XCP is an open-source version of Citrix's XenServer virtualization platform. Upcoming releases include XCP 1.1 with bug fixes and XCP 1.5 with new features like Disaster Recovery and 1TB host memory support. Project Kronos aims to port XCP's XenAPI toolstack to Debian/Ubuntu to support OpenStack. Long term, Citrix envisions XCP becoming the configuration of choice for clouds and bridging the gap between open source Xen and XenServer communities.
Xenorgs open stack_related_initiativesTodd Deshane
Xen.org has several initiatives that aim to have an impact onOpenStack adoption and feature richness. This talk will include adiscussion on the Xen Cloud Platform (XCP), the XCP toolstack (XAPI)port to popular Linux distributions, and the Xen on ARM initiative.
XCP combines the Xen hypervisor with enhanced security, storage, andnetwork virtualization technologies to offer a rich set of virtualinfrastructure cloud services. These XCP cloud services can beleveraged by OpenStack cloud providers to enable isolation andmulti-tenancy capabilities in their environments. XCP also providesthe user requirements of security, availability, performance, andisolation for private and public OpenStack cloud deployments.
Xen.org is working to make XCP and OpenStack work seamlessly so thattogether they can be the ultimate open source cloud solution. Inaddition to deploying XCP as a separate component with OpenStack,Xen.org is simultaneously porting the XCP toolstack (XAPI) to Linuxdistributions, which will give cloud administrators an easy-to-installOpenStack and Xen-based integrated alternative.
Finally, industry thought leaders, such as Mark Shuttleworth, aresupporting the adoption of ARM in server-class systems. Consequently,the port of Xen to the ARM platform could make it possible forOpenStack and Xen to lead the way into the future of ARM-based clouddeployments.
Video presentation of these slides:
http://www.youtube.com/watch?v=CTwFPWcqvY8
http://www.youtube.com/watch?v=0RQUp1vPeiU
Cloud computing is catching on in a big way in industry, government, and academia. One of the main reasons for increased adoption is that most of the underlying cloud technologies are open source. This talk will give an overview of these key open source components. The focus will be on infrastructure as a service (IaaS) and in particular technologies such as Xen and OpenStack. Come and learn about these technologies and how you can get involved with these open source projects.
http://cloudstack.org/about-cloudstack/cloudstack-events/viewevent/29-build-an-open-source-cloud-day-boston.html
XCP combines the Xen hypervisor with enhanced security, storage, and network virtualization technologies to offer a rich set of virtualinfrastructure cloud services. These XCP cloud services can be leveraged by cloud providers to enable isolation and multi-tenancy capabilities in their environments. XCP also provides the user requirements of security, availability, performance, and isolation for private and public cloud deployments.
In March, 2011, we released the Xen Cloud Platform (XCP) version 1.0, a fully-featured server virtualization platform based on the Xen hypervisor. In this talk we'll explore: - Xapi, the XenAPI management daemon, written in OCaml; - Cool functionality, such as live VM migration between hosts (with no shared storage); - PCI device passthrough to VMs for native performance; - A new system architecture designed to provide XCP with better security, scalability, performance, and reliability; - Future directions and next year's roadmap.
In March, 2011, we released the Xen Cloud Platform (XCP) version 1.0, a fully-featured server virtualization platform based on the Xen hypervisor. XCP ad s additional functionality on top of Xen, such as a management server for ease of use and configurability, storage and network management, and easy integration with cloud orchestration layers like OpenStack and CloudStack. Today, Xen and XCP power the largest clouds in production.
In this talk we'll explore: - Xapi, the XenAPI management daemon, written in OCaml; - Cool functionality, such as live VM migration between hosts (with no shared storage); - PCI device passthrough to VMs for native performance; - A new system architecture designed to provide XCP with better security, scalability, performance, and reliability; - Future directions and next year's roadmap.
Xenorgs open stack_related_initiativesTodd Deshane
Xen.org has several initiatives that aim to have an impact onOpenStack adoption and feature richness. This talk will include adiscussion on the Xen Cloud Platform (XCP), the XCP toolstack (XAPI)port to popular Linux distributions, and the Xen on ARM initiative.
XCP combines the Xen hypervisor with enhanced security, storage, andnetwork virtualization technologies to offer a rich set of virtualinfrastructure cloud services. These XCP cloud services can beleveraged by OpenStack cloud providers to enable isolation andmulti-tenancy capabilities in their environments. XCP also providesthe user requirements of security, availability, performance, andisolation for private and public OpenStack cloud deployments.
