Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Virtualization in the Cloud:Featuring Xen                                               Lars Kurth                        ...
A Brief History of Xen in the CloudLate 90sXenoServer Project(Cambridge Univ.)                                            ...
A Brief History of Xen in the CloudLate 90s             Oct ‘03         ‘06             ‘08         ‘09           ‘11 ‘12X...
The Xen Hypervisor was designed forthe Cloud straight from the outset!
Xen.org• Guardian of Xen Hypervisor and related OSS Projects• Xen Governance similar to Linux Kernel• Projects   –   Xen H...
Xen Overview
Hypervisor ArchitecturesType 1: Bare metal Hypervisor                                Type 2: OS ‘Hosted’A pure Hypervisor ...
Xen: Type 1 with a TwistControl domain                                                         Thinner hypervisor(dom0)   ...
Xen and Linux• Xen Hypervisor is not in the Linux kernel• BUT: everything Xen and Xen Guests need to run is!• Xen packages...
Basic Xen Concepts                                                                Control Domain aka Dom0                 ...
Xen Variants for Server & Cloud                                      Xen Hypervisor                                 XCPToo...
Xen : Types of Virtualization
PV Domains & Driver Domains                                                                    Technology:Control domain  ...
HVM & Stub Domains                                                              Technology:Dom0           Guest VMn      S...
The Virtualization Spectrum  VS      Virtualized (SW) VH       Virtualized (HW)  P       ParavirtualizedFully Virtualized ...
The Virtualization Spectrum          Optimal performance          Scope for improvement          Poor performanceFully Vir...
PVH Benefits• Solves a number of historical problems with PV and HVM    – AMD 64 bit and x86-64 architecture is not a good...
XCP Project
XCP – Xen Cloud Platform               Complete stack for server virtualization               • Extends Xen to cover multi...
Major XCP Features• VM lifecycle: live snapshots, checkpoint, migration• Resource pools: flexible storage and networking• ...
XCP 1.6 Beta• Internal Improvements:  Xen 4.1.2, CentOS 5.7 with kernel 2.6.32.43, Open vSwitch 1.4.1• New format Windows ...
XCP and Cloud Orchestration Stacks
Challenges for FOSS hypervisors
“Security and QoS/Reliability are amongst the top 3 blockers for cloud adoption” www.colt.net/cio-research
System characteristics cloud users care about:“Robustness, Performance, Scalability & Security”Results XCP User Survey 201...
Disaggregation• Split Control Domain into Driver, Stub and Service Domains   – See: ”Breaking up is hard to do” @ Xen Pape...
User VM                                                  User VM            NF            BF                              ...
User VM                                                    User VM             NF            BF                           ...
Xen Security Advantages• Even without Advanced Security Features   – Well-defined trusted computing base (much smaller tha...
User VM                                                    User VM                       NF            BF                 ...
News from the Xen Community
Cool new functionality & initiatives• New PVH virtualization mode (Oracle)   – Patches being up-streamed to Xen and Linux ...
Summary: Why Xen?
• Designed for the Cloud : many advantages for cloud use!   – Resilience, Robustness & Scalability   – Security: Small sur...
• IRC: ##xen @ FREENODE                        • Mailing List: xen-users & xen-api (lists.xen.org)                        ...
Upcoming SlideShare
Loading in …5
×

Linuxcon EU : Virtualization in the Cloud featuring Xen and XCP

106,521 views

Published on

The Xen Hypervisor was built for the Cloud from the outset: when Xen was designed, we anticipated a world, which today is known as cloud computing. Today, Xen powers the largest clouds in production. This talk explores success criteria, architecture, trade-offs and challenges for cloudy hypervisors.
It is intended for users and developers and starts with a brief introduction to Xen and XCP, their architecture, shine some light on common challenges for KVM and Xen, such as the NUMA performance tax and securing the cloud. It will introduce the concept of domain disaggregation as an approach to increase security, robustness and scalability: all important factors for building clouds at scale. The talk will conclude with an update on Xen support in Linux, Xen for ARM servers and other exciting developments in the Xen community and their implications for building open source clouds.

