550 likes | 653 Views
10 Years of Xen and beyond … . Lars Kurth Xen Project Community Manager lars.kurth@xen.org. @ lars_kurth. FREENODE: lars_kurth. Xen.org becomes XenProject.org. Xen.org (single vendor Open Source). XenProject.org (truly vendor neutral Open Source).
E N D
10 Years of Xen and beyond … Lars KurthXen Project Community Managerlars.kurth@xen.org @lars_kurth FREENODE: lars_kurth
Xen.org becomes XenProject.org Xen.org(single vendor Open Source) XenProject.org(truly vendor neutral Open Source)
Xen contributor community is diversifying • The number of “significant” active vendors is increasing • New feature development driving new participation • Linux Foundation Collaborative Project was next logical step
Xen : The Gears of the Cloud Large user base more than 10 million individuals users Powers the largest clouds in production Not just for Servers
XenProject.org Overview • Teams aka sub-projects • Hypervisor • XAPI • ARM Hypervisor (for Servers as well as Mobile Devices) • Mirage OS (a Xen Library OS) • Governance : mixture between Linux Kernel and Apache
Hypervisor Architectures Type 1: Bare metal Hypervisor A pure Hypervisor that runs directly on the hardware and hosts Guest OS’s. VMn VM1 Hypervisor Scheduler VM0 Device Drivers/Models MMU Guest OS and Apps Host HW I/O Memory CPUs Provides partition isolation + reliability, higher security
Hypervisor Architectures Type 1: Bare metal Hypervisor A pure Hypervisor that runs directly on the hardware and hosts Guest OS’s. Type 2: OS ‘Hosted’ A Hypervisor that runs within a Host OS and hosts Guest OS’s inside of it, using the host OS services to provide the virtual environment. User-level VMM VMn VMn UserApps VM1 VM1 Device Models Hypervisor Scheduler VM0 VM0 Device Drivers/Models MMU Guest OS and Apps Guest OS and Apps Host OS Ring-0VM Monitor “Kernel“ Device Drivers Host HW Host HW I/O I/O Memory Memory CPUs CPUs Provides partition isolation + reliability, higher security Low cost, no additional drivers Ease of use & installation
Xen: Type 1 with a Twist Type 1: Bare metal Hypervisor VMn VM1 Hypervisor Scheduler VM0 Device Drivers/Models MMU Guest OS and Apps Host HW I/O Memory CPUs
Xen: Type 1 with a Twist Type 1: Bare metal Hypervisor Xen Architecture VMn VMn VM1 VM1 Hypervisor Scheduler VM0 VM0 Device Drivers/Models MMU Guest OS and Apps Guest OS and Apps Hypervisor Scheduler MMU Host HW Host HW I/O I/O Memory Memory CPUs CPUs
Xen: Type 1 with a Twist Type 1: Bare metal Hypervisor Xen Architecture Controldomain (dom0) VMn VMn Device Models VM1 VM1 Hypervisor Scheduler VM0 VM0 Device Drivers/Models Drivers MMU Guest OS and Apps Guest OS and Apps Linux & BSD Hypervisor Scheduler MMU Host HW Host HW I/O I/O Memory Memory CPUs CPUs
Xen Project and Linux • Xen Hypervisor is not in the Linux kernel • BUT: everything Xen and Xen Guests need to run is! • Linux Kernel 3.0+ is Xen-enabled • Xen packages are in all Linux distros (except RHEL6) • Install Dom0 Linux distro • Install Xen package(s) or meta package • Reboot • Config stuff: set up disks, peripherals, etc. More info: wiki.xen.org/wiki/Category:Host_Install
Basic Xen Concepts Console Interface to the outside world Control Domain aka Dom0 Dom0 kernel with drivers Xen Management Toolstack Guest Domains Your apps Driver/Stub/Service Domain(s) A “driver, device model or control service in a box” De-privileged and isolated Lifetime: start, stop, kill VMn Control domain (dom0) VM1 VM0 Hypervisor Scheduler MMU Guest OS and Apps Dom0 Kernel XSM Host HW I/O Memory CPUs Trusted Computing Base
Basic Xen Concepts Console Interface to the outside world Control Domain aka Dom0 Dom0 kernel with drivers Xen Management Toolstack Guest Domains Your apps Driver/Stub/Service Domain(s) A “driver, device model or control service in a box” De-privileged and isolated Lifetime: start, stop, kill Console VMn Control domain (dom0) VM1 VM0 Hypervisor Toolstack Scheduler MMU Guest OS and Apps Dom0 Kernel XSM Host HW I/O Memory CPUs Trusted Computing Base
Basic Xen Concepts Console Interface to the outside world Control Domain aka Dom0 Dom0 kernel with drivers Xen Management Toolstack Guest Domains Your apps Driver/Stub/Service Domain(s) A “driver, device model or control service in a box” De-privileged and isolated Lifetime: start, stop, kill Console VMn Control domain (dom0) VM1 VM0 One or moredriver, stub or service domains Hypervisor Toolstack Scheduler MMU Guest OS and Apps Dom0 Kernel XSM Host HW I/O Memory CPUs Trusted Computing Base