Xen.org is working to make XCP and OpenStack work seamlessly so thattogether they can be the ultimate open source cloud solution. Inaddition to deploying XCP as a separate component with OpenStack,Xen.org is simultaneously porting the XCP toolstack (XAPI) to Linuxdistributions, which will give cloud administrators an easy-to-installOpenStack and Xen-based integrated alternative.
Finally, industry thought leaders, such as Mark Shuttleworth, aresupporting the adoption of ARM in server-class systems. Consequently,the port of Xen to the ARM platform could make it possible forOpenStack and Xen to lead the way into the future of ARM-based clouddeployments.
Video presentation of these slides:
http://www.youtube.com/watch?v=CTwFPWcqvY8
http://www.youtube.com/watch?v=0RQUp1vPeiU
Cloud computing is catching on in a big way in industry, government, and academia. One of the main reasons for increased adoption is that most of the underlying cloud technologies are open source. This talk will give an overview of these key open source components. The focus will be on infrastructure as a service (IaaS) and in particular technologies such as Xen and OpenStack. Come and learn about these technologies and how you can get involved with these open source projects.
http://cloudstack.org/about-cloudstack/cloudstack-events/viewevent/29-build-an-open-source-cloud-day-boston.html
XCP combines the Xen hypervisor with enhanced security, storage, and network virtualization technologies to offer a rich set of virtualinfrastructure cloud services. These XCP cloud services can be leveraged by cloud providers to enable isolation and multi-tenancy capabilities in their environments. XCP also provides the user requirements of security, availability, performance, and isolation for private and public cloud deployments.
In March, 2011, we released the Xen Cloud Platform (XCP) version 1.0, a fully-featured server virtualization platform based on the Xen hypervisor. In this talk we'll explore: - Xapi, the XenAPI management daemon, written in OCaml; - Cool functionality, such as live VM migration between hosts (with no shared storage); - PCI device passthrough to VMs for native performance; - A new system architecture designed to provide XCP with better security, scalability, performance, and reliability; - Future directions and next year's roadmap.
In March, 2011, we released the Xen Cloud Platform (XCP) version 1.0, a fully-featured server virtualization platform based on the Xen hypervisor. XCP ad s additional functionality on top of Xen, such as a management server for ease of use and configurability, storage and network management, and easy integration with cloud orchestration layers like OpenStack and CloudStack. Today, Xen and XCP power the largest clouds in production.
In this talk we'll explore: - Xapi, the XenAPI management daemon, written in OCaml; - Cool functionality, such as live VM migration between hosts (with no shared storage); - PCI device passthrough to VMs for native performance; - A new system architecture designed to provide XCP with better security, scalability, performance, and reliability; - Future directions and next year's roadmap.
Nested Virtualization is becoming hot and required to support multiple emerging usage models like XenClient, McAFee Deep Safe, HyperV etc. After enabling nested VMX support for Xen, we have been working on improving its quality and performance to make it run well with these new usages. In the session, we would like update current status of nested virtualization support in Xen, and also demonstrate what we are doing along with new hardware-assisted nested virtulization in this area.
A talk given on December 6, 2017 at KubeCon/CloudNativeCon in Austin, Texas. In this talk, Phil talked briefly about containerd history and design, but the bulk of the talk was a live coding demo of creating a simple client for containerd to learn about the clean and simple API design for the client library and gRPC services. The GitHub project https://github.com/estesp/examplectr has the code and sample LinuxKit assembly used for the code and example client demo.
Docker Engine Evolution: From Monolith to Discrete ComponentsPhil Estes
A talk given on Tuesday and Wednesday the 27th and 28th of February 2018 at the Docker Mountain View and Docker SF meetup groups. In this talk, Docker Captain Phil Estes provides a history of the Docker engine from its early days as a single statically linked binary providing all the Docker engine functions to today's Moby and Docker CE projects comprising multiple projects and layers, including the Open Container Initiative (OCI) specifications and runC implementation, and the Cloud Native Computing Foundation (CNCF) containerd project. This talk also describes how these lower layer components spun out from Docker are being used to enhance other projects and offerings in the container ecosystem.
