The document discusses using NAS proxies to optimize storage for virtual machines (VMs). A VM NAS proxy is proposed that is specialized for VMs and integrates with the hypervisor platform. It maintains a private directory for each VM's local files. The proxy can control what is stored locally through techniques like file referrals. When a VM migrates, its proxy migrates as well to provide transparent access to files during and after migration. Distributed NAS features like referrals and delegation are leveraged and enhanced to allow the proxy to dynamically control file locations.
Xen is a mature enterprise-grade virtual machine with many advanced security features which are unique to Xen. For this reason it's the hypervisor of choice for the NSA, the DoD, and the new QubesOS Secure Desktop project. However, while much of the security of Xen is inherent in its design, many of the advanced security features, such as stub domains, driver domains, XSM, and so on are not enabled by default. This session will describe all of the advanced security features of Xen, and the best way to configure them for the Cloud environment.
Securing Your Cloud With the Xen Hypervisor by Russell Pavlicekbuildacloud
The Xen Project produces a mature, enterprise-grade virtualization technology designed for the Cloud featuring many advanced and unique security features. For this reason, it's a hypervisor of choice for government agencies like NSA and the DoD, as well as for new security-minded projects the QubesOS Secure Desktop. However, while much of the security of Xen is inherent in its design, many of the advanced security features, such as stub domains, driver domains, and Xen Security Modules (XSM), are not enabled by default. This session will describe many of the advanced security features of Xen, as well as explaining why Xen is an excellent choice for secure Clouds
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPThe Linux Foundation
The Xen Hypervisor was built for the Cloud from the outset: when Xen was designed, we anticipated a world, which today is known as cloud computing. Today, Xen powers the largest clouds in production. This talk explores success criteria, architecture, trade-offs and challenges for cloudy hypervisors.
It is intended for users and developers and starts with a brief introduction to Xen and XCP, their architecture, shine some light on common challenges for KVM and Xen, such as the NUMA performance tax and securing the cloud. It will introduce the concept of domain disaggregation as an approach to increase security, robustness and scalability: all important factors for building clouds at scale. The talk will conclude with an update on Xen support in Linux, Xen for ARM servers and other exciting developments in the Xen community and their implications for building open source clouds.
Xen is a mature enterprise-grade virtual machine with many advanced security features which are unique to Xen. For this reason it's the hypervisor of choice for the NSA, the DoD, and the new QubesOS Secure Desktop project. However, while much of the security of Xen is inherent in its design, many of the advanced security features, such as stub domains, driver domains, XSM, and so on are not enabled by default. This session will describe all of the advanced security features of Xen, and the best way to configure them for the Cloud environment.
Securing Your Cloud With the Xen Hypervisor by Russell Pavlicekbuildacloud
The Xen Project produces a mature, enterprise-grade virtualization technology designed for the Cloud featuring many advanced and unique security features. For this reason, it's a hypervisor of choice for government agencies like NSA and the DoD, as well as for new security-minded projects the QubesOS Secure Desktop. However, while much of the security of Xen is inherent in its design, many of the advanced security features, such as stub domains, driver domains, and Xen Security Modules (XSM), are not enabled by default. This session will describe many of the advanced security features of Xen, as well as explaining why Xen is an excellent choice for secure Clouds
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPThe Linux Foundation
The Xen Hypervisor was built for the Cloud from the outset: when Xen was designed, we anticipated a world, which today is known as cloud computing. Today, Xen powers the largest clouds in production. This talk explores success criteria, architecture, trade-offs and challenges for cloudy hypervisors.
It is intended for users and developers and starts with a brief introduction to Xen and XCP, their architecture, shine some light on common challenges for KVM and Xen, such as the NUMA performance tax and securing the cloud. It will introduce the concept of domain disaggregation as an approach to increase security, robustness and scalability: all important factors for building clouds at scale. The talk will conclude with an update on Xen support in Linux, Xen for ARM servers and other exciting developments in the Xen community and their implications for building open source clouds.
NVDIMM is a standard for allowing non-volatile memory to be exposed to as normal RAM, which can be directly mapped to guests. This simple concept has the potential to dramatically change the way software is written; but also has a number of surprising problems to solve. Furthermore, this area is plagued with incomplete specifications and confusing terminology.
This talk will attempt to give an overview of NVDIMMs from an operating system perspective: What the terminology means, how they are discovered and partitioned, issues relating to filesystems, a brief description of the functionality available in Linux, and so on. It will then describe the various issues and design choices a Xen system has to make in order to allow Xen systems to use NVDIMMs effectively.
In this session we examined the Xen PV performance on the latest platforms in a few cases that covers CPU/memory intensive, disk intensive and network intensive workloads. We compared Xen PV guest vs. HVM/PVOPS to see whether PV guest still have advantage over HVM on a system with state-of-the-art VT features. KVM was also compared as a reference. We also compared PV driver performance against bare-metal and pass-through/SR-IOV. The identified issues were discussed and we presented our proposal on fixing those issues.
Static partitioning is used to split an embedded system into multiple domains, each of them having access only to a portion of the hardware on the SoC. It is key to enable mixed-criticality scenarios, where a critical application, often based on a small RTOS, runs alongside a larger non-critical app, typically based on Linux. The two domains cannot interfere with each other.