PV Domains Guest VMn Control domain (dom0) Apps PV Back Ends PV Front Ends HW Drivers Dom0 Kernel Guest OS Xen Hypervisor Host HW I/O Memory CPUs Technology: Paravirtualization Linux PV guests have limitations: limited to a subset of set of virtual HW Advantages Fast Works on any system (even without virt extensions)
PV Domains & Driver Domains Guest VMn • Driver Domaine.g. • Disk • Network Control domain (dom0) Apps PV Back End PV Back Ends PV Front Ends HW Driver HW Drivers Dom0 Kernel Guest OS Dom0 Kernel* Xen Hypervisor Host HW I/O Memory CPUs *) Can be MiniOS Technology: Paravirtualization Linux PV guests have limitations: limited to a subset of virtual HW Advantages Fast Works on any system (even without virt extensions) Driver Domains Security Isolation Reliability and Robustness
HVM Guest VMn Dom0 IO Emulation Device Model IO Event Dom0 Kernel VMEXIT Xen Hypervisor Host HW I/O Memory CPUs Technology: Shows emulation using QEMU/Device Model (SW Virtualization) In other situation HW can be used Disadvantages Emulation slower than PV(mainly I/O devices) Advantages No kernel support needed
HVM & Stub Domains Guest VMn Guest VMn Stubdomn Dom0 IO Emulation IO Emulation Device Model Device Model IO Event IO Event Dom0 Kernel Mini OS VMEXIT VMEXIT Xen Hypervisor Host HW I/O Memory CPUs Technology: Shows emulation using QEMU/Device Model (SW Virtualization) In other situation HW can be used Disadvantages Emulation slower than PV(mainly I/O devices) Advantages No kernel support needed Stub Domains Security Isolation Reliability and Robustness
The Virtualization Spectrum Disk and Network Interrupts, Timers Emulated Motherboard, Legacy boot Privileged Instructions and page tables Virtualized (SW) VS Virtualized (HW) VH Paravirtualized P HVM mode/domain Xen 4.4 PV mode/domain
The Virtualization Spectrum Disk and Network Interrupts, Timers Emulated Motherboard, Legacy boot Privileged Instructions and page tables Optimal performance Scope for improvement Poor performance HVM mode/domain Xen 4.4 PV mode/domain
The Virtualization Spectrum Important: Xen automatically picks the best option based on HW & OS capabilities and available drivers. As a Xen user I chose a HVM or PV domain. Disk and Network Interrupts, Timers Emulated Motherboard, Legacy boot Privileged Instructions and page tables Optimal performance Scope for improvement Poor performance HVM mode/domain Xen 4.4 PV mode/domain
Xen Variants for Server & Cloud Hypervisor Xen Hypervisor
Xen Variants for Server & Cloud Hypervisor Xen Hypervisor Increased level of functionality and integration with other components Toolstack / Console Default / XL (XM) Libvirt / VIRSH XAPI / XE Single Host Additional Functionality Single Host Basic Functions Multiple Hosts Additional Functionality
Xen Variants for Server & Cloud Project Xen Hypervisor XAPI / XE Toolstack / Console Default / XL (XM) Libvirt / VIRSH Cloud Orchestration
Xen Variants for Server & Cloud Project Xen Hypervisor XAPI / XE Toolstack / Console Default / XL (XM) Libvirt / VIRSH Huawei UVP Products Oracle VM Citrix XenServer
Xen Variants for Server & Cloud Project Xen Hypervisor XAPI / XE Toolstack / Console Default / XL (XM) Libvirt / VIRSH Used by …
XAPI : What do I get? Xen Hypervisor XAPI / XE Multiple Hosts Additional Functionality More info: wiki.xen.org/wiki/XCP_Release_Features • VM lifecycle: live snapshots, checkpoint, migration • Storage XenMotion: Migrate VMs between hosts or pools without shared storage (while the VM is running) • Resource pools: flexible storage and networking • Event tracking: progress, notification • Upgrade and patching capabilities • Real-time performance monitoring and alerting • Templates for Windows and Linux guests • Open vSwitch support built-in (default)
XAPI : two variants! Xen Hypervisor XAPI / XE Multiple Hosts Additional Functionality XCP ISO (at v1.6) Xen 4.1.3 + XAPI CentOS 5.3Kernel (v2.6.32.43) OVS 1.4.2 XCP-XAPI packages Debian Wheezy Ubuntu 12.04 LTSCentOS 6.4 soon
System characteristics cloud users care about: “Robustness, Performance& Security” Results XCP User Survey 2013 – users quoted these as most important attributes
