xen and the art of virtualization. introduction challenges to build virtual machines performance...
TRANSCRIPT
![Page 1: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/1.jpg)
Xen and the Art of Virtualization
![Page 2: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/2.jpg)
Introduction Challenges to build virtual machines
Performance isolation Scheduling priority Memory demand Network traffic Disk accesses
Support for various OS platforms Small performance overhead
![Page 3: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/3.jpg)
Xen Multiplexes resources at the granularity of an
entire OS As opposed to process-level multiplexing Price: higher overhead
Target: 100 virtual OSes per machine
![Page 4: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/4.jpg)
Xen: Approach and Overview Conventional approach
Full virtualization Cannot access the hardware Problematic for certain privileged instructions (e.g.,
traps) No real-time guarantees
![Page 5: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/5.jpg)
Xen: Approach and Overview Xen: paravirtualization
Provides some exposures to the underlying HW Better performance Need modifications to the OS No modifications to applications
![Page 6: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/6.jpg)
Memory Management Depending on the hardware supports
Software managed TLB Associate address space IDs with TLB tags Allow coexistence of OSes Avoid TLB flushing across OS boundaries
![Page 7: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/7.jpg)
Memory Management X86 does not have software managed TLB
Xen exists at the top 64MB of every address space
Avoid TLB flushing when an guest OS enter/exist Xen
Each OS can only map to memory it owns Writes are validated by Xen
![Page 8: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/8.jpg)
CPU X86 supports 4 levels of privileges
0 for OS, and 3 for applications Xen downgrades the privilege of OSes System-call and page-fault handlers registered to
Xen “fast handlers” for most exceptions, Xen isn’t
involved
![Page 9: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/9.jpg)
Device I/O Xen exposes a set of simple device
abstractions
![Page 10: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/10.jpg)
The Cost of Porting an OS to Xen Privileged instructions Page table access Network driver Block device driver <2% of code-base
![Page 11: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/11.jpg)
Control Management Separation of policy and mechanism Domain0 hosts the application-level
management software Creation and deletion
of virtual network
interfaces and block
devices
![Page 12: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/12.jpg)
Control Transfer: Hypercalls and Events Hypercall: synchronous calls from a domain
to Xen Analogous to system calls
Events: asynchronous notifications from Xen to domains Replace device interrupts
![Page 13: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/13.jpg)
Data Transfer: I/O Rings Zero-copy semantics
![Page 14: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/14.jpg)
CPU Scheduling Borrowed virtual time scheduling
Allows temporary violations of fair sharing to favor recently-woken domains
Goal: reduce wake-up latency
![Page 15: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/15.jpg)
Time and Timers Xen provides each guest OS with
Real time (since machine boot) Virtual time (time spent for execution) Wall-clock time
Each guest OS can program a pair of alarm timers Real time Virtual time
![Page 16: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/16.jpg)
Virtual Address Translation No shadow pages (VMWare) Xen provides constrained but direct MMU
updates All guest OSes have read-only accesses to
page tables Updates are batched into a single hypercall
![Page 17: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/17.jpg)
Physical Memory Reserved at domain creation times Memory statically partitioned among domains
![Page 18: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/18.jpg)
Network Virtual firewall-router attached to all domains Round-robin packet scheduler To send a packet, enqueue a buffer descriptor
into the transmit rang Use scatter-gather DMA (no packet copying)
A domain needs to exchange page frame to avoid copying
Page-aligned buffering
![Page 19: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/19.jpg)
Disk Only Domain0 has direct access to disks Other domains need to use virtual block
devices Use the I/O ring Reorder requests prior to enqueuing them on the
ring If permitted, Xen will also reorder requests to
improve performance Use DMA (zero copy)
![Page 20: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/20.jpg)
Evaluation Dell 2650 dual processor 2.4 GHz Xeon server 2GB RAM 3 Gb Ethernet NIC 1 Hitachi DK32eJ 146 GB 10k RPM SCSI
disk Linux 2.4.21 (native)
![Page 21: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/21.jpg)
Relative Performance
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
Linux Xen VMWare UML
SPEC INT2000 score
CPU Intensive
Little I/O and OS interaction
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
Linux Xen VMWare UML
SPEC WEB99
180Mb/s TCP traffic
Disk read-write on 2GB dataset
![Page 22: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/22.jpg)
Concurrent Virtual Machines
Multiple Apache processes in Linux
vs.
One Apache process in each guest OS
![Page 23: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/23.jpg)
Performance Isolation 4 Domains 2 running benchmarks 1 running dd 1 running a fork bomb in the background 2 antisocial domains contributed only 4%
performance degradation
![Page 24: Xen and the Art of Virtualization. Introduction Challenges to build virtual machines Performance isolation Scheduling priority Memory demand Network](https://reader036.vdocument.in/reader036/viewer/2022062715/56649da25503460f94a8f7c8/html5/thumbnails/24.jpg)
Scalability