This talk will explain how to use Xen for static partitioning. It will introduce dom0-less, a new Xen feature written for the purpose. Dom0-less allows multiple VMs to start at boot time directly from the Xen hypervisor, decreasing boot times drastically. It makes it very easy to partition the system without virtualization overhead. Dom0 becomes unnecessary.
This presentation will go into details on how to setup a Xen dom0-less system. It will show configuration examples and explain device assignment. The talk will discuss its implications for latency-sensitive and safety-critical environments.
LCEU13: Securing your cloud with Xen's advanced security features - George Du...The Linux Foundation
Xen is a mature enterprise-grade virtual machine with many advanced security features which are unique to Xen. For this reason it's the hypervisor of choice for the NSA, the DoD, and the new QubesOS Secure Desktop project. While much of the security of Xen is inherent in its design, many of the advanced security features, such as stub domains, driver domains, XSM, and so on are not enabled by default. This session will describe all of the advanced security features of Xen, and the best way to configure them for the Cloud environment. When the audience leaves, they should have a general framework to evaluate the security of their system, know the key security features of Xen, and have a basic framework of knowledge to help them make sense of the documentation. This talk will *not* go into mind-numbing detail about specific commands to type or configuration options.
The Xen Project supports some of the biggest clouds in production today and is moving into new industries, like security and automotive. Usually, you will use Xen indirectly as part of a commercial product, a distro, a hosting or cloud service and only indirectly use Xen. By following this session you will learn how Xen and virtualization work under the hood exploring high-level topics like architecture concepts related to virtualization to more technical attributes of the hypervisor like memory management (ballooning), virtual CPUs, scheduling, pinning, saving/restoring and migrating VMs.
http://cloudstack.org/about-cloudstack/cloudstack-events/viewevent/29-build-an-open-source-cloud-day-boston.html
XCP combines the Xen hypervisor with enhanced security, storage, and network virtualization technologies to offer a rich set of virtualinfrastructure cloud services. These XCP cloud services can be leveraged by cloud providers to enable isolation and multi-tenancy capabilities in their environments. XCP also provides the user requirements of security, availability, performance, and isolation for private and public cloud deployments.
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...The Linux Foundation
EmbeddedXEN is a particularly efficient virtualization framework tailored to ARM-based core embedded systems.
While security and OS isolation are key features of conventional virtualizuation frameworks, the main concerns for EmbeddedXEN are device heterogeneity and realtime aspects, which are particularly important in the embedded world.
EmbeddedXEN mainly relies on the original XEN architecture but with major differences in the way guest OS are handled: the hypervisor has been simplified, and only two guest OS (dom0 and domU) can run simultaneously; while dom0 is used to manage the native OS with drivers (original and backend splitted drivers), a paravirtualized OS (domU) can be cross-compiled on a different ARM device, and user applications can run seamlessly on the (virtualized) host device. Another important difference is that no user space tools are required to manage the VMs; the framework produces a compact single binary image containing both dom0 and domU guests, which can be easily deployed. The Xenbus architecture has been adapted to that context.
EmbeddedXEN therefore allows the porting of an OS and its applications from an ARM embedded device to last generation ARM hardware, such as HTC Smartphone for example.
Rackspace has years of experience with running Xen at scale, starting with Xen and migrating to XenServer. We will share why we use Xen/XenServer along with some of the issues that we've experienced. We will touch on our experience with migrating from Xen to XenServer and the challenges there. We will share information about Rackspace Cloud Servers architecture, and touch briefly on OpenStack when doing so. We will explain how we use Xen to quickly deploy new Openstack services with what we call Nova on Nova. And finally, we will discuss what additional features and improvements are needed and why.
Google uses virtualization for internal corporate infrastructure. As part of this, we have developed a number of tools, some open source, for managing the Xen deployment. The talk will describe the technical infrastructure used, the internal workflows and machine management processes, and the specific use-cases for virtualization.
NVDIMM is a standard for allowing non-volatile memory to be exposed to as normal RAM, which can be directly mapped to guests. This simple concept has the potential to dramatically change the way software is written; but also has a number of surprising problems to solve. Furthermore, this area is plagued with incomplete specifications and confusing terminology.
This talk will attempt to give an overview of NVDIMMs from an operating system perspective: What the terminology means, how they are discovered and partitioned, issues relating to filesystems, a brief description of the functionality available in Linux, and so on. It will then describe the various issues and design choices a Xen system has to make in order to allow Xen systems to use NVDIMMs effectively.
In this session we examined the Xen PV performance on the latest platforms in a few cases that covers CPU/memory intensive, disk intensive and network intensive workloads. We compared Xen PV guest vs. HVM/PVOPS to see whether PV guest still have advantage over HVM on a system with state-of-the-art VT features. KVM was also compared as a reference. We also compared PV driver performance against bare-metal and pass-through/SR-IOV. The identified issues were discussed and we presented our proposal on fixing those issues.
Static partitioning is used to split an embedded system into multiple domains, each of them having access only to a portion of the hardware on the SoC. It is key to enable mixed-criticality scenarios, where a critical application, often based on a small RTOS, runs alongside a larger non-critical app, typically based on Linux. The two domains cannot interfere with each other.
