Your SlideShare is downloading. ×
XS Japan 2008 Project Status English
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

XS Japan 2008 Project Status English

519
views

Published on

Ian Pratt: Xen Project Status

Ian Pratt: Xen Project Status

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
519
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Xen Project Overview and Update Ian Pratt, Chairman of Xen.org, and Chief Scientist, Citrix Systems Inc.
  • 2. Xen Community Story • 2002 Oct Xen hypervisor development starts • 2004 Xen 1.0 and 2.0 released, First Xen developer’s summit • 2005 XenSource founded, Xen 3.0 released • 2006 CPU enhancements for virtualization ship; Linux distros ship Xen All x86 OSes “enlightened”: Vmware, Microsoft adopt paravirtualization First XenEnterprise release Amazon EC2 Launches • 2007 XenSource acquired by Citrix • 2008 Xen embedded in Flash on HP/Dell servers First embedded Xen on laptops 2 © 2007 Citrix Systems, Inc. — All rights reserved
  • 3. Xen Today • ~17% enterprise server market share (Yankee, Aug 08) • World's largest virtualization deployments are Xen based • Community: over 50 Companies, 20 Universities, from 20 Countries, ~250 developers • More than 10,000 code submissions since Xen 3.0 • x86, IA64, ARM support • In Severs, Laptops, Storage & Network Appliances, PDAs 3 © 2007 Citrix Systems, Inc. — All rights reserved
  • 4. Xen Powers the World’s IT Infrastructure Clouds “ Xen is great. It’s powerful and easy to use. But most important is the very active community around it. That was a very big reason for us in selecting Xen. ” Werner Vogels CTO, Amazon.com 4 © 2007 Citrix Systems, Inc. — All rights reserved
  • 5. Congratulations, and Thank You! 2008 Winner, Server Virtualization Best of Open Source Software Awards 5 © 2007 Citrix Systems, Inc. — All rights reserved
  • 6. Xen Project Mission • Build the industry standard open source hypervisor • Lead the industry in virtualization performance • Ensure continued stability and high quality in the code base • Support multiple CPU types; big and small systems • Foster and sponsor innovation • Drive toward vendor interoperability and compatibility 6 © 2007 Citrix Systems, Inc. — All rights reserved
  • 7. Xen: An Open Reference Standard Xen Citrix, Intel, AMD, VA Linux, Fujitsu, IBM, HP, Unisys, SGI, Samsung, Sun, Red Hat, Novell, DoD, NSA (over 50 orgs) 7 © 2007 Citrix Systems, Inc. — All rights reserved
  • 8. The Xen Project Advisory Board • Represents major contributors and vendors that offers Xen based products. Current members: • Defines and approves the Xen® Trademark Policy (“What is Xen?”) • Oversees community code practices and roadmap 8 © 2007 Citrix Systems, Inc. — All rights reserved
  • 9. Virtualization Benefits Avoid planned downtime X with VM Relocation Dynamically re-balance workload to meet app SLAs or to saver power 9 © 2007 Citrix Systems, Inc. — All rights reserved
  • 10. Virtualization Benefits Restart-HA monitors hosts X and VMs to keep apps running Hardware Fault Tolerance with deterministic replay X or checkpointing 10 © 2007 Citrix Systems, Inc. — All rights reserved
  • 11. Leaders in OS Enlightenment Xen Hypervisor First and Best to support new Intel VT & AMD-V, (Also Hyper-V compatib mart IO & chipset Technologies 11 © 2007 Citrix Systems, Inc. — All rights reserved
  • 12. Unlocking Hardware Innovation Enhanced Security Enhanced Security • TPM and secure boot (TXT) • TPM and secure boot (TXT) • IOMMU to protect device DMA accesses • IOMMU to protect device DMA accesses • Full Execute-Disable (NX/XD) • Full Execute-Disable (NX/XD) Hardware Virtualization Support Hardware Virtualization Support • Nested Page Tables (VT2/VMI) • Nested Page Tables (VT2/VMI) • FlexPriority, FlexMigrate • FlexPriority, FlexMigrate • Smart NICs (e.g. VT-C/VMDq) and HBAs • Smart NICs (e.g. VT-C/VMDq) and HBAs Multi-core Processors Multi-core Processors Only a hypervisor can deliver the • More efficient utilization • More efficient utilization benefits of the new hardware • Hides complexity from guests • Hides complexity from guests 12 © 2007 Citrix Systems, Inc. — All rights reserved
