Xen: Open Source Hypervisor Designed for Clouds

Preview:

Click to see full reader

DESCRIPTION

Xen: Open Source Hypervisor Designed for Clouds. lars_kurth. Lars Kurth Community Manger, Xen Project Chairman, Xen Project Advisory Board Director, Open Source, Citrix. About Me. Was a contributor to various projects Worked in parallel computing, tools, mobile and now virtualization - PowerPoint PPT Presentation

Citation preview

Xen: Open Source Hypervisor Designed for CloudsLars KurthCommunity Manger, Xen ProjectChairman, Xen Project Advisory BoardDirector, Open Source, Citrix lars_kurth

About MeWas a contributor to various projectsWorked in parallel computing, tools, mobile and now virtualizationLong history in change projectsCommunity guy at Symbian FoundationLearned how NOT to do stuff

Community guy for the Xen ProjectWorking for CitrixAccountable to Xen Project Advisory BoardChairman of Xen Project Advisory Board

The Cloud “Problem”

IT: Pre-CloudStability is ParamountValue of IT: consistent service availabilityService capacity specified a year or more in advanceWhat’s up, stays up

Change is BadChange to status quo is disruptive and dangerous

IT in the CloudAvailability of Services is ParamountValue of IT: consistent service availability matching dynamic business demandService capacity must move with business needsWhat’s up when depends on what’s needed when

Change is GoodServices must change to cover the needs of the momentLack of change = lack of value

Virtualization in the CloudIt must be stable

It must be secure

It must be configurable on a large scale

It must take orchestration

It must be multi-tenant

What is the Xen Project?

An Open Source Hypervisor > 10M Users

Powering some of the biggest Clouds in ProductionAmazon Web Services, Rackspace Public Cloud, Terremark, …

Several sub-projectsXen Hypervisor, XAPI management tools, Mirage OS

Linux Foundation Collaborative ProjectSponsored by Amazon Web Services, AMD, Bromium, Calxeda, CA Technologies, Cisco, Citrix, Google, Intel, NetApp, Oracle, Samsung and Verizon

10 years old

A type-1 hypervisor with a twist

VM2 VMn

Applications Applications

Guest OS Guest OS

Applications Applications

VM1 (or DomU)

Applications

Guest OS

VM0 (or Dom0)

Toolstack

Dom0 Kernel

HWCPUsMemoryI/O

Console

Scheduler MMU Timers InterruptsConfig

VM2 VMn

Applications Applications

Guest OS Guest OS

Applications Applications

VM1 (or DomU)

Applications

Guest OS

VM0 (or Dom0)

Toolstack

Dom0 Kernel

HWCPUsMemoryI/O

Drivers

Console

Scheduler MMU Timers InterruptsConfig

back PV front

VM2 VMn

Applications Applications

Guest OS Guest OS

Applications Applications

VM1 (or DomU)

Applications

Guest OS

VM0 (or Dom0)

Toolstack

Dom0 Kernel

HWCPUsMemoryI/O

QEMU

Console

Scheduler MMU Timers InterruptsConfig

DomU

DomU

DomU

Dom0

Security

Security in the Cloud

Service VM

Guest OS

Dom0

Toolstack

Dom0 Kernel

HWCPUsMemoryI/O

Scheduler MMU Timers InterruptsConfig

Example Security Features

Driver(s)

QEMU Disaggregation

Service VM

Guest OS

Dom0

Toolstack

Dom0 Kernel

HWCPUsMemoryI/O

Scheduler MMU Timers InterruptsConfig

Example Security Features

QEMU

Linux Security Modules /SELinux

Xen Security Modules /FLASK

Managing Xen

Single HostBasic Functions

Multiple HostsAdditional Functionality

Multiple HostsMore Functionality

Rich Toolstacks

Increased level of functionality and integration with other components

Toolstack / Console

Hypervisor Xen Hypervisor

XAPI / XEDefault / XL Libvirt / VIRSH

Xen

XAPI

XAPI / XEDefault / XL

Xen Hypervisor

Cloud Support

Toolstack / Console

Hypervisor

Libvirt / VIRSH

Virtualization in the CloudIt must be stable

It must be secure

It must be configurable on a large scale

It must take orchestration

It must be multi-tenant

AWS, Rackspace Public Cloud, Terremark, many others …

Tons of features: see tinyurl.com/xen-secure

Puppet, Chef, Salt, … − GUIs − APIs − Orchestration

Apache CloudStack, OpenNebula, OpenStack, …

Pools and other functionality in XAPI

Xen, XAPI, xenserver-core& XenServer

DOM0 VM1 VMn

Guest OS Guest OS

Applications Applications

QEMU

Drivers XS Tools XS Tools

XAPI

3rd partyComponents

HAStorage

Mgr

XE / XenCenter

DOM0 VM1 VMn

Guest OS Guest OS

Applications Applications

QEMU

Drivers XS Tools XS Tools

XAPI

3rd partyComponents

HAStorage

Mgr

XE / XenCenter

xenserver-core packagesDOM0

QEMU

Drivers

XAPI

3rd partyComponents

HAStorage

Mgr

Virtualization Base Packages(Xen, QEMU, Libvirt)

xenserver-core package(XAPI, Storage Manager, …)(Currently excluding 3rd party stuff)

Base Distro(CentOS, Debian, Ubuntu)

> yum / apt-get install …

Xen and OpenStack

April 2013: User Survey Data

71%

13%

8% 5%3%Hypervisor

KVMXen (inc. XAPI)ESXLXCHyperV

Source: http://fr.slideshare.net/openstack/havana-survey-resultsfinal-19312081 (before Xen Project and OSS XenServer)