This talk will explain how to use Xen for static partitioning. It will introduce dom0-less, a new Xen feature written for the purpose. Dom0-less allows multiple VMs to start at boot time directly from the Xen hypervisor, decreasing boot times drastically. It makes it very easy to partition the system without virtualization overhead. Dom0 becomes unnecessary.
This presentation will go into details on how to setup a Xen dom0-less system. It will show configuration examples and explain device assignment. The talk will discuss its implications for latency-sensitive and safety-critical environments.
LCEU13: Securing your cloud with Xen's advanced security features - George Du...The Linux Foundation
Xen is a mature enterprise-grade virtual machine with many advanced security features which are unique to Xen. For this reason it's the hypervisor of choice for the NSA, the DoD, and the new QubesOS Secure Desktop project. While much of the security of Xen is inherent in its design, many of the advanced security features, such as stub domains, driver domains, XSM, and so on are not enabled by default. This session will describe all of the advanced security features of Xen, and the best way to configure them for the Cloud environment. When the audience leaves, they should have a general framework to evaluate the security of their system, know the key security features of Xen, and have a basic framework of knowledge to help them make sense of the documentation. This talk will *not* go into mind-numbing detail about specific commands to type or configuration options.
The Xen Project supports some of the biggest clouds in production today and is moving into new industries, like security and automotive. Usually, you will use Xen indirectly as part of a commercial product, a distro, a hosting or cloud service and only indirectly use Xen. By following this session you will learn how Xen and virtualization work under the hood exploring high-level topics like architecture concepts related to virtualization to more technical attributes of the hypervisor like memory management (ballooning), virtual CPUs, scheduling, pinning, saving/restoring and migrating VMs.
http://cloudstack.org/about-cloudstack/cloudstack-events/viewevent/29-build-an-open-source-cloud-day-boston.html
XCP combines the Xen hypervisor with enhanced security, storage, and network virtualization technologies to offer a rich set of virtualinfrastructure cloud services. These XCP cloud services can be leveraged by cloud providers to enable isolation and multi-tenancy capabilities in their environments. XCP also provides the user requirements of security, availability, performance, and isolation for private and public cloud deployments.
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...The Linux Foundation
EmbeddedXEN is a particularly efficient virtualization framework tailored to ARM-based core embedded systems.
While security and OS isolation are key features of conventional virtualizuation frameworks, the main concerns for EmbeddedXEN are device heterogeneity and realtime aspects, which are particularly important in the embedded world.
EmbeddedXEN mainly relies on the original XEN architecture but with major differences in the way guest OS are handled: the hypervisor has been simplified, and only two guest OS (dom0 and domU) can run simultaneously; while dom0 is used to manage the native OS with drivers (original and backend splitted drivers), a paravirtualized OS (domU) can be cross-compiled on a different ARM device, and user applications can run seamlessly on the (virtualized) host device. Another important difference is that no user space tools are required to manage the VMs; the framework produces a compact single binary image containing both dom0 and domU guests, which can be easily deployed. The Xenbus architecture has been adapted to that context.
EmbeddedXEN therefore allows the porting of an OS and its applications from an ARM embedded device to last generation ARM hardware, such as HTC Smartphone for example.
Rackspace has years of experience with running Xen at scale, starting with Xen and migrating to XenServer. We will share why we use Xen/XenServer along with some of the issues that we've experienced. We will touch on our experience with migrating from Xen to XenServer and the challenges there. We will share information about Rackspace Cloud Servers architecture, and touch briefly on OpenStack when doing so. We will explain how we use Xen to quickly deploy new Openstack services with what we call Nova on Nova. And finally, we will discuss what additional features and improvements are needed and why.
Google uses virtualization for internal corporate infrastructure. As part of this, we have developed a number of tools, some open source, for managing the Xen deployment. The talk will describe the technical infrastructure used, the internal workflows and machine management processes, and the specific use-cases for virtualization.
Emulex Connect Architecture:The Next Generation of Virtual I/OEmulex Corporation
Join us to learn more about the Emulex Connect Architecture: the Next Generation of Virtual I/O Connectivity, and the new XE201 I/O Controller, the industry's first quad-port converged fabric controller unifying Fibre Channel and Ethernet.
Hadoop World 2011: HDFS Federation - Suresh Srinivas, HortonworksCloudera, Inc.
Scalability of the NameNode has been a key issue for HDFS clusters. Because the entire file system metadata is stored in memory on a single NameNode, and all metadata operations are processed on this single system, the NameNode both limits the growth in size of the cluster and makes the NameService a bottleneck for the MapReduce framework as demand increases. This presentation will describe the features and implementation of HDFS Federation scheduled for release with Hadoop-0.23.
Personal storage to enterprise storage system journeySoumen Sarkar
A brief journey through storage wonderland. Notes are not visible when you view in slide share. However they would be visible when the slides are viewed in powerpoint [you have to download the slides for that]
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
TrenchBoot is a cross-community OSS integration project for hardware-rooted, late launch integrity of open and proprietary systems. It provides a general purpose, open-source DRTM kernel for measured system launch and attestation of device integrity to trust-centric access infrastructure. TrenchBoot closes the UEFI Measurement Gap and reduces the need to trust system firmware. This talk will introduce TrenchBoot architecture and a recent collaboration with Oracle to launch the Linux kernel directly with Intel TXT or AMD SVM Secure Launch. It will propose mechanisms for integrating the Xen hypervisor into a TrenchBoot system launch. DRTM-enabled capabilities for client, server and embedded platforms will be presented for consideration by the Xen community.