  • 13. OS Paravirtualization (Enlightenment) • Extending the OS to be aware it is running in a virtualized environment • For performance and enhanced correctness • IO, memory size, CPU, MMU, time • In Xen <2.0, some paravirtulizations were compulsory to close x86 virtualization holes • Intel VT / AMD-V allow incremental paravirtualization • Paravirtualization is still very important for performance, and works along side enhancements to the hardware • Higher-level paravirtualizations yield greatest benefit 13 © 2007 Citrix Systems, Inc. — All rights reserved
  • 14. SPECjbb2005 Comparison RHEL5 guest / SPECjbb2005 Sun JVM 1.2 Relative score to native 1 0.8 0.6 0.4 0.2 0 1-vcpu 2-vcpu 4-vcpu Native ESX 3.0.1 XenEnterprise 3.2 14 14 © 2007 Citrix Systems, Inc. — All rights reserved
  • 15. w2k3 Terminal Server Concurrent Session test 15 © 2007 Citrix Systems, Inc. — All rights reserved
  • 16. Hypervisor Security • “hidden hypervisor” attack is a myth, but exploitation of an installed hypervisor is a real and dangerous threat • Hypervisors add more software and thus increase the attack surface • Network-facing control stack • VM containment • Xen much smaller and defensible than an OS • Xen’s “strength in depth” approach • Disaggregate, De-privilege, narrow interfaces • Xen Security Modules from the NSA • Measured launch: TPM/TXT/SKINIT 16 © 2007 Citrix Systems, Inc. — All rights reserved
  • 17. Improving Security with Hypervisors • Hypervisors allow administrative policy enforcement outside the OS • Firewalls, IDS, malware scanning etc • More robust as not so easily disabled • Provides protection within a network rather than just at borders • Hardening OSes with immutable memory, taint tracking, logging and replay • Backup policy, multi-path IO, HA, FT etc • Availability and Reliability • Xen Introspection API project (extending XenAccess library) 17 © 2007 Citrix Systems, Inc. — All rights reserved
  • 18. Xen Client : A Hypervisor for Client Devices • Security, Manageability and Supportability • Building Multi-level secure systems • Run multiple guest VMs with very controlled information flow • Enables Bring-Your-Own-PC model • Corporate VM; VM for web browsing; VM for banking • Migration of VMs between datacentre and laptops for offline use • Seamless merging of VM displays • “Embedded IT” virtual appliances • IDS, Malware detection, remote access, backup etc. • Security requires a true hypervisor architecture 18 © 2007 Citrix Systems, Inc. — All rights reserved
  • 19. Xen Client Initiative • 12 Vendors Collaborating on architecture and implementation of Xen client hypervisor • Security is a key requirement 19 © 2007 Citrix Systems, Inc. — All rights reserved
  • 20. From Laptops to Phones • Smart phones and portable devices • Xen ARM • Smart phones now suffer from many of the same problems as PCs • Simple restricted use cases: • Three VMs running on one CPU: • Real time VM for controlling the radio • VM for vendor/operator -supplied s/w • VM for user-downloaded software 20 © 2007 Citrix Systems, Inc. — All rights reserved
  • 21. Roadmap Current Projects • XenClient • Xen Introspection API • Fault Tolerance • “Difference Engine” memory optimizations • Cloud infrastructure services 21 © 2007 Citrix Systems, Inc. — All rights reserved
  • 22. Closing Remarks •Virtualization is destined to become ubiquitous • Every machine, Every workload • Built in to the platform • Client devices as well as servers •Xen offers the best performance and the most secure architecture • Xen is powered by a growing community with a diverse range of products and services 22 © 2007 Citrix Systems, Inc. — All rights reserved