Titile of the Paper Presented

arghtalentData Management

Jan 31, 2013 (4 years and 4 months ago)

197 views

EECS 750

1

Student Presentation

Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand,
Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, Andrew
Warfield


University of Cambridge Computer Laboratory


Presented by: Andrew Boie


Xen and the Art of Virtualization

EECS 750

2

Student Presentation

Overview


What is the problem


Virtual Machines


Xen


Related Work


Denali


VMWare


User
-
Mode Linux


Design Goals


Implementation


Memory Management


CPU


Device I/O


Evaluation


Conclusions

EECS 750

3

Student Presentation

What is the Problem


Many systems exist to subdivide the resources of a computer


Some have 100% binary compatibility, but are slow


Others sacrifice security or functionality for speed


Few offer resource isolation or performance guarantees


Xen


Allows multiple commodity operating systems to share
conventional hardware


Design target: run 100 virtual machine instances on a modern
server


Does not sacrifice performance or functionality


Applications for Xen


Server consolidation


Co
-
located hosting facilities


Distributed web services


Secure computing platforms

EECS 750

4

Student Presentation

Related Work


Denali


Designed to support thousands of virtual machines running
network services


Does not target existing ABIs


Only one process per VM


Lack of performance isolation; thrashing


VMWare ESX Server


Full virtualization


No modifications to OS


Must trap all privileged instructions; high performance cost


User
-
Mode Linux


Run an instance of Linux as a user mode process on a Linux host


Substantial overhead

EECS 750

5

Student Presentation

Design Goals


Support for unmodified application binaries


Otherwise users will not transition to Xen


Requires virtualizing all features required by existing ABIs


Support full multi
-
application operating systems


Allows complex server configurations inside a single OS instance


Paravirtualization


Does not require ‘shadow’ page tables


Requires modification of guest OS


High performance, strong resource isolation


Necessary on architectures such as x86 to meet design goals


Hiding effects of resource virtualization from guest OSes can risk
both correctness and performance

EECS 750

6

Student Presentation

Control and Management


Structure

EECS 750

7

Student Presentation

Control and Management (Cont’d)


Domain created at boot time which runs the application
-
level
management software


Only Domain 0 may use the Xen control interface


Create and terminate other domains


Scheduling parameters


Access to disks and network devices


Creation of virtual network interfaces and block devices


Hypercalls


Synchronous calls from a guest OS to the Xen hypervisor


Update page tables


Events


Virtual IRQs


Data received on network


Disk request completion


Guest OS may defer event handling by setting a flag

EECS 750

8

Student Presentation

Memory Management


Page Tables


Guest OS allocates page tables from its own memory
pool


Page table is registered with Xen, and Guest OS loses
direct write privileges


All page table updates must be validated by Xen via
hypercalls


Guest OS may batch update requests to increase speed


Xen exists in the first 64MB of every address space, to
avoid TLB flush when entering hypervisor


Initial memory allocation for domain specified at time of
creation


Domains may adjust their reservation by making calls
to Xen

EECS 750

9

Student Presentation

CPU


Guest OS no longer the most priviledged entity in
system; must be modified to run at a lower privilege
level


On x86, 4 convenient privilege levels


Xen in Ring 0


Guest OS in Ring 1


User code in Ring 3


Privileged CPU instructions must be validated and
executed within Xen


Guest OS registers exception handlers with Xen


Xen traps exceptions, copies exception stack to Guest
OS, and returns control to OS
-
registered handler

EECS 750

10

Student Presentation

CPU (Cont’d)


Common Exceptions


System calls usually implemented by software
exception; Xen allows guest OS to register a ‘fast’
exception handler without needing to indirect via Ring 0


Page faults require reading privileged CPU register;
copied by Xen so that it can be accessed by Ring 1


Scheduling


Borrowed Virtual Time (BVT) scheduling


Temporarily violates ‘fair’ sharing to favor recently
woken domains


Useful for TCP, which relies on timely delivery of
acknowledgements to estimate round
-
trip times


Other scheduling algorithms can easily be added over
generic scheduler abstraction

EECS 750

11

Student Presentation

Device I/O
-

Buffer descriptor rings


EECS 750

12

Student Presentation

Device I/O (Cont’d)


Xen supports event delivery mechanism for sending
asynchronous notifications to domains, similar to hardware IRQ


Network


Virtual Firewall
-
router provided by Xen, with each domain having
one or more virtual network devices


Each VIF has two I/O rings, for send and receive


Disk


Domain 0 has complete access to physical disks


All other domains use Virtual Block Device (VBD) abstraction


VBDs created and managed within Domain 0


Human I/O


Xen paper does not elaborate how KVM are shared, if at all

EECS 750

13

Student Presentation

Evaluation


SPEC INT2000


Long running CPU
-
bound applications


Test CPU, Memory, and compiler


Build Linux kernel


OSDB
-
IR


Multi
-
user information retrieval from PostgreSQL


Considerable load on OS


OSDB
-
OLTP


Online Transaction Processing


Many synchronous disk operations


Dbench


File system benchmark


SPEC WEB99


Web Server Benchmark


Dynamic content generation, HTTP POST, CGI


Test file system, network, web server performance

EECS 750

14

Student Presentation

Evaluation
-



EECS 750

15

Student Presentation

Evaluation
-

OS Performance


Lmbench


OS Benchmarks


System call execution time


Context switch time


File and VM system latency

EECS 750

16

Student Presentation

Evaluation
-

Network


Examine TCP performance over Gigabit LAN


Ttcp benchmark

EECS 750

17

Student Presentation

Evaluation
-

Concurrency


SPEC WEB99 for 1, 2, 4, 8, 16 concurrent web servers

EECS 750

18

Student Presentation

Conclusions


Excellent platform for deploying a wide variety of
network
-
centric services


Facilitates creation of transient servers for short period
of time and low instantiation costs


Performance of XenoLinux on Xen is practically
equivalent to baseline Linux system


No appreciable cost for resource management facilities