xs boston 2008 project status
DESCRIPTION
Ian Pratt: Project status and organizationTRANSCRIPT
Ian Pratt
June 2008
� 160+ attendees
� 12 Countries
� 14 Universities
� 47 Companies
Xen Summit Boston 2008
� 47 Companies
� Padmashree Apparao - Intel
� Mike Day - IBM
� Lamia Youseff - UCSB
� Muli Ben-Yehuda – IBM
� Dan Magenheimer - Oracle� Dan Magenheimer - Oracle
� Jun Nakajima - Intel
� Jose Renato Santos – HP
Thanks for all your great efforts in putting together this event!
Xen Summit Boston 2008
� Breakout Room� Separate room available next door for discussions
� Wireless Setup� SSID is “usenix”
� Lunch
Xen Summit Boston 2008
� Lunch� Food court just inside mall down the hall
� Cheer’s Party at Faneuil Hall� Meet at 6:10 pm in Sheraton lobby for group walk to Faneuil Hall
� Collect 3 drink tickets per attendee
� Event T-Shirt & USB Key Drives◦ Please send email to [email protected] if you were not able to get either at this event
� Apologies, event registration jumped in the last couple of weeks so we did not order last couple of weeks so we did not order enough
� Additional items will be ordered and delivered to attendees requesting via email
Xen Summit Boston 2008
TIMETIMETIMETIME TOPICTOPICTOPICTOPIC
9 – 9:30 am Welcome & Project Status
9:30 – 10 am Roadmap & Releases
10:30 – Noon Novel Applications of Xen
OVF
Cloud Computing Made Agile
1:15 – 3:25 pm Virtualization in Network Appliances1:15 – 3:25 pm Virtualization in Network Appliances
Inter-VM Network Communication
Debugging Xen
Capacity Planning
Quantitative Xen vs KVM
3:45 pm – 5:15pm Power Friendly Xen
Guests Spinning
Paravirt Ops in Linux IA64
Xen Summit Boston 2008
TIMETIMETIMETIME TOPICTOPICTOPICTOPIC
9 – 10:00 am Fedora & Paravirt Ops
Secure Xen on ARM
Client Virtualization
10:30 – 11:00 am Self IO Emulation
Memory Overcommit
Stub Domains
Xen Summit Boston 2008
1:15 – 3:20 pm Virtual Networking
Network Topology
SR-IOV Devices and VT-d PCI
Cache Attribute Virtualization
3:45 – 5:15pm Identify VMs based on VTPM
VM Synchronization
Higher Security Xen
OpenSolaris Fault Management
Xen Summit Boston 2008
� Xen 3.2 Released 16 Jan 2008
� Xen.org and the Xen Advisory Board◦ Stephen Spector as full-time xen.org PM
� Linux paravirt_ops transition
� The Xen Client Initiative� The Xen Client Initiative◦ Creating an industry standard hypervisor for laptops and desktops
� Xen 3.3 due in early August◦ Enhanced Security, Performance & Scalability plus New Features
Xen Summit Boston 2008
� Build the industry standard open source hypervisor◦ Core "engine" that is incorporated into multiple vendors’ products
� Maintain Xen’s industry-leading performance◦ Be first to exploit new hardware acceleration features
◦ Help OS vendors paravirtualize their OSes
� Maintain Xen’s reputation for stability and quality� Maintain Xen’s reputation for stability and quality◦ Security must now be paramount
� Support multiple CPU types; big and small systems◦ From server to client to mobile phone
� Foster innovation
� Drive interoperability
� Original Xen 32b-only paravirt_ops went upstream to kernel.org in 2.6.22, July 2007
� 64b support likely to go into 2.6.27, thanks to work by Eduardo Habkost and Jeremy Fitzhardinge◦ Now shipping in Fedora Core 9
� Full privileged domain support being added by Juan Quintella and Stephen Tweedie
� IA64 paravirt_ops added by Isaku Yamahata
� Ongoing tuning and optimization work◦ All vendors should be using paravirt_ops...
Xen Summit Boston 2008
Xen Summit Boston 2008
� Pooling effort to accelerate Xen on clients◦ Create ‘kit of parts’ which vendors can select from and build into their products
◦ Encourage co-ordinated open development on the usual xen.org email lists, wiki, bugzilla etc.