Published in: Technology
  • Be the first to comment

Linuxcon EU : Virtualization in the Cloud featuring Xen and XCP

  1. 1. Virtualization in the Cloud:Featuring Xen Lars Kurth Xen Community Manager lars.kurth@xen.org @lars_kurth FREENODE: lars_kurth @xen_com_mgr
  2. 2. A Brief History of Xen in the CloudLate 90sXenoServer Project(Cambridge Univ.) Global Public ComputingThe XenoServer project is building public infrastructure for wide-area “This dissertation proposes a new distributed computing distributed computing. paradigm, termed global public computing, which allows any user to run any code anywhere. Such platforms priceWe envisage a world in which XenoServer computing resources, and ultimately charge users forexecution platforms will be scattered across resources consumed.“the globe and available for any member ofthe public to submit code for execution. Evangelos Kotsovinos, PhD dissertation, 2004
  3. 3. A Brief History of Xen in the CloudLate 90s Oct ‘03 ‘06 ‘08 ‘09 ‘11 ‘12XenoServer Project Amazon EC2 XCP 1.x(Cambridge Univ.) and Slicehost Cloud Mgmt launched Xen Presented Rackspace Linux 3.0 at SOSP Cloud XCP packages in Linux XCP Announced Xen for ARM based Servers PVH mode
  4. 4. The Xen Hypervisor was designed forthe Cloud straight from the outset!
  5. 5. Xen.org• Guardian of Xen Hypervisor and related OSS Projects• Xen Governance similar to Linux Kernel• Projects – Xen Hypervisor (led by 5 committers, 2 from Citrix) – Xen Cloud Platform aka XCP (led by Citrix) – Xen ARM : Xen for mobile devices (led by Samsung) – PVOPS : Xen components and support in Linux Kernel (led by Oracle)• 10+ vendors contributing more than 1% to the project (AWS, AMD, Citrix, GridCentric, Fujitsu, Huawei, iWeb, Intel, NSA, Oracle, Samsung, Suse, …)
  6. 6. Xen Overview
  7. 7. Hypervisor ArchitecturesType 1: Bare metal Hypervisor Type 2: OS ‘Hosted’A pure Hypervisor that runs directly on the A Hypervisor that runs within a Host OS and hostshardware and hosts Guest OS’s. Guest OS’s inside of it, using the host OS services to provide the virtual environment. VMn User-level VMM VMn VM1 User VM1 Apps VM0 Device Models VM0 Guest OS Guest OS and Apps and Apps Host OS Scheduler Hypervisor Ring-0 VM Monitor Device Drivers/Models Device Drivers “Kernel “ MMU Host HW Host HWI/O Memory CPUs I/O Memory CPUs Provides partition isolation + reliability, Low cost, no additional drivers higher security Ease of use & installation
  8. 8. Xen: Type 1 with a TwistControl domain Thinner hypervisor(dom0) • Functionality moved to Dom0 Device Models VMn Using Linux PV OPS VM1 • Using Linux Device Drivers Drivers VM0 • PV, PV on HVM and PVH modes Guest OS • Sharing components with KVM Linux & BSD and Apps Hypervisor In other words Scheduler MMU XSM • Re-use of Dom0 kernel componentsI/O Memory CPUs Host HW • Ease of use & Installation • Isolation & Security 8
  9. 9. Xen and Linux• Xen Hypervisor is not in the Linux kernel• BUT: everything Xen and Xen Guests need to run is!• Xen packages are mostly in Linux distros – Install Dom0 Linux distro – Install Xen package(s) or meta package – Reboot – Config stuff: set up disks, peripherals, etc.More info: wiki.xen.org/wiki/Category:Host_Install
  10. 10. Basic Xen Concepts Control Domain aka Dom0 Console • Dom0 kernel with drivers • Xen Management Toolstack VMn • Trusted Computing BaseControl domain VM1(dom0) Guest Domains One or more VM0 Toolstack driver, stub or • Your apps Dom0 Kernel service domains Guest OS and Apps • E.g. your cloud management stack Driver/Stub/Service Domain(s) Scheduler MMU XSM Hypervisor • A “driver, device model or control Host HW service in a box”I/O Memory CPUs • De-privileged and isolated • Lifetime: start, stop, kill 10
  11. 11. Xen Variants for Server & Cloud Xen Hypervisor XCPToolstack / Console Default / XL (XM) Libvirt / VIRSH XAPI / XE Increased level of functionality and integration with other componentsGet Binaries from … Linux Distros Linux Distros Debian & Ubuntu ISO from Xen.orgProducts Oracle VM Huawei UVP Citrix XenServerUsed by … Many Others More info: xen.org/community/presentations.html 11
