1 / 24

Xen and the Art of Virtualization

Xen and the Art of Virtualization. Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt & Andrew Warfield Presented by Judy Fischbach. Overview. Motivations How Xen works Comparisons among Xen, hardware, and VMWare.

daisyv
Download Presentation

Xen and the Art of Virtualization

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Xen and the Art of Virtualization Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt & Andrew Warfield Presented by Judy Fischbach

  2. Overview • Motivations • How Xen works • Comparisons among Xen, hardware, and VMWare. • Xen and VMWare both designed for x86 architecture CS533 - Concepts of Operating Systems

  3. Virtualization Challenges • Speed • Performance • Security • Resource Isolation • Functionality • Xen’s design goal CS533 - Concepts of Operating Systems

  4. Types of virtualization • Two categories exist • Full Virtualization • Disco and VMWare • Paravirtualization • Xen CS533 - Concepts of Operating Systems

  5. VMM Approach • In traditional VMM (Virtual Machine Monitor) the virtual hardware is functionally equivalent to the physical hardware • Possibly difficult to implement (x86 systems in particular) • Potentially useful to provide real and virtual resource information • The “guest” machine would not have access to this information CS533 - Concepts of Operating Systems

  6. Xen Approach • Virtual machine is NOT 100% functionally equivalent to the hardware • Xen uses paravirtualization instead • Paravirtualization is a process where the guest operating system is modified to run in parallel with other modified systems • Advantage: Improved performance • Disadvantage: The hosted operating system must be modified before it can be hosted by the Xen Hypervisor (can be difficult) CS533 - Concepts of Operating Systems

  7. Xen Design CS533 - Concepts of Operating Systems

  8. Definitions • Guest Operating System • The operating system that Xen hosts • Domain • The virtual machine under which a guest operating system executes • Guest OS and a domain similar to idea of a program and a process • Hypervisor • A particular Xen version which handles low level functionality CS533 - Concepts of Operating Systems

  9. Xen Implementation • What Xen does differently-- • CPU • Virtualization of the CPU • CPU Scheduling • Time & Timers • Memory Management • Virtual Address Translation • Physical Memory • Device I/O • Network • Disk • Control Transfer CS533 - Concepts of Operating Systems

  10. CPU • Most change is required here by the guest OS • Xen takes exception to the basic idea that an OS is the most privileged • Privileged instructions • Instructions are paravirtualized by requiring to be validated/executed within Xen CS533 - Concepts of Operating Systems

  11. CPU Virtualization • Virtualization easier with x86 • Why? • Has built in security levels (Rings 0, 1, 2, 3) • Ring 0 – OS Software (most privileged) • Ring 3 – User software • Ring 1 & 2 – Not used • Xen modifies the OS to execute on Ring 1 CS533 - Concepts of Operating Systems

  12. CPU Scheduling and Timers • Borrowed Virtual Time algorithm is used in scheduling domains • Important to lessen problems of one domain executing code that might impact another domain. • Provides several different types of timers • Real Timer • Virtual Timer • Wall Clock Timer CS533 - Concepts of Operating Systems

  13. Control Transfer • Exceptions and Events • Memory faults and software traps • Generally virtualized through Xen’s event handler • Two most frequent exceptions are: • System calls • Page faults • System calls and page faults are two examples of a ‘fast’ handler (one in which doesn’t use the hypervisor) CS533 - Concepts of Operating Systems

  14. Paravirtualization of the MMU Paravirtualization Full Virtualization CS533 - Concepts of Operating Systems

  15. Virtual Memory • When the guest OS requires a new page table, it allocates it from its own memory store • After allocation it becomes registered with Xen • OS then gives up all memory write privileges • All subsequent updates must be validated by Xen • Guest OS’s generally batch these update requests to amortize the cost of calling the hypervisor • Segmentation is virtualized likewise CS533 - Concepts of Operating Systems

  16. Virtual Memory • Xen uses a design where • The guest OS’s themselves are responsible for allocation and managing their own hardware pages • Xen itself is located in an unused section at the top of address space to ensure that it is never paged out • This differs from the approach that Disco takes • Disco VMM goes a second level deeper in it’s indirection. • A VMM within VMM CS533 - Concepts of Operating Systems

  17. Memory Management • Memory Management can be challenging • The key points • No software managed TLB exists in x86 • The TLB is not tagged which implies it must be flushed on a context switch CS533 - Concepts of Operating Systems

  18. Device I/O Management • Data is transferred to and from domains through a buffer descriptor ring • Based on producer consumer pointers • One set used within guest OS • Another set used within Hypervisor • This allows separation between data and event notification CS533 - Concepts of Operating Systems

  19. Hypervisor Control • In Xen • Domain0 is given greater access to the hardware and the hypervisor. It has: • A guest OS running above the domain • Hypervisor Manager software to manage elements within other existing domains. • In VMWare • Host OS acts underneath the domain. CS533 - Concepts of Operating Systems

  20. Disk I/O Comparisons CS533 - Concepts of Operating Systems

  21. New Domain Creation • Domain0 is privileged • New domains are created by Domain0 • Reduces the hypervisor complexity • Allows for a better debug environment CS533 - Concepts of Operating Systems

  22. Networking • Networking in computers are important these days. • Because of this, Xen provides a “Virtual Firewall” • Domain0 creates firewall rules • Data transmission uses a buffer ring for outgoing • Data reception uses a different buffer ring for ingoing • Incoming data packets are analyzed according to Virtual Firewall rules • If any Virtual Firewall rules broken, packet is dropped CS533 - Concepts of Operating Systems

  23. Other Hardware • Block diagram for Xen illustrates that the idea of Xen enabled hardware drivers still exists • VMWare operates similarly. • Two examples: • A sound card is installed, host machine will detect that you have a Sound Blaster enabled sound card. • A video driver is installed on guest OS to improve video performance (from VMWare). • Don’t forget, one more important part of virtualization. • Any other resources that the guest OS can access must be virtualized, not just the memory and cpu! CS533 - Concepts of Operating Systems

  24. Citations • Diagrams from the following paper • http://i30www.ira.uka.de/teaching/coursedocuments/90/Xen.pdf CS533 - Concepts of Operating Systems

More Related