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
Artem will briefly cover what has been done since the first talk on Xen in Automotive domain back in 2013, what is going on now and what is still missing for broad adaptation of Xen in vehicles. The following topics will be covered:
Embedded/automotive features of Xen
Collaboration with AGL and GENIVI organizations for standardization
Efforts on Functional Safety compliance
Artem will also go over typical automotive use scenarios for Xen which may not be the same as generic computing use of hypervisor.
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
In this keynote talk, we will give an overview of the state of the Xen Project, trends that impact the project, see whether challenges that surfaced last year have been addressed and how we did it, and highlight new challenges and solutions for the coming year.
In recent years unikernels have shown immense performance potential (e.g., boot times of only a few ms, image sizes of only hundreds of KBs).The fundamental drawback of unikernels is that they require that applications be manually ported to the underlying minimalistic OS, needing both expert work and often considerable amount of time.
The Unikraft project provides a unikernel code base and build system that significantly simplifies the building of unikernels. In addition to support for a number CPU architectures, languages and frameworks, Unikraft provides debugging and tracing features that are generally sorely missing from unikernel projects. In this talk we will talk about these features, show a set of preliminary performance numbers, and provide a roadmap for the project's future.
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
The idea of making Xen secret-free has been floating since Spectre and Meltdown came into light. In this talk we will discuss what is being done and what needs to be done next.
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
This talk will introduce Dom0-less: a new way of using Xen to build mixed-criticality solutions. Dom0-less is a Xen feature that adds a novel approach to static partitioning based on virtualization. It allows multiple domains to start at boot time directly from the Xen hypervisor, decreasing boot times dramatically. Xen userspace tools, such as xl and libvirt, become optional.
Dom0-less extends the existing device tree based Xen boot protocol to cover information required by additional domains. Binaries, such as kernels and ramdisks, are loaded by the bootloader (u-boot) and advertised to Xen via new device tree bindings.
The audience will learn how to use Dom0-less to partition the system. Uboot and device tree configuration details will be explained to enable the audience to get the most out of this feature. The talk will include a status update and details on future plans.
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
As the number of contributions grow, reviewer bandwidth becomes a bottleneck; and maintainers are always asking for more help. However, ultimately maintainers must at least Ack every patch that goes in; so if you're not a maintainer, how can you contribute? Why should anyone care about your opinion?
This talk will try to lay out some advice and guidelines for non-maintainers, for how they can do code review in a way which will effectively reduce the load on maintainers when they do come to review a patch.
This talk is a follow-up to our Summit 2017 presentation in which we covered our plans for Intel VMFUNC and #VE, as well as related use-cases. This year, we will provide a report on what we have accomplished in Xen 4.12, and what remains to be addressed. We will also give a brief status update of VMI on AMD hardware. The session will end with some real-world numbers of the Hypervisor Introspection solution running on Citrix Hypervisor 8.0 with #VE enabled.
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
Safety certification is one of the essential requirements for software to be used in highly regulated industries. Besides technical and compliance issues (such as ISO 26262 vs IEC 611508) transitioning an existing project to become more easily safety certifiable requires significant changes to development practices within an open source project.
In this session, we will lay out some challenges of making safety certification achievable in open source and the Xen Project. We will outline the process the Xen Project has followed thus far and highlight lessons learned along the way. The talk will primarily focus on necessary process, tooling changes and community challenges that can prevent progress. We will be offering an in-depth review of how Xen Project is approaching this challenging goal and try to derive lessons for other projects and contributors.
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
Safety certification is one of the essential requirements for software to be used in highly regulated industries. The Xen Project, a secure and stable hypervisor that is used in many different markets, has been exploring the feasibility of building safety certified products on top of Xen for a year, looking at key aspects of its code base and development practices.
In this session, we will lay out the motivation and challenges of making safety certification achievable in open source and the Xen Project. We will outline the process the project has followed thus far and highlight lessons learned along the way. The talk will cover technical enablers, necessary process and tooling changes and community challenges offering an in-depth review of how Xen Project is approaching this exciting and and challenging goal.
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
2018 saw fundamental shifts in security boundaries which were previously taken for granted. A lot of work has been done in the past 2 years, and largely in secret under embargo, but there is plenty more work to be done to strengthen the existing mitigations and to try to recover some performance without reopening security holes.
This talk will look at speculative execution sidechannels, the work which has already been done to mitigate the security holes, and future work which hopes to bring some improvements.
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
The Arm architecture provides a set of guidelines that any software should abide by when accessing the memory with MMU off and update page-tables. Failing to do so may result in getting TLB conflicts or breaking coherency.
In a previous talk ("Keeping coherency on Arm"), we focused on updating safely the stage-2 (aka P2M) page-tables. This talk will focus on the boot code and Xen memory management.
During this session, we will introduce some of the guidelines and when they should be used. We will also discuss how Xen boot sequence needs to be reworked to avoid breaking the guidelines.
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
For many years the QEMU codebase has contained PV backends for Xen guests, giving them paravirtual access to storage, network, keyboard, mouse, etc. however these backends have not been configurable as QEMU devices as their implementation did not fully adhere to the QEMU Object Model (QOM).
