0
Xen Cloud Platform                            Lars Kurth              Xen Community Manager                   lars.kurth@x...
A Brief History of Xen in the CloudLate 90sXenoServer Project(Cambridge Univ.)                                            ...
A Brief History of Xen in the CloudLate 90s       Nov ‘02      Oct ‘03         ‘06             ‘08         ‘09            ...
The Xen Hypervisor was designed forthe Cloud straight from the outset!
Xen.org• Guardian of Xen Hypervisor and related OSS Projects• Xen project Governance similar to Linux Kernel• Projects  – ...
Xen Contributions & Vendors    By Change Sets *)                                                     2011 Contributions by...
Community & Ecosystem Mapxen.org/community/projects                                              Research                 ...
Xen Overview
Basic Xen Concepts                                                              Control Domain aka Dom0                 XL...
PV Domains & Driver DomainsControl domain              Guest VMn        Driver Domain                                     ...
HVM & Stub DomainsDom0           Guest VMn      Stubdomn        Guest VMn                                                 ...
PV on HVM• A mixture of PV and HVM• Linux enables as many PV interfaces                             HVM      PV on   PV  a...
Xen and the Linux Kernel      Xen was initially a University research project Invasive changes to the kernel to run Linux ...
Xen and the Linux Kernel    Xen support in the Linux kernel not upstream     Great maintenance effort on distributions    ...
Current State                       PVOPS Project            Xen Domain 0 in Linux 3.0+        (it is functional but not y...
XCP Project
XCP         Complete vertical stack for          server virtualization         Distributed as a closed appliance        ...
XCP Overview• Open source version of Citrix XenServer      wiki.xen.org/wiki/XCP/XenServer_Feature_Matrix• Enterprise-rea...
Xen vs. XCPXen                                                    XCP (up to 1.1)Hypervisor: latest                       ...
Project “Kronos”: XAPI on Linux• Make the XAPI toolstack independent of CentOS 5.5• Extend the delivery model  – Deliver X...
XCP vs. XAPI on LinuxXCP (up to 1.1)                                           XAPI on LinuxHypervisor: lagging           ...
XCP/XAPI Vision & Next Steps   XCP & XAPI for Linux are the configuration of choice for clouds    –   Optimized for cloud...
XCP 1.5 (soon)• Architectural Improvements: Xen 4.1, GPT, smaller Dom0• GPU pass through: for VMs serving high end graphic...
XAPI Overview
XAPI Functionality Overview•   VM lifecycle: live snapshots, checkpoint, migration•   Resource pools: live migration, auto...
XAPI from 30000 Feet       xen.org/files/XenCloud/ocamldoc/apidoc                                                         ...
XAPI: What is it?• XAPI is the backbone of XCP   – Provides the glue between all components   – Is the backend for all man...
Open vSwitch• Software switch, similar to:  – VMware vNetwork Distributed Switch  – Cisco Nexus 1000V• Distribution agnost...
Why use Open vSwitch with Cloud?• Automated control: OpenFlow• Multi-tenancy• Monitoring and QoS
XAPI Management Options• XAPI frontend command line tool: XE (tab-completable)• Desktop GUIs   o   Citrix XenCenter (Windo...
OpenXenManager
XCP and Cloud Orchestration Stacks
Cloud VM vs. Cloud Package(s) in Dom0Cloud VM (DomU)              Cloud Package(s) in Dom0Pros                         Pro...
XCP & Xen Resources• IRC: ##xen @ FREENODE• Mailing List: xen-users & xen-api• Wiki: wiki.xen.org  – Beginners & User Cate...
Xen, Security, QoS and the Cloud                            41
“Security and QoS/Reliability are amongst the top 3 blockers for cloud adoption” www.colt.net/cio-research
Security and the Next Wave of Virtualization• Security is key requirement for Cloud• Security is the primary goal of virtu...
Architecture ConsiderationsType 1: Bare metal Hypervisor                                Type 2: OS ‘Hosted’A pure Hypervis...
Xen: Type 1 with a TwistControl domain                                                           Thin hypervisor(dom0)   ...
Xen Security & Robustness Advantages• Even without Advanced Security Features  – Well-defined trusted computing base    (m...
Advanced Security: Disaggregation• Split Control Domain into Driver, Stub and Service Domains  – Each contains a specific ...
Example: Network Driver Domain for HA• Detect failure e.g.                                  350  – Illegal access         ...
