1 / 14

Xen

Xen. Bart Miller. Outline. Definition and goals Paravirtualization System Architecture The Virtual Machine Interface Memory Management CPU Device I/O Network, Disk Xen Timeline. Definition and Goals. An x86 Virtual Machine Monitor (aka Hypervisor) Developed in 2003

flynn-moon
Download Presentation

Xen

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Xen Bart Miller

  2. Outline • Definition and goals • Paravirtualization • System Architecture • The Virtual Machine Interface • Memory Management • CPU • Device I/O • Network, Disk • Xen Timeline

  3. Definition and Goals • An x86 Virtual Machine Monitor (aka Hypervisor) • Developed in 2003 • Approximately 60k lines of code • Goals: • 100 VMs per system • Support full multi-application OSes • No modifications to guest applications • Negligible sacrifice in performance • Fully isolate guests

  4. Paravirtualization • Full virtualization on x86 (ca. 2003) is complex and not efficient • Create a unique interface to the hardware • Let the Guest OS access the hardware directly when appropriate • Prevent the Guest OS from accessing functionality which could affect other guests or the VMM. • Must modify the Guest OS • For Linux, 2995 lines (1.36% of code base) • For Windows XP, 4620 lines (0.04% of code base)

  5. System Architecture

  6. Memory Management • Problem • x86 has a hardware managed TLB • Assumes single OS, does not support tagging nor managing in software • Context switch requires TLB flush • Solution • Guest OSes manage hardware page table • Direct read access; updates batched and validated by Xen • Xen resides in 64Mbyte section at the top of every address space

  7. CPU • Protection • x86 has 4 privilege levels, known as Rings. • Ring O is highest and Ring 3 lowest privilege • For Xen, the VMM executes in Ring O, the Guest OS executes in Ring 1, and the user programs execute in Ring 3. • Exceptions • The Guest OS registers a table of exception handlers with Xen • All are unmodified except the Page Fault handler, since it normally requires access to a privileged register (CR2)

  8. CPU (2) • System Calls • The Guest OS can register a “fast” exception handler • Executes without indirection • Xen verifies that the handler does not specify execution in Ring O • Interrupts • Interrupts are replaced by a lightweight event system • Asynchronous, relies on Ring buffer • Time • Guest OSes have access to “real” and “virtual” timers

  9. Device I/O • Network • VIF, VFR • Transmit and receive Ring I/O buffers • Domain O manages and enforces the firewall rules • Transmit: • A guest enqueues a request to the transmit ring • Xen validates the request against the firewall rules and forwards to the device • Receive: • A guest enqueues a receive request to the receive ring • Xen determines the appropriate recipient • The packet buffer is exchanged for a sacrificial page frame on the receiver’s ring

  10. Device I/O (2) • Disk access • Only Domain O can directly access physical disks • All DomUs communicate through Virtual Block Devices (VBD) • Channels are comprised of Ring buffers • Requests can be reordered by the Guest OS and Xen • Unless the Guest OS issues a reorder barrier

  11. Ring Structure

  12. Ring Structure (2)

  13. Xen Timeline • 2003: Initial release of Xen • 2005 was a significant year for Virtualization • Intel introduces VT-x, quickly utilized by Xen • Narrows performance gap between HVM and PVM • 2006: Amazon opens up public beta of EC2 • 2007: Live migration for HVM guests • 2008: PCI pass-through (VT-d) and ACPI S3 support • 2011: Xen support for DomO and DomU is added to the Linux kernel

  14. Questions?

More Related