Particularly the PV storage backend not using proper QOM devices, or qdevs, meant that the QEMU block layer needed to maintain legacy code that was cluttering up the source. This was causing push-back from the maintainers who did not want to accept any patches relating to that Xen backend until it was 'qdevified'.
In this talk, I'll explain the modifications I made to QEMU to achieve 'qdevification' of the PV storage backend, how compatibility with the libxl toolstack was maintained, and what the next steps in both QEMU and libxl development should be.
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
PCI is a local computer bus for attaching hardware devices in a computer, and is the main peripheral bus on modern x86 systems. As such, having a proper way to emulate it is crucial for Xen to be able to expose both fully emulated devices or passthrough devices to guests.
This talk will focus on the current status of PCI emulation in Xen, how and where it is used, what are its main limitations and future plans to improve it in order to be more robust and modular.
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
Volodymyr will speak about TEE mediators. This is a new feature in Xen which allows multiple virtual machines to interact with Trusted Execution Environment available on platform. He developed mediator for one of TEEs, namely OP-TEE.
He will give background information on why TEE is needed at all and share some implementation details.
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
Xen is a very powerful hypervisor with a talented and diverse developers community. Despite the fact it's almost everywhere (from the Cloud to the embedded world), it can be difficult to set up and manage as a system administrator. General purpose distros have Xen packages, but that's just a start in your Xen journey: you need some tooling and knowledge to have a working and scalable platform.
XCP-ng was built to overcome those issues: by bringing Xen to the masses with a fully turnkey distro with Xen as its core. It's the logical sequel to the XCP project, with a community focus from the start. We'll see how it happened, what we did, and what's next. Finally, we'll see the impact of XCP-ng on the Xen Project.
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
Doug has long advocated for more CI/CD (Continuous Integration / Continuous Delivery) processes to be adopted by the Xen Project from the use of Travis CI and now GitLab CI. This talk aims to propose ideas for building upon the existing process and transforming the development process to provide users a higher quality with each release by the Xen Project.
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
High level toolstacks for server and cloud virtualization are very mature with large communities using and supporting them. Client virtualization is a much more niche community with unique requirements when compared to those found in the server space. In this talk, we’ll introduce a client virtualization toolstack for Xen (redctl) that we are using in Redfield, a new open-source client virtualization distribution that builds upon the work done by the greater virtualization and Linux communities. We will present a case for maturing libxl’s Go bindings and discuss what advantages Go has to offer for high level toolstacks, including in the server space.
Today Xen is scheduling guest virtual cpus on all available physical cpus independently from each other. Recent security issues on modern processors (e.g. L1TF) require to turn off hyperthreading for best security in order to avoid leaking information from one hyperthread to the other. One way to avoid having to turn off hyperthreading is to only ever schedule virtual cpus of the same guest on one physical core at the same time. This is called core scheduling.
This presentation shows results from the effort to implement core scheduling in the Xen hypervisor. The basic modifications in Xen are presented and performance numbers with core scheduling active are shown.
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityThe Linux Foundation
The use of Virtual GPUs (vGPUs) has widely grown in server farms to give Virtual Machines (VMs) dedicated graphics. Software rendering with virtual CPUs can only take us so far and even with Intel-GVT, which uses integrated graphics, there isn't enough power to do the fun stuff. In this presentation, Jon Farrell will be talking about the process of implementing AMD MxGPU on Xen, challenges that he encountered while doing it, and discussing performance metrics of bare metal and vGPU VM on popular benchmarks like 3D Mark* and The Witcher 3. To wrap up his presentation, Jon will share his thoughts about future research and where this technology can take us.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
2. • Traditional tradeoff:
Local vs. Central storage:
– Central storage migrates very simply.
• Just complete last work from old location
– Then start at the new location.
• Extracts non-local latency tax on every access.
– Purely local storage makes migration a challenge.
• Must migrate VM image and local storage.
• And synchronize them.
Xen Summit Aug 2, 2011 –
Caitlin.Bestler/Alex.Aizman@nexenta.com 2
3. • SSD vs HDD:
–SSDs provide most IOPS per $.
• SSDs need to be on host, or at
least near the VM, or network
latencies minimize SSD speed.
–HDDs provide most TBs per $.
• HDDs provide capacity, not
processing speeds.
Xen Summit Aug 2, 2011 –
Caitlin.Bestler/Alex.Aizman@nexenta.com
4. • A very common solution currently features Host
DomU
a Block Backend that co-ordinates a local App
block device (typically SSD) with remote VFS
File System
block device (still NAS or SAN). Block
Driver
• Problem: Device Domain
– Any cache solution only stores a portion Block Backend SSD Proxy
of a VM‟s storage locally. Remote Block Local Block
Driver
Access
– With NAS Proxy the “portion stored
locally” can be understood as files and File System
Block
NAS Client
directories. Network
Driver
Network
• A block-oriented solution never sees Driver Driver
more than a collection of blocks. Local Block
Device
• Many solutions are enhanced or External
NAS
External
SAN
made possible with File-orientation. Server(s) Server(s)
Xen Summit Aug 2, 2011 –
Caitlin.Bestler/Alex.Aizman@nexenta.com 4
5. Host
• DomU can support both NAS DomU App
access and Virtual Disk Access VFS
– Most VMs will prefer directly-attached boot File NAS Client
System
drive. Block Network
Driver Driver
• Backend can map virtual drive to Device Domain
Block Network
NAS. Backend Backend
• Meanwhile NAS Client can access
NAS Proxy
Network Block
NAS Proxy via local internal Driver Driver
network. Local Block
Device
• NAS Proxy can utilize local SSD External
NAS
Server(s)
drive to optimize either.
