other domains need to use virtual block devices
     Use the I/O ring
    ...
SPEC INT2000 score                 SPEC WEB99
CPU Intensive (Little I/O and OS   180Mb/s TCP traffic (Disk read-write
inte...
  Since version 3.0.2 Xen supports unmodified Microsoft
   OSes and Linux when the host runs on Intel VT or AMD-V
   hard...
  Questions?

  Discussion

  Slide is available at:
     http://www.slideshare.net/tarequeh/xen-the-art-of-
      vir...
Xen & the Art of Virtualization
Upcoming SlideShare
Loading in...5
×

Xen & the Art of Virtualization

3,382

Published on

My presentation on the paper: Xen and the Art of Virtualization by Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, Andrew Warfield. Prepared for CSCI 297 - Advanced Operating System at GWU, Spring 2010

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
3,382
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
252
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Xen & the Art of Virtualization

  1. 1.   Challenges to build virtual machines   Performance isolation   Process Scheduling   Memory Usage   Network Traffic   Disk Access   Support for various OS platforms   Minimizing performance overhead
  2. 2. Conventional Xen   Full Virtualization   Paravirtualization   GuestOS runs without   Modifications to the modification GuestOS necessary   Guest OS cannot access the   Guest OS runs in parallel hardware directly with other modified systems   Problematic for certain   Provides some exposures to privileged instructions (e.g., the underlying HW traps)   No real-time guarantees
  3. 3.   Multiplexes resources at the granularity of an entire OS   Follows the ideology of Exokernel   As opposed to process-level multiplexing   Price: higher overhead   Target: 100 virtual OSes per machine
  4. 4.   Depending on the hardware supports   Software managed TLB   Associate address space IDs with TLB tags   Allow coexistence of OSes   Avoid TLB flushing across OS boundaries   X86 does not have software managed TLB   Xen exists at the top 64MB of every address space   Avoid TLB flushing when an guest OS enter/exist Xen   Each OS can only map to memory it owns   Writes are validated by Xen
  5. 5.   X86 supports 4 levels of privileges   0 for OS, and 3 for applications   Xen downgrades the privilege of OSes Privilege   System-call and page-fault Level of handlers registered to Xen Guest OS   “fast handlers” for most 0 exceptions, Xen isn’t involved 1 2 3
  6. 6.   Separation of policy and mechanism   Domain0 hosts the application-level management software   Creation and deletion of Control virtual network User User User Plane Software Software Software interfaces and block Software devices GuestOS GuestOS GuestOS GuestOS (XenoLinux) (XenoLinux) (XenoBSD) (XenoXP) Xeno - Aware Xeno - Aware Xeno - Aware Xeno - Aware Device Drivers Device Drivers Device Drivers Device Drivers Domain0 Virtual Virtual X Virtual Virtual Control x86 CPU Physical Network Block E Interface Memory Device N H/W (SMP x86, Phys Mem, eNet, SCSI/IDE)
  7. 7.   Hypercall: synchronous calls from a domain to Xen   Analogous to system calls   Allows domains to perform a synchronous software trap into the hypervisor to perform privileged operation   Events: asynchronous notifications from Xen to domains   Replace device interrupts   Lightweight notification of important system events, similar to Unix signal   Event handling can be deferred by domain
  8. 8.   Safe indirect way to share I/O devices among OSes   Circular queue accessible by Xen and a domain
  9. 9.   Borrowed virtual time scheduling   Allows temporary violations of fair sharing to favor recently-woken domains   Goal: reduce wake-up latency   Xen provides several different types of timers   Real Time (time that always advances regardless of the executing domain)   Virtual Time (time that only advances within the context of the domain)   Wall Clock Time (time that takes in to account local offsets for time zone and DST)
  10. 10.   No shadow pages (VMWare)   Xen provides constrained but direct MMU updates   All guest OSes have read-only accesses to page tables   Updates are batched into a single hypercall   Updates must be validated by Xen   Guest OSes are responsible for allocation and managing pages within their own domain   Xen exists in a generally unused section at the top of every address space to prevent paging out
  11. 11.   Reserved at domain creation times   Memory statically partitioned among domains   Does not guarantee contiguous regions of memory   Supports hardware~physical mapping by providing shared translation array readable by all domains
  12. 12.   Virtual firewall-router attached to all domains   Round-robin packet scheduler   To send a packet, enqueue a buffer descriptor into the transmit rang   Use scatter-gather DMA (no packet copying)   A domain needs to exchange page frame to avoid copying   Page-aligned buffering
  13. 13.   Only Domain0 has direct access to disks   Other domains need to use virtual block devices   Use the I/O ring   Reorder requests prior to enqueuing them on the ring   If permitted, Xen will also reorder requests to improve performance   Use DMA (zero copy)
  14. 14. SPEC INT2000 score SPEC WEB99 CPU Intensive (Little I/O and OS 180Mb/s TCP traffic (Disk read-write interaction) on 2GB dataset)
  15. 15.   Since version 3.0.2 Xen supports unmodified Microsoft OSes and Linux when the host runs on Intel VT or AMD-V hardware   As of 2009 most Linux distributions include Xen packages to interact with the Xen hypervisor and start additional domains   XenServer was made 100% open source 2 years after being acquired by Citrix Systems. Citrix has also formed Xen Project Advisory Board (Xen AB), which currently has members from IBM, Intel, Hewlett-Packard, Novell, Red Hat, Sun Microsystems and Oracle
  16. 16.   Questions?   Discussion   Slide is available at:   http://www.slideshare.net/tarequeh/xen-the-art-of- virtualization
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×