Why?Not on Feature and Quality parity yetSignificant progress in Havanah / 13.2

Xen and XAPI not perceived to be Open SourceThis is now different

Citrix backing of Apache CloudStack Created “confusion” in the marketplaceCreated resentment by OpenStack developers

Grizzly 13.1: Hypervisor Status

Source: https://wiki.openstack.org/wiki/HypervisorSupportMatrix

Group A(Fully Supported)

Most Features

KVM/QEMU + LIBVIRT

Group B(Gate Tested)

Missing:Volume SwapVolume Rate Limiting

XEN + XAPI

Group C(Minimal Testing)

Missing:See table

All the others

Xen + LIBVIRT

TBDSignificant Investment

Source: http://docs.openstack.org/trunk/openstack-compute/install/yum/content/introduction-to-xen.html

Source: https://wiki.openstack.org/wiki/XenServer/DevStack

DevStack:Script to set up OS VM

Also adds:• Swift• Glance• Horizon

What Next?Havanah 2013.2:OpenStack support for xenserver-coreMore Tests; Improved Quality (moving towards Group A)

Icehouse 2014.1Feature catch-up (not in one go)ARM support for xenserver-coreExpanding VGPU FunctionalityDesktop and Enterprise Features

Impact:

OpenStack can also run in Dom0

Closer to OpenStack Usage Model

Closer to OpenStack Development Model

More Deployment Options (Security)

OpenStack and xenserver-core

localhost

Xen CommunityAlive and kicking

2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013

Developer list traffic : Q3 2003 - now

More Development Activity

Increasing Diversity

2010 2011 2012 2013 (H1)0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

UPC Spectra Logic Redhat iweb GridCentric Calxeda Fujitsu (Misc) AWS(Academia) John Hopkins University AMD Linaro Oracle NSA Intel (Individual) SuseCitrix

Conclusion

Xen is a great solution for the Cloud

Significant Investment in XAPI + OpenStack

As well as CloudStack

The Xen Community is accelerating

More info at: xenproject.orgevents.linuxfoundation.org/events/xen-project-developer-summit

Shameless Project Promotion

Thank You!Please rate the talk

on slideshare or twitter

www.slideshare.net/xen_com_mgr/

Flickr:“Giant Sequoia Trees” by Raj

Wikipedia:“Bodium Castle” by Antony McCallum

Other Images:By Lars Kurth or acquired

Credits and ResourcesXen Project:www.xenproject.orgwiki.xenproject.orglists.xenproject.orgxenbits.xenproject.org

@xen_org

##xen

http://www.flickr.com/photos/ilunatech/

Recommended

Deconstructing Xen - NDSS Symposium...Deconstructing Xen Xen Slice Xen Slice Xen Slice Shared Service Security Monitor Dom-0 Para-VM Full-VM Hypervisor Virtual Machine Partition Xen
Documents
Xen Project Hypervisor for the Cloud
Technology
Xen Automotive Hypervisor − Xen Hypervisor – open source license − Core PV Drivers – open source license − PV Backend HW AL – private source license Ownership unbundling
Documents
Xen Hypervisor
Technology
(Mostly) Exitless VM Protection from Untrusted Hypervisor ... · Cloud-Visor guarantees that the Xen hypervisor is unable to access aguest’smemoryanddiskstorage.Therefore,CloudVisoref-fectivelyresolves
Documents
Bluepilling the Xen Hypervisor
Documents
Xen: FOSS Hypervisor for the Cloud...Xen Project and Linux •Xen Hypervisor is not in the Linux kernel •BUT: everything Xen and Xen Guests need to run is •Xen packages in all
Documents
Xen Project 4.4: Features and Futuresevents17.linuxfoundation.org/sites/events/files/slides/Xen Project... · Xen Project: Type 1 with a Twist Type 1: Bare metal Hypervisor Host HWHost
Documents
INLINE PATCH PROXY FOR XEN HYPERVISOR › uploads › 2 › 6 › 6 › 2 › 26621256 › inline...INLINE PATCH PROXY FOR XEN HYPERVISOR Neha Rana, Pankaj Singhal Dnyanesh Kulkarni
Documents
10 Years of Xen and beyond - LinuxTag€¦ · 10 Years of Xen and beyond … @lars_kurth FREENODE: lars_kurth •Teams aka sub-projects –Hypervisor –XAPI –ARM Hypervisor (for
Documents
Subverting the Xen hypervisor - Invisible Things Lab · Subverting the Xen hypervisor Rafa! Wojtczuk Invisible Things Lab Black Hat USA 2008, August 7th, Las Vegas, NV
Documents
Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek
Technology
Network Multitenancy in Xen-Based Clouds-XPUS13 Vittal
Technology
ALSS14: Xen Project Automotive Hypervisor (Demo)
Automotive
The Open Source Xen Hypervisor
Technology
LFNW2014 Advanced Security Features of Xen Project Hypervisor
Technology
FOSDEM17 - Live patching the xen project hypervisor
Technology
Xen* Hypervisor Case Study - White Paper Designing …325258 Xen* Hypervisor Case Study - Designing Embedded Virtualized Intel® Architecture Platforms March 2011 White Paper Amit
Documents
Xen hypervisor security in VM isolation - OS3 · Xen hypervisor security in VM isolation 1 Introduction Nowadays cost reduction, e ciency, exibility, manageability and green IT are
Documents
OWF: Xen - Open Source Hypervisor Designed for Clouds
Technology