Xen and the Art of Virtualization Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt & Andrew Warfield Presented by Anthony So November, 13 2013 1 CS533 - Concepts of Operating Systems Fall 2013
Presentation Overview Introduction Xen approach Overview o Implementation o Evaluation o Summary 2 CS533 - Concepts of Operating Systems Fall 2013
Introduction 3 CS533 - Concepts of Operating Systems Fall 2013
Monolithic kernel User Non-Privilege Apps File Virtual Device IPC Scheduler System Memory Driver Privilege Hardware (CPU, Physical Memory, Storage, I/O, … etc) 4 CS533 - Concepts of Operating Systems Fall 2013
Virtualization VM/Domain User Non-Privilege Apps VMM (Virtual CPU, Virtual Physical Memory, File Virtual Device IPC Scheduler Virtual Network, Virtual Block Device … etc) System Memory Driver Privilege Hardware (CPU, Physical Memory, Storage, I/O, … etc) 5 CS533 - Concepts of Operating Systems Fall 2013
Non, Full, and Para-Virtualization Non Full Para User Apps User Apps User Apps Non-Privilege OS Modified OS OS VMM VMM Privilege Hardware Hardware Hardware 6 CS533 - Concepts of Operating Systems Fall 2013
Xen - Overview 7 CS533 - Concepts of Operating Systems Fall 2013
Xen Architecture Overview 8 CS533 - Concepts of Operating Systems Fall 2013
Control Transfer Synchronous calls from a domain to Xen may be made using a hypercall Notification are delivered to domains from Xen using an asynchronous event mechanism Domain Synchronous Asynchronous Hypercall Event VMM 9 CS533 - Concepts of Operating Systems Fall 2013
Xen – Implementation 10 CS533 - Concepts of Operating Systems Fall 2013
CPU – Privilege Instruction How x86 architecture handles privileged instructions? Non Full Para User Apps User Apps User Apps Non-Privilege OS Modified OS OS VMM VMM Privilege Hardware Hardware Hardware 11 CS533 - Concepts of Operating Systems Fall 2013
Memory Management Tagged TLB vs No Tagged TLB Tagged TLB is ideal for virtualization because each TLB entry associated with an address-space identifier to allows hypervisor and guest OS entries to coexist even with context switch, thus, avoid complete TLB flush. x86 – No Tagged TLB and must flush after a context switch. Xen exists in a 64MB section a the top of every address space, thus avoiding a TLB flush when entering and leaving the hypervisor. 12 CS533 - Concepts of Operating Systems Fall 2013
Memory Management S/W managed vs H/W managed TLB x86 uses H/W managed TLB. Therefore, TLB management and handling TLB faults are done entirely by the MMU hardware. S/W managed TLB is ideal for virtualization because TLB misses are serviced by the OS. 13 CS533 - Concepts of Operating Systems Fall 2013
Memory Management Xen register guest OS page tables directly with the MMU but restricted guest OS to read-only access. Page Table updates are passed to Xen via hypercall. Request are validated before being applied. Type: writable, page table … etc. o Reference count: Must be 0 to switch task type. o To minimize hypercall, guest OS locally queue updates before applying an entire batch with a single hypercall. 14 CS533 - Concepts of Operating Systems Fall 2013
Memory Management Shadow Page Table. VMM lookup VMM lookup Virtual Virtual Physical the real the real To Guest OS Guest OS To To address address wants to wants to in memory in memory Machine Physical Machine update page update page and update and update table table the table the table Shadow Guest Page Page Pmap Table Table 15 CS533 - Concepts of Operating Systems Fall 2013
Memory Management Xen Virtual Guest OS Read has direct read To access to page Machine table Guest OS Hypercall VMM do the Write want to update on behave Page update of guest OS Table page table 16 CS533 - Concepts of Operating Systems Fall 2013
[3] Memory Management Balloon Driver is a mechanism to adjust a domain’s memory usage. 17 CS533 - Concepts of Operating Systems Fall 2013
Exception / System Calls / Interrupt Exception: A table describing the handler for each type of exception is registered with Xen for validation. The handler are identical to real x86 hardware (except page faults). System Calls: Xen allows each guest OS to register & install a fast handler to enable direct calls from user apps into its guest OS and avoid routing through Xen on every calls. Interrupt: Hardware interrupts are replaced with a lightweight event system. 18 CS533 - Concepts of Operating Systems Fall 2013
Time and Timers Xen provides guest OS the following notion of time: Real Time: Time that is maintained continuously since machine boot. o Virtual Time: Time that a particular domain has executed. It will not o advance if the domain is not executing. Wall-Clock Time: Current Real Time + an offset. o 19 CS533 - Concepts of Operating Systems Fall 2013
I/O Ring An asynchronous I/O rings is used for data transfer between Xen and guest OS. (Circular queue) Xen Guest OS 20 CS533 - Concepts of Operating Systems Fall 2013
Network Xen provides the following abstraction: Virtual firewall-router (VFR) Virtual network interfaces (VIF) – Like a modem network interface card Two I/O rings: transmit and receive. Round-Robin packet scheduler. Page flipping: require guest OS to exchange an unused page frame for each packet it receives to avoid copying between Xen and the guest OS (but require page-alignment). 21 CS533 - Concepts of Operating Systems Fall 2013
Disk Domain0 has unchecked access to physical disks. All other domains access persistent storage through Virtual block device (VBD). Domain0 manages VBDs. Ownership and access control information are accessed via the I/O ring. Round-round scheduler. Batching of requests for better access performance. 22 CS533 - Concepts of Operating Systems Fall 2013
Xen - Evaluation 23 CS533 - Concepts of Operating Systems Fall 2013
Hardware Dell 2650 dual processor 2.4GHz Xeon server 2GB RAM Broadcom Tigon 3 Gigabit Ethernet NIC Hitachi DK32EJ 146GB 10k RPM SCSI disk Linux version 2.4.21 RedHat 7.2 24 CS533 - Concepts of Operating Systems Fall 2013
Virtualization Comparison Native Linux Compiled for i686 o XenoLinux Compiled for Xeno-i686 for Xen o VMware Workstation Compiled for i686 o User-mode Linux (UML) Compiled for um for UML o 25 CS533 - Concepts of Operating Systems Fall 2013
Relative Performance Computation Intensive: Processor & memory Database: w/ minimal I/O or O/S Web server: Sync. Disk operation File Server: Compiling kernel: I/O, scheduler, memory management 26 CS533 - Concepts of Operating Systems Fall 2013
Concurrent Higher overhead from single domain is due to lack of support to SMP guest OS 27 CS533 - Concepts of Operating Systems Fall 2013
Conclusion Xen is a paravirtualization Xen exposes an hypercall interface to Guest OS. Guest OS use it to communicate with Xen to do privileged instructions. As a result, Xen can not use unmodified guest OS. Performance is comparable to native Linux. 28 CS533 - Concepts of Operating Systems Fall 2013
Learn More The Xen Project at www.xenproject.org 29 CS533 - Concepts of Operating Systems Fall 2013
Recommend
More recommend