XS Japan 2008 Project Status English
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

XS Japan 2008 Project Status English

on

  • 1,107 views

Ian Pratt: Xen Project Status

Ian Pratt: Xen Project Status

Statistics

Views

Total Views
1,107
Views on SlideShare
1,107
Embed Views
0

Actions

Likes
0
Downloads
16
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

XS Japan 2008 Project Status English Presentation Transcript

  • 1. Xen Project Overview and Update Ian Pratt, Chairman of Xen.org, and Chief Scientist, Citrix Systems Inc.
  • 2. Xen Community Story • 2002 Oct Xen hypervisor development starts • 2004 Xen 1.0 and 2.0 released, First Xen developer’s summit • 2005 XenSource founded, Xen 3.0 released • 2006 CPU enhancements for virtualization ship; Linux distros ship Xen All x86 OSes “enlightened”: Vmware, Microsoft adopt paravirtualization First XenEnterprise release Amazon EC2 Launches • 2007 XenSource acquired by Citrix • 2008 Xen embedded in Flash on HP/Dell servers First embedded Xen on laptops 2 © 2007 Citrix Systems, Inc. — All rights reserved
  • 3. Xen Today • ~17% enterprise server market share (Yankee, Aug 08) • World's largest virtualization deployments are Xen based • Community: over 50 Companies, 20 Universities, from 20 Countries, ~250 developers • More than 10,000 code submissions since Xen 3.0 • x86, IA64, ARM support • In Severs, Laptops, Storage & Network Appliances, PDAs 3 © 2007 Citrix Systems, Inc. — All rights reserved
  • 4. Xen Powers the World’s IT Infrastructure Clouds “ Xen is great. It’s powerful and easy to use. But most important is the very active community around it. That was a very big reason for us in selecting Xen. ” Werner Vogels CTO, Amazon.com 4 © 2007 Citrix Systems, Inc. — All rights reserved
  • 5. Congratulations, and Thank You! 2008 Winner, Server Virtualization Best of Open Source Software Awards 5 © 2007 Citrix Systems, Inc. — All rights reserved
  • 6. Xen Project Mission • Build the industry standard open source hypervisor • Lead the industry in virtualization performance • Ensure continued stability and high quality in the code base • Support multiple CPU types; big and small systems • Foster and sponsor innovation • Drive toward vendor interoperability and compatibility 6 © 2007 Citrix Systems, Inc. — All rights reserved
  • 7. Xen: An Open Reference Standard Xen Citrix, Intel, AMD, VA Linux, Fujitsu, IBM, HP, Unisys, SGI, Samsung, Sun, Red Hat, Novell, DoD, NSA (over 50 orgs) 7 © 2007 Citrix Systems, Inc. — All rights reserved
  • 8. The Xen Project Advisory Board • Represents major contributors and vendors that offers Xen based products. Current members: • Defines and approves the Xen® Trademark Policy (“What is Xen?”) • Oversees community code practices and roadmap 8 © 2007 Citrix Systems, Inc. — All rights reserved
  • 9. Virtualization Benefits Avoid planned downtime X with VM Relocation Dynamically re-balance workload to meet app SLAs or to saver power 9 © 2007 Citrix Systems, Inc. — All rights reserved
  • 10. Virtualization Benefits Restart-HA monitors hosts X and VMs to keep apps running Hardware Fault Tolerance with deterministic replay X or checkpointing 10 © 2007 Citrix Systems, Inc. — All rights reserved
  • 11. Leaders in OS Enlightenment Xen Hypervisor First and Best to support new Intel VT & AMD-V, (Also Hyper-V compatib mart IO & chipset Technologies 11 © 2007 Citrix Systems, Inc. — All rights reserved
  • 12. Unlocking Hardware Innovation Enhanced Security Enhanced Security • TPM and secure boot (TXT) • TPM and secure boot (TXT) • IOMMU to protect device DMA accesses • IOMMU to protect device DMA accesses • Full Execute-Disable (NX/XD) • Full Execute-Disable (NX/XD) Hardware Virtualization Support Hardware Virtualization Support • Nested Page Tables (VT2/VMI) • Nested Page Tables (VT2/VMI) • FlexPriority, FlexMigrate • FlexPriority, FlexMigrate • Smart NICs (e.g. VT-C/VMDq) and HBAs • Smart NICs (e.g. VT-C/VMDq) and HBAs Multi-core Processors Multi-core Processors Only a hypervisor can deliver the • More efficient utilization • More efficient utilization benefits of the new hardware • Hides complexity from guests • Hides complexity from guests 12 © 2007 Citrix Systems, Inc. — All rights reserved
