citrix systems and chairman of xen · pdf filecitrix systems and chairman of xen.org 1. ... vm...

®

Xen Community Update

Ian Pratt,

Citrix Systems and Chairman of Xen.org

1

®Outline

• Project Status

• Xen Client Initiative

• Xen Cloud Platform

• New Xen 4.0 Features

2

®Announcement

• The Xen Advisory Board is excited to

announce that Fujitsu and VA Linux have

accepted invitations to join the board!

3

®Xen Today

• ~18% enterprise server market share (Yankee, Aug 08)

• >80% of the Public Cloud is Xen based

– World's largest virtualization deployments are Xen based

• Development Community: over 50 Companies,

25 Universities, from 25 Countries, ~250 developers

– More than 20,000 code submissions

• Used in Severs, Desktops, Laptops, Storage Appliances,

Network Appliances and Smart Phones

– x86, IA64, ARM support

®

Xen is great. It’s powerful

and easy to use. But most

important is the very active

community around it.

That was a very big reason

for us in selecting Xen.

Xen Powers the World’s Infrastructure Clouds

Werner Vogels

CTO, Amazon.com ”

“

®Xen Tops Performance Comparisons

Keith Ward, Virtualization Review

“Xen is the Porsche of hypervisors”

“Xen outperforms VMware ESX 3.5 by 41% in user scalability tests.”

The Tolly Group

®

Xen Hypervisor

First and Best to

support new

CPU, chipset,

and Smart IO

Technologies

Pioneers of

OS Para-virtualization

®

Xen Client Initiative

8

®The Xen Client Initiative

• Formed in 2007 to develop Xen for desktop and laptop

• Develop enhanced power management, USB, WiFi,

WWAN, 3D Graphics, fingerprint reader, multi-touch, etc

• Support for latest hardware technologies

• Tiny footprint hypervisor, Embeddable in Flash memory

or small disk partition

• Aiming to make virtualization ubiquitous on client

devices...

9

®Client Hypervisor Benefits

• Security, Manageability, Supportability, Auditability

• Building Multi-Level Secure systems– Run multiple VMs with policy controlled information flow

• E.g. Personal VM; Corporate VM; VM for web browsing; VM for banking

– Trusted hypervisor provides secure isolation

• Enables “out-of-band” management and policy

enforcement– Malware detection, remote access, image update, backup, VPN, etc.

Requires a true type-1 hypervisor architecture

Xen is ideally suited to this!

10

®

Xen Hypervisor

Personal VM Business VM

Audio USB

Disk ACPI

GPU

NIC

Xen Client Architecture

Control

Domain

Service

VM

x86 HardwareTXT

TPM

®“Business” & “Personal” Environments

• Allows Local App Installs

• Minimal Management

– Virus Scanner

– Security Patches

• No SLA

– Self-Service Wipe

Business Personal

• Locked Down

• No Local App Installs

• Tightly Managed

• Self-Service Corporate App Installs

®

Xen Cloud Platform

13

®Xen Cloud Platform (XCP)

• XCP Expands Xen.org’s remit beyond the core

hypervisor, to create a full virtual infrastructure layer for

Cloud deployments– Simplify and streamline use of Xen by Cloud providers and vendors

– Promote greater standardisation of components between vendors

• Advanced virtual infrastructure to enable Virtual Private

Datacenters rather than just Virtual Private Servers– Multi-tenant hosts, networking, storage, etc

– Promote interoperability between xen-based clouds and other clouds

– Drive standards activities via DMTF

14

®August 2009 XCP Announcement

15

®XCP Status

• Seeking proposals, code contributions and

offers of development support

• Draft v0.1 proposal available for download

from xen.org, seeking comment & feedback

– Easy install ISO, build from source

16

®

Where Xen Cloud Platform Fits

Resource Pool

VMMgt

State

Mgt

StateMgt

State

Mgt

State

VMVM

VM

VM

VMVM

VMVM

Management API

& OVF Format

®XCP 0.1 Draft proposal

• Xen 3.4; Linux 2.6.27; optimized dom0 file system

• xapi toolstack– Resource Pools; VM, host, networking and storage

management; snapshots and checkpoints; live and persistent

performance statistics; status alerting; role-based access

control; OVF/CIM support

• Windows PV Drivers; installer etc.

