Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Xen & the Art of Virtualization

My presentation on the paper: Xen and the Art of Virtualization by Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, Andrew Warfield. Prepared for CSCI 297 - Advanced Operating System at GWU, Spring 2010

  • Sé el primero en comentar

Xen & the Art of Virtualization

  1. 1.   Challenges to build virtual machines   Performance isolation   Process Scheduling   Memory Usage   Network Traffic   Disk Access   Support for various OS platforms   Minimizing performance overhead
  2. 2. Conventional Xen   Full Virtualization   Paravirtualization   GuestOS runs without   Modifications to the modification GuestOS necessary   Guest OS cannot access the   Guest OS runs in parallel hardware directly with other modified systems   Problematic for certain   Provides some exposures to privileged instructions (e.g., the underlying HW traps)   No real-time guarantees
  3. 3.   Multiplexes resources at the granularity of an entire OS   Follows the ideology of Exokernel   As opposed to process-level multiplexing   Price: higher overhead   Target: 100 virtual OSes per machine
  4. 4.   Depending on the hardware supports   Software managed TLB   Associate address space IDs with TLB tags   Allow coexistence of OSes   Avoid TLB flushing across OS boundaries   X86 does not have software managed TLB   Xen exists at the top 64MB of every address space   Avoid TLB flushing when an guest OS enter/exist Xen   Each OS can only map to memory it owns   Writes are validated by Xen
  5. 5.   X86 supports 4 levels of privileges   0 for OS, and 3 for applications   Xen downgrades the privilege of OSes Privilege   System-call and page-fault Level of handlers registered to Xen Guest OS   “fast handlers” for most 0 exceptions, Xen isn’t involved 1 2 3
  6. 6.   Separation of policy and mechanism   Domain0 hosts the application-level management software   Creation and deletion of Control virtual network User User User Plane Software Software Software interfaces and block Software devices GuestOS GuestOS GuestOS GuestOS (XenoLinux) (XenoLinux) (XenoBSD) (XenoXP) Xeno - Aware Xeno - Aware Xeno - Aware Xeno - Aware Device Drivers Device Drivers Device Drivers Device Drivers Domain0 Virtual Virtual X Virtual Virtual Control x86 CPU Physical Network Block E Interface Memory Device N H/W (SMP x86, Phys Mem, eNet, SCSI/IDE)
  7. 7.   Hypercall: synchronous calls from a domain to Xen   Analogous to system calls   Allows domains to perform a synchronous software trap into the hypervisor to perform privileged operation   Events: asynchronous notifications from Xen to domains   Replace device interrupts   Lightweight notification of important system events, similar to Unix signal   Event handling can be deferred by domain
  8. 8.   Safe indirect way to share I/O devices among OSes   Circular queue accessible by Xen and a domain
  9. 9.   Borrowed virtual time scheduling   Allows temporary violations of fair sharing to favor recently-woken domains   Goal: reduce wake-up latency   Xen provides several different types of timers   Real Time (time that always advances regardless of the executing domain)   Virtual Time (time that only advances within the context of the domain)   Wall Clock Time (time that takes in to account local offsets for time zone and DST)
  10. 10.   No shadow pages (VMWare)   Xen provides constrained but direct MMU updates   All guest OSes have read-only accesses to page tables   Updates are batched into a single hypercall   Updates must be validated by Xen   Guest OSes are responsible for allocation and managing pages within their own domain   Xen exists in a generally unused section at the top of every address space to prevent paging out
  11. 11.   Reserved at domain creation times   Memory statically partitioned among domains   Does not guarantee contiguous regions of memory   Supports hardware~physical mapping by providing shared translation array readable by all domains
  12. 12.   Virtual firewall-router attached to all domains   Round-robin packet scheduler   To send a packet, enqueue a buffer descriptor into the transmit rang   Use scatter-gather DMA (no packet copying)   A domain needs to exchange page frame to avoid copying   Page-aligned buffering
  13. 13.   Only Domain0 has direct access to disks   Other domains need to use virtual block devices   Use the I/O ring   Reorder requests prior to enqueuing them on the ring   If permitted, Xen will also reorder requests to improve performance   Use DMA (zero copy)
  14. 14. SPEC INT2000 score SPEC WEB99 CPU Intensive (Little I/O and OS 180Mb/s TCP traffic (Disk read-write interaction) on 2GB dataset)
  15. 15.   Since version 3.0.2 Xen supports unmodified Microsoft OSes and Linux when the host runs on Intel VT or AMD-V hardware   As of 2009 most Linux distributions include Xen packages to interact with the Xen hypervisor and start additional domains   XenServer was made 100% open source 2 years after being acquired by Citrix Systems. Citrix has also formed Xen Project Advisory Board (Xen AB), which currently has members from IBM, Intel, Hewlett-Packard, Novell, Red Hat, Sun Microsystems and Oracle
  16. 16.   Questions?   Discussion   Slide is available at:  virtualization