  • 13. OS Paravirtualization (Enlightenment) • Extending the OS to be aware it is running in a virtualized environment • For performance and enhanced correctness • IO, memory size, CPU, MMU, time • In Xen <2.0, some paravirtulizations were compulsory to close x86 virtualization holes • Intel VT / AMD-V allow incremental paravirtualization • Paravirtualization is still very important for performance, and works along side enhancements to the hardware • Higher-level paravirtualizations yield greatest benefit 13 © 2007 Citrix Systems, Inc. — All rights reserved
  • 14. SPECjbb2005 Comparison RHEL5 guest / SPECjbb2005 Sun JVM 1.2 Relative score to native 1 0.8 0.6 0.4 0.2 0 1-vcpu 2-vcpu 4-vcpu Native ESX 3.0.1 XenEnterprise 3.2 14 14 © 2007 Citrix Systems, Inc. — All rights reserved
  • 15. w2k3 Terminal Server Concurrent Session test 15 © 2007 Citrix Systems, Inc. — All rights reserved
  • 16. Hypervisor Security • “hidden hypervisor” attack is a myth, but exploitation of an installed hypervisor is a real and dangerous threat • Hypervisors add more software and thus increase the attack surface • Network-facing control stack • VM containment • Xen much smaller and defensible than an OS • Xen’s “strength in depth” approach • Disaggregate, De-privilege, narrow interfaces • Xen Security Modules from the NSA • Measured launch: TPM/TXT/SKINIT 16 © 2007 Citrix Systems, Inc. — All rights reserved
  • 17. Improving Security with Hypervisors • Hypervisors allow administrative policy enforcement outside the OS • Firewalls, IDS, malware scanning etc • More robust as not so easily disabled • Provides protection within a network rather than just at borders • Hardening OSes with immutable memory, taint tracking, logging and replay • Backup policy, multi-path IO, HA, FT etc • Availability and Reliability • Xen Introspection API project (extending XenAccess library) 17 © 2007 Citrix Systems, Inc. — All rights reserved
  • 18. Xen Client : A Hypervisor for Client Devices • Security, Manageability and Supportability • Building Multi-level secure systems • Run multiple guest VMs with very controlled information flow • Enables Bring-Your-Own-PC model • Corporate VM; VM for web browsing; VM for banking • Migration of VMs between datacentre and laptops for offline use • Seamless merging of VM displays • “Embedded IT” virtual appliances • IDS, Malware detection, remote access, backup etc. • Security requires a true hypervisor architecture 18 © 2007 Citrix Systems, Inc. — All rights reserved
  • 19. Xen Client Initiative • 12 Vendors Collaborating on architecture and implementation of Xen client hypervisor • Security is a key requirement 19 © 2007 Citrix Systems, Inc. — All rights reserved
  • 20. From Laptops to Phones • Smart phones and portable devices • Xen ARM • Smart phones now suffer from many of the same problems as PCs • Simple restricted use cases: • Three VMs running on one CPU: • Real time VM for controlling the radio • VM for vendor/operator -supplied s/w • VM for user-downloaded software 20 © 2007 Citrix Systems, Inc. — All rights reserved
  • 21. Roadmap Current Projects • XenClient • Xen Introspection API • Fault Tolerance • “Difference Engine” memory optimizations • Cloud infrastructure services 21 © 2007 Citrix Systems, Inc. — All rights reserved
  • 22. Closing Remarks •Virtualization is destined to become ubiquitous • Every machine, Every workload • Built in to the platform • Client devices as well as servers •Xen offers the best performance and the most secure architecture • Xen is powered by a growing community with a diverse range of products and services 22 © 2007 Citrix Systems, Inc. — All rights reserved