5 Xen Summit Aug 2, 2011 –
Caitlin.Bestler/Alex.Aizman@nexenta.com
6. • NAS Benefits
– Files enable understanding of context:
– Deduplication of files is far easier than deduplication of block.
– Hierarchical Storage Management works on files, not blocks.
• Traditional NAS Proxy Caveats
– Traditional NAS is unaware of VM-specific semantics.
– Excessive syncing – Historical assumptions are that files are
shared by default.
– Proxy overhead for non-cached files – Historically, the only easy
configuration was to proxy all NAS access.
• VM Storage Proxy provides full benefits of NAS without
limitations of traditional NAS Proxies.
6 Xen Summit Aug 2, 2011 –
Caitlin.Bestler/Alex.Aizman@nexenta.com
7.
8. • Distributed NAS protocols such as NFSv4 and
DFS/CIFS have features that make NAS proxies far
more efficient.
• They allow efficient caching via exclusive delegation
and oplocking (“opportunistic locking”).
– Proxy can temporarily claim a file.
• They have advanced session features to protect
against data loss from connection loss.
– File reverts to central NAS server if Proxy dies.
– System recovers from network partitions and temporary
outages of distributed servers and/or proxies as long as
they all have persistent redundant storage.
Xen Summit Aug 2, 2011 –
8 Caitlin.Bestler/Alex.Aizman@nexenta.com
9. • Client can simply mount from NAS
server.
VM Client
• NAS server can refer select
directories to a NAS “Server” that
is actually the NAS Proxy. NAS Proxy /
Server
– NAS Proxy/Server must act as Referral
a NAS Server for NAS Replication
replication procedures. Cached
Files
• Client does not need to identify Directory access
itself.
– NAS server can infer identity
from IP address. All
NAS Server
Directories
• Advantage that Proxy/Server is
enabled/disabled for each directory
from the central NAS Server.
Xen Summit Aug 2, 2011 –
9 Caitlin.Bestler/Alex.Aizman@nexenta.com
10. • NAS Proxy can act as a NAS
VM Client
client and claim an exclusive
delegation on a file.
• It can then treat its cached copy Local copy can
be treated as
THE copy.
as the copy.
Cached NAS Proxy /
• It must replicate it back to the Files Server
central NAS server before
Delegation
ending the delegation. Granted
Claim Exclusive Delegation
• Keep-alive messages track the
NAS client with the delegation. All
NAS Server
Directories
• Protocol rules already cover
loss of contact/failure
scenarios.
Xen Summit Aug 2, 2011 –
10 Caitlin.Bestler/Alex.Aizman@nexenta.com
11.
12. • Generic NAS Proxy does not understand that it is the sole
writer for the VM Private Directory.
• NAS Proxy management is not integrated with VM
Management.
– The NAS system must detect that the VM using its VM Private
Directory has migrated.
• Proxies only optimize storage for selective files – but all
traffic goes through them.
– If there are directories/files that are not worth caching the clients
would ideally just go directly to the real server.
– NAS Referrals can be applied selectively, but Management Plane
controls are awkward for dynamically controlling referrals.
• Optimized cache sharing across multiple clients is
challenging without understanding of VM life-cycle.
Xen Summit Aug 2, 2011 –
12 Caitlin.Bestler/Alex.Aizman@nexenta.com
13. • Allow VM‟s files to be stored and archived as
files.
• Allow storage associated with commodity servers
to be deployed effectively for VMs in combination
with NAS storage.
• Don‟t replicate to local storage those files that
probably won‟t be accessed anyway.
• Allow very thin provisioning of local storage.
– SSDs are designed to provide IOPs cost effectively,
not storage.
– If IOPS are not needed, avoid cost of redundant
storage.
Xen Summit Aug 2, 2011 –
13 Caitlin.Bestler/Alex.Aizman@nexenta.com
14. • The VM NAS Proxy is a specialized NAS Proxy that is optimized to
support VMs and the Hypervisor Platform supporting them:
• A VM Private Directory is maintained for each VM:
– A per VM directory in the NAS global name space that
holds files that are “local” for this VM.
– A “platform” sub-directory hold virtual disk images and
other files used by the Hypervisor and/or Dom0.
– A “mount” sub-directory holds NAS mount points that
are available only to this VM.
• These are implicitly named. The client does not know the
path to its VM Private Directory because it does not know
which VM it is.
• A “proxy” sub-directory holds files used by the VM NAS Proxy
for this VM, such as the NAS Response Cache.