• Coming soon:– vSwitch multi-tenant networking

18

®

New Open vSwitch

VM

Hypervisor

VM VMVMVM

Hypervisor

VM VMVMVM

Hypervisor

Isolation · Resource control · Multi-tenancy · Visibility · Security

VMVM

• Open Source Virtual Switch maintained at www.openvswitch.org

• Rich layer 2 feature set

http://www.openvswitch.org/

®

Distributed vSwitch

HypervisorHypervisorHypervisor

Built-in policy-based ACLs move with VMs

Distributed Virtual Switch

VMVM VM VM VM VM VM VM VM VMVM

Virtual Interface (VIF) {MAC, IP} ACLspermit tcp 10.0.0.0 0.0.0.255 10.20.0.0 0.0.0.255 eq domain

permit tcp 192.168.0.0 0.0.0.255 10.20.0.0 0.0.0.255 eq domain


permit udp 10.0.0.0 0.0.0.255 10.20.0.0 0.0.0.255 eq domain



permit tcp 10.0.0.0 0.0.0.255 10.20.0.0 0.0.0.255 eq 123

Virtual Interface (VIF) {MAC, IP} ACLspermit tcp 10.0.0.0 0.0.0.255 10.20.0.0 0.0.0.255 eq domain






permit tcp 10.0.0.0 0.0.0.255 10.20.0.0 0.0.0.255 eq 123

®

Distributed vSwitch

HypervisorHypervisorHypervisor

Isolation · Resource control · Multi-tenancy · Visibility · Security


VMVM VM VM VM VM VM VM VM VM VM


Tenant A

Tenant B

®

Xen 4.0 Features

22

®Hardware Fault Tolerance

Restart-HA monitors hosts and VMs to keep apps running

Hardware Fault Tolerance with deterministic replayor checkpointing

Xen’s Software-Implemented Hardware Fault Tolerance enables true

High Availability for unmodified applications and operating systems

®Hardware Fault Tolerance

• University of British Columbia’s “Remus” project is

now in xen development branch

• Smart checkpointing approach yields excellent

performance– VM executes in parallel with checkpoint transmission, with all externally

visible state changes suppressed until checkpoint receipt acknowledged

– Checkpoints delta compressed

• Checkpointing possible across wide-area, even for multi-

vCPU guests

24

®SR-IOV

• SR-IOV: Single Root IO Virtualization– Virtualization friendly IO devices

• High performance, high efficiency

• Enables even the most demanding applications to

now be virtualized

• World First, demonstrated at Intel Developer

Forum in September!

25

®SR-IOV NIC Demonstration

26

Dell 10G Switch

NFS Common Storage w/OpenFiler

Dell R710 Server

XenServer and Intel 10G SR-IOV NIC

Dell R710 Server


Dell R710 Server


• Full 20Gb/s bi-directional throughput to VMs

• Low latency, High CPU efficiency

• Live relocation between hosts - Even hosts with different NICs

®Network Performance

Type-0

0

5

10

15

20

25

30

35

CP

U (

%)

usercopy

kern

xen1

grantcopy

kern0

xen0basic smart

NIC

SR-IOV

NIC

native

201%

100%123% 103%

• New Smart NICs reduce CPU overhead substantially

• Care must be taken with type-2/3 NICs to ensure benefits

of VM portability and live relocation are not lost

s/w only

®Conclusions

• The Xen Community continues to grow

from strength to strength

• Xen’s architecture makes it #1 in security,

with great performance

– From Cloud to Client

• Xen 4.0 will be a major milestone release!

28

citrix systems and chairman of xen · pdf filecitrix systems and chairman of xen.org 1. ... vm...

Documents