Qubes OS / XenClient XT• First products configured to take advantage of the security  benefits of Xen’s architecture• Isol...
Advanced XenClient Architecture                  Per host/device                      Per guest                   Service ...
BUT…• Today, XCP and commercial Xen based Server products   – Do not make use of XSM   – Do not make use of Advanced Secur...
Summary: Why Xen?
• Designed for the Cloud : many advantages for cloud use!   – Security: Small surface of attack, Isolation & Advanced Secu...
Shameless MarketingVendors in the Xen community are hiring!Vendors in the Xen community are hiring!Vendors in the Xen comm...
Questions …
Upcoming SlideShare
Loading in...5
×

Xen Cloud Platform at Build a Cloud Day at SCALE 10x

6,671

Published on

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
6,671
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
127
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Transcript of "Xen Cloud Platform at Build a Cloud Day at SCALE 10x "

  1. 1. Xen Cloud Platform Lars Kurth Xen Community Manager lars.kurth@xen.org @lars_kurth @xen_com_mgr
  2. 2. A Brief History of Xen in the CloudLate 90sXenoServer Project(Cambridge Univ.) Global Public ComputingThe XenoServer project is building a public “This dissertation proposes a new distributed computinginfrastructure for wide-area distributed paradigm, termed global public computing, which allowscomputing. We envisage a world in which any user to run any code anywhere. Such platforms priceXenoServer execution platforms will be computing resources, and ultimately charge users forscattered across the globe and available for resources consumed.“any member of the public to submit codefor execution. Evangelos Kotsovinos, PhD dissertation, 2004
  3. 3. A Brief History of Xen in the CloudLate 90s Nov ‘02 Oct ‘03 ‘06 ‘08 ‘09 ‘11XenoServer Project Amazon EC2 XCP 1.x(Cambridge Univ.) and Slicehost Xen in Linux launched Kronos Xen Xen Presented Rackspace Cloud Mgmt Repository at SOSP Cloud Published XCP Announced
  4. 4. The Xen Hypervisor was designed forthe Cloud straight from the outset!
  5. 5. Xen.org• Guardian of Xen Hypervisor and related OSS Projects• Xen project Governance similar to Linux Kernel• Projects – Xen Hypervisor (led by Citrix) – Xen Cloud Platform aka XCP (led by Citrix) – Xen ARM (led by Samsung) – PVOPS : Xen components and support in Linux Kernel (led by Oracle)
  6. 6. Xen Contributions & Vendors By Change Sets *) 2011 Contributions by KLOC **) ***) 1% 5000.0 3% 4500.0 5% 6% 4000.0 Citrix XCP 28% 3500.0 Citrix HV Samsung* 3000.0 11% PVOPS Novell 2500.0 Oracle XCP 2000.0 AMD Xen HV Individual 1500.0 13% Intel 1000.0 18% Misc 500.0 0.0 15% 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011*) Does not count activity on XenARM *) Activity on Development branch (not yet in xen-unstable) (as not yet in an official repo) **) Includes PVOPS ***) Figures up to end of Q3 2011
  7. 7. Community & Ecosystem Mapxen.org/community/projects Research A Xen D Hosting Projects Vendors D # XCP XCP Products s Projects Xen Consulting Products People Consulting Firms
  8. 8. Xen Overview
  9. 9. Basic Xen Concepts Control Domain aka Dom0 XL, XM (deprecated) • Dom0 kernel with drivers • Xen Management Toolstack VMn • Trusted Computing Base VM1 Guest DomainsControl domain One or more VM0(dom0) driver, stub or • Your apps Dom0 Kernel service domains Guest OS and Apps • E.g. your cloud management stack Driver/Stub/Service Domain(s)Scheduler, MMU Xen Hypervisor • A “driver, device model or control Host HW service in a box”I/O Memory CPUs • De-privileged and isolated • Lifetime: start, stop, kill 11