It's 2018. Are My Containers Secure Yet!?Phil Estes
A talk given at DevOps Pro Vilnius on March 15, 2018 about container security. In this talk we discussed the core topics around the container ecosystem (host, runtime, image) applicable to both Docker and Kubernetes, as well as discussing usable security/secure by default, and defense in depth principles. Also discussed were security futures like Project Grafeas, libentitlement, LinuxKit concepts, and trusted/untrusted container runtimes in Kubernetes.
My Learnings on Setting up a Kubernetes Cluster on AWS using Kubernetes Opera...Sathyajith Bhat
I recently setup a Kubernetes cluster on Amazon Web Services(AWS) using Kubernetes Operations(KOPS). Here's some of my findings and learnings from a out-of-box-experience of setting up a Kubernetes cluster
XPDS14 - OSv - A Modern Semi-POSIX LibraryOS - Glauber Costa, Cloudius SystemsThe Linux Foundation
During last year, we have seen the rise of LibraryOSes in the hypervisor world. Fast, scalable and light, they bring to hypervisors the resource efficiency of Containers while maintaining many of its well known isolation and manageability advantages.
While most LibraryOSes are niche in what they do, OSv is designed to run almost any POSIX compliant application and just have a slight focus in the Java application. Which applications can we run? And why? What's the story with Java and what can users gain from it? And more importantly: How can Xen users and the Xen community at large benefit from OSv? Those are some of the questions that I intend to cover in this presentation.
Virtual machines in the cloud typically run existing general-purpose operating systems such as Linux. We notice that the cloud’s hypervisor already provides some features, such as isolation and hardware abstraction, which are duplicated by traditional operating systems, and that this duplication comes at a cost. We present the design and implementation of OSv, a new guest operating system designed specifically for running a single application on a virtual machine in the cloud. It addresses the duplication issues by using a low-overhead library-OS-like design. It runs existing applications written for Linux, as well as new applications written for OSv. We demonstrate that OSv is able to efficiently run a variety of existing applications. We demonstrate its sub-second boot time, small OS image and how it makes more memory available to the application. For unmodified network-intensive applications, we demonstrate up to 25% increase in throughput and 47% decrease in latency. By using non-POSIX network APIs, we can further improve performance and demonstrate a 290% increase in Memcached throughput.
DEMYSTIFYING KUBERNETES AND CONTAINER ORCHESTRATIONarmandorvila
Have you ever felt, as a software engineer, the need or the curiosity to understand more about the world of containers and container orchestration? Understanding the parts of the system underneath our applications will give us confidence and will help us to design, build and deliver better software.
In a world of cloud native applications, containers and containers orchestrators are key players, in this session we will introduce the containers and container orchestration topics, and in particular Kubernetes as the container orchestrator of reference. We will dig into some of the Kubernetes internals, and we will see it working in a live demo.
Source code: https://github.com/blue-harvest/kubernetes-eks-cluster
Besides huge success in mobile, ARM is also ambitious in server field. Software ecosystem is now a barrier for wide deployment of ARM servers in data center. ARM Shanghai Workloads team is working on clouding and big data software enablement and optimization on ARM64 platform.
In this presentation, Yibo Cai will introduce the status and challenges of running OpenStack on ARM servers, with emphasis on OpenStack compute, storage and networking.
Nested Virtualization is becoming hot and required to support multiple emerging usage models like XenClient, McAFee Deep Safe, HyperV etc. After enabling nested VMX support for Xen, we have been working on improving its quality and performance to make it run well with these new usages. In the session, we would like update current status of nested virtualization support in Xen, and also demonstrate what we are doing along with new hardware-assisted nested virtulization in this area.
A talk given on December 6, 2017 at KubeCon/CloudNativeCon in Austin, Texas. In this talk, Phil talked briefly about containerd history and design, but the bulk of the talk was a live coding demo of creating a simple client for containerd to learn about the clean and simple API design for the client library and gRPC services. The GitHub project https://github.com/estesp/examplectr has the code and sample LinuxKit assembly used for the code and example client demo.
Docker Engine Evolution: From Monolith to Discrete ComponentsPhil Estes
A talk given on Tuesday and Wednesday the 27th and 28th of February 2018 at the Docker Mountain View and Docker SF meetup groups. In this talk, Docker Captain Phil Estes provides a history of the Docker engine from its early days as a single statically linked binary providing all the Docker engine functions to today's Moby and Docker CE projects comprising multiple projects and layers, including the Open Container Initiative (OCI) specifications and runC implementation, and the Cloud Native Computing Foundation (CNCF) containerd project. This talk also describes how these lower layer components spun out from Docker are being used to enhance other projects and offerings in the container ecosystem.
