Download Xen and the Art of Virtualisation

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

OS/2 wikipedia , lookup

VS/9 wikipedia , lookup

Security-focused operating system wikipedia , lookup

Distributed operating system wikipedia , lookup

Copland (operating system) wikipedia , lookup

CP/M wikipedia , lookup

Transcript
Xen and the Art of
Virtualisation
• Summary
• Xen is a x86 VMM (virtual machine monitor) that allows
multiplexing multiple commodity operating systems to share
the same hardware without sacrifacing performance or
functionality. Although Xen requires porting, this allows for
extreme scalability.
CA485 Ray Walshe 2015
1
Overview
• Virtualization Challenges:
– Isolation
– Support a variety of operating systems
– Overhead of virtualization should be small.
CA485 Ray Walshe 2015
2
Porting:
– Xen requires operating systems to be modified or
ported to their idealized virtualization. They use a
technique called paravirtualization, where the
operating system knows it is being virtualized and
coordinates with the hypervisor.
• This is done by replacing certain hardware functions
with software equivalents to make the virtualization
more efficient (e.g. using hypercalls).
CA485 Ray Walshe 2015
3
Xen Graphic
CA485 Ray Walshe 2015
4
Design/Approach
Xen presents a virtual machine abstraction similar but not identical to the
underlying hardware system.
– CPU: typical VMMs perform trap-and-emulate whereby the guest operating system
executes in a lower processor privilege level/ring, and the access to privileged state or
the execution of privileged instructions is captured and simulated by the VMM.
Because Xen requires porting and utilizes paravirtualization, these privileged
instructions are replaced by special Xen API methods. This is useful for architectures
such as x86 which have sets of instructions that are not possible to trap or expose
sensitive registers.
– Memory: the VMM write-protects the memory and validates their access; internally
the VMM may use page tables to map the guest virtual address space to the physical
memory.
– Devices: instead of interrupts and buses, Xen provides a ring buffer for transfering
data from the hardware to the operating system and an asynchronous even system to
provide notifications.
CA485 Ray Walshe 2015
5
Comparison
• Xen's key differentiation from previous
virtual machines is the use of
paravirtualization (while this had been used
for mainframe systems, it was not a common
technique for commodity architectures such
as x86).
CA485 Ray Walshe 2015
6
Bochs
Bochs performs a full simulation of the hardware. This means that It
simulates all of the instructions and hardware (memory, I/O) devices. This
means it is basically an interpreter and must continually translate from the
virtual architecture to the native one. All of this means that it is slow. That
said, it does allow for running applications written for one ISA to run on a
completely different one (e.g. run ARM code on x86).
Xen on the other hand does not emulate all of the hardware. All nonprivileged instructions will run directly on the CPU, which means that
virtualized applications should be capable of near native speeds. Instead,
Xen requires operating systems to be ported to its hypervisor by re-writing
privileged instructions and hardware accesses to utilize it's virtual machine
abstraction.
CA485 Ray Walshe 2015
7
VMWare
• VMWare uses the traditional trap-and-emulate technique for isolating
and managing guest operating systems. In addition to this, however, it
also performs binary translation. That is, when a program is loaded, it
will modify troublesome instructions (i.e. the hard-to-trap instructions on
x86) into something it can manage. In some ways this is like a JIT
compiler where we translate instructions on-the-fly into something more
optimal.
• The advantages of this is that you do not need to port your operating
system to VMWare since it will modify the code appropriately to
workaround the nastiness of running on x86. The downside is that there
is some overhead in performing this translation.
CA485 Ray Walshe 2015
8