Xen Summit Aug 2, 2011 –
14
Caitlin.Bestler/Alex.Aizman@nexenta.com
15. VM NAS Proxy as a VM. VM NAS Proxy for a Rack
Virtualization Host Rack (or other enclosure)
Virtualization Host
Hypervisor Platform VM NAS Proxy
VM13478 VM
Hypervisor Platform VM13478
VM
/foo VM NAS Proxy
/foo
/bar
/bar
NAS VMS
/vmexports /vmexports
/vm13478 NAS VMS /vm13478
/platform /platform
/mounts /mounts
NAS NAS
/foo /foo
` /bar ` /bar
/vm13483 /vm13483
/platform Virtualization Management
Virtualization Management /platform
/mounts /mounts
/foo /foo
/bar /bar
15 Xen Summit Aug 2, 2011 –
Caitlin.Bestler/Alex.Aizman@nexenta.com
16. • Virtualization Management
– Unchanged, but new information is available to it.
• NAS VMS (Virtualization Management System)
– Extends Virtualization Management to assign VM NAS Proxies.
• Hypervisor Platform
– The Hypervisor and supporting domains.
• NAS system with NFSv4/v4.1 and/or DFS/CIFS.
– Unchanged, but optional enhancements are defined.
• VMs
– Unchanged, but optional enhancements for NAS Client are
defined.
• VM NAS Proxy
– A specialized NAS Proxy optimized for support of VMs
Xen Summit Aug 2, 2011 –
16
Caitlin.Bestler/Alex.Aizman@nexenta.com
17. • A VM NAS Proxy can control what is
stored locally through several techniques:
– Which sub-directories of the VM‟s private
directory are referred to it.
– Whether it provides local storage for specific
files within those directories.
– Which blocks of a file that is stored locally are
actually stored locally, vs. being accessed
over the network.
– pNFS-aware clients can be enabled to access
network block servers directly.
Xen Summit Aug 2, 2011 –
17
Caitlin.Bestler/Alex.Aizman@nexenta.com
18.
19. • VM will be migrated from Current Host Virtualization Host
Current Home
to a new Host.
10.1.3.115Hypervisor Platform
VM
• VM has public IP address, which 192.168.1.115
10.1.1.1
192.168.1.1
Virtualization Management will migrate. VM NAS Proxy
10.1.1.2
• VM has private IP Address which it will
192.168.1.2
use in new network without realizing that
it is on a new network. Planned Home
• New VM NAS Proxy will have same Virtualization Host
private IP address on the new network. 10.1.3.115
Hypervisor Platform
10.1.2.1
192.168.1.1 NAS
192.168.1.115
• New VM NAS Proxy does not respond
10.1.2.2
192.168.1.2
to the VM‟s private IP Address until it is
ready. VM Storage Proxy
Xen Summit Aug 2, 2011 –
19 Caitlin.Bestler/Alex.Aizman@nexenta.com
20. • By assigning VM NAS Proxies to an Internal Network
migration of a VM can be made transparent to the VM.
– All Internal Networks can look alike.
– Just as almost all home networks are 192.168.1.*
• NAS client does not need to know about the migration.
– NAS clients will see a dropped connection to a NAS server.
– NAS clients will assume the NAS server is simply rebooting.
– Recovery will be complete and transparent to client layers.
– No change to the IP address of the VM NAS Proxy the Client
uses.
• As far as the client is concerned it just reconnected to
the same server
– It even has the same response cache.
– The response cache is stored within the VM Private Directory.
20 Xen Summit Aug 2, 2011 –
Caitlin.Bestler/Alex.Aizman@nexenta.com
21. • VM will be migrated from Current
Current Home
Virtualization Host
Host to a new Host.
– 10.1.3.115 is migrated.
VM
Hypervisor Platform
10.1.3.115
10.1.1.1
• VM is still instructed to use the old
VM NAS Proxy (10.1.1.2). 10.1.1.2 VM NAS Proxy
– It will continue to use it until explicitly
redirected to the new VM NAS Proxy ac
ce
ss
d
ue
(10.1.2.2). Co
nt
in
Planned Home
– This is very network inefficient. Virtualization Host
– Current RTT measurements and
Hypervisor Platform
10.1.3.115
congestion window will be wildly 10.1.2.1
NAS
incorrect. 10.1.2.2
– VM NAS Proxy must accept clients
from anywhere.
VMNAS Proxy
Xen Summit Aug 2, 2011 –
21 Caitlin.Bestler/Alex.Aizman@nexenta.com
22.
23. • Distributed NAS features for Referral and
Delegation have nothing to do with each other.
– Referral/redirection is a Management Plane
feature.
• It is used to refer/redirect clients to other NAS
servers.
– Delegation/oplocking is a Control Plane feature.
• It is used by NAS clients.
• A VM NAS Proxy integrates them in
collaboration with NAS servers.
Xen Summit Aug 2, 2011 –
23 Caitlin.Bestler/Alex.Aizman@nexenta.com
24. • VM NAS Proxies use Delegation/Oplocking to
exclusively claim specific sub-directories
within a VM Private Directory.
– This is an enhancement to a NAS server.
• Supporting NAS servers will then
automatically direct referrals for the claimed
sub-directories to that VM NAS Proxy for the
duration of the delegation/oplock.
– Reverting is automatic, preferable to having to
reverse a management plane edit.
Xen Summit Aug 2, 2011 –
24 Caitlin.Bestler/Alex.Aizman@nexenta.com
25. • Only the correct clients are referred,
• Other clients are refused access.
• Allowed access types:
– Hypervisor Platform access a „platform‟ sub-
directory for virtual disk images and snapshots.