It's 2018. Are My Containers Secure Yet!?Phil Estes
A talk given at DevOps Pro Vilnius on March 15, 2018 about container security. In this talk we discussed the core topics around the container ecosystem (host, runtime, image) applicable to both Docker and Kubernetes, as well as discussing usable security/secure by default, and defense in depth principles. Also discussed were security futures like Project Grafeas, libentitlement, LinuxKit concepts, and trusted/untrusted container runtimes in Kubernetes.
My Learnings on Setting up a Kubernetes Cluster on AWS using Kubernetes Opera...Sathyajith Bhat
I recently setup a Kubernetes cluster on Amazon Web Services(AWS) using Kubernetes Operations(KOPS). Here's some of my findings and learnings from a out-of-box-experience of setting up a Kubernetes cluster
XPDS14 - OSv - A Modern Semi-POSIX LibraryOS - Glauber Costa, Cloudius SystemsThe Linux Foundation
During last year, we have seen the rise of LibraryOSes in the hypervisor world. Fast, scalable and light, they bring to hypervisors the resource efficiency of Containers while maintaining many of its well known isolation and manageability advantages.
While most LibraryOSes are niche in what they do, OSv is designed to run almost any POSIX compliant application and just have a slight focus in the Java application. Which applications can we run? And why? What's the story with Java and what can users gain from it? And more importantly: How can Xen users and the Xen community at large benefit from OSv? Those are some of the questions that I intend to cover in this presentation.
Virtual machines in the cloud typically run existing general-purpose operating systems such as Linux. We notice that the cloud’s hypervisor already provides some features, such as isolation and hardware abstraction, which are duplicated by traditional operating systems, and that this duplication comes at a cost. We present the design and implementation of OSv, a new guest operating system designed specifically for running a single application on a virtual machine in the cloud. It addresses the duplication issues by using a low-overhead library-OS-like design. It runs existing applications written for Linux, as well as new applications written for OSv. We demonstrate that OSv is able to efficiently run a variety of existing applications. We demonstrate its sub-second boot time, small OS image and how it makes more memory available to the application. For unmodified network-intensive applications, we demonstrate up to 25% increase in throughput and 47% decrease in latency. By using non-POSIX network APIs, we can further improve performance and demonstrate a 290% increase in Memcached throughput.
DEMYSTIFYING KUBERNETES AND CONTAINER ORCHESTRATIONarmandorvila
Have you ever felt, as a software engineer, the need or the curiosity to understand more about the world of containers and container orchestration? Understanding the parts of the system underneath our applications will give us confidence and will help us to design, build and deliver better software.
In a world of cloud native applications, containers and containers orchestrators are key players, in this session we will introduce the containers and container orchestration topics, and in particular Kubernetes as the container orchestrator of reference. We will dig into some of the Kubernetes internals, and we will see it working in a live demo.
Source code: https://github.com/blue-harvest/kubernetes-eks-cluster
Besides huge success in mobile, ARM is also ambitious in server field. Software ecosystem is now a barrier for wide deployment of ARM servers in data center. ARM Shanghai Workloads team is working on clouding and big data software enablement and optimization on ARM64 platform.
In this presentation, Yibo Cai will introduce the status and challenges of running OpenStack on ARM servers, with emphasis on OpenStack compute, storage and networking.
Oscon 2012 : From Datacenter to the Cloud - Featuring Xen and XCPThe Linux Foundation
Do you dream of being able to spin up ten or twenty (or a thousand) virtual machines in an instant? Discover and repair resource bottlenecks without moving a finger? Dodge the loss of an entire storage array with no-one noticing? Span across data centers with a fleet of virtual machines? This is no sales pitch; during this tutorial, we’ll demonstrate how to leverage truly FOSS tools to build a powerful, scalable cloud that easily competes with those proprietary solutions!
This deep-dive into Xen, Xen Cloud Platform, and other FOSS cloud tools and concepts is intended both for those ready to wholeheartedly embrace virtualization and for those already seasoned in general virtualization practices. You’ll leave with a collection of pre-made tools that you can use right out of the box or modify to your liking. You’ll also leave with immediately useful knowledge on best practices and common pitfalls, presented by actual FOSS practitioners like you.
