展开查看详情
1 .Virtualization: IBM VM/370 and Xen Hakim Weatherspoon CS6410 1
2 .IBM VM/370 Robert Jay Creasy (1939-2005) Project leader of the first full virtualization hypervisor: IBM CP-40, a core component in the VM system The first VM system: VM/370
3 .Virtual Machine: Origin IBM CP/CMS CP-40 CP-67 VM/370 3
4 .Why Virtualize 4 Underutilized machines Easier to debug and monitor OS Portability Isolation The cloud (e.g. Amazon EC2, Google Compute Engine, Microsoft Azure)
5 .IBM VM/370 System/370 Control Program (CP) Conversational Monitor System (CMS) Mainstream OS (MVS, DOS/VSE etc.) Specialized VM subsystem (RSCS, RACF, GCS) Another copy of VM Hardware Hypervisor Virtual machines
6 .IBM VM/370 Technology: trap-and-emulate Kernel Application Privileged Problem CP Trap Emulate
7 .Classic Virtual Machine Monitor (VMM) 7
8 .Virtualization: rejuvenation 1960’s: first track of virtualization Time and resource sharing on expensive mainframes IBM VM/370 Late 1970’s and early 1980’s: became unpopular Cheap hardware and multiprocessing OS Late 1990’s: became popular again Wide variety of OS and hardware configurations VMWare Since 2000: hot and important Cloud computing Docker containers
9 .Full Virtualization 9 Complete simulation of underlying hardware Unmodified guest OS Trap and simulate privileged instruction Was not supported by x86 (Not true anymore, Intel VT-x) Guest OS can’t see real resources
10 .Paravirtualization 10 Similar but not identical to hardware Modifications to guest OS Hypercall Guest OS registers handlers Improved performance
11 .VMware ESX Server 11 Full virtualization Dynamically rewrite privileged instructions Ballooning Content-based page sharing
12 .Denali 12 Paravirtualization 1000s of VMs Security & performance isolation Did not support mainstream OSes VM uses single-user single address space
13 .Xen and the Art of Virtualization 13
14 .Xen 14 University of Cambridge, MS Research Cambridge XenSource , Inc. Released in 2003 and published in SOSP 2003 Acquired by Critix Systems in 2007 for $500M Now in RHEL5, Solaris, SUSE Linux Enterprise 10, EC2
15 .Xen and the art of virtualization SOSP’03 Very high impact (data collected in 2013)
16 .Xen 16 No changes to ABI (application binary interface) Full multi-application OS Paravirtualization Real and virtual resources Up to 100 VMs
17 .Virtualization on x86 architecture Challenges: Virtualization on x86 architecture Correctness: not all privileged instructions produce traps! Example: popf Performance: System calls: traps in both enter and exit (10X) I/O performance: high CPU overhead Virtual memory: no software-controlled TLB
18 .Xen 18 Xen 3.0 and up supports full virtualization with hardware support See backup slides
20 .Domain 0 20 Management interface Created at boot time Policy from mechanism Privileged
21 .Control Transfer 21 Hypercalls Lightweight events
22 .Interface: Memory Management 22 Guest OSes manage their own page tables Register pages with Xen No direct write access Updates through Xen Hypervisor @ top 64MB of every address space 2018: security issues with Meltdown/ Spectre
23 .Interface: CPU 23 Xen in ring 0, OS in ring 1, everything else in ring 3 “ Fast” exception handler Xen handles page fault exceptions Double faulting
24 .Interface: Device I/O Shared-memory, asynchronous buffer descriptor I/O rings
25 .Subsystem Virtualization 25 CPU Scheduling : Borrowed Virtual Time Real , virtual, and wall clock times Virtual address translation : updates through hyper call Physical memory : balloon driver, translation array Network : VFR, VIF Disk : VBD
27 .Evaluation: Relative Performance
28 .Evaluation: Concurrent Virtual Machines
29 .Conclusion x86 architecture makes virtualization challenging Full virtualization unmodified guest OS; good isolation Performance issue (especially I/O) Para virtualization: Better performance (potentially) Need to update guest kernel Full and para virtualization will keep evolving together
热门城市
