Xen and the art of the virtualization
Download
Report
Transcript Xen and the art of the virtualization
Xen and the art of the
virtualization
Tao Yang
CS708 19/04/07
Acknowledge
Paul Barham, Boris Dragovic, Keir Fraser,Steven Hand,Tim Harris,Alex
Ho,Rolf Neugebauer,Ian Pratt,Andrew Warfield.
Xen and the art of the virtualization. 2003ACM Symposium on Operating
Systems Principles (SOSP)
http://www.cl.cam.ac.uk/research/srg/netos/papers/2003-xensosp.pdf
A.Whitaker,M.Shaw,and S.D.Gribble. Scale and performance in the Denali
isolation kernel.In Proceedings of the 5th Symposium on Operating System
Principles(OSDI 2002),ACM Operating Systems Review, Winter 2002
Special Issue
http://denali.cs.washington.edu/pubs/distpubs/papers/denali_osdi.pdf
Bryan Clark,Todd Deshane,Eli Dow, Stephen Evanchik,Matthew
Finlayson,Jason Herne,Jeanna Neefe Matthews. Xen and the Art of
Repeated Research. USENIX 2004 Annual technical conference
http://www.usenix.org/events/usenix04/tech/freenix/full_papers/clark/clark.pdf
Outline
Overview of virtualization
Xen and its architecture design
Evaluate and Performance
Future work
Overview
What is virtualization and Why we need that
Full virtualization vs. Paravirtualization
A broad definition
It is a abroad term that refer to abstraction of computer
resource.
Hide the physical resource from the applications,
systems and end users interact with those resource.
---A middle layer can solve most of problems
Why we need virtualization
Here are some examples to show the advantage of
virtualization
To consolidate multiple operating system to run on a
single server
Normalize hardware accessed by the operating system
Isolate misbehaving applications
Migrate running OS instance from one server to another
server
Full virtualization vs. Paravirtualization
There are many ways of Implement
virtualization, the leading ways are full
virtualization and paravirtualization
Full virtualization
Full virtualization provide a total abstraction for the
underlying hardware
Pros:
Guest operating system don’t need any modification
and execute on VM just as it would on physical machine.
Completely decoupling the software from hardware
helps to provide complete isolation of applications
Cons:
Not good performance. VM monitor have to provide an
image of entire system, include virtual BIOS, virtual
memory space, virtual devices.
Not supported by IA-32,or x86, architecture.
Paravitualization
Abstraction of the hardware provided by the
paravitualization is similar but not identical to the
underlying physical hardware
Pros:near native performance
Cons:Modification of Guest operating System is required.
Operating System need to port and run on top of virtual
machine monitor
Xen and its architecture
Structure of Xen and Xen’s paravirtulization interface
Xen paravirtualization interface
Memory management (software managed TLB)
CPU (privilege rings, Exception, and Events )
Device I/O (I/O rings)
Structure of Xen
The initial domain,Domain
0,is responsible for hosting
the application-level
management software.
The control interface
provides the ability to
create and terminate other
domains and to control
their associated scheduling
parameters,physical
memory allocations and the
access they are given to
the machine’s physical
disks and network device.
Xen paravirtulization interface
Software managed TLB(1)
TLB(Translation Lookaside Buffer) a cache to improve
the speed of virtual address translation.
A tagged TLB is a useful feature supported by most
server-class RISC architecture.Associating an addressspace identifier tag with each TLB entry alls the
hypervisor and each guest OS to efficiently coexist in
separate address spaces because there is no need to
flush the entire TLB when transferring executing.
Software managed TLB(2)
Xen try to introduce a mechanism which is similar to
tagged TLB to avoid the frequent flush
Guest OSes are responsible for allocating and managing
the hardware page tables; Xen exists in a 64MB section
at the top of every address space, thus avoiding a TLB
flush when entering and leaving the hypervisor
CPU(privilege ring &hypercall)
In order to protect from guest OS
misbehavior,hypervisor should be run in high
privilege level,guest OS should be modified to
run at a lower privilege level.
Many processor architect only provide two
privilege levels,that means the OS will share the
lower privilege level with applications.The OS
would then protect itself by running in a separate
address space.
Privilege rings
Efficient virtualization of
privilege level is possible on
X86 because it supports
four distinct privilege levels
in hardware,in terms of
rings.
Domain 0 and other
modified Guest OS would
run on ring1,Xen will run on
ring 0. Ring 3 is reserved
for applications.
Exceptions
A table describing the handler for each type of exception
is registered with Xen validation.
The handler specified in the table are generally identical
to those for real x86 hardware.
A ‘fast’ exception handler which is accessed directly by
the processor is pre-validated by Xen .
Control transfer:Hypercalls and Events
Two mechanisms exist for control
interactions between Xen and an overlying
domain:
Hypercall: synchronous calls form a domain
to Xen
Asynchronous event mechanism: form xen to
a domain
Device I/O
I/O data is
transferred to and
from each domain
via Xen using
shared-memory,
asynchronous
buffer descriptor
rings
Asynchronous I/O rings
Descriptors do not directly contain I/O
data;instead ,I/O data buffers are allocated
by the guest OS and indirectly referenced
by I/O descriptor.
Any question about the ring?
Evaluate & Performance
As an x86 virtual machine monitor which
allows multiple commodity operating
systems to share conventional
hardware,Xen has ported many operating
systems,Linux BSD and Windows XP with
minimal effort.
The cost of Porting an OS to Xen
Some data of Xp is
not present because
they are still in
process when the
paper is published,Xp
required surprising
mount of modification
in Architecture –
independent, because
it uses a variety of
Page-table Entry(PTE)
Each page table
should be modified
separately
Relative benchmark
SPEC CPU: contains a series of long –running
computationally-intensive applications intended to
measure the performance of system’s
processor,memory system, and compiler quality.
OSDB: Open Source Database Benchmark suite(OSDB)
IR : Multiple-user information Retrieval and On-Line transaction
Processing (OLTP)
dbench: file system benchmark
Spec 99:application-level benchmark for evaluating web
servers and the systems that host them.
Relative performance
Conclusion
The virtualization approach taken by Xen is highly
efficient.
However, Xen can not host 100 vm instances
simultaneously, which is declared at the beginning the
paper, and some related work can be referred to Xen
and the art of repeated research paper
Future work
Add universal buffer cache indexed on block contents.
XenoServer project.
This paper is published 2003 just after the Xen 1.0
released. By now,these future work have been
completed!