We begin this tutorial by discussing Xen, Xen Cloud Platform (XCP), and XCP cloud concepts (pools, hosts, storage, networks, etc.). We then explore in detail the API that makes Xen so useful for building a cloud, explore provisioning of hosts and guests using PXE, and discuss templating and installing guest virtual machines. Critical to understanding potential bottlenecks, identifying tuning opportunities and planning for the future, we will discuss performance monitoring and methodologies. Next, we teach you how to make the most of your new FOSS cloud capabilities and discuss in detail high availability infrastructure for storage and networking, advanced networking capabilities like bonding/VLANs, and the cloud orchestration tools that save you time and money. All of this with a focus on XCP in enterprise environments. Tools discussed include DRBD, Pacemaker, Open vSwitch, Cloudstack, Openstack, and more.
We conclude by shedding light on exciting developments: Xen 4.2 has recently been released, with just over a year of development time and nearly 3,000 changesets. We will discuss many of the new features introduced in 4.2, as well as what changes we have in store for the 4.3 release as well as other exciting developments.
Lars will give an update on the latest development from the XCP project, standing in for Mike McClurg. He will also talk about the latest developments in project Kronos, which is changing the delivery model for XCP from an appliance to distribution of all XCP components via Linux distributions, and explain what this means for you. He will share 2012 plans for the XCP projecft and explain how you can engage and influence the future direction of XCP.
"Xen Cloud Platform”, Mike McClurg, Senior Engineer, Xen.org Engineering
The Xen Cloud Platform is an open-source, enterprise-ready server virtualization platform. It is based on the Xen hypervisor, and represents the common code base for Citrix's XenServer product line. This presentation gives an introduction to XCP, and how it relates to both the Xen hypervisor and to Citrix's XenServer. It covers XCP's XenAPI and how it can be used by two of the most popular cloud orchestration frameworks, CloudStack and OpenStack. Finally, it discusses the XCP "roadmap," and the plans for the future of XCP.
Cloud leaders such as Rackspace and Internap are building their next generation cloud using OpenStack and Xen+XenAPI, not everyone uses OpenStack with KVM. Lets take a look at how OpenStack and Xen work together, and look at how you can get more involved.
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?Phil Estes
A talk given at Craft Conf in Budapest, Hungary on May 10th, 2019. In this talk, Phil walked through the history of the need for a Container Runtime Interface (CRI) in Kubernetes, followed by an overview of all available CRI implementations, focusing on containerd, the CNCF core container runtime used in many clouds and projects. Phil demonstrated the "layers" of interaction from Kubernetes API, to CRI API to a container runtime's native API using an IBM Cloud Kubernetes cluster using containerd 1.2.6.
Scale11x : Virtualization with Xen and XCPLars Kurth
The Xen Hypervisor was built for the Cloud from the outset: when Xen was designed, we anticipated a world, which today is known as cloud computing. Today, Xen powers the largest clouds in production.
This talk explores success criteria, architecture, trade-offs and challenges for cloudy hypervisors. It is intended for users and developers and starts with a brief introduction to Xen and XCP, their architecture and on common challenges for KVM and Xen.
I will introduce the concept of domain disaggregation as an approach to increase security, robustness and scalability: all important factors for building clouds at scale and show how advanced security features suchas Xen Security Modules and SELinux can help secure your cloud further.
The talk will conclude with exciting developments in the Xen community, such as Xen for ARM servers, a new virtualization mode for Xen, running applications without OS in a Xen guest and point out their implications for building open source clouds.
The Xen Hypervisor was built for the Cloud from the outset: when Xen was designed, we anticipated a world, which today is known as cloud computing. Today, Xen powers the largest clouds in production.
This talk explores success criteria, architecture, trade-offs and challenges for cloudy hypervisors. It is intended for users and developers and starts with a brief introduction to Xen and XCP, their architecture and on common challenges for KVM and Xen.
I will introduce the concept of domain disaggregation as an approach to increase security, robustness and scalability: all important factors for building clouds at scale and show how advanced security features suchas Xen Security Modules and SELinux can help secure your cloud further.
The talk will conclude with exciting developments in the Xen community, such as Xen for ARM servers, a new virtualization mode for Xen, running applications without OS in a Xen guest and point out their implications for building open source clouds.