  10. 10. PV Domains & Driver DomainsControl domain Guest VMn Driver Domain Linux PV guests have limitations:(dom0) e.g. • limited set of virtual hardware Apps • Disk • Network Advantages PV Back Ends PV Front Ends PV Back End • Fast • Works on any system HW Drivers HW Driver (even without virt extensions) Guest OS Dom0 Kernel* Driver Domains Xen Hypervisor • Security • IsolationI/O Memory CPUs Host HW • Reliability and Robustness *) Can be MiniOS 12
  11. 11. HVM & Stub DomainsDom0 Guest VMn Stubdomn Guest VMn Disadvantages • Slower than PV due to Emulation (mainly I/O devices) IO Emulation IO EmulationDevice Model Device Model Advantages • Install the same way as native Linux IO Event Stub Domains IO Event VMEXIT Mini OS VMEXIT • Security Xen Hypervisor • Isolation • Reliability and Robustness Host HW 13
  12. 12. PV on HVM• A mixture of PV and HVM• Linux enables as many PV interfaces HVM PV on PV as possible HVM Boot Sequence Emulated Emulated PV• This has advantages Memory HW HW PV – install the same way as native Interrupts, Emulated PV* PV – PC-like hardware Timers & – access to fast PV devices Spinlocks – exploit nested paging Disk & Network Emulated PV PV – Good performance trade-offs Privileged HW HW PV Operations• Drivers in Linux 3.x *) Emulated for Windows
  13. 13. Xen and the Linux Kernel Xen was initially a University research project Invasive changes to the kernel to run Linux as a PV guest Even more changes to run Linux as dom0
  14. 14. Xen and the Linux Kernel Xen support in the Linux kernel not upstream Great maintenance effort on distributions Risk of distributions dropping Xen support Xen harder to use
  15. 15. Current State PVOPS Project Xen Domain 0 in Linux 3.0+ (it is functional but not yet fully optimized) On-going work to round out the feature set in Linux 3.2 +
  16. 16. XCP Project
  17. 17. XCP  Complete vertical stack for server virtualization  Distributed as a closed appliance (ISO) with CentOS 5.5 Dom0, misc DomU’s, network & storage support and Xen API  Open source distribution of Citrix XenServer
  18. 18. XCP Overview• Open source version of Citrix XenServer  wiki.xen.org/wiki/XCP/XenServer_Feature_Matrix• Enterprise-ready server virtualization and cloud platform  Extends Xen beyond one physical machine and other functionality  Lots of other additional functionality compared to Xen• Built-in support and templates for Windows and Linux guests• Datacenter and cloud-ready management API  XenAPI (XAPI) is fully open source  CloudStack and OpenStack integration• Open vSwitch support built-in
  19. 19. Xen vs. XCPXen XCP (up to 1.1)Hypervisor: latest Hypervisor: laggingDom0 OS: CentOS, Debian, Fedora, NetBSD, Dom 0 OS: CentOS 5.5OpenSuse, RHEL 5.x, Solaris 11, SuseDom 0: 32 and 64 bits Dom 0: 32 bitsLinux 3 PVOPS Dom0: Yes Linux 3 PVOPS Dom0: NoToolstack: XM (deprecated), XL or Libvirt Toolstack: XAPI + XE – lots of additional functionalityStorage, Network, Drivers: build and get yourself Storage, Network, Drivers: integrated with Open vSwitch, multiple storage types & driversConfigurations: Everything Configurations: constrained by XAPI, some Xen functionality is disabledUsage Model: Do it yourself Usage Model: Shrink wrapped and testedDistribution: Source or via LinuxUnix distributions Distribution: ISO 21
  20. 20. Project “Kronos”: XAPI on Linux• Make the XAPI toolstack independent of CentOS 5.5• Extend the delivery model – Deliver Xen, XAPI and everything in between (storage manager, network support, OCaml libs, etc.) via your favorite Linux distro “apt-get install xcp-xapi” or “yum install xcp-xapi”• Debian• Next: Ubuntu 12.04 LTS• Later: other major Linux distro (Fedora, CentOS, etc.) – Volunteers are welcome!