Participating vendors� Participating vendors◦ AMD, AMI, Citrix, Dell, DeviceVM, HP, IBM, Intel, Lenovo, Neocleus, Novell, Phoenix, Red Hat, Sun
1. Instantly available ‘lite’ VMs
◦ Web browser, Blu-ray player, Email, productivity apps
2. Service VMs for security and manageability
◦ Execution environment for OS support functions
◦ Firewalls, Virus Scanners, VPN, ◦ Firewalls, Virus Scanners, VPN,
3. VMs for App Encapsulation and Mobility
◦ Enhanced isolation and security for critical Apps
◦ Information flow between VMs tightly controlled
◦ VM mobility enables execution to be moved from client to server and back
� Power Management◦ Enhanced host P&C state
◦ S3 Suspend to RAM
◦ Rapid Boot
� Graphics◦ GPU pass-through with
IOMMU support
� Native UEFI support
� Security◦ TPM/TXT integration
◦ Emulated TPM support
◦ Example Service Domains
� Hypervisor installationIOMMU support◦ 3D virtualization via Gallium serialization
� USB◦ Device pass-through
� WiFi / WiMax
� Hypervisor installation◦ Boot from Flash and disk
� Service Domain Framework◦ Packaging, Installation, Configuration, Interposition APIs, Update
◦ Extend OVF specification
� Move Device Emulation out of dom0 and into a small domain tightly coupled to the guest◦ Implemented using MiniOS, newlib
� Prime motivation was Security◦ Safely contain device emulator even if compromised ◦ Safely contain device emulator even if compromised
� Resource accounting and QoS improved
� Extra benefit of improved performance◦ Round-trip-time to ioemu now excellent due to close coupling of guest and Emu Dom
◦ Enhanced Scalability
◦ No OS scheduler to get in the way...
Xen Summit Boston 2008
Boot time (s)
Read (MB/s) Dom0
Emudom
0 10 20 30 40 50 60 70 80
Write (MB/s)
Recv (MB/s)
Send (MB/s)
Emudom
Native
� New Out-of-Sync additions to shadow2◦ Hybrid design combines the best of shadow1&2
◦ Automatically optimize for single vs. bulk updates
◦ Allow pages to go out-of-sync with their shadows during bulk updates
◦ Use snapshots to optimize resync
� Credit to Gianluca Guida and Tim Deegan
� The world’s best shadow pagetable algorithm just got better...
Xen Summit Boston 2008
03:36.00
04:19.20
05:02.40
05:45.60
06:28.80
07:12.00
Xen 3.2
Latest Build
1 VCPU 2 VCPU
00:00.00
00:43.20
01:26.40
02:09.60
02:52.80
32bit 1vcpu32bit 1vcpu32bit 1vcpu32bit 1vcpu PAE 1vcpuPAE 1vcpuPAE 1vcpuPAE 1vcpu 64bit 1vcpu64bit 1vcpu64bit 1vcpu64bit 1vcpu 32bit 2vcpu32bit 2vcpu32bit 2vcpu32bit 2vcpu PAE 2vcpuPAE 2vcpuPAE 2vcpuPAE 2vcpu 64bit 2vcpu64bit 2vcpu64bit 2vcpu64bit 2vcpu
14.98 % 25.43% 19.47% 11.85% 20.24% 7.35%
% Improvement with Latest Xen unstable
� Enhanced Intel TXT/TPM integration◦ Secure Xen launch
� PVGrub◦ Replaces PyGrub with in-guest domain builder based on MiniOS, newlib and Grubbased on MiniOS, newlib and Grub
◦ Narrows the interface, circumvents bug risk
� IOMMU support for PV and HVM Guests◦ Enables devices to be safely passed through even to buggy or malicious guests
◦ Further reduces trust required of dom0
Xen Summit Boston 2008
� Intel EPT and enhanced AMD NPT support◦ 2MB page support to reduce #memory accesses
� MSI / MSI-X◦ Avoid need to call into Xen to unmask interrupt
� Virtual Framebuffer Scanning OptimizationVirtual Framebuffer Scanning Optimization◦ Use PTE dirty bits to optimize scan
◦ Reduce overhead from 7% to 0.2%
� OpenGL rendering of framebuffer◦ Offload scaling to GPU
� Domain Lock removal for PV PTE updates◦ Improves performance of guests with many VCPUs
Xen Summit Boston 2008
Parallel kernel build on an 8 VCPU PV Linux guest (32b and 64b)
310
320
32 bit, Intel server
420
440
460
64 bit AMD server
260
270
280
290
300
native xen/old xen/new(S)
320
340
360
380
400
420
native xen/old xen/new
Overhead reduced from 14% to 10% Overhead reduced from 20% to 15%
(S)
� Full 16b Emulation on Intel systems◦ Fixes incompatibilities with some boot loaders, now runs DOS, Win3.1, OS/2 etc
� Jun Kamada’s SCSI front/back driver◦ Allows selective SCSI operation on raw LUNs◦ Allows selective SCSI operation on raw LUNs
◦ Can optionally expose underlying FC topology
� CPU CPUID virtualization◦ Enables selective exposure of CPU features to VMs
◦ Enhanced live relocation portability between hosts
◦ Expose VCPUs as threads, cores, or sockets
Xen Summit Boston 2008 5/14/2008
� Xen continues to offer best performance while taking a hard-line approach to security◦ Xen’s true type-1 thin hypervisor architecture sets it apart as being serious about security
� Xen Client has a great opportunity to become an industry standardan industry standard
� The Xen Community continues to grow from strength to strength◦ More vendors, more developers, more xen-based products
� Thanks for coming, enjoy the summit!