OpenStack Ecosystem – Xen Cloud Platform and Integration into OpenStack - in...IndicThreads
Session presented at the 2nd IndicThreads.com Conference on Cloud Computing held in Pune, India on 3-4 June 2011.
http://CloudComputing.IndicThreads.com
Abstract: OpenStack is an Initiative by RackSpace and NASA that aims for building an Open cloud platform supported by a vibrant Ecosystem to encourage broad adoption in the market.This is currently a hot favorite of enterprises looking to build an Open cloud.
This talk will provide a brief overview of the different OpenStack Modules (Compute and Storage) and explain how to utilize these to build a cloud. We will also explore the newly released Xen Cloud Platform (XCP) and its integration with OpenStack Platform. There will be a hands-on demo (time permitting) where we will show how the integration between the OpenStack Platform and XCP works.
Key Takeaways for the audience:
1) Understanding of OpenStack platform.
2) How to get started with OpenStack for building your own cloud.
3) Understanding of XCP
3) How the integration (OpenStack-XCP) is supposed to work
4) What are the opportunities for building different products that add value in the OpenStack Ecosystem
Speaker: Amit Naik is an Architect at BMC Software and has 15 years of experience in the IT field with experience in delivering multiple end-to-end projects and Products. Multiple speaking engagements at different venues both in India and Abroad. Experience with blogging, evangelizing etc. Excellent communication and interpersonal skills.
Joint Speaker: Prasad Nirantar is a Staff Product Developer at BMC Software. He holds a B.E in Polymer Engineering from the University of Pune and an MS from University of Akron, US. He also holds a diploma in business management from Symbiosis University.
Static partitioning is used to split an embedded system into multiple domains, each of them having access only to a portion of the hardware on the SoC. It is key to enable mixed-criticality scenarios, where a critical application, often based on a small RTOS, runs alongside a larger non-critical app, typically based on Linux. The two domains cannot interfere with each other.
This talk will explain how to use Xen for static partitioning. It will introduce dom0-less, a new Xen feature written for the purpose. Dom0-less allows multiple VMs to start at boot time directly from the Xen hypervisor, decreasing boot times drastically. It makes it very easy to partition the system without virtualization overhead. Dom0 becomes unnecessary.
This presentation will go into details on how to setup a Xen dom0-less system. It will show configuration examples and explain device assignment. The talk will discuss its implications for latency-sensitive and safety-critical environments.
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
TrenchBoot is a cross-community OSS integration project for hardware-rooted, late launch integrity of open and proprietary systems. It provides a general purpose, open-source DRTM kernel for measured system launch and attestation of device integrity to trust-centric access infrastructure. TrenchBoot closes the UEFI Measurement Gap and reduces the need to trust system firmware. This talk will introduce TrenchBoot architecture and a recent collaboration with Oracle to launch the Linux kernel directly with Intel TXT or AMD SVM Secure Launch. It will propose mechanisms for integrating the Xen hypervisor into a TrenchBoot system launch. DRTM-enabled capabilities for client, server and embedded platforms will be presented for consideration by the Xen community.
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
Artem will briefly cover what has been done since the first talk on Xen in Automotive domain back in 2013, what is going on now and what is still missing for broad adaptation of Xen in vehicles. The following topics will be covered:
Embedded/automotive features of Xen
Collaboration with AGL and GENIVI organizations for standardization
Efforts on Functional Safety compliance
Artem will also go over typical automotive use scenarios for Xen which may not be the same as generic computing use of hypervisor.
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
In this keynote talk, we will give an overview of the state of the Xen Project, trends that impact the project, see whether challenges that surfaced last year have been addressed and how we did it, and highlight new challenges and solutions for the coming year.
In recent years unikernels have shown immense performance potential (e.g., boot times of only a few ms, image sizes of only hundreds of KBs).The fundamental drawback of unikernels is that they require that applications be manually ported to the underlying minimalistic OS, needing both expert work and often considerable amount of time.
The Unikraft project provides a unikernel code base and build system that significantly simplifies the building of unikernels. In addition to support for a number CPU architectures, languages and frameworks, Unikraft provides debugging and tracing features that are generally sorely missing from unikernel projects. In this talk we will talk about these features, show a set of preliminary performance numbers, and provide a roadmap for the project's future.