– VM itself accesses NAS mounts in a „mount‟ sub-
directory.
– VM NAS Proxy keeps its own data in a „proxy‟
sub-directory.
• This is where the NAS Response Cache is kept.
Xen Summit Aug 2, 2011 –
25 Caitlin.Bestler/Alex.Aizman@nexenta.com
26. 2
3 1
VM NAS Proxy
NAS
NAS
Server
Server
Locally
Cached
Files
• 1 – VM NAS Proxy takes exclusive delegation on a directory.
• 2 – Client referencing delegated directory is referred to VM NAS
Proxy
• 3 – Client accesses directory on VM NAS Proxy
Xen Summit Aug 2, 2011 –
26 Caitlin.Bestler/Alex.Aizman@nexenta.com
27. • Progression of Solutions for Controlling File
Locations:
– Without NFSv4 Referrals/DFS Redirections:
• Load balancing requires editing each client‟s configuration.
• Or directing all traffic through a proxy.
– Using just standard Referrals/Redirections:
• Central control of which directories are referred
• But only via Management Plane edits of exports.
– Integrating Delegation to allow Automatic Referrals:
• Dynamic control over which directories are referred is
exercised by the VM NAS Proxy and/or VM NAS
Management.
• Dynamic referral automatic ends when delegation ends.
Xen Summit Aug 2, 2011 –
27 Caitlin.Bestler/Alex.Aizman@nexenta.com
28.
29. • One of the features of the VM NAS Proxy is that it can
dynamically control which of a VM‟s private directories
are referred to it.
– But standard granularity for referral is an entire directory.
• Partial Referrals is a new technique to publish alternate
referrals for subsets of a directory:
– Each partial referral identified by a regular expression.
– The alternate server is then specified for that regular expression,
which can be “revert to default” to ignore the main referral.
– This information is published as named attributes for the
directory.
• If a NAS client does not understand them then it will simply
go to the default server for the directory
• The default server then acts as a proxy for the actual server.
Xen Summit Aug 2, 2011 –
29 Caitlin.Bestler/Alex.Aizman@nexenta.com
30. 2B
1
2A
VM NAS Proxy
NAS
NAS
Server
Server
Locally
Cached
Files
• 1 – VM NAS Proxy advertises portions of directory that Client should access directly
on the home NAS server.
• 2a – Client continues to access non-excluded portions of directory on the VM NAS
Proxy, which caches them locally.
• 2b – But now accesses files covered by partial referral on the home NAS Server
Xen Summit Aug 2, 2011 –
30 Caitlin.Bestler/Alex.Aizman@nexenta.com
31. 1
2 3
VM NAS Proxy
NAS
NAS
Server
Server
Locally
Cached
Files
• 1 – VM NAS Proxy advertises portions of directory that Client should access
directly on the home NAS server.
• 2 – Client does not understand or ignores the partial referral, so all access for the
directory goes through the VM NAS Proxy
• 3 – When files are not stored locally access is proxied via the NAS Server.
Xen Summit Aug 2, 2011 –
31
Caitlin.Bestler/Alex.Aizman@nexenta.com
32.
33. • When the VM‟s NAS Client
indicates that it understands
pNFS, the VM NAS Proxy Locally Cached Blocks
can supply pNFS layouts Logical Physical
Block # Block #
that mix references to its Logical Physical
Proxy pNFS Layout
own storage and NAS Block # Block # Logical
Block #
Local
Volume ID
Physical
Block #
storage. Logical Physical
•
Volume ID
Referencing pNFS blocks Block # Block #
Logical Physical
directly is safe, because the Block #
Volume ID
Block #
VM NAS Proxy is the only pNFS Layout Logical Local Physical
client allowed to update the Logical Physical
Block # Volume ID Block #
Volume ID Logical Physical
file while it is claimed. Block # Block #
Block #
Volume ID
Block #
• pNFS-aware clients can Logical
Block #
Volume ID
Physical
Block #
Logical
Block #
Volume ID
Physical
Block #
access unmodified and Logical
Volume ID
Physical Logical Physical
Block # Block # Volume ID
uncached blocks without Logical Physical
Block # Block #
overhead of going through Block #
Volume ID
Block #
the proxy.
Xen Summit Aug 2, 2011 –
33
Caitlin.Bestler/Alex.Aizman@nexenta.com
34. • Named attributes can identify files that are
to be stored only in the local cache.
– The file is never updated on the NAS server.
• Regular expression can easily identify
common temporary files.
• These files would be stored only on local
SDD
– never consuming any network bandwidth.
Xen Summit Aug 2, 2011 –
34
Caitlin.Bestler/Alex.Aizman@nexenta.com
35.
36. • VM NAS Proxy is only
on the path for a VM pNFS Block
Server
accessing storage Direct access to un-cached blocks
when it wants to be. VM
– Control is fully dynamic.
Default Access, may be referred to VM Storage Proxy
Access to non-referred directories
Access to partially un-referred files
• Access to Non- NAS
Server
optimized Access to referred directories, files
directories/files can
VM NAS PRoxy
bypass the Proxy.
• VM NAS Proxy is only
identified as referral
target for the correct
clients.
Xen Summit Aug 2, 2011 –
36 Caitlin.Bestler/Alex.Aizman@nexenta.com