XEN AND THE ART OF VIRTUALIZATIONPaul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, lan Pratt, Andrew Warfield

Presented by NagaJyothi Murala

Outline• About Xen• Structure• Virtual Machine Interface• Control Transfer• Evaluation• Conclusion

ABOUT XENHigh performance virtual machine monitor

About Xen• Runs on x86 processors• Lies above hardware • More privileged than OS• Uses Para virtualization• Goal: Up to 100 VM instances

Terminology• Guest OS: OS that Xen can host• Domain: VM within which guest OS executes• Hypervisor: Xen

Structure of machine

VIRTUAL MACHINE INTERFACE

Virtual machine interface• Memory management• CPU• Device I/O

Memory management• Most difficult part• Page tables

• Guest OS manages hardware page tables• Xen exists in a 64MB section at the top of every address space

• Segmentation• Similar to page tables• Segment descriptor's must have lower privilege than Xen• No access to Xen reserved portion of the address space

• Physical memory• XenoLinux’s balloon driver

CPU• Privileges

• x86 supports 4 privilege levels ( 0 highest.. 3 lowest)• Xen runs in ring 0, OS in ring 1 and applications in ring 3

• Exceptions• Table contains type of exception and handlers identical to x86

hardware• Page fault handler handled differently

• Scheduling• Uses Borrowed virtual Time (BVT) scheduling algorithm

Device I/O• Device abstractions• Shared memory, asynchronous buffer descriptor rings• Network

• Abstraction of Virtual firewall router (VFR)• Domain’s network interface (VIF) • Two I/O rings of buffer descriptors (for transmit and receive) and

rules (<pattern>,<action>)• Round-robin packet scheduler

• Disk• Domain0 direct access• All others via virtual block device (VBD) abstractions

I/O Rings• Used for data

transfer between Xen and guest OSes

• Circular queue of descriptors

• Reference to I/O buffers

• Allocated by domains

Control Transfer• Domains interact with Xen through hypercall

• Synchronous software trap

• Xen respond to domain using event mechanisms• Asynchronous event mechanism

Domain

Xen

Hypercall Asynchronous Event mechanism

Evaluation• Relative performance

• Compared performance of three virtualization techniques with Native Linux

• Concurrent virtual machines• Compared performance of Xen with Native Linux• Compared performance of Xen by increasing number of OS

instances

Relative Performance

Concurrent Virtual MachinesLinux vs XenoLinux

Conclusion• Architectures such as x86 does not support full

virtualization• Xen is a high performance virtual machine monitor which

uses Para virtualization• Modification to the kernel code of guest OS is required• Performance achievement near to that of Native Linux

Questions???

References• Graphics taken from previous presentations

• “Xen and the art of virtualization”, P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield, Proceedings of the 19th Symposium on Operating System Principles, October, 2003.

• www.xen.org• http://www.cl.cam.ac.uk/research/srg/netos/papers/2004-xen-ols.pdf