Disaggregation See qubes-os.org Different windows runin different VMs Split Control Domain into Driver, Stub and Service Domains • See: ”Breaking up is hard to do” @ Xen Papers • See: “Domain 0 Disaggregation for XCP and XenServer” Used today by Qubes OS and Citrix XenClient XT Prototypes for XAPI
Benefits of Disaggregation Ability to safely restart parts of the system(e.g. just 275ms outage from failed Ethernet driver) More Security Increased serviceability and flexibility Better Robustness Better Performance Better Scalability
Next:XAPI Architecture Diagram Before and After Disaggregation
User VM User VM NF BF NF BF NB gntdev NB gntdev gntdev Dom0 Dom0 Network drivers NFS/ iSCSIdrivers Qemu xapi Qemu Network drivers NFS/ iSCSIdrivers Local storage drivers Domain manager .... qemu qemu healthd storaged storaged storaged networkd networkd syslogd xenopsd libxl tapdisk blktap3 tapdisk blktap3 tapdisk blktap3 vswitch vswitch xapi xapi CPU CPU NIC (or SR-IOV VF) NIC (or SR-IOV VF) NIC (or SR-IOV VF) NIC (or SR-IOV VF) RAID RAM RAM Dom0 eth eth eth eth scsi Xen Xen
User VM User VM NF BF NF BF NB gntdev NB gntdev gntdev Dom0 Network driver domain NFS/ iSCSIdriver domain Qemu domain xapi domain Logging domain Network driver domain NFS/ iSCSIdriver domain Local storage driver domain Dom0 ... Domain manager qemu healthd storaged storaged storaged networkd networkd xenopsd libxl tapdisk blktap3 tapdisk blktap3 tapdisk blktap3 vswitch xapi syslogd vswitch CPU CPU dbus over v4v dbus over v4v NIC (or SR-IOV VF) NIC (or SR-IOV VF) NIC (or SR-IOV VF) NIC (or SR-IOV VF) RAID RAM RAM eth eth eth eth scsi Xen Xen
Xen Security Modules (XSM) & FLASK XSM is Xen equivalent of LSM FLASK is Xen equivalent of SELinux Developed, maintained and contributed to Xen by NSA Compatible with SELinux (tools, architecture) XSM object classes maps onto Xen features
User VM User VM NF BF NF BF NB gntdev NB gntdev gntdev Dom0 Dom0 Network driver domain NFS/ iSCSIdriver domain Qemu domain xapi domain Logging domain Network driver domain NFS/ iSCSIdriver domain Local storage driver domain ... Domain manager qemu healthd storaged storaged storaged networkd networkd xenopsd libxl tapdisk blktap3 tapdisk blktap3 tapdisk blktap3 vswitch xapi syslogd vswitch CPU CPU dbus over v4v dbus over v4v NIC (or SR-IOV VF) NIC (or SR-IOV VF) NIC (or SR-IOV VF) NIC (or SR-IOV VF) RAID RAM RAM eth eth eth eth scsi Xen Xen FLASK policyrestricting access
Xen Security Advantages More info: http://www.slideshare.net/xen_com_mgr/ a-brief-tutorial-on-xens-advanced-security-features • Even without Advanced Security Features • Well-defined trusted computing base (much smaller than on type-2 HV) • Minimal services in hypervisor layer • Advanced Security Features • Xen has many Advanced Security Features • Most are not switched on by default • Although most are simple to use, some seen complicated
Xen for ARM Servers : Why ? Single node virtualization capabilityManageability ARM Servers Coming to Market 4GB RAM, 4 cores per node3 x 6 x 4 x 4 = 288 cores per 4 RU
Xen 4.3 for ARM Servers Fully functional for ARM v7 & v8 ARM v7: Versatile Express, Arndale &Samsung Chromebook ARM v8: Fast Model
Xen + ARM = a perfect Match ARM Architecture Features for Virtualization User mode : EL0 ARM SOC Kernel mode : EL1 I/O Device Tree describes … Hypervisor mode : EL2 GT GICv2 2 stageMMU Hypercall Interface HVC
Xen + ARM = a perfect Match ARM Architecture Features for Virtualization Any Xen Guest VM (including Dom0) Dom0 only EL0 ARM SOC User Space EL1 Kernel PV front PVback I/O Device Tree describes … I/O I/O EL2 GT GICv2 2 stageMMU HVC HVC Xen Hypervisor
One mode to rule them all Disk and Network Interrupts, Timers Emulated Motherboard, Legacy boot Privileged Instructions and page tables Optimal performance Scope for improvement HVM mode/domain PV mode/domain
Xen 4.3 Release (June 2013) More info: http://lists.xen.org/archives/html/xen-devel/2013-05/msg01134.html • Release candidates & Xen Test Days (June 5th) • Xen ARM for Servers • Extend scope of Xen Security Modules • Default to QEMU upstream • Updated and improved libvirt drivers for Xen • Lots of other stuff: • scalability, performance, better NUMA support, …