  21. 21. XCP vs. XAPI on LinuxXCP (up to 1.1) XAPI on LinuxHypervisor: lagging Hypervisor: same as parent Linux distroDom 0 OS: CentOS 5.5 Dom 0 OS: Debian, Ubuntu, …Dom 0: 32 bits Dom 0: 32 and 64 bitsLinux 3 PVOPS Dom0: No Linux 3 PVOPS Dom0: YesToolstack: XAPI + XE – lots of additional functionality Same as XCPStorage, Network, Drivers: integrated with Open Storage, Network, Drivers: Get them yourself, somevSwitch, multiple storage types & drivers are available as Linux packagesConfigurations: constrained by XAPI, some Xen Same as XCPfunctionality is disabledUsage Model: Shrink wrapped and tested Usage Model: Do it yourselfDistribution: ISO Distribution: via host Linux distribution 23
  22. 22. XCP/XAPI Vision & Next Steps XCP & XAPI for Linux are the configuration of choice for clouds – Optimized for cloud use-cases – Optimized for usage patterns in cloud projects – XAPI toolstack is more easily consumable We are doing this by … – XenServer is built from XCP (almost there) – Track unstable Xen hypervisor and Linux kernels aggressively (almost there) – Deliver into Linux distributions : more flexibility – Exploit advanced Xen security features – Fully open development model (build & test capability)
  23. 23. XCP 1.5 (soon)• Architectural Improvements: Xen 4.1, GPT, smaller Dom0• GPU pass through: for VMs serving high end graphics• Performance and Scalability: – 1 TB mem/host – 16 VCPUs/VM, 128 GB/VM• Networking: Open vSwitch (default), Active-Backup NIC Bonding• Virtual Appliance: multi-VM and boot sequenced, OVF support• More guest OS templates
  24. 24. XAPI Overview
  25. 25. XAPI Functionality Overview• VM lifecycle: live snapshots, checkpoint, migration• Resource pools: live migration, auto configuration, disaster recovery• Flexible storage and networking• Event tracking: progress, notification• Upgrade and patching capabilities• Real-time performance monitoring and alerting• Full list: wiki.xen.org/wiki/XCP/XenServer_Feature_Matrix
  26. 26. XAPI from 30000 Feet xen.org/files/XenCloud/ocamldoc/apidoc Storage SM Network BBD_ host_cpu SR metrics PDB VDIuser session host task VBD pool crash Host_ event dump metrics PIF VM network VIF VM_ metrics PIF_ VM_guest_ metrics metrics console task
  27. 27. XAPI: What is it?• XAPI is the backbone of XCP – Provides the glue between all components – Is the backend for all management applications• Call it XAPI or XenAPI• Its a XML-RPC style API, served via HTTPS – Provided by a service on every XCP dom0 host – Designed to by highly programmable – API bindings for many languages: .NET, Java, C, Powershell, Python• XAPI is Extensible via plugins – E.g. used by OpenStack
  28. 28. Open vSwitch• Software switch, similar to: – VMware vNetwork Distributed Switch – Cisco Nexus 1000V• Distribution agnostic. Plugs right into Linux kernel.• Reuses existing Linux kernel networking subsystems.• Backwards-compatible with traditional userspace tools.• Free and Open Source http://openvswitch.org/
  29. 29. Why use Open vSwitch with Cloud?• Automated control: OpenFlow• Multi-tenancy• Monitoring and QoS
  30. 30. XAPI Management Options• XAPI frontend command line tool: XE (tab-completable)• Desktop GUIs o Citrix XenCenter (Windows-only) o OpenXenManager (open source cross-platform XenCenter clone)• Web interfaces o Xen VNC Proxy (XVP)  lightweight VM console only  user access control to VMs (multi-tenancy) o XenWebManager (web-based clone of OpenXenManager• XCP Ecosystem: o xen.org/community/vendors/XCPProjectsPage.html o xen.org/community/vendors/XCPProductsPage.html
  31. 31. OpenXenManager
  32. 32. XCP and Cloud Orchestration Stacks
  33. 33. Cloud VM vs. Cloud Package(s) in Dom0Cloud VM (DomU) Cloud Package(s) in Dom0Pros Pros • Isolation of cloud VM • Simple install • Security properties • Flexibility • Pre-package + appliance • Simpler overallCons Cons • Slightly more complex • Less isolation • Less flexible • Cloud node is a potential entry point to compromise Dom0
  34. 34. XCP & Xen Resources• IRC: ##xen @ FREENODE• Mailing List: xen-users & xen-api• Wiki: wiki.xen.org – Beginners & User Categories• Excellent Tutorials – A day worth of material @ xen.org/community/xenday11
  35. 35. Xen, Security, QoS and the Cloud 41
  36. 36. “Security and QoS/Reliability are amongst the top 3 blockers for cloud adoption” www.colt.net/cio-research