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
The idea of making Xen secret-free has been floating since Spectre and Meltdown came into light. In this talk we will discuss what is being done and what needs to be done next.
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
This talk will introduce Dom0-less: a new way of using Xen to build mixed-criticality solutions. Dom0-less is a Xen feature that adds a novel approach to static partitioning based on virtualization. It allows multiple domains to start at boot time directly from the Xen hypervisor, decreasing boot times dramatically. Xen userspace tools, such as xl and libvirt, become optional.
Dom0-less extends the existing device tree based Xen boot protocol to cover information required by additional domains. Binaries, such as kernels and ramdisks, are loaded by the bootloader (u-boot) and advertised to Xen via new device tree bindings.
The audience will learn how to use Dom0-less to partition the system. Uboot and device tree configuration details will be explained to enable the audience to get the most out of this feature. The talk will include a status update and details on future plans.
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
As the number of contributions grow, reviewer bandwidth becomes a bottleneck; and maintainers are always asking for more help. However, ultimately maintainers must at least Ack every patch that goes in; so if you're not a maintainer, how can you contribute? Why should anyone care about your opinion?
This talk will try to lay out some advice and guidelines for non-maintainers, for how they can do code review in a way which will effectively reduce the load on maintainers when they do come to review a patch.
This talk is a follow-up to our Summit 2017 presentation in which we covered our plans for Intel VMFUNC and #VE, as well as related use-cases. This year, we will provide a report on what we have accomplished in Xen 4.12, and what remains to be addressed. We will also give a brief status update of VMI on AMD hardware. The session will end with some real-world numbers of the Hypervisor Introspection solution running on Citrix Hypervisor 8.0 with #VE enabled.
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
Safety certification is one of the essential requirements for software to be used in highly regulated industries. Besides technical and compliance issues (such as ISO 26262 vs IEC 611508) transitioning an existing project to become more easily safety certifiable requires significant changes to development practices within an open source project.
In this session, we will lay out some challenges of making safety certification achievable in open source and the Xen Project. We will outline the process the Xen Project has followed thus far and highlight lessons learned along the way. The talk will primarily focus on necessary process, tooling changes and community challenges that can prevent progress. We will be offering an in-depth review of how Xen Project is approaching this challenging goal and try to derive lessons for other projects and contributors.
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
Safety certification is one of the essential requirements for software to be used in highly regulated industries. The Xen Project, a secure and stable hypervisor that is used in many different markets, has been exploring the feasibility of building safety certified products on top of Xen for a year, looking at key aspects of its code base and development practices.
In this session, we will lay out the motivation and challenges of making safety certification achievable in open source and the Xen Project. We will outline the process the project has followed thus far and highlight lessons learned along the way. The talk will cover technical enablers, necessary process and tooling changes and community challenges offering an in-depth review of how Xen Project is approaching this exciting and and challenging goal.
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
2018 saw fundamental shifts in security boundaries which were previously taken for granted. A lot of work has been done in the past 2 years, and largely in secret under embargo, but there is plenty more work to be done to strengthen the existing mitigations and to try to recover some performance without reopening security holes.
This talk will look at speculative execution sidechannels, the work which has already been done to mitigate the security holes, and future work which hopes to bring some improvements.
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
The Arm architecture provides a set of guidelines that any software should abide by when accessing the memory with MMU off and update page-tables. Failing to do so may result in getting TLB conflicts or breaking coherency.
In a previous talk ("Keeping coherency on Arm"), we focused on updating safely the stage-2 (aka P2M) page-tables. This talk will focus on the boot code and Xen memory management.
During this session, we will introduce some of the guidelines and when they should be used. We will also discuss how Xen boot sequence needs to be reworked to avoid breaking the guidelines.
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
For many years the QEMU codebase has contained PV backends for Xen guests, giving them paravirtual access to storage, network, keyboard, mouse, etc. however these backends have not been configurable as QEMU devices as their implementation did not fully adhere to the QEMU Object Model (QOM).
Particularly the PV storage backend not using proper QOM devices, or qdevs, meant that the QEMU block layer needed to maintain legacy code that was cluttering up the source. This was causing push-back from the maintainers who did not want to accept any patches relating to that Xen backend until it was 'qdevified'.
In this talk, I'll explain the modifications I made to QEMU to achieve 'qdevification' of the PV storage backend, how compatibility with the libxl toolstack was maintained, and what the next steps in both QEMU and libxl development should be.