Xen Summit Boston 2008
Keir Fraser
June 2008
� Current stable releases: 3.1.4 and 3.2.1◦ Both released end of April
� Next releases: 3.2.2 and 3.3.0◦ Both anticipated late July - mid August
� Strategy:� Strategy:◦ Maintain two stable branches until the later one has
matured enough for switchover
◦ Quarterly releases from stable branches
◦ Six to nine months between major releases
� Features for 3.3 are now pretty well established◦ Almost all now in xen-unstable
◦ 3.3 is going to be a big release
� Need to plan features for 3.4 and beyond◦ Maintain aggressive development momentum◦ Maintain aggressive development momentum
◦ Avoid duplicated (or pointless) effort
� Server◦ Performance and scalability optimizations◦ Smart NICs
� Security◦ Domain0 disaggregation◦ Service domains◦ Service domains◦ Interface penetration testing
� Client◦ Power management� Suspend and hibernate; Clock management
◦ 3D video� direct h/w access; high-performance guest virtualization
� Network virtualisation is particularly hard◦ High packet rates; latency sensitive
� Existing netfront/back drivers have limitations◦ High cost for packet receive
◦ Not designed for next-generation NICs
Ongoing work on netchannel2 to address this� Ongoing work on netchannel2 to address this
� Lazy copy in the guest (reduces dom0 load)◦ Provide guest a copy-only, sub-page, revocable grant
� Support multi-queue NICs◦ DMA directly to guest buffers
� Reusable extensible ring architecture
� Potential for reducing memory pressure by
sharing identical pages across VMs◦ Significant savings in ‘ideal’ cases
◦ Rather smaller gains in typical heterogeneous
scenarios (10-20%)scenarios (10-20%)
� How to find identical pages?◦ Memory scanning ; identical disc blocks
� Demand paging is a prerequisite
� Dan Magenheimer is presenting a simpler
scheme for ‘virtual’ overcommit
� Hypervisor attack surface◦ Hypercalls, I/O backends, qemu-dm, pygrub,
save/restore, …
� Penetration-test our interfaces◦ New testing techniques required (e.g. fuzz injection)◦ New testing techniques required (e.g. fuzz injection)
� Security in depth◦ Minimum privilege approach (i.e. PVGrub, EmuDoms)
◦ Maintain narrow interfaces to privileged entities (DomB)
◦ Immutable memory, monitoring and inspection
� Secure boot
� Big improvements for 3.3◦ Cx/Px state management in the hypervisor
� More could be done◦ Better support for C3
◦ Deeper sleeps than C3◦ Deeper sleeps than C3
◦ Power-aware scheduling
◦ Schedule-aware Cx/Px governors
� Client applications◦ Pass through power information to console OS
◦ Collect power hints from guests
� Key feature for graphical applications
� Multiplex 3D hardware acceleration
� VMGL / Blink◦ Virtualizes OpenGL over Chromium-on-Ethernet
A new approach under investigation:� A new approach under investigation:◦ Use Gallium3D interface as virtualisation interface
◦ Designed to be OS neutral and gfx hw neutral
◦ Designed for modern hardware (programmable
shaders, etc)
◦ Make use of planned work to build translation layers
from Direct3D and OpenGL
� Native Hyper-V hypervisor interface◦ Many hypercalls designed for Hyper-V’s CPU/MMU
virtualisation (e.g., simple shadow mode)
◦ Some have benefit for Xen too (eg.TLB shootdowns)
◦ Measurements look very good◦ Measurements look very good
� High availability◦ VM replication (UBC’s Remus project)
◦ Machine-check support (Christoph Egger, Sun)
� XenAPI/CIM management interfaces◦ Meet full DMTF virtualization profile
� Still plenty of cool stuff to work on!
� The roadmap is not set in stone
� Come talk to me about features you would like
to see (and implement!) in Xen 3.4