  12. 12. Xen : Types of Virtualization
  13. 13. PV Domains & Driver Domains Technology:Control domain Guest VMn Driver Domain(dom0) e.g. • Paravirtualization Apps • Disk Linux PV guests have limitations: • Network • limited set of virtual hardware PV Back Ends PV Front Ends PV Back End Advantages HW Drivers HW Driver • Fast • Works on any system Dom0 Kernel Guest OS Dom0 Kernel* (even without virt extensions) Xen Hypervisor Driver Domains • Security Host HW • IsolationI/O Memory CPUs • Reliability and Robustness *) Can be MiniOS 13
  14. 14. HVM & Stub Domains Technology:Dom0 Guest VMn Stubdomn Guest VMn • Shows emulation using QEMU/Device Model (SW Virtualization) IO Emulation IO Emulation • In other situation HW can be usedDevice Model Device Model Disadvantages • Emulation slower than PV IO Event IO Event (mainly I/O devices)Dom0 Kernel VMEXIT Mini OS VMEXIT Advantages • No kernel support needed Xen Hypervisor Stub Domains Host HW • Security • Isolation • Reliability and Robustness 14
  15. 15. The Virtualization Spectrum VS Virtualized (SW) VH Virtualized (HW) P ParavirtualizedFully Virtualized (FV) VS VS VS VHFV with PV disk & network P VS VS VH HVM mode/domainPVHVM P P VS VHPVH x86 Xen 4.3 P P P VHPVH ARM v7+ Xen 4.3 P VH P VH PV mode/domainFully Paravirtualized (PV) P P P P
  16. 16. The Virtualization Spectrum Optimal performance Scope for improvement Poor performanceFully Virtualized (FV) VS VS VS VHFV with PV disk & network P VS VS VH HVM mode/domainPVHVM P P VS VHPVH x86 Xen 4.3 P P P VHPVH ARM v7+ Xen 4.3 P VH P VH PV mode/domainFully Paravirtualized (PV) P P P P
  17. 17. PVH Benefits• Solves a number of historical problems with PV and HVM – AMD 64 bit and x86-64 architecture is not a good match for PV for Privileged Instructions and Page Tables – Will allow to simplify the Xen and PVOPS architecture in the longer term• Fastest of PV and HVM on all architectures – No need for emulation – Uses HW virtualization where it is fastest – Uses PV where PV is fastest – Should provide the best trade-offs for most work-loadsMore info: wiki.xen.org/wiki/Virtualization_Spectrum &More info: xen.org/xensummit/xs12na_talks/M9.html
  18. 18. XCP Project
  19. 19. XCP – Xen Cloud Platform Complete stack for server virtualization • Extends Xen to cover multiple hosts • Adds further functionality and integrations for cloud, storage and networking to Xen HV • GPLv2 • XenServer is a commercial XCP distro Two Flavours • Appliance (ISO using CentOS Dom0) • Packages in Debian & Ubuntu (more distros to come)
  20. 20. Major XCP Features• VM lifecycle: live snapshots, checkpoint, migration• Resource pools: flexible storage and networking• Event tracking: progress, notification• Upgrade and patching capabilities• Real-time performance monitoring and alerting• Built-in support and templates for Windows and Linux guests• Open vSwitch support built-in (default)More info: wiki.xen.org/wiki/XCP_Release_Features
  21. 21. XCP 1.6 Beta• Internal Improvements: Xen 4.1.2, CentOS 5.7 with kernel 2.6.32.43, Open vSwitch 1.4.1• New format Windows drivers: installable by Windows Update Service• Networking: Better VLAN scalability, LACP bonding, IPv6• More guest OS templates: Ubuntu Precise 12.04, RHEL/CentOS, Oracle Enterprise Linux 6.1 & 6.2, Windows 8• Storage XenMotion: – Migrate VMs between hosts or pools without shared storage – Move a VM’s disks between storage repositories while the VM is runningMore info: xen.org/download/xcp/releasenotes_1.6.0.html &More info: xen.org/download/xcp/index_1.6.0.html
  22. 22. XCP and Cloud Orchestration Stacks
  23. 23. Challenges for FOSS hypervisors
  24. 24. “Security and QoS/Reliability are amongst the top 3 blockers for cloud adoption” www.colt.net/cio-research
  25. 25. System characteristics cloud users care about:“Robustness, Performance, Scalability & Security”Results XCP User Survey 2012 – 90% of users quoted these as most important attributes