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
PCI is a local computer bus for attaching hardware devices in a computer, and is the main peripheral bus on modern x86 systems. As such, having a proper way to emulate it is crucial for Xen to be able to expose both fully emulated devices or passthrough devices to guests.
This talk will focus on the current status of PCI emulation in Xen, how and where it is used, what are its main limitations and future plans to improve it in order to be more robust and modular.
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
Volodymyr will speak about TEE mediators. This is a new feature in Xen which allows multiple virtual machines to interact with Trusted Execution Environment available on platform. He developed mediator for one of TEEs, namely OP-TEE.
He will give background information on why TEE is needed at all and share some implementation details.
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
Xen is a very powerful hypervisor with a talented and diverse developers community. Despite the fact it's almost everywhere (from the Cloud to the embedded world), it can be difficult to set up and manage as a system administrator. General purpose distros have Xen packages, but that's just a start in your Xen journey: you need some tooling and knowledge to have a working and scalable platform.
XCP-ng was built to overcome those issues: by bringing Xen to the masses with a fully turnkey distro with Xen as its core. It's the logical sequel to the XCP project, with a community focus from the start. We'll see how it happened, what we did, and what's next. Finally, we'll see the impact of XCP-ng on the Xen Project.
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
Doug has long advocated for more CI/CD (Continuous Integration / Continuous Delivery) processes to be adopted by the Xen Project from the use of Travis CI and now GitLab CI. This talk aims to propose ideas for building upon the existing process and transforming the development process to provide users a higher quality with each release by the Xen Project.
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
High level toolstacks for server and cloud virtualization are very mature with large communities using and supporting them. Client virtualization is a much more niche community with unique requirements when compared to those found in the server space. In this talk, we’ll introduce a client virtualization toolstack for Xen (redctl) that we are using in Redfield, a new open-source client virtualization distribution that builds upon the work done by the greater virtualization and Linux communities. We will present a case for maturing libxl’s Go bindings and discuss what advantages Go has to offer for high level toolstacks, including in the server space.
Today Xen is scheduling guest virtual cpus on all available physical cpus independently from each other. Recent security issues on modern processors (e.g. L1TF) require to turn off hyperthreading for best security in order to avoid leaking information from one hyperthread to the other. One way to avoid having to turn off hyperthreading is to only ever schedule virtual cpus of the same guest on one physical core at the same time. This is called core scheduling.
This presentation shows results from the effort to implement core scheduling in the Xen hypervisor. The basic modifications in Xen are presented and performance numbers with core scheduling active are shown.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
2. XCP in a nutshell
Open source distribution of XenServer
Provides vertical stack for server virtualization
Distributed as a closed appliance, not as an
installable software package
3. XCP in a nutshell
This work is licensed under a Creative Commons Attribution-NonCommercial 2.5 License.
http://xkcd.com/918/
6. Upcoming XCP releases
XCP 1.1 beta released
Final should be released end of August
Mostly bug fixes since XCP 1.0
Next major release scheduled for November
Tentatively named XCP 1.5
Will have Xen 4.1, Linux 2.6.32
New features: Disaster Recovery, GPU
passthrough, 1TB host memory
New guest support: Solaris, Ubuntu 10.10, RHEL
6.0
7. Project Kronos
XCP's XenAPI toolstack, running on Debian
and Ubuntu systems
Why are we doing this?
To provide OSS Xen support for OpenStack
Because it's the right thing to do (and because it's
just really cool)
8. Project Kronos
New technology
Cross-pool migration using DRDB
Support for OpenStack through Project Olympus
New libxl bindings for xapi
9. Project Kronos Timeline
Milestone 1
First release to coincide with Ubuntu 11.10
Published as Ubuntu PPA and Debian apt repo
Milestone 2
Second release to coincide with Ubuntu 12.04 LTS
Will be in Debian unstable and Ubuntu repos
Follow along with development
http://wiki.xen.org/xenwiki/XAPI_on_debian
10. Where we're headed
XCP is XenServer “unstable”
Tracking unstable hypervisor/kernel
More open development model
XenAPI toolstack is more easily consumable
Supporting the cloud through OpenStack
11. XCP Vision
XCP is the configuration of choice for clouds
XCP bridges the gap between OSS Xen and
XenServer/XCP communities
XCP becomes the Xen Community Platform