OS Virtualization Principles
Principles
- Run multiple instances of OSes simultaneously
- Multitasking at the OS level
- Garantee isolation between OSes
- Provide controlled resources sharing
Applications of OS Virtualization
Wide range of classic use cases:
- Server consolidation
- Colocation of services
- Security, isolation, maintainance
- Regression tests
- ...
Virtual Machines and Hardware
Ideally virtualization is transparent to guest OSes
- Common principle in mainframe design
- Nearly impossible with i386 design
- Running unmodified OSes is horribly tricky
- Trapping priviledged calls
- Dynamic code rewrite
- Those tricks kills performances in some scenarii
- New Intel and AMD server chip will help virtualization
Paravirtualization and Xen
Xen comes from the University of Cambridge
Do not hide the virtualization from the guest OSes
- Port the OS to work with Xen
- Reuse the OS drivers, but monitor hardware access
- Linux, NetBSD. FreeBSD, OpenSolaris and Plan9 guests
Xen's performances
Borrowed from their paper at SOSP in 2003
Xen's performances II
Borrowed from this year presentation at OLS
Xen's performances III
Borrowed from this year presentation at OLS
Xen for Linux
Xen is being integrated in Linux upstream
- as a sub arch of the supported architectures (i386, x86_64)
- Xen runs as an hypervisor
- kernel instances call the hypervisor for resources
- the hypervisor uses linux for the drivers
Xen Architecture
Xen in Fedora
This is a work in progress
Rik van Riel and Jeremy Katz
- Fedora Core 4/Rawhide has the basics
- Package xen-2:
- Control command xm/xend
- performance CLI tools
- Python bindings and libraries
- /boot/xen
- Package kernel-xen0 (2.6.12...)
- Package kernel-xenU (2.6.12...)
- Track updates and Rik's page
Booting Xen
From grub.conf:
title Fedora Core Xen (2.6.12-1.1454_FC4xen0)
root (hd0,0)
kernel /boot/xen.gz
module /boot/vmlinuz-2.6.12-1.1454_FC4xen0 ro root=LABEL=/ rhgb quiet
module /boot/initrd-2.6.12-1.1454_FC4xen0.img
Xen runs in ring 0 (approx 32MB)
Linux runs in ring 2/3
Creating guests
Per guest description file in /etc/xen/
kernel="/boot/vmlinuz-2.6.12-1.1454_FC4xenU"
memory=128
name="fc4"
nics = 1
disk = ['file:/u/fc4.img,sda1,w']
root = "/dev/sda1"
extra = "ro selinux=0 3"
Reduce the Xen0 memory, launch and check:
xm mem-set 0 512
xm create fc4
xm list
Current state (FC4)
It works with basic core tools
- Start up/Stop a domain "xm create/shutdown ..."
- Basic resource control "xm baloon/max-mem/set-mem ..."
- Saving/restarting domains
But we are still in stabilization mode for Xen-3.0
Future tools
Higher level tools
- /etc/xen profiles maintainance
- Integration with anaconda/yum
- Freeze/migration of domains
- UI (Web) front-end
Xen limitations
This is a relatively new technology
Some limitations are being worked on
- Non-SMP guests
- architecture: i386 only, x86_64 in i386 mode
- x86_64 actively worked on, ppc and itanium too
Xen Research
Work being done for Xen 3.0
- Migration and clustering
- Debugging and fault tolerance
- Security
- Performances aspects
- Intel hardware virtualization support
Xen's migration data
Borrowed from this year presentation at OLS
Useful Links
Fedora Xen Kickstart
Rik's page
Fedora Virtualization
Xen FAQ Wiki
Cambridge Lab. Xen page
XenSource