  26. 26. Disaggregation• Split Control Domain into Driver, Stub and Service Domains – See: ”Breaking up is hard to do” @ Xen Papers – See: “Domain 0 Disaggregation for XCP and XenServer”• Unique benefit of the Xen architecture – Robustness: ability to safely restart parts of the system (e.g. just 275ms outage from failed Ethernet driver) – Performance: lightweight, Xen scheduler – Scalability: more distributed system (less reliable on Dom0) – Security: Minimum privilege; Narrow interfaces; Restart domains• Used today by Qubes OS and Citrix XenClient XT• Prototypes for XCP and XenServer
  27. 27. User VM User VM NF BF NF BF NB gntdev NB gntdev gntdevDom0 Network NFS/ Dom0 Qemu xapi Qemu Network NFS/ Local drivers iSCSI drivers iSCSI storageDomainmanager drivers . drivers drivers qemu . qemuhealthd storaged storaged storaged networkd . networkdxenopsd tapdisk . tapdisk tapdisk libxl vswitch blktap3 xapi vswitch blktap3 blktap3 syslogd eth eth Dom0 eth eth scsi Xen NIC CPU CPU NIC RAM RAM NIC NIC (or (or SR- (or SR- (or SR- RAID SR-IOV IOV VF) IOV VF) IOV VF) VF)
  28. 28. User VM User VM NF BF NF BF NB gntdev NB gntdev gntdevDom0 Network NFS/ Qemu xapi Logging Qemu Network NFS/ Local driver iSCSI domain domain domain domain driver iSCSI storageDomain domain driver domain driver drivermanager domain domain domain qemu qemuhealthd storaged storaged storaged networkd networkdxenopsd tapdisk tapdisk tapdisk libxl vswitch blktap3 xapi syslogd vswitch blktap3 blktap3 dbus over v4v eth eth eth eth scsi Xen CPU CPU NIC NIC RAM RAM NIC NIC (or SR- (or SR- (or SR- (or SR- RAID IOV VF) IOV VF) IOV VF) IOV VF)
  29. 29. Xen Security Advantages• Even without Advanced Security Features – Well-defined trusted computing base (much smaller than on type-2 HV) – Minimal services in hypervisor layer• Xen Security Modules (or XSM) – Developed, maintained and contributed to Xen by NSA – Generalized Security Framework for Xen – Compatible with SELinux (tools, architecture) – XSM object classes maps onto Xen features• XSM together with Disaggregation – Security sensitive Desktop use-cases developed for the NSA 29
  30. 30. User VM User VM NF BF NF BF NB gntdev NB gntdev gntdevDom0 Network NFS/ Qemu xapi Logging Qemu Network NFS/ Local driver iSCSI domain domain domain domain driver iSCSI storageDomain domain driver domain driver drivermanager domain domain domain qemu qemu healthd storaged storaged storaged networkd networkdxenopsd tapdisk tapdisk tapdisk libxl vswitch blktap3 xapi syslogd vswitch blktap3 blktap3 dbus over v4v eth eth eth eth scsiXSM policyrestricting access Xen NIC CPU CPU NIC RAM RAM NIC NIC (or (or SR- (or SR- (or SR- RAID SR-IOV IOV VF) IOV VF) IOV VF) VF)
  31. 31. News from the Xen Community
  32. 32. Cool new functionality & initiatives• New PVH virtualization mode (Oracle) – Patches being up-streamed to Xen and Linux (3.7 & 3.8) as we speak – Sweet spot for performance• Xen for ARM servers (using new PVH mode) – Cortex A15/ ARM v7: can start guests on Versatile Express; Samsung Chromebook next – ARM v8: porting work started on simulator and patches being up-streamed• New Xen ports – FreeBSD Xen port (SpectraLogic & HP) – Xen MIPS port (by BroadCom)• Language run-times running on bare-metal Xen – ErlangOnXen.org , Openmirage.orgMore info: wiki.xen.org/wiki/Xen_Roadmap/4.3 & wiki.xen.org/wiki/XCP_Roadmap
  33. 33. Summary: Why Xen?
  34. 34. • Designed for the Cloud : many advantages for cloud use! – Resilience, Robustness & Scalability – Security: Small surface of attack, Isolation & Advanced Security Features• Widely used by Cloud Providers and Vendors• XCP – Ready for use with cloud orchestration stacks – Packages in Linux distros: flexibility and choice• Open Source with a large community and eco-system – Exciting new developments in the pipeline
  35. 35. • IRC: ##xen @ FREENODE • Mailing List: xen-users & xen-api (lists.xen.org) • Wiki: wiki.xen.org • Ecosystem pages: xen.org/community/ecosystem.html • Presentations & Videos: xen.org/community/presentations.html • Xen Day Barcelona @ LinuxCon, Nov 8th : xen.org/community/events/xendaybarcelona2012.html @lars_kurthQuestions … @xen_com_mgr FREENODE: lars_kurth Slides available under CC-BY-SA 3.0 From www.slideshare.net/xen_com_mgr

×