Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek
Utilizing the Xen Hypervisor in business practice - Bryan Fusilier
-
Upload
matthew-turland -
Category
Economy & Finance
-
view
1.631 -
download
2
Transcript of Utilizing the Xen Hypervisor in business practice - Bryan Fusilier
Default
Utilizing the Xen Hypervisor in business practice
Bryan Fuselier
OSS Benefits
Benefits of OSS
Shared pool of resources
Cost Effective
Modifiable
Shared Resources
Massively expanding list of developers and contributors to draw insider knowledge of specific software
Large user groups to contribute experience and real-world knowledge
Cost Effective
"Free software" is a matter of liberty, not price. To understand the concept, you should think of "free" as in "free speech," not as in "free beer." Free software is a matter of the users' freedom to run, copy, distribute, study, change and improve the software. More precisely, it refers to four kinds of freedom, for the users of the software:
The freedom to run the program, for any purpose (freedom 0).
The freedom to study how the program works, and adapt it to your needs (freedom 1). Access to the source code is a precondition for this.
The freedom to redistribute copies so you can help your neighbor (freedom 2).
The freedom to improve the program, and release your improvements to the public, so that the whole community benefits (freedom 3). Access to the source code is a precondition for this.
Modifiable
Source code is freely available to modify at will either in house or outsourced
What's a Hypervisor
Sits between hardware and operating systems
Allocates Resources
Performs like a hardware system's BIOS
Domain Definition
When we are talking about virtualization, a domain is one of the virtual machines that run on the system. Domain0 is the first domain started by the Xen hypervisor at boot, and will be running a Linux OS. This domain is privileged: it may access the hardware and can run the XenControlTools that manage other domains. These other domains are referred to as DomUs, the U standing for "user". They are unprivileged, and could be running any operating system that has been ported to Xen.
How it Works
Step 1) Inventory of physical resources:
IRQ0IRQ1IRQ2IRQ3
How it Works
Step 2) Inventory of processors:
CPU0CPU1CPU2CPU4
How it Works
Step 3) Assign processors to available resources:
CPU0CPU1CPU2CPU3IRQ0IRQ1IRQ2IRQ3
Node 255How it Works
Step 4) Mask all initialization requests to processors:
CPU0CPU1CPU2CPU4IRQ0IRQ1IRQ2IRQ3
IRCPU0
Node 255How it Works
Step 5) Initialize all processors:
CPU0CPU1CPU2CPU4IRQ0IRQ1IRQ2IRQ3
Node 255How it Works
Step 6) Create Dom0:
CPU0CPU1CPU2CPU4IRQ0IRQ1IRQ2IRQ3
Dom0DomU ControlDirect HW Access
Node 255How it Works
Step 7) Physical Memory Inventory:
CPU0CPU1CPU2CPU4IRQ0IRQ1IRQ2IRQ3
Dom0 Dom0 alloc.: 000000041c000000->0000000420000000 (507904 pages to be allocated)
How it Works
Step 7) Virtual Memory Management:
Dom0Loaded kernel: ffffffff80200000->ffffffff805aee6cInit. ramdisk: ffffffff805af000->ffffffff825af000Phys-Mach map: ffffffff825af000->ffffffff829af000Start info: ffffffff829af000->ffffffff829af49cPage tables: ffffffff829b0000->ffffffff829c9000Boot stack: ffffffff829c9000->ffffffff829ca000TOTAL: ffffffff80000000->ffffffff82c00000ENTRY ADDRESS: ffffffff80200000
How it Works
Step 8) Boot Dom0:
Dom0Dom6Dom5Dom4Dom3Dom2Dom1
How LiquidIQ works
I/O Modules perform a PXE boot from an NFS server hosting it's image issuing DHCP
I/O Modules determine which one will be master
Master IOM builds the active database based on hardware resources it finds installed in the chassis.
Master IOM boots each available compute module with the configuration options set in the database
CM looks up it's configuration in the database and boots each VM with it's configuration options in the database
Xen, OSS & Liquid
Shared resources
Liquid IQ - Computer resources
Xen - Support
OSS - Code development
Cost Effective
power and resources
free (as in speech and beer)
free (as in speech sometimes beer)
Modifiable
on-the-fly VM modification
modifiable source code
modifiable source code
Advantages of Xen
Free (as in speech and beer)
Large support basis (via internet forums and paid support options)
Easily manage multi-client environment from one central location
Limitations of Xen
Lose advanced abilities provided by more well known commercial products
VMWare's VMotion
RAM Over subscription
I/O limitations in heavy operating environments (all hypervisors)
Summary
Open Source provides all the major functionality of standard commercial packages
In the case of Xen, this causes higher cost of management and administration over commercial options
Requires someone with the ability to understand and configure software with a development background
Click to edit the title