Xen and the art of the virtualization Tao Yang CS708 19/04/07.
-
date post
21-Dec-2015 -
Category
Documents
-
view
229 -
download
0
Transcript of Xen and the art of the virtualization Tao Yang CS708 19/04/07.
![Page 1: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/1.jpg)
Xen and the art of the virtualization
Tao Yang
CS708 19/04/07
![Page 2: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/2.jpg)
Acknowledge
Paul Barham, Boris Dragovic, Keir Fraser,Steven Hand,Tim Harris,Alex Ho,Rolf Neugebauer,Ian Pratt,Andrew Warfield.
Xen and the art of the virtualization. 2003ACM Symposium on Operating Systems Principles (SOSP)
http://www.cl.cam.ac.uk/research/srg/netos/papers/2003-xensosp.pdf
A.Whitaker,M.Shaw,and S.D.Gribble. Scale and performance in the Denali isolation kernel.In Proceedings of the 5th Symposium on Operating System Principles(OSDI 2002),ACM Operating Systems Review, Winter 2002 Special Issue
http://denali.cs.washington.edu/pubs/distpubs/papers/denali_osdi.pdf Bryan Clark,Todd Deshane,Eli Dow, Stephen Evanchik,Matthew
Finlayson,Jason Herne,Jeanna Neefe Matthews. Xen and the Art of Repeated Research. USENIX 2004 Annual technical conference
http://www.usenix.org/events/usenix04/tech/freenix/full_papers/clark/clark.pdf
![Page 3: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/3.jpg)
Outline
Overview of virtualization Xen and its architecture design Evaluate and Performance Future work
![Page 4: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/4.jpg)
Overview
What is virtualization and Why we need that
Full virtualization vs. Paravirtualization
![Page 5: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/5.jpg)
A broad definition
It is a abroad term that refer to abstraction of computer resource.
Hide the physical resource from the applications, systems and end users interact with those resource.
---A middle layer can solve most of problems
![Page 6: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/6.jpg)
Why we need virtualization
Here are some examples to show the advantage of virtualization
To consolidate multiple operating system to run on a single server
Normalize hardware accessed by the operating system Isolate misbehaving applications Migrate running OS instance from one server to another
server
![Page 7: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/7.jpg)
Full virtualization vs. Paravirtualization
There are many ways of Implement virtualization, the leading ways are full virtualization and paravirtualization
![Page 8: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/8.jpg)
Full virtualization
Full virtualization provide a total abstraction for the underlying hardware
Pros: Guest operating system don’t need any modification and
execute on VM just as it would on physical machine. Completely decoupling the software from hardware helps to provide complete isolation of applications Cons: Not good performance. VM monitor have to provide an
image of entire system, include virtual BIOS, virtual memory space, virtual devices.
Not supported by IA-32,or x86, architecture.
![Page 9: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/9.jpg)
Paravitualization
Abstraction of the hardware provided by the paravitualization is similar but not identical to the underlying physical hardware
Pros:near native performance
Cons:Modification of Guest operating System is required. Operating System need to port and run on top of virtual machine monitor
![Page 10: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/10.jpg)
Xen and its architecture
Structure of Xen and Xen’s paravirtulization interface
Xen paravirtualization interface Memory management (software managed TLB) CPU (privilege rings, Exception, and Events ) Device I/O (I/O rings)
![Page 11: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/11.jpg)
Structure of Xen
The initial domain,Domain 0,is responsible for hosting the application-level management software.
The control interface provides the ability to create and terminate other domains and to control their associated scheduling parameters,physical memory allocations and the access they are given to the machine’s physical disks and network device.
![Page 12: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/12.jpg)
Xen paravirtulization interface
![Page 13: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/13.jpg)
Software managed TLB(1)
TLB(Translation Lookaside Buffer) a cache to improve the speed of virtual address translation.
A tagged TLB is a useful feature supported by most server-class RISC architecture.Associating an address-space identifier tag with each TLB entry alls the hypervisor and each guest OS to efficiently coexist in separate address spaces because there is no need to flush the entire TLB when transferring executing.
![Page 14: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/14.jpg)
Software managed TLB(2)
Xen try to introduce a mechanism which is similar to tagged TLB to avoid the frequent flush
Guest OSes are responsible for allocating and managing the hardware page tables; Xen exists in a 64MB section at the top of every address space, thus avoiding a TLB flush when entering and leaving the hypervisor
![Page 15: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/15.jpg)
CPU(privilege ring &hypercall)
In order to protect from guest OS misbehavior,hypervisor should be run in high privilege level,guest OS should be modified to run at a lower privilege level.
Many processor architect only provide two privilege levels,that means the OS will share the lower privilege level with applications.The OS would then protect itself by running in a separate address space.
![Page 16: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/16.jpg)
Privilege rings
Efficient virtualization of privilege level is possible on X86 because it supports four distinct privilege levels in hardware,in terms of rings.
Domain 0 and other modified Guest OS would run on ring1,Xen will run on ring 0. Ring 3 is reserved for applications.
![Page 17: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/17.jpg)
Exceptions
A table describing the handler for each type of exception is registered with Xen validation.
The handler specified in the table are generally identical to those for real x86 hardware.
A ‘fast’ exception handler which is accessed directly by the processor is pre-validated by Xen .
![Page 18: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/18.jpg)
Control transfer:Hypercalls and Events
Two mechanisms exist for control interactions between Xen and an overlying domain: Hypercall: synchronous calls form a domain
to Xen Asynchronous event mechanism: form xen to
a domain
![Page 19: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/19.jpg)
Device I/O
I/O data is transferred to and from each domain via Xen using shared-memory, asynchronous buffer descriptor rings
![Page 20: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/20.jpg)
Asynchronous I/O rings
Descriptors do not directly contain I/O data;instead ,I/O data buffers are allocated by the guest OS and indirectly referenced by I/O descriptor.
Any question about the ring?
![Page 21: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/21.jpg)
Evaluate & Performance
As an x86 virtual machine monitor which allows multiple commodity operating systems to share conventional hardware,Xen has ported many operating systems,Linux BSD and Windows XP with minimal effort.
![Page 22: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/22.jpg)
The cost of Porting an OS to Xen
Some data of Xp is not present because they are still in process when the paper is published,Xp required surprising mount of modification in Architecture –independent, because it uses a variety of Page-table Entry(PTE)
Each page table should be modified separately
![Page 23: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/23.jpg)
Relative benchmark
SPEC CPU: contains a series of long –running computationally-intensive applications intended to measure the performance of system’s processor,memory system, and compiler quality.
OSDB: Open Source Database Benchmark suite(OSDB) IR : Multiple-user information Retrieval and On-Line transaction
Processing (OLTP)
dbench: file system benchmark Spec 99:application-level benchmark for evaluating web
servers and the systems that host them.
![Page 24: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/24.jpg)
Relative performance
![Page 25: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/25.jpg)
Conclusion
The virtualization approach taken by Xen is highly efficient.
However, Xen can not host 100 vm instances simultaneously, which is declared at the beginning the paper, and some related work can be referred to Xen and the art of repeated research paper
![Page 26: Xen and the art of the virtualization Tao Yang CS708 19/04/07.](https://reader036.fdocuments.us/reader036/viewer/2022062421/56649d595503460f94a39d01/html5/thumbnails/26.jpg)
Future work
Add universal buffer cache indexed on block contents. XenoServer project.
This paper is published 2003 just after the Xen 1.0 released. By now,these future work have been completed!