  37. 37. Security and the Next Wave of Virtualization• Security is key requirement for Cloud• Security is the primary goal of virtualization on the Client – Desktop, Laptops, Tablets & Smart Phones• Maintaining isolation between VMs is critical – Spatial and Temporal isolation – Run multiple VMs with policy controlled information flow • E.g. Personal VM; Corporate VM; VM for web browsing; VM for banking
  38. 38. Architecture ConsiderationsType 1: Bare metal Hypervisor Type 2: OS ‘Hosted’A pure Hypervisor that runs directly on the A Hypervisor that runs within a Host OS and hostshardware and hosts Guest OS’s. Guest OS’s inside of it, using the host OS services to provide the virtual environment. VMn User-level VMM VMn VM1 User VM1 Apps VM0 Device Models VM0 Guest OS Guest OS and Apps and Apps Host OS Scheduler Hypervisor Ring-0 VM Monitor Device Drivers/Models Device Drivers “Kernel “ MMU Host HW Host HWI/O Memory CPUs I/O Memory CPUs Provides partition isolation + reliability, Low cost, no additional drivers higher security Ease of use & installation
  39. 39. Xen: Type 1 with a TwistControl domain  Thin hypervisor(dom0) • Functionality moved to Dom0 Device Models VMn  Using Linux PVOPS VM1 • Take full advantage of PV Drivers VM0 • PV on HVM Guest OS • No additional device drivers (Linux Linux, BSD, etc. and Apps 3.x dom0) Hypervisor Scheduler MMU XSM  In other words Host HW • low cost (drivers)I/O Memory CPUs • Ease of use & Installation • Isolation & Security 45
  40. 40. Xen Security & Robustness Advantages• Even without Advanced Security Features – Well-defined trusted computing base (much smaller than on type-2 hypervisor) – No extra services in hypervisor layer• More Robustness: Mature, Tried & Tested, Architecture• Xen Security Modules (or XSM) – Developed and contributed to Xen by NSA – Generalized Security Framework for Xen – The Xen equivalent of SELinux 46
  41. 41. Advanced Security: Disaggregation• Split Control Domain into Driver, Stub and Service Domains – Each contains a specific set of control logic – See: ”Breaking up is hard to do” @ Xen Papers• Unique benefit of the Xen architecture – Security: Minimum privilege; Narrow interfaces – Performance: lightweight, e.g. Mini OS directly on hypervisor – Robustness: ability to safely restart parts of the system – Scalability: more distributed system (less reliable on Dom0)
  42. 42. Example: Network Driver Domain for HA• Detect failure e.g. 350 – Illegal access 300 – Timeout 250• Kill domain, restart 200 150 – E.g. Just 275ms outage from 100 failed Ethernet driver 50• Auto-restarts to 0 0 5 10 15 20 25 30 35 40 enhance security time (s)
  43. 43. Qubes OS / XenClient XT• First products configured to take advantage of the security benefits of Xen’s architecture• Isolated Driver Domains• Virtual hardware Emulation Domains• Service VMs (global and per-guest)• Xen Security Modules
  44. 44. Advanced XenClient Architecture Per host/device Per guest Service VMs Service VMs VPN Isolation Control Domain Management VPN Isolation User VM User VM Emulate Emulation Device Network Isolation Domain Device Policy Granularity Policy Granularity Xen Hypervisor Xen Security Modules VT-d TXT Intel vPro Hardware VT-x AES-NI
  45. 45. BUT…• Today, XCP and commercial Xen based Server products – Do not make use of XSM – Do not make use of Advanced Security Features (Disaggregation)• Most of these features are poorly documented on xen wiki• In XCP, work has started to add these features – Various articles of how this may be done on the xen wiki – Hopefully more information soon• Commitment on improving docs for Security, Reliability & Tuning
  46. 46. Summary: Why Xen?
  47. 47. • Designed for the Cloud : many advantages for cloud use! – Security: Small surface of attack, Isolation & Advanced Security Features – Resilience, Robustness & Scalability• Widely used by Cloud Providers• XCP & XAPI – Ready for use with cloud orchestration stacks – XCP and XAPI on Linux: flexibility and choice – Lots of additional improvements for cloud coming in 2012• Flexibility and choice of Usage Models – Also one of the challenges for Xen• Catching up on “Ease of deployment and getting started”• Open Source with a large community and eco-system
  48. 48. Shameless MarketingVendors in the Xen community are hiring!Vendors in the Xen community are hiring!Vendors in the Xen community are hiring!xen.org/community/jobs.html
  49. 49. Questions …
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×